chiark / gitweb /
man: update journald rate limit defaults
[elogind.git] / man / systemd-system.conf.xml
1 <?xml version='1.0'?> <!--*-nxml-*-->
2 <?xml-stylesheet type="text/xsl" href="http://docbook.sourceforge.net/release/xsl/current/xhtml/docbook.xsl"?>
3 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
4         "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
5
6 <!--
7   This file is part of systemd.
8
9   Copyright 2010 Lennart Poettering
10
11   systemd is free software; you can redistribute it and/or modify it
12   under the terms of the GNU Lesser General Public License as published by
13   the Free Software Foundation; either version 2.1 of the License, or
14   (at your option) any later version.
15
16   systemd is distributed in the hope that it will be useful, but
17   WITHOUT ANY WARRANTY; without even the implied warranty of
18   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19   Lesser General Public License for more details.
20
21   You should have received a copy of the GNU Lesser General Public License
22   along with systemd; If not, see <http://www.gnu.org/licenses/>.
23 -->
24
25 <refentry id="systemd-system.conf">
26         <refentryinfo>
27                 <title>systemd-system.conf</title>
28                 <productname>systemd</productname>
29
30                 <authorgroup>
31                         <author>
32                                 <contrib>Developer</contrib>
33                                 <firstname>Lennart</firstname>
34                                 <surname>Poettering</surname>
35                                 <email>lennart@poettering.net</email>
36                         </author>
37                 </authorgroup>
38         </refentryinfo>
39
40         <refmeta>
41                 <refentrytitle>systemd-system.conf</refentrytitle>
42                 <manvolnum>5</manvolnum>
43         </refmeta>
44
45         <refnamediv>
46                 <refname>systemd-system.conf</refname>
47                 <refname>systemd-user.conf</refname>
48                 <refpurpose>System and session service manager configuration file</refpurpose>
49         </refnamediv>
50
51         <refsynopsisdiv>
52                 <para><filename>/etc/systemd/system.conf</filename></para>
53                 <para><filename>/etc/systemd/user.conf</filename></para>
54         </refsynopsisdiv>
55
56         <refsect1>
57                 <title>Description</title>
58
59                 <para>When run as system instance systemd reads the
60                 configuration file <filename>system.conf</filename>,
61                 otherwise <filename>user.conf</filename>. These
62                 configuration files contain a few settings controlling
63                 basic manager operations.</para>
64         </refsect1>
65
66         <refsect1>
67                 <title>Options</title>
68
69                 <para>All options are configured in the
70                 <literal>[Manager]</literal> section:</para>
71
72                 <variablelist class='systemd-directives'>
73
74                         <varlistentry>
75                                 <term><varname>LogLevel=</varname></term>
76                                 <term><varname>LogTarget=</varname></term>
77                                 <term><varname>LogColor=</varname></term>
78                                 <term><varname>LogLocation=</varname></term>
79                                 <term><varname>DumpCore=yes</varname></term>
80                                 <term><varname>CrashShell=no</varname></term>
81                                 <term><varname>ShowStatus=yes</varname></term>
82                                 <term><varname>CrashChVT=1</varname></term>
83                                 <term><varname>DefaultStandardOutput=journal</varname></term>
84                                 <term><varname>DefaultStandardError=inherit</varname></term>
85
86                                 <listitem><para>Configures various
87                                 parameters of basic manager
88                                 operation. These options may be
89                                 overridden by the respective command
90                                 line arguments. See
91                                 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
92                                 for details about these command line
93                                 arguments.</para></listitem>
94                         </varlistentry>
95
96                         <varlistentry>
97                                 <term><varname>CPUAffinity=</varname></term>
98
99                                 <listitem><para>Configures the initial
100                                 CPU affinity for the init
101                                 process. Takes a space-separated list
102                                 of CPU indices.</para></listitem>
103                         </varlistentry>
104
105                         <varlistentry>
106                                 <term><varname>JoinControllers=cpu,cpuacct net_cls,netprio</varname></term>
107
108                                 <listitem><para>Configures controllers
109                                 that shall be mounted in a single
110                                 hierarchy. By default, systemd will
111                                 mount all controllers which are
112                                 enabled in the kernel in individual
113                                 hierarchies, with the exception of
114                                 those listed in this setting. Takes a
115                                 space-separated list of comma-separated
116                                 controller names, in order
117                                 to allow multiple joined
118                                 hierarchies. Defaults to
119                                 'cpu,cpuacct'. Pass an empty string to
120                                 ensure that systemd mounts all
121                                 controllers in separate
122                                 hierarchies.</para>
123
124                                 <para>Note that this option is only
125                                 applied once, at very early boot. If
126                                 you use an initial RAM disk (initrd)
127                                 that uses systemd, it might hence be
128                                 necessary to rebuild the initrd if
129                                 this option is changed, and make sure
130                                 the new configuration file is included
131                                 in it. Otherwise, the initrd might
132                                 mount the controller hierarchies in a
133                                 different configuration than intended,
134                                 and the main system cannot remount
135                                 them anymore.</para></listitem>
136                         </varlistentry>
137
138                         <varlistentry>
139                                 <term><varname>RuntimeWatchdogSec=</varname></term>
140                                 <term><varname>ShutdownWatchdogSec=</varname></term>
141
142                                 <listitem><para>Configure the hardware
143                                 watchdog at runtime and at
144                                 reboot. Takes a timeout value in
145                                 seconds (or in other time units if
146                                 suffixed with <literal>ms</literal>,
147                                 <literal>min</literal>,
148                                 <literal>h</literal>,
149                                 <literal>d</literal>,
150                                 <literal>w</literal>). If
151                                 <varname>RuntimeWatchdogSec=</varname>
152                                 is set to a non-zero value, the
153                                 watchdog hardware
154                                 (<filename>/dev/watchdog</filename>)
155                                 will be programmed to automatically
156                                 reboot the system if it is not
157                                 contacted within the specified timeout
158                                 interval. The system manager will
159                                 ensure to contact it at least once in
160                                 half the specified timeout
161                                 interval. This feature requires a
162                                 hardware watchdog device to be
163                                 present, as it is commonly the case in
164                                 embedded and server systems. Not all
165                                 hardware watchdogs allow configuration
166                                 of the reboot timeout, in which case
167                                 the closest available timeout is
168                                 picked. <varname>ShutdownWatchdogSec=</varname>
169                                 may be used to configure the hardware
170                                 watchdog when the system is asked to
171                                 reboot. It works as a safety net to
172                                 ensure that the reboot takes place
173                                 even if a clean reboot attempt times
174                                 out. By default
175                                 <varname>RuntimeWatchdogSec=</varname>
176                                 defaults to 0 (off), and
177                                 <varname>ShutdownWatchdogSec=</varname>
178                                 to 10min. These settings have no
179                                 effect if a hardware watchdog is not
180                                 available.</para></listitem>
181                         </varlistentry>
182
183                         <varlistentry>
184                                 <term><varname>CapabilityBoundingSet=</varname></term>
185
186                                 <listitem><para>Controls which
187                                 capabilities to include in the
188                                 capability bounding set for PID 1 and
189                                 its children. See
190                                 <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
191                                 for details. Takes a whitespace-separated
192                                 list of capability names as read by
193                                 <citerefentry><refentrytitle>cap_from_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
194                                 Capabilities listed will be included
195                                 in the bounding set, all others are
196                                 removed. If the list of capabilities
197                                 is prefixed with ~, all but the listed
198                                 capabilities will be included, the
199                                 effect of the assignment
200                                 inverted. Note that this option also
201                                 affects the respective capabilities in
202                                 the effective, permitted and
203                                 inheritable capability sets. The
204                                 capability bounding set may also be
205                                 individually configured for units
206                                 using the
207                                 <varname>CapabilityBoundingSet=</varname>
208                                 directive for units, but note that
209                                 capabilities dropped for PID 1 cannot
210                                 be regained in individual units, they
211                                 are lost for good.</para></listitem>
212                         </varlistentry>
213
214                         <varlistentry>
215                                 <term><varname>SystemCallArchitectures=</varname></term>
216
217                                 <listitem><para>Takes a
218                                 space-separated list of architecture
219                                 identifiers. Selects from which
220                                 architectures system calls may be
221                                 invoked on this system. This may be
222                                 used as an effective way to disable
223                                 invocation of non-native binaries
224                                 system-wide, for example to prohibit
225                                 execution of 32-bit x86 binaries on
226                                 64-bit x86-64 systems. This option
227                                 operates system-wide, and acts
228                                 similar to the
229                                 <varname>SystemCallArchitectures=</varname>
230                                 setting of unit files, see
231                                 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
232                                 for details. This setting defaults to
233                                 the empty list, in which case no
234                                 filtering of system calls based on
235                                 architecture is applied. Known
236                                 architecture identifiers are
237                                 <literal>x86</literal>,
238                                 <literal>x86-64</literal>,
239                                 <literal>x32</literal>,
240                                 <literal>arm</literal> and the special
241                                 identifier
242                                 <literal>native</literal>. The latter
243                                 implicitly maps to the native
244                                 architecture of the system (or more
245                                 specifically, the architecture the
246                                 system manager was compiled for). Set
247                                 this setting to
248                                 <literal>native</literal> to prohibit
249                                 execution of any non-native
250                                 binaries. When a binary executes a
251                                 system call of an architecture that is
252                                 not listed in this setting, it will be
253                                 immediately terminated with the SIGSYS
254                                 signal.</para></listitem>
255                         </varlistentry>
256
257
258                         <varlistentry>
259                                 <term><varname>TimerSlackNSec=</varname></term>
260
261                                 <listitem><para>Sets the timer slack
262                                 in nanoseconds for PID 1, which is
263                                 inherited by all executed processes,
264                                 unless overridden individually, for
265                                 example with the
266                                 <varname>TimerSlackNSec=</varname>
267                                 setting in service units (for details
268                                 see
269                                 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>). The
270                                 timer slack controls the accuracy of
271                                 wake-ups triggered by system
272                                 timers. See
273                                 <citerefentry><refentrytitle>prctl</refentrytitle><manvolnum>2</manvolnum></citerefentry>
274                                 for more information. Note that in
275                                 contrast to most other time span
276                                 definitions this parameter takes an
277                                 integer value in nano-seconds if no
278                                 unit is specified. The usual time
279                                 units are understood
280                                 too.</para></listitem>
281                         </varlistentry>
282
283                         <varlistentry>
284                                 <term><varname>DefaultTimerAccuracySec=</varname></term>
285
286                                 <listitem><para>Sets the default
287                                 accuracy of timer units. This controls
288                                 the global default for the
289                                 <varname>AccuracySec=</varname>
290                                 setting of timer units, see
291                                 <citerefentry><refentrytitle>systemd.timer</refentrytitle><manvolnum>5</manvolnum></citerefentry>
292                                 for
293                                 details. <varname>AccuracySec=</varname>
294                                 set in individual units override the
295                                 global default for the specific
296                                 unit. Defaults to 1min. Note that the
297                                 accuracy of timer units is also
298                                 affected by the configured timer slack
299                                 for PID 1, see
300                                 <varname>TimerSlackNSec=</varname>
301                                 above.</para></listitem>
302                         </varlistentry>
303
304                         <varlistentry>
305                                 <term><varname>DefaultCPUQuotaPeriodSec=</varname></term>
306
307                                 <listitem><para>Sets the default CPU
308                                 quota period. Defaults to 100ms. This
309                                 controls th global default for the
310                                 <varname>CPUQuotaPeriodSec=</varname>
311                                 setting of units, see
312                                 <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
313                                 for details.</para></listitem>
314                         </varlistentry>
315
316                         <varlistentry>
317                                 <term><varname>DefaultTimeoutStartSec=</varname></term>
318                                 <term><varname>DefaultTimeoutStopSec=</varname></term>
319                                 <term><varname>DefaultRestartSec=</varname></term>
320
321                                 <listitem><para>Configures the default
322                                 timeouts for starting and stopping of
323                                 units, as well as the default time to
324                                 sleep between automatic restarts of
325                                 units, as configured per-unit in
326                                 <varname>TimeoutStartSec=</varname>,
327                                 <varname>TimeoutStopSec=</varname> and
328                                 <varname>RestartSec=</varname> (for
329                                 services, see
330                                 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
331                                 for details on the per-unit
332                                 settings). For non-service units,
333                                 <varname>DefaultTimeoutStartSec=</varname>
334                                 sets the default
335                                 <varname>TimeoutSec=</varname> value.
336                                 </para></listitem>
337                         </varlistentry>
338
339                         <varlistentry>
340                                 <term><varname>DefaultStartLimitInterval=</varname></term>
341                                 <term><varname>DefaultStartLimitBurst=</varname></term>
342
343                                 <listitem><para>Configure the default
344                                 unit start rate limiting, as
345                                 configured per-service by
346                                 <varname>StartLimitInterval=</varname>
347                                 and
348                                 <varname>StartLimitBurst=</varname>. See
349                                 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
350                                 for details on the per-service
351                                 settings.</para></listitem>
352                         </varlistentry>
353
354                         <varlistentry>
355                                 <term><varname>DefaultEnvironment=</varname></term>
356
357                                 <listitem><para>Sets manager
358                                 environment variables passed to all
359                                 executed processes. Takes a
360                                 space-separated list of variable
361                                 assignments. See
362                                 <citerefentry><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
363                                 for details about environment
364                                 variables.</para>
365
366                                 <para>Example:
367
368                                 <programlisting>DefaultEnvironment="VAR1=word1 word2" VAR2=word3 "VAR3=word 5 6"</programlisting>
369
370                                 Sets three variables
371                                 <literal>VAR1</literal>,
372                                 <literal>VAR2</literal>,
373                                 <literal>VAR3</literal>.</para></listitem>
374                         </varlistentry>
375
376                         <varlistentry>
377                                 <term><varname>DefaultCPUAccounting=</varname></term>
378                                 <term><varname>DefaultBlockIOAccounting=</varname></term>
379                                 <term><varname>DefaultMemoryAccounting=</varname></term>
380
381                                 <listitem><para>Configure the default
382                                 resource accounting settings, as
383                                 configured per-unit by
384                                 <varname>CPUAccounting=</varname>,
385                                 <varname>BlockIOAccounting=</varname>
386                                 and
387                                 <varname>MemoryAccounting=</varname>. See
388                                 <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
389                                 for details on the per-unit
390                                 settings.</para></listitem>
391                         </varlistentry>
392
393                         <varlistentry>
394                                 <term><varname>DefaultLimitCPU=</varname></term>
395                                 <term><varname>DefaultLimitFSIZE=</varname></term>
396                                 <term><varname>DefaultLimitDATA=</varname></term>
397                                 <term><varname>DefaultLimitSTACK=</varname></term>
398                                 <term><varname>DefaultLimitCORE=</varname></term>
399                                 <term><varname>DefaultLimitRSS=</varname></term>
400                                 <term><varname>DefaultLimitNOFILE=</varname></term>
401                                 <term><varname>DefaultLimitAS=</varname></term>
402                                 <term><varname>DefaultLimitNPROC=</varname></term>
403                                 <term><varname>DefaultLimitMEMLOCK=</varname></term>
404                                 <term><varname>DefaultLimitLOCKS=</varname></term>
405                                 <term><varname>DefaultLimitSIGPENDING=</varname></term>
406                                 <term><varname>DefaultLimitMSGQUEUE=</varname></term>
407                                 <term><varname>DefaultLimitNICE=</varname></term>
408                                 <term><varname>DefaultLimitRTPRIO=</varname></term>
409                                 <term><varname>DefaultLimitRTTIME=</varname></term>
410
411                                 <listitem><para>These settings control
412                                 various default resource limits for
413                                 units. See
414                                 <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry>
415                                 for details. Use the string
416                                 <varname>infinity</varname> to
417                                 configure no limit on a specific
418                                 resource. These settings may be
419                                 overridden in individual units
420                                 using the corresponding LimitXXX=
421                                 directives. Note that these resource
422                                 limits are only defaults for units,
423                                 they are not applied to PID 1
424                                 itself.</para></listitem>
425                         </varlistentry>
426                 </variablelist>
427         </refsect1>
428
429         <refsect1>
430                   <title>See Also</title>
431                   <para>
432                           <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
433                           <citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
434                           <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
435                           <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
436                           <citerefentry><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
437                           <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
438                   </para>
439         </refsect1>
440
441 </refentry>