]>
Commit | Line | Data |
---|---|---|
c3e270f4 FB |
1 | --- |
2 | title: Porting systemd To New Distributions | |
4cdca0af | 3 | category: Concepts |
b41a3f66 | 4 | layout: default |
0aff7b75 | 5 | SPDX-License-Identifier: LGPL-2.1-or-later |
c3e270f4 FB |
6 | --- |
7 | ||
1d1cb168 FB |
8 | # Porting systemd To New Distributions |
9 | ||
10 | ## HOWTO | |
11 | ||
345115d6 | 12 | You need to make the follow changes to adapt systemd to your distribution: |
1d1cb168 FB |
13 | |
14 | 1. Find the right configure parameters for: | |
15 | ||
1d1cb168 FB |
16 | * `-Dsysvinit-path=` |
17 | * `-Dsysvrcnd-path=` | |
18 | * `-Drc-local=` | |
1d1cb168 FB |
19 | * `-Dloadkeys-path=` |
20 | * `-Dsetfont-path=` | |
21 | * `-Dtty-gid=` | |
22 | * `-Dntp-servers=` | |
23 | * `-Ddns-servers=` | |
24 | * `-Dsupport-url=` | |
25 | ||
26 | 2. Try it out. | |
27 | ||
28 | Play around (as an ordinary user) with | |
345115d6 | 29 | `/usr/lib/systemd/systemd --test --system` for a test run of systemd without booting. |
30 | This will read the unit files and print the initial transaction it would execute during boot-up. | |
1d1cb168 FB |
31 | This will also inform you about ordering loops and suchlike. |
32 | ||
57903f93 ZJS |
33 | ## Compilation options |
34 | ||
345115d6 | 35 | The default configuration does not enable any optimization or hardening options. |
36 | This is suitable for development and testing, but not for end-user | |
57903f93 ZJS |
37 | installations. |
38 | ||
39 | For deployment, optimization (`-O2` or `-O3` compiler options), link time | |
40 | optimization (`-Db_lto=true` meson option), and hardening (e.g. | |
41 | `-D_FORTIFY_SOURCE=2`, `-fstack-protector-strong`, `-fstack-clash-protection`, | |
42 | `-fcf-protection`, `-pie` compiler options, and `-z relro`, `-z now`, | |
345115d6 | 43 | `--as-needed` linker options) are recommended. |
44 | The most appropriate set of options depends on the architecture and distribution specifics so no default is | |
57903f93 ZJS |
45 | provided. |
46 | ||
1d1cb168 FB |
47 | ## NTP Pool |
48 | ||
49 | By default, systemd-timesyncd uses the Google Public NTP servers | |
50 | `time[1-4].google.com`, if no other NTP configuration is available. | |
51 | They serve time that uses a | |
52 | [leap second smear](https://developers.google.com/time/smear) | |
53 | and can be up to .5s off from servers that use stepped leap seconds. | |
54 | ||
55 | If you prefer to use leap second steps, please register your own | |
56 | vendor pool at ntp.org and make it the built-in default by | |
345115d6 | 57 | passing `-Dntp-servers=` to meson. |
58 | Registering vendor pools is | |
59 | [free](http://www.pool.ntp.org/en/vendors.html). | |
1d1cb168 FB |
60 | |
61 | Use `-Dntp-servers=` to direct systemd-timesyncd to different fallback | |
62 | NTP servers. | |
63 | ||
64 | ## DNS Servers | |
65 | ||
def3c7c7 IK |
66 | By default, systemd-resolved uses Cloudflare and Google Public DNS servers |
67 | `1.1.1.1`, `8.8.8.8`, `1.0.0.1`, `8.8.4.4`, `2606:4700:4700::1111`, `2001:4860:4860::8888`, `2606:4700:4700::1001`, `2001:4860:4860::8844` | |
1d1cb168 FB |
68 | as fallback, if no other DNS configuration is available. |
69 | ||
70 | Use `-Ddns-servers=` to direct systemd-resolved to different fallback | |
71 | DNS servers. | |
72 | ||
73 | ## PAM | |
74 | ||
75 | The default PAM config shipped by systemd is really bare bones. | |
76 | It does not include many modules your distro might want to enable | |
345115d6 | 77 | to provide a more seamless experience. |
78 | For example, limits set in `/etc/security/limits.conf` will not be read unless you load `pam_limits`. | |
1d1cb168 FB |
79 | Make sure you add modules your distro expects from user services. |
80 | ||
81 | Pass `-Dpamconfdir=no` to meson to avoid installing this file and | |
82 | instead install your own. | |
83 | ||
84 | ## Contributing Upstream | |
85 | ||
e347d53a | 86 | We generally no longer accept distribution-specific patches to |
345115d6 | 87 | systemd upstream. |
88 | If you have to make changes to systemd's source code to make it work on your distribution, unless your code is generic enough to be generally useful, we are unlikely to merge it. | |
89 | Please always consider adopting the upstream defaults. | |
90 | If that is not possible, please maintain the relevant patches downstream. | |
1d1cb168 FB |
91 | |
92 | Thank you for understanding. |