1 systemd System and Service Manager
4 http://0pointer.de/blog/projects/systemd.html
7 http://www.freedesktop.org/wiki/Software/systemd
10 git://anongit.freedesktop.org/systemd/systemd
11 ssh://git.freedesktop.org/git/systemd/systemd
14 http://cgit.freedesktop.org/systemd/systemd
17 http://lists.freedesktop.org/mailman/listinfo/systemd-devel
18 http://lists.freedesktop.org/mailman/listinfo/systemd-commits
21 #systemd on irc.freenode.org
24 https://bugs.freedesktop.org/enter_bug.cgi?product=systemd
32 LGPLv2.1+ for all code
33 - except sd-readahead.[ch] which is MIT
34 - except src/shared/MurmurHash2.c which is Public Domain
35 - except src/shared/siphash24.c which is CC0 Public Domain
36 - except src/journal/lookup3.c which is Public Domain
37 - except src/udev/* which is (currently still) GPLv2, GPLv2+
41 Linux kernel >= 3.3 for loop device partition support features with nspawn
42 Linux kernel >= 3.8 for Smack support
44 Kernel Config Options:
46 CONFIG_CGROUPS (it is OK to disable all controllers)
54 CONFIG_FHANDLE (libudev, mount and bind mount handling)
56 Udev will fail to work with the legacy layout:
57 CONFIG_SYSFS_DEPRECATED=n
59 Legacy hotplug slows down the system and confuses udev:
60 CONFIG_UEVENT_HELPER_PATH=""
62 Userspace firmware loading is deprecated, will go away, and
63 sometimes causes problems:
64 CONFIG_FW_LOADER_USER_HELPER=n
66 Some udev rules and virtualization detection relies on it:
69 Support for some SCSI devices serial number retrieval, to
70 create additional symlinks in /dev/disk/ and /dev/tape:
73 Required for PrivateNetwork in service units:
76 Optional but strongly recommended:
79 CONFIG_TMPFS_POSIX_ACL
83 For systemd-bootchart, several proc debug interfaces are required:
91 Note that kernel auditing is broken when used with systemd's
92 container code. When using systemd in conjunction with
93 containers, please make sure to either turn off auditing at
94 runtime using the kernel command line option "audit=0", or
95 turn it off at kernel compile time using:
97 If systemd is compiled with libseccomp support on
98 architectures which do not use socketcall() and where seccomp
99 is supported (this effectively means x86-64 and ARM, but
100 excludes 32-bit x86!), then nspawn will now install a
101 work-around seccomp filter that makes containers boot even
102 with audit being enabled. This works correctly only on kernels
103 3.14 and newer though. TL;DR: turn audit off, still.
107 libseccomp >= 1.0.0 (optional)
108 libblkid >= 2.20 (from util-linux) (optional)
109 libkmod >= 15 (optional)
110 PAM >= 1.1.2 (optional)
111 libcryptsetup (optional)
115 libselinux (optional)
118 libqrencode (optional)
119 libmicrohttpd (optional)
121 make, gcc, and similar tools
123 During runtime, you need the following additional
126 util-linux >= v2.19 (requires fsck -l, agetty -s),
127 v2.21 required for tests in test/
128 dbus >= 1.4.0 (strictly speaking optional, but recommended)
129 sulogin (from util-linux >= 2.22 or sysvinit-tools, optional but recommended,
130 required for tests in test/)
134 When building from git, you need the following additional
146 python-lxml (optional, but required to build the indices)
149 When systemd-hostnamed is used, it is strongly recommended to
150 install nss-myhostname to ensure that, in a world of
151 dynamically changing hostnames, the hostname stays resolvable
152 under all circumstances. In fact, systemd-hostnamed will warn
153 if nss-myhostname is not installed.
155 To build HTML documentation for python-systemd using sphinx,
156 please first install systemd (using 'make install'), and then
157 invoke sphinx-build with 'make sphinx-<target>', with <target>
158 being 'html' or 'latexpdf'. If using DESTDIR for installation,
159 pass the same DESTDIR to 'make sphinx-html' invocation.
162 Default udev rules use the following standard system group
163 names, which need to be resolvable by getgrnam() at any time,
164 even in the very early boot stages, where no other databases
165 and network are available:
167 tty, dialout, kmem, video, audio, lp, floppy, cdrom, tape, disk
169 During runtime, the journal daemon requires the
170 "systemd-journal" system group to exist. New journal files will
171 be readable by this group (but not writable), which may be used
172 to grant specific users read access.
174 It is also recommended to grant read access to all journal
175 files to the system groups "wheel" and "adm" with a command
176 like the following in the post installation script of the
179 # setfacl -nm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/
181 The journal gateway daemon requires the
182 "systemd-journal-gateway" system user and group to
183 exist. During execution this network facing service will drop
184 privileges and assume this uid/gid for security reasons.
186 The NTP daemon requires the "systemd-timesync" system user and
187 group to exist. During execution this network facing service
188 will drop privileges (with the exception of CAP_SYS_TIME) and
189 assume this uid/gid for security reasons.
192 systemd will warn you during boot if /etc/mtab is not a
193 symlink to /proc/mounts. Please ensure that /etc/mtab is a
196 systemd will warn you during boot if /usr is on a different
197 file system than /. While in systemd itself very little will
198 break if /usr is on a separate partition, many of its
199 dependencies very likely will break sooner or later in one
200 form or another. For example, udev rules tend to refer to
201 binaries in /usr, binaries that link to libraries in /usr or
202 binaries that refer to data files in /usr. Since these
203 breakages are not always directly visible, systemd will warn
204 about this, since this kind of file system setup is not really
205 supported anymore by the basic set of Linux OS components.
207 systemd requires that the /run mount point exists. systemd also
208 requires that /var/run is a a symlink to /run.
210 For more information on this issue consult
211 http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken
213 To run systemd under valgrind, compile with VALGRIND defined
214 (e.g. ./configure CPPFLAGS='... -DVALGRIND=1'). Otherwise,
215 false positives will be triggered by code which violates
216 some rules but is actually safe.