chiark / gitweb /
core: add a setting to globally control the default for timer unit accuracy
[elogind.git] / man / systemd-system.conf.xml
index fd898f7..e2b2bd8 100644 (file)
                         </varlistentry>
 
                         <varlistentry>
-                                <term><varname>DefaultTimeoutStartSec=</varname></term>
-                                <term><varname>DefaultTimeoutStopSec=</varname></term>
-                                <term><varname>DefaultRestartSec=</varname></term>
-
-                                <listitem><para>Configures the default
-                                time-outs for starting and stopping of
-                                units, as well as the default time to
-                                sleep between automatic restarts of
-                                units, as configured per-unit in
-                                <varname>TimeoutStartSec=</varname>,
-                                <varname>TimeoutStopSec=</varname> and
-                                <varname>RestartSec=</varname> (for
-                                service units, see
-                                <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                                for details on the per-unit
-                                settings). For non-service units,
-                                <varname>DefaultTimeoutStartSec=</varname>
-                                sets the default
-                                <varname>TimeoutSec=</varname> value.
-                                </para></listitem>
-                        </varlistentry>
-                        <varlistentry>
-                                <term><varname>DefaultStartLimitInterval=</varname></term>
-                                <term><varname>DefaultStartLimitBurst=</varname></term>
-
-                                <listitem><para>Configure the default start rate
-                                limiting, as configured per-service by
-                                <varname>StartLimitInterval=</varname> and
-                                <varname>StartLimitBurst=</varname>. See
-                                <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
-                                for details on the per-service
-                                settings).
-                                </para></listitem>
-                        </varlistentry>
-
-                        <varlistentry>
                                 <term><varname>CPUAffinity=</varname></term>
 
                                 <listitem><para>Configures the initial
                                 CPU affinity for the init
                                 process. Takes a space-separated list
-                                of CPU indexes.</para></listitem>
+                                of CPU indices.</para></listitem>
                         </varlistentry>
 
                         <varlistentry>
                         </varlistentry>
 
                         <varlistentry>
+                                <term><varname>SystemCallArchitectures=</varname></term>
+
+                                <listitem><para>Takes a
+                                space-separated list of architecture
+                                identifiers. Selects from which
+                                architectures system calls may be
+                                invoked on this system. This may be
+                                used as an effective way to disable
+                                invocation of non-native binaries
+                                system-wide, for example to prohibit
+                                execution of 32-bit x86 binaries on
+                                64-bit x86-64 systems. This option
+                                operates system-wide, and acts
+                                similar to the
+                                <varname>SystemCallArchitectures=</varname>
+                                setting of unit files, see
+                                <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+                                for details. This setting defaults to
+                                the empty list, in which case no
+                                filtering of system calls based on
+                                architecture is applied. Known
+                                architecture identifiers are
+                                <literal>x86</literal>,
+                                <literal>x86-64</literal>,
+                                <literal>x32</literal>,
+                                <literal>arm</literal> and the special
+                                identifier
+                                <literal>native</literal>. The latter
+                                implicitly maps to the native
+                                architecture of the system (or more
+                                specifically, the architecture the
+                                system manager was compiled for). Set
+                                this setting to
+                                <literal>native</literal> to prohibit
+                                execution of any non-native
+                                binaries. When a binary executes a
+                                system call of an architecture that is
+                                not listed in this setting, it will be
+                                immediately terminated with the SIGSYS
+                                signal.</para></listitem>
+                        </varlistentry>
+
+
+                        <varlistentry>
                                 <term><varname>TimerSlackNSec=</varname></term>
 
                                 <listitem><para>Sets the timer slack
-                                in nanoseconds for PID 1 which is then
-                                inherited to all executed processes,
+                                in nanoseconds for PID 1, which is
+                                inherited by all executed processes,
                                 unless overridden individually, for
                                 example with the
                                 <varname>TimerSlackNSec=</varname>
                                 see
                                 <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>). The
                                 timer slack controls the accuracy of
-                                wake-ups triggered by timers. See
+                                wake-ups triggered by system
+                                timers. See
                                 <citerefentry><refentrytitle>prctl</refentrytitle><manvolnum>2</manvolnum></citerefentry>
                                 for more information. Note that in
                                 contrast to most other time span
                         </varlistentry>
 
                         <varlistentry>
+                                <term><varname>DefaultTimerAccuracySec=</varname></term>
+
+                                <listitem><para>Sets the default
+                                accuracy of timer units. This controls
+                                the global default for the
+                                <varname>AccuracySec=</varname>
+                                setting of timer units, see
+                                <citerefentry><refentrytitle>systemd.timer</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+                                for
+                                details. <varname>AccuracySec=</varname>
+                                set in individual units override the
+                                global default for the specific
+                                unit. Defaults to 1min. Note that the
+                                accuracy of timer units is also
+                                affected by the configured timer slack
+                                for PID 1, see
+                                <varname>TimerSlackNSec=</varname>
+                                above.</para></listitem>
+                        </varlistentry>
+
+                        <varlistentry>
+                                <term><varname>DefaultTimeoutStartSec=</varname></term>
+                                <term><varname>DefaultTimeoutStopSec=</varname></term>
+                                <term><varname>DefaultRestartSec=</varname></term>
+
+                                <listitem><para>Configures the default
+                                timeouts for starting and stopping of
+                                units, as well as the default time to
+                                sleep between automatic restarts of
+                                units, as configured per-unit in
+                                <varname>TimeoutStartSec=</varname>,
+                                <varname>TimeoutStopSec=</varname> and
+                                <varname>RestartSec=</varname> (for
+                                services, see
+                                <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+                                for details on the per-unit
+                                settings). For non-service units,
+                                <varname>DefaultTimeoutStartSec=</varname>
+                                sets the default
+                                <varname>TimeoutSec=</varname> value.
+                                </para></listitem>
+                        </varlistentry>
+
+                        <varlistentry>
+                                <term><varname>DefaultStartLimitInterval=</varname></term>
+                                <term><varname>DefaultStartLimitBurst=</varname></term>
+
+                                <listitem><para>Configure the default
+                                unit start rate limiting, as
+                                configured per-service by
+                                <varname>StartLimitInterval=</varname>
+                                and
+                                <varname>StartLimitBurst=</varname>. See
+                                <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+                                for details on the per-service
+                                settings.</para></listitem>
+                        </varlistentry>
+
+                        <varlistentry>
                                 <term><varname>DefaultEnvironment=</varname></term>
 
                                 <listitem><para>Sets manager
                         </varlistentry>
 
                         <varlistentry>
+                                <term><varname>DefaultCPUAccounting=</varname></term>
+                                <term><varname>DefaultBlockIOAccounting=</varname></term>
+                                <term><varname>DefaultMemoryAccounting=</varname></term>
+
+                                <listitem><para>Configure the default
+                                resource accounting settings, as
+                                configured per-unit by
+                                <varname>CPUAccounting=</varname>,
+                                <varname>BlockIOAccounting=</varname>
+                                and
+                                <varname>MemoryAccounting=</varname>. See
+                                <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+                                for details on the per-unit
+                                settings.</para></listitem>
+                        </varlistentry>
+
+                        <varlistentry>
                                 <term><varname>DefaultLimitCPU=</varname></term>
                                 <term><varname>DefaultLimitFSIZE=</varname></term>
                                 <term><varname>DefaultLimitDATA=</varname></term>
                   <para>
                           <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
                           <citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
-                          <citerefentry><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
+                          <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+                          <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+                          <citerefentry><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
+                          <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
                   </para>
         </refsect1>