http://0pointer.de/blog/projects/systemd.html
WEB SITE:
- http://www.freedesktop.org/wiki/Software/systemd
+ https://www.freedesktop.org/wiki/Software/systemd
GIT:
git@github.com:systemd/systemd.git
- https://github.com/systemd/systemd.git
-
-GITWEB:
https://github.com/systemd/systemd
MAILING LIST:
- http://lists.freedesktop.org/mailman/listinfo/systemd-devel
+ https://lists.freedesktop.org/mailman/listinfo/systemd-devel
IRC:
#systemd on irc.freenode.org
- except src/udev/* which is (currently still) GPLv2, GPLv2+
REQUIREMENTS:
- Linux kernel >= 3.12
+ Linux kernel >= 3.13
Linux kernel >= 4.2 for unified cgroup hierarchy support
Kernel Config Options:
CONFIG_PROC_FS
CONFIG_FHANDLE (libudev, mount and bind mount handling)
+ Kernel crypto/hash API
+ CONFIG_CRYPTO_USER_API_HASH
+ CONFIG_CRYPTO_HMAC
+ CONFIG_CRYPTO_SHA256
+
udev will fail to work with the legacy sysfs layout:
CONFIG_SYSFS_DEPRECATED=n
Required for CPUQuota= in resource control unit settings
CONFIG_CFS_BANDWIDTH
+ Required for IPAddressDeny= and IPAddressAllow= in resource control
+ unit settings
+ CONFIG_CGROUP_BPF
+
For UEFI systems:
CONFIG_EFIVAR_FS
CONFIG_EFI_PARTITION
fixed, and it's best to disable group scheduling hence.
CONFIG_RT_GROUP_SCHED=n
+ It's a good idea to disable the implicit creation of networking bonding
+ devices by the kernel networking bonding module, so that the
+ automatically created "bond0" interface doesn't conflict with any such
+ device created by systemd-networkd (or other tools). Ideally there
+ would be a kernel compile-time option for this, but there currently
+ isn't. The next best thing is to make this change through a modprobe.d
+ drop-in. This is shipped by default, see modprobe.d/systemd.conf.
+
Note that kernel auditing is broken when used with systemd's
container code. When using systemd in conjunction with
containers, please make sure to either turn off auditing at
glibc >= 2.16
libcap
- libmount >= 2.27.1 (from util-linux)
- (util-linux *must* be built with --enable-libmount-force-mountinfo)
+ libmount >= 2.30 (from util-linux)
+ (util-linux *must* be built without --enable-libmount-support-mtab)
libseccomp >= 2.3.1 (optional)
libblkid >= 2.24 (from util-linux) (optional)
libkmod >= 15 (optional)
libqrencode (optional)
libmicrohttpd (optional)
libpython (optional)
- libidn (optional)
+ libidn2 or libidn (optional)
elfutils >= 158 (optional)
- make, gcc, and similar tools
+ polkit (optional)
+ pkg-config
+ gperf
+ docbook-xsl (optional, required for documentation)
+ xsltproc (optional, required for documentation)
+ python-lxml (optional, required to build the indices)
+ python, meson, ninja
+ gcc, awk, sed, grep, m4, and similar tools
During runtime, you need the following additional
dependencies:
dracut (optional)
PolicyKit (optional)
- When building from git, the following tools are needed:
+ To build in directory build/:
+ meson build/ && ninja -C build
- pkg-config
- docbook-xsl
- xsltproc
- automake
- autoconf
- libtool
- intltool
- gperf
- python (optional)
- python-lxml (optional, but required to build the indices)
+ Any configuration options can be specfied as -Darg=value... arguments
+ to meson. After the build directory is initially configured, meson will
+ refuse to run again, and options must be changed with:
+ mesonconf -Darg=value...
+ mesonconf without any arguments will print out available options and
+ their current values.
+
+ Useful commands:
+ ninja -v some/target
+ ninja test
+ sudo ninja install
+ DESTDIR=... ninja install
- The build system is initialized with ./autogen.sh. A tar ball
- can be created with:
+ A tarball can be created with:
git archive --format=tar --prefix=systemd-222/ v222 | xz > systemd-222.tar.xz
When systemd-hostnamed is used, it is strongly recommended to
under all circumstances. In fact, systemd-hostnamed will warn
if nss-myhostname is not installed.
+ nss-systemd must be enabled on systemd systems, as that's required for
+ DynamicUser= to work. Note that we ship services out-of-the-box that
+ make use of DynamicUser= now, hence enabling nss-systemd is not
+ optional.
+
+ Note that the build prefix for systemd must be /usr. -Dsplit-usr=false
+ (which is the default and does not need to be specified) is the
+ recommended setting, and -Dsplit-usr=true should be used on systems
+ which have /usr on a separate partition.
+
Additional packages are necessary to run some tests:
- busybox (used by test/TEST-13-NSPAWN-SMOKE)
- nc (used by test/TEST-12-ISSUE-3171)
- python3-pyparsing
- python3-evdev (used by hwdb parsing tests)
- strace (used by test/test-functions)
+ - capsh (optional, used by test-execute)
USERS AND GROUPS:
Default udev rules use the following standard system group
even in the very early boot stages, where no other databases
and network are available:
- audio, cdrom, dialout, disk, input, kmem, lp, tape, tty, video
+ audio, cdrom, dialout, disk, input, kmem, kvm, lp, render, tape, tty, video
During runtime, the journal daemon requires the
"systemd-journal" system group to exist. New journal files will
needs to look like, and provide an implementation at the marked places.
WARNINGS:
- systemd will warn you during boot if /usr is on a different
- file system than /. While in systemd itself very little will
- break if /usr is on a separate partition, many of its
- dependencies very likely will break sooner or later in one
- form or another. For example, udev rules tend to refer to
- binaries in /usr, binaries that link to libraries in /usr or
- binaries that refer to data files in /usr. Since these
- breakages are not always directly visible, systemd will warn
- about this, since this kind of file system setup is not really
- supported anymore by the basic set of Linux OS components.
+ systemd will warn during early boot if /usr is not already mounted at
+ this point (that means: either located on the same file system as / or
+ already mounted in the initrd). While in systemd itself very little
+ will break if /usr is on a separate, late-mounted partition, many of
+ its dependencies very likely will break sooner or later in one form or
+ another. For example, udev rules tend to refer to binaries in /usr,
+ binaries that link to libraries in /usr or binaries that refer to data
+ files in /usr. Since these breakages are not always directly visible,
+ systemd will warn about this, since this kind of file system setup is
+ not really supported anymore by the basic set of Linux OS components.
systemd requires that the /run mount point exists. systemd also
requires that /var/run is a symlink to /run.
For more information on this issue consult
- http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken
+ https://www.freedesktop.org/wiki/Software/systemd/separate-usr-is-broken
To run systemd under valgrind, compile with VALGRIND defined
- (e.g. ./configure CPPFLAGS='... -DVALGRIND=1'). Otherwise,
- false positives will be triggered by code which violates
- some rules but is actually safe.
-
- Currently, systemd-timesyncd defaults to use the Google NTP
- servers if not specified otherwise at configure time. You
- really should not ship an OS or device with this default
- setting. See DISTRO_PORTING for details.
+ (e.g. CPPFLAGS='... -DVALGRIND=1' meson <options>) and have valgrind
+ development headers installed (i.e. valgrind-devel or
+ equivalent). Otherwise, false positives will be triggered by code which
+ violates some rules but is actually safe. Note that valgrind generates
+ nice output only on exit(), hence on shutdown we don't execve()
+ systemd-shutdown.
ENGINEERING AND CONSULTING SERVICES:
Kinvolk (https://kinvolk.io) offers professional engineering