X-Git-Url: http://git.ipfire.org/?a=blobdiff_plain;f=man%2Fsystemd.service.xml;h=afa0ae4115ab6feb4d6623e098414660c6517f03;hb=2af767729489f6baa98a2641b2007acab44ed353;hp=fe83581b6e585ba21559bd27dd06606012712878;hpb=4ff183d419f9ec271ae311dae0bc01b4bb204b50;p=thirdparty%2Fsystemd.git diff --git a/man/systemd.service.xml b/man/systemd.service.xml index fe83581b6e5..afa0ae4115a 100644 --- a/man/systemd.service.xml +++ b/man/systemd.service.xml @@ -4,38 +4,12 @@ systemd.service systemd - - - - Developer - Lennart - Poettering - lennart@poettering.net - - @@ -56,7 +30,7 @@ Description A unit configuration file whose name ends in - .service encodes information about a process + .service encodes information about a process controlled and supervised by systemd. This man page lists the configuration options specific to @@ -91,55 +65,73 @@ - Implicit Dependencies - - The following dependencies are implicitly added: - - - Services with Type=dbus set automatically - acquire dependencies of type Requires= and - After= on - dbus.socket. - - Socket activated services are automatically ordered after - their activating .socket units via an - automatic After= dependency. - Services also pull in all .socket units - listed in Sockets= via automatic - Wants= and After= dependencies. - - - Additional implicit dependencies may be added as result of - execution and resource control parameters as documented in - systemd.exec5 - and - systemd.resource-control5. + Service Templates + + It is possible for systemd services to take a single argument via the + service@argument.service + syntax. Such services are called "instantiated" services, while the unit definition without the + argument parameter is called a "template". An example could be a + dhcpcd@.service service template which takes a network interface as a + parameter to form an instantiated service. Within the service file, this parameter or "instance + name" can be accessed with %-specifiers. See + systemd.unit5 + for details. - Default Dependencies - - The following dependencies are added unless DefaultDependencies=no is set: - - - Service units will have dependencies of type Requires= and - After= on sysinit.target, a dependency of type After= on - basic.target as well as dependencies of type Conflicts= and - Before= on shutdown.target. These ensure that normal service units pull in - basic system initialization, and are terminated cleanly prior to system shutdown. Only services involved with early - boot or late system shutdown should disable this option. - - Instanced service units (i.e. service units with an @ in their name) are assigned by - default a per-template slice unit (see - systemd.slice5), named after the - template unit, containing all instances of the specific template. This slice is normally stopped at shutdown, - together with all template instances. If that is not desired, set DefaultDependencies=no in the - template unit, and either define your own per-template slice unit file that also sets - DefaultDependencies=no, or set Slice=system.slice (or another suitable slice) - in the template unit. Also see - systemd.resource-control5. - - + Automatic Dependencies + + + Implicit Dependencies + + The following dependencies are implicitly added: + + + Services with Type=dbus set automatically + acquire dependencies of type Requires= and + After= on + dbus.socket. + + Socket activated services are automatically ordered after + their activating .socket units via an + automatic After= dependency. + Services also pull in all .socket units + listed in Sockets= via automatic + Wants= and After= dependencies. + + + Additional implicit dependencies may be added as result of + execution and resource control parameters as documented in + systemd.exec5 + and + systemd.resource-control5. + + + + Default Dependencies + + The following dependencies are added unless DefaultDependencies=no is set: + + + Service units will have dependencies of type Requires= and + After= on sysinit.target, a dependency of type After= on + basic.target as well as dependencies of type Conflicts= and + Before= on shutdown.target. These ensure that normal service units pull in + basic system initialization, and are terminated cleanly prior to system shutdown. Only services involved with early + boot or late system shutdown should disable this option. + + Instanced service units (i.e. service units with an @ in their name) are assigned by + default a per-template slice unit (see + systemd.slice5), named after the + template unit, containing all instances of the specific template. This slice is normally stopped at shutdown, + together with all template instances. If that is not desired, set DefaultDependencies=no in the + template unit, and either define your own per-template slice unit file that also sets + DefaultDependencies=no, or set Slice=system.slice (or another suitable slice) + in the template unit. Also see + systemd.resource-control5. + + + @@ -228,10 +220,10 @@ PrivateNetwork=. Behavior of is very similar to ; however, actual execution - of the service binary is delayed until all active jobs are dispatched. This may be used to avoid interleaving + of the service program is delayed until all active jobs are dispatched. This may be used to avoid interleaving of output of shell services with the status output on the console. Note that this type is useful only to improve console output, it is not useful as a general unit ordering tool, and the effect of this service type - is subject to a 5s time-out, after which the service binary is invoked anyway. + is subject to a 5s time-out, after which the service program is invoked anyway. @@ -264,16 +256,14 @@ PIDFile= - Takes an absolute filename pointing to the - PID file of this daemon. Use of this option is recommended for - services where Type= is set to - . systemd will read the PID of the - main process of the daemon after start-up of the service. - systemd will not write to the file configured here, although - it will remove the file after the service has shut down if it - still exists. - - + Takes an absolute path referring to the PID file of the service. Usage of this option is + recommended for services where Type= is set to . The service manager + will read the PID of the main process of the service from this file after start-up of the service. The service + manager will not write to the file configured here, although it will remove the file after the service has shut + down if it still exists. The PID file does not need to be owned by a privileged user, but if it is owned by an + unprivileged user additional safety restrictions are enforced: the file may not be a symlink to a file owned by + a different user (neither directly nor indirectly), and the PID file must refer to a process already belonging + to the service. @@ -303,8 +293,9 @@ ExecStop= line set. (Services lacking both ExecStart= and ExecStop= are not valid.) - For each of the specified commands, the first argument must be an absolute path to an - executable. Optionally, this filename may be prefixed with a number of special characters: + For each of the specified commands, the first argument must be either an absolute path to an executable + or a simple file name without any slashes. Optionally, this filename may be prefixed with a number of special + characters: Special executable prefixes @@ -338,7 +329,7 @@ ! - Similar to the + character discussed above this permits invoking command lines with elevated privileges. However, unlike + the ! character exclusively alters the effect of User=, Group= and SupplementaryGroups=, i.e. only the stanzas the affect user and group credentials. Note that this setting may be combined with DynamicUser=, in which case a dynamic user/group pair is allocated before the command is invoked, but credential changing is left to the executed process itself. + Similar to the + character discussed above this permits invoking command lines with elevated privileges. However, unlike + the ! character exclusively alters the effect of User=, Group= and SupplementaryGroups=, i.e. only the stanzas that affect user and group credentials. Note that this setting may be combined with DynamicUser=, in which case a dynamic user/group pair is allocated before the command is invoked, but credential changing is left to the executed process itself. @@ -517,6 +508,15 @@ Type=oneshot is used, in which case the timeout is disabled by default (see systemd-system.conf5). + + + If a service of Type=notify sends EXTEND_TIMEOUT_USEC=…, this may cause + the start time to be extended beyond TimeoutStartSec=. The first receipt of this message + must occur before TimeoutStartSec= is exceeded, and once the start time has exended beyond + TimeoutStartSec=, the service manager will allow the service to continue to start, provided + the service repeats EXTEND_TIMEOUT_USEC=… within the interval specified until the service + startup status is finished by READY=1. (see + sd_notify3). @@ -535,6 +535,14 @@ DefaultTimeoutStopSec= from the manager configuration file (see systemd-system.conf5). + + + If a service of Type=notify sends EXTEND_TIMEOUT_USEC=…, this may cause + the stop time to be extended beyond TimeoutStopSec=. The first receipt of this message + must occur before TimeoutStopSec= is exceeded, and once the stop time has exended beyond + TimeoutStopSec=, the service manager will allow the service to continue to stop, provided + the service repeats EXTEND_TIMEOUT_USEC=… within the interval specified, or terminates itself + (see sd_notify3). @@ -553,7 +561,16 @@ active for longer than the specified time it is terminated and put into a failure state. Note that this setting does not have any effect on Type=oneshot services, as they terminate immediately after activation completed. Pass infinity (the default) to configure no runtime - limit. + limit. + + If a service of Type=notify sends EXTEND_TIMEOUT_USEC=…, this may cause + the runtime to be extended beyond RuntimeMaxSec=. The first receipt of this message + must occur before RuntimeMaxSec= is exceeded, and once the runtime has exended beyond + RuntimeMaxSec=, the service manager will allow the service to continue to run, provided + the service repeats EXTEND_TIMEOUT_USEC=… within the interval specified until the service + shutdown is achieved by STOPPING=1 (or termination). (see + sd_notify3). + @@ -728,7 +745,8 @@ limiting configured with StartLimitIntervalSec= and StartLimitBurst=, see systemd.unit5 - for details. + for details. A restarted service enters the failed state only + after the start limits are reached. Setting this to is the recommended choice for long-running services, in order to @@ -893,14 +911,6 @@ effect. - - FailureAction= - Configure the action to take when the service enters a failed state. Takes the same values as - the unit setting StartLimitAction= and executes the same actions (see - systemd.unit5). Defaults to - . - - FileDescriptorStoreMax= Configure how many file descriptors may be stored in the service manager for the service using @@ -914,7 +924,10 @@ passed to the service manager from a specific service are passed back to the service's main process on the next service restart. Any file descriptors passed to the service manager are automatically closed when POLLHUP or POLLERR is seen on them, or when the service is fully - stopped and no job is queued or being executed for it. + stopped and no job is queued or being executed for it. If this option is used, NotifyAccess= + (see above) should be set to open access to the notification socket provided by systemd. If + NotifyAccess= is not set, it will be implicitly set to + . @@ -987,14 +1000,10 @@ &, and other elements of shell syntax are not supported. - The command to execute must be an absolute path name. It may - contain spaces, but control characters are not allowed. + The command to execute may contain spaces, but control characters are not allowed. - The command line accepts % specifiers as - described in - systemd.unit5. - Note that the first argument of the command line (i.e. the program - to execute) may not include specifiers. + The command line accepts % specifiers as described in + systemd.unit5. Basic environment variable substitution is supported. Use ${FOO} as part of a word, or as a word of its @@ -1007,10 +1016,21 @@ For this type of expansion, quotes are respected when splitting into words, and afterwards removed. + If the command is not a full (absolute) path, it will be resolved to a full path using a + fixed search path determinted at compilation time. Searched directories include + /usr/local/bin/, /usr/bin/, /bin/ + on systems using split /usr/bin/ and /bin/ + directories, and their sbin/ counterparts on systems using split + bin/ and sbin/. It is thus safe to use just the + executable name in case of executables located in any of the "standard" directories, and an + absolute path must be used in other cases. Using an absolute path is recommended to avoid + ambiguity. Hint: this search path may be queried using + systemd-path search-binaries-default. + Example: Environment="ONE=one" 'TWO=two two' -ExecStart=/bin/echo $ONE $TWO ${TWO} +ExecStart=echo $ONE $TWO ${TWO} This will execute /bin/echo with four arguments: one, two, @@ -1020,7 +1040,7 @@ ExecStart=/bin/echo $ONE $TWO ${TWO} Environment=ONE='one' "TWO='two two' too" THREE= ExecStart=/bin/echo ${ONE} ${TWO} ${THREE} ExecStart=/bin/echo $ONE $TWO $THREE - This results in echo being + This results in /bin/echo being called twice, the first time with arguments 'one', 'two two' too, , @@ -1046,27 +1066,27 @@ ExecStart=/bin/echo $ONE $TWO $THREE Note that shell command lines are not directly supported. If shell command lines are to be used, they need to be passed explicitly to a shell implementation of some kind. Example: - ExecStart=/bin/sh -c 'dmesg | tac' + ExecStart=sh -c 'dmesg | tac' Example: - ExecStart=/bin/echo one ; /bin/echo "two two" + ExecStart=echo one ; echo "two two" - This will execute /bin/echo two times, + This will execute echo two times, each time with one argument: one and two two, respectively. Because two commands are specified, Type=oneshot must be used. Example: - ExecStart=/bin/echo / >/dev/null & \; \ -/bin/ls + ExecStart=echo / >/dev/null & \; \ +ls - This will execute /bin/echo + This will execute echo with five arguments: /, >/dev/null, &, ;, and - /bin/ls. + ls.
C escapes supported in command lines and environment variables