X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=man%2Fsystemd.exec.xml;h=ff8b812ef44087ab47278cde43bcc83e3614952a;hb=dc99a9764418a1974c46c55efa73b034f530a5a5;hp=d299fc03821db1da6e40454bbce9e5bdacd62ec7;hpb=d868475ad62547f0a034dfaf038aff31b3d05372;p=elogind.git
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index d299fc038..ff8b812ef 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -1,4 +1,3 @@
-
@@ -58,7 +57,7 @@
Description
Unit configuration files for services, sockets,
- mount points, and swap devices share a subset of
+ mount points and swap devices share a subset of
configuration options which define the execution
environment of spawned processes.
@@ -77,6 +76,27 @@
configuration options are configured in the [Service],
[Socket], [Mount], or [Swap] sections, depending on the unit
type.
+
+ Processes started by the system systemd instance
+ are executed in a clean environment in which only the
+ $PATH and $LANG
+ variables are set by default. In order to add
+ additional variables, see the
+ Environment= and
+ EnvironmentFile= options below. To
+ specify variables globally, see
+ DefaultEnvironment= in
+ systemd-system.conf5
+ or the kernel option
+ systemd.setenv= in
+ systemd1. Processes
+ started by the user systemd instances inherit all
+ environment variables from the user systemd instance,
+ and have $HOME,
+ $USER,
+ $XDG_RUNTIME_DIR defined, among
+ others. In addition, $MANAGERPID
+ contains the PID of the user systemd instance.
@@ -167,7 +187,7 @@
for this process) and 1000 (to make
killing of this process under memory
pressure very likely). See proc.txt
+ url="https://www.kernel.org/doc/Documentation/filesystems/proc.txt">proc.txt
for details.
@@ -327,8 +347,8 @@
absolute filename or wildcard
expression, optionally prefixed with
-, which indicates
- that if the file does not exist it
- won't be read and no error or warning
+ that if the file does not exist, it
+ will not be read and no error or warning
message is logged. This option may be
specified more than once in which case
all specified files are read. If the
@@ -791,160 +811,6 @@
setting.
-
- ControlGroup=
-
- Controls the control
- groups the executed processes shall be
- made members of. Takes a
- space-separated list of cgroup
- identifiers. A cgroup identifier is
- formatted like
- cpu:/foo/bar,
- where "cpu" indicates the kernel
- control group controller used, and
- /foo/bar is the
- control group path. The controller
- name and ":" may be omitted in which
- case the named systemd control group
- hierarchy is implied. Alternatively,
- the path and ":" may be omitted, in
- which case the default control group
- path for this unit is implied.
-
- This option may be used to place
- executed processes in arbitrary groups
- in arbitrary hierarchies -- which may
- then be externally configured with
- additional execution limits. By
- default systemd will place all
- executed processes in separate
- per-unit control groups (named after
- the unit) in the systemd named
- hierarchy. This option is primarily
- intended to place executed processes
- in specific paths in specific kernel
- controller hierarchies. It is not
- recommended to manipulate the service
- control group path in the private
- systemd named hierarchy
- (i.e. name=systemd),
- and doing this might result in
- undefined behaviour. For details about
- control groups see cgroups.txt.
-
- This option may appear more than
- once, in which case the list of
- control group assignments is
- merged. If the same hierarchy gets two
- different paths assigned only the
- later setting will take effect. If the
- empty string is assigned to this
- option the list of control group
- assignments is reset, all previous
- assignments will have no
- effect.
-
- Note that the list of control
- group assignments of a unit is
- extended implicitly based on the
- settings of
- DefaultControllers=
- of
- systemd-system.conf5,
- but a unit's
- ControlGroup=
- setting for a specific controller
- takes precedence.
-
-
-
- ControlGroupModify=
- Takes a boolean
- argument. If true, the control groups
- created for this unit will be owned by
- the user specified with
- User= (and the
- appropriate group), and he/she can create
- subgroups as well as add processes to
- the group.
-
-
-
- ControlGroupPersistent=
- Takes a boolean
- argument. If true, the control groups
- created for this unit will be marked
- to be persistent, i.e. systemd will
- not remove them when stopping the
- unit. The default is false, meaning
- that the control groups will be
- removed when the unit is stopped. For
- details about the semantics of this
- logic see PaxControlGroups.
-
-
-
- ControlGroupAttribute=
-
- Set a specific control
- group attribute for executed
- processes, and (if needed) add the
- executed processes to a cgroup in the
- hierarchy of the controller the
- attribute belongs to. Takes two
- space-separated arguments: the
- attribute name (syntax is
- cpu.shares where
- cpu refers to a
- specific controller and
- shares to the
- attribute name), and the attribute
- value. Example:
- ControlGroupAttribute=cpu.shares
- 512. If this option is used
- for an attribute that belongs to a
- kernel controller hierarchy the unit
- is not already configured to be added
- to (for example via the
- ControlGroup=
- option) then the unit will be added to
- the controller and the default unit
- cgroup path is implied. Thus, using
- ControlGroupAttribute=
- is in most cases sufficient to make
- use of control group enforcements,
- explicit
- ControlGroup= are
- only necessary in case the implied
- default control group path for a
- service is not desirable. For details
- about control group attributes see
- cgroups.txt. This
- option may appear more than once, in
- order to set multiple control group
- attributes. If this option is used
- multiple times for the same cgroup
- attribute only the later setting takes
- effect. If the empty string is
- assigned to this option the list of
- attributes is reset, all previous
- cgroup attribute settings have no
- effect, including those done with
- CPUShares=,
- MemoryLimit=,
- MemorySoftLimit,
- DeviceAllow=,
- DeviceDeny=,
- BlockIOWeight=,
- BlockIOReadBandwidth=,
- BlockIOWriteBandwidth=.
-
-
-
ReadWriteDirectories=
ReadOnlyDirectories=
@@ -982,7 +848,15 @@
the empty string is assigned to this
option the specific list is reset, and
all prior assignments have no
- effect.
+ effect.
+ Paths in
+ ReadOnlyDirectories=
+ and
+ InaccessibleDirectories=
+ may be prefixed with
+ -, in which case
+ they will be ignored when they do not
+ exist.
@@ -1118,7 +992,7 @@
sigreturn,
exit_group,
exit system calls
- are implicitly whitelisted and don't
+ are implicitly whitelisted and do not
need to be listed explicitly. This
option may be specified more than once
in which case the filter masks are
@@ -1143,6 +1017,7 @@
systemd.swap5,
systemd.mount5,
systemd.kill5,
+ systemd.cgroup5,
systemd.directives7