http://0pointer.de/blog/projects/systemd.html
WEB SITE:
- http://www.freedesktop.org/wiki/Software/systemd
+ https://www.freedesktop.org/wiki/Software/systemd
GIT:
git@github.com:systemd/systemd.git
- https://github.com/systemd/systemd.git
-
-GITWEB:
https://github.com/systemd/systemd
MAILING LIST:
- http://lists.freedesktop.org/mailman/listinfo/systemd-devel
+ https://lists.freedesktop.org/mailman/listinfo/systemd-devel
IRC:
#systemd on irc.freenode.org
- except src/udev/* which is (currently still) GPLv2, GPLv2+
REQUIREMENTS:
- Linux kernel >= 3.12
+ Linux kernel >= 3.13
Linux kernel >= 4.2 for unified cgroup hierarchy support
Kernel Config Options:
CONFIG_PROC_FS
CONFIG_FHANDLE (libudev, mount and bind mount handling)
+ Kernel crypto/hash API
+ CONFIG_CRYPTO_USER_API_HASH
+ CONFIG_CRYPTO_HMAC
+ CONFIG_CRYPTO_SHA256
+
udev will fail to work with the legacy sysfs layout:
CONFIG_SYSFS_DEPRECATED=n
create additional symlinks in /dev/disk/ and /dev/tape:
CONFIG_BLK_DEV_BSG
- Required for PrivateNetwork and PrivateDevices in service units:
+ Required for PrivateNetwork= and PrivateDevices= in service units:
CONFIG_NET_NS
CONFIG_DEVPTS_MULTIPLE_INSTANCES
Note that systemd-localed.service and other systemd units use
PrivateNetwork and PrivateDevices so this is effectively required.
+ Required for PrivateUsers= in service units:
+ CONFIG_USER_NS
+
Optional but strongly recommended:
CONFIG_IPV6
CONFIG_AUTOFS4_FS
CONFIG_TMPFS_XATTR
CONFIG_{TMPFS,EXT4,XFS,BTRFS_FS,...}_POSIX_ACL
CONFIG_SECCOMP
+ CONFIG_SECCOMP_FILTER (required for seccomp support)
CONFIG_CHECKPOINT_RESTORE (for the kcmp() syscall)
Required for CPUShares= in resource control unit settings
Required for CPUQuota= in resource control unit settings
CONFIG_CFS_BANDWIDTH
+ Required for IPAddressDeny= and IPAddressAllow= in resource control
+ unit settings
+ CONFIG_CGROUP_BPF
+
For UEFI systems:
CONFIG_EFIVAR_FS
CONFIG_EFI_PARTITION
fixed, and it's best to disable group scheduling hence.
CONFIG_RT_GROUP_SCHED=n
+ It's a good idea to disable the implicit creation of networking bonding
+ devices by the kernel networking bonding module, so that the
+ automatically created "bond0" interface doesn't conflict with any such
+ device created by systemd-networkd (or other tools). Ideally there
+ would be a kernel compile-time option for this, but there currently
+ isn't. The next best thing is to make this change through a modprobe.d
+ drop-in. This is shipped by default, see modprobe.d/systemd.conf.
+
Note that kernel auditing is broken when used with systemd's
container code. When using systemd in conjunction with
containers, please make sure to either turn off auditing at
glibc >= 2.16
libcap
- libmount >= 2.27.1 (from util-linux)
- (util-linux *must* be built with --enable-libmount-force-mountinfo)
- libseccomp >= 1.0.0 (optional)
+ libmount >= 2.30 (from util-linux)
+ (util-linux *must* be built without --enable-libmount-support-mtab)
+ libseccomp >= 2.3.1 (optional)
libblkid >= 2.24 (from util-linux) (optional)
libkmod >= 15 (optional)
PAM >= 1.1.2 (optional)
libqrencode (optional)
libmicrohttpd (optional)
libpython (optional)
- libidn (optional)
+ libidn2 or libidn (optional)
elfutils >= 158 (optional)
- make, gcc, and similar tools
+ polkit (optional)
+ pkg-config
+ gperf
+ docbook-xsl (optional, required for documentation)
+ xsltproc (optional, required for documentation)
+ python-lxml (optional, required to build the indices)
+ python, meson, ninja
+ gcc, awk, sed, grep, m4, and similar tools
During runtime, you need the following additional
dependencies:
util-linux >= v2.27.1 required
dbus >= 1.4.0 (strictly speaking optional, but recommended)
+ NOTE: If using dbus < 1.9.18, you should override the default
+ policy directory (--with-dbuspolicydir=/etc/dbus-1/system.d).
dracut (optional)
PolicyKit (optional)
- When building from git, the following tools are needed:
+ To build in directory build/:
+ meson build/ && ninja -C build
- pkg-config
- docbook-xsl
- xsltproc
- automake
- autoconf
- libtool
- intltool
- gperf
- python (optional)
- python-lxml (optional, but required to build the indices)
+ Any configuration options can be specfied as -Darg=value... arguments
+ to meson. After the build directory is initially configured, meson will
+ refuse to run again, and options must be changed with:
+ mesonconf -Darg=value...
+ mesonconf without any arguments will print out available options and
+ their current values.
+
+ Useful commands:
+ ninja -v some/target
+ ninja test
+ sudo ninja install
+ DESTDIR=... ninja install
- The build system is initialized with ./autogen.sh. A tar ball
- can be created with:
+ A tarball can be created with:
git archive --format=tar --prefix=systemd-222/ v222 | xz > systemd-222.tar.xz
When systemd-hostnamed is used, it is strongly recommended to
under all circumstances. In fact, systemd-hostnamed will warn
if nss-myhostname is not installed.
+ nss-systemd must be enabled on systemd systems, as that's required for
+ DynamicUser= to work. Note that we ship services out-of-the-box that
+ make use of DynamicUser= now, hence enabling nss-systemd is not
+ optional.
+
+ Note that the build prefix for systemd must be /usr. -Dsplit-usr=false
+ (which is the default and does not need to be specified) is the
+ recommended setting, and -Dsplit-usr=true should be used on systems
+ which have /usr on a separate partition.
+
+ Additional packages are necessary to run some tests:
+ - busybox (used by test/TEST-13-NSPAWN-SMOKE)
+ - nc (used by test/TEST-12-ISSUE-3171)
+ - python3-pyparsing
+ - python3-evdev (used by hwdb parsing tests)
+ - strace (used by test/test-functions)
+ - capsh (optional, used by test-execute)
+
USERS AND GROUPS:
Default udev rules use the following standard system group
names, which need to be resolvable by getgrnam() at any time,
even in the very early boot stages, where no other databases
and network are available:
- audio, cdrom, dialout, disk, input, kmem, lp, tape, tty, video
+ audio, cdrom, dialout, disk, input, kmem, kvm, lp, render, tape, tty, video
During runtime, the journal daemon requires the
"systemd-journal" system group to exist. New journal files will
needs to look like, and provide an implementation at the marked places.
WARNINGS:
- systemd will warn you during boot if /usr is on a different
- file system than /. While in systemd itself very little will
- break if /usr is on a separate partition, many of its
- dependencies very likely will break sooner or later in one
- form or another. For example, udev rules tend to refer to
- binaries in /usr, binaries that link to libraries in /usr or
- binaries that refer to data files in /usr. Since these
- breakages are not always directly visible, systemd will warn
- about this, since this kind of file system setup is not really
- supported anymore by the basic set of Linux OS components.
+ systemd will warn during early boot if /usr is not already mounted at
+ this point (that means: either located on the same file system as / or
+ already mounted in the initrd). While in systemd itself very little
+ will break if /usr is on a separate, late-mounted partition, many of
+ its dependencies very likely will break sooner or later in one form or
+ another. For example, udev rules tend to refer to binaries in /usr,
+ binaries that link to libraries in /usr or binaries that refer to data
+ files in /usr. Since these breakages are not always directly visible,
+ systemd will warn about this, since this kind of file system setup is
+ not really supported anymore by the basic set of Linux OS components.
systemd requires that the /run mount point exists. systemd also
requires that /var/run is a symlink to /run.
For more information on this issue consult
- http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken
+ https://www.freedesktop.org/wiki/Software/systemd/separate-usr-is-broken
To run systemd under valgrind, compile with VALGRIND defined
- (e.g. ./configure CPPFLAGS='... -DVALGRIND=1'). Otherwise,
- false positives will be triggered by code which violates
- some rules but is actually safe.
-
- Currently, systemd-timesyncd defaults to use the Google NTP
- servers if not specified otherwise at configure time. You
- really should not ship an OS or device with this default
- setting. See DISTRO_PORTING for details.
+ (e.g. CPPFLAGS='... -DVALGRIND=1' meson <options>) and have valgrind
+ development headers installed (i.e. valgrind-devel or
+ equivalent). Otherwise, false positives will be triggered by code which
+ violates some rules but is actually safe. Note that valgrind generates
+ nice output only on exit(), hence on shutdown we don't execve()
+ systemd-shutdown.
ENGINEERING AND CONSULTING SERVICES:
Kinvolk (https://kinvolk.io) offers professional engineering
projects / thirdparty / systemd.git / blobdiff