]>
Commit | Line | Data |
---|---|---|
1 | systemd System and Service Manager | |
2 | ||
3 | DETAILS: | |
4 | http://0pointer.de/blog/projects/systemd.html | |
5 | ||
6 | WEB SITE: | |
7 | http://www.freedesktop.org/wiki/Software/systemd | |
8 | ||
9 | GIT: | |
10 | git://anongit.freedesktop.org/systemd/systemd | |
11 | ssh://git.freedesktop.org/git/systemd/systemd | |
12 | ||
13 | GITWEB: | |
14 | http://cgit.freedesktop.org/systemd/systemd | |
15 | ||
16 | MAILING LIST: | |
17 | http://lists.freedesktop.org/mailman/listinfo/systemd-devel | |
18 | http://lists.freedesktop.org/mailman/listinfo/systemd-commits | |
19 | ||
20 | IRC: | |
21 | #systemd on irc.freenode.org | |
22 | ||
23 | BUG REPORTS: | |
24 | https://bugs.freedesktop.org/enter_bug.cgi?product=systemd | |
25 | ||
26 | AUTHOR: | |
27 | Lennart Poettering | |
28 | Kay Sievers | |
29 | ...and many others | |
30 | ||
31 | LICENSE: | |
32 | LGPLv2.1+ for all code | |
33 | - except sd-readahead.[ch] which is MIT | |
34 | - except src/shared/MurmurHash2.c which is Public Domain | |
35 | - except src/shared/siphash24.c which is CC0 Public Domain | |
36 | - except src/journal/lookup3.c which is Public Domain | |
37 | - except src/udev/* which is (currently still) GPLv2, GPLv2+ | |
38 | ||
39 | REQUIREMENTS: | |
40 | Linux kernel >= 3.0 | |
41 | Linux kernel >= 3.3 for loop device partition support features with nspawn | |
42 | Linux kernel >= 3.8 for Smack support | |
43 | ||
44 | Kernel Config Options: | |
45 | CONFIG_DEVTMPFS | |
46 | CONFIG_CGROUPS (it is OK to disable all controllers) | |
47 | CONFIG_INOTIFY_USER | |
48 | CONFIG_SIGNALFD | |
49 | CONFIG_TIMERFD | |
50 | CONFIG_EPOLL | |
51 | CONFIG_NET | |
52 | CONFIG_SYSFS | |
53 | CONFIG_PROC_FS | |
54 | CONFIG_FHANDLE (libudev, mount and bind mount handling) | |
55 | ||
56 | Udev will fail to work with the legacy layout: | |
57 | CONFIG_SYSFS_DEPRECATED=n | |
58 | ||
59 | Legacy hotplug slows down the system and confuses udev: | |
60 | CONFIG_UEVENT_HELPER_PATH="" | |
61 | ||
62 | Userspace firmware loading is deprecated, will go away, and | |
63 | sometimes causes problems: | |
64 | CONFIG_FW_LOADER_USER_HELPER=n | |
65 | ||
66 | Some udev rules and virtualization detection relies on it: | |
67 | CONFIG_DMIID | |
68 | ||
69 | Support for some SCSI devices serial number retrieval, to | |
70 | create additional symlinks in /dev/disk/ and /dev/tape: | |
71 | CONFIG_BLK_DEV_BSG | |
72 | ||
73 | Required for PrivateNetwork in service units: | |
74 | CONFIG_NET_NS | |
75 | ||
76 | Optional but strongly recommended: | |
77 | CONFIG_IPV6 | |
78 | CONFIG_AUTOFS4_FS | |
79 | CONFIG_TMPFS_POSIX_ACL | |
80 | CONFIG_TMPFS_XATTR | |
81 | CONFIG_SECCOMP | |
82 | ||
83 | Required for CPUShares in resource control unit settings | |
84 | CONFIG_CGROUP_SCHED | |
85 | CONFIG_FAIR_GROUP_SCHED | |
86 | ||
87 | For systemd-bootchart, several proc debug interfaces are required: | |
88 | CONFIG_SCHEDSTATS | |
89 | CONFIG_SCHED_DEBUG | |
90 | ||
91 | For UEFI systems: | |
92 | CONFIG_EFIVAR_FS | |
93 | CONFIG_EFI_PARTITION | |
94 | ||
95 | Note that kernel auditing is broken when used with systemd's | |
96 | container code. When using systemd in conjunction with | |
97 | containers, please make sure to either turn off auditing at | |
98 | runtime using the kernel command line option "audit=0", or | |
99 | turn it off at kernel compile time using: | |
100 | CONFIG_AUDIT=n | |
101 | If systemd is compiled with libseccomp support on | |
102 | architectures which do not use socketcall() and where seccomp | |
103 | is supported (this effectively means x86-64 and ARM, but | |
104 | excludes 32-bit x86!), then nspawn will now install a | |
105 | work-around seccomp filter that makes containers boot even | |
106 | with audit being enabled. This works correctly only on kernels | |
107 | 3.14 and newer though. TL;DR: turn audit off, still. | |
108 | ||
109 | glibc >= 2.14 | |
110 | libcap | |
111 | libseccomp >= 1.0.0 (optional) | |
112 | libblkid >= 2.20 (from util-linux) (optional) | |
113 | libkmod >= 15 (optional) | |
114 | PAM >= 1.1.2 (optional) | |
115 | libcryptsetup (optional) | |
116 | libaudit (optional) | |
117 | libacl (optional) | |
118 | libselinux (optional) | |
119 | liblzma (optional) | |
120 | libgcrypt (optional) | |
121 | libqrencode (optional) | |
122 | libmicrohttpd (optional) | |
123 | libpython (optional) | |
124 | gobject-introspection > 1.40.0 (optional) | |
125 | elfutils >= 158 (optional) | |
126 | make, gcc, and similar tools | |
127 | ||
128 | During runtime, you need the following additional | |
129 | dependencies: | |
130 | ||
131 | util-linux >= v2.19 (requires fsck -l, agetty -s), | |
132 | v2.21 required for tests in test/ | |
133 | dbus >= 1.4.0 (strictly speaking optional, but recommended) | |
134 | sulogin (from util-linux >= 2.22 or sysvinit-tools, optional but recommended, | |
135 | required for tests in test/) | |
136 | dracut (optional) | |
137 | PolicyKit (optional) | |
138 | ||
139 | When building from git, you need the following additional | |
140 | dependencies: | |
141 | ||
142 | docbook-xsl | |
143 | xsltproc | |
144 | automake | |
145 | autoconf | |
146 | libtool | |
147 | intltool | |
148 | gperf | |
149 | gtkdocize (optional) | |
150 | python (optional) | |
151 | python-lxml (optional, but required to build the indices) | |
152 | sphinx (optional) | |
153 | ||
154 | When systemd-hostnamed is used, it is strongly recommended to | |
155 | install nss-myhostname to ensure that, in a world of | |
156 | dynamically changing hostnames, the hostname stays resolvable | |
157 | under all circumstances. In fact, systemd-hostnamed will warn | |
158 | if nss-myhostname is not installed. | |
159 | ||
160 | To build HTML documentation for python-systemd using sphinx, | |
161 | please first install systemd (using 'make install'), and then | |
162 | invoke sphinx-build with 'make sphinx-<target>', with <target> | |
163 | being 'html' or 'latexpdf'. If using DESTDIR for installation, | |
164 | pass the same DESTDIR to 'make sphinx-html' invocation. | |
165 | ||
166 | USERS AND GROUPS: | |
167 | Default udev rules use the following standard system group | |
168 | names, which need to be resolvable by getgrnam() at any time, | |
169 | even in the very early boot stages, where no other databases | |
170 | and network are available: | |
171 | ||
172 | audio, cdrom, dialout, disk, input, kmem, lp, tape, tty, video | |
173 | ||
174 | During runtime, the journal daemon requires the | |
175 | "systemd-journal" system group to exist. New journal files will | |
176 | be readable by this group (but not writable), which may be used | |
177 | to grant specific users read access. | |
178 | ||
179 | It is also recommended to grant read access to all journal | |
180 | files to the system groups "wheel" and "adm" with a command | |
181 | like the following in the post installation script of the | |
182 | package: | |
183 | ||
184 | # setfacl -nm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/ | |
185 | ||
186 | The journal gateway daemon requires the | |
187 | "systemd-journal-gateway" system user and group to | |
188 | exist. During execution this network facing service will drop | |
189 | privileges and assume this uid/gid for security reasons. | |
190 | ||
191 | Similarly, the NTP daemon requires the "systemd-timesync" system | |
192 | user and group to exist. | |
193 | ||
194 | Similarly, the network management daemon requires the | |
195 | "systemd-network" system user and group to exist. | |
196 | ||
197 | Similarly, the name resolution daemon requires the | |
198 | "systemd-resolve" system user and group to exist. | |
199 | ||
200 | Similarly, the kdbus dbus1 proxy daemon requires the | |
201 | "systemd-bus-proxy" system user and group to exist. | |
202 | ||
203 | WARNINGS: | |
204 | systemd will warn you during boot if /etc/mtab is not a | |
205 | symlink to /proc/mounts. Please ensure that /etc/mtab is a | |
206 | proper symlink. | |
207 | ||
208 | systemd will warn you during boot if /usr is on a different | |
209 | file system than /. While in systemd itself very little will | |
210 | break if /usr is on a separate partition, many of its | |
211 | dependencies very likely will break sooner or later in one | |
212 | form or another. For example, udev rules tend to refer to | |
213 | binaries in /usr, binaries that link to libraries in /usr or | |
214 | binaries that refer to data files in /usr. Since these | |
215 | breakages are not always directly visible, systemd will warn | |
216 | about this, since this kind of file system setup is not really | |
217 | supported anymore by the basic set of Linux OS components. | |
218 | ||
219 | systemd requires that the /run mount point exists. systemd also | |
220 | requires that /var/run is a a symlink to /run. | |
221 | ||
222 | For more information on this issue consult | |
223 | http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken | |
224 | ||
225 | To run systemd under valgrind, compile with VALGRIND defined | |
226 | (e.g. ./configure CPPFLAGS='... -DVALGRIND=1'). Otherwise, | |
227 | false positives will be triggered by code which violates | |
228 | some rules but is actually safe. |