]> git.ipfire.org Git - thirdparty/systemd.git/blame - man/systemd.exec.xml
projects / thirdparty / systemd.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
core: add missing words to my fix of explanation of associativity
[thirdparty/systemd.git] / man / systemd.exec.xml
CommitLineData
dd1eb43b 1<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
798d3a52 2 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
dd1eb43b
LP		 3
4<!--
5 This file is part of systemd.
6
7 Copyright 2010 Lennart Poettering
8
9 systemd is free software; you can redistribute it and/or modify it
5430f7f2
LP		 10 under the terms of the GNU Lesser General Public License as published by
11 the Free Software Foundation; either version 2.1 of the License, or
dd1eb43b
LP		 12 (at your option) any later version.
13
14 systemd is distributed in the hope that it will be useful, but
15 WITHOUT ANY WARRANTY; without even the implied warranty of
16 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
5430f7f2 17 Lesser General Public License for more details.
dd1eb43b 18
5430f7f2 19 You should have received a copy of the GNU Lesser General Public License
dd1eb43b
LP		 20 along with systemd; If not, see <http://www.gnu.org/licenses/>.
21-->
22
23<refentry id="systemd.exec">
798d3a52
ZJS		 24 <refentryinfo>
25 <title>systemd.exec</title>
26 <productname>systemd</productname>
27
28 <authorgroup>
29 <author>
30 <contrib>Developer</contrib>
31 <firstname>Lennart</firstname>
32 <surname>Poettering</surname>
33 <email>lennart@poettering.net</email>
34 </author>
35 </authorgroup>
36 </refentryinfo>
37
38 <refmeta>
39 <refentrytitle>systemd.exec</refentrytitle>
40 <manvolnum>5</manvolnum>
41 </refmeta>
42
43 <refnamediv>
44 <refname>systemd.exec</refname>
45 <refpurpose>Execution environment configuration</refpurpose>
46 </refnamediv>
47
48 <refsynopsisdiv>
49 <para><filename><replaceable>service</replaceable>.service</filename>,
50 <filename><replaceable>socket</replaceable>.socket</filename>,
51 <filename><replaceable>mount</replaceable>.mount</filename>,
52 <filename><replaceable>swap</replaceable>.swap</filename></para>
53 </refsynopsisdiv>
54
55 <refsect1>
56 <title>Description</title>
57
58 <para>Unit configuration files for services, sockets, mount
59 points, and swap devices share a subset of configuration options
60 which define the execution environment of spawned
61 processes.</para>
62
63 <para>This man page lists the configuration options shared by
64 these four unit types. See
65 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
66 for the common options of all unit configuration files, and
67 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
68 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
69 <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
70 and
71 <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>
72 for more information on the specific unit configuration files. The
73 execution specific configuration options are configured in the
74 [Service], [Socket], [Mount], or [Swap] sections, depending on the
75 unit type.</para>
76 </refsect1>
77
78 <refsect1>
79 <title>Options</title>
80
81 <variablelist class='unit-directives'>
82
83 <varlistentry>
84 <term><varname>WorkingDirectory=</varname></term>
85
86 <listitem><para>Takes an absolute directory path. Sets the
87 working directory for executed processes. If not set, defaults
88 to the root directory when systemd is running as a system
89 instance and the respective user's home directory if run as
90 user.</para></listitem>
91 </varlistentry>
92
93 <varlistentry>
94 <term><varname>RootDirectory=</varname></term>
95
96 <listitem><para>Takes an absolute directory path. Sets the
97 root directory for executed processes, with the
98 <citerefentry project='man-pages'><refentrytitle>chroot</refentrytitle><manvolnum>2</manvolnum></citerefentry>
99 system call. If this is used, it must be ensured that the
100 process and all its auxiliary files are available in the
101 <function>chroot()</function> jail.</para></listitem>
102 </varlistentry>
103
104 <varlistentry>
105 <term><varname>User=</varname></term>
106 <term><varname>Group=</varname></term>
107
108 <listitem><para>Sets the Unix user or group that the processes
109 are executed as, respectively. Takes a single user or group
110 name or ID as argument. If no group is set, the default group
111 of the user is chosen.</para></listitem>
112 </varlistentry>
113
114 <varlistentry>
115 <term><varname>SupplementaryGroups=</varname></term>
116
117 <listitem><para>Sets the supplementary Unix groups the
118 processes are executed as. This takes a space-separated list
119 of group names or IDs. This option may be specified more than
120 once in which case all listed groups are set as supplementary
121 groups. When the empty string is assigned the list of
122 supplementary groups is reset, and all assignments prior to
123 this one will have no effect. In any way, this option does not
124 override, but extends the list of supplementary groups
125 configured in the system group database for the
126 user.</para></listitem>
127 </varlistentry>
128
129 <varlistentry>
130 <term><varname>Nice=</varname></term>
131
132 <listitem><para>Sets the default nice level (scheduling
133 priority) for executed processes. Takes an integer between -20
134 (highest priority) and 19 (lowest priority). See
135 <citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum></citerefentry>
136 for details.</para></listitem>
137 </varlistentry>
138
139 <varlistentry>
140 <term><varname>OOMScoreAdjust=</varname></term>
141
142 <listitem><para>Sets the adjustment level for the
143 Out-Of-Memory killer for executed processes. Takes an integer
144 between -1000 (to disable OOM killing for this process) and
145 1000 (to make killing of this process under memory pressure
146 very likely). See <ulink
147 url="https://www.kernel.org/doc/Documentation/filesystems/proc.txt">proc.txt</ulink>
148 for details.</para></listitem>
149 </varlistentry>
150
151 <varlistentry>
152 <term><varname>IOSchedulingClass=</varname></term>
153
154 <listitem><para>Sets the IO scheduling class for executed
155 processes. Takes an integer between 0 and 3 or one of the
156 strings <option>none</option>, <option>realtime</option>,
157 <option>best-effort</option> or <option>idle</option>. See
158 <citerefentry><refentrytitle>ioprio_set</refentrytitle><manvolnum>2</manvolnum></citerefentry>
159 for details.</para></listitem>
160 </varlistentry>
161
162 <varlistentry>
163 <term><varname>IOSchedulingPriority=</varname></term>
164
165 <listitem><para>Sets the IO scheduling priority for executed
166 processes. Takes an integer between 0 (highest priority) and 7
167 (lowest priority). The available priorities depend on the
168 selected IO scheduling class (see above). See
169 <citerefentry><refentrytitle>ioprio_set</refentrytitle><manvolnum>2</manvolnum></citerefentry>
170 for details.</para></listitem>
171 </varlistentry>
172
173 <varlistentry>
174 <term><varname>CPUSchedulingPolicy=</varname></term>
175
176 <listitem><para>Sets the CPU scheduling policy for executed
177 processes. Takes one of
178 <option>other</option>,
179 <option>batch</option>,
180 <option>idle</option>,
181 <option>fifo</option> or
182 <option>rr</option>. See
183 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
184 for details.</para></listitem>
185 </varlistentry>
186
187 <varlistentry>
188 <term><varname>CPUSchedulingPriority=</varname></term>
189
190 <listitem><para>Sets the CPU scheduling priority for executed
191 processes. The available priority range depends on the
192 selected CPU scheduling policy (see above). For real-time
193 scheduling policies an integer between 1 (lowest priority) and
194 99 (highest priority) can be used. See
195 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
196 for details. </para></listitem>
197 </varlistentry>
198
199 <varlistentry>
200 <term><varname>CPUSchedulingResetOnFork=</varname></term>
201
202 <listitem><para>Takes a boolean argument. If true, elevated
203 CPU scheduling priorities and policies will be reset when the
204 executed processes fork, and can hence not leak into child
205 processes. See
206 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
207 for details. Defaults to false.</para></listitem>
208 </varlistentry>
209
210 <varlistentry>
211 <term><varname>CPUAffinity=</varname></term>
212
213 <listitem><para>Controls the CPU affinity of the executed
214 processes. Takes a space-separated list of CPU indices. This
215 option may be specified more than once in which case the
216 specified CPU affinity masks are merged. If the empty string
217 is assigned, the mask is reset, all assignments prior to this
218 will have no effect. See
219 <citerefentry><refentrytitle>sched_setaffinity</refentrytitle><manvolnum>2</manvolnum></citerefentry>
220 for details.</para></listitem>
221 </varlistentry>
222
223 <varlistentry>
224 <term><varname>UMask=</varname></term>
225
226 <listitem><para>Controls the file mode creation mask. Takes an
227 access mode in octal notation. See
228 <citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></citerefentry>
229 for details. Defaults to 0022.</para></listitem>
230 </varlistentry>
231
232 <varlistentry>
233 <term><varname>Environment=</varname></term>
234
235 <listitem><para>Sets environment variables for executed
236 processes. Takes a space-separated list of variable
237 assignments. This option may be specified more than once in
238 which case all listed variables will be set. If the same
239 variable is set twice, the later setting will override the
240 earlier setting. If the empty string is assigned to this
241 option, the list of environment variables is reset, all prior
242 assignments have no effect. Variable expansion is not
243 performed inside the strings, however, specifier expansion is
244 possible. The $ character has no special meaning. If you need
245 to assign a value containing spaces to a variable, use double
246 quotes (") for the assignment.</para>
247
248 <para>Example:
249 <programlisting>Environment="VAR1=word1 word2" VAR2=word3 "VAR3=$word 5 6"</programlisting>
250 gives three variables <literal>VAR1</literal>,
251 <literal>VAR2</literal>, <literal>VAR3</literal>
252 with the values <literal>word1 word2</literal>,
253 <literal>word3</literal>, <literal>$word 5 6</literal>.
254 </para>
255
256 <para>
257 See
258 <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
259 for details about environment variables.</para></listitem>
260 </varlistentry>
261 <varlistentry>
262 <term><varname>EnvironmentFile=</varname></term>
263 <listitem><para>Similar to <varname>Environment=</varname> but
264 reads the environment variables from a text file. The text
265 file should contain new-line-separated variable assignments.
266 Empty lines and lines starting with ; or # will be ignored,
267 which may be used for commenting. A line ending with a
268 backslash will be concatenated with the following one,
269 allowing multiline variable definitions. The parser strips
270 leading and trailing whitespace from the values of
271 assignments, unless you use double quotes (").</para>
272
273 <para>The argument passed should be an absolute filename or
274 wildcard expression, optionally prefixed with
275 <literal>-</literal>, which indicates that if the file does
276 not exist, it will not be read and no error or warning message
277 is logged. This option may be specified more than once in
278 which case all specified files are read. If the empty string
279 is assigned to this option, the list of file to read is reset,
280 all prior assignments have no effect.</para>
281
282 <para>The files listed with this directive will be read
283 shortly before the process is executed (more specifically,
284 after all processes from a previous unit state terminated.
285 This means you can generate these files in one unit state, and
286 read it with this option in the next). Settings from these
287 files override settings made with
288 <varname>Environment=</varname>. If the same variable is set
289 twice from these files, the files will be read in the order
290 they are specified and the later setting will override the
291 earlier setting.</para></listitem>
292 </varlistentry>
293
294 <varlistentry>
295 <term><varname>StandardInput=</varname></term>
296 <listitem><para>Controls where file descriptor 0 (STDIN) of
297 the executed processes is connected to. Takes one of
298 <option>null</option>,
299 <option>tty</option>,
300 <option>tty-force</option>,
301 <option>tty-fail</option> or
302 <option>socket</option>.</para>
303
304 <para>If <option>null</option> is selected, standard input
305 will be connected to <filename>/dev/null</filename>, i.e. all
306 read attempts by the process will result in immediate
307 EOF.</para>
308
309 <para>If <option>tty</option> is selected, standard input is
310 connected to a TTY (as configured by
311 <varname>TTYPath=</varname>, see below) and the executed
312 process becomes the controlling process of the terminal. If
313 the terminal is already being controlled by another process,
314 the executed process waits until the current controlling
315 process releases the terminal.</para>
316
317 <para><option>tty-force</option> is similar to
318 <option>tty</option>, but the executed process is forcefully
319 and immediately made the controlling process of the terminal,
320 potentially removing previous controlling processes from the
321 terminal.</para>
322
323 <para><option>tty-fail</option> is similar to
324 <option>tty</option> but if the terminal already has a
325 controlling process start-up of the executed process
326 fails.</para>
327
328 <para>The <option>socket</option> option is only valid in
329 socket-activated services, and only when the socket
330 configuration file (see
331 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>
332 for details) specifies a single socket only. If this option is
333 set, standard input will be connected to the socket the
334 service was activated from, which is primarily useful for
335 compatibility with daemons designed for use with the
336 traditional
337 <citerefentry><refentrytitle>inetd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
338 daemon.</para>
339
340 <para>This setting defaults to
341 <option>null</option>.</para></listitem>
342 </varlistentry>
343 <varlistentry>
344 <term><varname>StandardOutput=</varname></term>
345 <listitem><para>Controls where file descriptor 1 (STDOUT) of
346 the executed processes is connected to. Takes one of
347 <option>inherit</option>,
348 <option>null</option>,
349 <option>tty</option>,
350 <option>journal</option>,
351 <option>syslog</option>,
352 <option>kmsg</option>,
353 <option>journal+console</option>,
354 <option>syslog+console</option>,
355 <option>kmsg+console</option> or
356 <option>socket</option>.</para>
357
358 <para><option>inherit</option> duplicates the file descriptor
359 of standard input for standard output.</para>
360
361 <para><option>null</option> connects standard output to
362 <filename>/dev/null</filename>, i.e. everything written to it
363 will be lost.</para>
364
365 <para><option>tty</option> connects standard output to a tty
366 (as configured via <varname>TTYPath=</varname>, see below). If
367 the TTY is used for output only, the executed process will not
368 become the controlling process of the terminal, and will not
369 fail or wait for other processes to release the
370 terminal.</para>
371
372 <para><option>journal</option> connects standard output with
373 the journal which is accessible via
374 <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
375 Note that everything that is written to syslog or kmsg (see
376 below) is implicitly stored in the journal as well, the
377 specific two options listed below are hence supersets of this
378 one.</para>
379
380 <para><option>syslog</option> connects standard output to the
381 <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
382 system syslog service, in addition to the journal. Note that
383 the journal daemon is usually configured to forward everything
384 it receives to syslog anyway, in which case this option is no
385 different from <option>journal</option>.</para>
386
387 <para><option>kmsg</option> connects standard output with the
388 kernel log buffer which is accessible via
389 <citerefentry project='man-pages'><refentrytitle>dmesg</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
390 in addition to the journal. The journal daemon might be
391 configured to send all logs to kmsg anyway, in which case this
392 option is no different from <option>journal</option>.</para>
393
394 <para><option>journal+console</option>,
395 <option>syslog+console</option> and
396 <option>kmsg+console</option> work in a similar way as the
397 three options above but copy the output to the system console
398 as well.</para>
399
400 <para><option>socket</option> connects standard output to a
401 socket acquired via socket activation. The semantics are
402 similar to the same option of
403 <varname>StandardInput=</varname>.</para>
404
405 <para>This setting defaults to the value set with
406 <option>DefaultStandardOutput=</option> in
407 <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
408 which defaults to <option>journal</option>.</para></listitem>
409 </varlistentry>
410 <varlistentry>
411 <term><varname>StandardError=</varname></term>
412 <listitem><para>Controls where file descriptor 2 (STDERR) of
413 the executed processes is connected to. The available options
414 are identical to those of <varname>StandardOutput=</varname>,
415 with one exception: if set to <option>inherit</option> the
416 file descriptor used for standard output is duplicated for
417 standard error. This setting defaults to the value set with
418 <option>DefaultStandardError=</option> in
419 <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
420 which defaults to <option>inherit</option>.</para></listitem>
421 </varlistentry>
422 <varlistentry>
423 <term><varname>TTYPath=</varname></term>
424 <listitem><para>Sets the terminal device node to use if
425 standard input, output, or error are connected to a TTY (see
426 above). Defaults to
427 <filename>/dev/console</filename>.</para></listitem>
428 </varlistentry>
429 <varlistentry>
430 <term><varname>TTYReset=</varname></term>
431 <listitem><para>Reset the terminal device specified with
432 <varname>TTYPath=</varname> before and after execution.
433 Defaults to <literal>no</literal>.</para></listitem>
434 </varlistentry>
435 <varlistentry>
436 <term><varname>TTYVHangup=</varname></term>
437 <listitem><para>Disconnect all clients which have opened the
438 terminal device specified with <varname>TTYPath=</varname>
439 before and after execution. Defaults to
440 <literal>no</literal>.</para></listitem>
441 </varlistentry>
442 <varlistentry>
443 <term><varname>TTYVTDisallocate=</varname></term>
444 <listitem><para>If the terminal device specified with
445 <varname>TTYPath=</varname> is a virtual console terminal, try
446 to deallocate the TTY before and after execution. This ensures
447 that the screen and scrollback buffer is cleared. Defaults to
448 <literal>no</literal>.</para></listitem>
449 </varlistentry>
450 <varlistentry>
451 <term><varname>SyslogIdentifier=</varname></term>
452 <listitem><para>Sets the process name to prefix log lines sent
453 to the logging system or the kernel log buffer with. If not
454 set, defaults to the process name of the executed process.
455 This option is only useful when
456 <varname>StandardOutput=</varname> or
457 <varname>StandardError=</varname> are set to
458 <option>syslog</option>, <option>journal</option> or
459 <option>kmsg</option> (or to the same settings in combination
460 with <option>+console</option>).</para></listitem>
461 </varlistentry>
462 <varlistentry>
463 <term><varname>SyslogFacility=</varname></term>
464 <listitem><para>Sets the syslog facility to use when logging
465 to syslog. One of <option>kern</option>,
466 <option>user</option>, <option>mail</option>,
467 <option>daemon</option>, <option>auth</option>,
468 <option>syslog</option>, <option>lpr</option>,
469 <option>news</option>, <option>uucp</option>,
470 <option>cron</option>, <option>authpriv</option>,
471 <option>ftp</option>, <option>local0</option>,
472 <option>local1</option>, <option>local2</option>,
473 <option>local3</option>, <option>local4</option>,
474 <option>local5</option>, <option>local6</option> or
475 <option>local7</option>. See
476 <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
477 for details. This option is only useful when
478 <varname>StandardOutput=</varname> or
479 <varname>StandardError=</varname> are set to
480 <option>syslog</option>. Defaults to
481 <option>daemon</option>.</para></listitem>
482 </varlistentry>
483 <varlistentry>
484 <term><varname>SyslogLevel=</varname></term>
485 <listitem><para>Default syslog level to use when logging to
486 syslog or the kernel log buffer. One of
487 <option>emerg</option>,
488 <option>alert</option>,
489 <option>crit</option>,
490 <option>err</option>,
491 <option>warning</option>,
492 <option>notice</option>,
493 <option>info</option>,
494 <option>debug</option>. See
495 <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
496 for details. This option is only useful when
497 <varname>StandardOutput=</varname> or
498 <varname>StandardError=</varname> are set to
499 <option>syslog</option> or <option>kmsg</option>. Note that
500 individual lines output by the daemon might be prefixed with a
501 different log level which can be used to override the default
502 log level specified here. The interpretation of these prefixes
503 may be disabled with <varname>SyslogLevelPrefix=</varname>,
504 see below. For details see
505 <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
506
507 Defaults to
508 <option>info</option>.</para></listitem>
509 </varlistentry>
510
511 <varlistentry>
512 <term><varname>SyslogLevelPrefix=</varname></term>
513 <listitem><para>Takes a boolean argument. If true and
514 <varname>StandardOutput=</varname> or
515 <varname>StandardError=</varname> are set to
516 <option>syslog</option>, <option>kmsg</option> or
517 <option>journal</option>, log lines written by the executed
518 process that are prefixed with a log level will be passed on
519 to syslog with this log level set but the prefix removed. If
520 set to false, the interpretation of these prefixes is disabled
521 and the logged lines are passed on as-is. For details about
522 this prefixing see
523 <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
524 Defaults to true.</para></listitem>
525 </varlistentry>
526
527 <varlistentry>
528 <term><varname>TimerSlackNSec=</varname></term>
529 <listitem><para>Sets the timer slack in nanoseconds for the
530 executed processes. The timer slack controls the accuracy of
531 wake-ups triggered by timers. See
532 <citerefentry><refentrytitle>prctl</refentrytitle><manvolnum>2</manvolnum></citerefentry>
533 for more information. Note that in contrast to most other time
534 span definitions this parameter takes an integer value in
535 nano-seconds if no unit is specified. The usual time units are
536 understood too.</para></listitem>
537 </varlistentry>
538
539 <varlistentry>
540 <term><varname>LimitCPU=</varname></term>
541 <term><varname>LimitFSIZE=</varname></term>
542 <term><varname>LimitDATA=</varname></term>
543 <term><varname>LimitSTACK=</varname></term>
544 <term><varname>LimitCORE=</varname></term>
545 <term><varname>LimitRSS=</varname></term>
546 <term><varname>LimitNOFILE=</varname></term>
547 <term><varname>LimitAS=</varname></term>
548 <term><varname>LimitNPROC=</varname></term>
549 <term><varname>LimitMEMLOCK=</varname></term>
550 <term><varname>LimitLOCKS=</varname></term>
551 <term><varname>LimitSIGPENDING=</varname></term>
552 <term><varname>LimitMSGQUEUE=</varname></term>
553 <term><varname>LimitNICE=</varname></term>
554 <term><varname>LimitRTPRIO=</varname></term>
555 <term><varname>LimitRTTIME=</varname></term>
556 <listitem><para>These settings set both soft and hard limits
557 of various resources for executed processes. See
558 <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry>
559 for details. Use the string <varname>infinity</varname> to
560 configure no limit on a specific resource.</para></listitem>
561
562 <table>
563 <title>Limit directives and their equivalent with ulimit</title>
564
565 <tgroup cols='2'>
566 <colspec colname='directive' />
567 <colspec colname='equivalent' />
568 <thead>
569 <row>
570 <entry>Directive</entry>
571 <entry>ulimit equivalent</entry>
572 </row>
573 </thead>
574 <tbody>
575 <row>
576 <entry>LimitCPU</entry>
577 <entry>ulimit -t</entry>
578 </row>
579 <row>
580 <entry>LimitFSIZE</entry>
581 <entry>ulimit -f</entry>
582 </row>
583 <row>
584 <entry>LimitDATA</entry>
585 <entry>ulimit -d</entry>
586 </row>
587 <row>
588 <entry>LimitSTACK</entry>
589 <entry>ulimit -s</entry>
590 </row>
591 <row>
592 <entry>LimitCORE</entry>
593 <entry>ulimit -c</entry>
594 </row>
595 <row>
596 <entry>LimitRSS</entry>
597 <entry>ulimit -m</entry>
598 </row>
599 <row>
600 <entry>LimitNOFILE</entry>
601 <entry>ulimit -n</entry>
602 </row>
603 <row>
604 <entry>LimitAS</entry>
605 <entry>ulimit -v</entry>
606 </row>
607 <row>
608 <entry>LimitNPROC</entry>
609 <entry>ulimit -u</entry>
610 </row>
611 <row>
612 <entry>LimitMEMLOCK</entry>
613 <entry>ulimit -l</entry>
614 </row>
615 <row>
616 <entry>LimitLOCKS</entry>
617 <entry>ulimit -x</entry>
618 </row>
619 <row>
620 <entry>LimitSIGPENDING</entry>
621 <entry>ulimit -i</entry>
622 </row>
623 <row>
624 <entry>LimitMSGQUEUE</entry>
625 <entry>ulimit -q</entry>
626 </row>
627 <row>
628 <entry>LimitNICE</entry>
629 <entry>ulimit -e</entry>
630 </row>
631 <row>
632 <entry>LimitRTPRIO</entry>
633 <entry>ulimit -r</entry>
634 </row>
635 <row>
636 <entry>LimitRTTIME</entry>
637 <entry>No equivalent</entry>
638 </row>
639 </tbody>
640 </tgroup>
641 </table>
642 </varlistentry>
643
644 <varlistentry>
645 <term><varname>PAMName=</varname></term>
646 <listitem><para>Sets the PAM service name to set up a session
647 as. If set, the executed process will be registered as a PAM
648 session under the specified service name. This is only useful
649 in conjunction with the <varname>User=</varname> setting. If
650 not set, no PAM session will be opened for the executed
651 processes. See
652 <citerefentry project='man-pages'><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>
653 for details.</para></listitem>
654 </varlistentry>
655
656 <varlistentry>
657 <term><varname>CapabilityBoundingSet=</varname></term>
658
659 <listitem><para>Controls which capabilities to include in the
660 capability bounding set for the executed process. See
661 <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
662 for details. Takes a whitespace-separated list of capability
663 names as read by
664 <citerefentry><refentrytitle>cap_from_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
665 e.g. <constant>CAP_SYS_ADMIN</constant>,
666 <constant>CAP_DAC_OVERRIDE</constant>,
667 <constant>CAP_SYS_PTRACE</constant>. Capabilities listed will
668 be included in the bounding set, all others are removed. If
669 the list of capabilities is prefixed with
670 <literal>~</literal>, all but the listed capabilities will be
671 included, the effect of the assignment inverted. Note that
672 this option also affects the respective capabilities in the
673 effective, permitted and inheritable capability sets, on top
674 of what <varname>Capabilities=</varname> does. If this option
675 is not used, the capability bounding set is not modified on
676 process execution, hence no limits on the capabilities of the
677 process are enforced. This option may appear more than once in
678 which case the bounding sets are merged. If the empty string
679 is assigned to this option, the bounding set is reset to the
680 empty capability set, and all prior settings have no effect.
681 If set to <literal>~</literal> (without any further argument),
682 the bounding set is reset to the full set of available
683 capabilities, also undoing any previous
684 settings.</para></listitem>
685 </varlistentry>
686
687 <varlistentry>
688 <term><varname>SecureBits=</varname></term>
689 <listitem><para>Controls the secure bits set for the executed
690 process. Takes a space-separated combination of options from
691 the following list:
692 <option>keep-caps</option>,
693 <option>keep-caps-locked</option>,
694 <option>no-setuid-fixup</option>,
695 <option>no-setuid-fixup-locked</option>,
696 <option>noroot</option>, and
697 <option>noroot-locked</option>.
698 This option may appear more than once in which case the secure
699 bits are ORed. If the empty string is assigned to this option,
700 the bits are reset to 0. See
701 <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
702 for details.</para></listitem>
703 </varlistentry>
704
705 <varlistentry>
706 <term><varname>Capabilities=</varname></term>
707 <listitem><para>Controls the
708 <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
709 set for the executed process. Take a capability string
710 describing the effective, permitted and inherited capability
711 sets as documented in
712 <citerefentry><refentrytitle>cap_from_text</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
713 Note that these capability sets are usually influenced (and
714 filtered) by the capabilities attached to the executed file.
715 Due to that <varname>CapabilityBoundingSet=</varname> is
716 probably a much more useful setting.</para></listitem>
717 </varlistentry>
718
719 <varlistentry>
720 <term><varname>ReadWriteDirectories=</varname></term>
721 <term><varname>ReadOnlyDirectories=</varname></term>
722 <term><varname>InaccessibleDirectories=</varname></term>
723
724 <listitem><para>Sets up a new file system namespace for
725 executed processes. These options may be used to limit access
726 a process might have to the main file system hierarchy. Each
727 setting takes a space-separated list of absolute directory
728 paths. Directories listed in
729 <varname>ReadWriteDirectories=</varname> are accessible from
730 within the namespace with the same access rights as from
731 outside. Directories listed in
732 <varname>ReadOnlyDirectories=</varname> are accessible for
733 reading only, writing will be refused even if the usual file
734 access controls would permit this. Directories listed in
735 <varname>InaccessibleDirectories=</varname> will be made
736 inaccessible for processes inside the namespace. Note that
737 restricting access with these options does not extend to
738 submounts of a directory that are created later on. These
739 options may be specified more than once in which case all
740 directories listed will have limited access from within the
741 namespace. If the empty string is assigned to this option, the
742 specific list is reset, and all prior assignments have no
743 effect.</para>
744 <para>Paths in
745 <varname>ReadOnlyDirectories=</varname>
746 and
747 <varname>InaccessibleDirectories=</varname>
748 may be prefixed with
749 <literal>-</literal>, in which case
750 they will be ignored when they do not
751 exist. Note that using this
752 setting will disconnect propagation of
753 mounts from the service to the host
754 (propagation in the opposite direction
755 continues to work). This means that
756 this setting may not be used for
757 services which shall be able to
758 install mount points in the main mount
759 namespace.</para></listitem>
760 </varlistentry>
761
762 <varlistentry>
763 <term><varname>PrivateTmp=</varname></term>
764
765 <listitem><para>Takes a boolean argument. If true, sets up a
766 new file system namespace for the executed processes and
767 mounts private <filename>/tmp</filename> and
768 <filename>/var/tmp</filename> directories inside it that is
769 not shared by processes outside of the namespace. This is
770 useful to secure access to temporary files of the process, but
771 makes sharing between processes via <filename>/tmp</filename>
772 or <filename>/var/tmp</filename> impossible. If this is
773 enabled, all temporary files created by a service in these
774 directories will be removed after the service is stopped.
775 Defaults to false. It is possible to run two or more units
776 within the same private <filename>/tmp</filename> and
777 <filename>/var/tmp</filename> namespace by using the
778 <varname>JoinsNamespaceOf=</varname> directive, see
779 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
780 for details. Note that using this setting will disconnect
781 propagation of mounts from the service to the host
782 (propagation in the opposite direction continues to work).
783 This means that this setting may not be used for services
784 which shall be able to install mount points in the main mount
785 namespace.</para></listitem>
786 </varlistentry>
787
788 <varlistentry>
789 <term><varname>PrivateDevices=</varname></term>
790
791 <listitem><para>Takes a boolean argument. If true, sets up a
792 new /dev namespace for the executed processes and only adds
793 API pseudo devices such as <filename>/dev/null</filename>,
794 <filename>/dev/zero</filename> or
795 <filename>/dev/random</filename> (as well as the pseudo TTY
796 subsystem) to it, but no physical devices such as
797 <filename>/dev/sda</filename>. This is useful to securely turn
798 off physical device access by the executed process. Defaults
799 to false. Enabling this option will also remove
800 <constant>CAP_MKNOD</constant> from the capability bounding
801 set for the unit (see above), and set
802 <varname>DevicePolicy=closed</varname> (see
803 <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
804 for details). Note that using this setting will disconnect
805 propagation of mounts from the service to the host
806 (propagation in the opposite direction continues to work).
807 This means that this setting may not be used for services
808 which shall be able to install mount points in the main mount
809 namespace.</para></listitem>
810 </varlistentry>
811
812 <varlistentry>
813 <term><varname>PrivateNetwork=</varname></term>
814
815 <listitem><para>Takes a boolean argument. If true, sets up a
816 new network namespace for the executed processes and
817 configures only the loopback network device
818 <literal>lo</literal> inside it. No other network devices will
819 be available to the executed process. This is useful to
820 securely turn off network access by the executed process.
821 Defaults to false. It is possible to run two or more units
822 within the same private network namespace by using the
823 <varname>JoinsNamespaceOf=</varname> directive, see
824 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
825 for details. Note that this option will disconnect all socket
826 families from the host, this includes AF_NETLINK and AF_UNIX.
827 The latter has the effect that AF_UNIX sockets in the abstract
828 socket namespace will become unavailable to the processes
829 (however, those located in the file system will continue to be
830 accessible).</para></listitem>
831 </varlistentry>
832
833 <varlistentry>
834 <term><varname>ProtectSystem=</varname></term>
835
836 <listitem><para>Takes a boolean argument or
837 <literal>full</literal>. If true, mounts the
838 <filename>/usr</filename> and <filename>/boot</filename>
839 directories read-only for processes invoked by this unit. If
840 set to <literal>full</literal>, the <filename>/etc</filename>
841 directory is mounted read-only, too. This setting ensures that
842 any modification of the vendor supplied operating system (and
843 optionally its configuration) is prohibited for the service.
844 It is recommended to enable this setting for all long-running
845 services, unless they are involved with system updates or need
846 to modify the operating system in other ways. Note however
847 that processes retaining the CAP_SYS_ADMIN capability can undo
848 the effect of this setting. This setting is hence particularly
849 useful for daemons which have this capability removed, for
850 example with <varname>CapabilityBoundingSet=</varname>.
851 Defaults to off.</para></listitem>
852 </varlistentry>
853
854 <varlistentry>
855 <term><varname>ProtectHome=</varname></term>
856
857 <listitem><para>Takes a boolean argument or
858 <literal>read-only</literal>. If true, the directories
859 <filename>/home</filename> and <filename>/run/user</filename>
860 are made inaccessible and empty for processes invoked by this
861 unit. If set to <literal>read-only</literal>, the two
862 directories are made read-only instead. It is recommended to
863 enable this setting for all long-running services (in
864 particular network-facing ones), to ensure they cannot get
865 access to private user data, unless the services actually
866 require access to the user's private data. Note however that
867 processes retaining the CAP_SYS_ADMIN capability can undo the
868 effect of this setting. This setting is hence particularly
869 useful for daemons which have this capability removed, for
870 example with <varname>CapabilityBoundingSet=</varname>.
871 Defaults to off.</para></listitem>
872 </varlistentry>
873
874 <varlistentry>
875 <term><varname>MountFlags=</varname></term>
876
877 <listitem><para>Takes a mount propagation flag:
878 <option>shared</option>, <option>slave</option> or
879 <option>private</option>, which control whether mounts in the
880 file system namespace set up for this unit's processes will
881 receive or propagate mounts or unmounts. See
882 <citerefentry><refentrytitle>mount</refentrytitle><manvolnum>2</manvolnum></citerefentry>
883 for details. Defaults to <option>shared</option>. Use
884 <option>shared</option> to ensure that mounts and unmounts are
885 propagated from the host to the container and vice versa. Use
886 <option>slave</option> to run processes so that none of their
887 mounts and unmounts will propagate to the host. Use
888 <option>private</option> to also ensure that no mounts and
889 unmounts from the host will propagate into the unit processes'
890 namespace. Note that <option>slave</option> means that file
891 systems mounted on the host might stay mounted continuously in
892 the unit's namespace, and thus keep the device busy. Note that
893 the file system namespace related options
894 (<varname>PrivateTmp=</varname>,
895 <varname>PrivateDevices=</varname>,
896 <varname>ProtectSystem=</varname>,
897 <varname>ProtectHome=</varname>,
898 <varname>ReadOnlyDirectories=</varname>,
899 <varname>InaccessibleDirectories=</varname> and
900 <varname>ReadWriteDirectories=</varname>) require that mount
901 and unmount propagation from the unit's file system namespace
902 is disabled, and hence downgrade <option>shared</option> to
903 <option>slave</option>. </para></listitem>
904 </varlistentry>
905
906 <varlistentry>
907 <term><varname>UtmpIdentifier=</varname></term>
908
909 <listitem><para>Takes a four character identifier string for
910 an utmp/wtmp entry for this service. This should only be set
911 for services such as <command>getty</command> implementations
912 where utmp/wtmp entries must be created and cleared before and
913 after execution. If the configured string is longer than four
914 characters, it is truncated and the terminal four characters
915 are used. This setting interprets %I style string
916 replacements. This setting is unset by default, i.e. no
917 utmp/wtmp entries are created or cleaned up for this
918 service.</para></listitem>
919 </varlistentry>
920
921 <varlistentry>
922 <term><varname>SELinuxContext=</varname></term>
923
924 <listitem><para>Set the SELinux security context of the
925 executed process. If set, this will override the automated
926 domain transition. However, the policy still needs to
927 authorize the transition. This directive is ignored if SELinux
928 is disabled. If prefixed by <literal>-</literal>, all errors
929 will be ignored. See
930 <citerefentry><refentrytitle>setexeccon</refentrytitle><manvolnum>3</manvolnum></citerefentry>
931 for details.</para></listitem>
932 </varlistentry>
933
934 <varlistentry>
935 <term><varname>AppArmorProfile=</varname></term>
936
937 <listitem><para>Takes a profile name as argument. The process
938 executed by the unit will switch to this profile when started.
939 Profiles must already be loaded in the kernel, or the unit
940 will fail. This result in a non operation if AppArmor is not
941 enabled. If prefixed by <literal>-</literal>, all errors will
942 be ignored. </para></listitem>
943 </varlistentry>
944
945 <varlistentry>
946 <term><varname>SmackProcessLabel=</varname></term>
947
948 <listitem><para>Takes a <option>SMACK64</option> security
949 label as argument. The process executed by the unit will be
950 started under this label and SMACK will decide whether the
951 processes is allowed to run or not based on it. The process
952 will continue to run under the label specified here unless the
953 executable has its own <option>SMACK64EXEC</option> label, in
954 which case the process will transition to run under that
955 label. When not specified, the label that systemd is running
956 under is used. This directive is ignored if SMACK is
957 disabled.</para>
958
959 <para>The value may be prefixed by <literal>-</literal>, in
960 which case all errors will be ignored. An empty value may be
961 specified to unset previous assignments.</para>
962 </listitem>
963 </varlistentry>
964
965 <varlistentry>
966 <term><varname>IgnoreSIGPIPE=</varname></term>
967
968 <listitem><para>Takes a boolean argument. If true, causes
969 <constant>SIGPIPE</constant> to be ignored in the executed
970 process. Defaults to true because <constant>SIGPIPE</constant>
971 generally is useful only in shell pipelines.</para></listitem>
972 </varlistentry>
973
974 <varlistentry>
975 <term><varname>NoNewPrivileges=</varname></term>
976
977 <listitem><para>Takes a boolean argument. If true, ensures
978 that the service process and all its children can never gain
979 new privileges. This option is more powerful than the
980 respective secure bits flags (see above), as it also prohibits
981 UID changes of any kind. This is the simplest, most effective
982 way to ensure that a process and its children can never
983 elevate privileges again.</para></listitem>
984 </varlistentry>
985
986 <varlistentry>
987 <term><varname>SystemCallFilter=</varname></term>
988
989 <listitem><para>Takes a space-separated list of system call
990 names. If this setting is used, all system calls executed by
991 the unit processes except for the listed ones will result in
992 immediate process termination with the
993 <constant>SIGSYS</constant> signal (whitelisting). If the
994 first character of the list is <literal>~</literal>, the
995 effect is inverted: only the listed system calls will result
996 in immediate process termination (blacklisting). If running in
997 user mode and this option is used,
998 <varname>NoNewPrivileges=yes</varname> is implied. This
999 feature makes use of the Secure Computing Mode 2 interfaces of
1000 the kernel ('seccomp filtering') and is useful for enforcing a
1001 minimal sandboxing environment. Note that the
1002 <function>execve</function>,
1003 <function>rt_sigreturn</function>,
1004 <function>sigreturn</function>,
1005 <function>exit_group</function>, <function>exit</function>
1006 system calls are implicitly whitelisted and do not need to be
1007 listed explicitly. This option may be specified more than once
1008 in which case the filter masks are merged. If the empty string
1009 is assigned, the filter is reset, all prior assignments will
1010 have no effect.</para>
1011
1012 <para>If you specify both types of this option (i.e.
1013 whitelisting and blacklisting), the first encountered will
1014 take precedence and will dictate the default action
1015 (termination or approval of a system call). Then the next
1016 occurrences of this option will add or delete the listed
1017 system calls from the set of the filtered system calls,
1018 depending of its type and the default action. (For example, if
1019 you have started with a whitelisting of
1020 <function>read</function> and <function>write</function>, and
1021 right after it add a blacklisting of
1022 <function>write</function>, then <function>write</function>
1023 will be removed from the set.) </para></listitem>
1024 </varlistentry>
1025
1026 <varlistentry>
1027 <term><varname>SystemCallErrorNumber=</varname></term>
1028
1029 <listitem><para>Takes an <literal>errno</literal> error number
1030 name to return when the system call filter configured with
1031 <varname>SystemCallFilter=</varname> is triggered, instead of
1032 terminating the process immediately. Takes an error name such
1033 as <constant>EPERM</constant>, <constant>EACCES</constant> or
1034 <constant>EUCLEAN</constant>. When this setting is not used,
1035 or when the empty string is assigned, the process will be
1036 terminated immediately when the filter is
1037 triggered.</para></listitem>
1038 </varlistentry>
1039
1040 <varlistentry>
1041 <term><varname>SystemCallArchitectures=</varname></term>
1042
1043 <listitem><para>Takes a space separated list of architecture
1044 identifiers to include in the system call filter. The known
1045 architecture identifiers are <constant>x86</constant>,
1046 <constant>x86-64</constant>, <constant>x32</constant>,
1047 <constant>arm</constant> as well as the special identifier
1048 <constant>native</constant>. Only system calls of the
1049 specified architectures will be permitted to processes of this
1050 unit. This is an effective way to disable compatibility with
1051 non-native architectures for processes, for example to
1052 prohibit execution of 32-bit x86 binaries on 64-bit x86-64
1053 systems. The special <constant>native</constant> identifier
1054 implicitly maps to the native architecture of the system (or
1055 more strictly: to the architecture the system manager is
1056 compiled for). If running in user mode and this option is
1057 used, <varname>NoNewPrivileges=yes</varname> is implied. Note
1058 that setting this option to a non-empty list implies that
1059 <constant>native</constant> is included too. By default, this
1060 option is set to the empty list, i.e. no architecture system
1061 call filtering is applied.</para></listitem>
1062 </varlistentry>
1063
1064 <varlistentry>
1065 <term><varname>RestrictAddressFamilies=</varname></term>
1066
1067 <listitem><para>Restricts the set of socket address families
1068 accessible to the processes of this unit. Takes a
1069 space-separated list of address family names to whitelist,
1070 such as
1071 <constant>AF_UNIX</constant>,
1072 <constant>AF_INET</constant> or
1073 <constant>AF_INET6</constant>. When
1074 prefixed with <constant>~</constant> the listed address
1075 families will be applied as blacklist, otherwise as whitelist.
1076 Note that this restricts access to the
1077 <citerefentry><refentrytitle>socket</refentrytitle><manvolnum>2</manvolnum></citerefentry>
1078 system call only. Sockets passed into the process by other
1079 means (for example, by using socket activation with socket
1080 units, see
1081 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>)
1082 are unaffected. Also, sockets created with
1083 <function>socketpair()</function> (which creates connected
1084 AF_UNIX sockets only) are unaffected. Note that this option
1085 has no effect on 32-bit x86 and is ignored (but works
1086 correctly on x86-64). If running in user mode and this option
1087 is used, <varname>NoNewPrivileges=yes</varname> is implied. By
1088 default, no restriction applies, all address families are
1089 accessible to processes. If assigned the empty string, any
1090 previous list changes are undone.</para>
1091
1092 <para>Use this option to limit exposure of processes to remote
1093 systems, in particular via exotic network protocols. Note that
1094 in most cases, the local <constant>AF_UNIX</constant> address
1095 family should be included in the configured whitelist as it is
1096 frequently used for local communication, including for
1097 <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>2</manvolnum></citerefentry>
1098 logging.</para></listitem>
1099 </varlistentry>
1100
1101 <varlistentry>
1102 <term><varname>Personality=</varname></term>
1103
1104 <listitem><para>Controls which kernel architecture
1105 <citerefentry><refentrytitle>uname</refentrytitle><manvolnum>2</manvolnum></citerefentry>
1106 shall report, when invoked by unit processes. Takes one of
1107 <constant>x86</constant> and <constant>x86-64</constant>. This
1108 is useful when running 32-bit services on a 64-bit host
1109 system. If not specified, the personality is left unmodified
1110 and thus reflects the personality of the host system's
1111 kernel.</para></listitem>
1112 </varlistentry>
1113
1114 <varlistentry>
1115 <term><varname>RuntimeDirectory=</varname></term>
1116 <term><varname>RuntimeDirectoryMode=</varname></term>
1117
1118 <listitem><para>Takes a list of directory names. If set, one
1119 or more directories by the specified names will be created
1120 below <filename>/run</filename> (for system services) or below
1121 <varname>$XDG_RUNTIME_DIR</varname> (for user services) when
1122 the unit is started, and removed when the unit is stopped. The
1123 directories will have the access mode specified in
1124 <varname>RuntimeDirectoryMode=</varname>, and will be owned by
1125 the user and group specified in <varname>User=</varname> and
1126 <varname>Group=</varname>. Use this to manage one or more
1127 runtime directories of the unit and bind their lifetime to the
1128 daemon runtime. The specified directory names must be
1129 relative, and may not include a <literal>/</literal>, i.e.
1130 must refer to simple directories to create or remove. This is
1131 particularly useful for unprivileged daemons that cannot
1132 create runtime directories in <filename>/run</filename> due to
1133 lack of privileges, and to make sure the runtime directory is
1134 cleaned up automatically after use. For runtime directories
1135 that require more complex or different configuration or
1136 lifetime guarantees, please consider using
1137 <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para></listitem>
1138 </varlistentry>
1139
1140 </variablelist>
1141 </refsect1>
1142
1143 <refsect1>
1144 <title>Environment variables in spawned processes</title>
1145
1146 <para>Processes started by the system are executed in a clean
1147 environment in which select variables listed below are set. System
1148 processes started by systemd do not inherit variables from PID 1,
1149 but processes started by user systemd instances inherit all
1150 environment variables from the user systemd instance.
1151 </para>
1152
1153 <variablelist class='environment-variables'>
1154 <varlistentry>
1155 <term><varname>$PATH</varname></term>
1156
1157 <listitem><para>Colon-separated list of directories to use
1158 when launching executables. Systemd uses a fixed value of
1159 <filename>/usr/local/sbin</filename>:<filename>/usr/local/bin</filename>:<filename>/usr/sbin</filename>:<filename>/usr/bin</filename>:<filename>/sbin</filename>:<filename>/bin</filename>.
1160 </para></listitem>
1161 </varlistentry>
1162
1163 <varlistentry>
1164 <term><varname>$LANG</varname></term>
1165
1166 <listitem><para>Locale. Can be set in
1167 <citerefentry><refentrytitle>locale.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
1168 or on the kernel command line (see
1169 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
1170 and
1171 <citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry>).
1172 </para></listitem>
1173 </varlistentry>
1174
1175 <varlistentry>
1176 <term><varname>$USER</varname></term>
1177 <term><varname>$LOGNAME</varname></term>
1178 <term><varname>$HOME</varname></term>
1179 <term><varname>$SHELL</varname></term>
1180
1181 <listitem><para>User name (twice), home directory, and the
1182 login shell. The variables are set for the units that have
1183 <varname>User=</varname> set, which includes user
1184 <command>systemd</command> instances. See
1185 <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
1186 </para></listitem>
1187 </varlistentry>
1188
1189 <varlistentry>
1190 <term><varname>$XDG_RUNTIME_DIR</varname></term>
1191
1192 <listitem><para>The directory for volatile state. Set for the
1193 user <command>systemd</command> instance, and also in user
1194 sessions. See
1195 <citerefentry><refentrytitle>pam_systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
1196 </para></listitem>
1197 </varlistentry>
1198
1199 <varlistentry>
1200 <term><varname>$XDG_SESSION_ID</varname></term>
1201 <term><varname>$XDG_SEAT</varname></term>
1202 <term><varname>$XDG_VTNR</varname></term>
1203
1204 <listitem><para>The identifier of the session, the seat name,
1205 and virtual terminal of the session. Set by
1206 <citerefentry><refentrytitle>pam_systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
1207 for login sessions. <varname>$XDG_SEAT</varname> and
1208 <varname>$XDG_VTNR</varname> will only be set when attached to
1209 a seat and a tty.</para></listitem>
1210 </varlistentry>
1211
1212 <varlistentry>
1213 <term><varname>$MAINPID</varname></term>
1214
1215 <listitem><para>The PID of the units main process if it is
1216 known. This is only set for control processes as invoked by
1217 <varname>ExecReload=</varname> and similar. </para></listitem>
1218 </varlistentry>
1219
1220 <varlistentry>
1221 <term><varname>$MANAGERPID</varname></term>
1222
1223 <listitem><para>The PID of the user <command>systemd</command>
1224 instance, set for processes spawned by it. </para></listitem>
1225 </varlistentry>
1226
1227 <varlistentry>
1228 <term><varname>$LISTEN_FDS</varname></term>
1229 <term><varname>$LISTEN_PID</varname></term>
1230
1231 <listitem><para>Information about file descriptors passed to a
1232 service for socket activation. See
1233 <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
1234 </para></listitem>
1235 </varlistentry>
1236
1237 <varlistentry>
1238 <term><varname>$TERM</varname></term>
1239
1240 <listitem><para>Terminal type, set only for units connected to
1241 a terminal (<varname>StandardInput=tty</varname>,
1242 <varname>StandardOutput=tty</varname>, or
1243 <varname>StandardError=tty</varname>). See
1244 <citerefentry project='man-pages'><refentrytitle>termcap</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
1245 </para></listitem>
1246 </varlistentry>
1247 </variablelist>
1248
1249 <para>Additional variables may be configured by the following
1250 means: for processes spawned in specific units, use the
1251 <varname>Environment=</varname> and
1252 <varname>EnvironmentFile=</varname> options above; to specify
1253 variables globally, use <varname>DefaultEnvironment=</varname>
1254 (see
1255 <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>)
1256 or the kernel option <varname>systemd.setenv=</varname> (see
1257 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>).
1258 Additional variables may also be set through PAM,
1259 cf. <citerefentry project='man-pages'><refentrytitle>pam_env</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
1260 </refsect1>
1261
1262 <refsect1>
1263 <title>See Also</title>
1264 <para>
1265 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
1266 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
1267 <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
1268 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1269 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1270 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1271 <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1272 <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1273 <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1274 <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1275 <citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
1276 <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1277 <citerefentry project='man-pages'><refentrytitle>exec</refentrytitle><manvolnum>3</manvolnum></citerefentry>
1278 </para>
1279 </refsect1>
dd1eb43b
LP		 1280
1281</refentry>
Unnamed repository; edit this file 'description' to name the repository.