]> git.ipfire.org Git - thirdparty/systemd.git/blame - man/systemd.unit.xml
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
man: document distinction between ConditionXYZ= and AssertXYZ=
[thirdparty/systemd.git] / man / systemd.unit.xml
CommitLineData
c129bd5d 1<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
d1ab0ca0 2<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
798d3a52 3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
1a13e31d
ZJS		 4<!ENTITY % entities SYSTEM "custom-entities.ent" >
5%entities;
6]>
d1ab0ca0
LP		 7
8<!--
9 This file is part of systemd.
10
11 Copyright 2010 Lennart Poettering
12
13 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 14 under the terms of the GNU Lesser General Public License as published by
15 the Free Software Foundation; either version 2.1 of the License, or
d1ab0ca0
LP		 16 (at your option) any later version.
17
18 systemd is distributed in the hope that it will be useful, but
19 WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 21 Lesser General Public License for more details.
d1ab0ca0 22
5430f7f2 23 You should have received a copy of the GNU Lesser General Public License
d1ab0ca0
LP		 24 along with systemd; If not, see <http://www.gnu.org/licenses/>.
25-->
26
27<refentry id="systemd.unit">
28
798d3a52
ZJS		 29 <refentryinfo>
30 <title>systemd.unit</title>
31 <productname>systemd</productname>
32
33 <authorgroup>
34 <author>
35 <contrib>Developer</contrib>
36 <firstname>Lennart</firstname>
37 <surname>Poettering</surname>
38 <email>lennart@poettering.net</email>
39 </author>
40 </authorgroup>
41 </refentryinfo>
42
43 <refmeta>
44 <refentrytitle>systemd.unit</refentrytitle>
45 <manvolnum>5</manvolnum>
46 </refmeta>
47
48 <refnamediv>
49 <refname>systemd.unit</refname>
50 <refpurpose>Unit configuration</refpurpose>
51 </refnamediv>
52
53 <refsynopsisdiv>
54 <para><filename><replaceable>service</replaceable>.service</filename>,
55 <filename><replaceable>socket</replaceable>.socket</filename>,
56 <filename><replaceable>device</replaceable>.device</filename>,
57 <filename><replaceable>mount</replaceable>.mount</filename>,
58 <filename><replaceable>automount</replaceable>.automount</filename>,
59 <filename><replaceable>swap</replaceable>.swap</filename>,
60 <filename><replaceable>target</replaceable>.target</filename>,
61 <filename><replaceable>path</replaceable>.path</filename>,
62 <filename><replaceable>timer</replaceable>.timer</filename>,
798d3a52
ZJS		 63 <filename><replaceable>slice</replaceable>.slice</filename>,
64 <filename><replaceable>scope</replaceable>.scope</filename></para>
65
12b42c76 66 <para><literallayout><filename>/etc/systemd/system/*</filename>
13219b7f 67<filename>/run/systemd/system/*</filename>
12b42c76 68<filename>/usr/lib/systemd/system/*</filename>
13219b7f 69<filename>...</filename>
798d3a52 70 </literallayout></para>
13219b7f 71
798d3a52 72 <para><literallayout><filename>$XDG_CONFIG_HOME/systemd/user/*</filename>
05a2f6fe 73<filename>$HOME/.config/systemd/user/*</filename>
12b42c76 74<filename>/etc/systemd/user/*</filename>
aa08982d 75<filename>$XDG_RUNTIME_DIR/systemd/user/*</filename>
13219b7f 76<filename>/run/systemd/user/*</filename>
91acdc17
TK		 77<filename>$XDG_DATA_HOME/systemd/user/*</filename>
78<filename>$HOME/.local/share/systemd/user/*</filename>
12b42c76 79<filename>/usr/lib/systemd/user/*</filename>
13219b7f 80<filename>...</filename>
798d3a52
ZJS		 81 </literallayout></para>
82 </refsynopsisdiv>
83
84 <refsect1>
85 <title>Description</title>
86
87 <para>A unit configuration file encodes information about a
88 service, a socket, a device, a mount point, an automount point, a
89 swap file or partition, a start-up target, a watched file system
90 path, a timer controlled and supervised by
91 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
36b4a7ba 92 a resource management slice or
798d3a52
ZJS		 93 a group of externally created processes. The syntax is inspired by
94 <ulink
95 url="http://standards.freedesktop.org/desktop-entry-spec/latest/">XDG
96 Desktop Entry Specification</ulink> <filename>.desktop</filename>
97 files, which are in turn inspired by Microsoft Windows
98 <filename>.ini</filename> files.</para>
99
100 <para>This man page lists the common configuration options of all
101 the unit types. These options need to be configured in the [Unit]
102 or [Install] sections of the unit files.</para>
103
104 <para>In addition to the generic [Unit] and [Install] sections
105 described here, each unit may have a type-specific section, e.g.
106 [Service] for a service unit. See the respective man pages for
107 more information:
108 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
109 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
110 <citerefentry><refentrytitle>systemd.device</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
111 <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
112 <citerefentry><refentrytitle>systemd.automount</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
113 <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
114 <citerefentry><refentrytitle>systemd.target</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
115 <citerefentry><refentrytitle>systemd.path</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
116 <citerefentry><refentrytitle>systemd.timer</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
36b4a7ba 117 <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
798d3a52
ZJS		 118 <citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
119 </para>
120
121 <para>Various settings are allowed to be specified more than once,
122 in which case the interpretation depends on the setting. Often,
123 multiple settings form a list, and setting to an empty value
124 "resets", which means that previous assignments are ignored. When
125 this is allowed, it is mentioned in the description of the
126 setting. Note that using multiple assignments to the same value
127 makes the unit file incompatible with parsers for the XDG
128 <filename>.desktop</filename> file format.</para>
129
130 <para>Unit files are loaded from a set of paths determined during
131 compilation, described in the next section.</para>
132
133 <para>Unit files may contain additional options on top of those
134 listed here. If systemd encounters an unknown option, it will
135 write a warning log message but continue loading the unit. If an
136 option or section name is prefixed with <option>X-</option>, it is
137 ignored completely by systemd. Options within an ignored section
138 do not need the prefix. Applications may use this to include
139 additional information in the unit files.</para>
140
141 <para>Boolean arguments used in unit files can be written in
142 various formats. For positive settings the strings
143 <option>1</option>, <option>yes</option>, <option>true</option>
144 and <option>on</option> are equivalent. For negative settings, the
145 strings <option>0</option>, <option>no</option>,
146 <option>false</option> and <option>off</option> are
147 equivalent.</para>
148
149 <para>Time span values encoded in unit files can be written in
150 various formats. A stand-alone number specifies a time in seconds.
151 If suffixed with a time unit, the unit is honored. A concatenation
152 of multiple values with units is supported, in which case the
153 values are added up. Example: "50" refers to 50 seconds; "2min
154 200ms" refers to 2 minutes plus 200 milliseconds, i.e. 120200ms.
155 The following time units are understood: s, min, h, d, w, ms, us.
156 For details see
157 <citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
158
159 <para>Empty lines and lines starting with # or ; are
160 ignored. This may be used for commenting. Lines ending
161 in a backslash are concatenated with the following
162 line while reading and the backslash is replaced by a
163 space character. This may be used to wrap long lines.</para>
164
165 <para>Along with a unit file <filename>foo.service</filename>, the
166 directory <filename>foo.service.wants/</filename> may exist. All
167 unit files symlinked from such a directory are implicitly added as
168 dependencies of type <varname>Wants=</varname> to the unit. This
169 is useful to hook units into the start-up of other units, without
170 having to modify their unit files. For details about the semantics
171 of <varname>Wants=</varname>, see below. The preferred way to
172 create symlinks in the <filename>.wants/</filename> directory of a
173 unit file is with the <command>enable</command> command of the
174 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
175 tool which reads information from the [Install] section of unit
176 files (see below). A similar functionality exists for
177 <varname>Requires=</varname> type dependencies as well, the
178 directory suffix is <filename>.requires/</filename> in this
179 case.</para>
180
181 <para>Along with a unit file <filename>foo.service</filename>, a
182 directory <filename>foo.service.d/</filename> may exist. All files
183 with the suffix <literal>.conf</literal> from this directory will
184 be parsed after the file itself is parsed. This is useful to alter
185 or add configuration settings to a unit, without having to modify
186 their unit files. Make sure that the file that is included has the
b938cb90
JE		 187 appropriate section headers before any directive. Note that, for
188 instanced units, this logic will first look for the instance
798d3a52
ZJS		 189 <literal>.d/</literal> subdirectory and read its
190 <literal>.conf</literal> files, followed by the template
191 <literal>.d/</literal> subdirectory and reads its
192 <literal>.conf</literal> files.</para>
193
0cf4c0d1
CA		 194 <para>In addition to <filename>/etc/systemd/system</filename>,
195 the drop-in <literal>.conf</literal> files for system services
196 can be placed in <filename>/usr/lib/systemd/system</filename> or
197 <filename>/run/systemd/system</filename> directories. Drop-in
198 files in <filename>/etc</filename> take precedence over those in
199 <filename>/run</filename> which in turn take precedence over
200 those in <filename>/usr/lib</filename>. Drop-in files under any of
201 these directories take precedence over unit files wherever located.
202 (Of course, since <filename>/run</filename> is temporary and
203 <filename>/usr/lib</filename> is for vendors, it is unlikely
204 drop-ins should be used in either of those places.)</para>
798d3a52
ZJS		 205 <!-- Note that we do not document .include here, as we
206 consider it mostly obsolete, and want people to
207 use .d/ drop-ins instead. -->
208
798d3a52
ZJS		 209 <para>Some unit names reflect paths existing in the file system
210 namespace. Example: a device unit
211 <filename>dev-sda.device</filename> refers to a device with the
212 device node <filename noindex='true'>/dev/sda</filename> in the
213 file system namespace. If this applies, a special way to escape
214 the path name is used, so that the result is usable as part of a
b938cb90 215 filename. Basically, given a path, "/" is replaced by "-", and all
798d3a52
ZJS		 216 other characters which are not ASCII alphanumerics are replaced by
217 C-style "\x2d" escapes (except that "_" is never replaced and "."
218 is only replaced when it would be the first character in the
219 escaped path). The root directory "/" is encoded as single dash,
220 while otherwise the initial and ending "/" are removed from all
221 paths during transformation. This escaping is reversible. Properly
222 escaped paths can be generated using the
223 <citerefentry><refentrytitle>systemd-escape</refentrytitle><manvolnum>1</manvolnum></citerefentry>
224 command.</para>
225
226 <para>Optionally, units may be instantiated from a
227 template file at runtime. This allows creation of
228 multiple units from a single configuration file. If
229 systemd looks for a unit configuration file, it will
230 first search for the literal unit name in the
231 file system. If that yields no success and the unit
232 name contains an <literal>@</literal> character, systemd will look for a
233 unit template that shares the same name but with the
234 instance string (i.e. the part between the <literal>@</literal> character
235 and the suffix) removed. Example: if a service
236 <filename>getty@tty3.service</filename> is requested
237 and no file by that name is found, systemd will look
238 for <filename>getty@.service</filename> and
239 instantiate a service from that configuration file if
240 it is found.</para>
241
242 <para>To refer to the instance string from within the
243 configuration file you may use the special <literal>%i</literal>
244 specifier in many of the configuration options. See below for
245 details.</para>
246
247 <para>If a unit file is empty (i.e. has the file size 0) or is
248 symlinked to <filename>/dev/null</filename>, its configuration
249 will not be loaded and it appears with a load state of
250 <literal>masked</literal>, and cannot be activated. Use this as an
251 effective way to fully disable a unit, making it impossible to
252 start it even manually.</para>
253
254 <para>The unit file format is covered by the
255 <ulink
256 url="http://www.freedesktop.org/wiki/Software/systemd/InterfaceStabilityPromise">Interface
257 Stability Promise</ulink>.</para>
258
259 </refsect1>
260
c129bd5d
LP		 261 <refsect1>
262 <title>Automatic Dependencies</title>
263
264 <para>Note that while systemd offers a flexible dependency system
265 between units it is recommended to use this functionality only
266 sparingly and instead rely on techniques such as bus-based or
267 socket-based activation which make dependencies implicit,
268 resulting in a both simpler and more flexible system.</para>
269
270 <para>A number of unit dependencies are automatically established,
271 depending on unit configuration. On top of that, for units with
272 <varname>DefaultDependencies=yes</varname> (the default) a couple
273 of additional dependencies are added. The precise effect of
274 <varname>DefaultDependencies=yes</varname> depends on the unit
275 type (see below).</para>
276
277 <para>If <varname>DefaultDependencies=yes</varname> is set, units
278 that are referenced by other units of type
279 <filename>.target</filename> via a <varname>Wants=</varname> or
280 <varname>Requires=</varname> dependency might automatically gain
281 an <varname>Before=</varname> dependency too. See
282 <citerefentry><refentrytitle>systemd.target</refentrytitle><manvolnum>5</manvolnum></citerefentry>
283 for details.</para>
284 </refsect1>
285
798d3a52 286 <refsect1>
f757855e 287 <title>Unit File Load Path</title>
798d3a52
ZJS		 288
289 <para>Unit files are loaded from a set of paths determined during
290 compilation, described in the two tables below. Unit files found
291 in directories listed earlier override files with the same name in
292 directories lower in the list.</para>
293
aa3e4400
EV		 294 <para>When the variable <varname>$SYSTEMD_UNIT_PATH</varname> is set,
295 the contents of this variable overrides the unit load path. If
798d3a52
ZJS		 296 <varname>$SYSTEMD_UNIT_PATH</varname> ends with an empty component
297 (<literal>:</literal>), the usual unit load path will be appended
298 to the contents of the variable.</para>
299
300 <table>
301 <title>
302 Load path when running in system mode (<option>--system</option>).
303 </title>
304
305 <tgroup cols='2'>
306 <colspec colname='path' />
307 <colspec colname='expl' />
308 <thead>
309 <row>
310 <entry>Path</entry>
311 <entry>Description</entry>
312 </row>
313 </thead>
314 <tbody>
315 <row>
12b42c76 316 <entry><filename>/etc/systemd/system</filename></entry>
798d3a52
ZJS		 317 <entry>Local configuration</entry>
318 </row>
319 <row>
320 <entry><filename>/run/systemd/system</filename></entry>
321 <entry>Runtime units</entry>
322 </row>
323 <row>
12b42c76 324 <entry><filename>/usr/lib/systemd/system</filename></entry>
798d3a52
ZJS		 325 <entry>Units of installed packages</entry>
326 </row>
327 </tbody>
328 </tgroup>
329 </table>
330
331 <table>
332 <title>
333 Load path when running in user mode (<option>--user</option>).
334 </title>
335
336 <tgroup cols='2'>
337 <colspec colname='path' />
338 <colspec colname='expl' />
339 <thead>
340 <row>
341 <entry>Path</entry>
342 <entry>Description</entry>
343 </row>
344 </thead>
345 <tbody>
346 <row>
347 <entry><filename>$XDG_CONFIG_HOME/systemd/user</filename></entry>
348 <entry>User configuration (only used when $XDG_CONFIG_HOME is set)</entry>
349 </row>
350 <row>
351 <entry><filename>$HOME/.config/systemd/user</filename></entry>
352 <entry>User configuration (only used when $XDG_CONFIG_HOME is not set)</entry>
353 </row>
354 <row>
12b42c76 355 <entry><filename>/etc/systemd/user</filename></entry>
798d3a52
ZJS		 356 <entry>Local configuration</entry>
357 </row>
358 <row>
359 <entry><filename>$XDG_RUNTIME_DIR/systemd/user</filename></entry>
360 <entry>Runtime units (only used when $XDG_RUNTIME_DIR is set)</entry>
361 </row>
362 <row>
363 <entry><filename>/run/systemd/user</filename></entry>
364 <entry>Runtime units</entry>
365 </row>
366 <row>
367 <entry><filename>$XDG_DATA_HOME/systemd/user</filename></entry>
368 <entry>Units of packages that have been installed in the home directory (only used when $XDG_DATA_HOME is set)</entry>
369 </row>
370 <row>
371 <entry><filename>$HOME/.local/share/systemd/user</filename></entry>
372 <entry>Units of packages that have been installed in the home directory (only used when $XDG_DATA_HOME is not set)</entry>
373 </row>
374 <row>
12b42c76 375 <entry><filename>/usr/lib/systemd/user</filename></entry>
798d3a52
ZJS		 376 <entry>Units of packages that have been installed system-wide</entry>
377 </row>
378 </tbody>
379 </tgroup>
380 </table>
381
382 <para>Additional units might be loaded into systemd ("linked")
383 from directories not on the unit load path. See the
384 <command>link</command> command for
385 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
b1c1a519
ZC		 386 Also, some units are dynamically created via a
387 <citerefentry><refentrytitle>systemd.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
798d3a52
ZJS		 388 </para>
389 </refsect1>
390
391 <refsect1>
392 <title>[Unit] Section Options</title>
393
a8eaaee7 394 <para>The unit file may include a [Unit] section, which carries
798d3a52
ZJS		 395 generic information about the unit that is not dependent on the
396 type of unit:</para>
397
398 <variablelist class='unit-directives'>
399
400 <varlistentry>
401 <term><varname>Description=</varname></term>
402 <listitem><para>A free-form string describing the unit. This
403 is intended for use in UIs to show descriptive information
404 along with the unit name. The description should contain a
405 name that means something to the end user. <literal>Apache2
406 Web Server</literal> is a good example. Bad examples are
407 <literal>high-performance light-weight HTTP server</literal>
408 (too generic) or <literal>Apache2</literal> (too specific and
409 meaningless for people who do not know
410 Apache).</para></listitem>
411 </varlistentry>
412
413 <varlistentry>
414 <term><varname>Documentation=</varname></term>
415 <listitem><para>A space-separated list of URIs referencing
416 documentation for this unit or its configuration. Accepted are
417 only URIs of the types <literal>http://</literal>,
418 <literal>https://</literal>, <literal>file:</literal>,
419 <literal>info:</literal>, <literal>man:</literal>. For more
420 information about the syntax of these URIs, see <citerefentry
421 project='man-pages'><refentrytitle>uri</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
422 The URIs should be listed in order of relevance, starting with
423 the most relevant. It is a good idea to first reference
424 documentation that explains what the unit's purpose is,
425 followed by how it is configured, followed by any other
426 related documentation. This option may be specified more than
427 once, in which case the specified list of URIs is merged. If
428 the empty string is assigned to this option, the list is reset
429 and all prior assignments will have no
430 effect.</para></listitem>
431 </varlistentry>
432
433 <varlistentry>
434 <term><varname>Requires=</varname></term>
435
436 <listitem><para>Configures requirement dependencies on other
437 units. If this unit gets activated, the units listed here will
438 be activated as well. If one of the other units gets
439 deactivated or its activation fails, this unit will be
440 deactivated. This option may be specified more than once or
441 multiple space-separated units may be specified in one option
442 in which case requirement dependencies for all listed names
443 will be created. Note that requirement dependencies do not
444 influence the order in which services are started or stopped.
445 This has to be configured independently with the
446 <varname>After=</varname> or <varname>Before=</varname>
447 options. If a unit <filename>foo.service</filename> requires a
448 unit <filename>bar.service</filename> as configured with
449 <varname>Requires=</varname> and no ordering is configured
450 with <varname>After=</varname> or <varname>Before=</varname>,
451 then both units will be started simultaneously and without any
452 delay between them if <filename>foo.service</filename> is
b938cb90 453 activated. Often, it is a better choice to use
798d3a52
ZJS		 454 <varname>Wants=</varname> instead of
455 <varname>Requires=</varname> in order to achieve a system that
456 is more robust when dealing with failing services.</para>
457
458 <para>Note that dependencies of this type may also be
459 configured outside of the unit configuration file by adding a
460 symlink to a <filename>.requires/</filename> directory
b938cb90 461 accompanying the unit file. For details, see
798d3a52
ZJS		 462 above.</para></listitem>
463 </varlistentry>
464
798d3a52
ZJS		 465 <varlistentry>
466 <term><varname>Requisite=</varname></term>
798d3a52 467
f32b43bd 468 <listitem><para>Similar to <varname>Requires=</varname>.
798d3a52
ZJS		 469 However, if the units listed here are not started already,
470 they will not be started and the transaction will fail
471 immediately. </para></listitem>
472 </varlistentry>
473
474 <varlistentry>
475 <term><varname>Wants=</varname></term>
476
477 <listitem><para>A weaker version of
478 <varname>Requires=</varname>. Units listed in this option will
479 be started if the configuring unit is. However, if the listed
480 units fail to start or cannot be added to the transaction,
481 this has no impact on the validity of the transaction as a
482 whole. This is the recommended way to hook start-up of one
483 unit to the start-up of another unit.</para>
484
485 <para>Note that dependencies of this type may also be
486 configured outside of the unit configuration file by adding
487 symlinks to a <filename>.wants/</filename> directory
488 accompanying the unit file. For details, see
489 above.</para></listitem>
490 </varlistentry>
491
492 <varlistentry>
493 <term><varname>BindsTo=</varname></term>
494
495 <listitem><para>Configures requirement dependencies, very
496 similar in style to <varname>Requires=</varname>, however in
497 addition to this behavior, it also declares that this unit is
498 stopped when any of the units listed suddenly disappears.
499 Units can suddenly, unexpectedly disappear if a service
500 terminates on its own choice, a device is unplugged or a mount
501 point unmounted without involvement of
502 systemd.</para></listitem>
503 </varlistentry>
504
505 <varlistentry>
506 <term><varname>PartOf=</varname></term>
507
508 <listitem><para>Configures dependencies similar to
509 <varname>Requires=</varname>, but limited to stopping and
510 restarting of units. When systemd stops or restarts the units
511 listed here, the action is propagated to this unit. Note that
512 this is a one-way dependency — changes to this unit do not
513 affect the listed units. </para></listitem>
514 </varlistentry>
515
516 <varlistentry>
517 <term><varname>Conflicts=</varname></term>
518
519 <listitem><para>A space-separated list of unit names.
520 Configures negative requirement dependencies. If a unit has a
521 <varname>Conflicts=</varname> setting on another unit,
522 starting the former will stop the latter and vice versa. Note
523 that this setting is independent of and orthogonal to the
524 <varname>After=</varname> and <varname>Before=</varname>
525 ordering dependencies.</para>
526
527 <para>If a unit A that conflicts with a unit B is scheduled to
528 be started at the same time as B, the transaction will either
529 fail (in case both are required part of the transaction) or be
530 modified to be fixed (in case one or both jobs are not a
531 required part of the transaction). In the latter case, the job
532 that is not the required will be removed, or in case both are
533 not required, the unit that conflicts will be started and the
534 unit that is conflicted is stopped.</para></listitem>
535 </varlistentry>
536
537 <varlistentry>
538 <term><varname>Before=</varname></term>
539 <term><varname>After=</varname></term>
540
541 <listitem><para>A space-separated list of unit names.
542 Configures ordering dependencies between units. If a unit
543 <filename>foo.service</filename> contains a setting
544 <option>Before=bar.service</option> and both units are being
545 started, <filename>bar.service</filename>'s start-up is
546 delayed until <filename>foo.service</filename> is started up.
547 Note that this setting is independent of and orthogonal to the
548 requirement dependencies as configured by
549 <varname>Requires=</varname>. It is a common pattern to
550 include a unit name in both the <varname>After=</varname> and
551 <varname>Requires=</varname> option, in which case the unit
552 listed will be started before the unit that is configured with
553 these options. This option may be specified more than once, in
554 which case ordering dependencies for all listed names are
555 created. <varname>After=</varname> is the inverse of
556 <varname>Before=</varname>, i.e. while
557 <varname>After=</varname> ensures that the configured unit is
558 started after the listed unit finished starting up,
559 <varname>Before=</varname> ensures the opposite, i.e. that the
560 configured unit is fully started up before the listed unit is
561 started. Note that when two units with an ordering dependency
562 between them are shut down, the inverse of the start-up order
563 is applied. i.e. if a unit is configured with
564 <varname>After=</varname> on another unit, the former is
565 stopped before the latter if both are shut down. If one unit
566 with an ordering dependency on another unit is shut down while
567 the latter is started up, the shut down is ordered before the
568 start-up regardless of whether the ordering dependency is
569 actually of type <varname>After=</varname> or
570 <varname>Before=</varname>. If two units have no ordering
571 dependencies between them, they are shut down or started up
572 simultaneously, and no ordering takes place.
573 </para></listitem>
574 </varlistentry>
575
576 <varlistentry>
577 <term><varname>OnFailure=</varname></term>
578
579 <listitem><para>A space-separated list of one or more units
580 that are activated when this unit enters the
581 <literal>failed</literal> state.</para></listitem>
582 </varlistentry>
583
584 <varlistentry>
585 <term><varname>PropagatesReloadTo=</varname></term>
586 <term><varname>ReloadPropagatedFrom=</varname></term>
587
588 <listitem><para>A space-separated list of one or more units
589 where reload requests on this unit will be propagated to, or
590 reload requests on the other unit will be propagated to this
591 unit, respectively. Issuing a reload request on a unit will
592 automatically also enqueue a reload request on all units that
593 the reload request shall be propagated to via these two
594 settings.</para></listitem>
595 </varlistentry>
596
597 <varlistentry>
598 <term><varname>JoinsNamespaceOf=</varname></term>
599
600 <listitem><para>For units that start processes (such as
601 service units), lists one or more other units whose network
602 and/or temporary file namespace to join. This only applies to
603 unit types which support the
604 <varname>PrivateNetwork=</varname> and
605 <varname>PrivateTmp=</varname> directives (see
606 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
607 for details). If a unit that has this setting set is started,
608 its processes will see the same <filename>/tmp</filename>,
609 <filename>/tmp/var</filename> and network namespace as one
610 listed unit that is started. If multiple listed units are
611 already started, it is not defined which namespace is joined.
612 Note that this setting only has an effect if
613 <varname>PrivateNetwork=</varname> and/or
614 <varname>PrivateTmp=</varname> is enabled for both the unit
615 that joins the namespace and the unit whose namespace is
616 joined.</para></listitem>
617 </varlistentry>
618
619 <varlistentry>
620 <term><varname>RequiresMountsFor=</varname></term>
621
622 <listitem><para>Takes a space-separated list of absolute
623 paths. Automatically adds dependencies of type
624 <varname>Requires=</varname> and <varname>After=</varname> for
625 all mount units required to access the specified path.</para>
626
627 <para>Mount points marked with <option>noauto</option> are not
628 mounted automatically and will be ignored for the purposes of
629 this option. If such a mount should be a requirement for this
630 unit, direct dependencies on the mount units may be added
631 (<varname>Requires=</varname> and <varname>After=</varname> or
632 some other combination). </para></listitem>
633 </varlistentry>
634
635 <varlistentry>
636 <term><varname>OnFailureJobMode=</varname></term>
637
638 <listitem><para>Takes a value of
639 <literal>fail</literal>,
640 <literal>replace</literal>,
641 <literal>replace-irreversibly</literal>,
642 <literal>isolate</literal>,
643 <literal>flush</literal>,
644 <literal>ignore-dependencies</literal> or
645 <literal>ignore-requirements</literal>. Defaults to
646 <literal>replace</literal>. Specifies how the units listed in
647 <varname>OnFailure=</varname> will be enqueued. See
648 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
649 <option>--job-mode=</option> option for details on the
650 possible values. If this is set to <literal>isolate</literal>,
651 only a single unit may be listed in
652 <varname>OnFailure=</varname>..</para></listitem>
653 </varlistentry>
654
655 <varlistentry>
656 <term><varname>IgnoreOnIsolate=</varname></term>
657
658 <listitem><para>Takes a boolean argument. If
659 <option>true</option>, this unit will not be stopped when
660 isolating another unit. Defaults to
661 <option>false</option>.</para></listitem>
662 </varlistentry>
663
798d3a52
ZJS		 664 <varlistentry>
665 <term><varname>StopWhenUnneeded=</varname></term>
666
667 <listitem><para>Takes a boolean argument. If
668 <option>true</option>, this unit will be stopped when it is no
b938cb90 669 longer used. Note that, in order to minimize the work to be
798d3a52
ZJS		 670 executed, systemd will not stop units by default unless they
671 are conflicting with other units, or the user explicitly
672 requested their shut down. If this option is set, a unit will
673 be automatically cleaned up if no other active unit requires
674 it. Defaults to <option>false</option>.</para></listitem>
675 </varlistentry>
676
677 <varlistentry>
678 <term><varname>RefuseManualStart=</varname></term>
679 <term><varname>RefuseManualStop=</varname></term>
680
681 <listitem><para>Takes a boolean argument. If
682 <option>true</option>, this unit can only be activated or
683 deactivated indirectly. In this case, explicit start-up or
684 termination requested by the user is denied, however if it is
685 started or stopped as a dependency of another unit, start-up
686 or termination will succeed. This is mostly a safety feature
687 to ensure that the user does not accidentally activate units
688 that are not intended to be activated explicitly, and not
689 accidentally deactivate units that are not intended to be
690 deactivated. These options default to
691 <option>false</option>.</para></listitem>
692 </varlistentry>
693
694 <varlistentry>
695 <term><varname>AllowIsolate=</varname></term>
696
697 <listitem><para>Takes a boolean argument. If
698 <option>true</option>, this unit may be used with the
699 <command>systemctl isolate</command> command. Otherwise, this
700 will be refused. It probably is a good idea to leave this
701 disabled except for target units that shall be used similar to
702 runlevels in SysV init systems, just as a precaution to avoid
703 unusable system states. This option defaults to
704 <option>false</option>.</para></listitem>
705 </varlistentry>
706
707 <varlistentry>
708 <term><varname>DefaultDependencies=</varname></term>
709
710 <listitem><para>Takes a boolean argument. If
711 <option>true</option>, (the default), a few default
712 dependencies will implicitly be created for the unit. The
713 actual dependencies created depend on the unit type. For
714 example, for service units, these dependencies ensure that the
715 service is started only after basic system initialization is
716 completed and is properly terminated on system shutdown. See
717 the respective man pages for details. Generally, only services
718 involved with early boot or late shutdown should set this
719 option to <option>false</option>. It is highly recommended to
720 leave this option enabled for the majority of common units. If
721 set to <option>false</option>, this option does not disable
722 all implicit dependencies, just non-essential
723 ones.</para></listitem>
724 </varlistentry>
725
726 <varlistentry>
727 <term><varname>JobTimeoutSec=</varname></term>
728 <term><varname>JobTimeoutAction=</varname></term>
729 <term><varname>JobTimeoutRebootArgument=</varname></term>
730
89beff89
LP		 731 <listitem><para>When a job for this unit is queued, a time-out may be configured. If this time limit is
732 reached, the job will be cancelled, the unit however will not change state or even enter the
733 <literal>failed</literal> mode. This value defaults to <literal>infinity</literal> (job timeouts disabled),
734 except for device units. NB: this timeout is independent from any unit-specific timeout (for example, the
735 timeout set with <varname>TimeoutStartSec=</varname> in service units) as the job timeout has no effect on the
736 unit itself, only on the job that might be pending for it. Or in other words: unit-specific timeouts are useful
737 to abort unit state changes, and revert them. The job timeout set with this option however is useful to abort
738 only the job waiting for the unit state to change.</para>
798d3a52
ZJS		 739
740 <para><varname>JobTimeoutAction=</varname>
741 optionally configures an additional
742 action to take when the time-out is
743 hit. It takes the same values as the
744 per-service
745 <varname>StartLimitAction=</varname>
746 setting, see
747 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
748 for details. Defaults to
749 <option>none</option>. <varname>JobTimeoutRebootArgument=</varname>
750 configures an optional reboot string
751 to pass to the
752 <citerefentry><refentrytitle>reboot</refentrytitle><manvolnum>2</manvolnum></citerefentry>
753 system call.</para></listitem>
754 </varlistentry>
755
6bf0f408
LP		 756 <varlistentry>
757 <term><varname>StartLimitInterval=</varname></term>
758 <term><varname>StartLimitBurst=</varname></term>
759
760 <listitem><para>Configure unit start rate limiting. By default, units which are started more than 5 times
761 within 10 seconds are not permitted to start any more times until the 10 second interval ends. With these two
762 options, this rate limiting may be modified. Use <varname>StartLimitInterval=</varname> to configure the
763 checking interval (defaults to <varname>DefaultStartLimitInterval=</varname> in manager configuration file, set
764 to 0 to disable any kind of rate limiting). Use <varname>StartLimitBurst=</varname> to configure how many
765 starts per interval are allowed (defaults to <varname>DefaultStartLimitBurst=</varname> in manager
766 configuration file). These configuration options are particularly useful in conjunction with the service
767 setting <varname>Restart=</varname> (see
768 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>); however,
769 they apply to all kinds of starts (including manual), not just those triggered by the
770 <varname>Restart=</varname> logic. Note that units which are configured for <varname>Restart=</varname> and
771 which reach the start limit are not attempted to be restarted anymore; however, they may still be restarted
772 manually at a later point, from which point on, the restart logic is again activated. Note that
773 <command>systemctl reset-failed</command> will cause the restart rate counter for a service to be flushed,
774 which is useful if the administrator wants to manually start a unit and the start limit interferes with
775 that.</para></listitem>
776 </varlistentry>
777
778 <varlistentry>
779 <term><varname>StartLimitAction=</varname></term>
780
781 <listitem><para>Configure the action to take if the rate limit configured with
782 <varname>StartLimitInterval=</varname> and <varname>StartLimitBurst=</varname> is hit. Takes one of
783 <option>none</option>, <option>reboot</option>, <option>reboot-force</option>,
784 <option>reboot-immediate</option>, <option>poweroff</option>, <option>poweroff-force</option> or
785 <option>poweroff-immediate</option>. If <option>none</option> is set, hitting the rate limit will trigger no
786 action besides that the start will not be permitted. <option>reboot</option> causes a reboot following the
787 normal shutdown procedure (i.e. equivalent to <command>systemctl reboot</command>).
788 <option>reboot-force</option> causes a forced reboot which will terminate all processes forcibly but should
789 cause no dirty file systems on reboot (i.e. equivalent to <command>systemctl reboot -f</command>) and
790 <option>reboot-immediate</option> causes immediate execution of the
791 <citerefentry><refentrytitle>reboot</refentrytitle><manvolnum>2</manvolnum></citerefentry> system call, which
792 might result in data loss. Similarly, <option>poweroff</option>, <option>poweroff-force</option>,
793 <option>poweroff-immediate</option> have the effect of powering down the system with similar
794 semantics. Defaults to <option>none</option>.</para></listitem>
795 </varlistentry>
796
797 <varlistentry>
798 <term><varname>RebootArgument=</varname></term>
799 <listitem><para>Configure the optional argument for the
800 <citerefentry><refentrytitle>reboot</refentrytitle><manvolnum>2</manvolnum></citerefentry> system call if
801 <varname>StartLimitAction=</varname> or a service's <varname>FailureAction=</varname> is a reboot action. This
802 works just like the optional argument to <command>systemctl reboot</command> command.</para></listitem>
803 </varlistentry>
804
798d3a52
ZJS		 805 <varlistentry>
806 <term><varname>ConditionArchitecture=</varname></term>
807 <term><varname>ConditionVirtualization=</varname></term>
808 <term><varname>ConditionHost=</varname></term>
809 <term><varname>ConditionKernelCommandLine=</varname></term>
810 <term><varname>ConditionSecurity=</varname></term>
811 <term><varname>ConditionCapability=</varname></term>
812 <term><varname>ConditionACPower=</varname></term>
813 <term><varname>ConditionNeedsUpdate=</varname></term>
814 <term><varname>ConditionFirstBoot=</varname></term>
815 <term><varname>ConditionPathExists=</varname></term>
816 <term><varname>ConditionPathExistsGlob=</varname></term>
817 <term><varname>ConditionPathIsDirectory=</varname></term>
818 <term><varname>ConditionPathIsSymbolicLink=</varname></term>
819 <term><varname>ConditionPathIsMountPoint=</varname></term>
820 <term><varname>ConditionPathIsReadWrite=</varname></term>
821 <term><varname>ConditionDirectoryNotEmpty=</varname></term>
822 <term><varname>ConditionFileNotEmpty=</varname></term>
823 <term><varname>ConditionFileIsExecutable=</varname></term>
824
7ca41557 825 <!-- We do not document ConditionNull=
b938cb90 826 here, as it is not particularly
798d3a52
ZJS		 827 useful and probably just
828 confusing. -->
829
41448597
LP		 830 <listitem><para>Before starting a unit, verify that the specified condition is true. If it is not true, the
831 starting of the unit will be (mostly silently) skipped, however all ordering dependencies of it are still
832 respected. A failing condition will not result in the unit being moved into a failure state. The condition is
833 checked at the time the queued start job is to be executed. Use condition expressions in order to silently skip
834 units that do not apply to the local running system, for example because the kernel or runtime environment
835 doesn't require its functionality. Use the various <varname>AssertArchitecture=</varname>,
836 <varname>AssertVirtualization=</varname>, … options for a similar mechanism that puts the unit in a failure
837 state and logs about the failed check (see below).</para>
798d3a52
ZJS		 838
839 <para><varname>ConditionArchitecture=</varname> may be used to
840 check whether the system is running on a specific
841 architecture. Takes one of
842 <varname>x86</varname>,
843 <varname>x86-64</varname>,
844 <varname>ppc</varname>,
845 <varname>ppc-le</varname>,
846 <varname>ppc64</varname>,
847 <varname>ppc64-le</varname>,
848 <varname>ia64</varname>,
849 <varname>parisc</varname>,
850 <varname>parisc64</varname>,
851 <varname>s390</varname>,
852 <varname>s390x</varname>,
853 <varname>sparc</varname>,
854 <varname>sparc64</varname>,
855 <varname>mips</varname>,
856 <varname>mips-le</varname>,
857 <varname>mips64</varname>,
858 <varname>mips64-le</varname>,
859 <varname>alpha</varname>,
860 <varname>arm</varname>,
861 <varname>arm-be</varname>,
862 <varname>arm64</varname>,
863 <varname>arm64-be</varname>,
864 <varname>sh</varname>,
865 <varname>sh64</varname>,
866 <varname>m86k</varname>,
867 <varname>tilegx</varname>,
868 <varname>cris</varname> to test
869 against a specific architecture. The architecture is
870 determined from the information returned by
3ba3a79d 871 <citerefentry project='man-pages'><refentrytitle>uname</refentrytitle><manvolnum>2</manvolnum></citerefentry>
798d3a52
ZJS		 872 and is thus subject to
873 <citerefentry><refentrytitle>personality</refentrytitle><manvolnum>2</manvolnum></citerefentry>.
874 Note that a <varname>Personality=</varname> setting in the
875 same unit file has no effect on this condition. A special
876 architecture name <varname>native</varname> is mapped to the
877 architecture the system manager itself is compiled for. The
878 test may be negated by prepending an exclamation mark.</para>
879
880 <para><varname>ConditionVirtualization=</varname> may be used
881 to check whether the system is executed in a virtualized
882 environment and optionally test whether it is a specific
883 implementation. Takes either boolean value to check if being
884 executed in any virtualized environment, or one of
885 <varname>vm</varname> and
886 <varname>container</varname> to test against a generic type of
887 virtualization solution, or one of
888 <varname>qemu</varname>,
889 <varname>kvm</varname>,
890 <varname>zvm</varname>,
891 <varname>vmware</varname>,
892 <varname>microsoft</varname>,
893 <varname>oracle</varname>,
894 <varname>xen</varname>,
895 <varname>bochs</varname>,
896 <varname>uml</varname>,
897 <varname>openvz</varname>,
898 <varname>lxc</varname>,
899 <varname>lxc-libvirt</varname>,
900 <varname>systemd-nspawn</varname>,
9fb16425
ILG		 901 <varname>docker</varname>,
902 <varname>rkt</varname> to test
798d3a52
ZJS		 903 against a specific implementation. See
904 <citerefentry><refentrytitle>systemd-detect-virt</refentrytitle><manvolnum>1</manvolnum></citerefentry>
905 for a full list of known virtualization technologies and their
906 identifiers. If multiple virtualization technologies are
907 nested, only the innermost is considered. The test may be
908 negated by prepending an exclamation mark.</para>
909
910 <para><varname>ConditionHost=</varname> may be used to match
911 against the hostname or machine ID of the host. This either
912 takes a hostname string (optionally with shell style globs)
913 which is tested against the locally set hostname as returned
914 by
915 <citerefentry><refentrytitle>gethostname</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
916 or a machine ID formatted as string (see
917 <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry>).
918 The test may be negated by prepending an exclamation
919 mark.</para>
920
921 <para><varname>ConditionKernelCommandLine=</varname> may be
922 used to check whether a specific kernel command line option is
923 set (or if prefixed with the exclamation mark unset). The
924 argument must either be a single word, or an assignment (i.e.
925 two words, separated <literal>=</literal>). In the former case
926 the kernel command line is searched for the word appearing as
927 is, or as left hand side of an assignment. In the latter case,
928 the exact assignment is looked for with right and left hand
929 side matching.</para>
930
931 <para><varname>ConditionSecurity=</varname> may be used to
932 check whether the given security module is enabled on the
b8e1d4d1 933 system. Currently, the recognized values are
798d3a52
ZJS		 934 <varname>selinux</varname>,
935 <varname>apparmor</varname>,
936 <varname>ima</varname>,
937 <varname>smack</varname> and
938 <varname>audit</varname>. The test may be negated by
939 prepending an exclamation mark.</para>
940
941 <para><varname>ConditionCapability=</varname> may be used to
942 check whether the given capability exists in the capability
943 bounding set of the service manager (i.e. this does not check
944 whether capability is actually available in the permitted or
945 effective sets, see
946 <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
947 for details). Pass a capability name such as
948 <literal>CAP_MKNOD</literal>, possibly prefixed with an
949 exclamation mark to negate the check.</para>
950
951 <para><varname>ConditionACPower=</varname> may be used to
952 check whether the system has AC power, or is exclusively
953 battery powered at the time of activation of the unit. This
954 takes a boolean argument. If set to <varname>true</varname>,
955 the condition will hold only if at least one AC connector of
956 the system is connected to a power source, or if no AC
957 connectors are known. Conversely, if set to
958 <varname>false</varname>, the condition will hold only if
959 there is at least one AC connector known and all AC connectors
960 are disconnected from a power source.</para>
961
962 <para><varname>ConditionNeedsUpdate=</varname> takes one of
963 <filename>/var</filename> or <filename>/etc</filename> as
964 argument, possibly prefixed with a <literal>!</literal> (for
965 inverting the condition). This condition may be used to
966 conditionalize units on whether the specified directory
967 requires an update because <filename>/usr</filename>'s
968 modification time is newer than the stamp file
969 <filename>.updated</filename> in the specified directory. This
970 is useful to implement offline updates of the vendor operating
971 system resources in <filename>/usr</filename> that require
972 updating of <filename>/etc</filename> or
973 <filename>/var</filename> on the next following boot. Units
974 making use of this condition should order themselves before
975 <citerefentry><refentrytitle>systemd-update-done.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
7f3fdb7f 976 to make sure they run before the stamp file's modification
798d3a52
ZJS		 977 time gets reset indicating a completed update.</para>
978
979 <para><varname>ConditionFirstBoot=</varname> takes a boolean
980 argument. This condition may be used to conditionalize units
981 on whether the system is booting up with an unpopulated
982 <filename>/etc</filename> directory. This may be used to
983 populate <filename>/etc</filename> on the first boot after
984 factory reset, or when a new system instances boots up for the
985 first time.</para>
986
987 <para>With <varname>ConditionPathExists=</varname> a file
988 existence condition is checked before a unit is started. If
989 the specified absolute path name does not exist, the condition
990 will fail. If the absolute path name passed to
991 <varname>ConditionPathExists=</varname> is prefixed with an
992 exclamation mark (<literal>!</literal>), the test is negated,
993 and the unit is only started if the path does not
994 exist.</para>
995
996 <para><varname>ConditionPathExistsGlob=</varname> is similar
997 to <varname>ConditionPathExists=</varname>, but checks for the
998 existence of at least one file or directory matching the
999 specified globbing pattern.</para>
1000
1001 <para><varname>ConditionPathIsDirectory=</varname> is similar
1002 to <varname>ConditionPathExists=</varname> but verifies
1003 whether a certain path exists and is a directory.</para>
1004
1005 <para><varname>ConditionPathIsSymbolicLink=</varname> is
1006 similar to <varname>ConditionPathExists=</varname> but
1007 verifies whether a certain path exists and is a symbolic
1008 link.</para>
1009
1010 <para><varname>ConditionPathIsMountPoint=</varname> is similar
1011 to <varname>ConditionPathExists=</varname> but verifies
1012 whether a certain path exists and is a mount point.</para>
1013
1014 <para><varname>ConditionPathIsReadWrite=</varname> is similar
1015 to <varname>ConditionPathExists=</varname> but verifies
1016 whether the underlying file system is readable and writable
1017 (i.e. not mounted read-only).</para>
1018
1019 <para><varname>ConditionDirectoryNotEmpty=</varname> is
1020 similar to <varname>ConditionPathExists=</varname> but
1021 verifies whether a certain path exists and is a non-empty
1022 directory.</para>
1023
1024 <para><varname>ConditionFileNotEmpty=</varname> is similar to
1025 <varname>ConditionPathExists=</varname> but verifies whether a
1026 certain path exists and refers to a regular file with a
1027 non-zero size.</para>
1028
1029 <para><varname>ConditionFileIsExecutable=</varname> is similar
1030 to <varname>ConditionPathExists=</varname> but verifies
1031 whether a certain path exists, is a regular file and marked
1032 executable.</para>
1033
1034 <para>If multiple conditions are specified, the unit will be
1035 executed if all of them apply (i.e. a logical AND is applied).
1036 Condition checks can be prefixed with a pipe symbol (|) in
1037 which case a condition becomes a triggering condition. If at
1038 least one triggering condition is defined for a unit, then the
1039 unit will be executed if at least one of the triggering
1040 conditions apply and all of the non-triggering conditions. If
1041 you prefix an argument with the pipe symbol and an exclamation
1042 mark, the pipe symbol must be passed first, the exclamation
1043 second. Except for
1044 <varname>ConditionPathIsSymbolicLink=</varname>, all path
1045 checks follow symlinks. If any of these options is assigned
1046 the empty string, the list of conditions is reset completely,
1047 all previous condition settings (of any kind) will have no
1048 effect.</para></listitem>
1049 </varlistentry>
1050
1051 <varlistentry>
1052 <term><varname>AssertArchitecture=</varname></term>
1053 <term><varname>AssertVirtualization=</varname></term>
1054 <term><varname>AssertHost=</varname></term>
1055 <term><varname>AssertKernelCommandLine=</varname></term>
1056 <term><varname>AssertSecurity=</varname></term>
1057 <term><varname>AssertCapability=</varname></term>
1058 <term><varname>AssertACPower=</varname></term>
1059 <term><varname>AssertNeedsUpdate=</varname></term>
1060 <term><varname>AssertFirstBoot=</varname></term>
1061 <term><varname>AssertPathExists=</varname></term>
1062 <term><varname>AssertPathExistsGlob=</varname></term>
1063 <term><varname>AssertPathIsDirectory=</varname></term>
1064 <term><varname>AssertPathIsSymbolicLink=</varname></term>
1065 <term><varname>AssertPathIsMountPoint=</varname></term>
1066 <term><varname>AssertPathIsReadWrite=</varname></term>
1067 <term><varname>AssertDirectoryNotEmpty=</varname></term>
1068 <term><varname>AssertFileNotEmpty=</varname></term>
1069 <term><varname>AssertFileIsExecutable=</varname></term>
1070
41448597
LP		 1071 <listitem><para>Similar to the <varname>ConditionArchitecture=</varname>,
1072 <varname>ConditionVirtualization=</varname>, …, condition settings described above, these settings add
1073 assertion checks to the start-up of the unit. However, unlike the conditions settings, any assertion setting
1074 that is not met results in failure of the start job it was triggered by (which means this is logged about
1075 loudly). Use assertion expressions for units that cannot operate when specific requirements are not met, and
1076 where this is something the administrator or user should look into.</para></listitem>
798d3a52
ZJS		 1077 </varlistentry>
1078
1079 <varlistentry>
1080 <term><varname>SourcePath=</varname></term>
1081 <listitem><para>A path to a configuration file this unit has
1082 been generated from. This is primarily useful for
1083 implementation of generator tools that convert configuration
1084 from an external configuration file format into native unit
1085 files. This functionality should not be used in normal
1086 units.</para></listitem>
1087 </varlistentry>
32ee7d33 1088
798d3a52
ZJS		 1089 </variablelist>
1090
1091 </refsect1>
1092
1093 <refsect1>
1094 <title>[Install] Section Options</title>
1095
1096 <para>Unit file may include an <literal>[Install]</literal>
1097 section, which carries installation information for the unit. This
1098 section is not interpreted by
1099 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
1100 during runtime. It is used exclusively by the
1101 <command>enable</command> and <command>disable</command> commands
1102 of the
1103 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
1104 tool during installation of a unit:</para>
1105
1106 <variablelist class='unit-directives'>
1107 <varlistentry>
1108 <term><varname>Alias=</varname></term>
1109
1110 <listitem><para>A space-separated list of additional names
1111 this unit shall be installed under. The names listed here must
1112 have the same suffix (i.e. type) as the unit file name. This
1113 option may be specified more than once, in which case all
1114 listed names are used. At installation time,
1115 <command>systemctl enable</command> will create symlinks from
1116 these names to the unit filename.</para></listitem>
1117 </varlistentry>
1118
1119 <varlistentry>
1120 <term><varname>WantedBy=</varname></term>
1121 <term><varname>RequiredBy=</varname></term>
1122
1123 <listitem><para>This option may be used more than once, or a
1124 space-separated list of unit names may be given. A symbolic
1125 link is created in the <filename>.wants/</filename> or
1126 <filename>.requires/</filename> directory of each of the
1127 listed units when this unit is installed by <command>systemctl
1128 enable</command>. This has the effect that a dependency of
1129 type <varname>Wants=</varname> or <varname>Requires=</varname>
1130 is added from the listed unit to the current unit. The primary
1131 result is that the current unit will be started when the
1132 listed unit is started. See the description of
1133 <varname>Wants=</varname> and <varname>Requires=</varname> in
1134 the [Unit] section for details.</para>
1135
1136 <para><command>WantedBy=foo.service</command> in a service
1137 <filename>bar.service</filename> is mostly equivalent to
1138 <command>Alias=foo.service.wants/bar.service</command> in the
1139 same file. In case of template units, <command>systemctl
1140 enable</command> must be called with an instance name, and
1141 this instance will be added to the
1142 <filename>.wants/</filename> or
1143 <filename>.requires/</filename> list of the listed unit. E.g.
1144 <command>WantedBy=getty.target</command> in a service
1145 <filename>getty@.service</filename> will result in
1146 <command>systemctl enable getty@tty2.service</command>
1147 creating a
1148 <filename>getty.target.wants/getty@tty2.service</filename>
1149 link to <filename>getty@.service</filename>.
1150 </para></listitem>
1151 </varlistentry>
1152
1153 <varlistentry>
1154 <term><varname>Also=</varname></term>
1155
1156 <listitem><para>Additional units to install/deinstall when
1157 this unit is installed/deinstalled. If the user requests
1158 installation/deinstallation of a unit with this option
1159 configured, <command>systemctl enable</command> and
1160 <command>systemctl disable</command> will automatically
1161 install/uninstall units listed in this option as well.</para>
1162
1163 <para>This option may be used more than once, or a
1164 space-separated list of unit names may be
1165 given.</para></listitem>
1166 </varlistentry>
1167
1168 <varlistentry>
1169 <term><varname>DefaultInstance=</varname></term>
1170
1171 <listitem><para>In template unit files, this specifies for
1172 which instance the unit shall be enabled if the template is
1173 enabled without any explicitly set instance. This option has
1174 no effect in non-template unit files. The specified string
1175 must be usable as instance identifier.</para></listitem>
1176 </varlistentry>
1177 </variablelist>
1178
1179 <para>The following specifiers are interpreted in the Install
1180 section: %n, %N, %p, %i, %U, %u, %m, %H, %b, %v. For their meaning
1181 see the next section.
1182 </para>
1183 </refsect1>
1184
1185 <refsect1>
1186 <title>Specifiers</title>
1187
1188 <para>Many settings resolve specifiers which may be used to write
1189 generic unit files referring to runtime or unit parameters that
1190 are replaced when the unit files are loaded. The following
1191 specifiers are understood:</para>
1192
1193 <table>
1194 <title>Specifiers available in unit files</title>
1195 <tgroup cols='3' align='left' colsep='1' rowsep='1'>
1196 <colspec colname="spec" />
1197 <colspec colname="mean" />
1198 <colspec colname="detail" />
1199 <thead>
1200 <row>
1201 <entry>Specifier</entry>
1202 <entry>Meaning</entry>
1203 <entry>Details</entry>
1204 </row>
1205 </thead>
1206 <tbody>
1207 <row>
1208 <entry><literal>%n</literal></entry>
1209 <entry>Full unit name</entry>
1210 <entry></entry>
1211 </row>
1212 <row>
1213 <entry><literal>%N</literal></entry>
1214 <entry>Unescaped full unit name</entry>
1215 <entry>Same as <literal>%n</literal>, but with escaping undone</entry>
1216 </row>
1217 <row>
1218 <entry><literal>%p</literal></entry>
1219 <entry>Prefix name</entry>
1220 <entry>For instantiated units, this refers to the string before the <literal>@</literal> character of the unit name. For non-instantiated units, this refers to the name of the unit with the type suffix removed.</entry>
1221 </row>
1222 <row>
1223 <entry><literal>%P</literal></entry>
1224 <entry>Unescaped prefix name</entry>
1225 <entry>Same as <literal>%p</literal>, but with escaping undone</entry>
1226 </row>
1227 <row>
1228 <entry><literal>%i</literal></entry>
1229 <entry>Instance name</entry>
1230 <entry>For instantiated units: this is the string between the <literal>@</literal> character and the suffix of the unit name.</entry>
1231 </row>
1232 <row>
1233 <entry><literal>%I</literal></entry>
1234 <entry>Unescaped instance name</entry>
1235 <entry>Same as <literal>%i</literal>, but with escaping undone</entry>
1236 </row>
1237 <row>
1238 <entry><literal>%f</literal></entry>
1239 <entry>Unescaped filename</entry>
1240 <entry>This is either the unescaped instance name (if applicable) with <filename>/</filename> prepended (if applicable), or the prefix name prepended with <filename>/</filename>.</entry>
1241 </row>
1242 <row>
1243 <entry><literal>%c</literal></entry>
1244 <entry>Control group path of the unit</entry>
1245 <entry>This path does not include the <filename>/sys/fs/cgroup/systemd/</filename> prefix.</entry>
1246 </row>
1247 <row>
1248 <entry><literal>%r</literal></entry>
1249 <entry>Control group path of the slice the unit is placed in</entry>
1250 <entry>This usually maps to the parent cgroup path of <literal>%c</literal>.</entry>
1251 </row>
1252 <row>
1253 <entry><literal>%R</literal></entry>
1254 <entry>Root control group path below which slices and units are placed</entry>
1255 <entry>For system instances, this resolves to <filename>/</filename>, except in containers, where this maps to the container's root control group path.</entry>
1256 </row>
1257 <row>
1258 <entry><literal>%t</literal></entry>
1259 <entry>Runtime directory</entry>
1260 <entry>This is either <filename>/run</filename> (for the system manager) or the path <literal>$XDG_RUNTIME_DIR</literal> resolves to (for user managers).</entry>
1261 </row>
1262 <row>
1263 <entry><literal>%u</literal></entry>
1264 <entry>User name</entry>
79413b67 1265 <entry>This is the name of the user running the service manager instance. In case of the system manager this resolves to <literal>root</literal>.</entry>
798d3a52
ZJS		 1266 </row>
1267 <row>
1268 <entry><literal>%U</literal></entry>
1269 <entry>User UID</entry>
79413b67 1270 <entry>This is the numeric UID of the user running the service manager instance. In case of the system manager this resolves to <literal>0</literal>.</entry>
798d3a52
ZJS		 1271 </row>
1272 <row>
1273 <entry><literal>%h</literal></entry>
1274 <entry>User home directory</entry>
79413b67 1275 <entry>This is the home directory of the user running the service manager instance. In case of the system manager this resolves to <literal>/root</literal>.</entry>
798d3a52
ZJS		 1276 </row>
1277 <row>
1278 <entry><literal>%s</literal></entry>
1279 <entry>User shell</entry>
79413b67 1280 <entry>This is the shell of the user running the service manager instance. In case of the system manager this resolves to <literal>/bin/sh</literal>.</entry>
798d3a52
ZJS		 1281 </row>
1282 <row>
1283 <entry><literal>%m</literal></entry>
1284 <entry>Machine ID</entry>
1285 <entry>The machine ID of the running system, formatted as string. See <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry> for more information.</entry>
1286 </row>
1287 <row>
1288 <entry><literal>%b</literal></entry>
1289 <entry>Boot ID</entry>
1290 <entry>The boot ID of the running system, formatted as string. See <citerefentry><refentrytitle>random</refentrytitle><manvolnum>4</manvolnum></citerefentry> for more information.</entry>
1291 </row>
1292 <row>
1293 <entry><literal>%H</literal></entry>
1294 <entry>Host name</entry>
e5f270f5 1295 <entry>The hostname of the running system at the point in time the unit configuration is loaded.</entry>
798d3a52
ZJS		 1296 </row>
1297 <row>
1298 <entry><literal>%v</literal></entry>
1299 <entry>Kernel release</entry>
1300 <entry>Identical to <command>uname -r</command> output</entry>
1301 </row>
1302 <row>
1303 <entry><literal>%%</literal></entry>
1304 <entry>Single percent sign</entry>
1305 <entry>Use <literal>%%</literal> in place of <literal>%</literal> to specify a single percent sign.</entry>
1306 </row>
1307 </tbody>
1308 </tgroup>
1309 </table>
1310
1311 <para>Please note that specifiers <literal>%U</literal>,
1312 <literal>%h</literal>, <literal>%s</literal> are mostly useless
1313 when systemd is running in system mode. PID 1 cannot query the
1314 user account database for information, so the specifiers only work
1315 as shortcuts for things which are already specified in a different
1316 way in the unit file. They are fully functional when systemd is
1317 running in <option>--user</option> mode.</para>
1318 </refsect1>
1319
1320 <refsect1>
1321 <title>Examples</title>
1322
1323 <example>
1324 <title>Allowing units to be enabled</title>
1325
1326 <para>The following snippet (highlighted) allows a unit (e.g.
1327 <filename>foo.service</filename>) to be enabled via
1328 <command>systemctl enable</command>:</para>
1329
1330 <programlisting>[Unit]
92b1e225
CS		 1331Description=Foo
1332
1333[Service]
1334ExecStart=/usr/sbin/foo-daemon
1335
1336<emphasis>[Install]</emphasis>
1337<emphasis>WantedBy=multi-user.target</emphasis></programlisting>
1338
798d3a52
ZJS		 1339 <para>After running <command>systemctl enable</command>, a
1340 symlink
12b42c76 1341 <filename>/etc/systemd/system/multi-user.target.wants/foo.service</filename>
798d3a52
ZJS		 1342 linking to the actual unit will be created. It tells systemd to
1343 pull in the unit when starting
1344 <filename>multi-user.target</filename>. The inverse
1345 <command>systemctl disable</command> will remove that symlink
1346 again.</para>
1347 </example>
1348
1349 <example>
1350 <title>Overriding vendor settings</title>
1351
1352 <para>There are two methods of overriding vendor settings in
1353 unit files: copying the unit file from
12b42c76
TG		 1354 <filename>/usr/lib/systemd/system</filename> to
1355 <filename>/etc/systemd/system</filename> and modifying the
798d3a52
ZJS		 1356 chosen settings. Alternatively, one can create a directory named
1357 <filename><replaceable>unit</replaceable>.d/</filename> within
12b42c76 1358 <filename>/etc/systemd/system</filename> and place a drop-in
798d3a52
ZJS		 1359 file <filename><replaceable>name</replaceable>.conf</filename>
1360 there that only changes the specific settings one is interested
1361 in. Note that multiple such drop-in files are read if
1362 present.</para>
1363
1364 <para>The advantage of the first method is that one easily
1365 overrides the complete unit, the vendor unit is not parsed at
1366 all anymore. It has the disadvantage that improvements to the
1367 unit file by the vendor are not automatically incorporated on
1368 updates.</para>
1369
1370 <para>The advantage of the second method is that one only
1371 overrides the settings one specifically wants, where updates to
1372 the unit by the vendor automatically apply. This has the
1373 disadvantage that some future updates by the vendor might be
1374 incompatible with the local changes.</para>
1375
1376 <para>Note that for drop-in files, if one wants to remove
1377 entries from a setting that is parsed as a list (and is not a
1378 dependency), such as <varname>ConditionPathExists=</varname> (or
1379 e.g. <varname>ExecStart=</varname> in service units), one needs
1380 to first clear the list before re-adding all entries except the
1381 one that is to be removed. See below for an example.</para>
1382
1383 <para>This also applies for user instances of systemd, but with
1384 different locations for the unit files. See the section on unit
1385 load paths for further details.</para>
1386
1387 <para>Suppose there is a vendor-supplied unit
12b42c76 1388 <filename>/usr/lib/systemd/system/httpd.service</filename> with
798d3a52
ZJS		 1389 the following contents:</para>
1390
1391 <programlisting>[Unit]
92b1e225
CS		 1392Description=Some HTTP server
1393After=remote-fs.target sqldb.service
1394Requires=sqldb.service
1395AssertPathExists=/srv/webserver
1396
1397[Service]
1398Type=notify
1399ExecStart=/usr/sbin/some-fancy-httpd-server
1400Nice=5
1401
1402[Install]
1403WantedBy=multi-user.target</programlisting>
1404
798d3a52
ZJS		 1405 <para>Now one wants to change some settings as an administrator:
1406 firstly, in the local setup, <filename>/srv/webserver</filename>
e2acdb6b 1407 might not exist, because the HTTP server is configured to use
798d3a52
ZJS		 1408 <filename>/srv/www</filename> instead. Secondly, the local
1409 configuration makes the HTTP server also depend on a memory
1410 cache service, <filename>memcached.service</filename>, that
1411 should be pulled in (<varname>Requires=</varname>) and also be
1412 ordered appropriately (<varname>After=</varname>). Thirdly, in
1413 order to harden the service a bit more, the administrator would
1414 like to set the <varname>PrivateTmp=</varname> setting (see
1415 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
1416 for details). And lastly, the administrator would like to reset
1417 the niceness of the service to its default value of 0.</para>
1418
1419 <para>The first possibility is to copy the unit file to
12b42c76 1420 <filename>/etc/systemd/system/httpd.service</filename> and
798d3a52
ZJS		 1421 change the chosen settings:</para>
1422
1423 <programlisting>[Unit]
92b1e225
CS		 1424Description=Some HTTP server
1425After=remote-fs.target sqldb.service <emphasis>memcached.service</emphasis>
1426Requires=sqldb.service <emphasis>memcached.service</emphasis>
1427AssertPathExists=<emphasis>/srv/www</emphasis>
1428
1429[Service]
1430Type=notify
1431ExecStart=/usr/sbin/some-fancy-httpd-server
1432<emphasis>Nice=0</emphasis>
1433<emphasis>PrivateTmp=yes</emphasis>
1434
1435[Install]
1436WantedBy=multi-user.target</programlisting>
1437
798d3a52
ZJS		 1438 <para>Alternatively, the administrator could create a drop-in
1439 file
12b42c76 1440 <filename>/etc/systemd/system/httpd.service.d/local.conf</filename>
798d3a52 1441 with the following contents:</para>
92b1e225 1442
798d3a52 1443 <programlisting>[Unit]
92b1e225
CS		 1444After=memcached.service
1445Requires=memcached.service
1446# Reset all assertions and then re-add the condition we want
1447AssertPathExists=
1448AssertPathExists=/srv/www
1449
1450[Service]
1451Nice=0
1452PrivateTmp=yes</programlisting>
1453
798d3a52
ZJS		 1454 <para>Note that dependencies (<varname>After=</varname>, etc.)
1455 cannot be reset to an empty list, so dependencies can only be
1456 added in drop-ins. If you want to remove dependencies, you have
1457 to override the entire unit.</para>
0cf4c0d1 1458
798d3a52
ZJS		 1459 </example>
1460 </refsect1>
1461
1462 <refsect1>
1463 <title>See Also</title>
1464 <para>
1465 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
1466 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
1467 <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
1468 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1469 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1470 <citerefentry><refentrytitle>systemd.device</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1471 <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1472 <citerefentry><refentrytitle>systemd.automount</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1473 <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1474 <citerefentry><refentrytitle>systemd.target</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1475 <citerefentry><refentrytitle>systemd.path</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1476 <citerefentry><refentrytitle>systemd.timer</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
798d3a52
ZJS		 1477 <citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1478 <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1479 <citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
1480 <citerefentry><refentrytitle>systemd-analyze</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
1481 <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
1482 <citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
3ba3a79d 1483 <citerefentry project='man-pages'><refentrytitle>uname</refentrytitle><manvolnum>1</manvolnum></citerefentry>
798d3a52
ZJS		 1484 </para>
1485 </refsect1>
d1ab0ca0
LP		 1486
1487</refentry>
Unnamed repository; edit this file 'description' to name the repository.