]> git.ipfire.org Git - thirdparty/systemd.git/blame - man/systemd.unit.xml
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
man: document that some unit types do not support unit aliases via symlinks
[thirdparty/systemd.git] / man / systemd.unit.xml
CommitLineData
c129bd5d 1<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
d1ab0ca0 2<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
798d3a52 3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [
1a13e31d
ZJS		 4<!ENTITY % entities SYSTEM "custom-entities.ent" >
5%entities;
6]>
d1ab0ca0
LP		 7
8<!--
9 This file is part of systemd.
10
11 Copyright 2010 Lennart Poettering
12
13 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 14 under the terms of the GNU Lesser General Public License as published by
15 the Free Software Foundation; either version 2.1 of the License, or
d1ab0ca0
LP		 16 (at your option) any later version.
17
18 systemd is distributed in the hope that it will be useful, but
19 WITHOUT ANY WARRANTY; without even the implied warranty of
20 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 21 Lesser General Public License for more details.
d1ab0ca0 22
5430f7f2 23 You should have received a copy of the GNU Lesser General Public License
d1ab0ca0
LP		 24 along with systemd; If not, see <http://www.gnu.org/licenses/>.
25-->
26
27<refentry id="systemd.unit">
28
798d3a52
ZJS		 29 <refentryinfo>
30 <title>systemd.unit</title>
31 <productname>systemd</productname>
32
33 <authorgroup>
34 <author>
35 <contrib>Developer</contrib>
36 <firstname>Lennart</firstname>
37 <surname>Poettering</surname>
38 <email>lennart@poettering.net</email>
39 </author>
40 </authorgroup>
41 </refentryinfo>
42
43 <refmeta>
44 <refentrytitle>systemd.unit</refentrytitle>
45 <manvolnum>5</manvolnum>
46 </refmeta>
47
48 <refnamediv>
49 <refname>systemd.unit</refname>
50 <refpurpose>Unit configuration</refpurpose>
51 </refnamediv>
52
53 <refsynopsisdiv>
54 <para><filename><replaceable>service</replaceable>.service</filename>,
55 <filename><replaceable>socket</replaceable>.socket</filename>,
56 <filename><replaceable>device</replaceable>.device</filename>,
57 <filename><replaceable>mount</replaceable>.mount</filename>,
58 <filename><replaceable>automount</replaceable>.automount</filename>,
59 <filename><replaceable>swap</replaceable>.swap</filename>,
60 <filename><replaceable>target</replaceable>.target</filename>,
61 <filename><replaceable>path</replaceable>.path</filename>,
62 <filename><replaceable>timer</replaceable>.timer</filename>,
798d3a52
ZJS		 63 <filename><replaceable>slice</replaceable>.slice</filename>,
64 <filename><replaceable>scope</replaceable>.scope</filename></para>
65
12b42c76 66 <para><literallayout><filename>/etc/systemd/system/*</filename>
13219b7f 67<filename>/run/systemd/system/*</filename>
12b42c76 68<filename>/usr/lib/systemd/system/*</filename>
f6e1bd2c 69<filename>…</filename>
798d3a52 70 </literallayout></para>
13219b7f 71
f6e1bd2c 72 <para><literallayout><filename>~/.config/systemd/user/*</filename>
12b42c76 73<filename>/etc/systemd/user/*</filename>
aa08982d 74<filename>$XDG_RUNTIME_DIR/systemd/user/*</filename>
13219b7f 75<filename>/run/systemd/user/*</filename>
f6e1bd2c 76<filename>~/.local/share/systemd/user/*</filename>
12b42c76 77<filename>/usr/lib/systemd/user/*</filename>
f6e1bd2c 78<filename>…</filename>
798d3a52
ZJS		 79 </literallayout></para>
80 </refsynopsisdiv>
81
82 <refsect1>
83 <title>Description</title>
84
85 <para>A unit configuration file encodes information about a
86 service, a socket, a device, a mount point, an automount point, a
87 swap file or partition, a start-up target, a watched file system
88 path, a timer controlled and supervised by
89 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
36b4a7ba 90 a resource management slice or
798d3a52
ZJS		 91 a group of externally created processes. The syntax is inspired by
92 <ulink
93 url="http://standards.freedesktop.org/desktop-entry-spec/latest/">XDG
94 Desktop Entry Specification</ulink> <filename>.desktop</filename>
95 files, which are in turn inspired by Microsoft Windows
96 <filename>.ini</filename> files.</para>
97
98 <para>This man page lists the common configuration options of all
99 the unit types. These options need to be configured in the [Unit]
100 or [Install] sections of the unit files.</para>
101
102 <para>In addition to the generic [Unit] and [Install] sections
103 described here, each unit may have a type-specific section, e.g.
104 [Service] for a service unit. See the respective man pages for
105 more information:
106 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
107 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
108 <citerefentry><refentrytitle>systemd.device</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
109 <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
110 <citerefentry><refentrytitle>systemd.automount</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
111 <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
112 <citerefentry><refentrytitle>systemd.target</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
113 <citerefentry><refentrytitle>systemd.path</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
114 <citerefentry><refentrytitle>systemd.timer</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
36b4a7ba 115 <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
798d3a52
ZJS		 116 <citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
117 </para>
118
119 <para>Various settings are allowed to be specified more than once,
120 in which case the interpretation depends on the setting. Often,
121 multiple settings form a list, and setting to an empty value
122 "resets", which means that previous assignments are ignored. When
123 this is allowed, it is mentioned in the description of the
124 setting. Note that using multiple assignments to the same value
125 makes the unit file incompatible with parsers for the XDG
126 <filename>.desktop</filename> file format.</para>
127
128 <para>Unit files are loaded from a set of paths determined during
129 compilation, described in the next section.</para>
130
131 <para>Unit files may contain additional options on top of those
132 listed here. If systemd encounters an unknown option, it will
133 write a warning log message but continue loading the unit. If an
134 option or section name is prefixed with <option>X-</option>, it is
135 ignored completely by systemd. Options within an ignored section
136 do not need the prefix. Applications may use this to include
137 additional information in the unit files.</para>
138
139 <para>Boolean arguments used in unit files can be written in
140 various formats. For positive settings the strings
141 <option>1</option>, <option>yes</option>, <option>true</option>
142 and <option>on</option> are equivalent. For negative settings, the
143 strings <option>0</option>, <option>no</option>,
144 <option>false</option> and <option>off</option> are
145 equivalent.</para>
146
147 <para>Time span values encoded in unit files can be written in
148 various formats. A stand-alone number specifies a time in seconds.
149 If suffixed with a time unit, the unit is honored. A concatenation
150 of multiple values with units is supported, in which case the
151 values are added up. Example: "50" refers to 50 seconds; "2min
152 200ms" refers to 2 minutes plus 200 milliseconds, i.e. 120200ms.
153 The following time units are understood: s, min, h, d, w, ms, us.
154 For details see
155 <citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
156
157 <para>Empty lines and lines starting with # or ; are
158 ignored. This may be used for commenting. Lines ending
159 in a backslash are concatenated with the following
160 line while reading and the backslash is replaced by a
161 space character. This may be used to wrap long lines.</para>
162
163 <para>Along with a unit file <filename>foo.service</filename>, the
164 directory <filename>foo.service.wants/</filename> may exist. All
165 unit files symlinked from such a directory are implicitly added as
166 dependencies of type <varname>Wants=</varname> to the unit. This
167 is useful to hook units into the start-up of other units, without
168 having to modify their unit files. For details about the semantics
169 of <varname>Wants=</varname>, see below. The preferred way to
170 create symlinks in the <filename>.wants/</filename> directory of a
171 unit file is with the <command>enable</command> command of the
172 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
173 tool which reads information from the [Install] section of unit
174 files (see below). A similar functionality exists for
175 <varname>Requires=</varname> type dependencies as well, the
176 directory suffix is <filename>.requires/</filename> in this
177 case.</para>
178
be73bb48
LP		 179 <para>Along with a unit file <filename>foo.service</filename>, a "drop-in" directory
180 <filename>foo.service.d/</filename> may exist. All files with the suffix <literal>.conf</literal> from this
da25e029
ZJS		 181 directory will be parsed after the file itself is parsed. This is useful to alter or add configuration settings for
182 a unit, without having to modify unit files. Each drop-in file must have appropriate section headers. Note that for
183 instantiated units, this logic will first look for the instance <literal>.d/</literal> subdirectory and read its
184 <literal>.conf</literal> files, followed by the template <literal>.d/</literal> subdirectory and the
185 <literal>.conf</literal> files there. Also note that settings from the <literal>[Install]</literal> section are not
186 honoured in drop-in unit files, and have no effect.</para>
798d3a52 187
0cf4c0d1
CA		 188 <para>In addition to <filename>/etc/systemd/system</filename>,
189 the drop-in <literal>.conf</literal> files for system services
190 can be placed in <filename>/usr/lib/systemd/system</filename> or
191 <filename>/run/systemd/system</filename> directories. Drop-in
192 files in <filename>/etc</filename> take precedence over those in
193 <filename>/run</filename> which in turn take precedence over
194 those in <filename>/usr/lib</filename>. Drop-in files under any of
195 these directories take precedence over unit files wherever located.
196 (Of course, since <filename>/run</filename> is temporary and
197 <filename>/usr/lib</filename> is for vendors, it is unlikely
198 drop-ins should be used in either of those places.)</para>
798d3a52
ZJS		 199 <!-- Note that we do not document .include here, as we
200 consider it mostly obsolete, and want people to
201 use .d/ drop-ins instead. -->
202
798d3a52
ZJS		 203 <para>Some unit names reflect paths existing in the file system
204 namespace. Example: a device unit
205 <filename>dev-sda.device</filename> refers to a device with the
206 device node <filename noindex='true'>/dev/sda</filename> in the
207 file system namespace. If this applies, a special way to escape
208 the path name is used, so that the result is usable as part of a
b938cb90 209 filename. Basically, given a path, "/" is replaced by "-", and all
798d3a52
ZJS		 210 other characters which are not ASCII alphanumerics are replaced by
211 C-style "\x2d" escapes (except that "_" is never replaced and "."
212 is only replaced when it would be the first character in the
213 escaped path). The root directory "/" is encoded as single dash,
214 while otherwise the initial and ending "/" are removed from all
215 paths during transformation. This escaping is reversible. Properly
216 escaped paths can be generated using the
217 <citerefentry><refentrytitle>systemd-escape</refentrytitle><manvolnum>1</manvolnum></citerefentry>
218 command.</para>
219
220 <para>Optionally, units may be instantiated from a
221 template file at runtime. This allows creation of
222 multiple units from a single configuration file. If
223 systemd looks for a unit configuration file, it will
224 first search for the literal unit name in the
225 file system. If that yields no success and the unit
226 name contains an <literal>@</literal> character, systemd will look for a
227 unit template that shares the same name but with the
228 instance string (i.e. the part between the <literal>@</literal> character
229 and the suffix) removed. Example: if a service
230 <filename>getty@tty3.service</filename> is requested
231 and no file by that name is found, systemd will look
232 for <filename>getty@.service</filename> and
233 instantiate a service from that configuration file if
234 it is found.</para>
235
236 <para>To refer to the instance string from within the
237 configuration file you may use the special <literal>%i</literal>
238 specifier in many of the configuration options. See below for
239 details.</para>
240
241 <para>If a unit file is empty (i.e. has the file size 0) or is
242 symlinked to <filename>/dev/null</filename>, its configuration
243 will not be loaded and it appears with a load state of
244 <literal>masked</literal>, and cannot be activated. Use this as an
245 effective way to fully disable a unit, making it impossible to
246 start it even manually.</para>
247
248 <para>The unit file format is covered by the
249 <ulink
250 url="http://www.freedesktop.org/wiki/Software/systemd/InterfaceStabilityPromise">Interface
251 Stability Promise</ulink>.</para>
252
253 </refsect1>
254
c129bd5d
LP		 255 <refsect1>
256 <title>Automatic Dependencies</title>
257
258 <para>Note that while systemd offers a flexible dependency system
259 between units it is recommended to use this functionality only
260 sparingly and instead rely on techniques such as bus-based or
261 socket-based activation which make dependencies implicit,
262 resulting in a both simpler and more flexible system.</para>
263
264 <para>A number of unit dependencies are automatically established,
265 depending on unit configuration. On top of that, for units with
266 <varname>DefaultDependencies=yes</varname> (the default) a couple
267 of additional dependencies are added. The precise effect of
268 <varname>DefaultDependencies=yes</varname> depends on the unit
269 type (see below).</para>
270
271 <para>If <varname>DefaultDependencies=yes</varname> is set, units
272 that are referenced by other units of type
273 <filename>.target</filename> via a <varname>Wants=</varname> or
274 <varname>Requires=</varname> dependency might automatically gain
275 an <varname>Before=</varname> dependency too. See
276 <citerefentry><refentrytitle>systemd.target</refentrytitle><manvolnum>5</manvolnum></citerefentry>
277 for details.</para>
278 </refsect1>
279
798d3a52 280 <refsect1>
f757855e 281 <title>Unit File Load Path</title>
798d3a52
ZJS		 282
283 <para>Unit files are loaded from a set of paths determined during
284 compilation, described in the two tables below. Unit files found
285 in directories listed earlier override files with the same name in
286 directories lower in the list.</para>
287
aa3e4400
EV		 288 <para>When the variable <varname>$SYSTEMD_UNIT_PATH</varname> is set,
289 the contents of this variable overrides the unit load path. If
798d3a52
ZJS		 290 <varname>$SYSTEMD_UNIT_PATH</varname> ends with an empty component
291 (<literal>:</literal>), the usual unit load path will be appended
292 to the contents of the variable.</para>
293
294 <table>
295 <title>
296 Load path when running in system mode (<option>--system</option>).
297 </title>
298
299 <tgroup cols='2'>
300 <colspec colname='path' />
301 <colspec colname='expl' />
302 <thead>
303 <row>
304 <entry>Path</entry>
305 <entry>Description</entry>
306 </row>
307 </thead>
308 <tbody>
309 <row>
12b42c76 310 <entry><filename>/etc/systemd/system</filename></entry>
798d3a52
ZJS		 311 <entry>Local configuration</entry>
312 </row>
313 <row>
314 <entry><filename>/run/systemd/system</filename></entry>
315 <entry>Runtime units</entry>
316 </row>
317 <row>
12b42c76 318 <entry><filename>/usr/lib/systemd/system</filename></entry>
798d3a52
ZJS		 319 <entry>Units of installed packages</entry>
320 </row>
321 </tbody>
322 </tgroup>
323 </table>
324
325 <table>
326 <title>
327 Load path when running in user mode (<option>--user</option>).
328 </title>
329
330 <tgroup cols='2'>
331 <colspec colname='path' />
332 <colspec colname='expl' />
333 <thead>
334 <row>
335 <entry>Path</entry>
336 <entry>Description</entry>
337 </row>
338 </thead>
339 <tbody>
340 <row>
341 <entry><filename>$XDG_CONFIG_HOME/systemd/user</filename></entry>
342 <entry>User configuration (only used when $XDG_CONFIG_HOME is set)</entry>
343 </row>
344 <row>
345 <entry><filename>$HOME/.config/systemd/user</filename></entry>
346 <entry>User configuration (only used when $XDG_CONFIG_HOME is not set)</entry>
347 </row>
348 <row>
12b42c76 349 <entry><filename>/etc/systemd/user</filename></entry>
798d3a52
ZJS		 350 <entry>Local configuration</entry>
351 </row>
352 <row>
353 <entry><filename>$XDG_RUNTIME_DIR/systemd/user</filename></entry>
354 <entry>Runtime units (only used when $XDG_RUNTIME_DIR is set)</entry>
355 </row>
356 <row>
357 <entry><filename>/run/systemd/user</filename></entry>
358 <entry>Runtime units</entry>
359 </row>
360 <row>
361 <entry><filename>$XDG_DATA_HOME/systemd/user</filename></entry>
362 <entry>Units of packages that have been installed in the home directory (only used when $XDG_DATA_HOME is set)</entry>
363 </row>
364 <row>
365 <entry><filename>$HOME/.local/share/systemd/user</filename></entry>
366 <entry>Units of packages that have been installed in the home directory (only used when $XDG_DATA_HOME is not set)</entry>
367 </row>
368 <row>
12b42c76 369 <entry><filename>/usr/lib/systemd/user</filename></entry>
798d3a52
ZJS		 370 <entry>Units of packages that have been installed system-wide</entry>
371 </row>
372 </tbody>
373 </tgroup>
374 </table>
375
376 <para>Additional units might be loaded into systemd ("linked")
377 from directories not on the unit load path. See the
378 <command>link</command> command for
379 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
b1c1a519
ZC		 380 Also, some units are dynamically created via a
381 <citerefentry><refentrytitle>systemd.generator</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
798d3a52
ZJS		 382 </para>
383 </refsect1>
384
385 <refsect1>
386 <title>[Unit] Section Options</title>
387
a8eaaee7 388 <para>The unit file may include a [Unit] section, which carries
798d3a52
ZJS		 389 generic information about the unit that is not dependent on the
390 type of unit:</para>
391
392 <variablelist class='unit-directives'>
393
394 <varlistentry>
395 <term><varname>Description=</varname></term>
396 <listitem><para>A free-form string describing the unit. This
397 is intended for use in UIs to show descriptive information
398 along with the unit name. The description should contain a
399 name that means something to the end user. <literal>Apache2
400 Web Server</literal> is a good example. Bad examples are
401 <literal>high-performance light-weight HTTP server</literal>
402 (too generic) or <literal>Apache2</literal> (too specific and
403 meaningless for people who do not know
404 Apache).</para></listitem>
405 </varlistentry>
406
407 <varlistentry>
408 <term><varname>Documentation=</varname></term>
409 <listitem><para>A space-separated list of URIs referencing
410 documentation for this unit or its configuration. Accepted are
411 only URIs of the types <literal>http://</literal>,
412 <literal>https://</literal>, <literal>file:</literal>,
413 <literal>info:</literal>, <literal>man:</literal>. For more
414 information about the syntax of these URIs, see <citerefentry
415 project='man-pages'><refentrytitle>uri</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
416 The URIs should be listed in order of relevance, starting with
417 the most relevant. It is a good idea to first reference
418 documentation that explains what the unit's purpose is,
419 followed by how it is configured, followed by any other
420 related documentation. This option may be specified more than
421 once, in which case the specified list of URIs is merged. If
422 the empty string is assigned to this option, the list is reset
423 and all prior assignments will have no
424 effect.</para></listitem>
425 </varlistentry>
426
427 <varlistentry>
428 <term><varname>Requires=</varname></term>
429
430 <listitem><para>Configures requirement dependencies on other
431 units. If this unit gets activated, the units listed here will
432 be activated as well. If one of the other units gets
433 deactivated or its activation fails, this unit will be
434 deactivated. This option may be specified more than once or
435 multiple space-separated units may be specified in one option
436 in which case requirement dependencies for all listed names
437 will be created. Note that requirement dependencies do not
438 influence the order in which services are started or stopped.
439 This has to be configured independently with the
440 <varname>After=</varname> or <varname>Before=</varname>
441 options. If a unit <filename>foo.service</filename> requires a
442 unit <filename>bar.service</filename> as configured with
443 <varname>Requires=</varname> and no ordering is configured
444 with <varname>After=</varname> or <varname>Before=</varname>,
445 then both units will be started simultaneously and without any
446 delay between them if <filename>foo.service</filename> is
b938cb90 447 activated. Often, it is a better choice to use
798d3a52
ZJS		 448 <varname>Wants=</varname> instead of
449 <varname>Requires=</varname> in order to achieve a system that
450 is more robust when dealing with failing services.</para>
451
452 <para>Note that dependencies of this type may also be
453 configured outside of the unit configuration file by adding a
454 symlink to a <filename>.requires/</filename> directory
b938cb90 455 accompanying the unit file. For details, see
798d3a52
ZJS		 456 above.</para></listitem>
457 </varlistentry>
458
798d3a52
ZJS		 459 <varlistentry>
460 <term><varname>Requisite=</varname></term>
798d3a52 461
f32b43bd 462 <listitem><para>Similar to <varname>Requires=</varname>.
798d3a52
ZJS		 463 However, if the units listed here are not started already,
464 they will not be started and the transaction will fail
465 immediately. </para></listitem>
466 </varlistentry>
467
468 <varlistentry>
469 <term><varname>Wants=</varname></term>
470
471 <listitem><para>A weaker version of
472 <varname>Requires=</varname>. Units listed in this option will
473 be started if the configuring unit is. However, if the listed
474 units fail to start or cannot be added to the transaction,
475 this has no impact on the validity of the transaction as a
476 whole. This is the recommended way to hook start-up of one
477 unit to the start-up of another unit.</para>
478
479 <para>Note that dependencies of this type may also be
480 configured outside of the unit configuration file by adding
481 symlinks to a <filename>.wants/</filename> directory
482 accompanying the unit file. For details, see
483 above.</para></listitem>
484 </varlistentry>
485
486 <varlistentry>
487 <term><varname>BindsTo=</varname></term>
488
489 <listitem><para>Configures requirement dependencies, very
490 similar in style to <varname>Requires=</varname>, however in
491 addition to this behavior, it also declares that this unit is
492 stopped when any of the units listed suddenly disappears.
493 Units can suddenly, unexpectedly disappear if a service
494 terminates on its own choice, a device is unplugged or a mount
495 point unmounted without involvement of
496 systemd.</para></listitem>
497 </varlistentry>
498
499 <varlistentry>
500 <term><varname>PartOf=</varname></term>
501
502 <listitem><para>Configures dependencies similar to
503 <varname>Requires=</varname>, but limited to stopping and
504 restarting of units. When systemd stops or restarts the units
505 listed here, the action is propagated to this unit. Note that
506 this is a one-way dependency — changes to this unit do not
507 affect the listed units. </para></listitem>
508 </varlistentry>
509
510 <varlistentry>
511 <term><varname>Conflicts=</varname></term>
512
513 <listitem><para>A space-separated list of unit names.
514 Configures negative requirement dependencies. If a unit has a
515 <varname>Conflicts=</varname> setting on another unit,
516 starting the former will stop the latter and vice versa. Note
517 that this setting is independent of and orthogonal to the
518 <varname>After=</varname> and <varname>Before=</varname>
519 ordering dependencies.</para>
520
521 <para>If a unit A that conflicts with a unit B is scheduled to
522 be started at the same time as B, the transaction will either
523 fail (in case both are required part of the transaction) or be
524 modified to be fixed (in case one or both jobs are not a
525 required part of the transaction). In the latter case, the job
526 that is not the required will be removed, or in case both are
527 not required, the unit that conflicts will be started and the
528 unit that is conflicted is stopped.</para></listitem>
529 </varlistentry>
530
531 <varlistentry>
532 <term><varname>Before=</varname></term>
533 <term><varname>After=</varname></term>
534
535 <listitem><para>A space-separated list of unit names.
536 Configures ordering dependencies between units. If a unit
537 <filename>foo.service</filename> contains a setting
538 <option>Before=bar.service</option> and both units are being
539 started, <filename>bar.service</filename>'s start-up is
540 delayed until <filename>foo.service</filename> is started up.
541 Note that this setting is independent of and orthogonal to the
542 requirement dependencies as configured by
543 <varname>Requires=</varname>. It is a common pattern to
544 include a unit name in both the <varname>After=</varname> and
545 <varname>Requires=</varname> option, in which case the unit
546 listed will be started before the unit that is configured with
547 these options. This option may be specified more than once, in
548 which case ordering dependencies for all listed names are
549 created. <varname>After=</varname> is the inverse of
550 <varname>Before=</varname>, i.e. while
551 <varname>After=</varname> ensures that the configured unit is
552 started after the listed unit finished starting up,
553 <varname>Before=</varname> ensures the opposite, i.e. that the
554 configured unit is fully started up before the listed unit is
555 started. Note that when two units with an ordering dependency
556 between them are shut down, the inverse of the start-up order
557 is applied. i.e. if a unit is configured with
558 <varname>After=</varname> on another unit, the former is
21b0be6b
IK		 559 stopped before the latter if both are shut down. Given two units
560 with any ordering dependency between them, if one unit is shut
561 down and the other is started up, the shutdown is ordered
562 before the start-up. It doesn't matter if the ordering
563 dependency is <varname>After=</varname> or
564 <varname>Before=</varname>. It also doesn't matter which of the
565 two is shut down, as long as one is shut down and the other is
566 started up. The shutdown is ordered before the start-up in all
567 cases. If two units have no ordering dependencies between them,
568 they are shut down or started up simultaneously, and no ordering
569 takes place.
798d3a52
ZJS		 570 </para></listitem>
571 </varlistentry>
572
573 <varlistentry>
574 <term><varname>OnFailure=</varname></term>
575
576 <listitem><para>A space-separated list of one or more units
577 that are activated when this unit enters the
578 <literal>failed</literal> state.</para></listitem>
579 </varlistentry>
580
581 <varlistentry>
582 <term><varname>PropagatesReloadTo=</varname></term>
583 <term><varname>ReloadPropagatedFrom=</varname></term>
584
585 <listitem><para>A space-separated list of one or more units
586 where reload requests on this unit will be propagated to, or
587 reload requests on the other unit will be propagated to this
588 unit, respectively. Issuing a reload request on a unit will
589 automatically also enqueue a reload request on all units that
590 the reload request shall be propagated to via these two
591 settings.</para></listitem>
592 </varlistentry>
593
594 <varlistentry>
595 <term><varname>JoinsNamespaceOf=</varname></term>
596
597 <listitem><para>For units that start processes (such as
598 service units), lists one or more other units whose network
599 and/or temporary file namespace to join. This only applies to
600 unit types which support the
601 <varname>PrivateNetwork=</varname> and
602 <varname>PrivateTmp=</varname> directives (see
603 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
604 for details). If a unit that has this setting set is started,
605 its processes will see the same <filename>/tmp</filename>,
606 <filename>/tmp/var</filename> and network namespace as one
607 listed unit that is started. If multiple listed units are
608 already started, it is not defined which namespace is joined.
609 Note that this setting only has an effect if
610 <varname>PrivateNetwork=</varname> and/or
611 <varname>PrivateTmp=</varname> is enabled for both the unit
612 that joins the namespace and the unit whose namespace is
613 joined.</para></listitem>
614 </varlistentry>
615
616 <varlistentry>
617 <term><varname>RequiresMountsFor=</varname></term>
618
619 <listitem><para>Takes a space-separated list of absolute
620 paths. Automatically adds dependencies of type
621 <varname>Requires=</varname> and <varname>After=</varname> for
622 all mount units required to access the specified path.</para>
623
624 <para>Mount points marked with <option>noauto</option> are not
625 mounted automatically and will be ignored for the purposes of
626 this option. If such a mount should be a requirement for this
627 unit, direct dependencies on the mount units may be added
628 (<varname>Requires=</varname> and <varname>After=</varname> or
629 some other combination). </para></listitem>
630 </varlistentry>
631
632 <varlistentry>
633 <term><varname>OnFailureJobMode=</varname></term>
634
635 <listitem><para>Takes a value of
636 <literal>fail</literal>,
637 <literal>replace</literal>,
638 <literal>replace-irreversibly</literal>,
639 <literal>isolate</literal>,
640 <literal>flush</literal>,
641 <literal>ignore-dependencies</literal> or
642 <literal>ignore-requirements</literal>. Defaults to
643 <literal>replace</literal>. Specifies how the units listed in
644 <varname>OnFailure=</varname> will be enqueued. See
645 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
646 <option>--job-mode=</option> option for details on the
647 possible values. If this is set to <literal>isolate</literal>,
648 only a single unit may be listed in
649 <varname>OnFailure=</varname>..</para></listitem>
650 </varlistentry>
651
652 <varlistentry>
653 <term><varname>IgnoreOnIsolate=</varname></term>
654
655 <listitem><para>Takes a boolean argument. If
656 <option>true</option>, this unit will not be stopped when
657 isolating another unit. Defaults to
658 <option>false</option>.</para></listitem>
659 </varlistentry>
660
798d3a52
ZJS		 661 <varlistentry>
662 <term><varname>StopWhenUnneeded=</varname></term>
663
664 <listitem><para>Takes a boolean argument. If
665 <option>true</option>, this unit will be stopped when it is no
b938cb90 666 longer used. Note that, in order to minimize the work to be
798d3a52
ZJS		 667 executed, systemd will not stop units by default unless they
668 are conflicting with other units, or the user explicitly
669 requested their shut down. If this option is set, a unit will
670 be automatically cleaned up if no other active unit requires
671 it. Defaults to <option>false</option>.</para></listitem>
672 </varlistentry>
673
674 <varlistentry>
675 <term><varname>RefuseManualStart=</varname></term>
676 <term><varname>RefuseManualStop=</varname></term>
677
678 <listitem><para>Takes a boolean argument. If
679 <option>true</option>, this unit can only be activated or
680 deactivated indirectly. In this case, explicit start-up or
681 termination requested by the user is denied, however if it is
682 started or stopped as a dependency of another unit, start-up
683 or termination will succeed. This is mostly a safety feature
684 to ensure that the user does not accidentally activate units
685 that are not intended to be activated explicitly, and not
686 accidentally deactivate units that are not intended to be
687 deactivated. These options default to
688 <option>false</option>.</para></listitem>
689 </varlistentry>
690
691 <varlistentry>
692 <term><varname>AllowIsolate=</varname></term>
693
694 <listitem><para>Takes a boolean argument. If
695 <option>true</option>, this unit may be used with the
696 <command>systemctl isolate</command> command. Otherwise, this
697 will be refused. It probably is a good idea to leave this
698 disabled except for target units that shall be used similar to
699 runlevels in SysV init systems, just as a precaution to avoid
700 unusable system states. This option defaults to
701 <option>false</option>.</para></listitem>
702 </varlistentry>
703
704 <varlistentry>
705 <term><varname>DefaultDependencies=</varname></term>
706
707 <listitem><para>Takes a boolean argument. If
708 <option>true</option>, (the default), a few default
709 dependencies will implicitly be created for the unit. The
710 actual dependencies created depend on the unit type. For
711 example, for service units, these dependencies ensure that the
712 service is started only after basic system initialization is
713 completed and is properly terminated on system shutdown. See
714 the respective man pages for details. Generally, only services
715 involved with early boot or late shutdown should set this
716 option to <option>false</option>. It is highly recommended to
717 leave this option enabled for the majority of common units. If
718 set to <option>false</option>, this option does not disable
719 all implicit dependencies, just non-essential
720 ones.</para></listitem>
721 </varlistentry>
722
723 <varlistentry>
724 <term><varname>JobTimeoutSec=</varname></term>
725 <term><varname>JobTimeoutAction=</varname></term>
726 <term><varname>JobTimeoutRebootArgument=</varname></term>
727
89beff89
LP		 728 <listitem><para>When a job for this unit is queued, a time-out may be configured. If this time limit is
729 reached, the job will be cancelled, the unit however will not change state or even enter the
730 <literal>failed</literal> mode. This value defaults to <literal>infinity</literal> (job timeouts disabled),
731 except for device units. NB: this timeout is independent from any unit-specific timeout (for example, the
732 timeout set with <varname>TimeoutStartSec=</varname> in service units) as the job timeout has no effect on the
733 unit itself, only on the job that might be pending for it. Or in other words: unit-specific timeouts are useful
734 to abort unit state changes, and revert them. The job timeout set with this option however is useful to abort
735 only the job waiting for the unit state to change.</para>
798d3a52
ZJS		 736
737 <para><varname>JobTimeoutAction=</varname>
738 optionally configures an additional
739 action to take when the time-out is
740 hit. It takes the same values as the
741 per-service
742 <varname>StartLimitAction=</varname>
743 setting, see
744 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
745 for details. Defaults to
746 <option>none</option>. <varname>JobTimeoutRebootArgument=</varname>
747 configures an optional reboot string
748 to pass to the
749 <citerefentry><refentrytitle>reboot</refentrytitle><manvolnum>2</manvolnum></citerefentry>
750 system call.</para></listitem>
751 </varlistentry>
752
6bf0f408
LP		 753 <varlistentry>
754 <term><varname>StartLimitInterval=</varname></term>
755 <term><varname>StartLimitBurst=</varname></term>
756
757 <listitem><para>Configure unit start rate limiting. By default, units which are started more than 5 times
758 within 10 seconds are not permitted to start any more times until the 10 second interval ends. With these two
759 options, this rate limiting may be modified. Use <varname>StartLimitInterval=</varname> to configure the
760 checking interval (defaults to <varname>DefaultStartLimitInterval=</varname> in manager configuration file, set
761 to 0 to disable any kind of rate limiting). Use <varname>StartLimitBurst=</varname> to configure how many
762 starts per interval are allowed (defaults to <varname>DefaultStartLimitBurst=</varname> in manager
763 configuration file). These configuration options are particularly useful in conjunction with the service
764 setting <varname>Restart=</varname> (see
765 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>); however,
766 they apply to all kinds of starts (including manual), not just those triggered by the
767 <varname>Restart=</varname> logic. Note that units which are configured for <varname>Restart=</varname> and
768 which reach the start limit are not attempted to be restarted anymore; however, they may still be restarted
769 manually at a later point, from which point on, the restart logic is again activated. Note that
770 <command>systemctl reset-failed</command> will cause the restart rate counter for a service to be flushed,
771 which is useful if the administrator wants to manually start a unit and the start limit interferes with
772 that.</para></listitem>
773 </varlistentry>
774
775 <varlistentry>
776 <term><varname>StartLimitAction=</varname></term>
777
778 <listitem><para>Configure the action to take if the rate limit configured with
779 <varname>StartLimitInterval=</varname> and <varname>StartLimitBurst=</varname> is hit. Takes one of
780 <option>none</option>, <option>reboot</option>, <option>reboot-force</option>,
781 <option>reboot-immediate</option>, <option>poweroff</option>, <option>poweroff-force</option> or
782 <option>poweroff-immediate</option>. If <option>none</option> is set, hitting the rate limit will trigger no
783 action besides that the start will not be permitted. <option>reboot</option> causes a reboot following the
784 normal shutdown procedure (i.e. equivalent to <command>systemctl reboot</command>).
785 <option>reboot-force</option> causes a forced reboot which will terminate all processes forcibly but should
786 cause no dirty file systems on reboot (i.e. equivalent to <command>systemctl reboot -f</command>) and
787 <option>reboot-immediate</option> causes immediate execution of the
788 <citerefentry><refentrytitle>reboot</refentrytitle><manvolnum>2</manvolnum></citerefentry> system call, which
789 might result in data loss. Similarly, <option>poweroff</option>, <option>poweroff-force</option>,
790 <option>poweroff-immediate</option> have the effect of powering down the system with similar
791 semantics. Defaults to <option>none</option>.</para></listitem>
792 </varlistentry>
793
794 <varlistentry>
795 <term><varname>RebootArgument=</varname></term>
796 <listitem><para>Configure the optional argument for the
797 <citerefentry><refentrytitle>reboot</refentrytitle><manvolnum>2</manvolnum></citerefentry> system call if
798 <varname>StartLimitAction=</varname> or a service's <varname>FailureAction=</varname> is a reboot action. This
799 works just like the optional argument to <command>systemctl reboot</command> command.</para></listitem>
800 </varlistentry>
801
798d3a52
ZJS		 802 <varlistentry>
803 <term><varname>ConditionArchitecture=</varname></term>
804 <term><varname>ConditionVirtualization=</varname></term>
805 <term><varname>ConditionHost=</varname></term>
806 <term><varname>ConditionKernelCommandLine=</varname></term>
807 <term><varname>ConditionSecurity=</varname></term>
808 <term><varname>ConditionCapability=</varname></term>
809 <term><varname>ConditionACPower=</varname></term>
810 <term><varname>ConditionNeedsUpdate=</varname></term>
811 <term><varname>ConditionFirstBoot=</varname></term>
812 <term><varname>ConditionPathExists=</varname></term>
813 <term><varname>ConditionPathExistsGlob=</varname></term>
814 <term><varname>ConditionPathIsDirectory=</varname></term>
815 <term><varname>ConditionPathIsSymbolicLink=</varname></term>
816 <term><varname>ConditionPathIsMountPoint=</varname></term>
817 <term><varname>ConditionPathIsReadWrite=</varname></term>
818 <term><varname>ConditionDirectoryNotEmpty=</varname></term>
819 <term><varname>ConditionFileNotEmpty=</varname></term>
820 <term><varname>ConditionFileIsExecutable=</varname></term>
821
7ca41557 822 <!-- We do not document ConditionNull=
b938cb90 823 here, as it is not particularly
798d3a52
ZJS		 824 useful and probably just
825 confusing. -->
826
41448597
LP		 827 <listitem><para>Before starting a unit, verify that the specified condition is true. If it is not true, the
828 starting of the unit will be (mostly silently) skipped, however all ordering dependencies of it are still
829 respected. A failing condition will not result in the unit being moved into a failure state. The condition is
830 checked at the time the queued start job is to be executed. Use condition expressions in order to silently skip
831 units that do not apply to the local running system, for example because the kernel or runtime environment
832 doesn't require its functionality. Use the various <varname>AssertArchitecture=</varname>,
833 <varname>AssertVirtualization=</varname>, … options for a similar mechanism that puts the unit in a failure
834 state and logs about the failed check (see below).</para>
798d3a52
ZJS		 835
836 <para><varname>ConditionArchitecture=</varname> may be used to
837 check whether the system is running on a specific
838 architecture. Takes one of
839 <varname>x86</varname>,
840 <varname>x86-64</varname>,
841 <varname>ppc</varname>,
842 <varname>ppc-le</varname>,
843 <varname>ppc64</varname>,
844 <varname>ppc64-le</varname>,
845 <varname>ia64</varname>,
846 <varname>parisc</varname>,
847 <varname>parisc64</varname>,
848 <varname>s390</varname>,
849 <varname>s390x</varname>,
850 <varname>sparc</varname>,
851 <varname>sparc64</varname>,
852 <varname>mips</varname>,
853 <varname>mips-le</varname>,
854 <varname>mips64</varname>,
855 <varname>mips64-le</varname>,
856 <varname>alpha</varname>,
857 <varname>arm</varname>,
858 <varname>arm-be</varname>,
859 <varname>arm64</varname>,
860 <varname>arm64-be</varname>,
861 <varname>sh</varname>,
862 <varname>sh64</varname>,
863 <varname>m86k</varname>,
864 <varname>tilegx</varname>,
865 <varname>cris</varname> to test
866 against a specific architecture. The architecture is
867 determined from the information returned by
3ba3a79d 868 <citerefentry project='man-pages'><refentrytitle>uname</refentrytitle><manvolnum>2</manvolnum></citerefentry>
798d3a52
ZJS		 869 and is thus subject to
870 <citerefentry><refentrytitle>personality</refentrytitle><manvolnum>2</manvolnum></citerefentry>.
871 Note that a <varname>Personality=</varname> setting in the
872 same unit file has no effect on this condition. A special
873 architecture name <varname>native</varname> is mapped to the
874 architecture the system manager itself is compiled for. The
875 test may be negated by prepending an exclamation mark.</para>
876
877 <para><varname>ConditionVirtualization=</varname> may be used
878 to check whether the system is executed in a virtualized
879 environment and optionally test whether it is a specific
880 implementation. Takes either boolean value to check if being
881 executed in any virtualized environment, or one of
882 <varname>vm</varname> and
883 <varname>container</varname> to test against a generic type of
884 virtualization solution, or one of
885 <varname>qemu</varname>,
886 <varname>kvm</varname>,
887 <varname>zvm</varname>,
888 <varname>vmware</varname>,
889 <varname>microsoft</varname>,
890 <varname>oracle</varname>,
891 <varname>xen</varname>,
892 <varname>bochs</varname>,
893 <varname>uml</varname>,
894 <varname>openvz</varname>,
895 <varname>lxc</varname>,
896 <varname>lxc-libvirt</varname>,
897 <varname>systemd-nspawn</varname>,
9fb16425
ILG		 898 <varname>docker</varname>,
899 <varname>rkt</varname> to test
798d3a52
ZJS		 900 against a specific implementation. See
901 <citerefentry><refentrytitle>systemd-detect-virt</refentrytitle><manvolnum>1</manvolnum></citerefentry>
902 for a full list of known virtualization technologies and their
903 identifiers. If multiple virtualization technologies are
904 nested, only the innermost is considered. The test may be
905 negated by prepending an exclamation mark.</para>
906
907 <para><varname>ConditionHost=</varname> may be used to match
908 against the hostname or machine ID of the host. This either
909 takes a hostname string (optionally with shell style globs)
910 which is tested against the locally set hostname as returned
911 by
912 <citerefentry><refentrytitle>gethostname</refentrytitle><manvolnum>2</manvolnum></citerefentry>,
913 or a machine ID formatted as string (see
914 <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry>).
915 The test may be negated by prepending an exclamation
916 mark.</para>
917
918 <para><varname>ConditionKernelCommandLine=</varname> may be
919 used to check whether a specific kernel command line option is
920 set (or if prefixed with the exclamation mark unset). The
921 argument must either be a single word, or an assignment (i.e.
922 two words, separated <literal>=</literal>). In the former case
923 the kernel command line is searched for the word appearing as
924 is, or as left hand side of an assignment. In the latter case,
925 the exact assignment is looked for with right and left hand
926 side matching.</para>
927
928 <para><varname>ConditionSecurity=</varname> may be used to
929 check whether the given security module is enabled on the
b8e1d4d1 930 system. Currently, the recognized values are
798d3a52
ZJS		 931 <varname>selinux</varname>,
932 <varname>apparmor</varname>,
933 <varname>ima</varname>,
934 <varname>smack</varname> and
935 <varname>audit</varname>. The test may be negated by
936 prepending an exclamation mark.</para>
937
938 <para><varname>ConditionCapability=</varname> may be used to
939 check whether the given capability exists in the capability
940 bounding set of the service manager (i.e. this does not check
941 whether capability is actually available in the permitted or
942 effective sets, see
943 <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
944 for details). Pass a capability name such as
945 <literal>CAP_MKNOD</literal>, possibly prefixed with an
946 exclamation mark to negate the check.</para>
947
948 <para><varname>ConditionACPower=</varname> may be used to
949 check whether the system has AC power, or is exclusively
950 battery powered at the time of activation of the unit. This
951 takes a boolean argument. If set to <varname>true</varname>,
952 the condition will hold only if at least one AC connector of
953 the system is connected to a power source, or if no AC
954 connectors are known. Conversely, if set to
955 <varname>false</varname>, the condition will hold only if
956 there is at least one AC connector known and all AC connectors
957 are disconnected from a power source.</para>
958
959 <para><varname>ConditionNeedsUpdate=</varname> takes one of
960 <filename>/var</filename> or <filename>/etc</filename> as
961 argument, possibly prefixed with a <literal>!</literal> (for
962 inverting the condition). This condition may be used to
963 conditionalize units on whether the specified directory
964 requires an update because <filename>/usr</filename>'s
965 modification time is newer than the stamp file
966 <filename>.updated</filename> in the specified directory. This
967 is useful to implement offline updates of the vendor operating
968 system resources in <filename>/usr</filename> that require
969 updating of <filename>/etc</filename> or
970 <filename>/var</filename> on the next following boot. Units
971 making use of this condition should order themselves before
972 <citerefentry><refentrytitle>systemd-update-done.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
7f3fdb7f 973 to make sure they run before the stamp file's modification
798d3a52
ZJS		 974 time gets reset indicating a completed update.</para>
975
976 <para><varname>ConditionFirstBoot=</varname> takes a boolean
977 argument. This condition may be used to conditionalize units
978 on whether the system is booting up with an unpopulated
979 <filename>/etc</filename> directory. This may be used to
980 populate <filename>/etc</filename> on the first boot after
981 factory reset, or when a new system instances boots up for the
982 first time.</para>
983
984 <para>With <varname>ConditionPathExists=</varname> a file
985 existence condition is checked before a unit is started. If
986 the specified absolute path name does not exist, the condition
987 will fail. If the absolute path name passed to
988 <varname>ConditionPathExists=</varname> is prefixed with an
989 exclamation mark (<literal>!</literal>), the test is negated,
990 and the unit is only started if the path does not
991 exist.</para>
992
993 <para><varname>ConditionPathExistsGlob=</varname> is similar
994 to <varname>ConditionPathExists=</varname>, but checks for the
995 existence of at least one file or directory matching the
996 specified globbing pattern.</para>
997
998 <para><varname>ConditionPathIsDirectory=</varname> is similar
999 to <varname>ConditionPathExists=</varname> but verifies
1000 whether a certain path exists and is a directory.</para>
1001
1002 <para><varname>ConditionPathIsSymbolicLink=</varname> is
1003 similar to <varname>ConditionPathExists=</varname> but
1004 verifies whether a certain path exists and is a symbolic
1005 link.</para>
1006
1007 <para><varname>ConditionPathIsMountPoint=</varname> is similar
1008 to <varname>ConditionPathExists=</varname> but verifies
1009 whether a certain path exists and is a mount point.</para>
1010
1011 <para><varname>ConditionPathIsReadWrite=</varname> is similar
1012 to <varname>ConditionPathExists=</varname> but verifies
1013 whether the underlying file system is readable and writable
1014 (i.e. not mounted read-only).</para>
1015
1016 <para><varname>ConditionDirectoryNotEmpty=</varname> is
1017 similar to <varname>ConditionPathExists=</varname> but
1018 verifies whether a certain path exists and is a non-empty
1019 directory.</para>
1020
1021 <para><varname>ConditionFileNotEmpty=</varname> is similar to
1022 <varname>ConditionPathExists=</varname> but verifies whether a
1023 certain path exists and refers to a regular file with a
1024 non-zero size.</para>
1025
1026 <para><varname>ConditionFileIsExecutable=</varname> is similar
1027 to <varname>ConditionPathExists=</varname> but verifies
1028 whether a certain path exists, is a regular file and marked
1029 executable.</para>
1030
1031 <para>If multiple conditions are specified, the unit will be
1032 executed if all of them apply (i.e. a logical AND is applied).
1033 Condition checks can be prefixed with a pipe symbol (|) in
1034 which case a condition becomes a triggering condition. If at
1035 least one triggering condition is defined for a unit, then the
1036 unit will be executed if at least one of the triggering
1037 conditions apply and all of the non-triggering conditions. If
1038 you prefix an argument with the pipe symbol and an exclamation
1039 mark, the pipe symbol must be passed first, the exclamation
1040 second. Except for
1041 <varname>ConditionPathIsSymbolicLink=</varname>, all path
1042 checks follow symlinks. If any of these options is assigned
1043 the empty string, the list of conditions is reset completely,
1044 all previous condition settings (of any kind) will have no
1045 effect.</para></listitem>
1046 </varlistentry>
1047
1048 <varlistentry>
1049 <term><varname>AssertArchitecture=</varname></term>
1050 <term><varname>AssertVirtualization=</varname></term>
1051 <term><varname>AssertHost=</varname></term>
1052 <term><varname>AssertKernelCommandLine=</varname></term>
1053 <term><varname>AssertSecurity=</varname></term>
1054 <term><varname>AssertCapability=</varname></term>
1055 <term><varname>AssertACPower=</varname></term>
1056 <term><varname>AssertNeedsUpdate=</varname></term>
1057 <term><varname>AssertFirstBoot=</varname></term>
1058 <term><varname>AssertPathExists=</varname></term>
1059 <term><varname>AssertPathExistsGlob=</varname></term>
1060 <term><varname>AssertPathIsDirectory=</varname></term>
1061 <term><varname>AssertPathIsSymbolicLink=</varname></term>
1062 <term><varname>AssertPathIsMountPoint=</varname></term>
1063 <term><varname>AssertPathIsReadWrite=</varname></term>
1064 <term><varname>AssertDirectoryNotEmpty=</varname></term>
1065 <term><varname>AssertFileNotEmpty=</varname></term>
1066 <term><varname>AssertFileIsExecutable=</varname></term>
1067
41448597
LP		 1068 <listitem><para>Similar to the <varname>ConditionArchitecture=</varname>,
1069 <varname>ConditionVirtualization=</varname>, …, condition settings described above, these settings add
1070 assertion checks to the start-up of the unit. However, unlike the conditions settings, any assertion setting
da25e029
ZJS		 1071 that is not met results in failure of the start job (which means this is logged loudly). Use assertion
1072 expressions for units that cannot operate when specific requirements are not met, and when this is something
1073 the administrator or user should look into.</para></listitem>
798d3a52
ZJS		 1074 </varlistentry>
1075
1076 <varlistentry>
1077 <term><varname>SourcePath=</varname></term>
1078 <listitem><para>A path to a configuration file this unit has
1079 been generated from. This is primarily useful for
1080 implementation of generator tools that convert configuration
1081 from an external configuration file format into native unit
1082 files. This functionality should not be used in normal
1083 units.</para></listitem>
1084 </varlistentry>
32ee7d33 1085
798d3a52
ZJS		 1086 </variablelist>
1087
1088 </refsect1>
1089
1090 <refsect1>
1091 <title>[Install] Section Options</title>
1092
be73bb48
LP		 1093 <para>Unit files may include an <literal>[Install]</literal> section, which carries installation information for
1094 the unit. This section is not interpreted by
1095 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry> during runtime; it is
1096 used by the <command>enable</command> and <command>disable</command> commands of the
1097 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> tool during
1098 installation of a unit. Note that settings in the <literal>[Install]</literal> section may not appear in
1099 <filename>.d/*.conf</filename> unit file drop-ins (see above).</para>
798d3a52
ZJS		 1100
1101 <variablelist class='unit-directives'>
1102 <varlistentry>
1103 <term><varname>Alias=</varname></term>
1104
f4bf8d2f
LP		 1105 <listitem><para>A space-separated list of additional names this unit shall be installed under. The names listed
1106 here must have the same suffix (i.e. type) as the unit file name. This option may be specified more than once,
1107 in which case all listed names are used. At installation time, <command>systemctl enable</command> will create
1108 symlinks from these names to the unit filename. Note that not all unit types support such alias names, and this
1109 setting is not supported for them. Specifically, mount, slice, swap, and automount units do not support
1110 aliasing.</para></listitem>
798d3a52
ZJS		 1111 </varlistentry>
1112
1113 <varlistentry>
1114 <term><varname>WantedBy=</varname></term>
1115 <term><varname>RequiredBy=</varname></term>
1116
1117 <listitem><para>This option may be used more than once, or a
1118 space-separated list of unit names may be given. A symbolic
1119 link is created in the <filename>.wants/</filename> or
1120 <filename>.requires/</filename> directory of each of the
1121 listed units when this unit is installed by <command>systemctl
1122 enable</command>. This has the effect that a dependency of
1123 type <varname>Wants=</varname> or <varname>Requires=</varname>
1124 is added from the listed unit to the current unit. The primary
1125 result is that the current unit will be started when the
1126 listed unit is started. See the description of
1127 <varname>Wants=</varname> and <varname>Requires=</varname> in
1128 the [Unit] section for details.</para>
1129
1130 <para><command>WantedBy=foo.service</command> in a service
1131 <filename>bar.service</filename> is mostly equivalent to
1132 <command>Alias=foo.service.wants/bar.service</command> in the
1133 same file. In case of template units, <command>systemctl
1134 enable</command> must be called with an instance name, and
1135 this instance will be added to the
1136 <filename>.wants/</filename> or
1137 <filename>.requires/</filename> list of the listed unit. E.g.
1138 <command>WantedBy=getty.target</command> in a service
1139 <filename>getty@.service</filename> will result in
1140 <command>systemctl enable getty@tty2.service</command>
1141 creating a
1142 <filename>getty.target.wants/getty@tty2.service</filename>
1143 link to <filename>getty@.service</filename>.
1144 </para></listitem>
1145 </varlistentry>
1146
1147 <varlistentry>
1148 <term><varname>Also=</varname></term>
1149
1150 <listitem><para>Additional units to install/deinstall when
1151 this unit is installed/deinstalled. If the user requests
1152 installation/deinstallation of a unit with this option
1153 configured, <command>systemctl enable</command> and
1154 <command>systemctl disable</command> will automatically
1155 install/uninstall units listed in this option as well.</para>
1156
1157 <para>This option may be used more than once, or a
1158 space-separated list of unit names may be
1159 given.</para></listitem>
1160 </varlistentry>
1161
1162 <varlistentry>
1163 <term><varname>DefaultInstance=</varname></term>
1164
1165 <listitem><para>In template unit files, this specifies for
1166 which instance the unit shall be enabled if the template is
1167 enabled without any explicitly set instance. This option has
1168 no effect in non-template unit files. The specified string
1169 must be usable as instance identifier.</para></listitem>
1170 </varlistentry>
1171 </variablelist>
1172
1173 <para>The following specifiers are interpreted in the Install
1174 section: %n, %N, %p, %i, %U, %u, %m, %H, %b, %v. For their meaning
1175 see the next section.
1176 </para>
1177 </refsect1>
1178
1179 <refsect1>
1180 <title>Specifiers</title>
1181
1182 <para>Many settings resolve specifiers which may be used to write
1183 generic unit files referring to runtime or unit parameters that
1184 are replaced when the unit files are loaded. The following
1185 specifiers are understood:</para>
1186
1187 <table>
1188 <title>Specifiers available in unit files</title>
1189 <tgroup cols='3' align='left' colsep='1' rowsep='1'>
1190 <colspec colname="spec" />
1191 <colspec colname="mean" />
1192 <colspec colname="detail" />
1193 <thead>
1194 <row>
1195 <entry>Specifier</entry>
1196 <entry>Meaning</entry>
1197 <entry>Details</entry>
1198 </row>
1199 </thead>
1200 <tbody>
1201 <row>
1202 <entry><literal>%n</literal></entry>
1203 <entry>Full unit name</entry>
1204 <entry></entry>
1205 </row>
1206 <row>
1207 <entry><literal>%N</literal></entry>
1208 <entry>Unescaped full unit name</entry>
1209 <entry>Same as <literal>%n</literal>, but with escaping undone</entry>
1210 </row>
1211 <row>
1212 <entry><literal>%p</literal></entry>
1213 <entry>Prefix name</entry>
1214 <entry>For instantiated units, this refers to the string before the <literal>@</literal> character of the unit name. For non-instantiated units, this refers to the name of the unit with the type suffix removed.</entry>
1215 </row>
1216 <row>
1217 <entry><literal>%P</literal></entry>
1218 <entry>Unescaped prefix name</entry>
1219 <entry>Same as <literal>%p</literal>, but with escaping undone</entry>
1220 </row>
1221 <row>
1222 <entry><literal>%i</literal></entry>
1223 <entry>Instance name</entry>
1224 <entry>For instantiated units: this is the string between the <literal>@</literal> character and the suffix of the unit name.</entry>
1225 </row>
1226 <row>
1227 <entry><literal>%I</literal></entry>
1228 <entry>Unescaped instance name</entry>
1229 <entry>Same as <literal>%i</literal>, but with escaping undone</entry>
1230 </row>
1231 <row>
1232 <entry><literal>%f</literal></entry>
1233 <entry>Unescaped filename</entry>
1234 <entry>This is either the unescaped instance name (if applicable) with <filename>/</filename> prepended (if applicable), or the prefix name prepended with <filename>/</filename>.</entry>
1235 </row>
1236 <row>
1237 <entry><literal>%c</literal></entry>
1238 <entry>Control group path of the unit</entry>
1239 <entry>This path does not include the <filename>/sys/fs/cgroup/systemd/</filename> prefix.</entry>
1240 </row>
1241 <row>
1242 <entry><literal>%r</literal></entry>
1243 <entry>Control group path of the slice the unit is placed in</entry>
1244 <entry>This usually maps to the parent cgroup path of <literal>%c</literal>.</entry>
1245 </row>
1246 <row>
1247 <entry><literal>%R</literal></entry>
1248 <entry>Root control group path below which slices and units are placed</entry>
1249 <entry>For system instances, this resolves to <filename>/</filename>, except in containers, where this maps to the container's root control group path.</entry>
1250 </row>
1251 <row>
1252 <entry><literal>%t</literal></entry>
1253 <entry>Runtime directory</entry>
1254 <entry>This is either <filename>/run</filename> (for the system manager) or the path <literal>$XDG_RUNTIME_DIR</literal> resolves to (for user managers).</entry>
1255 </row>
1256 <row>
1257 <entry><literal>%u</literal></entry>
1258 <entry>User name</entry>
79413b67 1259 <entry>This is the name of the user running the service manager instance. In case of the system manager this resolves to <literal>root</literal>.</entry>
798d3a52
ZJS		 1260 </row>
1261 <row>
1262 <entry><literal>%U</literal></entry>
1263 <entry>User UID</entry>
79413b67 1264 <entry>This is the numeric UID of the user running the service manager instance. In case of the system manager this resolves to <literal>0</literal>.</entry>
798d3a52
ZJS		 1265 </row>
1266 <row>
1267 <entry><literal>%h</literal></entry>
1268 <entry>User home directory</entry>
79413b67 1269 <entry>This is the home directory of the user running the service manager instance. In case of the system manager this resolves to <literal>/root</literal>.</entry>
798d3a52
ZJS		 1270 </row>
1271 <row>
1272 <entry><literal>%s</literal></entry>
1273 <entry>User shell</entry>
79413b67 1274 <entry>This is the shell of the user running the service manager instance. In case of the system manager this resolves to <literal>/bin/sh</literal>.</entry>
798d3a52
ZJS		 1275 </row>
1276 <row>
1277 <entry><literal>%m</literal></entry>
1278 <entry>Machine ID</entry>
1279 <entry>The machine ID of the running system, formatted as string. See <citerefentry><refentrytitle>machine-id</refentrytitle><manvolnum>5</manvolnum></citerefentry> for more information.</entry>
1280 </row>
1281 <row>
1282 <entry><literal>%b</literal></entry>
1283 <entry>Boot ID</entry>
1284 <entry>The boot ID of the running system, formatted as string. See <citerefentry><refentrytitle>random</refentrytitle><manvolnum>4</manvolnum></citerefentry> for more information.</entry>
1285 </row>
1286 <row>
1287 <entry><literal>%H</literal></entry>
1288 <entry>Host name</entry>
e5f270f5 1289 <entry>The hostname of the running system at the point in time the unit configuration is loaded.</entry>
798d3a52
ZJS		 1290 </row>
1291 <row>
1292 <entry><literal>%v</literal></entry>
1293 <entry>Kernel release</entry>
1294 <entry>Identical to <command>uname -r</command> output</entry>
1295 </row>
1296 <row>
1297 <entry><literal>%%</literal></entry>
1298 <entry>Single percent sign</entry>
1299 <entry>Use <literal>%%</literal> in place of <literal>%</literal> to specify a single percent sign.</entry>
1300 </row>
1301 </tbody>
1302 </tgroup>
1303 </table>
1304
1305 <para>Please note that specifiers <literal>%U</literal>,
1306 <literal>%h</literal>, <literal>%s</literal> are mostly useless
1307 when systemd is running in system mode. PID 1 cannot query the
1308 user account database for information, so the specifiers only work
1309 as shortcuts for things which are already specified in a different
1310 way in the unit file. They are fully functional when systemd is
1311 running in <option>--user</option> mode.</para>
1312 </refsect1>
1313
1314 <refsect1>
1315 <title>Examples</title>
1316
1317 <example>
1318 <title>Allowing units to be enabled</title>
1319
1320 <para>The following snippet (highlighted) allows a unit (e.g.
1321 <filename>foo.service</filename>) to be enabled via
1322 <command>systemctl enable</command>:</para>
1323
1324 <programlisting>[Unit]
92b1e225
CS		 1325Description=Foo
1326
1327[Service]
1328ExecStart=/usr/sbin/foo-daemon
1329
1330<emphasis>[Install]</emphasis>
1331<emphasis>WantedBy=multi-user.target</emphasis></programlisting>
1332
798d3a52
ZJS		 1333 <para>After running <command>systemctl enable</command>, a
1334 symlink
12b42c76 1335 <filename>/etc/systemd/system/multi-user.target.wants/foo.service</filename>
798d3a52
ZJS		 1336 linking to the actual unit will be created. It tells systemd to
1337 pull in the unit when starting
1338 <filename>multi-user.target</filename>. The inverse
1339 <command>systemctl disable</command> will remove that symlink
1340 again.</para>
1341 </example>
1342
1343 <example>
1344 <title>Overriding vendor settings</title>
1345
1346 <para>There are two methods of overriding vendor settings in
1347 unit files: copying the unit file from
12b42c76
TG		 1348 <filename>/usr/lib/systemd/system</filename> to
1349 <filename>/etc/systemd/system</filename> and modifying the
798d3a52
ZJS		 1350 chosen settings. Alternatively, one can create a directory named
1351 <filename><replaceable>unit</replaceable>.d/</filename> within
12b42c76 1352 <filename>/etc/systemd/system</filename> and place a drop-in
798d3a52
ZJS		 1353 file <filename><replaceable>name</replaceable>.conf</filename>
1354 there that only changes the specific settings one is interested
1355 in. Note that multiple such drop-in files are read if
1356 present.</para>
1357
1358 <para>The advantage of the first method is that one easily
1359 overrides the complete unit, the vendor unit is not parsed at
1360 all anymore. It has the disadvantage that improvements to the
1361 unit file by the vendor are not automatically incorporated on
1362 updates.</para>
1363
1364 <para>The advantage of the second method is that one only
1365 overrides the settings one specifically wants, where updates to
1366 the unit by the vendor automatically apply. This has the
1367 disadvantage that some future updates by the vendor might be
1368 incompatible with the local changes.</para>
1369
1370 <para>Note that for drop-in files, if one wants to remove
1371 entries from a setting that is parsed as a list (and is not a
1372 dependency), such as <varname>ConditionPathExists=</varname> (or
1373 e.g. <varname>ExecStart=</varname> in service units), one needs
1374 to first clear the list before re-adding all entries except the
1375 one that is to be removed. See below for an example.</para>
1376
1377 <para>This also applies for user instances of systemd, but with
1378 different locations for the unit files. See the section on unit
1379 load paths for further details.</para>
1380
1381 <para>Suppose there is a vendor-supplied unit
12b42c76 1382 <filename>/usr/lib/systemd/system/httpd.service</filename> with
798d3a52
ZJS		 1383 the following contents:</para>
1384
1385 <programlisting>[Unit]
92b1e225
CS		 1386Description=Some HTTP server
1387After=remote-fs.target sqldb.service
1388Requires=sqldb.service
1389AssertPathExists=/srv/webserver
1390
1391[Service]
1392Type=notify
1393ExecStart=/usr/sbin/some-fancy-httpd-server
1394Nice=5
1395
1396[Install]
1397WantedBy=multi-user.target</programlisting>
1398
798d3a52
ZJS		 1399 <para>Now one wants to change some settings as an administrator:
1400 firstly, in the local setup, <filename>/srv/webserver</filename>
e2acdb6b 1401 might not exist, because the HTTP server is configured to use
798d3a52
ZJS		 1402 <filename>/srv/www</filename> instead. Secondly, the local
1403 configuration makes the HTTP server also depend on a memory
1404 cache service, <filename>memcached.service</filename>, that
1405 should be pulled in (<varname>Requires=</varname>) and also be
1406 ordered appropriately (<varname>After=</varname>). Thirdly, in
1407 order to harden the service a bit more, the administrator would
1408 like to set the <varname>PrivateTmp=</varname> setting (see
1409 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
1410 for details). And lastly, the administrator would like to reset
1411 the niceness of the service to its default value of 0.</para>
1412
1413 <para>The first possibility is to copy the unit file to
12b42c76 1414 <filename>/etc/systemd/system/httpd.service</filename> and
798d3a52
ZJS		 1415 change the chosen settings:</para>
1416
1417 <programlisting>[Unit]
92b1e225
CS		 1418Description=Some HTTP server
1419After=remote-fs.target sqldb.service <emphasis>memcached.service</emphasis>
1420Requires=sqldb.service <emphasis>memcached.service</emphasis>
1421AssertPathExists=<emphasis>/srv/www</emphasis>
1422
1423[Service]
1424Type=notify
1425ExecStart=/usr/sbin/some-fancy-httpd-server
1426<emphasis>Nice=0</emphasis>
1427<emphasis>PrivateTmp=yes</emphasis>
1428
1429[Install]
1430WantedBy=multi-user.target</programlisting>
1431
798d3a52
ZJS		 1432 <para>Alternatively, the administrator could create a drop-in
1433 file
12b42c76 1434 <filename>/etc/systemd/system/httpd.service.d/local.conf</filename>
798d3a52 1435 with the following contents:</para>
92b1e225 1436
798d3a52 1437 <programlisting>[Unit]
92b1e225
CS		 1438After=memcached.service
1439Requires=memcached.service
1440# Reset all assertions and then re-add the condition we want
1441AssertPathExists=
1442AssertPathExists=/srv/www
1443
1444[Service]
1445Nice=0
1446PrivateTmp=yes</programlisting>
1447
798d3a52
ZJS		 1448 <para>Note that dependencies (<varname>After=</varname>, etc.)
1449 cannot be reset to an empty list, so dependencies can only be
1450 added in drop-ins. If you want to remove dependencies, you have
1451 to override the entire unit.</para>
0cf4c0d1 1452
798d3a52
ZJS		 1453 </example>
1454 </refsect1>
1455
1456 <refsect1>
1457 <title>See Also</title>
1458 <para>
1459 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
1460 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
1461 <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
1462 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1463 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1464 <citerefentry><refentrytitle>systemd.device</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1465 <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1466 <citerefentry><refentrytitle>systemd.automount</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1467 <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1468 <citerefentry><refentrytitle>systemd.target</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1469 <citerefentry><refentrytitle>systemd.path</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1470 <citerefentry><refentrytitle>systemd.timer</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
798d3a52
ZJS		 1471 <citerefentry><refentrytitle>systemd.scope</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1472 <citerefentry><refentrytitle>systemd.slice</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1473 <citerefentry><refentrytitle>systemd.time</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
1474 <citerefentry><refentrytitle>systemd-analyze</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
1475 <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
1476 <citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
3ba3a79d 1477 <citerefentry project='man-pages'><refentrytitle>uname</refentrytitle><manvolnum>1</manvolnum></citerefentry>
798d3a52
ZJS		 1478 </para>
1479 </refsect1>
d1ab0ca0
LP		 1480
1481</refentry>
Unnamed repository; edit this file 'description' to name the repository.