[thirdparty/systemd.git] / man / systemd-run.xml

<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">

<!--
  This file is part of systemd.

  Copyright 2013 Zbigniew Jędrzejewski-Szmek

  systemd is free software; you can redistribute it and/or modify it
  under the terms of the GNU Lesser General Public License as published by
  the Free Software Foundation; either version 2.1 of the License, or
  (at your option) any later version.

  systemd is distributed in the hope that it will be useful, but
  WITHOUT ANY WARRANTY; without even the implied warranty of
  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  Lesser General Public License for more details.

  You should have received a copy of the GNU Lesser General Public License
  along with systemd; If not, see <http://www.gnu.org/licenses/>.
-->

<refentry id="systemd-run"
          xmlns:xi="http://www.w3.org/2001/XInclude">

  <refentryinfo>
    <title>systemd-run</title>
    <productname>systemd</productname>

    <authorgroup>
      <author>
        <contrib>Developer</contrib>
        <firstname>Lennart</firstname>
        <surname>Poettering</surname>
        <email>lennart@poettering.net</email>
      </author>
    </authorgroup>
  </refentryinfo>

  <refmeta>
    <refentrytitle>systemd-run</refentrytitle>
    <manvolnum>1</manvolnum>
  </refmeta>

  <refnamediv>
    <refname>systemd-run</refname>
    <refpurpose>Run programs in transient scope units, service units, or timer-scheduled service units</refpurpose>
  </refnamediv>

  <refsynopsisdiv>
    <cmdsynopsis>
      <command>systemd-run</command>
      <arg choice="opt" rep="repeat">OPTIONS</arg>
      <arg choice="plain"><replaceable>COMMAND</replaceable>
      <arg choice="opt" rep="repeat">ARGS</arg>
      </arg>
    </cmdsynopsis>
    <cmdsynopsis>
      <command>systemd-run</command>
      <arg choice="opt" rep="repeat">OPTIONS</arg>
      <arg choice="opt" rep="repeat">TIMER OPTIONS</arg>
      <arg choice="req"><replaceable>COMMAND</replaceable></arg>
      <arg choice="opt" rep="repeat">ARGS</arg>
    </cmdsynopsis>
  </refsynopsisdiv>

  <refsect1>
    <title>Description</title>

    <para><command>systemd-run</command> may be used to create and start a transient <filename>.service</filename> or
    <filename>.scope</filename> unit and run the specified <replaceable>COMMAND</replaceable> in it. It may also be
    used to create and start a transient <filename>.timer</filename> unit, that activates a
    <filename>.service</filename> unit when elapsing.</para>

    <para>If a command is run as transient service unit, it will be started and managed by the service manager like any
    other service, and thus shows up in the output of <command>systemctl list-units</command> like any other unit. It
    will run in a clean and detached execution environment, with the service manager as its parent process. In this
    mode, <command>systemd-run</command> will start the service asynchronously in the background and return after the
    command has begun execution (unless <option>--no-block</option> or <option>--wait</option> are specified, see
    below).</para>

    <para>If a command is run as transient scope unit, it will be executed by <command>systemd-run</command> itself as
    parent process and will thus inherit the execution environment of the caller. However, the processes of the command
    are managed by the service manager similar to normal services, and will show up in the output of <command>systemctl
    list-units</command>. Execution in this case is synchronous, and will return only when the command finishes. This
    mode is enabled via the <option>--scope</option> switch (see below). </para>

    <para>If a command is run with timer options such as <option>--on-calendar=</option> (see below), a transient timer
    unit is created alongside the service unit for the specified command. Only the transient timer unit is started
    immediately, the transient service unit will be started when the timer elapses. If the <option>--unit=</option>
    option is specified, the <replaceable>COMMAND</replaceable> may be omitted. In this case,
    <command>systemd-run</command> creates only a <filename>.timer</filename> unit that invokes the specified unit when
    elapsing.</para>
  </refsect1>

  <refsect1>
    <title>Options</title>

    <para>The following options are understood:</para>

    <variablelist>
      <varlistentry>
        <term><option>--no-ask-password</option></term>

        <listitem><para>Do not query the user for authentication for
        privileged operations.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--scope</option></term>

        <listitem>
          <para>Create a transient <filename>.scope</filename> unit instead of the default transient
          <filename>.service</filename> unit (see above).
          </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--unit=</option></term>

        <listitem><para>Use this unit name instead of an automatically
        generated one.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--property=</option></term>
        <term><option>-p</option></term>

        <listitem><para>Sets a property on the scope or service unit that is created. This option takes an assignment
        in the same format as
        <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
        <command>set-property</command> command.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--description=</option></term>

        <listitem><para>Provide a description for the service, scope or timer unit. If not specified, the command
        itself will be used as a description. See <varname>Description=</varname> in
        <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
        </para></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--slice=</option></term>

        <listitem><para>Make the new <filename>.service</filename> or <filename>.scope</filename> unit part of the
        specified slice, instead of <filename>system.slice</filename>.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--remain-after-exit</option></term>

        <listitem><para>After the service process has terminated, keep the service around until it is explicitly
        stopped. This is useful to collect runtime information about the service after it finished running. Also see
        <varname>RemainAfterExit=</varname> in
        <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
        </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--send-sighup</option></term>

        <listitem><para>When terminating the scope or service unit, send a SIGHUP immediately after SIGTERM. This is
        useful to indicate to shells and shell-like processes that the connection has been severed. Also see
        <varname>SendSIGHUP=</varname> in
        <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
        </para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--service-type=</option></term>

        <listitem><para>Sets the service type. Also see
        <varname>Type=</varname> in
        <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>. This
        option has no effect in conjunction with
        <option>--scope</option>. Defaults to
        <constant>simple</constant>.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--uid=</option></term>
        <term><option>--gid=</option></term>

        <listitem><para>Runs the service process under the specified UNIX user and group. Also see
        <varname>User=</varname> and <varname>Group=</varname> in
        <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--nice=</option></term>

        <listitem><para>Runs the service process with the specified
        nice level. Also see <varname>Nice=</varname> in
        <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>-E <replaceable>NAME</replaceable>=<replaceable>VALUE</replaceable></option></term>
        <term><option>--setenv=<replaceable>NAME</replaceable>=<replaceable>VALUE</replaceable></option></term>

        <listitem><para>Runs the service process with the specified environment variable set.
        Also see <varname>Environment=</varname> in
        <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--pty</option></term>
        <term><option>-t</option></term>

        <listitem><para>When invoking the command, the transient service connects its standard input, output and error
        to the terminal <command>systemd-run</command> is invoked on, via a pseudo TTY device. This allows running
        programs that expect interactive user input/output as services, such as interactive command shells.</para>

        <para>Note that
        <citerefentry><refentrytitle>machinectl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
        <command>shell</command> command is usually a better alternative for requesting a new, interactive login
        session on the local host or a local container.</para>

        <para>See below for details on how this switch combines with <option>--pipe</option>.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--pipe</option></term>
        <term><option>-P</option></term>

        <listitem><para>If specified, standard input, output, and error of the transient service are inherited from the
        <command>systemd-run</command> command itself. This allows <command>systemd-run</command>
        to be used within shell pipelines.
        Note that this mode is not suitable for interactive command shells and similar, as the
        service process will become a TTY controller when invoked on a terminal. Use <option>--pty</option> instead
        in that case.</para>

        <para>When both <option>--pipe</option> and <option>--pty</option> are used in combination the more appropriate
        option is automatically determined and used. Specifically, when invoked with standard input, output and error
        connected to a TTY <option>--pty</option> is used, and otherwise <option>--pipe</option>.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--quiet</option></term>
        <term><option>-q</option></term>

        <listitem><para>Suppresses additional informational output
        while running. This is particularly useful in combination with
        <option>--pty</option> when it will suppress the initial
        message explaining how to terminate the TTY connection.</para></listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--on-active=</option></term>
        <term><option>--on-boot=</option></term>
        <term><option>--on-startup=</option></term>
        <term><option>--on-unit-active=</option></term>
        <term><option>--on-unit-inactive=</option></term>

        <listitem><para>Defines a monotonic timer relative to different starting points for starting the specified
        command. See <varname>OnActiveSec=</varname>, <varname>OnBootSec=</varname>, <varname>OnStartupSec=</varname>,
        <varname>OnUnitActiveSec=</varname> and <varname>OnUnitInactiveSec=</varname> in
        <citerefentry><refentrytitle>systemd.timer</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
        details. These options may not be combined with <option>--scope</option> or <option>--pty</option>.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--on-calendar=</option></term>

        <listitem><para>Defines a calendar timer for starting the specified command. See <varname>OnCalendar=</varname>
        in <citerefentry><refentrytitle>systemd.timer</refentrytitle><manvolnum>5</manvolnum></citerefentry>. This
        option may not be combined with <option>--scope</option> or <option>--pty</option>.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--timer-property=</option></term>

        <listitem><para>Sets a property on the timer unit that is created. This option is similar to
        <option>--property=</option> but applies to the transient timer unit rather than the transient service unit
        created. This option only has an effect in conjunction with <option>--on-active=</option>,
        <option>--on-boot=</option>, <option>--on-startup=</option>, <option>--on-unit-active=</option>,
        <option>--on-unit-inactive=</option> or <option>--on-calendar=</option>. This option takes an assignment in the
        same format as <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
        <command>set-property</command> command.</para> </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--no-block</option></term>

        <listitem>
          <para>Do not synchronously wait for the unit start operation to finish. If this option is not specified, the
          start request for the transient unit will be verified, enqueued and <command>systemd-run</command> will wait
          until the unit's start-up is completed. By passing this argument, it is only verified and enqueued. This
          option may not be combined with <option>--wait</option>.</para>
        </listitem>
      </varlistentry>

      <varlistentry>
        <term><option>--wait</option></term>

        <listitem><para>Synchronously wait for the transient service to terminate. If this option is specified, the
        start request for the transient unit is verified, enqueued, and waited for. Subsequently the invoked unit is
        monitored, and it is waited until it is deactivated again (most likely because the specified command
        completed). On exit, terse information about the unit's runtime is shown, including total runtime (as well as
        CPU usage, if <option>--property=CPUAccounting=1</option> was set) and the exit code and status of the main
        process. This output may be suppressed with <option>--quiet</option>. This option may not be combined with
        <option>--no-block</option>, <option>--scope</option> or the various timer options.</para></listitem>
      </varlistentry>

      <xi:include href="user-system-options.xml" xpointer="user" />
      <xi:include href="user-system-options.xml" xpointer="system" />
      <xi:include href="user-system-options.xml" xpointer="host" />
      <xi:include href="user-system-options.xml" xpointer="machine" />

      <xi:include href="standard-options.xml" xpointer="help" />
      <xi:include href="standard-options.xml" xpointer="version" />
    </variablelist>

    <para>All command line arguments after the first non-option
    argument become part of the command line of the launched
    process. If a command is run as service unit, its first argument
    needs to be an absolute binary path.</para>
  </refsect1>

  <refsect1>
    <title>Exit status</title>

    <para>On success, 0 is returned, a non-zero failure
    code otherwise.</para>
  </refsect1>

  <refsect1>
    <title>Examples</title>

    <example>
      <title>Logging environment variables provided by systemd to services</title>

      <programlisting># systemd-run env
Running as unit: run-19945.service
# journalctl -u run-19945.service
Sep 08 07:37:21 bupkis systemd[1]: Starting /usr/bin/env...
Sep 08 07:37:21 bupkis systemd[1]: Started /usr/bin/env.
Sep 08 07:37:21 bupkis env[19948]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
Sep 08 07:37:21 bupkis env[19948]: LANG=en_US.UTF-8
Sep 08 07:37:21 bupkis env[19948]: BOOT_IMAGE=/vmlinuz-3.11.0-0.rc5.git6.2.fc20.x86_64</programlisting>
    </example>

    <example>
      <title>Limiting resources available to a command</title>

      <programlisting># systemd-run -p BlockIOWeight=10 updatedb</programlisting>

      <para>This command invokes the
      <citerefentry project='man-pages'><refentrytitle>updatedb</refentrytitle><manvolnum>8</manvolnum></citerefentry>
      tool, but lowers the block I/O weight for it to 10. See
      <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
      for more information on the <varname>BlockIOWeight=</varname>
      property.</para>
    </example>

    <example>
      <title>Running commands at a specified time</title>

      <para>The following command will touch a file after 30 seconds.</para>

      <programlisting># date; systemd-run --on-active=30 --timer-property=AccuracySec=100ms /bin/touch /tmp/foo
Mon Dec  8 20:44:24 KST 2014
Running as unit: run-71.timer
Will run service as unit: run-71.service
# journalctl -b -u run-71.timer
-- Logs begin at Fri 2014-12-05 19:09:21 KST, end at Mon 2014-12-08 20:44:54 KST. --
Dec 08 20:44:38 container systemd[1]: Starting /bin/touch /tmp/foo.
Dec 08 20:44:38 container systemd[1]: Started /bin/touch /tmp/foo.
# journalctl -b -u run-71.service
-- Logs begin at Fri 2014-12-05 19:09:21 KST, end at Mon 2014-12-08 20:44:54 KST. --
Dec 08 20:44:48 container systemd[1]: Starting /bin/touch /tmp/foo...
Dec 08 20:44:48 container systemd[1]: Started /bin/touch /tmp/foo.</programlisting>
    </example>

    <example>
      <title>Allowing access to the tty</title>

      <para>The following command invokes <filename>/bin/bash</filename> as a service
      passing its standard input, output and error to the calling TTY.</para>

      <programlisting># systemd-run -t --send-sighup /bin/bash</programlisting>
    </example>

    <example>
      <title>Start <command>screen</command> as a user service</title>

      <programlisting>$ systemd-run --scope --user screen
Running scope as unit run-r14b0047ab6df45bfb45e7786cc839e76.scope.

$ screen -ls
There is a screen on:
        492..laptop     (Detached)
1 Socket in /var/run/screen/S-fatima.
</programlisting>

      <para>This starts the <command>screen</command> process as a child of the
      <command>systemd --user</command> process that was started by
      <filename>user@.service</filename>, in a scope unit. A
      <citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>
      unit is used instead of a
      <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
      unit, because <command>screen</command> will exit when detaching from the terminal,
      and a service unit would be terminated. Running <command>screen</command>
      as a user unit has the advantage that it is not part of the session scope.
      If <varname>KillUserProcesses=yes</varname> is configured in
      <citerefentry><refentrytitle>logind.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
      the default, the session scope will be terminated when the user logs
      out of that session.</para>

      <para>The <filename>user@.service</filename> is started automatically
      when the user first logs in, and stays around as long as at least one
      login session is open. After the user logs out of the last session,
      <filename>user@.service</filename> and all services underneath it
      are terminated. This behavior is the default, when "lingering" is
      not enabled for that user. Enabling lingering means that
      <filename>user@.service</filename> is started automatically during
      boot, even if the user is not logged in, and that the service is
      not terminated when the user logs out.</para>

      <para>Enabling lingering allows the user to run processes without being logged in,
      for example to allow <command>screen</command> to persist after the user logs out,
      even if the session scope is terminated. In the default configuration, users can
      enable lingering for themselves:</para>

      <programlisting>$ loginctl enable-linger</programlisting>
    </example>
  </refsect1>

  <refsect1>
    <title>See Also</title>
    <para>
      <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>systemd.timer</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>systemd-mount</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
      <citerefentry><refentrytitle>machinectl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
    </para>
  </refsect1>

</refentry>