]>
Commit | Line | Data |
---|---|---|
514094f9 | 1 | <?xml version='1.0'?> |
3a54a157 | 2 | <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" |
444d5863 ZJS |
3 | "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ |
4 | <!ENTITY % entities SYSTEM "custom-entities.ent" > | |
5 | %entities; | |
6 | ]> | |
0307f791 | 7 | <!-- SPDX-License-Identifier: LGPL-2.1+ --> |
f3e219a2 | 8 | |
1b907b5c | 9 | <refentry id="systemd-system.conf" |
798d3a52 ZJS |
10 | xmlns:xi="http://www.w3.org/2001/XInclude"> |
11 | <refentryinfo> | |
12 | <title>systemd-system.conf</title> | |
13 | <productname>systemd</productname> | |
798d3a52 ZJS |
14 | </refentryinfo> |
15 | ||
16 | <refmeta> | |
17 | <refentrytitle>systemd-system.conf</refentrytitle> | |
18 | <manvolnum>5</manvolnum> | |
19 | </refmeta> | |
20 | ||
21 | <refnamediv> | |
22 | <refname>systemd-system.conf</refname> | |
23 | <refname>system.conf.d</refname> | |
24 | <refname>systemd-user.conf</refname> | |
25 | <refname>user.conf.d</refname> | |
26 | <refpurpose>System and session service manager configuration files</refpurpose> | |
27 | </refnamediv> | |
28 | ||
29 | <refsynopsisdiv> | |
03a7b521 LP |
30 | <para><filename>/etc/systemd/system.conf</filename>, |
31 | <filename>/etc/systemd/system.conf.d/*.conf</filename>, | |
32 | <filename>/run/systemd/system.conf.d/*.conf</filename>, | |
33 | <filename>/usr/lib/systemd/system.conf.d/*.conf</filename></para> | |
34 | <para><filename>/etc/systemd/user.conf</filename>, | |
35 | <filename>/etc/systemd/user.conf.d/*.conf</filename>, | |
36 | <filename>/run/systemd/user.conf.d/*.conf</filename>, | |
37 | <filename>/usr/lib/systemd/user.conf.d/*.conf</filename></para> | |
798d3a52 ZJS |
38 | </refsynopsisdiv> |
39 | ||
40 | <refsect1> | |
41 | <title>Description</title> | |
42 | ||
43 | <para>When run as a system instance, systemd interprets the | |
44 | configuration file <filename>system.conf</filename> and the files | |
45 | in <filename>system.conf.d</filename> directories; when run as a | |
46 | user instance, systemd interprets the configuration file | |
47 | <filename>user.conf</filename> and the files in | |
48 | <filename>user.conf.d</filename> directories. These configuration | |
49 | files contain a few settings controlling basic manager | |
0f943ae4 ZJS |
50 | operations. See |
51 | <citerefentry><refentrytitle>systemd.syntax</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
52 | for a general description of the syntax.</para> | |
798d3a52 ZJS |
53 | </refsect1> |
54 | ||
e93549ef | 55 | <xi:include href="standard-conf.xml" xpointer="main-conf" /> |
798d3a52 ZJS |
56 | |
57 | <refsect1> | |
58 | <title>Options</title> | |
59 | ||
60 | <para>All options are configured in the | |
bdac5608 | 61 | [Manager] section:</para> |
798d3a52 | 62 | |
d2acdcc6 | 63 | <variablelist class='config-directives'> |
798d3a52 ZJS |
64 | |
65 | <varlistentry> | |
798d3a52 | 66 | <term><varname>LogColor=</varname></term> |
3d5f0138 | 67 | <term><varname>LogLevel=</varname></term> |
798d3a52 | 68 | <term><varname>LogLocation=</varname></term> |
3d5f0138 | 69 | <term><varname>LogTarget=</varname></term> |
c5673ed0 | 70 | <term><varname>LogTime=</varname></term> |
798d3a52 | 71 | <term><varname>DumpCore=yes</varname></term> |
b9e74c39 | 72 | <term><varname>CrashChangeVT=no</varname></term> |
798d3a52 | 73 | <term><varname>CrashShell=no</varname></term> |
b9e74c39 | 74 | <term><varname>CrashReboot=no</varname></term> |
798d3a52 | 75 | <term><varname>ShowStatus=yes</varname></term> |
798d3a52 ZJS |
76 | <term><varname>DefaultStandardOutput=journal</varname></term> |
77 | <term><varname>DefaultStandardError=inherit</varname></term> | |
78 | ||
33fc1800 LP |
79 | <listitem><para>Configures various parameters of basic manager operation. These options may be overridden by |
80 | the respective process and kernel command line arguments. See | |
81 | <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry> for | |
82 | details.</para></listitem> | |
798d3a52 ZJS |
83 | </varlistentry> |
84 | ||
24dd31c1 LN |
85 | <varlistentry> |
86 | <term><varname>CtrlAltDelBurstAction=</varname></term> | |
87 | ||
88 | <listitem><para>Defines what action will be performed | |
2dd67817 | 89 | if user presses Ctrl-Alt-Delete more than 7 times in 2s. |
ae8c7939 LN |
90 | Can be set to <literal>reboot-force</literal>, <literal>poweroff-force</literal>, |
91 | <literal>reboot-immediate</literal>, <literal>poweroff-immediate</literal> | |
92 | or disabled with <literal>none</literal>. Defaults to | |
24dd31c1 LN |
93 | <literal>reboot-force</literal>. |
94 | </para></listitem> | |
95 | </varlistentry> | |
96 | ||
798d3a52 ZJS |
97 | <varlistentry> |
98 | <term><varname>CPUAffinity=</varname></term> | |
99 | ||
61fbbac1 ZJS |
100 | <listitem><para>Configures the CPU affinity for the service manager as well as the default CPU |
101 | affinity for all forked off processes. Takes a list of CPU indices or ranges separated by either | |
102 | whitespace or commas. CPU ranges are specified by the lower and upper CPU indices separated by a | |
103 | dash. This option may be specified more than once, in which case the specified CPU affinity masks are | |
104 | merged. If the empty string is assigned, the mask is reset, all assignments prior to this will have | |
105 | no effect. Individual services may override the CPU affinity for their processes with the | |
106 | <varname>CPUAffinity=</varname> setting in unit files, see | |
d68c0833 | 107 | <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para></listitem> |
b070c7c0 MS |
108 | </varlistentry> |
109 | ||
110 | <varlistentry> | |
111 | <term><varname>NUMAPolicy=</varname></term> | |
112 | ||
113 | <listitem><para>Configures the NUMA memory policy for the service manager and the default NUMA memory policy | |
114 | for all forked off processes. Individual services may override the default policy with the | |
115 | <varname>NUMAPolicy=</varname> setting in unit files, see | |
116 | <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para></listitem> | |
117 | </varlistentry> | |
118 | ||
119 | <varlistentry> | |
120 | <term><varname>NUMAMask=</varname></term> | |
121 | ||
122 | <listitem><para>Configures the NUMA node mask that will be associated with the selected NUMA policy. Note that | |
123 | <option>default</option> and <option>local</option> NUMA policies don't require explicit NUMA node mask and | |
d238709c | 124 | value of the option can be empty. Similarly to <varname>NUMAPolicy=</varname>, value can be overridden |
b070c7c0 MS |
125 | by individual services in unit files, see |
126 | <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para></listitem> | |
798d3a52 ZJS |
127 | </varlistentry> |
128 | ||
798d3a52 ZJS |
129 | <varlistentry> |
130 | <term><varname>RuntimeWatchdogSec=</varname></term> | |
65224c1d | 131 | <term><varname>RebootWatchdogSec=</varname></term> |
acafd7d8 | 132 | <term><varname>KExecWatchdogSec=</varname></term> |
798d3a52 | 133 | |
bd119026 LP |
134 | <listitem><para>Configure the hardware watchdog at runtime and at reboot. Takes a timeout value in seconds (or |
135 | in other time units if suffixed with <literal>ms</literal>, <literal>min</literal>, <literal>h</literal>, | |
136 | <literal>d</literal>, <literal>w</literal>). If <varname>RuntimeWatchdogSec=</varname> is set to a non-zero | |
137 | value, the watchdog hardware (<filename>/dev/watchdog</filename> or the path specified with | |
138 | <varname>WatchdogDevice=</varname> or the kernel option <varname>systemd.watchdog-device=</varname>) will be | |
139 | programmed to automatically reboot the system if it is not contacted within the specified timeout interval. The | |
140 | system manager will ensure to contact it at least once in half the specified timeout interval. This feature | |
141 | requires a hardware watchdog device to be present, as it is commonly the case in embedded and server | |
142 | systems. Not all hardware watchdogs allow configuration of all possible reboot timeout values, in which case | |
65224c1d | 143 | the closest available timeout is picked. <varname>RebootWatchdogSec=</varname> may be used to configure the |
bd119026 | 144 | hardware watchdog when the system is asked to reboot. It works as a safety net to ensure that the reboot takes |
65224c1d | 145 | place even if a clean reboot attempt times out. Note that the <varname>RebootWatchdogSec=</varname> timeout |
bd119026 LP |
146 | applies only to the second phase of the reboot, i.e. after all regular services are already terminated, and |
147 | after the system and service manager process (PID 1) got replaced by the <filename>systemd-shutdown</filename> | |
148 | binary, see system <citerefentry><refentrytitle>bootup</refentrytitle><manvolnum>7</manvolnum></citerefentry> | |
149 | for details. During the first phase of the shutdown operation the system and service manager remains running | |
150 | and hence <varname>RuntimeWatchdogSec=</varname> is still honoured. In order to define a timeout on this first | |
151 | phase of system shutdown, configure <varname>JobTimeoutSec=</varname> and <varname>JobTimeoutAction=</varname> | |
bdac5608 | 152 | in the [Unit] section of the <filename>shutdown.target</filename> unit. By default |
65224c1d | 153 | <varname>RuntimeWatchdogSec=</varname> defaults to 0 (off), and <varname>RebootWatchdogSec=</varname> to |
acafd7d8 LB |
154 | 10min. <varname>KExecWatchdogSec=</varname> may be used to additionally enable the watchdog when kexec |
155 | is being executed rather than when rebooting. Note that if the kernel does not reset the watchdog on kexec (depending | |
156 | on the specific hardware and/or driver), in this case the watchdog might not get disabled after kexec succeeds | |
157 | and thus the system might get rebooted, unless <varname>RuntimeWatchdogSec=</varname> is also enabled at the same time. | |
158 | For this reason it is recommended to enable <varname>KExecWatchdogSec=</varname> only if | |
159 | <varname>RuntimeWatchdogSec=</varname> is also enabled. | |
160 | These settings have no effect if a hardware watchdog is not available.</para></listitem> | |
798d3a52 ZJS |
161 | </varlistentry> |
162 | ||
c75396c3 EJ |
163 | <varlistentry> |
164 | <term><varname>WatchdogDevice=</varname></term> | |
165 | ||
166 | <listitem><para>Configure the hardware watchdog device that the | |
167 | runtime and shutdown watchdog timers will open and use. Defaults | |
168 | to <filename>/dev/watchdog</filename>. This setting has no | |
169 | effect if a hardware watchdog is not available.</para></listitem> | |
170 | </varlistentry> | |
171 | ||
798d3a52 ZJS |
172 | <varlistentry> |
173 | <term><varname>CapabilityBoundingSet=</varname></term> | |
174 | ||
175 | <listitem><para>Controls which capabilities to include in the | |
176 | capability bounding set for PID 1 and its children. See | |
177 | <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry> | |
178 | for details. Takes a whitespace-separated list of capability | |
179 | names as read by | |
3ba3a79d | 180 | <citerefentry project='mankier'><refentrytitle>cap_from_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>. |
798d3a52 ZJS |
181 | Capabilities listed will be included in the bounding set, all |
182 | others are removed. If the list of capabilities is prefixed | |
183 | with ~, all but the listed capabilities will be included, the | |
184 | effect of the assignment inverted. Note that this option also | |
185 | affects the respective capabilities in the effective, | |
186 | permitted and inheritable capability sets. The capability | |
187 | bounding set may also be individually configured for units | |
188 | using the <varname>CapabilityBoundingSet=</varname> directive | |
189 | for units, but note that capabilities dropped for PID 1 cannot | |
190 | be regained in individual units, they are lost for | |
191 | good.</para></listitem> | |
192 | </varlistentry> | |
193 | ||
39362f6f JB |
194 | <varlistentry> |
195 | <term><varname>NoNewPrivileges=</varname></term> | |
196 | ||
197 | <listitem><para>Takes a boolean argument. If true, ensures that PID 1 | |
198 | and all its children can never gain new privileges through | |
199 | <citerefentry project='man-pages'><refentrytitle>execve</refentrytitle><manvolnum>2</manvolnum></citerefentry> | |
200 | (e.g. via setuid or setgid bits, or filesystem capabilities). | |
201 | Defaults to false. General purpose distributions commonly rely | |
202 | on executables with setuid or setgid bits and will thus not | |
203 | function properly with this option enabled. Individual units | |
204 | cannot disable this option. | |
205 | Also see <ulink url="https://www.kernel.org/doc/html/latest/userspace-api/no_new_privs.html">No New Privileges Flag</ulink>. | |
206 | </para></listitem> | |
207 | </varlistentry> | |
208 | ||
798d3a52 ZJS |
209 | <varlistentry> |
210 | <term><varname>SystemCallArchitectures=</varname></term> | |
211 | ||
212 | <listitem><para>Takes a space-separated list of architecture | |
213 | identifiers. Selects from which architectures system calls may | |
214 | be invoked on this system. This may be used as an effective | |
215 | way to disable invocation of non-native binaries system-wide, | |
216 | for example to prohibit execution of 32-bit x86 binaries on | |
217 | 64-bit x86-64 systems. This option operates system-wide, and | |
218 | acts similar to the | |
219 | <varname>SystemCallArchitectures=</varname> setting of unit | |
220 | files, see | |
221 | <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
222 | for details. This setting defaults to the empty list, in which | |
223 | case no filtering of system calls based on architecture is | |
224 | applied. Known architecture identifiers are | |
225 | <literal>x86</literal>, <literal>x86-64</literal>, | |
226 | <literal>x32</literal>, <literal>arm</literal> and the special | |
227 | identifier <literal>native</literal>. The latter implicitly | |
228 | maps to the native architecture of the system (or more | |
229 | specifically, the architecture the system manager was compiled | |
230 | for). Set this setting to <literal>native</literal> to | |
231 | prohibit execution of any non-native binaries. When a binary | |
232 | executes a system call of an architecture that is not listed | |
233 | in this setting, it will be immediately terminated with the | |
234 | SIGSYS signal.</para></listitem> | |
235 | </varlistentry> | |
236 | ||
237 | <varlistentry> | |
238 | <term><varname>TimerSlackNSec=</varname></term> | |
239 | ||
240 | <listitem><para>Sets the timer slack in nanoseconds for PID 1, | |
241 | which is inherited by all executed processes, unless | |
242 | overridden individually, for example with the | |
243 | <varname>TimerSlackNSec=</varname> setting in service units | |
244 | (for details see | |
245 | <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>). | |
246 | The timer slack controls the accuracy of wake-ups triggered by | |
247 | system timers. See | |
248 | <citerefentry><refentrytitle>prctl</refentrytitle><manvolnum>2</manvolnum></citerefentry> | |
249 | for more information. Note that in contrast to most other time | |
250 | span definitions this parameter takes an integer value in | |
251 | nano-seconds if no unit is specified. The usual time units are | |
252 | understood too.</para></listitem> | |
253 | </varlistentry> | |
254 | ||
36cf4507 ZJS |
255 | <varlistentry> |
256 | <term><varname>StatusUnitFormat=</varname></term> | |
257 | ||
258 | <listitem><para>Takes either <option>name</option> or <option>description</option> as the value. If | |
259 | <option>name</option>, the system manager will use unit names in status messages, instead of the | |
260 | longer and more informative descriptions set with <varname>Description=</varname>, see | |
261 | <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. | |
262 | </para></listitem> | |
263 | </varlistentry> | |
264 | ||
798d3a52 ZJS |
265 | <varlistentry> |
266 | <term><varname>DefaultTimerAccuracySec=</varname></term> | |
267 | ||
268 | <listitem><para>Sets the default accuracy of timer units. This | |
269 | controls the global default for the | |
270 | <varname>AccuracySec=</varname> setting of timer units, see | |
271 | <citerefentry><refentrytitle>systemd.timer</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
272 | for details. <varname>AccuracySec=</varname> set in individual | |
273 | units override the global default for the specific unit. | |
274 | Defaults to 1min. Note that the accuracy of timer units is | |
275 | also affected by the configured timer slack for PID 1, see | |
276 | <varname>TimerSlackNSec=</varname> above.</para></listitem> | |
277 | </varlistentry> | |
278 | ||
279 | <varlistentry> | |
280 | <term><varname>DefaultTimeoutStartSec=</varname></term> | |
281 | <term><varname>DefaultTimeoutStopSec=</varname></term> | |
dc653bf4 | 282 | <term><varname>DefaultTimeoutAbortSec=</varname></term> |
798d3a52 ZJS |
283 | <term><varname>DefaultRestartSec=</varname></term> |
284 | ||
dc653bf4 JK |
285 | <listitem><para>Configures the default timeouts for starting, |
286 | stopping and aborting of units, as well as the default time to sleep | |
798d3a52 ZJS |
287 | between automatic restarts of units, as configured per-unit in |
288 | <varname>TimeoutStartSec=</varname>, | |
dc653bf4 JK |
289 | <varname>TimeoutStopSec=</varname>, |
290 | <varname>TimeoutAbortSec=</varname> and | |
798d3a52 ZJS |
291 | <varname>RestartSec=</varname> (for services, see |
292 | <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
06156ed2 MK |
293 | for details on the per-unit settings). Disabled by default, when |
294 | service with <varname>Type=oneshot</varname> is used. | |
295 | For non-service units, | |
798d3a52 | 296 | <varname>DefaultTimeoutStartSec=</varname> sets the default |
f5a05fb5 LP |
297 | <varname>TimeoutSec=</varname> |
298 | value. <varname>DefaultTimeoutStartSec=</varname> and | |
299 | <varname>DefaultTimeoutStopSec=</varname> default to | |
dc653bf4 JK |
300 | 90s. <varname>DefaultTimeoutAbortSec=</varname> is not set by default |
301 | so that all units fall back to <varname>TimeoutStopSec=</varname>. | |
302 | <varname>DefaultRestartSec=</varname> defaults to | |
f5a05fb5 | 303 | 100ms.</para></listitem> |
798d3a52 ZJS |
304 | </varlistentry> |
305 | ||
306 | <varlistentry> | |
f0367da7 | 307 | <term><varname>DefaultStartLimitIntervalSec=</varname></term> |
798d3a52 ZJS |
308 | <term><varname>DefaultStartLimitBurst=</varname></term> |
309 | ||
310 | <listitem><para>Configure the default unit start rate | |
311 | limiting, as configured per-service by | |
f0367da7 | 312 | <varname>StartLimitIntervalSec=</varname> and |
798d3a52 ZJS |
313 | <varname>StartLimitBurst=</varname>. See |
314 | <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
f5a05fb5 | 315 | for details on the per-service settings. |
f0367da7 | 316 | <varname>DefaultStartLimitIntervalSec=</varname> defaults to |
f5a05fb5 LP |
317 | 10s. <varname>DefaultStartLimitBurst=</varname> defaults to |
318 | 5.</para></listitem> | |
798d3a52 ZJS |
319 | </varlistentry> |
320 | ||
321 | <varlistentry> | |
322 | <term><varname>DefaultEnvironment=</varname></term> | |
323 | ||
324 | <listitem><para>Sets manager environment variables passed to | |
325 | all executed processes. Takes a space-separated list of | |
326 | variable assignments. See | |
327 | <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry> | |
328 | for details about environment variables.</para> | |
329 | ||
330 | <para>Example: | |
331 | ||
332 | <programlisting>DefaultEnvironment="VAR1=word1 word2" VAR2=word3 "VAR3=word 5 6"</programlisting> | |
333 | ||
334 | Sets three variables | |
335 | <literal>VAR1</literal>, | |
336 | <literal>VAR2</literal>, | |
337 | <literal>VAR3</literal>.</para></listitem> | |
338 | </varlistentry> | |
339 | ||
340 | <varlistentry> | |
341 | <term><varname>DefaultCPUAccounting=</varname></term> | |
342 | <term><varname>DefaultBlockIOAccounting=</varname></term> | |
343 | <term><varname>DefaultMemoryAccounting=</varname></term> | |
03a7b521 | 344 | <term><varname>DefaultTasksAccounting=</varname></term> |
b34a2108 | 345 | <term><varname>DefaultIOAccounting=</varname></term> |
8d8631d4 | 346 | <term><varname>DefaultIPAccounting=</varname></term> |
798d3a52 | 347 | |
8d8631d4 DM |
348 | <listitem><para>Configure the default resource accounting settings, as configured per-unit by |
349 | <varname>CPUAccounting=</varname>, <varname>BlockIOAccounting=</varname>, <varname>MemoryAccounting=</varname>, | |
b34a2108 | 350 | <varname>TasksAccounting=</varname>, <varname>IOAccounting=</varname> and <varname>IPAccounting=</varname>. See |
798d3a52 | 351 | <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry> |
5ee91c0d | 352 | for details on the per-unit settings. <varname>DefaultTasksAccounting=</varname> defaults to yes, |
a88c5b8a CD |
353 | <varname>DefaultMemoryAccounting=</varname> to &MEMORY_ACCOUNTING_DEFAULT;. <varname>DefaultCPUAccounting=</varname> |
354 | defaults to yes if enabling CPU accounting doesn't require the CPU controller to be enabled (Linux 4.15+ using the | |
355 | unified hierarchy for resource control), otherwise it defaults to no. The other three settings default to no.</para></listitem> | |
798d3a52 ZJS |
356 | </varlistentry> |
357 | ||
0af20ea2 LP |
358 | <varlistentry> |
359 | <term><varname>DefaultTasksMax=</varname></term> | |
360 | ||
79baeeb9 | 361 | <listitem><para>Configure the default value for the per-unit <varname>TasksMax=</varname> setting. See |
0af20ea2 | 362 | <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry> |
79baeeb9 LP |
363 | for details. This setting applies to all unit types that support resource control settings, with the exception |
364 | of slice units. Defaults to 15%, which equals 4915 with the kernel's defaults on the host, but might be smaller | |
365 | in OS containers.</para></listitem> | |
0af20ea2 LP |
366 | </varlistentry> |
367 | ||
798d3a52 ZJS |
368 | <varlistentry> |
369 | <term><varname>DefaultLimitCPU=</varname></term> | |
370 | <term><varname>DefaultLimitFSIZE=</varname></term> | |
371 | <term><varname>DefaultLimitDATA=</varname></term> | |
372 | <term><varname>DefaultLimitSTACK=</varname></term> | |
373 | <term><varname>DefaultLimitCORE=</varname></term> | |
374 | <term><varname>DefaultLimitRSS=</varname></term> | |
375 | <term><varname>DefaultLimitNOFILE=</varname></term> | |
376 | <term><varname>DefaultLimitAS=</varname></term> | |
377 | <term><varname>DefaultLimitNPROC=</varname></term> | |
378 | <term><varname>DefaultLimitMEMLOCK=</varname></term> | |
379 | <term><varname>DefaultLimitLOCKS=</varname></term> | |
380 | <term><varname>DefaultLimitSIGPENDING=</varname></term> | |
381 | <term><varname>DefaultLimitMSGQUEUE=</varname></term> | |
382 | <term><varname>DefaultLimitNICE=</varname></term> | |
383 | <term><varname>DefaultLimitRTPRIO=</varname></term> | |
384 | <term><varname>DefaultLimitRTTIME=</varname></term> | |
385 | ||
54ed193f LP |
386 | <listitem><para>These settings control various default resource limits for processes executed by |
387 | units. See | |
388 | <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry> for | |
389 | details. These settings may be overridden in individual units using the corresponding | |
e9dd6984 ZJS |
390 | <varname>LimitXXX=</varname> directives and they accept the same parameter syntax, |
391 | see <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
392 | for details. Note that these resource limits are only defaults | |
54ed193f | 393 | for units, they are not applied to the service manager process (i.e. PID 1) itself.</para></listitem> |
798d3a52 | 394 | </varlistentry> |
8e74bf7f LP |
395 | |
396 | <varlistentry> | |
397 | <term><varname>DefaultOOMPolicy=</varname></term> | |
398 | ||
399 | <listitem><para>Configure the default policy for reacting to processes being killed by the Linux | |
400 | Out-Of-Memory (OOM) killer. This may be used to pick a global default for the per-unit | |
401 | <varname>OOMPolicy=</varname> setting. See | |
402 | <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry> | |
403 | for details. Note that this default is not used for services that have <varname>Delegate=</varname> | |
404 | turned on.</para></listitem> | |
405 | </varlistentry> | |
798d3a52 ZJS |
406 | </variablelist> |
407 | </refsect1> | |
408 | ||
409 | <refsect1> | |
410 | <title>See Also</title> | |
411 | <para> | |
412 | <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, | |
413 | <citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>, | |
414 | <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
415 | <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>, | |
416 | <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>, | |
417 | <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry> | |
418 | </para> | |
419 | </refsect1> | |
f3e219a2 LP |
420 | |
421 | </refentry> |