1 <?xml-stylesheet type=
"text/xsl" href=
"http://docbook.sourceforge.net/release/xsl/current/xhtml/docbook.xsl"?>
2 <!DOCTYPE refentry PUBLIC
"-//OASIS//DTD DocBook XML V4.2//EN"
3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
6 This file is part of systemd.
8 Copyright 2010 Lennart Poettering
10 systemd is free software; you can redistribute it and/or modify it
11 under the terms of the GNU Lesser General Public License as published by
12 the Free Software Foundation; either version 2.1 of the License, or
13 (at your option) any later version.
15 systemd is distributed in the hope that it will be useful, but
16 WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
20 You should have received a copy of the GNU Lesser General Public License
21 along with systemd; If not, see <http://www.gnu.org/licenses/>.
24 <refentry id=
"systemd.exec">
26 <title>systemd.exec
</title>
27 <productname>systemd
</productname>
31 <contrib>Developer
</contrib>
32 <firstname>Lennart
</firstname>
33 <surname>Poettering
</surname>
34 <email>lennart@poettering.net
</email>
40 <refentrytitle>systemd.exec
</refentrytitle>
41 <manvolnum>5</manvolnum>
45 <refname>systemd.exec
</refname>
46 <refpurpose>Execution environment configuration
</refpurpose>
50 <para><filename><replaceable>service
</replaceable>.service
</filename>,
51 <filename><replaceable>socket
</replaceable>.socket
</filename>,
52 <filename><replaceable>mount
</replaceable>.mount
</filename>,
53 <filename><replaceable>swap
</replaceable>.swap
</filename></para>
57 <title>Description
</title>
59 <para>Unit configuration files for services, sockets,
60 mount points, and swap devices share a subset of
61 configuration options which define the execution
62 environment of spawned processes.
</para>
64 <para>This man page lists the configuration options
65 shared by these four unit types. See
66 <citerefentry><refentrytitle>systemd.unit
</refentrytitle><manvolnum>5</manvolnum></citerefentry>
67 for the common options of all unit configuration
69 <citerefentry><refentrytitle>systemd.service
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
70 <citerefentry><refentrytitle>systemd.socket
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
71 <citerefentry><refentrytitle>systemd.swap
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
73 <citerefentry><refentrytitle>systemd.mount
</refentrytitle><manvolnum>5</manvolnum></citerefentry>
74 for more information on the specific unit
75 configuration files. The execution specific
76 configuration options are configured in the [Service],
77 [Socket], [Mount], or [Swap] sections, depending on the unit
82 <title>Options
</title>
84 <variablelist class='unit-directives'
>
87 <term><varname>WorkingDirectory=
</varname></term>
89 <listitem><para>Takes an absolute
90 directory path. Sets the working
91 directory for executed processes. If
92 not set, defaults to the root directory
93 when systemd is running as a system
94 instance and the respective user's
95 home directory if run as
96 user.
</para></listitem>
100 <term><varname>RootDirectory=
</varname></term>
102 <listitem><para>Takes an absolute
103 directory path. Sets the root
104 directory for executed processes, with
106 <citerefentry project='man-pages'
><refentrytitle>chroot
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
107 system call. If this is used, it must
108 be ensured that the process and all
109 its auxiliary files are available in
110 the
<function>chroot()
</function>
111 jail.
</para></listitem>
115 <term><varname>User=
</varname></term>
116 <term><varname>Group=
</varname></term>
118 <listitem><para>Sets the Unix user
119 or group that the processes are executed
120 as, respectively. Takes a single user or group
121 name or ID as argument. If no group is
122 set, the default group of the user is
123 chosen.
</para></listitem>
127 <term><varname>SupplementaryGroups=
</varname></term>
129 <listitem><para>Sets the supplementary
130 Unix groups the processes are executed
131 as. This takes a space-separated list
132 of group names or IDs. This option may
133 be specified more than once in which
134 case all listed groups are set as
135 supplementary groups. When the empty
136 string is assigned the list of
137 supplementary groups is reset, and all
138 assignments prior to this one will
139 have no effect. In any way, this
140 option does not override, but extends
141 the list of supplementary groups
142 configured in the system group
144 user.
</para></listitem>
148 <term><varname>Nice=
</varname></term>
150 <listitem><para>Sets the default nice
151 level (scheduling priority) for
152 executed processes. Takes an integer
153 between -
20 (highest priority) and
19
154 (lowest priority). See
155 <citerefentry><refentrytitle>setpriority
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
156 for details.
</para></listitem>
160 <term><varname>OOMScoreAdjust=
</varname></term>
162 <listitem><para>Sets the adjustment
163 level for the Out-Of-Memory killer for
164 executed processes. Takes an integer
165 between -
1000 (to disable OOM killing
166 for this process) and
1000 (to make
167 killing of this process under memory
168 pressure very likely). See
<ulink
169 url=
"https://www.kernel.org/doc/Documentation/filesystems/proc.txt">proc.txt
</ulink>
170 for details.
</para></listitem>
174 <term><varname>IOSchedulingClass=
</varname></term>
176 <listitem><para>Sets the IO scheduling
177 class for executed processes. Takes an
178 integer between
0 and
3 or one of the
179 strings
<option>none
</option>,
180 <option>realtime
</option>,
181 <option>best-effort
</option> or
182 <option>idle
</option>. See
183 <citerefentry><refentrytitle>ioprio_set
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
184 for details.
</para></listitem>
188 <term><varname>IOSchedulingPriority=
</varname></term>
190 <listitem><para>Sets the IO scheduling
191 priority for executed processes. Takes
192 an integer between
0 (highest
193 priority) and
7 (lowest priority). The
194 available priorities depend on the
195 selected IO scheduling class (see
197 <citerefentry><refentrytitle>ioprio_set
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
198 for details.
</para></listitem>
202 <term><varname>CPUSchedulingPolicy=
</varname></term>
204 <listitem><para>Sets the CPU
205 scheduling policy for executed
206 processes. Takes one of
207 <option>other
</option>,
208 <option>batch
</option>,
209 <option>idle
</option>,
210 <option>fifo
</option> or
211 <option>rr
</option>. See
212 <citerefentry><refentrytitle>sched_setscheduler
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
213 for details.
</para></listitem>
217 <term><varname>CPUSchedulingPriority=
</varname></term>
219 <listitem><para>Sets the CPU
220 scheduling priority for executed
221 processes. The available priority
222 range depends on the selected CPU
223 scheduling policy (see above). For
224 real-time scheduling policies an
225 integer between
1 (lowest priority)
226 and
99 (highest priority) can be used.
227 See
<citerefentry><refentrytitle>sched_setscheduler
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
233 <term><varname>CPUSchedulingResetOnFork=
</varname></term>
235 <listitem><para>Takes a boolean
236 argument. If true, elevated CPU
237 scheduling priorities and policies
238 will be reset when the executed
239 processes fork, and can hence not leak
240 into child processes. See
241 <citerefentry><refentrytitle>sched_setscheduler
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
242 for details. Defaults to false.
</para></listitem>
246 <term><varname>CPUAffinity=
</varname></term>
248 <listitem><para>Controls the CPU
249 affinity of the executed
250 processes. Takes a space-separated
251 list of CPU indices. This option may
252 be specified more than once in which
253 case the specificed CPU affinity masks
254 are merged. If the empty string is
255 assigned, the mask is reset, all
256 assignments prior to this will have no
258 <citerefentry><refentrytitle>sched_setaffinity
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
259 for details.
</para></listitem>
263 <term><varname>UMask=
</varname></term>
265 <listitem><para>Controls the file mode
266 creation mask. Takes an access mode in
268 <citerefentry><refentrytitle>umask
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
269 for details. Defaults to
270 0022.
</para></listitem>
274 <term><varname>Environment=
</varname></term>
276 <listitem><para>Sets environment
277 variables for executed
278 processes. Takes a space-separated
279 list of variable assignments. This
280 option may be specified more than once
281 in which case all listed variables
282 will be set. If the same variable is
283 set twice, the later setting will
284 override the earlier setting. If the
285 empty string is assigned to this
286 option, the list of environment
287 variables is reset, all prior
288 assignments have no effect.
289 Variable expansion is not performed
290 inside the strings, however, specifier
291 expansion is possible. The $ character has
293 If you need to assign a value containing spaces
294 to a variable, use double quotes (
")
295 for the assignment.</para>
298 <programlisting>Environment="VAR1=word1 word2
" VAR2=word3 "VAR3=$word
5 6"</programlisting>
299 gives three variables <literal>VAR1</literal>,
300 <literal>VAR2</literal>, <literal>VAR3</literal>
301 with the values <literal>word1 word2</literal>,
302 <literal>word3</literal>, <literal>$word 5 6</literal>.
307 <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
308 for details about environment variables.</para></listitem>
311 <term><varname>EnvironmentFile=</varname></term>
312 <listitem><para>Similar to
313 <varname>Environment=</varname> but
314 reads the environment variables from a
315 text file. The text file should
316 contain new-line-separated variable
317 assignments. Empty lines and lines
318 starting with ; or # will be ignored,
319 which may be used for commenting. A line
320 ending with a backslash will be concatenated
321 with the following one, allowing multiline variable
322 definitions. The parser strips leading
323 and trailing whitespace from the values
324 of assignments, unless you use
325 double quotes (").
</para>
327 <para>The argument passed should be an
328 absolute filename or wildcard
329 expression, optionally prefixed with
330 <literal>-
</literal>, which indicates
331 that if the file does not exist, it
332 will not be read and no error or warning
333 message is logged. This option may be
334 specified more than once in which case
335 all specified files are read. If the
336 empty string is assigned to this
337 option, the list of file to read is
338 reset, all prior assignments have no
341 <para>The files listed with this
342 directive will be read shortly before
343 the process is executed (more
344 specifically, after all
345 processes from a previous unit state
346 terminated. This means you can
347 generate these files in one unit
348 state, and read it with this option in
349 the next). Settings from these files
350 override settings made with
351 <varname>Environment=
</varname>. If
352 the same variable is set twice from
353 these files, the files will be read in
354 the order they are specified and the
355 later setting will override the
356 earlier setting.
</para></listitem>
360 <term><varname>StandardInput=
</varname></term>
361 <listitem><para>Controls where file
362 descriptor
0 (STDIN) of the executed
363 processes is connected to. Takes one
364 of
<option>null
</option>,
365 <option>tty
</option>,
366 <option>tty-force
</option>,
367 <option>tty-fail
</option> or
368 <option>socket
</option>.
</para>
370 <para>If
<option>null
</option> is
371 selected, standard input will be
373 <filename>/dev/null
</filename>,
374 i.e. all read attempts by the process
375 will result in immediate EOF.
</para>
377 <para>If
<option>tty
</option> is
378 selected, standard input is connected
379 to a TTY (as configured by
380 <varname>TTYPath=
</varname>, see
381 below) and the executed process
382 becomes the controlling process of the
383 terminal. If the terminal is already
384 being controlled by another process,
385 the executed process waits until the
386 current controlling process releases
389 <para><option>tty-force
</option> is similar
390 to
<option>tty
</option>, but the
391 executed process is forcefully and
392 immediately made the controlling
393 process of the terminal, potentially
394 removing previous controlling
398 <para><option>tty-fail
</option> is
399 similar to
<option>tty
</option> but if
400 the terminal already has a controlling
401 process start-up of the executed
402 process fails.
</para>
404 <para>The
<option>socket
</option>
405 option is only valid in
406 socket-activated services, and only
407 when the socket configuration file
409 <citerefentry><refentrytitle>systemd.socket
</refentrytitle><manvolnum>5</manvolnum></citerefentry>
410 for details) specifies a single socket
411 only. If this option is set, standard
412 input will be connected to the socket
413 the service was activated from, which
414 is primarily useful for compatibility
415 with daemons designed for use with the
417 <citerefentry><refentrytitle>inetd
</refentrytitle><manvolnum>8</manvolnum></citerefentry>
420 <para>This setting defaults to
421 <option>null
</option>.
</para></listitem>
424 <term><varname>StandardOutput=
</varname></term>
425 <listitem><para>Controls where file
426 descriptor
1 (STDOUT) of the executed
427 processes is connected to. Takes one
428 of
<option>inherit
</option>,
429 <option>null
</option>,
430 <option>tty
</option>,
431 <option>journal
</option>,
432 <option>syslog
</option>,
433 <option>kmsg
</option>,
434 <option>journal+console
</option>,
435 <option>syslog+console
</option>,
436 <option>kmsg+console
</option> or
437 <option>socket
</option>.
</para>
439 <para><option>inherit
</option>
440 duplicates the file descriptor of
441 standard input for standard
444 <para><option>null
</option> connects
446 <filename>/dev/null
</filename>,
447 i.e. everything written to it will be
450 <para><option>tty
</option> connects
451 standard output to a tty (as
453 <varname>TTYPath=
</varname>, see
454 below). If the TTY is used for output
455 only, the executed process will not
456 become the controlling process of the
457 terminal, and will not fail or wait
458 for other processes to release the
461 <para><option>journal
</option>
462 connects standard output with the
463 journal which is accessible via
464 <citerefentry><refentrytitle>journalctl
</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
465 Note that everything that is written
466 to syslog or kmsg (see below) is
467 implicitly stored in the journal as
468 well, the specific two options listed
469 below are hence supersets of this
472 <para><option>syslog
</option> connects
473 standard output to the
<citerefentry
474 project='man-pages'
><refentrytitle>syslog
</refentrytitle><manvolnum>3</manvolnum></citerefentry>
475 system syslog service, in addition to
476 the journal. Note that the journal
477 daemon is usually configured to
478 forward everything it receives to
479 syslog anyway, in which case this
480 option is no different from
481 <option>journal
</option>.
</para>
483 <para><option>kmsg
</option> connects
484 standard output with the kernel log
485 buffer which is accessible via
487 project='man-pages'
><refentrytitle>dmesg
</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
488 in addition to the journal. The
489 journal daemon might be configured to
490 send all logs to kmsg anyway, in which
491 case this option is no different from
492 <option>journal
</option>.
</para>
494 <para><option>journal+console
</option>,
495 <option>syslog+console
</option> and
496 <option>kmsg+console
</option> work in
497 a similar way as the three options
498 above but copy the output to the
499 system console as well.
</para>
501 <para><option>socket
</option> connects
502 standard output to a socket acquired
503 via socket activation. The semantics
504 are similar to the same option of
505 <varname>StandardInput=
</varname>.
</para>
507 <para>This setting defaults to the
509 <option>DefaultStandardOutput=
</option>
511 <citerefentry><refentrytitle>systemd-system.conf
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
513 <option>journal
</option>.
</para></listitem>
516 <term><varname>StandardError=
</varname></term>
517 <listitem><para>Controls where file
518 descriptor
2 (STDERR) of the
519 executed processes is connected to.
520 The available options are identical to
522 <varname>StandardOutput=
</varname>,
523 with one exception: if set to
524 <option>inherit
</option> the file
525 descriptor used for standard output is
526 duplicated for standard error. This
527 setting defaults to the value set with
528 <option>DefaultStandardError=
</option>
530 <citerefentry><refentrytitle>systemd-system.conf
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
532 <option>inherit
</option>.
</para></listitem>
535 <term><varname>TTYPath=
</varname></term>
536 <listitem><para>Sets the terminal
537 device node to use if standard input, output,
538 or error are connected to a
539 TTY (see above). Defaults to
540 <filename>/dev/console
</filename>.
</para></listitem>
543 <term><varname>TTYReset=
</varname></term>
544 <listitem><para>Reset the terminal
545 device specified with
546 <varname>TTYPath=
</varname> before and
547 after execution. Defaults to
548 <literal>no
</literal>.
</para></listitem>
551 <term><varname>TTYVHangup=
</varname></term>
552 <listitem><para>Disconnect all clients
553 which have opened the terminal device
555 <varname>TTYPath=
</varname>
556 before and after execution. Defaults
558 <literal>no
</literal>.
</para></listitem>
561 <term><varname>TTYVTDisallocate=
</varname></term>
562 <listitem><para>If the terminal
563 device specified with
564 <varname>TTYPath=
</varname> is a
565 virtual console terminal, try to
566 deallocate the TTY before and after
567 execution. This ensures that the
568 screen and scrollback buffer is
570 <literal>no
</literal>.
</para></listitem>
573 <term><varname>SyslogIdentifier=
</varname></term>
574 <listitem><para>Sets the process name
575 to prefix log lines sent to syslog or
576 the kernel log buffer with. If not set,
577 defaults to the process name of the
578 executed process. This option is only
580 <varname>StandardOutput=
</varname> or
581 <varname>StandardError=
</varname> are
582 set to
<option>syslog
</option> or
583 <option>kmsg
</option>.
</para></listitem>
586 <term><varname>SyslogFacility=
</varname></term>
587 <listitem><para>Sets the syslog
588 facility to use when logging to
589 syslog. One of
<option>kern
</option>,
590 <option>user
</option>,
591 <option>mail
</option>,
592 <option>daemon
</option>,
593 <option>auth
</option>,
594 <option>syslog
</option>,
595 <option>lpr
</option>,
596 <option>news
</option>,
597 <option>uucp
</option>,
598 <option>cron
</option>,
599 <option>authpriv
</option>,
600 <option>ftp
</option>,
601 <option>local0
</option>,
602 <option>local1
</option>,
603 <option>local2
</option>,
604 <option>local3
</option>,
605 <option>local4
</option>,
606 <option>local5
</option>,
607 <option>local6
</option> or
608 <option>local7
</option>. See
609 <citerefentry project='man-pages'
><refentrytitle>syslog
</refentrytitle><manvolnum>3</manvolnum></citerefentry>
610 for details. This option is only
612 <varname>StandardOutput=
</varname> or
613 <varname>StandardError=
</varname> are
614 set to
<option>syslog
</option>.
616 <option>daemon
</option>.
</para></listitem>
619 <term><varname>SyslogLevel=
</varname></term>
620 <listitem><para>Default syslog level
621 to use when logging to syslog or the
622 kernel log buffer. One of
623 <option>emerg
</option>,
624 <option>alert
</option>,
625 <option>crit
</option>,
626 <option>err
</option>,
627 <option>warning
</option>,
628 <option>notice
</option>,
629 <option>info
</option>,
630 <option>debug
</option>. See
631 <citerefentry project='man-pages'
><refentrytitle>syslog
</refentrytitle><manvolnum>3</manvolnum></citerefentry>
632 for details. This option is only
634 <varname>StandardOutput=
</varname> or
635 <varname>StandardError=
</varname> are
636 set to
<option>syslog
</option> or
637 <option>kmsg
</option>. Note that
638 individual lines output by the daemon
639 might be prefixed with a different log
640 level which can be used to override
641 the default log level specified
642 here. The interpretation of these
643 prefixes may be disabled with
644 <varname>SyslogLevelPrefix=
</varname>,
645 see below. For details see
646 <citerefentry><refentrytitle>sd-daemon
</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
649 <option>info
</option>.
</para></listitem>
653 <term><varname>SyslogLevelPrefix=
</varname></term>
654 <listitem><para>Takes a boolean
655 argument. If true and
656 <varname>StandardOutput=
</varname> or
657 <varname>StandardError=
</varname> are
658 set to
<option>syslog
</option>,
659 <option>kmsg
</option> or
660 <option>journal
</option>, log lines
661 written by the executed process that
662 are prefixed with a log level will be
663 passed on to syslog with this log
664 level set but the prefix removed. If
665 set to false, the interpretation of
666 these prefixes is disabled and the
667 logged lines are passed on as-is. For
668 details about this prefixing see
669 <citerefentry><refentrytitle>sd-daemon
</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
670 Defaults to true.
</para></listitem>
674 <term><varname>TimerSlackNSec=
</varname></term>
675 <listitem><para>Sets the timer slack
676 in nanoseconds for the executed
677 processes. The timer slack controls
678 the accuracy of wake-ups triggered by
680 <citerefentry><refentrytitle>prctl
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
681 for more information. Note that in
682 contrast to most other time span
683 definitions this parameter takes an
684 integer value in nano-seconds if no
685 unit is specified. The usual time
687 too.
</para></listitem>
691 <term><varname>LimitCPU=
</varname></term>
692 <term><varname>LimitFSIZE=
</varname></term>
693 <term><varname>LimitDATA=
</varname></term>
694 <term><varname>LimitSTACK=
</varname></term>
695 <term><varname>LimitCORE=
</varname></term>
696 <term><varname>LimitRSS=
</varname></term>
697 <term><varname>LimitNOFILE=
</varname></term>
698 <term><varname>LimitAS=
</varname></term>
699 <term><varname>LimitNPROC=
</varname></term>
700 <term><varname>LimitMEMLOCK=
</varname></term>
701 <term><varname>LimitLOCKS=
</varname></term>
702 <term><varname>LimitSIGPENDING=
</varname></term>
703 <term><varname>LimitMSGQUEUE=
</varname></term>
704 <term><varname>LimitNICE=
</varname></term>
705 <term><varname>LimitRTPRIO=
</varname></term>
706 <term><varname>LimitRTTIME=
</varname></term>
707 <listitem><para>These settings control
708 various resource limits for executed
710 <citerefentry><refentrytitle>setrlimit
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
711 for details. Use the string
712 <varname>infinity
</varname> to
713 configure no limit on a specific
714 resource.
</para></listitem>
718 <term><varname>PAMName=
</varname></term>
719 <listitem><para>Sets the PAM service
720 name to set up a session as. If set,
721 the executed process will be
722 registered as a PAM session under the
723 specified service name. This is only
724 useful in conjunction with the
725 <varname>User=
</varname> setting. If
726 not set, no PAM session will be opened
727 for the executed processes. See
728 <citerefentry project='man-pages'
><refentrytitle>pam
</refentrytitle><manvolnum>8</manvolnum></citerefentry>
729 for details.
</para></listitem>
733 <term><varname>CapabilityBoundingSet=
</varname></term>
735 <listitem><para>Controls which
736 capabilities to include in the
737 capability bounding set for the
738 executed process. See
739 <citerefentry project='man-pages'
><refentrytitle>capabilities
</refentrytitle><manvolnum>7</manvolnum></citerefentry>
740 for details. Takes a whitespace-separated
741 list of capability names as read by
742 <citerefentry><refentrytitle>cap_from_name
</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
743 e.g.
<constant>CAP_SYS_ADMIN
</constant>,
744 <constant>CAP_DAC_OVERRIDE
</constant>,
745 <constant>CAP_SYS_PTRACE
</constant>.
746 Capabilities listed will be included
747 in the bounding set, all others are
748 removed. If the list of capabilities
749 is prefixed with
<literal>~
</literal>,
750 all but the listed capabilities will
751 be included, the effect of the
752 assignment inverted. Note that this
753 option also affects the respective
754 capabilities in the effective,
755 permitted and inheritable capability
757 <varname>Capabilities=
</varname>
758 does. If this option is not used, the
759 capability bounding set is not
760 modified on process execution, hence
761 no limits on the capabilities of the
762 process are enforced. This option may
763 appear more than once in which case
764 the bounding sets are merged. If the
765 empty string is assigned to this
766 option, the bounding set is reset to
767 the empty capability set, and all
768 prior settings have no effect. If set
769 to
<literal>~
</literal> (without any
770 further argument), the bounding set is
771 reset to the full set of available
772 capabilities, also undoing any
773 previous settings.
</para></listitem>
777 <term><varname>SecureBits=
</varname></term>
778 <listitem><para>Controls the secure
779 bits set for the executed process. See
780 <citerefentry project='man-pages'
><refentrytitle>capabilities
</refentrytitle><manvolnum>7</manvolnum></citerefentry>
781 for details. Takes a list of strings:
782 <option>keep-caps
</option>,
783 <option>keep-caps-locked
</option>,
784 <option>no-setuid-fixup
</option>,
785 <option>no-setuid-fixup-locked
</option>,
786 <option>noroot
</option> and/or
787 <option>noroot-locked
</option>. This
788 option may appear more than once in
789 which case the secure bits are
790 ORed. If the empty string is assigned
791 to this option, the bits are reset to
796 <term><varname>Capabilities=
</varname></term>
797 <listitem><para>Controls the
798 <citerefentry project='man-pages'
><refentrytitle>capabilities
</refentrytitle><manvolnum>7</manvolnum></citerefentry>
799 set for the executed process. Take a
800 capability string describing the
801 effective, permitted and inherited
802 capability sets as documented in
803 <citerefentry><refentrytitle>cap_from_text
</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
804 Note that these capability sets are
805 usually influenced (and filtered) by the capabilities
806 attached to the executed file. Due to
808 <varname>CapabilityBoundingSet=
</varname>
809 is probably the much more useful
810 setting.
</para></listitem>
814 <term><varname>ReadWriteDirectories=
</varname></term>
815 <term><varname>ReadOnlyDirectories=
</varname></term>
816 <term><varname>InaccessibleDirectories=
</varname></term>
818 <listitem><para>Sets up a new file
819 system namespace for executed
820 processes. These options may be used
821 to limit access a process might have
822 to the main file system
823 hierarchy. Each setting takes a
824 space-separated list of absolute
825 directory paths. Directories listed in
826 <varname>ReadWriteDirectories=
</varname>
827 are accessible from within the
828 namespace with the same access rights
829 as from outside. Directories listed in
830 <varname>ReadOnlyDirectories=
</varname>
831 are accessible for reading only,
832 writing will be refused even if the
833 usual file access controls would
834 permit this. Directories listed in
835 <varname>InaccessibleDirectories=
</varname>
836 will be made inaccessible for
837 processes inside the namespace. Note
838 that restricting access with these
839 options does not extend to submounts
840 of a directory that are created later
841 on. These options may be specified
842 more than once in which case all
843 directories listed will have limited
844 access from within the namespace. If
845 the empty string is assigned to this
846 option, the specific list is reset,
847 and all prior assignments have no
850 <varname>ReadOnlyDirectories=
</varname>
852 <varname>InaccessibleDirectories=
</varname>
854 <literal>-
</literal>, in which case
855 they will be ignored when they do not
856 exist. Note that using this
857 setting will disconnect propagation of
858 mounts from the service to the host
859 (propagation in the opposite direction
860 continues to work). This means that
861 this setting may not be used for
862 services which shall be able to
863 install mount points in the main mount
864 namespace.
</para></listitem>
868 <term><varname>PrivateTmp=
</varname></term>
870 <listitem><para>Takes a boolean
871 argument. If true, sets up a new file
872 system namespace for the executed
873 processes and mounts private
874 <filename>/tmp
</filename> and
875 <filename>/var/tmp
</filename>
876 directories inside it that is not
877 shared by processes outside of the
878 namespace. This is useful to secure
879 access to temporary files of the
880 process, but makes sharing between
882 <filename>/tmp
</filename> or
883 <filename>/var/tmp
</filename>
884 impossible. If this is enabled, all
885 temporary files created by a service
886 in these directories will be removed
887 after the service is stopped. Defaults
888 to false. It is possible to run two or
889 more units within the same private
890 <filename>/tmp
</filename> and
891 <filename>/var/tmp
</filename>
892 namespace by using the
893 <varname>JoinsNamespaceOf=
</varname>
895 <citerefentry><refentrytitle>systemd.unit
</refentrytitle><manvolnum>5</manvolnum></citerefentry>
896 for details. Note that using this
897 setting will disconnect propagation of
898 mounts from the service to the host
899 (propagation in the opposite direction
900 continues to work). This means that
901 this setting may not be used for
902 services which shall be able to install
903 mount points in the main mount
904 namespace.
</para></listitem>
908 <term><varname>PrivateDevices=
</varname></term>
910 <listitem><para>Takes a boolean
911 argument. If true, sets up a new /dev
912 namespace for the executed processes
913 and only adds API pseudo devices such
914 as
<filename>/dev/null
</filename>,
915 <filename>/dev/zero
</filename> or
916 <filename>/dev/random
</filename> (as
917 well as the pseudo TTY subsystem) to
918 it, but no physical devices such as
919 <filename>/dev/sda
</filename>. This is
920 useful to securely turn off physical
921 device access by the executed
922 process. Defaults to false. Enabling
923 this option will also remove
924 <constant>CAP_MKNOD
</constant> from
925 the capability bounding set for the
926 unit (see above), and set
927 <varname>DevicePolicy=closed
</varname>
929 <citerefentry><refentrytitle>systemd.resource-control
</refentrytitle><manvolnum>5</manvolnum></citerefentry>
930 for details). Note that using this
931 setting will disconnect propagation of
932 mounts from the service to the host
933 (propagation in the opposite direction
934 continues to work). This means that
935 this setting may not be used for
936 services which shall be able to
937 install mount points in the main mount
938 namespace.
</para></listitem>
942 <term><varname>PrivateNetwork=
</varname></term>
944 <listitem><para>Takes a boolean
945 argument. If true, sets up a new
946 network namespace for the executed
947 processes and configures only the
948 loopback network device
949 <literal>lo
</literal> inside it. No
950 other network devices will be
951 available to the executed process.
952 This is useful to securely turn off
953 network access by the executed
954 process. Defaults to false. It is
955 possible to run two or more units
956 within the same private network
957 namespace by using the
958 <varname>JoinsNamespaceOf=
</varname>
960 <citerefentry><refentrytitle>systemd.unit
</refentrytitle><manvolnum>5</manvolnum></citerefentry>
961 for details. Note that this option
962 will disconnect all socket families
963 from the host, this includes
964 AF_NETLINK and AF_UNIX. The latter has
965 the effect that AF_UNIX sockets in the
966 abstract socket namespace will become
967 unavailable to the processes (however,
968 those located in the file system will
970 accessible).
</para></listitem>
974 <term><varname>ProtectSystem=
</varname></term>
976 <listitem><para>Takes a boolean
978 <literal>full
</literal>. If true,
979 mounts the
<filename>/usr
</filename>
980 directory read-only for processes
981 invoked by this unit. If set to
982 <literal>full
</literal>, the
983 <filename>/etc
</filename> directory is mounted
984 read-only, too. This setting ensures
985 that any modification of the vendor
986 supplied operating system (and
987 optionally its configuration) is
988 prohibited for the service. It is
989 recommended to enable this setting for
990 all long-running services, unless they
991 are involved with system updates or
992 need to modify the operating system in
993 other ways. Note however that
994 processes retaining the CAP_SYS_ADMIN
995 capability can undo the effect of this
996 setting. This setting is hence
997 particularly useful for daemons which
998 have this capability removed, for
1000 <varname>CapabilityBoundingSet=
</varname>. Defaults
1001 to off.
</para></listitem>
1005 <term><varname>ProtectHome=
</varname></term>
1007 <listitem><para>Takes a boolean
1009 <literal>read-only
</literal>. If true,
1011 <filename>/home
</filename> and
1012 <filename>/run/user
</filename> are
1013 made inaccessible and empty for
1014 processes invoked by this unit. If set
1015 to
<literal>read-only
</literal>, the
1016 two directories are made read-only
1017 instead. It is recommended to enable
1018 this setting for all long-running
1019 services (in particular network-facing
1020 ones), to ensure they cannot get access
1021 to private user data, unless the
1022 services actually require access to
1023 the user's private data. Note however
1024 that processes retaining the
1025 CAP_SYS_ADMIN capability can undo the
1026 effect of this setting. This setting
1027 is hence particularly useful for
1028 daemons which have this capability
1029 removed, for example with
1030 <varname>CapabilityBoundingSet=
</varname>. Defaults
1031 to off.
</para></listitem>
1035 <term><varname>MountFlags=
</varname></term>
1037 <listitem><para>Takes a mount
1039 <option>shared
</option>,
1040 <option>slave
</option> or
1041 <option>private
</option>, which
1042 control whether mounts in the file
1043 system namespace set up for this
1044 unit's processes will receive or
1045 propagate mounts or unmounts. See
1046 <citerefentry><refentrytitle>mount
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
1047 for details. Defaults to
1048 <option>shared
</option>. Use
1049 <option>shared
</option> to ensure that
1050 mounts and unmounts are propagated
1051 from the host to the container and
1052 vice versa. Use
<option>slave
</option>
1053 to run processes so that none of their
1054 mounts and unmounts will propagate to
1055 the host. Use
<option>private
</option>
1056 to also ensure that no mounts and
1057 unmounts from the host will propagate
1058 into the unit processes'
1059 namespace. Note that
1060 <option>slave
</option> means that file
1061 systems mounted on the host might stay
1062 mounted continuously in the unit's
1063 namespace, and thus keep the device
1064 busy. Note that the file system
1065 namespace related options
1066 (
<varname>PrivateTmp=
</varname>,
1067 <varname>PrivateDevices=
</varname>,
1068 <varname>ProtectSystem=
</varname>,
1069 <varname>ProtectHome=
</varname>,
1070 <varname>ReadOnlyDirectories=
</varname>,
1071 <varname>InaccessibleDirectories=
</varname>
1073 <varname>ReadWriteDirectories=
</varname>)
1074 require that mount and unmount
1075 propagation from the unit's file
1076 system namespace is disabled, and
1078 <option>shared
</option> to
1079 <option>slave
</option>.
1084 <term><varname>UtmpIdentifier=
</varname></term>
1086 <listitem><para>Takes a four
1087 character identifier string for an
1088 utmp/wtmp entry for this service. This
1089 should only be set for services such
1090 as
<command>getty
</command>
1091 implementations where utmp/wtmp
1092 entries must be created and cleared
1093 before and after execution. If the
1094 configured string is longer than four
1095 characters, it is truncated and the
1096 terminal four characters are
1097 used. This setting interprets %I style
1098 string replacements. This setting is
1099 unset by default, i.e. no utmp/wtmp
1100 entries are created or cleaned up for
1101 this service.
</para></listitem>
1105 <term><varname>SELinuxContext=
</varname></term>
1107 <listitem><para>Set the SELinux
1108 security context of the executed
1109 process. If set, this will override
1110 the automated domain
1111 transition. However, the policy still
1112 needs to autorize the transition. This
1113 directive is ignored if SELinux is
1114 disabled. If prefixed by
1115 <literal>-
</literal>, all errors will
1117 <citerefentry><refentrytitle>setexeccon
</refentrytitle><manvolnum>3</manvolnum></citerefentry>
1118 for details.
</para></listitem>
1122 <term><varname>AppArmorProfile=
</varname></term>
1124 <listitem><para>Takes a profile name as argument.
1125 The process executed by the unit will switch to
1126 this profile when started. Profiles must already
1127 be loaded in the kernel, or the unit will fail.
1128 This result in a non operation if AppArmor is not
1129 enabled. If prefixed by
<literal>-
</literal>, all errors
1135 <term><varname>IgnoreSIGPIPE=
</varname></term>
1137 <listitem><para>Takes a boolean
1138 argument. If true, causes
<constant>SIGPIPE
</constant> to be
1139 ignored in the executed
1140 process. Defaults to true because
1141 <constant>SIGPIPE
</constant> generally is useful only in
1142 shell pipelines.
</para></listitem>
1146 <term><varname>NoNewPrivileges=
</varname></term>
1148 <listitem><para>Takes a boolean
1149 argument. If true, ensures that the
1150 service process and all its children
1151 can never gain new privileges. This
1152 option is more powerful than the respective
1153 secure bits flags (see above), as it
1154 also prohibits UID changes of any
1155 kind. This is the simplest, most
1156 effective way to ensure that a process
1157 and its children can never elevate
1158 privileges again.
</para></listitem>
1162 <term><varname>SystemCallFilter=
</varname></term>
1164 <listitem><para>Takes a
1165 space-separated list of system call
1166 names. If this setting is used, all
1167 system calls executed by the unit
1168 processes except for the listed ones
1169 will result in immediate process
1170 termination with the
1171 <constant>SIGSYS
</constant> signal
1172 (whitelisting). If the first character
1173 of the list is
<literal>~
</literal>,
1174 the effect is inverted: only the
1175 listed system calls will result in
1176 immediate process termination
1177 (blacklisting). If running in user
1178 mode and this option is used,
1179 <varname>NoNewPrivileges=yes
</varname>
1180 is implied. This feature makes use of the
1181 Secure Computing Mode
2 interfaces of
1182 the kernel ('seccomp filtering') and
1183 is useful for enforcing a minimal
1184 sandboxing environment. Note that the
1185 <function>execve
</function>,
1186 <function>rt_sigreturn
</function>,
1187 <function>sigreturn
</function>,
1188 <function>exit_group
</function>,
1189 <function>exit
</function> system calls
1190 are implicitly whitelisted and do not
1191 need to be listed explicitly. This
1192 option may be specified more than once
1193 in which case the filter masks are
1194 merged. If the empty string is
1195 assigned, the filter is reset, all
1196 prior assignments will have no
1199 <para>If you specify both types of
1200 this option (i.e. whitelisting and
1201 blacklisting), the first encountered
1202 will take precedence and will dictate
1203 the default action (termination or
1204 approval of a system call). Then the
1205 next occurrences of this option will
1206 add or delete the listed system calls
1207 from the set of the filtered system
1208 calls, depending of its type and the
1209 default action. (For example, if you have started
1210 with a whitelisting of
1211 <function>read
</function> and
1212 <function>write
</function>, and right
1213 after it add a blacklisting of
1214 <function>write
</function>, then
1215 <function>write
</function> will be
1216 removed from the set.)
1221 <term><varname>SystemCallErrorNumber=
</varname></term>
1223 <listitem><para>Takes an
1224 <literal>errno
</literal> error number
1225 name to return when the system call
1226 filter configured with
1227 <varname>SystemCallFilter=
</varname>
1228 is triggered, instead of terminating
1229 the process immediately. Takes an
1231 <constant>EPERM
</constant>,
1232 <constant>EACCES
</constant> or
1233 <constant>EUCLEAN
</constant>. When this
1234 setting is not used, or when the empty
1235 string is assigned, the process will be
1236 terminated immediately when the filter
1237 is triggered.
</para></listitem>
1241 <term><varname>SystemCallArchitectures=
</varname></term>
1243 <listitem><para>Takes a space
1244 separated list of architecture
1245 identifiers to include in the system
1246 call filter. The known architecture
1248 <constant>x86
</constant>,
1249 <constant>x86-
64</constant>,
1250 <constant>x32
</constant>,
1251 <constant>arm
</constant> as well as
1252 the special identifier
1253 <constant>native
</constant>. Only
1254 system calls of the specified
1255 architectures will be permitted to
1256 processes of this unit. This is an
1257 effective way to disable compatibility
1258 with non-native architectures for
1259 processes, for example to prohibit
1260 execution of
32-bit x86 binaries on
1261 64-bit x86-
64 systems. The special
1262 <constant>native
</constant> identifier
1263 implicitly maps to the native
1264 architecture of the system (or more
1265 strictly: to the architecture the
1266 system manager is compiled for). If
1267 running in user mode and this option
1269 <varname>NoNewPrivileges=yes
</varname>
1270 is implied. Note that setting this
1271 option to a non-empty list implies
1272 that
<constant>native
</constant> is
1273 included too. By default, this option
1274 is set to the empty list, i.e. no
1275 architecture system call filtering is
1276 applied.
</para></listitem>
1280 <term><varname>RestrictAddressFamilies=
</varname></term>
1282 <listitem><para>Restricts the set of
1283 socket address families accessible to
1284 the processes of this unit. Takes a
1285 space-separated list of address family
1286 names to whitelist, such as
1287 <constant>AF_UNIX
</constant>,
1288 <constant>AF_INET
</constant> or
1289 <constant>AF_INET6
</constant>. When
1290 prefixed with
<constant>~
</constant>
1291 the listed address families will be
1292 applied as blacklist, otherwise as
1293 whitelist. Note that this restricts
1295 <citerefentry><refentrytitle>socket
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
1296 system call only. Sockets passed into
1297 the process by other means (for
1298 example, by using socket activation
1299 with socket units, see
1300 <citerefentry><refentrytitle>systemd.socket
</refentrytitle><manvolnum>5</manvolnum></citerefentry>)
1301 are unaffected. Also, sockets created
1302 with
<function>socketpair()
</function>
1303 (which creates connected AF_UNIX
1304 sockets only) are unaffected. Note
1305 that this option has no effect on
1306 32-bit x86 and is ignored (but works
1307 correctly on x86-
64). If running in user
1308 mode and this option is used,
1309 <varname>NoNewPrivileges=yes
</varname>
1310 is implied. By default, no
1311 restriction applies, all address
1312 families are accessible to
1313 processes. If assigned the empty
1314 string, any previous list changes are
1317 <para>Use this option to limit
1318 exposure of processes to remote
1319 systems, in particular via exotic
1320 network protocols. Note that in most
1322 <constant>AF_UNIX
</constant> address
1323 family should be included in the
1324 configured whitelist as it is
1325 frequently used for local
1326 communication, including for
1327 <citerefentry><refentrytitle>syslog
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
1328 logging.
</para></listitem>
1332 <term><varname>Personality=
</varname></term>
1334 <listitem><para>Controls which
1336 <citerefentry><refentrytitle>uname
</refentrytitle><manvolnum>2</manvolnum></citerefentry>
1337 shall report, when invoked by unit
1338 processes. Takes one of
1339 <constant>x86
</constant> and
1340 <constant>x86-
64</constant>. This is
1341 useful when running
32-bit services on
1342 a
64-bit host system. If not specified,
1343 the personality is left unmodified and
1344 thus reflects the personality of the
1346 kernel.
</para></listitem>
1350 <term><varname>RuntimeDirectory=
</varname></term>
1351 <term><varname>RuntimeDirectoryMode=
</varname></term>
1353 <listitem><para>Takes a list of
1354 directory names. If set, one or more
1355 directories by the specified names
1356 will be created below
1357 <filename>/run
</filename> (for system
1359 <varname>$XDG_RUNTIME_DIR
</varname>
1360 (for user services) when the unit is
1361 started, and removed when the unit is
1362 stopped. The directories will have the
1363 access mode specified in
1364 <varname>RuntimeDirectoryMode=
</varname>,
1365 and will be owned by the user and
1367 <varname>User=
</varname> and
1368 <varname>Group=
</varname>. Use this to
1369 manage one or more runtime directories
1370 of the unit and bind their lifetime to
1371 the daemon runtime. The specified
1372 directory names must be relative, and
1374 <literal>/
</literal>, i.e. must refer
1375 to simple directories to create or
1376 remove. This is particularly useful
1377 for unprivileged daemons that cannot
1378 create runtime directories in
1379 <filename>/run
</filename> due to lack
1380 of privileges, and to make sure the
1381 runtime directory is cleaned up
1382 automatically after use. For runtime
1383 directories that require more complex
1384 or different configuration or lifetime
1385 guarantees, please consider using
1386 <citerefentry><refentrytitle>tmpfiles.d
</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
</para></listitem>
1393 <title>Environment variables in spawned processes
</title>
1395 <para>Processes started by the system are executed in
1396 a clean environment in which select variables
1397 listed below are set. System processes started by systemd
1398 do not inherit variables from PID
1, but processes
1399 started by user systemd instances inherit all
1400 environment variables from the user systemd instance.
1403 <variablelist class='environment-variables'
>
1405 <term><varname>$PATH
</varname></term>
1407 <listitem><para>Colon-separated list
1408 of directiories to use when launching
1409 executables. Systemd uses a fixed
1411 <filename>/usr/local/sbin
</filename>:
<filename>/usr/local/bin
</filename>:
<filename>/usr/sbin
</filename>:
<filename>/usr/bin
</filename>:
<filename>/sbin
</filename>:
<filename>/bin
</filename>.
1416 <term><varname>$LANG
</varname></term>
1418 <listitem><para>Locale. Can be set in
1419 <citerefentry><refentrytitle>locale.conf
</refentrytitle><manvolnum>5</manvolnum></citerefentry>
1420 or on the kernel command line (see
1421 <citerefentry><refentrytitle>systemd
</refentrytitle><manvolnum>1</manvolnum></citerefentry>
1423 <citerefentry><refentrytitle>kernel-command-line
</refentrytitle><manvolnum>7</manvolnum></citerefentry>).
1428 <term><varname>$USER
</varname></term>
1429 <term><varname>$LOGNAME
</varname></term>
1430 <term><varname>$HOME
</varname></term>
1431 <term><varname>$SHELL
</varname></term>
1433 <listitem><para>User name (twice), home
1434 directory, and the login shell.
1435 The variables are set for the units that
1436 have
<varname>User=
</varname> set,
1438 <command>systemd
</command> instances.
1440 <citerefentry><refentrytitle>passwd
</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
1445 <term><varname>$XDG_RUNTIME_DIR
</varname></term>
1447 <listitem><para>The directory for volatile
1448 state. Set for the user
<command>systemd
</command>
1449 instance, and also in user sessions.
1451 <citerefentry><refentrytitle>pam_systemd
</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
1456 <term><varname>$XDG_SESSION_ID
</varname></term>
1457 <term><varname>$XDG_SEAT
</varname></term>
1458 <term><varname>$XDG_VTNR
</varname></term>
1460 <listitem><para>The identifier of the
1461 session, the seat name, and
1462 virtual terminal of the session. Set
1464 <citerefentry><refentrytitle>pam_systemd
</refentrytitle><manvolnum>8</manvolnum></citerefentry>
1466 <varname>$XDG_SEAT
</varname> and
1467 <varname>$XDG_VTNR
</varname> will
1468 only be set when attached to a seat and a
1469 tty.
</para></listitem>
1473 <term><varname>$MAINPID
</varname></term>
1475 <listitem><para>The PID of the units
1476 main process if it is known. This is
1477 only set for control processes as
1479 <varname>ExecReload=
</varname> and
1480 similar.
</para></listitem>
1484 <term><varname>$MANAGERPID
</varname></term>
1486 <listitem><para>The PID of the user
1487 <command>systemd
</command> instance,
1488 set for processes spawned by it.
1493 <term><varname>$LISTEN_FDS
</varname></term>
1494 <term><varname>$LISTEN_PID
</varname></term>
1496 <listitem><para>Information about file
1497 descriptors passed to a service for
1498 socket activation. See
1499 <citerefentry><refentrytitle>sd_listen_fds
</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
1504 <term><varname>$TERM
</varname></term>
1506 <listitem><para>Terminal type, set
1507 only for units connected to a terminal
1508 (
<varname>StandardInput=tty
</varname>,
1509 <varname>StandardOutput=tty
</varname>,
1511 <varname>StandardError=tty
</varname>).
1513 <citerefentry project='man-pages'
><refentrytitle>termcap
</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
1518 <para>Additional variables may be configured by the
1519 following means: for processes spawned in specific
1520 units, use the
<varname>Environment=
</varname> and
1521 <varname>EnvironmentFile=
</varname> options above; to
1522 specify variables globally, use
1523 <varname>DefaultEnvironment=
</varname> (see
1524 <citerefentry><refentrytitle>systemd-system.conf
</refentrytitle><manvolnum>5</manvolnum></citerefentry>)
1525 or the kernel option
1526 <varname>systemd.setenv=
</varname> (see
1527 <citerefentry><refentrytitle>systemd
</refentrytitle><manvolnum>1</manvolnum></citerefentry>). Additional
1528 variables may also be set through PAM,
1529 cf.
<citerefentry project='man-pages'
><refentrytitle>pam_env
</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
</para>
1533 <title>See Also
</title>
1535 <citerefentry><refentrytitle>systemd
</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
1536 <citerefentry><refentrytitle>systemctl
</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
1537 <citerefentry><refentrytitle>journalctl
</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
1538 <citerefentry><refentrytitle>systemd.unit
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1539 <citerefentry><refentrytitle>systemd.service
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1540 <citerefentry><refentrytitle>systemd.socket
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1541 <citerefentry><refentrytitle>systemd.swap
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1542 <citerefentry><refentrytitle>systemd.mount
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1543 <citerefentry><refentrytitle>systemd.kill
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1544 <citerefentry><refentrytitle>systemd.resource-control
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1545 <citerefentry><refentrytitle>systemd.directives
</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
1546 <citerefentry><refentrytitle>tmpfiles.d
</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1547 <citerefentry project='man-pages'
><refentrytitle>exec
</refentrytitle><manvolnum>3</manvolnum></citerefentry>
projects / thirdparty / systemd.git / blob