docs/DISTRO_PORTING.md

   1 ---
   2 title: Porting systemd To New Distributions
   3 ---
   4
   5 # Porting systemd To New Distributions
   6
   7 ## HOWTO
   8
   9 You need to make the follow changes to adapt systemd to your
  10 distribution:
  11
  12 1. Find the right configure parameters for:
  13
  14    * `-Drootprefix=`
  15    * `-Dsysvinit-path=`
  16    * `-Dsysvrcnd-path=`
  17    * `-Drc-local=`
  18    * `-Dloadkeys-path=`
  19    * `-Dsetfont-path=`
  20    * `-Dtty-gid=`
  21    * `-Dntp-servers=`
  22    * `-Ddns-servers=`
  23    * `-Dsupport-url=`
  24
  25 2. Try it out.
  26
  27    Play around (as an ordinary user) with
  28    `/usr/lib/systemd/systemd --test --system` for a test run
  29    of systemd without booting. This will read the unit files and
  30    print the initial transaction it would execute during boot-up.
  31    This will also inform you about ordering loops and suchlike.
  32
  33 ## Compilation options
  34
  35 The default configuration does not enable any optimization or hardening
  36 options. This is suitable for development and testing, but not for end-user
  37 installations.
  38
  39 For deployment, optimization (`-O2` or `-O3` compiler options), link time
  40 optimization (`-Db_lto=true` meson option), and hardening (e.g.
  41 `-D_FORTIFY_SOURCE=2`, `-fstack-protector-strong`, `-fstack-clash-protection`,
  42 `-fcf-protection`, `-pie` compiler options, and `-z relro`, `-z now`,
  43 `--as-needed` linker options) are recommended. The most appropriate set of
  44 options depends on the architecture and distribution specifics so no default is
  45 provided.
  46
  47 ## NTP Pool
  48
  49 By default, systemd-timesyncd uses the Google Public NTP servers
  50 `time[1-4].google.com`, if no other NTP configuration is available.
  51 They serve time that uses a
  52 [leap second smear](https://developers.google.com/time/smear)
  53 and can be up to .5s off from servers that use stepped leap seconds.
  54
  55 If you prefer to use leap second steps, please register your own
  56 vendor pool at ntp.org and make it the built-in default by
  57 passing `-Dntp-servers=` to meson. Registering vendor
  58 pools is [free](http://www.pool.ntp.org/en/vendors.html).
  59
  60 Use `-Dntp-servers=` to direct systemd-timesyncd to different fallback
  61 NTP servers.
  62
  63 ## DNS Servers
  64
  65 By default, systemd-resolved uses Cloudflare and Google Public DNS servers
  66 `1.1.1.1`, `8.8.8.8`, `1.0.0.1`, `8.8.4.4`, `2606:4700:4700::1111`, `2001:4860:4860::8888`, `2606:4700:4700::1001`, `2001:4860:4860::8844`
  67 as fallback, if no other DNS configuration is available.
  68
  69 Use `-Ddns-servers=` to direct systemd-resolved to different fallback
  70 DNS servers.
  71
  72 ## PAM
  73
  74 The default PAM config shipped by systemd is really bare bones.
  75 It does not include many modules your distro might want to enable
  76 to provide a more seamless experience. For example, limits set in
  77 `/etc/security/limits.conf` will not be read unless you load `pam_limits`.
  78 Make sure you add modules your distro expects from user services.
  79
  80 Pass `-Dpamconfdir=no` to meson to avoid installing this file and
  81 instead install your own.
  82
  83 ## Contributing Upstream
  84
  85 We generally do no longer accept distribution-specific patches to
  86 systemd upstream. If you have to make changes to systemd's source code
  87 to make it work on your distribution, unless your code is generic
  88 enough to be generally useful, we are unlikely to merge it. Please
  89 always consider adopting the upstream defaults. If that is not
  90 possible, please maintain the relevant patches downstream.
  91
  92 Thank you for understanding.