]> git.ipfire.org Git - thirdparty/systemd.git/blob - man/systemd.exec.xml
projects / thirdparty / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Reindent man pages to 2ch
[thirdparty/systemd.git] / man / systemd.exec.xml
1 <?xml-stylesheet type="text/xsl" href="http://docbook.sourceforge.net/release/xsl/current/xhtml/docbook.xsl"?>
2 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
3 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
4
5 <!--
6 This file is part of systemd.
7
8 Copyright 2010 Lennart Poettering
9
10 systemd is free software; you can redistribute it and/or modify it
11 under the terms of the GNU Lesser General Public License as published by
12 the Free Software Foundation; either version 2.1 of the License, or
13 (at your option) any later version.
14
15 systemd is distributed in the hope that it will be useful, but
16 WITHOUT ANY WARRANTY; without even the implied warranty of
17 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 Lesser General Public License for more details.
19
20 You should have received a copy of the GNU Lesser General Public License
21 along with systemd; If not, see <http://www.gnu.org/licenses/>.
22 -->
23
24 <refentry id="systemd.exec">
25 <refentryinfo>
26 <title>systemd.exec</title>
27 <productname>systemd</productname>
28
29 <authorgroup>
30 <author>
31 <contrib>Developer</contrib>
32 <firstname>Lennart</firstname>
33 <surname>Poettering</surname>
34 <email>lennart@poettering.net</email>
35 </author>
36 </authorgroup>
37 </refentryinfo>
38
39 <refmeta>
40 <refentrytitle>systemd.exec</refentrytitle>
41 <manvolnum>5</manvolnum>
42 </refmeta>
43
44 <refnamediv>
45 <refname>systemd.exec</refname>
46 <refpurpose>Execution environment configuration</refpurpose>
47 </refnamediv>
48
49 <refsynopsisdiv>
50 <para><filename><replaceable>service</replaceable>.service</filename>,
51 <filename><replaceable>socket</replaceable>.socket</filename>,
52 <filename><replaceable>mount</replaceable>.mount</filename>,
53 <filename><replaceable>swap</replaceable>.swap</filename></para>
54 </refsynopsisdiv>
55
56 <refsect1>
57 <title>Description</title>
58
59 <para>Unit configuration files for services, sockets, mount
60 points, and swap devices share a subset of configuration options
61 which define the execution environment of spawned
62 processes.</para>
63
64 <para>This man page lists the configuration options shared by
65 these four unit types. See
66 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
67 for the common options of all unit configuration files, and
68 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
69 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
70 <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
71 and
72 <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>
73 for more information on the specific unit configuration files. The
74 execution specific configuration options are configured in the
75 [Service], [Socket], [Mount], or [Swap] sections, depending on the
76 unit type.</para>
77 </refsect1>
78
79 <refsect1>
80 <title>Options</title>
81
82 <variablelist class='unit-directives'>
83
84 <varlistentry>
85 <term><varname>WorkingDirectory=</varname></term>
86
87 <listitem><para>Takes an absolute directory path. Sets the
88 working directory for executed processes. If not set, defaults
89 to the root directory when systemd is running as a system
90 instance and the respective user's home directory if run as
91 user.</para></listitem>
92 </varlistentry>
93
94 <varlistentry>
95 <term><varname>RootDirectory=</varname></term>
96
97 <listitem><para>Takes an absolute directory path. Sets the
98 root directory for executed processes, with the
99 <citerefentry project='man-pages'><refentrytitle>chroot</refentrytitle><manvolnum>2</manvolnum></citerefentry>
100 system call. If this is used, it must be ensured that the
101 process and all its auxiliary files are available in the
102 <function>chroot()</function> jail.</para></listitem>
103 </varlistentry>
104
105 <varlistentry>
106 <term><varname>User=</varname></term>
107 <term><varname>Group=</varname></term>
108
109 <listitem><para>Sets the Unix user or group that the processes
110 are executed as, respectively. Takes a single user or group
111 name or ID as argument. If no group is set, the default group
112 of the user is chosen.</para></listitem>
113 </varlistentry>
114
115 <varlistentry>
116 <term><varname>SupplementaryGroups=</varname></term>
117
118 <listitem><para>Sets the supplementary Unix groups the
119 processes are executed as. This takes a space-separated list
120 of group names or IDs. This option may be specified more than
121 once in which case all listed groups are set as supplementary
122 groups. When the empty string is assigned the list of
123 supplementary groups is reset, and all assignments prior to
124 this one will have no effect. In any way, this option does not
125 override, but extends the list of supplementary groups
126 configured in the system group database for the
127 user.</para></listitem>
128 </varlistentry>
129
130 <varlistentry>
131 <term><varname>Nice=</varname></term>
132
133 <listitem><para>Sets the default nice level (scheduling
134 priority) for executed processes. Takes an integer between -20
135 (highest priority) and 19 (lowest priority). See
136 <citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum></citerefentry>
137 for details.</para></listitem>
138 </varlistentry>
139
140 <varlistentry>
141 <term><varname>OOMScoreAdjust=</varname></term>
142
143 <listitem><para>Sets the adjustment level for the
144 Out-Of-Memory killer for executed processes. Takes an integer
145 between -1000 (to disable OOM killing for this process) and
146 1000 (to make killing of this process under memory pressure
147 very likely). See <ulink
148 url="https://www.kernel.org/doc/Documentation/filesystems/proc.txt">proc.txt</ulink>
149 for details.</para></listitem>
150 </varlistentry>
151
152 <varlistentry>
153 <term><varname>IOSchedulingClass=</varname></term>
154
155 <listitem><para>Sets the IO scheduling class for executed
156 processes. Takes an integer between 0 and 3 or one of the
157 strings <option>none</option>, <option>realtime</option>,
158 <option>best-effort</option> or <option>idle</option>. See
159 <citerefentry><refentrytitle>ioprio_set</refentrytitle><manvolnum>2</manvolnum></citerefentry>
160 for details.</para></listitem>
161 </varlistentry>
162
163 <varlistentry>
164 <term><varname>IOSchedulingPriority=</varname></term>
165
166 <listitem><para>Sets the IO scheduling priority for executed
167 processes. Takes an integer between 0 (highest priority) and 7
168 (lowest priority). The available priorities depend on the
169 selected IO scheduling class (see above). See
170 <citerefentry><refentrytitle>ioprio_set</refentrytitle><manvolnum>2</manvolnum></citerefentry>
171 for details.</para></listitem>
172 </varlistentry>
173
174 <varlistentry>
175 <term><varname>CPUSchedulingPolicy=</varname></term>
176
177 <listitem><para>Sets the CPU scheduling policy for executed
178 processes. Takes one of
179 <option>other</option>,
180 <option>batch</option>,
181 <option>idle</option>,
182 <option>fifo</option> or
183 <option>rr</option>. See
184 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
185 for details.</para></listitem>
186 </varlistentry>
187
188 <varlistentry>
189 <term><varname>CPUSchedulingPriority=</varname></term>
190
191 <listitem><para>Sets the CPU scheduling priority for executed
192 processes. The available priority range depends on the
193 selected CPU scheduling policy (see above). For real-time
194 scheduling policies an integer between 1 (lowest priority) and
195 99 (highest priority) can be used. See
196 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
197 for details. </para></listitem>
198 </varlistentry>
199
200 <varlistentry>
201 <term><varname>CPUSchedulingResetOnFork=</varname></term>
202
203 <listitem><para>Takes a boolean argument. If true, elevated
204 CPU scheduling priorities and policies will be reset when the
205 executed processes fork, and can hence not leak into child
206 processes. See
207 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
208 for details. Defaults to false.</para></listitem>
209 </varlistentry>
210
211 <varlistentry>
212 <term><varname>CPUAffinity=</varname></term>
213
214 <listitem><para>Controls the CPU affinity of the executed
215 processes. Takes a space-separated list of CPU indices. This
216 option may be specified more than once in which case the
217 specified CPU affinity masks are merged. If the empty string
218 is assigned, the mask is reset, all assignments prior to this
219 will have no effect. See
220 <citerefentry><refentrytitle>sched_setaffinity</refentrytitle><manvolnum>2</manvolnum></citerefentry>
221 for details.</para></listitem>
222 </varlistentry>
223
224 <varlistentry>
225 <term><varname>UMask=</varname></term>
226
227 <listitem><para>Controls the file mode creation mask. Takes an
228 access mode in octal notation. See
229 <citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></citerefentry>
230 for details. Defaults to 0022.</para></listitem>
231 </varlistentry>
232
233 <varlistentry>
234 <term><varname>Environment=</varname></term>
235
236 <listitem><para>Sets environment variables for executed
237 processes. Takes a space-separated list of variable
238 assignments. This option may be specified more than once in
239 which case all listed variables will be set. If the same
240 variable is set twice, the later setting will override the
241 earlier setting. If the empty string is assigned to this
242 option, the list of environment variables is reset, all prior
243 assignments have no effect. Variable expansion is not
244 performed inside the strings, however, specifier expansion is
245 possible. The $ character has no special meaning. If you need
246 to assign a value containing spaces to a variable, use double
247 quotes (") for the assignment.</para>
248
249 <para>Example:
250 <programlisting>Environment="VAR1=word1 word2" VAR2=word3 "VAR3=$word 5 6"</programlisting>
251 gives three variables <literal>VAR1</literal>,
252 <literal>VAR2</literal>, <literal>VAR3</literal>
253 with the values <literal>word1 word2</literal>,
254 <literal>word3</literal>, <literal>$word 5 6</literal>.
255 </para>
256
257 <para>
258 See
259 <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
260 for details about environment variables.</para></listitem>
261 </varlistentry>
262 <varlistentry>
263 <term><varname>EnvironmentFile=</varname></term>
264 <listitem><para>Similar to <varname>Environment=</varname> but
265 reads the environment variables from a text file. The text
266 file should contain new-line-separated variable assignments.
267 Empty lines and lines starting with ; or # will be ignored,
268 which may be used for commenting. A line ending with a
269 backslash will be concatenated with the following one,
270 allowing multiline variable definitions. The parser strips
271 leading and trailing whitespace from the values of
272 assignments, unless you use double quotes (").</para>
273
274 <para>The argument passed should be an absolute filename or
275 wildcard expression, optionally prefixed with
276 <literal>-</literal>, which indicates that if the file does
277 not exist, it will not be read and no error or warning message
278 is logged. This option may be specified more than once in
279 which case all specified files are read. If the empty string
280 is assigned to this option, the list of file to read is reset,
281 all prior assignments have no effect.</para>
282
283 <para>The files listed with this directive will be read
284 shortly before the process is executed (more specifically,
285 after all processes from a previous unit state terminated.
286 This means you can generate these files in one unit state, and
287 read it with this option in the next). Settings from these
288 files override settings made with
289 <varname>Environment=</varname>. If the same variable is set
290 twice from these files, the files will be read in the order
291 they are specified and the later setting will override the
292 earlier setting.</para></listitem>
293 </varlistentry>
294
295 <varlistentry>
296 <term><varname>StandardInput=</varname></term>
297 <listitem><para>Controls where file descriptor 0 (STDIN) of
298 the executed processes is connected to. Takes one of
299 <option>null</option>,
300 <option>tty</option>,
301 <option>tty-force</option>,
302 <option>tty-fail</option> or
303 <option>socket</option>.</para>
304
305 <para>If <option>null</option> is selected, standard input
306 will be connected to <filename>/dev/null</filename>, i.e. all
307 read attempts by the process will result in immediate
308 EOF.</para>
309
310 <para>If <option>tty</option> is selected, standard input is
311 connected to a TTY (as configured by
312 <varname>TTYPath=</varname>, see below) and the executed
313 process becomes the controlling process of the terminal. If
314 the terminal is already being controlled by another process,
315 the executed process waits until the current controlling
316 process releases the terminal.</para>
317
318 <para><option>tty-force</option> is similar to
319 <option>tty</option>, but the executed process is forcefully
320 and immediately made the controlling process of the terminal,
321 potentially removing previous controlling processes from the
322 terminal.</para>
323
324 <para><option>tty-fail</option> is similar to
325 <option>tty</option> but if the terminal already has a
326 controlling process start-up of the executed process
327 fails.</para>
328
329 <para>The <option>socket</option> option is only valid in
330 socket-activated services, and only when the socket
331 configuration file (see
332 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>
333 for details) specifies a single socket only. If this option is
334 set, standard input will be connected to the socket the
335 service was activated from, which is primarily useful for
336 compatibility with daemons designed for use with the
337 traditional
338 <citerefentry><refentrytitle>inetd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
339 daemon.</para>
340
341 <para>This setting defaults to
342 <option>null</option>.</para></listitem>
343 </varlistentry>
344 <varlistentry>
345 <term><varname>StandardOutput=</varname></term>
346 <listitem><para>Controls where file descriptor 1 (STDOUT) of
347 the executed processes is connected to. Takes one of
348 <option>inherit</option>,
349 <option>null</option>,
350 <option>tty</option>,
351 <option>journal</option>,
352 <option>syslog</option>,
353 <option>kmsg</option>,
354 <option>journal+console</option>,
355 <option>syslog+console</option>,
356 <option>kmsg+console</option> or
357 <option>socket</option>.</para>
358
359 <para><option>inherit</option> duplicates the file descriptor
360 of standard input for standard output.</para>
361
362 <para><option>null</option> connects standard output to
363 <filename>/dev/null</filename>, i.e. everything written to it
364 will be lost.</para>
365
366 <para><option>tty</option> connects standard output to a tty
367 (as configured via <varname>TTYPath=</varname>, see below). If
368 the TTY is used for output only, the executed process will not
369 become the controlling process of the terminal, and will not
370 fail or wait for other processes to release the
371 terminal.</para>
372
373 <para><option>journal</option> connects standard output with
374 the journal which is accessible via
375 <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
376 Note that everything that is written to syslog or kmsg (see
377 below) is implicitly stored in the journal as well, the
378 specific two options listed below are hence supersets of this
379 one.</para>
380
381 <para><option>syslog</option> connects standard output to the
382 <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
383 system syslog service, in addition to the journal. Note that
384 the journal daemon is usually configured to forward everything
385 it receives to syslog anyway, in which case this option is no
386 different from <option>journal</option>.</para>
387
388 <para><option>kmsg</option> connects standard output with the
389 kernel log buffer which is accessible via
390 <citerefentry project='man-pages'><refentrytitle>dmesg</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
391 in addition to the journal. The journal daemon might be
392 configured to send all logs to kmsg anyway, in which case this
393 option is no different from <option>journal</option>.</para>
394
395 <para><option>journal+console</option>,
396 <option>syslog+console</option> and
397 <option>kmsg+console</option> work in a similar way as the
398 three options above but copy the output to the system console
399 as well.</para>
400
401 <para><option>socket</option> connects standard output to a
402 socket acquired via socket activation. The semantics are
403 similar to the same option of
404 <varname>StandardInput=</varname>.</para>
405
406 <para>This setting defaults to the value set with
407 <option>DefaultStandardOutput=</option> in
408 <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
409 which defaults to <option>journal</option>.</para></listitem>
410 </varlistentry>
411 <varlistentry>
412 <term><varname>StandardError=</varname></term>
413 <listitem><para>Controls where file descriptor 2 (STDERR) of
414 the executed processes is connected to. The available options
415 are identical to those of <varname>StandardOutput=</varname>,
416 with one exception: if set to <option>inherit</option> the
417 file descriptor used for standard output is duplicated for
418 standard error. This setting defaults to the value set with
419 <option>DefaultStandardError=</option> in
420 <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
421 which defaults to <option>inherit</option>.</para></listitem>
422 </varlistentry>
423 <varlistentry>
424 <term><varname>TTYPath=</varname></term>
425 <listitem><para>Sets the terminal device node to use if
426 standard input, output, or error are connected to a TTY (see
427 above). Defaults to
428 <filename>/dev/console</filename>.</para></listitem>
429 </varlistentry>
430 <varlistentry>
431 <term><varname>TTYReset=</varname></term>
432 <listitem><para>Reset the terminal device specified with
433 <varname>TTYPath=</varname> before and after execution.
434 Defaults to <literal>no</literal>.</para></listitem>
435 </varlistentry>
436 <varlistentry>
437 <term><varname>TTYVHangup=</varname></term>
438 <listitem><para>Disconnect all clients which have opened the
439 terminal device specified with <varname>TTYPath=</varname>
440 before and after execution. Defaults to
441 <literal>no</literal>.</para></listitem>
442 </varlistentry>
443 <varlistentry>
444 <term><varname>TTYVTDisallocate=</varname></term>
445 <listitem><para>If the terminal device specified with
446 <varname>TTYPath=</varname> is a virtual console terminal, try
447 to deallocate the TTY before and after execution. This ensures
448 that the screen and scrollback buffer is cleared. Defaults to
449 <literal>no</literal>.</para></listitem>
450 </varlistentry>
451 <varlistentry>
452 <term><varname>SyslogIdentifier=</varname></term>
453 <listitem><para>Sets the process name to prefix log lines sent
454 to the logging system or the kernel log buffer with. If not
455 set, defaults to the process name of the executed process.
456 This option is only useful when
457 <varname>StandardOutput=</varname> or
458 <varname>StandardError=</varname> are set to
459 <option>syslog</option>, <option>journal</option> or
460 <option>kmsg</option> (or to the same settings in combination
461 with <option>+console</option>).</para></listitem>
462 </varlistentry>
463 <varlistentry>
464 <term><varname>SyslogFacility=</varname></term>
465 <listitem><para>Sets the syslog facility to use when logging
466 to syslog. One of <option>kern</option>,
467 <option>user</option>, <option>mail</option>,
468 <option>daemon</option>, <option>auth</option>,
469 <option>syslog</option>, <option>lpr</option>,
470 <option>news</option>, <option>uucp</option>,
471 <option>cron</option>, <option>authpriv</option>,
472 <option>ftp</option>, <option>local0</option>,
473 <option>local1</option>, <option>local2</option>,
474 <option>local3</option>, <option>local4</option>,
475 <option>local5</option>, <option>local6</option> or
476 <option>local7</option>. See
477 <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
478 for details. This option is only useful when
479 <varname>StandardOutput=</varname> or
480 <varname>StandardError=</varname> are set to
481 <option>syslog</option>. Defaults to
482 <option>daemon</option>.</para></listitem>
483 </varlistentry>
484 <varlistentry>
485 <term><varname>SyslogLevel=</varname></term>
486 <listitem><para>Default syslog level to use when logging to
487 syslog or the kernel log buffer. One of
488 <option>emerg</option>,
489 <option>alert</option>,
490 <option>crit</option>,
491 <option>err</option>,
492 <option>warning</option>,
493 <option>notice</option>,
494 <option>info</option>,
495 <option>debug</option>. See
496 <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
497 for details. This option is only useful when
498 <varname>StandardOutput=</varname> or
499 <varname>StandardError=</varname> are set to
500 <option>syslog</option> or <option>kmsg</option>. Note that
501 individual lines output by the daemon might be prefixed with a
502 different log level which can be used to override the default
503 log level specified here. The interpretation of these prefixes
504 may be disabled with <varname>SyslogLevelPrefix=</varname>,
505 see below. For details see
506 <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
507
508 Defaults to
509 <option>info</option>.</para></listitem>
510 </varlistentry>
511
512 <varlistentry>
513 <term><varname>SyslogLevelPrefix=</varname></term>
514 <listitem><para>Takes a boolean argument. If true and
515 <varname>StandardOutput=</varname> or
516 <varname>StandardError=</varname> are set to
517 <option>syslog</option>, <option>kmsg</option> or
518 <option>journal</option>, log lines written by the executed
519 process that are prefixed with a log level will be passed on
520 to syslog with this log level set but the prefix removed. If
521 set to false, the interpretation of these prefixes is disabled
522 and the logged lines are passed on as-is. For details about
523 this prefixing see
524 <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
525 Defaults to true.</para></listitem>
526 </varlistentry>
527
528 <varlistentry>
529 <term><varname>TimerSlackNSec=</varname></term>
530 <listitem><para>Sets the timer slack in nanoseconds for the
531 executed processes. The timer slack controls the accuracy of
532 wake-ups triggered by timers. See
533 <citerefentry><refentrytitle>prctl</refentrytitle><manvolnum>2</manvolnum></citerefentry>
534 for more information. Note that in contrast to most other time
535 span definitions this parameter takes an integer value in
536 nano-seconds if no unit is specified. The usual time units are
537 understood too.</para></listitem>
538 </varlistentry>
539
540 <varlistentry>
541 <term><varname>LimitCPU=</varname></term>
542 <term><varname>LimitFSIZE=</varname></term>
543 <term><varname>LimitDATA=</varname></term>
544 <term><varname>LimitSTACK=</varname></term>
545 <term><varname>LimitCORE=</varname></term>
546 <term><varname>LimitRSS=</varname></term>
547 <term><varname>LimitNOFILE=</varname></term>
548 <term><varname>LimitAS=</varname></term>
549 <term><varname>LimitNPROC=</varname></term>
550 <term><varname>LimitMEMLOCK=</varname></term>
551 <term><varname>LimitLOCKS=</varname></term>
552 <term><varname>LimitSIGPENDING=</varname></term>
553 <term><varname>LimitMSGQUEUE=</varname></term>
554 <term><varname>LimitNICE=</varname></term>
555 <term><varname>LimitRTPRIO=</varname></term>
556 <term><varname>LimitRTTIME=</varname></term>
557 <listitem><para>These settings set both soft and hard limits
558 of various resources for executed processes. See
559 <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry>
560 for details. Use the string <varname>infinity</varname> to
561 configure no limit on a specific resource.</para></listitem>
562
563 <table>
564 <title>Limit directives and their equivalent with ulimit</title>
565
566 <tgroup cols='2'>
567 <colspec colname='directive' />
568 <colspec colname='equivalent' />
569 <thead>
570 <row>
571 <entry>Directive</entry>
572 <entry>ulimit equivalent</entry>
573 </row>
574 </thead>
575 <tbody>
576 <row>
577 <entry>LimitCPU</entry>
578 <entry>ulimit -t</entry>
579 </row>
580 <row>
581 <entry>LimitFSIZE</entry>
582 <entry>ulimit -f</entry>
583 </row>
584 <row>
585 <entry>LimitDATA</entry>
586 <entry>ulimit -d</entry>
587 </row>
588 <row>
589 <entry>LimitSTACK</entry>
590 <entry>ulimit -s</entry>
591 </row>
592 <row>
593 <entry>LimitCORE</entry>
594 <entry>ulimit -c</entry>
595 </row>
596 <row>
597 <entry>LimitRSS</entry>
598 <entry>ulimit -m</entry>
599 </row>
600 <row>
601 <entry>LimitNOFILE</entry>
602 <entry>ulimit -n</entry>
603 </row>
604 <row>
605 <entry>LimitAS</entry>
606 <entry>ulimit -v</entry>
607 </row>
608 <row>
609 <entry>LimitNPROC</entry>
610 <entry>ulimit -u</entry>
611 </row>
612 <row>
613 <entry>LimitMEMLOCK</entry>
614 <entry>ulimit -l</entry>
615 </row>
616 <row>
617 <entry>LimitLOCKS</entry>
618 <entry>ulimit -x</entry>
619 </row>
620 <row>
621 <entry>LimitSIGPENDING</entry>
622 <entry>ulimit -i</entry>
623 </row>
624 <row>
625 <entry>LimitMSGQUEUE</entry>
626 <entry>ulimit -q</entry>
627 </row>
628 <row>
629 <entry>LimitNICE</entry>
630 <entry>ulimit -e</entry>
631 </row>
632 <row>
633 <entry>LimitRTPRIO</entry>
634 <entry>ulimit -r</entry>
635 </row>
636 <row>
637 <entry>LimitRTTIME</entry>
638 <entry>No equivalent</entry>
639 </row>
640 </tbody>
641 </tgroup>
642 </table>
643 </varlistentry>
644
645 <varlistentry>
646 <term><varname>PAMName=</varname></term>
647 <listitem><para>Sets the PAM service name to set up a session
648 as. If set, the executed process will be registered as a PAM
649 session under the specified service name. This is only useful
650 in conjunction with the <varname>User=</varname> setting. If
651 not set, no PAM session will be opened for the executed
652 processes. See
653 <citerefentry project='man-pages'><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>
654 for details.</para></listitem>
655 </varlistentry>
656
657 <varlistentry>
658 <term><varname>CapabilityBoundingSet=</varname></term>
659
660 <listitem><para>Controls which capabilities to include in the
661 capability bounding set for the executed process. See
662 <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
663 for details. Takes a whitespace-separated list of capability
664 names as read by
665 <citerefentry><refentrytitle>cap_from_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>,
666 e.g. <constant>CAP_SYS_ADMIN</constant>,
667 <constant>CAP_DAC_OVERRIDE</constant>,
668 <constant>CAP_SYS_PTRACE</constant>. Capabilities listed will
669 be included in the bounding set, all others are removed. If
670 the list of capabilities is prefixed with
671 <literal>~</literal>, all but the listed capabilities will be
672 included, the effect of the assignment inverted. Note that
673 this option also affects the respective capabilities in the
674 effective, permitted and inheritable capability sets, on top
675 of what <varname>Capabilities=</varname> does. If this option
676 is not used, the capability bounding set is not modified on
677 process execution, hence no limits on the capabilities of the
678 process are enforced. This option may appear more than once in
679 which case the bounding sets are merged. If the empty string
680 is assigned to this option, the bounding set is reset to the
681 empty capability set, and all prior settings have no effect.
682 If set to <literal>~</literal> (without any further argument),
683 the bounding set is reset to the full set of available
684 capabilities, also undoing any previous
685 settings.</para></listitem>
686 </varlistentry>
687
688 <varlistentry>
689 <term><varname>SecureBits=</varname></term>
690 <listitem><para>Controls the secure bits set for the executed
691 process. Takes a space-separated combination of options from
692 the following list:
693 <option>keep-caps</option>,
694 <option>keep-caps-locked</option>,
695 <option>no-setuid-fixup</option>,
696 <option>no-setuid-fixup-locked</option>,
697 <option>noroot</option>, and
698 <option>noroot-locked</option>.
699 This option may appear more than once in which case the secure
700 bits are ORed. If the empty string is assigned to this option,
701 the bits are reset to 0. See
702 <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
703 for details.</para></listitem>
704 </varlistentry>
705
706 <varlistentry>
707 <term><varname>Capabilities=</varname></term>
708 <listitem><para>Controls the
709 <citerefentry project='man-pages'><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
710 set for the executed process. Take a capability string
711 describing the effective, permitted and inherited capability
712 sets as documented in
713 <citerefentry><refentrytitle>cap_from_text</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
714 Note that these capability sets are usually influenced (and
715 filtered) by the capabilities attached to the executed file.
716 Due to that <varname>CapabilityBoundingSet=</varname> is
717 probably a much more useful setting.</para></listitem>
718 </varlistentry>
719
720 <varlistentry>
721 <term><varname>ReadWriteDirectories=</varname></term>
722 <term><varname>ReadOnlyDirectories=</varname></term>
723 <term><varname>InaccessibleDirectories=</varname></term>
724
725 <listitem><para>Sets up a new file system namespace for
726 executed processes. These options may be used to limit access
727 a process might have to the main file system hierarchy. Each
728 setting takes a space-separated list of absolute directory
729 paths. Directories listed in
730 <varname>ReadWriteDirectories=</varname> are accessible from
731 within the namespace with the same access rights as from
732 outside. Directories listed in
733 <varname>ReadOnlyDirectories=</varname> are accessible for
734 reading only, writing will be refused even if the usual file
735 access controls would permit this. Directories listed in
736 <varname>InaccessibleDirectories=</varname> will be made
737 inaccessible for processes inside the namespace. Note that
738 restricting access with these options does not extend to
739 submounts of a directory that are created later on. These
740 options may be specified more than once in which case all
741 directories listed will have limited access from within the
742 namespace. If the empty string is assigned to this option, the
743 specific list is reset, and all prior assignments have no
744 effect.</para>
745 <para>Paths in
746 <varname>ReadOnlyDirectories=</varname>
747 and
748 <varname>InaccessibleDirectories=</varname>
749 may be prefixed with
750 <literal>-</literal>, in which case
751 they will be ignored when they do not
752 exist. Note that using this
753 setting will disconnect propagation of
754 mounts from the service to the host
755 (propagation in the opposite direction
756 continues to work). This means that
757 this setting may not be used for
758 services which shall be able to
759 install mount points in the main mount
760 namespace.</para></listitem>
761 </varlistentry>
762
763 <varlistentry>
764 <term><varname>PrivateTmp=</varname></term>
765
766 <listitem><para>Takes a boolean argument. If true, sets up a
767 new file system namespace for the executed processes and
768 mounts private <filename>/tmp</filename> and
769 <filename>/var/tmp</filename> directories inside it that is
770 not shared by processes outside of the namespace. This is
771 useful to secure access to temporary files of the process, but
772 makes sharing between processes via <filename>/tmp</filename>
773 or <filename>/var/tmp</filename> impossible. If this is
774 enabled, all temporary files created by a service in these
775 directories will be removed after the service is stopped.
776 Defaults to false. It is possible to run two or more units
777 within the same private <filename>/tmp</filename> and
778 <filename>/var/tmp</filename> namespace by using the
779 <varname>JoinsNamespaceOf=</varname> directive, see
780 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
781 for details. Note that using this setting will disconnect
782 propagation of mounts from the service to the host
783 (propagation in the opposite direction continues to work).
784 This means that this setting may not be used for services
785 which shall be able to install mount points in the main mount
786 namespace.</para></listitem>
787 </varlistentry>
788
789 <varlistentry>
790 <term><varname>PrivateDevices=</varname></term>
791
792 <listitem><para>Takes a boolean argument. If true, sets up a
793 new /dev namespace for the executed processes and only adds
794 API pseudo devices such as <filename>/dev/null</filename>,
795 <filename>/dev/zero</filename> or
796 <filename>/dev/random</filename> (as well as the pseudo TTY
797 subsystem) to it, but no physical devices such as
798 <filename>/dev/sda</filename>. This is useful to securely turn
799 off physical device access by the executed process. Defaults
800 to false. Enabling this option will also remove
801 <constant>CAP_MKNOD</constant> from the capability bounding
802 set for the unit (see above), and set
803 <varname>DevicePolicy=closed</varname> (see
804 <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
805 for details). Note that using this setting will disconnect
806 propagation of mounts from the service to the host
807 (propagation in the opposite direction continues to work).
808 This means that this setting may not be used for services
809 which shall be able to install mount points in the main mount
810 namespace.</para></listitem>
811 </varlistentry>
812
813 <varlistentry>
814 <term><varname>PrivateNetwork=</varname></term>
815
816 <listitem><para>Takes a boolean argument. If true, sets up a
817 new network namespace for the executed processes and
818 configures only the loopback network device
819 <literal>lo</literal> inside it. No other network devices will
820 be available to the executed process. This is useful to
821 securely turn off network access by the executed process.
822 Defaults to false. It is possible to run two or more units
823 within the same private network namespace by using the
824 <varname>JoinsNamespaceOf=</varname> directive, see
825 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
826 for details. Note that this option will disconnect all socket
827 families from the host, this includes AF_NETLINK and AF_UNIX.
828 The latter has the effect that AF_UNIX sockets in the abstract
829 socket namespace will become unavailable to the processes
830 (however, those located in the file system will continue to be
831 accessible).</para></listitem>
832 </varlistentry>
833
834 <varlistentry>
835 <term><varname>ProtectSystem=</varname></term>
836
837 <listitem><para>Takes a boolean argument or
838 <literal>full</literal>. If true, mounts the
839 <filename>/usr</filename> and <filename>/boot</filename>
840 directories read-only for processes invoked by this unit. If
841 set to <literal>full</literal>, the <filename>/etc</filename>
842 directory is mounted read-only, too. This setting ensures that
843 any modification of the vendor supplied operating system (and
844 optionally its configuration) is prohibited for the service.
845 It is recommended to enable this setting for all long-running
846 services, unless they are involved with system updates or need
847 to modify the operating system in other ways. Note however
848 that processes retaining the CAP_SYS_ADMIN capability can undo
849 the effect of this setting. This setting is hence particularly
850 useful for daemons which have this capability removed, for
851 example with <varname>CapabilityBoundingSet=</varname>.
852 Defaults to off.</para></listitem>
853 </varlistentry>
854
855 <varlistentry>
856 <term><varname>ProtectHome=</varname></term>
857
858 <listitem><para>Takes a boolean argument or
859 <literal>read-only</literal>. If true, the directories
860 <filename>/home</filename> and <filename>/run/user</filename>
861 are made inaccessible and empty for processes invoked by this
862 unit. If set to <literal>read-only</literal>, the two
863 directories are made read-only instead. It is recommended to
864 enable this setting for all long-running services (in
865 particular network-facing ones), to ensure they cannot get
866 access to private user data, unless the services actually
867 require access to the user's private data. Note however that
868 processes retaining the CAP_SYS_ADMIN capability can undo the
869 effect of this setting. This setting is hence particularly
870 useful for daemons which have this capability removed, for
871 example with <varname>CapabilityBoundingSet=</varname>.
872 Defaults to off.</para></listitem>
873 </varlistentry>
874
875 <varlistentry>
876 <term><varname>MountFlags=</varname></term>
877
878 <listitem><para>Takes a mount propagation flag:
879 <option>shared</option>, <option>slave</option> or
880 <option>private</option>, which control whether mounts in the
881 file system namespace set up for this unit's processes will
882 receive or propagate mounts or unmounts. See
883 <citerefentry><refentrytitle>mount</refentrytitle><manvolnum>2</manvolnum></citerefentry>
884 for details. Defaults to <option>shared</option>. Use
885 <option>shared</option> to ensure that mounts and unmounts are
886 propagated from the host to the container and vice versa. Use
887 <option>slave</option> to run processes so that none of their
888 mounts and unmounts will propagate to the host. Use
889 <option>private</option> to also ensure that no mounts and
890 unmounts from the host will propagate into the unit processes'
891 namespace. Note that <option>slave</option> means that file
892 systems mounted on the host might stay mounted continuously in
893 the unit's namespace, and thus keep the device busy. Note that
894 the file system namespace related options
895 (<varname>PrivateTmp=</varname>,
896 <varname>PrivateDevices=</varname>,
897 <varname>ProtectSystem=</varname>,
898 <varname>ProtectHome=</varname>,
899 <varname>ReadOnlyDirectories=</varname>,
900 <varname>InaccessibleDirectories=</varname> and
901 <varname>ReadWriteDirectories=</varname>) require that mount
902 and unmount propagation from the unit's file system namespace
903 is disabled, and hence downgrade <option>shared</option> to
904 <option>slave</option>. </para></listitem>
905 </varlistentry>
906
907 <varlistentry>
908 <term><varname>UtmpIdentifier=</varname></term>
909
910 <listitem><para>Takes a four character identifier string for
911 an utmp/wtmp entry for this service. This should only be set
912 for services such as <command>getty</command> implementations
913 where utmp/wtmp entries must be created and cleared before and
914 after execution. If the configured string is longer than four
915 characters, it is truncated and the terminal four characters
916 are used. This setting interprets %I style string
917 replacements. This setting is unset by default, i.e. no
918 utmp/wtmp entries are created or cleaned up for this
919 service.</para></listitem>
920 </varlistentry>
921
922 <varlistentry>
923 <term><varname>SELinuxContext=</varname></term>
924
925 <listitem><para>Set the SELinux security context of the
926 executed process. If set, this will override the automated
927 domain transition. However, the policy still needs to
928 authorize the transition. This directive is ignored if SELinux
929 is disabled. If prefixed by <literal>-</literal>, all errors
930 will be ignored. See
931 <citerefentry><refentrytitle>setexeccon</refentrytitle><manvolnum>3</manvolnum></citerefentry>
932 for details.</para></listitem>
933 </varlistentry>
934
935 <varlistentry>
936 <term><varname>AppArmorProfile=</varname></term>
937
938 <listitem><para>Takes a profile name as argument. The process
939 executed by the unit will switch to this profile when started.
940 Profiles must already be loaded in the kernel, or the unit
941 will fail. This result in a non operation if AppArmor is not
942 enabled. If prefixed by <literal>-</literal>, all errors will
943 be ignored. </para></listitem>
944 </varlistentry>
945
946 <varlistentry>
947 <term><varname>SmackProcessLabel=</varname></term>
948
949 <listitem><para>Takes a <option>SMACK64</option> security
950 label as argument. The process executed by the unit will be
951 started under this label and SMACK will decide whether the
952 processes is allowed to run or not based on it. The process
953 will continue to run under the label specified here unless the
954 executable has its own <option>SMACK64EXEC</option> label, in
955 which case the process will transition to run under that
956 label. When not specified, the label that systemd is running
957 under is used. This directive is ignored if SMACK is
958 disabled.</para>
959
960 <para>The value may be prefixed by <literal>-</literal>, in
961 which case all errors will be ignored. An empty value may be
962 specified to unset previous assignments.</para>
963 </listitem>
964 </varlistentry>
965
966 <varlistentry>
967 <term><varname>IgnoreSIGPIPE=</varname></term>
968
969 <listitem><para>Takes a boolean argument. If true, causes
970 <constant>SIGPIPE</constant> to be ignored in the executed
971 process. Defaults to true because <constant>SIGPIPE</constant>
972 generally is useful only in shell pipelines.</para></listitem>
973 </varlistentry>
974
975 <varlistentry>
976 <term><varname>NoNewPrivileges=</varname></term>
977
978 <listitem><para>Takes a boolean argument. If true, ensures
979 that the service process and all its children can never gain
980 new privileges. This option is more powerful than the
981 respective secure bits flags (see above), as it also prohibits
982 UID changes of any kind. This is the simplest, most effective
983 way to ensure that a process and its children can never
984 elevate privileges again.</para></listitem>
985 </varlistentry>
986
987 <varlistentry>
988 <term><varname>SystemCallFilter=</varname></term>
989
990 <listitem><para>Takes a space-separated list of system call
991 names. If this setting is used, all system calls executed by
992 the unit processes except for the listed ones will result in
993 immediate process termination with the
994 <constant>SIGSYS</constant> signal (whitelisting). If the
995 first character of the list is <literal>~</literal>, the
996 effect is inverted: only the listed system calls will result
997 in immediate process termination (blacklisting). If running in
998 user mode and this option is used,
999 <varname>NoNewPrivileges=yes</varname> is implied. This
1000 feature makes use of the Secure Computing Mode 2 interfaces of
1001 the kernel ('seccomp filtering') and is useful for enforcing a
1002 minimal sandboxing environment. Note that the
1003 <function>execve</function>,
1004 <function>rt_sigreturn</function>,
1005 <function>sigreturn</function>,
1006 <function>exit_group</function>, <function>exit</function>
1007 system calls are implicitly whitelisted and do not need to be
1008 listed explicitly. This option may be specified more than once
1009 in which case the filter masks are merged. If the empty string
1010 is assigned, the filter is reset, all prior assignments will
1011 have no effect.</para>
1012
1013 <para>If you specify both types of this option (i.e.
1014 whitelisting and blacklisting), the first encountered will
1015 take precedence and will dictate the default action
1016 (termination or approval of a system call). Then the next
1017 occurrences of this option will add or delete the listed
1018 system calls from the set of the filtered system calls,
1019 depending of its type and the default action. (For example, if
1020 you have started with a whitelisting of
1021 <function>read</function> and <function>write</function>, and
1022 right after it add a blacklisting of
1023 <function>write</function>, then <function>write</function>
1024 will be removed from the set.) </para></listitem>
1025 </varlistentry>
1026
1027 <varlistentry>
1028 <term><varname>SystemCallErrorNumber=</varname></term>
1029
1030 <listitem><para>Takes an <literal>errno</literal> error number
1031 name to return when the system call filter configured with
1032 <varname>SystemCallFilter=</varname> is triggered, instead of
1033 terminating the process immediately. Takes an error name such
1034 as <constant>EPERM</constant>, <constant>EACCES</constant> or
1035 <constant>EUCLEAN</constant>. When this setting is not used,
1036 or when the empty string is assigned, the process will be
1037 terminated immediately when the filter is
1038 triggered.</para></listitem>
1039 </varlistentry>
1040
1041 <varlistentry>
1042 <term><varname>SystemCallArchitectures=</varname></term>
1043
1044 <listitem><para>Takes a space separated list of architecture
1045 identifiers to include in the system call filter. The known
1046 architecture identifiers are <constant>x86</constant>,
1047 <constant>x86-64</constant>, <constant>x32</constant>,
1048 <constant>arm</constant> as well as the special identifier
1049 <constant>native</constant>. Only system calls of the
1050 specified architectures will be permitted to processes of this
1051 unit. This is an effective way to disable compatibility with
1052 non-native architectures for processes, for example to
1053 prohibit execution of 32-bit x86 binaries on 64-bit x86-64
1054 systems. The special <constant>native</constant> identifier
1055 implicitly maps to the native architecture of the system (or
1056 more strictly: to the architecture the system manager is
1057 compiled for). If running in user mode and this option is
1058 used, <varname>NoNewPrivileges=yes</varname> is implied. Note
1059 that setting this option to a non-empty list implies that
1060 <constant>native</constant> is included too. By default, this
1061 option is set to the empty list, i.e. no architecture system
1062 call filtering is applied.</para></listitem>
1063 </varlistentry>
1064
1065 <varlistentry>
1066 <term><varname>RestrictAddressFamilies=</varname></term>
1067
1068 <listitem><para>Restricts the set of socket address families
1069 accessible to the processes of this unit. Takes a
1070 space-separated list of address family names to whitelist,
1071 such as
1072 <constant>AF_UNIX</constant>,
1073 <constant>AF_INET</constant> or
1074 <constant>AF_INET6</constant>. When
1075 prefixed with <constant>~</constant> the listed address
1076 families will be applied as blacklist, otherwise as whitelist.
1077 Note that this restricts access to the
1078 <citerefentry><refentrytitle>socket</refentrytitle><manvolnum>2</manvolnum></citerefentry>
1079 system call only. Sockets passed into the process by other
1080 means (for example, by using socket activation with socket
1081 units, see
1082 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>)
1083 are unaffected. Also, sockets created with
1084 <function>socketpair()</function> (which creates connected
1085 AF_UNIX sockets only) are unaffected. Note that this option
1086 has no effect on 32-bit x86 and is ignored (but works
1087 correctly on x86-64). If running in user mode and this option
1088 is used, <varname>NoNewPrivileges=yes</varname> is implied. By
1089 default, no restriction applies, all address families are
1090 accessible to processes. If assigned the empty string, any
1091 previous list changes are undone.</para>
1092
1093 <para>Use this option to limit exposure of processes to remote
1094 systems, in particular via exotic network protocols. Note that
1095 in most cases, the local <constant>AF_UNIX</constant> address
1096 family should be included in the configured whitelist as it is
1097 frequently used for local communication, including for
1098 <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>2</manvolnum></citerefentry>
1099 logging.</para></listitem>
1100 </varlistentry>
1101
1102 <varlistentry>
1103 <term><varname>Personality=</varname></term>
1104
1105 <listitem><para>Controls which kernel architecture
1106 <citerefentry><refentrytitle>uname</refentrytitle><manvolnum>2</manvolnum></citerefentry>
1107 shall report, when invoked by unit processes. Takes one of
1108 <constant>x86</constant> and <constant>x86-64</constant>. This
1109 is useful when running 32-bit services on a 64-bit host
1110 system. If not specified, the personality is left unmodified
1111 and thus reflects the personality of the host system's
1112 kernel.</para></listitem>
1113 </varlistentry>
1114
1115 <varlistentry>
1116 <term><varname>RuntimeDirectory=</varname></term>
1117 <term><varname>RuntimeDirectoryMode=</varname></term>
1118
1119 <listitem><para>Takes a list of directory names. If set, one
1120 or more directories by the specified names will be created
1121 below <filename>/run</filename> (for system services) or below
1122 <varname>$XDG_RUNTIME_DIR</varname> (for user services) when
1123 the unit is started, and removed when the unit is stopped. The
1124 directories will have the access mode specified in
1125 <varname>RuntimeDirectoryMode=</varname>, and will be owned by
1126 the user and group specified in <varname>User=</varname> and
1127 <varname>Group=</varname>. Use this to manage one or more
1128 runtime directories of the unit and bind their lifetime to the
1129 daemon runtime. The specified directory names must be
1130 relative, and may not include a <literal>/</literal>, i.e.
1131 must refer to simple directories to create or remove. This is
1132 particularly useful for unprivileged daemons that cannot
1133 create runtime directories in <filename>/run</filename> due to
1134 lack of privileges, and to make sure the runtime directory is
1135 cleaned up automatically after use. For runtime directories
1136 that require more complex or different configuration or
1137 lifetime guarantees, please consider using
1138 <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para></listitem>
1139 </varlistentry>
1140
1141 </variablelist>
1142 </refsect1>
1143
1144 <refsect1>
1145 <title>Environment variables in spawned processes</title>
1146
1147 <para>Processes started by the system are executed in a clean
1148 environment in which select variables listed below are set. System
1149 processes started by systemd do not inherit variables from PID 1,
1150 but processes started by user systemd instances inherit all
1151 environment variables from the user systemd instance.
1152 </para>
1153
1154 <variablelist class='environment-variables'>
1155 <varlistentry>
1156 <term><varname>$PATH</varname></term>
1157
1158 <listitem><para>Colon-separated list of directories to use
1159 when launching executables. Systemd uses a fixed value of
1160 <filename>/usr/local/sbin</filename>:<filename>/usr/local/bin</filename>:<filename>/usr/sbin</filename>:<filename>/usr/bin</filename>:<filename>/sbin</filename>:<filename>/bin</filename>.
1161 </para></listitem>
1162 </varlistentry>
1163
1164 <varlistentry>
1165 <term><varname>$LANG</varname></term>
1166
1167 <listitem><para>Locale. Can be set in
1168 <citerefentry><refentrytitle>locale.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
1169 or on the kernel command line (see
1170 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
1171 and
1172 <citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry>).
1173 </para></listitem>
1174 </varlistentry>
1175
1176 <varlistentry>
1177 <term><varname>$USER</varname></term>
1178 <term><varname>$LOGNAME</varname></term>
1179 <term><varname>$HOME</varname></term>
1180 <term><varname>$SHELL</varname></term>
1181
1182 <listitem><para>User name (twice), home directory, and the
1183 login shell. The variables are set for the units that have
1184 <varname>User=</varname> set, which includes user
1185 <command>systemd</command> instances. See
1186 <citerefentry><refentrytitle>passwd</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
1187 </para></listitem>
1188 </varlistentry>
1189
1190 <varlistentry>
1191 <term><varname>$XDG_RUNTIME_DIR</varname></term>
1192
1193 <listitem><para>The directory for volatile state. Set for the
1194 user <command>systemd</command> instance, and also in user
1195 sessions. See
1196 <citerefentry><refentrytitle>pam_systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
1197 </para></listitem>
1198 </varlistentry>
1199
1200 <varlistentry>
1201 <term><varname>$XDG_SESSION_ID</varname></term>
1202 <term><varname>$XDG_SEAT</varname></term>
1203 <term><varname>$XDG_VTNR</varname></term>
1204
1205 <listitem><para>The identifier of the session, the seat name,
1206 and virtual terminal of the session. Set by
1207 <citerefentry><refentrytitle>pam_systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
1208 for login sessions. <varname>$XDG_SEAT</varname> and
1209 <varname>$XDG_VTNR</varname> will only be set when attached to
1210 a seat and a tty.</para></listitem>
1211 </varlistentry>
1212
1213 <varlistentry>
1214 <term><varname>$MAINPID</varname></term>
1215
1216 <listitem><para>The PID of the units main process if it is
1217 known. This is only set for control processes as invoked by
1218 <varname>ExecReload=</varname> and similar. </para></listitem>
1219 </varlistentry>
1220
1221 <varlistentry>
1222 <term><varname>$MANAGERPID</varname></term>
1223
1224 <listitem><para>The PID of the user <command>systemd</command>
1225 instance, set for processes spawned by it. </para></listitem>
1226 </varlistentry>
1227
1228 <varlistentry>
1229 <term><varname>$LISTEN_FDS</varname></term>
1230 <term><varname>$LISTEN_PID</varname></term>
1231
1232 <listitem><para>Information about file descriptors passed to a
1233 service for socket activation. See
1234 <citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
1235 </para></listitem>
1236 </varlistentry>
1237
1238 <varlistentry>
1239 <term><varname>$TERM</varname></term>
1240
1241 <listitem><para>Terminal type, set only for units connected to
1242 a terminal (<varname>StandardInput=tty</varname>,
1243 <varname>StandardOutput=tty</varname>, or
1244 <varname>StandardError=tty</varname>). See
1245 <citerefentry project='man-pages'><refentrytitle>termcap</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
1246 </para></listitem>
1247 </varlistentry>
1248 </variablelist>
1249
1250 <para>Additional variables may be configured by the following
1251 means: for processes spawned in specific units, use the
1252 <varname>Environment=</varname> and
1253 <varname>EnvironmentFile=</varname> options above; to specify
1254 variables globally, use <varname>DefaultEnvironment=</varname>
1255 (see
1256 <citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>)
1257 or the kernel option <varname>systemd.setenv=</varname> (see
1258 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>).
1259 Additional variables may also be set through PAM,
1260 cf. <citerefentry project='man-pages'><refentrytitle>pam_env</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
1261 </refsect1>
1262
1263 <refsect1>
1264 <title>See Also</title>
1265 <para>
1266 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
1267 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
1268 <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
1269 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1270 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1271 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1272 <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1273 <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1274 <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1275 <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1276 <citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
1277 <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
1278 <citerefentry project='man-pages'><refentrytitle>exec</refentrytitle><manvolnum>3</manvolnum></citerefentry>
1279 </para>
1280 </refsect1>
1281
1282 </refentry>
Unnamed repository; edit this file 'description' to name the repository.