man: ipv4 link-local

[elogind.git] / man / systemd-system.conf.xml
diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml

index d8bfd1279d1db5c58c3c380837e04bfbba34a95b..a7dfc0329c6891e62875cf56521d9eb315a39924 100644 (file)
--- a/man/systemd-system.conf.xml
+++ b/man/systemd-system.conf.xml
@@ -61,7 +61,6 @@
                  otherwise <filename>user.conf</filename>. These
                  configuration files contain a few settings controlling
                  basic manager operations.</para>
                  otherwise <filename>user.conf</filename>. These
                  configuration files contain a few settings controlling
                  basic manager operations.</para>
-
          </refsect1>
  
          <refsect1>
          </refsect1>
  
          <refsect1>
@@ -100,46 +99,21 @@
                                  <listitem><para>Configures the initial
                                  CPU affinity for the init
                                  process. Takes a space-separated list
                                  <listitem><para>Configures the initial
                                  CPU affinity for the init
                                  process. Takes a space-separated list
-                                of CPU indexes.</para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
-                                <term><varname>DefaultControllers=cpu</varname></term>
-
-                                <listitem><para>Configures in which
-                                control group hierarchies to create
-                                per-service cgroups automatically, in
-                                addition to the
-                                <literal>name=systemd</literal> named
-                                hierarchy. Defaults to
-                                <literal>cpu</literal>. Takes a space
-                                separated list of controller
-                                names. Pass the empty string to ensure
-                                that systemd does not touch any
-                                hierarchies but its own.</para>
-
-                                <para>Note that the default value of
-                                'cpu' will make realtime scheduling
-                                unavailable to system services. See
-                                <ulink
-                                url="http://www.freedesktop.org/wiki/Software/systemd/MyServiceCantGetRealtime">My
-                                Service Can't Get Realtime!</ulink>
-                                for more
-                                information.</para></listitem>
+                                of CPU indices.</para></listitem>
                          </varlistentry>
  
                          <varlistentry>
                          </varlistentry>
  
                          <varlistentry>
-                                <term><varname>JoinControllers=cpu,cpuacct,cpuset net_cls,netprio</varname></term>
+                                <term><varname>JoinControllers=cpu,cpuacct net_cls,netprio</varname></term>
  
                                  <listitem><para>Configures controllers
                                  that shall be mounted in a single
  
                                  <listitem><para>Configures controllers
                                  that shall be mounted in a single
-                                hierarchy. By default systemd will
+                                hierarchy. By default, systemd will
                                  mount all controllers which are
                                  enabled in the kernel in individual
                                  hierarchies, with the exception of
                                  those listed in this setting. Takes a
                                  mount all controllers which are
                                  enabled in the kernel in individual
                                  hierarchies, with the exception of
                                  those listed in this setting. Takes a
-                                space separated list of comma
-                                separated controller names, in order
+                                space-separated list of comma-separated
+                                controller names, in order
                                  to allow multiple joined
                                  hierarchies. Defaults to
                                  'cpu,cpuacct'. Pass an empty string to
                                  to allow multiple joined
                                  hierarchies. Defaults to
                                  'cpu,cpuacct'. Pass an empty string to
@@ -150,11 +124,11 @@
                                  <para>Note that this option is only
                                  applied once, at very early boot. If
                                  you use an initial RAM disk (initrd)
                                  <para>Note that this option is only
                                  applied once, at very early boot. If
                                  you use an initial RAM disk (initrd)
-                                that uses systemd it might hence be
+                                that uses systemd, it might hence be
                                  necessary to rebuild the initrd if
                                  this option is changed, and make sure
                                  the new configuration file is included
                                  necessary to rebuild the initrd if
                                  this option is changed, and make sure
                                  the new configuration file is included
-                                in it. Otherwise the initrd might
+                                in it. Otherwise, the initrd might
                                  mount the controller hierarchies in a
                                  different configuration than intended,
                                  and the main system cannot remount
                                  mount the controller hierarchies in a
                                  different configuration than intended,
                                  and the main system cannot remount
@@ -175,7 +149,7 @@
                                  <literal>d</literal>,
                                  <literal>w</literal>). If
                                  <varname>RuntimeWatchdogSec=</varname>
                                  <literal>d</literal>,
                                  <literal>w</literal>). If
                                  <varname>RuntimeWatchdogSec=</varname>
-                                is set to a non-zero value the
+                                is set to a non-zero value, the
                                  watchdog hardware
                                  (<filename>/dev/watchdog</filename>)
                                  will be programmed to automatically
                                  watchdog hardware
                                  (<filename>/dev/watchdog</filename>)
                                  will be programmed to automatically
@@ -214,14 +188,13 @@
                                  capability bounding set for PID 1 and
                                  its children. See
                                  <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
                                  capability bounding set for PID 1 and
                                  its children. See
                                  <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
-                                for details. Takes a whitespace
-                                separated list of capability names as
-                                read by
+                                for details. Takes a whitespace-separated
+                                list of capability names as read by
                                  <citerefentry><refentrytitle>cap_from_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
                                  Capabilities listed will be included
                                  in the bounding set, all others are
                                  removed. If the list of capabilities
                                  <citerefentry><refentrytitle>cap_from_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
                                  Capabilities listed will be included
                                  in the bounding set, all others are
                                  removed. If the list of capabilities
-                                is prefixed with ~ all but the listed
+                                is prefixed with ~, all but the listed
                                  capabilities will be included, the
                                  effect of the assignment
                                  inverted. Note that this option also
                                  capabilities will be included, the
                                  effect of the assignment
                                  inverted. Note that this option also
@@ -238,6 +211,50 @@
                                  are lost for good.</para></listitem>
                          </varlistentry>
  
                                  are lost for good.</para></listitem>
                          </varlistentry>
  
+                        <varlistentry>
+                                <term><varname>SystemCallArchitectures=</varname></term>
+
+                                <listitem><para>Takes a
+                                space-separated list of architecture
+                                identifiers. Selects from which
+                                architectures system calls may be
+                                invoked on this system. This may be
+                                used as an effective way to disable
+                                invocation of non-native binaries
+                                system-wide, for example to prohibit
+                                execution of 32-bit x86 binaries on
+                                64-bit x86-64 systems. This option
+                                operates system-wide, and acts
+                                similar to the
+                                <varname>SystemCallArchitectures=</varname>
+                                setting of unit files, see
+                                <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+                                for details. This setting defaults to
+                                the empty list, in which case no
+                                filtering of system calls based on
+                                architecture is applied. Known
+                                architecture identifiers are
+                                <literal>x86</literal>,
+                                <literal>x86-64</literal>,
+                                <literal>x32</literal>,
+                                <literal>arm</literal> and the special
+                                identifier
+                                <literal>native</literal>. The latter
+                                implicitly maps to the native
+                                architecture of the system (or more
+                                specifically, the architecture the
+                                system manager was compiled for). Set
+                                this setting to
+                                <literal>native</literal> to prohibit
+                                execution of any non-native
+                                binaries. When a binary executes a
+                                system call of an architecture that is
+                                not listed in this setting, it will be
+                                immediately terminated with the SIGSYS
+                                signal.</para></listitem>
+                        </varlistentry>
+
+
                          <varlistentry>
                                  <term><varname>TimerSlackNSec=</varname></term>
  
                          <varlistentry>
                                  <term><varname>TimerSlackNSec=</varname></term>
  
@@ -262,6 +279,83 @@
                                  too.</para></listitem>
                          </varlistentry>
  
                                  too.</para></listitem>
                          </varlistentry>
  
+                        <varlistentry>
+                                <term><varname>DefaultTimeoutStartSec=</varname></term>
+                                <term><varname>DefaultTimeoutStopSec=</varname></term>
+                                <term><varname>DefaultRestartSec=</varname></term>
+
+                                <listitem><para>Configures the default
+                                timeouts for starting and stopping of
+                                units, as well as the default time to
+                                sleep between automatic restarts of
+                                units, as configured per-unit in
+                                <varname>TimeoutStartSec=</varname>,
+                                <varname>TimeoutStopSec=</varname> and
+                                <varname>RestartSec=</varname> (for
+                                services, see
+                                <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+                                for details on the per-unit
+                                settings). For non-service units,
+                                <varname>DefaultTimeoutStartSec=</varname>
+                                sets the default
+                                <varname>TimeoutSec=</varname> value.
+                                </para></listitem>
+                        </varlistentry>
+
+                        <varlistentry>
+                                <term><varname>DefaultStartLimitInterval=</varname></term>
+                                <term><varname>DefaultStartLimitBurst=</varname></term>
+
+                                <listitem><para>Configure the default
+                                unit start rate limiting, as
+                                configured per-service by
+                                <varname>StartLimitInterval=</varname>
+                                and
+                                <varname>StartLimitBurst=</varname>. See
+                                <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+                                for details on the per-service
+                                settings.</para></listitem>
+                        </varlistentry>
+
+                        <varlistentry>
+                                <term><varname>DefaultEnvironment=</varname></term>
+
+                                <listitem><para>Sets manager
+                                environment variables passed to all
+                                executed processes. Takes a
+                                space-separated list of variable
+                                assignments. See
+                                <citerefentry><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+                                for details about environment
+                                variables.</para>
+
+                                <para>Example:
+
+                                <programlisting>DefaultEnvironment="VAR1=word1 word2" VAR2=word3 "VAR3=word 5 6"</programlisting>
+
+                                Sets three variables
+                                <literal>VAR1</literal>,
+                                <literal>VAR2</literal>,
+                                <literal>VAR3</literal>.</para></listitem>
+                        </varlistentry>
+
+                        <varlistentry>
+                                <term><varname>DefaultCPUAccounting=</varname></term>
+                                <term><varname>DefaultBlockIOAccounting=</varname></term>
+                                <term><varname>DefaultMemoryAccounting=</varname></term>
+
+                                <listitem><para>Configure the default
+                                resource accounting settings, as
+                                configured per-unit by
+                                <varname>CPUAccounting=</varname>,
+                                <varname>BlockIOAccounting=</varname>
+                                and
+                                <varname>MemoryAccounting=</varname>. See
+                                <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+                                for details on the per-unit
+                                settings.</para></listitem>
+                        </varlistentry>
+
                          <varlistentry>
                                  <term><varname>DefaultLimitCPU=</varname></term>
                                  <term><varname>DefaultLimitFSIZE=</varname></term>
                          <varlistentry>
                                  <term><varname>DefaultLimitCPU=</varname></term>
                                  <term><varname>DefaultLimitFSIZE=</varname></term>
@@ -302,7 +396,11 @@
                    <title>See Also</title>
                    <para>
                            <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
                    <title>See Also</title>
                    <para>
                            <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
-                          <citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+                          <citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
+                          <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+                          <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+                          <citerefentry><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
+                          <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
                    </para>
          </refsect1>
  
                    </para>
          </refsect1>