]>
Commit | Line | Data |
---|---|---|
c3e270f4 FB |
1 | --- |
2 | title: Known Environment Variables | |
4cdca0af | 3 | category: Interfaces |
b41a3f66 | 4 | layout: default |
c3e270f4 FB |
5 | --- |
6 | ||
4549fcdb LP |
7 | # Known Environment Variables |
8 | ||
9 | A number of systemd components take additional runtime parameters via | |
10 | environment variables. Many of these environment variables are not supported at | |
11 | the same level as command line switches and other interfaces are: we don't | |
12 | document them in the man pages and we make no stability guarantees for | |
13 | them. While they generally are unlikely to be dropped any time soon again, we | |
14 | do not want to guarantee that they stay around for good either. | |
15 | ||
16 | Below is an (incomprehensive) list of the environment variables understood by | |
17 | the various tools. Note that this list only covers environment variables not | |
18 | documented in the proper man pages. | |
19 | ||
20 | All tools: | |
21 | ||
f38951a6 CW |
22 | * `$SYSTEMD_OFFLINE=[0|1]` — if set to `1`, then `systemctl` will |
23 | refrain from talking to PID 1; this has the same effect as the historical | |
24 | detection of `chroot()`. Setting this variable to `0` instead has a similar | |
25 | effect as `SYSTEMD_IGNORE_CHROOT=1`; i.e. tools will try to | |
26 | communicate with PID 1 even if a `chroot()` environment is detected. | |
27 | You almost certainly want to set this to `1` if you maintain a package build system | |
28 | or similar and are trying to use a modern container system and not plain | |
29 | `chroot()`. | |
30 | ||
4549fcdb | 31 | * `$SYSTEMD_IGNORE_CHROOT=1` — if set, don't check whether being invoked in a |
f38951a6 CW |
32 | `chroot()` environment. This is particularly relevant for systemctl, as it |
33 | will not alter its behaviour for `chroot()` environments if set. Normally it | |
34 | refrains from talking to PID 1 in such a case; turning most operations such | |
35 | as `start` into no-ops. If that's what's explicitly desired, you might | |
36 | consider setting `SYSTEMD_OFFLINE=1`. | |
4549fcdb LP |
37 | |
38 | * `$SD_EVENT_PROFILE_DELAYS=1` — if set, the sd-event event loop implementation | |
39 | will print latency information at runtime. | |
40 | ||
53aa0d02 ZJS |
41 | * `$SYSTEMD_PROC_CMDLINE` — if set, the contents are used as the kernel command |
42 | line instead of the actual one in /proc/cmdline. This is useful for | |
43 | debugging, in order to test generators and other code against specific kernel | |
44 | command lines. | |
45 | ||
ed4ad488 ZJS |
46 | * `$SYSTEMD_FSTAB` — if set, use this path instead of /etc/fstab. Only useful |
47 | for debugging. | |
48 | ||
a6c57e74 ZJS |
49 | * `$SYSTEMD_CRYPTTAB` — if set, use this path instead of /etc/crypttab. Only |
50 | useful for debugging. Currently only supported by systemd-cryptsetup-generator. | |
51 | ||
2536752d ZJS |
52 | * `$SYSTEMD_EFI_OPTIONS` — if set, used instead of the string in the |
53 | SystemdOptions EFI variable. Analogous to `$SYSTEMD_PROC_CMDLINE`. | |
2467cc55 | 54 | |
0307ea49 ZJS |
55 | * `$SYSTEMD_IN_INITRD` — takes a boolean. If set, overrides initrd detection. |
56 | This is useful for debugging and testing initrd-only programs in the main | |
57 | system. | |
58 | ||
385b2eb2 YW |
59 | * `$SYSTEMD_BUS_TIMEOUT=SECS` — specifies the maximum time to wait for method call |
60 | completion. If no time unit is specified, assumes seconds. The usual other units | |
61 | are understood, too (us, ms, s, min, h, d, w, month, y). If it is not set or set | |
62 | to 0, then the built-in default is used. | |
63 | ||
5f1b0cc6 | 64 | * `$SYSTEMD_MEMPOOL=0` — if set, the internal memory caching logic employed by |
b4f60743 LP |
65 | hash tables is turned off, and libc malloc() is used for all allocations. |
66 | ||
5f1b0cc6 LP |
67 | * `$SYSTEMD_EMOJI=0` — if set, tools such as "systemd-analyze security" will |
68 | not output graphical smiley emojis, but ASCII alternatives instead. Note that | |
69 | this only controls use of Unicode emoji glyphs, and has no effect on other | |
70 | Unicode glyphs. | |
71 | ||
3f5ac303 ZJS |
72 | * `$RUNTIME_DIRECTORY` — various tools use this variable to locate the |
73 | appropriate path under /run. This variable is also set by the manager when | |
74 | RuntimeDirectory= is used, see systemd.exec(5). | |
75 | ||
42f3b2f9 LP |
76 | * `$SYSTEMD_CRYPT_PREFIX` — if set configures the hash method prefix to use for |
77 | UNIX crypt() when generating passwords. By default the system's "preferred | |
78 | method" is used, but this can be overridden with this environment | |
79 | variable. Takes a prefix such as `$6$` or `$y$`. (Note that this is only | |
80 | honoured on systems built with libxcrypt and is ignored on systems using | |
81 | glibc's original, internal crypt() implementation.) | |
82 | ||
4549fcdb LP |
83 | systemctl: |
84 | ||
85 | * `$SYSTEMCTL_FORCE_BUS=1` — if set, do not connect to PID1's private D-Bus | |
86 | listener, and instead always connect through the dbus-daemon D-bus broker. | |
87 | ||
88 | * `$SYSTEMCTL_INSTALL_CLIENT_SIDE=1` — if set, enable or disable unit files on | |
89 | the client side, instead of asking PID 1 to do this. | |
90 | ||
91 | * `$SYSTEMCTL_SKIP_SYSV=1` — if set, do not call out to SysV compatibility hooks. | |
92 | ||
93 | systemd-nspawn: | |
94 | ||
c78c095b ZJS |
95 | * `$SYSTEMD_NSPAWN_UNIFIED_HIERARCHY=1` — if set, force nspawn into unified |
96 | cgroup hierarchy mode. | |
4549fcdb LP |
97 | |
98 | * `$SYSTEMD_NSPAWN_API_VFS_WRITABLE=1` — if set, make /sys and /proc/sys and | |
99 | friends writable in the container. If set to "network", leave only | |
100 | /proc/sys/net writable. | |
101 | ||
102 | * `$SYSTEMD_NSPAWN_CONTAINER_SERVICE=…` — override the "service" name nspawn | |
103 | uses to register with machined. If unset defaults to "nspawn", but with this | |
104 | variable may be set to any other value. | |
105 | ||
106 | * `$SYSTEMD_NSPAWN_USE_CGNS=0` — if set, do not use cgroup namespacing, even if | |
107 | it is available. | |
108 | ||
109 | * `$SYSTEMD_NSPAWN_LOCK=0` — if set, do not lock container images when running. | |
110 | ||
1099ceeb LP |
111 | * `$SYSTEMD_NSPAWN_TMPFS_TMP=0` — if set, do not overmount /tmp in the |
112 | container with a tmpfs, but leave the directory from the image in place. | |
113 | ||
4549fcdb LP |
114 | systemd-logind: |
115 | ||
116 | * `$SYSTEMD_BYPASS_HIBERNATION_MEMORY_CHECK=1` — if set, report that | |
117 | hibernation is available even if the swap devices do not provide enough room | |
118 | for it. | |
94fa1497 | 119 | |
7db43ec3 LP |
120 | systemd-udevd: |
121 | ||
f7e81fd9 | 122 | * `$NET_NAMING_SCHEME=` – if set, takes a network naming scheme (i.e. one of |
06da5c63 ZJS |
123 | "v238", "v239", "v240"…, or the special value "latest") as parameter. If |
124 | specified udev's net_id builtin will follow the specified naming scheme when | |
125 | determining stable network interface names. This may be used to revert to | |
126 | naming schemes of older udev versions, in order to provide more stable naming | |
127 | across updates. This environment variable takes precedence over the kernel | |
128 | command line option `net.naming-scheme=`, except if the value is prefixed | |
129 | with `:` in which case the kernel command line option takes precedence, if it | |
130 | is specified as well. | |
f7e81fd9 | 131 | |
e86c7a3a LP |
132 | * `$SYSTEMD_REBOOT_TO_FIRMWARE_SETUP` — if set overrides systemd-logind's |
133 | built-in EFI logic of requesting a reboot into the firmware. Takes a | |
134 | boolean. If set to false the functionality is turned off entirely. If set to | |
135 | true instead of requesting a reboot into the firmware setup UI through EFI a | |
136 | file `/run/systemd/reboot-to-firmware-setup` is created whenever this is | |
137 | requested. This file may be checked for by services run during system | |
138 | shutdown in order to request the appropriate operation from the firmware in | |
139 | an alternative fashion. | |
140 | ||
141 | * `$SYSTEMD_REBOOT_TO_BOOT_LOADER_MENU` — similar to the above, allows | |
142 | overriding of systemd-logind's built-in EFI logic of requesting a reboot into | |
143 | the boot loader menu. Takes a boolean. If set to false the functionality is | |
144 | turned off entirely. If set to true instead of requesting a reboot into the | |
145 | boot loader menu through EFI a file `/run/systemd/reboot-to-boot-loader-menu` | |
146 | is created whenever this is requested. The file contains the requested boot | |
147 | loader menu timeout in µs, formatted in ASCII decimals, or zero in case no | |
148 | time-out is requested. This file may be checked for by services run during | |
149 | system shutdown in order to request the appropriate operation from the boot | |
150 | loader in an alternative fashion. | |
151 | ||
152 | * `$SYSTEMD_REBOOT_TO_BOOT_LOADER_ENTRY` — similar to the above, allows | |
153 | overriding of systemd-logind's built-in EFI logic of requesting a reboot into | |
154 | a specific boot loader entry. Takes a boolean. If set to false the | |
155 | functionality is turned off entirely. If set to true instead of requesting a | |
156 | reboot into a specific boot loader entry through EFI a file | |
157 | `/run/systemd/reboot-to-boot-loader-entry` is created whenever this is | |
158 | requested. The file contains the requested boot loader entry identifier. This | |
159 | file may be checked for by services run during system shutdown in order to | |
160 | request the appropriate operation from the boot loader in an alternative | |
161 | fashion. Note that by default only boot loader entries which follow the [Boot | |
162 | Loader Specification](https://systemd.io/BOOT_LOADER_SPECIFICATION) and are | |
163 | placed in the ESP or the Extended Boot Loader partition may be selected this | |
164 | way. However, if a directory `/run/boot-loader-entries/` exists, the entries | |
165 | are loaded from there instead. The directory should contain the usual | |
166 | directory hierarchy mandated by the Boot Loader Specification, i.e. the entry | |
167 | drop-ins should be placed in | |
168 | `/run/boot-loader-entries/loader/entries/*.conf`, and the files referenced by | |
169 | the drop-ins (including the kernels and initrds) somewhere else below | |
170 | `/run/boot-loader-entries/`. Note that all these files may be (and are | |
171 | supposed to be) symlinks. systemd-logind will load these files on-demand, | |
172 | these files can hence be updated (ideally atomically) whenever the boot | |
173 | loader configuration changes. A foreign boot loader installer script should | |
174 | hence synthesize drop-in snippets and symlinks for all boot entries at boot | |
175 | or whenever they change if it wants to integrate with systemd-logind's APIs. | |
176 | ||
94fa1497 ZJS |
177 | installed systemd tests: |
178 | ||
179 | * `$SYSTEMD_TEST_DATA` — override the location of test data. This is useful if | |
180 | a test executable is moved to an arbitrary location. | |
dba1bd43 LP |
181 | |
182 | nss-systemd: | |
183 | ||
184 | * `$SYSTEMD_NSS_BYPASS_SYNTHETIC=1` — if set, `nss-systemd` won't synthesize | |
185 | user/group records for the `root` and `nobody` users if they are missing from | |
186 | `/etc/passwd`. | |
187 | ||
188 | * `$SYSTEMD_NSS_DYNAMIC_BYPASS=1` — if set, `nss-systemd` won't return | |
189 | user/group records for dynamically registered service users (i.e. users | |
190 | registered through `DynamicUser=1`). | |
191 | ||
192 | * `$SYSTEMD_NSS_BYPASS_BUS=1` — if set, `nss-systemd` won't use D-Bus to do | |
193 | dynamic user lookups. This is primarily useful to make `nss-systemd` work | |
194 | safely from within `dbus-daemon`. | |
41d0da0f YW |
195 | |
196 | systemd-timedated: | |
197 | ||
198 | * `$SYSTEMD_TIMEDATED_NTP_SERVICES=…` — colon-separated list of unit names of | |
199 | NTP client services. If set, `timedatectl set-ntp on` enables and starts the | |
200 | first existing unit listed in the environment variable, and | |
201 | `timedatectl set-ntp off` disables and stops all listed units. | |
39922217 | 202 | |
33eb44fe AH |
203 | systemd-sulogin-shell: |
204 | ||
205 | * `$SYSTEMD_SULOGIN_FORCE=1` — This skips asking for the root password if the | |
206 | root password is not available (such as when the root account is locked). | |
207 | See `sulogin(8)` for more details. | |
208 | ||
8cbb7d87 LP |
209 | bootctl and other tools that access the EFI System Partition (ESP): |
210 | ||
211 | * `$SYSTEMD_RELAX_ESP_CHECKS=1` — if set, the ESP validation checks are | |
212 | relaxed. Specifically, validation checks that ensure the specified ESP path | |
213 | is a FAT file system are turned off, as are checks that the path is located | |
214 | on a GPT partition with the correct type UUID. | |
215 | ||
cc7a0bfa LP |
216 | * `$SYSTEMD_ESP_PATH=…` — override the path to the EFI System Partition. This |
217 | may be used to override ESP path auto detection, and redirect any accesses to | |
218 | the ESP to the specified directory. Not that unlike with bootctl's --path= | |
219 | switch only very superficial validation of the specified path is done when | |
220 | this environment variable is used. | |
221 | ||
39922217 LP |
222 | systemd itself: |
223 | ||
224 | * `$SYSTEMD_ACTIVATION_UNIT` — set for all NSS and PAM module invocations that | |
225 | are done by the service manager on behalf of a specific unit, in child | |
226 | processes that are later (after execve()) going to become unit | |
227 | processes. Contains the full unit name (e.g. "foobar.service"). NSS and PAM | |
228 | modules can use this information to determine in which context and on whose | |
229 | behalf they are being called, which may be useful to avoid deadlocks, for | |
230 | example to bypass IPC calls to the very service that is about to be | |
231 | started. Note that NSS and PAM modules should be careful to only rely on this | |
232 | data when invoked privileged, or possibly only when getppid() returns 1, as | |
233 | setting environment variables is of course possible in any even unprivileged | |
234 | contexts. | |
235 | ||
236 | * `$SYSTEMD_ACTIVATION_SCOPE` — closely related to `$SYSTEMD_ACTIVATION_UNIT`, | |
237 | it is either set to `system` or `user` depending on whether the NSS/PAM | |
238 | module is called by systemd in `--system` or `--user` mode. | |
59f13dd6 LP |
239 | |
240 | systemd-remount-fs: | |
241 | ||
d238709c | 242 | * `$SYSTEMD_REMOUNT_ROOT_RW=1` — if set and no entry for the root directory |
59f13dd6 LP |
243 | exists in /etc/fstab (this file always takes precedence), then the root |
244 | directory is remounted writable. This is primarily used by | |
245 | systemd-gpt-auto-generator to ensure the root partition is mounted writable | |
246 | in accordance to the GPT partition flags. | |
a7d9fccd LP |
247 | |
248 | systemd-firstboot and localectl: | |
249 | ||
250 | * `SYSTEMD_LIST_NON_UTF8_LOCALES=1` – if set non-UTF-8 locales are listed among | |
251 | the installed ones. By default non-UTF-8 locales are suppressed from the | |
252 | selection, since we are living in the 21st century. |