]> git.ipfire.org Git - thirdparty/systemd.git/blame - man/daemon.xml
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
man: use same header for all files
[thirdparty/systemd.git] / man / daemon.xml
CommitLineData
64aba792 1<?xml version='1.0'?> <!--*-nxml-*-->
3a54a157 2<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
12b42c76 3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
0307f791 4<!-- SPDX-License-Identifier: LGPL-2.1+ -->
64aba792 5
62adf224 6<refentry id="daemon">
64aba792 7
798d3a52
ZJS		 8 <refentryinfo>
9 <title>daemon</title>
10 <productname>systemd</productname>
798d3a52
ZJS		 11 </refentryinfo>
12
13 <refmeta>
14 <refentrytitle>daemon</refentrytitle>
15 <manvolnum>7</manvolnum>
16 </refmeta>
17
18 <refnamediv>
19 <refname>daemon</refname>
20 <refpurpose>Writing and packaging system daemons</refpurpose>
21 </refnamediv>
22
23 <refsect1>
24 <title>Description</title>
25
26 <para>A daemon is a service process that runs in the background
27 and supervises the system or provides functionality to other
28 processes. Traditionally, daemons are implemented following a
29 scheme originating in SysV Unix. Modern daemons should follow a
30 simpler yet more powerful scheme (here called "new-style"
31 daemons), as implemented by
32 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
33 This manual page covers both schemes, and in particular includes
34 recommendations for daemons that shall be included in the systemd
35 init system.</para>
36
37 <refsect2>
38 <title>SysV Daemons</title>
39
40 <para>When a traditional SysV daemon starts, it should execute
41 the following steps as part of the initialization. Note that
42 these steps are unnecessary for new-style daemons (see below),
43 and should only be implemented if compatibility with SysV is
44 essential.</para>
45
46 <orderedlist>
47 <listitem><para>Close all open file descriptors except
48 standard input, output, and error (i.e. the first three file
49 descriptors 0, 1, 2). This ensures that no accidentally passed
50 file descriptor stays around in the daemon process. On Linux,
51 this is best implemented by iterating through
52 <filename>/proc/self/fd</filename>, with a fallback of
53 iterating from file descriptor 3 to the value returned by
54 <function>getrlimit()</function> for
55 <constant>RLIMIT_NOFILE</constant>. </para></listitem>
56
57 <listitem><para>Reset all signal handlers to their default.
58 This is best done by iterating through the available signals
59 up to the limit of <constant>_NSIG</constant> and resetting
60 them to <constant>SIG_DFL</constant>.</para></listitem>
61
62 <listitem><para>Reset the signal mask
63 using
64 <function>sigprocmask()</function>.</para></listitem>
65
66 <listitem><para>Sanitize the environment block, removing or
67 resetting environment variables that might negatively impact
68 daemon runtime.</para></listitem>
69
70 <listitem><para>Call <function>fork()</function>, to create a
71 background process.</para></listitem>
72
73 <listitem><para>In the child, call
74 <function>setsid()</function> to detach from any terminal and
75 create an independent session.</para></listitem>
76
77 <listitem><para>In the child, call <function>fork()</function>
78 again, to ensure that the daemon can never re-acquire a
79 terminal again.</para></listitem>
80
81 <listitem><para>Call <function>exit()</function> in the first
82 child, so that only the second child (the actual daemon
83 process) stays around. This ensures that the daemon process is
84 re-parented to init/PID 1, as all daemons should
85 be.</para></listitem>
86
87 <listitem><para>In the daemon process, connect
88 <filename>/dev/null</filename> to standard input, output, and
89 error.</para></listitem>
90
91 <listitem><para>In the daemon process, reset the umask to 0,
92 so that the file modes passed to <function>open()</function>,
93 <function>mkdir()</function> and suchlike directly control the
94 access mode of the created files and
95 directories.</para></listitem>
96
97 <listitem><para>In the daemon process, change the current
98 directory to the root directory (/), in order to avoid that
99 the daemon involuntarily blocks mount points from being
100 unmounted.</para></listitem>
101
102 <listitem><para>In the daemon process, write the daemon PID
103 (as returned by <function>getpid()</function>) to a PID file,
104 for example <filename>/run/foobar.pid</filename> (for a
105 hypothetical daemon "foobar") to ensure that the daemon cannot
106 be started more than once. This must be implemented in
107 race-free fashion so that the PID file is only updated when it
108 is verified at the same time that the PID previously stored in
109 the PID file no longer exists or belongs to a foreign
110 process.</para></listitem>
111
112 <listitem><para>In the daemon process, drop privileges, if
113 possible and applicable.</para></listitem>
114
115 <listitem><para>From the daemon process, notify the original
116 process started that initialization is complete. This can be
117 implemented via an unnamed pipe or similar communication
118 channel that is created before the first
119 <function>fork()</function> and hence available in both the
120 original and the daemon process.</para></listitem>
121
122 <listitem><para>Call <function>exit()</function> in the
123 original process. The process that invoked the daemon must be
124 able to rely on that this <function>exit()</function> happens
125 after initialization is complete and all external
126 communication channels are established and
127 accessible.</para></listitem>
128 </orderedlist>
129
130 <para>The BSD <function>daemon()</function> function should not
131 be used, as it implements only a subset of these steps.</para>
132
133 <para>A daemon that needs to provide compatibility with SysV
134 systems should implement the scheme pointed out above. However,
135 it is recommended to make this behavior optional and
136 configurable via a command line argument to ease debugging as
137 well as to simplify integration into systems using
138 systemd.</para>
139 </refsect2>
140
141 <refsect2>
142 <title>New-Style Daemons</title>
143
144 <para>Modern services for Linux should be implemented as
145 new-style daemons. This makes it easier to supervise and control
146 them at runtime and simplifies their implementation.</para>
147
148 <para>For developing a new-style daemon, none of the
149 initialization steps recommended for SysV daemons need to be
150 implemented. New-style init systems such as systemd make all of
151 them redundant. Moreover, since some of these steps interfere
152 with process monitoring, file descriptor passing and other
153 functionality of the init system, it is recommended not to
154 execute them when run as new-style service.</para>
155
b9a049b1
LP		 156 <para>Note that new-style init systems guarantee execution of daemon processes in a clean process context: it is
157 guaranteed that the environment block is sanitized, that the signal handlers and mask is reset and that no
158 left-over file descriptors are passed. Daemons will be executed in their own session, with standard input
159 connected to <filename>/dev/null</filename> and standard output/error connected to the
160 <citerefentry><refentrytitle>systemd-journald.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
161 logging service, unless otherwise configured. The umask is reset.
798d3a52
ZJS		 162 </para>
163
164 <para>It is recommended for new-style daemons to implement the
165 following:</para>
166
167 <orderedlist>
168 <listitem><para>If <constant>SIGTERM</constant> is received,
169 shut down the daemon and exit cleanly.</para></listitem>
170
171 <listitem><para>If <constant>SIGHUP</constant> is received,
172 reload the configuration files, if this
173 applies.</para></listitem>
174
175 <listitem><para>Provide a correct exit code from the main
176 daemon process, as this is used by the init system to detect
177 service errors and problems. It is recommended to follow the
178 exit code scheme as defined in the <ulink
179 url="http://refspecs.linuxbase.org/LSB_3.1.1/LSB-Core-generic/LSB-Core-generic/iniscrptact.html">LSB
180 recommendations for SysV init
181 scripts</ulink>.</para></listitem>
182
183 <listitem><para>If possible and applicable, expose the
184 daemon's control interface via the D-Bus IPC system and grab a
185 bus name as last step of initialization.</para></listitem>
186
187 <listitem><para>For integration in systemd, provide a
188 <filename>.service</filename> unit file that carries
189 information about starting, stopping and otherwise maintaining
190 the daemon. See
191 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
192 for details.</para></listitem>
193
194 <listitem><para>As much as possible, rely on the init system's
195 functionality to limit the access of the daemon to files,
196 services and other resources, i.e. in the case of systemd,
197 rely on systemd's resource limit control instead of
198 implementing your own, rely on systemd's privilege dropping
199 code instead of implementing it in the daemon, and similar.
200 See
201 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
202 for the available controls.</para></listitem>
203
204 <listitem><para>If D-Bus is used, make your daemon
205 bus-activatable by supplying a D-Bus service activation
206 configuration file. This has multiple advantages: your daemon
207 may be started lazily on-demand; it may be started in parallel
ccddd104 208 to other daemons requiring it — which maximizes
798d3a52
ZJS		 209 parallelization and boot-up speed; your daemon can be
210 restarted on failure without losing any bus requests, as the
211 bus queues requests for activatable services. See below for
212 details.</para></listitem>
213
214 <listitem><para>If your daemon provides services to other
215 local processes or remote clients via a socket, it should be
216 made socket-activatable following the scheme pointed out
217 below. Like D-Bus activation, this enables on-demand starting
218 of services as well as it allows improved parallelization of
219 service start-up. Also, for state-less protocols (such as
220 syslog, DNS), a daemon implementing socket-based activation
221 can be restarted without losing a single request. See below
222 for details.</para></listitem>
223
224 <listitem><para>If applicable, a daemon should notify the init
225 system about startup completion or status updates via the
226 <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry>
227 interface.</para></listitem>
228
229 <listitem><para>Instead of using the
230 <function>syslog()</function> call to log directly to the
231 system syslog service, a new-style daemon may choose to simply
232 log to standard error via <function>fprintf()</function>,
233 which is then forwarded to syslog by the init system. If log
234 levels are necessary, these can be encoded by prefixing
235 individual log lines with strings like
236 <literal>&lt;4&gt;</literal> (for log level 4 "WARNING" in the
237 syslog priority scheme), following a similar style as the
238 Linux kernel's <function>printk()</function> level system. For
239 details, see
240 <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>
241 and
242 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para></listitem>
243
244 </orderedlist>
245
246 <para>These recommendations are similar but not identical to the
247 <ulink
248 url="https://developer.apple.com/library/mac/documentation/MacOSX/Conceptual/BPSystemStartup/Chapters/CreatingLaunchdJobs.html">Apple
249 MacOS X Daemon Requirements</ulink>.</para>
250 </refsect2>
251
252 </refsect1>
253 <refsect1>
254 <title>Activation</title>
255
256 <para>New-style init systems provide multiple additional
257 mechanisms to activate services, as detailed below. It is common
258 that services are configured to be activated via more than one
259 mechanism at the same time. An example for systemd:
260 <filename>bluetoothd.service</filename> might get activated either
261 when Bluetooth hardware is plugged in, or when an application
262 accesses its programming interfaces via D-Bus. Or, a print server
263 daemon might get activated when traffic arrives at an IPP port, or
264 when a printer is plugged in, or when a file is queued in the
265 printer spool directory. Even for services that are intended to be
266 started on system bootup unconditionally, it is a good idea to
267 implement some of the various activation schemes outlined below,
268 in order to maximize parallelization. If a daemon implements a
269 D-Bus service or listening socket, implementing the full bus and
270 socket activation scheme allows starting of the daemon with its
271 clients in parallel (which speeds up boot-up), since all its
272 communication channels are established already, and no request is
273 lost because client requests will be queued by the bus system (in
274 case of D-Bus) or the kernel (in case of sockets) until the
275 activation is completed.</para>
276
277 <refsect2>
278 <title>Activation on Boot</title>
279
280 <para>Old-style daemons are usually activated exclusively on
281 boot (and manually by the administrator) via SysV init scripts,
282 as detailed in the <ulink
283 url="http://refspecs.linuxbase.org/LSB_3.1.1/LSB-Core-generic/LSB-Core-generic/iniscrptact.html">LSB
284 Linux Standard Base Core Specification</ulink>. This method of
285 activation is supported ubiquitously on Linux init systems, both
286 old-style and new-style systems. Among other issues, SysV init
287 scripts have the disadvantage of involving shell scripts in the
288 boot process. New-style init systems generally employ updated
289 versions of activation, both during boot-up and during runtime
290 and using more minimal service description files.</para>
291
292 <para>In systemd, if the developer or administrator wants to
293 make sure that a service or other unit is activated
294 automatically on boot, it is recommended to place a symlink to
295 the unit file in the <filename>.wants/</filename> directory of
296 either <filename>multi-user.target</filename> or
297 <filename>graphical.target</filename>, which are normally used
298 as boot targets at system startup. See
299 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
300 for details about the <filename>.wants/</filename> directories,
301 and
302 <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>
303 for details about the two boot targets.</para>
304
305 </refsect2>
306
307 <refsect2>
308 <title>Socket-Based Activation</title>
309
310 <para>In order to maximize the possible parallelization and
311 robustness and simplify configuration and development, it is
312 recommended for all new-style daemons that communicate via
313 listening sockets to employ socket-based activation. In a
314 socket-based activation scheme, the creation and binding of the
315 listening socket as primary communication channel of daemons to
316 local (and sometimes remote) clients is moved out of the daemon
317 code and into the init system. Based on per-daemon
318 configuration, the init system installs the sockets and then
319 hands them off to the spawned process as soon as the respective
320 daemon is to be started. Optionally, activation of the service
321 can be delayed until the first inbound traffic arrives at the
322 socket to implement on-demand activation of daemons. However,
323 the primary advantage of this scheme is that all providers and
324 all consumers of the sockets can be started in parallel as soon
325 as all sockets are established. In addition to that, daemons can
326 be restarted with losing only a minimal number of client
327 transactions, or even any client request at all (the latter is
328 particularly true for state-less protocols, such as DNS or
329 syslog), because the socket stays bound and accessible during
330 the restart, and all requests are queued while the daemon cannot
331 process them.</para>
332
333 <para>New-style daemons which support socket activation must be
334 able to receive their sockets from the init system instead of
335 creating and binding them themselves. For details about the
336 programming interfaces for this scheme provided by systemd, see
337 <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
338 and
339 <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
340 For details about porting existing daemons to socket-based
341 activation, see below. With minimal effort, it is possible to
342 implement socket-based activation in addition to traditional
343 internal socket creation in the same codebase in order to
344 support both new-style and old-style init systems from the same
345 daemon binary.</para>
346
347 <para>systemd implements socket-based activation via
348 <filename>.socket</filename> units, which are described in
349 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
350 When configuring socket units for socket-based activation, it is
351 essential that all listening sockets are pulled in by the
352 special target unit <filename>sockets.target</filename>. It is
353 recommended to place a
354 <varname>WantedBy=sockets.target</varname> directive in the
355 <literal>[Install]</literal> section to automatically add such a
356 dependency on installation of a socket unit. Unless
357 <varname>DefaultDependencies=no</varname> is set, the necessary
358 ordering dependencies are implicitly created for all socket
359 units. For more information about
360 <filename>sockets.target</filename>, see
361 <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
362 It is not necessary or recommended to place any additional
363 dependencies on socket units (for example from
364 <filename>multi-user.target</filename> or suchlike) when one is
365 installed in <filename>sockets.target</filename>.</para>
366 </refsect2>
367
368 <refsect2>
369 <title>Bus-Based Activation</title>
370
371 <para>When the D-Bus IPC system is used for communication with
372 clients, new-style daemons should employ bus activation so that
373 they are automatically activated when a client application
374 accesses their IPC interfaces. This is configured in D-Bus
375 service files (not to be confused with systemd service unit
376 files!). To ensure that D-Bus uses systemd to start-up and
377 maintain the daemon, use the <varname>SystemdService=</varname>
378 directive in these service files to configure the matching
379 systemd service for a D-Bus service. e.g.: For a D-Bus service
380 whose D-Bus activation file is named
381 <filename>org.freedesktop.RealtimeKit.service</filename>, make
382 sure to set
383 <varname>SystemdService=rtkit-daemon.service</varname> in that
384 file to bind it to the systemd service
385 <filename>rtkit-daemon.service</filename>. This is needed to
386 make sure that the daemon is started in a race-free fashion when
387 activated via multiple mechanisms simultaneously.</para>
388 </refsect2>
389
390 <refsect2>
391 <title>Device-Based Activation</title>
392
393 <para>Often, daemons that manage a particular type of hardware
394 should be activated only when the hardware of the respective
395 kind is plugged in or otherwise becomes available. In a
396 new-style init system, it is possible to bind activation to
397 hardware plug/unplug events. In systemd, kernel devices
398 appearing in the sysfs/udev device tree can be exposed as units
399 if they are tagged with the string <literal>systemd</literal>.
400 Like any other kind of unit, they may then pull in other units
401 when activated (i.e. plugged in) and thus implement device-based
402 activation. systemd dependencies may be encoded in the udev
403 database via the <varname>SYSTEMD_WANTS=</varname> property. See
404 <citerefentry><refentrytitle>systemd.device</refentrytitle><manvolnum>5</manvolnum></citerefentry>
405 for details. Often, it is nicer to pull in services from devices
406 only indirectly via dedicated targets. Example: Instead of
407 pulling in <filename>bluetoothd.service</filename> from all the
408 various bluetooth dongles and other hardware available, pull in
409 bluetooth.target from them and
410 <filename>bluetoothd.service</filename> from that target. This
411 provides for nicer abstraction and gives administrators the
412 option to enable <filename>bluetoothd.service</filename> via
413 controlling a <filename>bluetooth.target.wants/</filename>
414 symlink uniformly with a command like <command>enable</command>
415 of
416 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
417 instead of manipulating the udev ruleset.</para>
418 </refsect2>
419
420 <refsect2>
421 <title>Path-Based Activation</title>
422
423 <para>Often, runtime of daemons processing spool files or
424 directories (such as a printing system) can be delayed until
425 these file system objects change state, or become non-empty.
426 New-style init systems provide a way to bind service activation
427 to file system changes. systemd implements this scheme via
428 path-based activation configured in <filename>.path</filename>
429 units, as outlined in
430 <citerefentry><refentrytitle>systemd.path</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
431 </refsect2>
432
433 <refsect2>
434 <title>Timer-Based Activation</title>
435
436 <para>Some daemons that implement clean-up jobs that are
437 intended to be executed in regular intervals benefit from
438 timer-based activation. In systemd, this is implemented via
439 <filename>.timer</filename> units, as described in
440 <citerefentry><refentrytitle>systemd.timer</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
441 </refsect2>
442
443 <refsect2>
444 <title>Other Forms of Activation</title>
445
446 <para>Other forms of activation have been suggested and
447 implemented in some systems. However, there are often simpler or
448 better alternatives, or they can be put together of combinations
449 of the schemes above. Example: Sometimes, it appears useful to
450 start daemons or <filename>.socket</filename> units when a
451 specific IP address is configured on a network interface,
452 because network sockets shall be bound to the address. However,
453 an alternative to implement this is by utilizing the Linux
454 <constant>IP_FREEBIND</constant> socket option, as accessible
455 via <varname>FreeBind=yes</varname> in systemd socket files (see
456 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>
457 for details). This option, when enabled, allows sockets to be
458 bound to a non-local, not configured IP address, and hence
459 allows bindings to a particular IP address before it actually
460 becomes available, making such an explicit dependency to the
461 configured address redundant. Another often suggested trigger
462 for service activation is low system load. However, here too, a
463 more convincing approach might be to make proper use of features
b938cb90 464 of the operating system, in particular, the CPU or I/O scheduler
798d3a52
ZJS		 465 of Linux. Instead of scheduling jobs from userspace based on
466 monitoring the OS scheduler, it is advisable to leave the
467 scheduling of processes to the OS scheduler itself. systemd
b938cb90 468 provides fine-grained access to the CPU and I/O schedulers. If a
798d3a52 469 process executed by the init system shall not negatively impact
b938cb90 470 the amount of CPU or I/O bandwidth available to other processes,
798d3a52
ZJS		 471 it should be configured with
472 <varname>CPUSchedulingPolicy=idle</varname> and/or
473 <varname>IOSchedulingClass=idle</varname>. Optionally, this may
474 be combined with timer-based activation to schedule background
475 jobs during runtime and with minimal impact on the system, and
476 remove it from the boot phase itself.</para>
477 </refsect2>
478
479 </refsect1>
480 <refsect1>
f95b0be7 481 <title>Integration with systemd</title>
798d3a52
ZJS		 482
483 <refsect2>
f95b0be7 484 <title>Writing systemd Unit Files</title>
798d3a52
ZJS		 485
486 <para>When writing systemd unit files, it is recommended to
487 consider the following suggestions:</para>
488
489 <orderedlist>
490 <listitem><para>If possible, do not use the
491 <varname>Type=forking</varname> setting in service files. But
492 if you do, make sure to set the PID file path using
493 <varname>PIDFile=</varname>. See
494 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
495 for details.</para></listitem>
496
497 <listitem><para>If your daemon registers a D-Bus name on the
498 bus, make sure to use <varname>Type=dbus</varname> in the
499 service file if possible.</para></listitem>
500
501 <listitem><para>Make sure to set a good human-readable
502 description string with
503 <varname>Description=</varname>.</para></listitem>
504
505 <listitem><para>Do not disable
506 <varname>DefaultDependencies=</varname>, unless you really
507 know what you do and your unit is involved in early boot or
508 late system shutdown.</para></listitem>
509
510 <listitem><para>Normally, little if any dependencies should
511 need to be defined explicitly. However, if you do configure
512 explicit dependencies, only refer to unit names listed on
513 <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>
514 or names introduced by your own package to keep the unit file
515 operating system-independent.</para></listitem>
516
517 <listitem><para>Make sure to include an
518 <literal>[Install]</literal> section including installation
519 information for the unit file. See
520 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
521 for details. To activate your service on boot, make sure to
522 add a <varname>WantedBy=multi-user.target</varname> or
523 <varname>WantedBy=graphical.target</varname> directive. To
524 activate your socket on boot, make sure to add
525 <varname>WantedBy=sockets.target</varname>. Usually, you also
526 want to make sure that when your service is installed, your
527 socket is installed too, hence add
528 <varname>Also=foo.socket</varname> in your service file
529 <filename>foo.service</filename>, for a hypothetical program
530 <filename>foo</filename>.</para></listitem>
531
532 </orderedlist>
533 </refsect2>
534
535 <refsect2>
f95b0be7 536 <title>Installing systemd Service Files</title>
798d3a52
ZJS		 537
538 <para>At the build installation time (e.g. <command>make
539 install</command> during package build), packages are
540 recommended to install their systemd unit files in the directory
541 returned by <command>pkg-config systemd
542 --variable=systemdsystemunitdir</command> (for system services)
543 or <command>pkg-config systemd
544 --variable=systemduserunitdir</command> (for user services).
545 This will make the services available in the system on explicit
546 request but not activate them automatically during boot.
547 Optionally, during package installation (e.g. <command>rpm
548 -i</command> by the administrator), symlinks should be created
549 in the systemd configuration directories via the
550 <command>enable</command> command of the
551 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
552 tool to activate them automatically on boot.</para>
553
554 <para>Packages using
555 <citerefentry project='die-net'><refentrytitle>autoconf</refentrytitle><manvolnum>1</manvolnum></citerefentry>
556 are recommended to use a configure script
557 excerpt like the following to determine the
558 unit installation path during source
559 configuration:</para>
560
561 <programlisting>PKG_PROG_PKG_CONFIG
62adf224 562AC_ARG_WITH([systemdsystemunitdir],
fc9acf25 563 [AS_HELP_STRING([--with-systemdsystemunitdir=DIR], [Directory for systemd service files])],,
5486855f
MG		 564 [with_systemdsystemunitdir=auto])
565AS_IF([test "x$with_systemdsystemunitdir" = "xyes" -o "x$with_systemdsystemunitdir" = "xauto"], [
566 def_systemdsystemunitdir=$($PKG_CONFIG --variable=systemdsystemunitdir systemd)
567
568 AS_IF([test "x$def_systemdsystemunitdir" = "x"],
798d3a52
ZJS		 569 [AS_IF([test "x$with_systemdsystemunitdir" = "xyes"],
570 [AC_MSG_ERROR([systemd support requested but pkg-config unable to query systemd package])])
571 with_systemdsystemunitdir=no],
572 [with_systemdsystemunitdir="$def_systemdsystemunitdir"])])
5486855f
MG		 573AS_IF([test "x$with_systemdsystemunitdir" != "xno"],
574 [AC_SUBST([systemdsystemunitdir], [$with_systemdsystemunitdir])])
fc9acf25 575AM_CONDITIONAL([HAVE_SYSTEMD], [test "x$with_systemdsystemunitdir" != "xno"])</programlisting>
62adf224 576
798d3a52
ZJS		 577 <para>This snippet allows automatic
578 installation of the unit files on systemd
579 machines, and optionally allows their
580 installation even on machines lacking
581 systemd. (Modification of this snippet for the
582 user unit directory is left as an exercise for the
583 reader.)</para>
62adf224 584
798d3a52
ZJS		 585 <para>Additionally, to ensure that
586 <command>make distcheck</command> continues to
587 work, it is recommended to add the following
588 to the top-level <filename>Makefile.am</filename>
589 file in
590 <citerefentry project='die-net'><refentrytitle>automake</refentrytitle><manvolnum>1</manvolnum></citerefentry>-based
591 projects:</para>
62adf224 592
73da5022 593 <programlisting>AM_DISTCHECK_CONFIGURE_FLAGS = \
798d3a52 594 --with-systemdsystemunitdir=$$dc_install_base/$(systemdsystemunitdir)</programlisting>
62adf224 595
798d3a52 596 <para>Finally, unit files should be installed in the system with an automake excerpt like the following:</para>
62adf224 597
798d3a52 598 <programlisting>if HAVE_SYSTEMD
62adf224 599systemdsystemunit_DATA = \
798d3a52
ZJS		 600 foobar.socket \
601 foobar.service
62adf224
LP		 602endif</programlisting>
603
798d3a52
ZJS		 604 <para>In the
605 <citerefentry project='die-net'><refentrytitle>rpm</refentrytitle><manvolnum>8</manvolnum></citerefentry>
606 <filename>.spec</filename> file, use snippets like the following
607 to enable/disable the service during
608 installation/deinstallation. This makes use of the RPM macros
609 shipped along systemd. Consult the packaging guidelines of your
610 distribution for details and the equivalent for other package
611 managers.</para>
8a422bb2 612
798d3a52 613 <para>At the top of the file:</para>
8a422bb2 614
798d3a52 615 <programlisting>BuildRequires: systemd
8a422bb2
LP		 616%{?systemd_requires}</programlisting>
617
798d3a52 618 <para>And as scriptlets, further down:</para>
62adf224 619
798d3a52 620 <programlisting>%post
8a422bb2 621%systemd_post foobar.service foobar.socket
62adf224
LP		 622
623%preun
8a422bb2 624%systemd_preun foobar.service foobar.socket
ee5762e3
LP		 625
626%postun
8a422bb2
LP		 627%systemd_postun</programlisting>
628
798d3a52
ZJS		 629 <para>If the service shall be restarted during upgrades, replace
630 the <literal>%postun</literal> scriptlet above with the
631 following:</para>
8a422bb2 632
798d3a52 633 <programlisting>%postun
8a422bb2
LP		 634%systemd_postun_with_restart foobar.service</programlisting>
635
798d3a52
ZJS		 636 <para>Note that <literal>%systemd_post</literal> and
637 <literal>%systemd_preun</literal> expect the names of all units
638 that are installed/removed as arguments, separated by spaces.
639 <literal>%systemd_postun</literal> expects no arguments.
640 <literal>%systemd_postun_with_restart</literal> expects the
641 units to restart as arguments.</para>
642
643 <para>To facilitate upgrades from a package version that shipped
644 only SysV init scripts to a package version that ships both a
645 SysV init script and a native systemd service file, use a
646 fragment like the following:</para>
647
648 <programlisting>%triggerun -- foobar &lt; 0.47.11-1
63415a2d 649if /sbin/chkconfig --level 5 foobar ; then
798d3a52 650 /bin/systemctl --no-reload enable foobar.service foobar.socket >/dev/null 2>&amp;1 || :
6908d384
LP		 651fi</programlisting>
652
798d3a52
ZJS		 653 <para>Where 0.47.11-1 is the first package version that includes
654 the native unit file. This fragment will ensure that the first
655 time the unit file is installed, it will be enabled if and only
656 if the SysV init script is enabled, thus making sure that the
657 enable status is not changed. Note that
658 <command>chkconfig</command> is a command specific to Fedora
659 which can be used to check whether a SysV init script is
660 enabled. Other operating systems will have to use different
661 commands here.</para>
662 </refsect2>
663 </refsect1>
664
665 <refsect1>
666 <title>Porting Existing Daemons</title>
667
668 <para>Since new-style init systems such as systemd are compatible
669 with traditional SysV init systems, it is not strictly necessary
670 to port existing daemons to the new style. However, doing so
671 offers additional functionality to the daemons as well as
672 simplifying integration into new-style init systems.</para>
673
674 <para>To port an existing SysV compatible daemon, the following
675 steps are recommended:</para>
676
677 <orderedlist>
678 <listitem><para>If not already implemented, add an optional
679 command line switch to the daemon to disable daemonization. This
680 is useful not only for using the daemon in new-style init
681 systems, but also to ease debugging.</para></listitem>
682
683 <listitem><para>If the daemon offers interfaces to other
684 software running on the local system via local
685 <constant>AF_UNIX</constant> sockets, consider implementing
686 socket-based activation (see above). Usually, a minimal patch is
687 sufficient to implement this: Extend the socket creation in the
688 daemon code so that
689 <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
690 is checked for already passed sockets first. If sockets are
691 passed (i.e. when <function>sd_listen_fds()</function> returns a
692 positive value), skip the socket creation step and use the
693 passed sockets. Secondly, ensure that the file system socket
694 nodes for local <constant>AF_UNIX</constant> sockets used in the
695 socket-based activation are not removed when the daemon shuts
696 down, if sockets have been passed. Third, if the daemon normally
697 closes all remaining open file descriptors as part of its
698 initialization, the sockets passed from the init system must be
699 spared. Since new-style init systems guarantee that no left-over
700 file descriptors are passed to executed processes, it might be a
701 good choice to simply skip the closing of all remaining open
702 file descriptors if sockets are passed.</para></listitem>
703
704 <listitem><para>Write and install a systemd unit file for the
705 service (and the sockets if socket-based activation is used, as
706 well as a path unit file, if the daemon processes a spool
707 directory), see above for details.</para></listitem>
708
709 <listitem><para>If the daemon exposes interfaces via D-Bus,
710 write and install a D-Bus activation file for the service, see
711 above for details.</para></listitem>
712 </orderedlist>
713 </refsect1>
714
715 <refsect1>
716 <title>Placing Daemon Data</title>
717
718 <para>It is recommended to follow the general guidelines for
719 placing package files, as discussed in
720 <citerefentry><refentrytitle>file-hierarchy</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
721 </refsect1>
722
723 <refsect1>
724 <title>See Also</title>
725 <para>
726 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
727 <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
728 <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
729 <citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
730 <citerefentry><refentrytitle>daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
731 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
732 <citerefentry><refentrytitle>file-hierarchy</refentrytitle><manvolnum>7</manvolnum></citerefentry>
733 </para>
734 </refsect1>
64aba792
LP		 735
736</refentry>
Unnamed repository; edit this file 'description' to name the repository.