]>
Commit | Line | Data |
---|---|---|
c3e270f4 FB |
1 | --- |
2 | title: Porting systemd To New Distributions | |
3 | --- | |
4 | ||
1d1cb168 FB |
5 | # Porting systemd To New Distributions |
6 | ||
7 | ## HOWTO | |
8 | ||
9 | You need to make the follow changes to adapt systemd to your | |
10 | distribution: | |
11 | ||
12 | 1. Find the right configure parameters for: | |
13 | ||
14 | * `-Drootprefix=` | |
15 | * `-Dsysvinit-path=` | |
16 | * `-Dsysvrcnd-path=` | |
17 | * `-Drc-local=` | |
1d1cb168 FB |
18 | * `-Dloadkeys-path=` |
19 | * `-Dsetfont-path=` | |
20 | * `-Dtty-gid=` | |
21 | * `-Dntp-servers=` | |
22 | * `-Ddns-servers=` | |
23 | * `-Dsupport-url=` | |
24 | ||
25 | 2. Try it out. | |
26 | ||
27 | Play around (as an ordinary user) with | |
28 | `/usr/lib/systemd/systemd --test --system` for a test run | |
29 | of systemd without booting. This will read the unit files and | |
30 | print the initial transaction it would execute during boot-up. | |
31 | This will also inform you about ordering loops and suchlike. | |
32 | ||
57903f93 ZJS |
33 | ## Compilation options |
34 | ||
35 | The default configuration does not enable any optimization or hardening | |
36 | options. This is suitable for development and testing, but not for end-user | |
37 | installations. | |
38 | ||
39 | For deployment, optimization (`-O2` or `-O3` compiler options), link time | |
40 | optimization (`-Db_lto=true` meson option), and hardening (e.g. | |
41 | `-D_FORTIFY_SOURCE=2`, `-fstack-protector-strong`, `-fstack-clash-protection`, | |
42 | `-fcf-protection`, `-pie` compiler options, and `-z relro`, `-z now`, | |
43 | `--as-needed` linker options) are recommended. The most appropriate set of | |
44 | options depends on the architecture and distribution specifics so no default is | |
45 | provided. | |
46 | ||
1d1cb168 FB |
47 | ## NTP Pool |
48 | ||
49 | By default, systemd-timesyncd uses the Google Public NTP servers | |
50 | `time[1-4].google.com`, if no other NTP configuration is available. | |
51 | They serve time that uses a | |
52 | [leap second smear](https://developers.google.com/time/smear) | |
53 | and can be up to .5s off from servers that use stepped leap seconds. | |
54 | ||
55 | If you prefer to use leap second steps, please register your own | |
56 | vendor pool at ntp.org and make it the built-in default by | |
57 | passing `-Dntp-servers=` to meson. Registering vendor | |
58 | pools is [free](http://www.pool.ntp.org/en/vendors.html). | |
59 | ||
60 | Use `-Dntp-servers=` to direct systemd-timesyncd to different fallback | |
61 | NTP servers. | |
62 | ||
63 | ## DNS Servers | |
64 | ||
def3c7c7 IK |
65 | By default, systemd-resolved uses Cloudflare and Google Public DNS servers |
66 | `1.1.1.1`, `8.8.8.8`, `1.0.0.1`, `8.8.4.4`, `2606:4700:4700::1111`, `2001:4860:4860::8888`, `2606:4700:4700::1001`, `2001:4860:4860::8844` | |
1d1cb168 FB |
67 | as fallback, if no other DNS configuration is available. |
68 | ||
69 | Use `-Ddns-servers=` to direct systemd-resolved to different fallback | |
70 | DNS servers. | |
71 | ||
72 | ## PAM | |
73 | ||
74 | The default PAM config shipped by systemd is really bare bones. | |
75 | It does not include many modules your distro might want to enable | |
76 | to provide a more seamless experience. For example, limits set in | |
77 | `/etc/security/limits.conf` will not be read unless you load `pam_limits`. | |
78 | Make sure you add modules your distro expects from user services. | |
79 | ||
80 | Pass `-Dpamconfdir=no` to meson to avoid installing this file and | |
81 | instead install your own. | |
82 | ||
83 | ## Contributing Upstream | |
84 | ||
85 | We generally do no longer accept distribution-specific patches to | |
86 | systemd upstream. If you have to make changes to systemd's source code | |
87 | to make it work on your distribution, unless your code is generic | |
88 | enough to be generally useful, we are unlikely to merge it. Please | |
89 | always consider adopting the upstream defaults. If that is not | |
90 | possible, please maintain the relevant patches downstream. | |
91 | ||
92 | Thank you for understanding. |