system/systemd
system/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd synced 2024-07-23 19:25:39 +00:00
Code Issues Actions 8 Packages Projects Releases Wiki Activity
systemd/docs/TRANSIENT-SETTINGS.md

512 lines
9.9 KiB
Markdown
Raw Normal View History

docs: add a "front matter" snippet to our markdown pages It turns out Jekyll (the engine behind GitHub Pages) requires that pages include a "Front Matter" snippet of YAML at the top for proper rendering. Omitting it will still render the pages, but including it opens up new possibilities, such as using a {% for %} loop to generate index.md instead of requiring a separate script. I'm hoping this will also fix the issue with some of the pages (notably CODE_OF_CONDUCT.html) not being available under systemd.io Tested locally by rendering the website with Jekyll. Before this change, the *.md files were kept unchanged (so not sure how that even works?!), after this commit, proper *.html files were generated from it.
2019-01-02 22:16:34 +00:00
---
docs: uppercase all markdown document titles For most we used uppercasing, but not for all. Let's stick to one rule, and uppercase them all.
2020-01-14 09:14:11 +00:00
title: What Settings Are Currently Available For Transient Units?
docs: place all our markdown docs in rough categories
2019-12-11 09:49:28 +00:00
category: Interfaces
docs: make it pretty Add custom Jekyll theme, logo, webfont and .gitignore FIXME: the markdown files have some H1 headers which need to be replaced with H2
2019-12-11 16:01:46 +00:00
layout: default
docs: add spdx tags to all .md files I have no idea if this is going to cause rendering problems, and it is fairly hard to check. So let's just merge this, and if it github markdown processor doesn't like it, revert.
2021-09-14 14:05:21 +00:00
SPDX-License-Identifier: LGPL-2.1-or-later
docs: add a "front matter" snippet to our markdown pages It turns out Jekyll (the engine behind GitHub Pages) requires that pages include a "Front Matter" snippet of YAML at the top for proper rendering. Omitting it will still render the pages, but including it opens up new possibilities, such as using a {% for %} loop to generate index.md instead of requiring a separate script. I'm hoping this will also fix the issue with some of the pages (notably CODE_OF_CONDUCT.html) not being available under systemd.io Tested locally by rendering the website with Jekyll. Before this change, the *.md files were kept unchanged (so not sure how that even works?!), after this commit, proper *.html files were generated from it.
2019-01-02 22:16:34 +00:00
---
docs: uppercase all markdown document titles For most we used uppercasing, but not for all. Let's stick to one rule, and uppercase them all.
2020-01-14 09:14:11 +00:00
# What Settings Are Currently Available For Transient Units?
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
Our intention is to make all settings that are available as unit file settings
doc: update list of transient units Doing this manually seem to work only so well, but it is indeed hard to generate automatically. Let's add the stuff that is missing for now. AddRef= is not a unit file setting, remove it from the list.
2019-11-27 12:47:01 +00:00
also available for transient units, through the D-Bus API. At the moment,
device, swap, and target units are not supported at all as transient units, but
others are pretty well supported.
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
The lists below contain all settings currently available in unit files. The
ones currently available in transient units are prefixed with `✓`.
## Generic Unit Settings
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
Most generic unit settings are available for transient units.
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
```
✓ Description=
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
✓ Documentation=
✓ SourcePath=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ Requires=
✓ Requisite=
✓ Wants=
✓ BindsTo=
✓ Conflicts=
✓ Before=
✓ After=
✓ OnFailure=
✓ PropagatesReloadTo=
✓ ReloadPropagatedFrom=
✓ PartOf=
core: add missing dependency DBus properties Follow-up for 0bc488c99ab2ed3464237607e381f4d72cd321d5. Also sort dependency properties to make them match the definition of `enum UnitDependency` in basic/unit-def.h. Fixes #22133.
2022-01-16 06:32:27 +00:00
✓ Upholds=
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
✓ JoinsNamespaceOf=
✓ RequiresMountsFor=
✓ StopWhenUnneeded=
✓ RefuseManualStart=
✓ RefuseManualStop=
✓ AllowIsolate=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ DefaultDependencies=
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
✓ OnFailureJobMode=
✓ IgnoreOnIsolate=
✓ JobTimeoutSec=
✓ JobRunningTimeoutSec=
✓ JobTimeoutAction=
✓ JobTimeoutRebootArgument=
doc: drop rhs from transient settings list I don't know why these particular ones had them.
2019-11-27 10:04:36 +00:00
✓ StartLimitIntervalSec=
✓ StartLimitBurst=
✓ StartLimitAction=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ FailureAction=
✓ SuccessAction=
core: allow to set exit status when using SuccessAction=/FailureAction=exit in units This adds SuccessActionExitStatus= and FailureActionExitStatus= that may be used to configure the exit status to propagate in when SuccessAction=exit or FailureAction=exit is used. When not specified let's also propagate the exit status of the main process we fork off for the unit.
2018-11-16 10:41:18 +00:00
✓ FailureActionExitStatus=
✓ SuccessActionExitStatus=
doc: drop rhs from transient settings list I don't know why these particular ones had them.
2019-11-27 10:04:36 +00:00
✓ RebootArgument=
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
✓ ConditionPathExists=
✓ ConditionPathExistsGlob=
✓ ConditionPathIsDirectory=
✓ ConditionPathIsSymbolicLink=
✓ ConditionPathIsMountPoint=
✓ ConditionPathIsReadWrite=
✓ ConditionDirectoryNotEmpty=
✓ ConditionFileNotEmpty=
✓ ConditionFileIsExecutable=
✓ ConditionNeedsUpdate=
✓ ConditionFirstBoot=
✓ ConditionKernelCommandLine=
✓ ConditionKernelVersion=
✓ ConditionArchitecture=
Add support for conditions on the machines firmware This allows to limit units to machines that run on a certain firmware type. For device tree defined machines checking against the machine's compatible is also possible.
2020-10-09 10:13:00 +00:00
✓ ConditionFirmware=
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
✓ ConditionVirtualization=
✓ ConditionSecurity=
✓ ConditionCapability=
✓ ConditionHost=
✓ ConditionACPower=
✓ ConditionUser=
✓ ConditionGroup=
✓ ConditionControlGroupController=
✓ AssertPathExists=
✓ AssertPathExistsGlob=
✓ AssertPathIsDirectory=
✓ AssertPathIsSymbolicLink=
✓ AssertPathIsMountPoint=
✓ AssertPathIsReadWrite=
✓ AssertDirectoryNotEmpty=
✓ AssertFileNotEmpty=
✓ AssertFileIsExecutable=
✓ AssertNeedsUpdate=
✓ AssertFirstBoot=
✓ AssertKernelCommandLine=
✓ AssertKernelVersion=
✓ AssertArchitecture=
✓ AssertVirtualization=
✓ AssertSecurity=
✓ AssertCapability=
✓ AssertHost=
✓ AssertACPower=
✓ AssertUser=
✓ AssertGroup=
✓ AssertControlGroupController=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ CollectMode=
```
## Execution-Related Settings
All execution-related settings are available for transient units.
```
✓ WorkingDirectory=
✓ RootDirectory=
✓ RootImage=
✓ User=
✓ Group=
✓ SupplementaryGroups=
✓ Nice=
✓ OOMScoreAdjust=
manager: add CoredumpFilter= setting Fixes #6685.
2020-04-04 14:43:25 +00:00
✓ CoredumpFilter=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ IOSchedulingClass=
✓ IOSchedulingPriority=
✓ CPUSchedulingPolicy=
✓ CPUSchedulingPriority=
✓ CPUSchedulingResetOnFork=
✓ CPUAffinity=
✓ UMask=
✓ Environment=
✓ EnvironmentFile=
✓ PassEnvironment=
✓ UnsetEnvironment=
✓ DynamicUser=
✓ RemoveIPC=
✓ StandardInput=
✓ StandardOutput=
✓ StandardError=
✓ StandardInputText=
✓ StandardInputData=
✓ TTYPath=
✓ TTYReset=
✓ TTYVHangup=
✓ TTYVTDisallocate=
exec: Add TTYRows and TTYColumns properties to set TTY dimensions
2021-10-28 15:26:50 +00:00
✓ TTYRows=
✓ TTYColumns=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ SyslogIdentifier=
✓ SyslogFacility=
✓ SyslogLevel=
✓ SyslogLevelPrefix=
✓ LogLevelMax=
✓ LogExtraFields=
journal: log filtering options support in PID1 Define new unit parameter (LogFilterPatterns) to filter logs processed by journald. This option is used to store a regular expression which is carried from PID1 to systemd-journald through a cgroup xattrs: `user.journald_log_filter_patterns`.
2022-11-07 19:30:01 +00:00
✓ LogFilterPatterns=
core: implement per unit journal rate limiting Add LogRateLimitIntervalSec= and LogRateLimitBurst= options for services. If provided, these values get passed to the journald client context, and those values are used in the rate limiting function in the journal over the the journald.conf values. Part of #10230
2018-10-08 03:28:36 +00:00
✓ LogRateLimitIntervalSec=
✓ LogRateLimitBurst=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ SecureBits=
✓ CapabilityBoundingSet=
✓ AmbientCapabilities=
✓ TimerSlackNSec=
✓ NoNewPrivileges=
✓ KeyringMode=
core: introduce ProtectProc= and ProcSubset= to expose hidepid= and subset= procfs mount options Kernel 5.8 gained a hidepid= implementation that is truly per procfs, which allows us to mount a distinct once into every unit, with individual hidepid= settings. Let's expose this via two new settings: ProtectProc= (wrapping hidpid=) and ProcSubset= (wrapping subset=). Replaces: #11670
2020-08-06 10:51:50 +00:00
✓ ProtectProc=
✓ ProcSubset=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ SystemCallFilter=
✓ SystemCallArchitectures=
✓ SystemCallErrorNumber=
exec: SystemCallLog= directive With new directive SystemCallLog= it's possible to list system calls to be logged. This can be used for auditing or temporarily when constructing system call filters. --- v5: drop intermediary, update HASHMAP_FOREACH_KEY() use v4: skip useless debug messages, actually parse directive v3: don't declare unused variables with old libseccomp v2: fix build without seccomp or old libseccomp
2020-08-30 18:56:13 +00:00
✓ SystemCallLog=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ MemoryDenyWriteExecute=
✓ RestrictNamespaces=
✓ RestrictRealtime=
man: document the new RestrictSUIDSGID= setting
2019-03-20 18:45:32 +00:00
✓ RestrictSUIDSGID=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ RestrictAddressFamilies=
doc: add recentry introduced transient settings Also sort entries for service settings.
2020-07-01 06:05:14 +00:00
✓ RootHash=
✓ RootHashSignature=
✓ RootVerity=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ LockPersonality=
✓ LimitCPU=
✓ LimitFSIZE=
✓ LimitDATA=
✓ LimitSTACK=
✓ LimitCORE=
✓ LimitRSS=
✓ LimitNOFILE=
✓ LimitAS=
✓ LimitNPROC=
✓ LimitMEMLOCK=
✓ LimitLOCKS=
✓ LimitSIGPENDING=
✓ LimitMSGQUEUE=
✓ LimitNICE=
✓ LimitRTPRIO=
✓ LimitRTTIME=
✓ ReadWritePaths=
✓ ReadOnlyPaths=
✓ InaccessiblePaths=
✓ BindPaths=
✓ BindReadOnlyPaths=
doc: update TRANSIENT-SETTINGS.md
2018-02-13 11:29:34 +00:00
✓ TemporaryFileSystem=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ PrivateTmp=
✓ PrivateDevices=
doc: list PrivateMounts= in TRANSIENT-SETTINGS.md Follow-up for #9153.
2018-07-12 06:40:17 +00:00
✓ PrivateMounts=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ ProtectKernelTunables=
✓ ProtectKernelModules=
doc: update list of transient units Doing this manually seem to work only so well, but it is indeed hard to generate automatically. Let's add the stuff that is missing for now. AddRef= is not a unit file setting, remove it from the list.
2019-11-27 12:47:01 +00:00
✓ ProtectKernelLogs=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ ProtectControlGroups=
✓ PrivateNetwork=
✓ PrivateUsers=
✓ ProtectSystem=
✓ ProtectHome=
man: doc: Document ProtectClock=
2020-01-26 20:47:50 +00:00
✓ ProtectClock=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ MountFlags=
✓ MountAPIVFS=
✓ Personality=
✓ RuntimeDirectoryPreserve=
✓ RuntimeDirectoryMode=
✓ RuntimeDirectory=
✓ StateDirectoryMode=
✓ StateDirectory=
✓ CacheDirectoryMode=
✓ CacheDirectory=
✓ LogsDirectoryMode=
✓ LogsDirectory=
✓ ConfigurationDirectoryMode=
✓ ConfigurationDirectory=
✓ PAMName=
✓ IgnoreSIGPIPE=
✓ UtmpIdentifier=
✓ UtmpMode=
✓ SELinuxContext=
✓ SmackProcessLabel=
✓ AppArmorProfile=
✓ Slice=
```
## Resource Control Settings
All cgroup/resource control settings are available for transient units
```
✓ CPUAccounting=
✓ CPUWeight=
✓ StartupCPUWeight=
✓ CPUShares=
✓ StartupCPUShares=
✓ CPUQuota=
core: add CPUQuotaPeriodSec= This new setting allows configuration of CFS period on the CPU cgroup, instead of using a hardcoded default of 100ms. Tested: - Legacy cgroup + Unified cgroup - systemctl set-property - systemctl show - Confirmed that the cgroup settings (such as cpu.cfs_period_ns) were set appropriately, including updating the CPU quota (cpu.cfs_quota_ns) when CPUQuotaPeriodSec= is updated. - Checked that clamping works properly when either period or (quota * period) are below the resolution of 1ms, or if period is above the max of 1s.
2018-11-02 16:21:57 +00:00
✓ CPUQuotaPeriodSec=
cgroup: introduce support for cgroup v2 CPUSET controller Introduce support for configuring cpus and mems for processes using cgroup v2 CPUSET controller. This allows users to limit which cpus and memory NUMA nodes can be used by processes to better utilize system resources. The cgroup v2 interfaces to control it are cpuset.cpus and cpuset.mems where the requested configuration is written. However, it doesn't mean that the requested configuration will be actually used as parent cgroup may limit the cpus or mems as well. In order to reflect the real configuration cgroup v2 provides read-only files cpuset.cpus.effective and cpuset.mems.effective which are exported to users as well.
2019-07-29 15:50:05 +00:00
✓ AllowedCPUs=
docs: update docs with StartupAllowedCPUs and StartupAllowedMemoryNodes details Signed-off-by: Peter Morrow <pemorrow@linux.microsoft.com>
2021-09-14 16:28:46 +00:00
✓ StartupAllowedCPUs=
cgroup: introduce support for cgroup v2 CPUSET controller Introduce support for configuring cpus and mems for processes using cgroup v2 CPUSET controller. This allows users to limit which cpus and memory NUMA nodes can be used by processes to better utilize system resources. The cgroup v2 interfaces to control it are cpuset.cpus and cpuset.mems where the requested configuration is written. However, it doesn't mean that the requested configuration will be actually used as parent cgroup may limit the cpus or mems as well. In order to reflect the real configuration cgroup v2 provides read-only files cpuset.cpus.effective and cpuset.mems.effective which are exported to users as well.
2019-07-29 15:50:05 +00:00
✓ AllowedMemoryNodes=
docs: update docs with StartupAllowedCPUs and StartupAllowedMemoryNodes details Signed-off-by: Peter Morrow <pemorrow@linux.microsoft.com>
2021-09-14 16:28:46 +00:00
✓ StartupAllowedMemoryNodes=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ MemoryAccounting=
cgroup: Polish hierarchically aware protection docs a bit I missed adding a section in `systemd.resource-control` about DefaultMemoryMin in #12332. Also, add a NEWS entry going over the general concept.
2019-04-30 18:22:04 +00:00
✓ DefaultMemoryMin=
core: add MemoryMin The kernel added support for a new cgroup memory controller knob memory.min in bf8d5d52ffe8 ("memcg: introduce memory.min") which was merged during v4.18 merge window. Add MemoryMin to support memory.min.
2018-06-09 00:33:14 +00:00
✓ MemoryMin=
cgroup: Implement default propagation of MemoryLow with DefaultMemoryLow In cgroup v2 we have protection tunables -- currently MemoryLow and MemoryMin (there will be more in future for other resources, too). The design of these protection tunables requires not only intermediate cgroups to propagate protections, but also the units at the leaf of that resource's operation to accept it (by setting MemoryLow or MemoryMin). This makes sense from an low-level API design perspective, but it's a good idea to also have a higher-level abstraction that can, by default, propagate these resources to children recursively. In this patch, this happens by having descendants set memory.low to N if their ancestor has DefaultMemoryLow=N -- assuming they don't set a separate MemoryLow value. Any affected unit can opt out of this propagation by manually setting `MemoryLow` to some value in its unit configuration. A unit can also stop further propagation by setting `DefaultMemoryLow=` with no argument. This removes further propagation in the subtree, but has no effect on the unit itself (for that, use `MemoryLow=0`). Our use case in production is simplifying the configuration of machines which heavily rely on memory protection tunables, but currently require tweaking a huge number of unit files to make that a reality. This directive makes that significantly less fragile, and decreases the risk of misconfiguration. After this patch is merged, I will implement DefaultMemoryMin= using the same principles.
2019-03-28 12:50:50 +00:00
✓ DefaultMemoryLow=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ MemoryLow=
✓ MemoryHigh=
✓ MemoryMax=
✓ MemorySwapMax=
✓ MemoryLimit=
✓ DeviceAllow=
✓ DevicePolicy=
✓ IOAccounting=
✓ IOWeight=
✓ StartupIOWeight=
✓ IODeviceWeight=
✓ IOReadBandwidthMax=
✓ IOWriteBandwidthMax=
✓ IOReadIOPSMax=
✓ IOWriteIOPSMax=
✓ BlockIOAccounting=
✓ BlockIOWeight=
✓ StartupBlockIOWeight=
✓ BlockIODeviceWeight=
✓ BlockIOReadBandwidth=
✓ BlockIOWriteBandwidth=
✓ TasksAccounting=
✓ TasksMax=
✓ Delegate=
core: support DisableControllers= for transient units
2019-04-17 07:42:55 +00:00
✓ DisableControllers=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ IPAccounting=
✓ IPAddressAllow=
✓ IPAddressDeny=
core: add ManagedOOM*= properties to configure systemd-oomd on the unit This adds the hook ups so it can be read with the usual systemd utilities. Used in later commits by sytemd-oomd.
2020-03-09 22:09:17 +00:00
✓ ManagedOOMSwap=
✓ ManagedOOMMemoryPressure=
oom: rework *MemoryPressureLimit= properties to have 1/10000 precision Requested in https://github.com/systemd/systemd/pull/15206#discussion_r505506657, preserve the full granularity for memory pressure limits (permyriad) instead of capping out at percent.
2021-02-02 22:16:03 +00:00
✓ ManagedOOMMemoryPressureLimit=
oom: add unit file settings for oomd avoid/omit xattrs
2021-01-28 10:31:44 +00:00
✓ ManagedOOMPreference=
man: document CoredumpReceive= setting
2023-10-11 14:46:42 +00:00
✓ CoredumpReceive=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
```
## Process Killing Settings
All process killing settings are available for transient units:
```
✓ SendSIGKILL=
✓ SendSIGHUP=
✓ KillMode=
✓ KillSignal=
doc: update list of transient units Doing this manually seem to work only so well, but it is indeed hard to generate automatically. Let's add the stuff that is missing for now. AddRef= is not a unit file setting, remove it from the list.
2019-11-27 12:47:01 +00:00
✓ RestartKillSignal=
Make final kill signal configurable Usecase is to allow changing the final kill from SIGKILL to SIGQUIT which should create a core dump useful for debugging why the service didn't stop with the SIGTERM
2018-07-20 15:22:43 +00:00
✓ FinalKillSignal=
Make Watchdog Signal Configurable Allows configuring the watchdog signal (with a default of SIGABRT). This allows an alternative to SIGABRT when coredumps are not desirable. Appropriate references to SIGABRT or aborting were renamed to reflect more liberal watchdog signals. Closes #8658
2018-09-19 19:03:01 +00:00
✓ WatchdogSignal=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
```
## Service Unit Settings
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
Most service unit settings are available for transient units.
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
```
doc: add recentry introduced transient settings Also sort entries for service settings.
2020-07-01 06:05:14 +00:00
✓ BusName=
core: ExecCondition= for services Closes #10596
2019-06-29 00:02:30 +00:00
✓ ExecCondition=
doc: add recentry introduced transient settings Also sort entries for service settings.
2020-07-01 06:05:14 +00:00
✓ ExecReload=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ ExecStart=
✓ ExecStartPost=
doc: add recentry introduced transient settings Also sort entries for service settings.
2020-07-01 06:05:14 +00:00
✓ ExecStartPre=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ ExecStop=
✓ ExecStopPost=
Reintroduce ExitType This introduces `ExitType=main|cgroup` for services. Similar to how `Type` specifies the launch of a service, `ExitType` is concerned with how systemd determines that a service exited. - If set to `main` (the current behavior), the service manager will consider the unit stopped when the main process exits. - The `cgroup` exit type is meant for applications whose forking model is not known ahead of time and which might not have a specific main process. The service will stay running as long as at least one process in the cgroup is running. This is intended for transient or automatically generated services, such as graphical applications inside of a desktop environment. Motivation for this is #16805. The original PR (#18782) was reverted (#20073) after realizing that the exit status of "the last process in the cgroup" can't reliably be known (#19385) This version instead uses the main process exit status if there is one and just listens to the cgroup empty event otherwise. The advantages of a service with `ExitType=cgroup` over scopes are: - Integrated logging / stdout redirection - Avoids the race / synchronisation issue between launch and scope creation - More extensive use of drop-ins and thus distro-level configuration: by moving from scopes to services we can have drop ins that will affect properties that can only be set during service creation, like `OOMPolicy` and security-related properties - It makes systemd-xdg-autostart-generator usable by fixing [1], as obviously only services can be used in the generator, not scopes. [1] https://bugs.kde.org/show_bug.cgi?id=433299
2021-02-24 15:13:21 +00:00
✓ ExitType=
doc: add recentry introduced transient settings Also sort entries for service settings.
2020-07-01 06:05:14 +00:00
✓ FileDescriptorStoreMax=
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
✓ GuessMainPID=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ NonBlocking=
✓ NotifyAccess=
doc: add recentry introduced transient settings Also sort entries for service settings.
2020-07-01 06:05:14 +00:00
✓ OOMPolicy=
✓ PIDFile=
✓ RemainAfterExit=
✓ Restart=
✓ RestartForceExitStatus=
✓ RestartPreventExitStatus=
✓ RestartSec=
✓ RootDirectoryStartOnly=
✓ RuntimeMaxSec=
core: implement RuntimeMaxDeltaSec directive
2021-07-13 17:38:08 +00:00
✓ RuntimeRandomizedExtraSec=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
Sockets=
doc: add recentry introduced transient settings Also sort entries for service settings.
2020-07-01 06:05:14 +00:00
✓ SuccessExitStatus=
✓ TimeoutAbortSec=
✓ TimeoutSec=
✓ TimeoutStartFailureMode=
✓ TimeoutStartSec=
✓ TimeoutStopFailureMode=
✓ TimeoutStopSec=
✓ Type=
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
✓ USBFunctionDescriptors=
✓ USBFunctionStrings=
doc: add recentry introduced transient settings Also sort entries for service settings.
2020-07-01 06:05:14 +00:00
✓ WatchdogSec=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
```
## Mount Unit Settings
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
All mount unit settings are available to transient units:
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
```
✓ What=
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
✓ Where=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ Options=
✓ Type=
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
✓ TimeoutSec=
✓ DirectoryMode=
✓ SloppyOptions=
✓ LazyUnmount=
✓ ForceUnmount=
man: document ReadWriteOnly property for mount units
2020-05-01 08:27:06 +00:00
✓ ReadWriteOnly=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
```
## Automount Unit Settings
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
All automount unit setting is available to transient units:
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
```
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
✓ Where=
✓ DirectoryMode=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ TimeoutIdleSec=
```
## Timer Unit Settings
Most timer unit settings are available to transient units.
```
✓ OnActiveSec=
✓ OnBootSec=
core: optionally, trigger .timer units on timezone and clock changes Fixes: #6228
2019-03-14 20:36:47 +00:00
✓ OnCalendar=
✓ OnClockChange=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ OnStartupSec=
core.timer: fix "systemd-analyze dump" and docs syntax inconsistencies wrt OnTimezoneChange=
2019-11-25 23:29:03 +00:00
✓ OnTimezoneChange=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ OnUnitActiveSec=
✓ OnUnitInactiveSec=
doc: update TRANSIENT-SETTINGS.md
2017-12-14 13:02:06 +00:00
✓ Persistent=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
✓ WakeSystem=
✓ RemainAfterElapse=
✓ AccuracySec=
✓ RandomizedDelaySec=
timer: add new feature FixedRandomDelay= FixedRandomDelay=yes will use `siphash24(sd_id128_get_machine() || MANAGER_IS_SYSTEM(m) || getuid() || u->id)`, where || is concatenation, instead of a random number to choose a value between 0 and RandomizedDelaySec= as the timer delay. This essentially sets up a fixed, but seemingly random, offset for each timer iteration rather than having a random offset recalculated each time it fires. Closes #10355 Co-author: Anita Zhang <the.anitazha@gmail.com>
2020-02-01 17:27:08 +00:00
✓ FixedRandomDelay=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
Unit=
```
## Slice Unit Settings
Slice units are fully supported as transient units, but they have no settings
of their own beyond the generic unit and resource control settings.
## Scope Unit Settings
Scope units are fully supported as transient units (in fact they only exist as
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
such).
```
scope: Support RuntimeMaxSec= directive in scope units Just as `RuntimeMaxSec=` is supported for service units, add support for it to scope units. This will gracefully kill a scope after the timeout expires from the moment the scope enters the running state. This could be used for time-limited login sessions, for example. Signed-off-by: Philip Withnall <withnall@endlessm.com> Fixes: #12035
2019-06-12 07:45:26 +00:00
✓ RuntimeMaxSec=
core: implement RuntimeMaxDeltaSec directive
2021-07-13 17:38:08 +00:00
✓ RuntimeRandomizedExtraSec=
doc: update TRANSIENT-SETTINGS.md
2017-12-29 14:05:37 +00:00
✓ TimeoutStopSec=
```
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
## Socket Unit Settings
doc: update TRANSIENT-SETTINGS.md
2017-12-19 01:53:38 +00:00
Most socket unit settings are available to transient units.
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
```
doc: update TRANSIENT-SETTINGS.md
2017-12-19 01:53:38 +00:00
✓ ListenStream=
✓ ListenDatagram=
✓ ListenSequentialPacket=
✓ ListenFIFO=
✓ ListenNetlink=
✓ ListenSpecial=
✓ ListenMessageQueue=
✓ ListenUSBFunction=
✓ SocketProtocol=
✓ BindIPv6Only=
✓ Backlog=
✓ BindToDevice=
✓ ExecStartPre=
✓ ExecStartPost=
✓ ExecStopPre=
✓ ExecStopPost=
✓ TimeoutSec=
✓ SocketUser=
✓ SocketGroup=
✓ SocketMode=
✓ DirectoryMode=
✓ Accept=
socket: New option 'FlushPending' (boolean) to flush socket before entering listening state Disabled by default. When Enabled, before listening on the socket, flush the content. Applies when Accept=no only.
2020-08-20 11:00:37 +00:00
✓ FlushPending=
doc: update TRANSIENT-SETTINGS.md
2017-12-19 01:53:38 +00:00
✓ Writable=
✓ MaxConnections=
✓ MaxConnectionsPerSource=
✓ KeepAlive=
✓ KeepAliveTimeSec=
✓ KeepAliveIntervalSec=
✓ KeepAliveProbes=
✓ DeferAcceptSec=
✓ NoDelay=
✓ Priority=
✓ ReceiveBuffer=
✓ SendBuffer=
✓ IPTOS=
✓ IPTTL=
✓ Mark=
✓ PipeSize=
✓ FreeBind=
✓ Transparent=
✓ Broadcast=
✓ PassCredentials=
✓ PassSecurity=
core: add new PassPacketInfo= socket unit property
2020-05-27 17:36:56 +00:00
✓ PassPacketInfo=
doc: update TRANSIENT-SETTINGS.md
2017-12-19 01:53:38 +00:00
✓ TCPCongestion=
✓ ReusePort=
✓ MessageQueueMaxMessages=
✓ MessageQueueMessageSize=
✓ RemoveOnStop=
✓ Symlinks=
✓ FileDescriptorName=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
Service=
doc: update TRANSIENT-SETTINGS.md
2017-12-19 01:53:38 +00:00
✓ TriggerLimitIntervalSec=
✓ TriggerLimitBurst=
✓ SmackLabel=
✓ SmackLabelIPIn=
✓ SmackLabelIPOut=
✓ SELinuxContextFromNet=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
```
## Swap Unit Settings
Swap units are currently not available at all as transient units:
```
What=
Priority=
Options=
TimeoutSec=
```
## Path Unit Settings
doc: update TRANSIENT-SETTINGS.md
2017-12-14 13:02:06 +00:00
Most path unit settings are available to transient units.
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
```
doc: update TRANSIENT-SETTINGS.md
2017-12-14 13:02:06 +00:00
✓ PathExists=
✓ PathExistsGlob=
✓ PathChanged=
✓ PathModified=
✓ DirectoryNotEmpty=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
Unit=
doc: update TRANSIENT-SETTINGS.md
2017-12-14 13:02:06 +00:00
✓ MakeDirectory=
✓ DirectoryMode=
documentation: add document listing all unit file settings also supported for transient units Unfortunately, there are far too many properties currently not accessible to transient units. The first step to opening them all up is to figure out which ones they are.
2017-11-23 19:26:02 +00:00
```
## Install Section
The `[Install]` section is currently not available at all for transient units, and it probably doesn't even make sense.
```
Alias=
WantedBy=
RequiredBy=
Also=
DefaultInstance=
```
Reference in a new issue Copy permalink