<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
which define the execution environment the commands
are executed in, and in
- <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
which define the way the processes of the service are
- terminated.</para>
+ terminated, and in
+ <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ which configure resource control settings for the
+ processes of the service.</para>
<para>Unless <varname>DefaultDependencies=</varname>
is set to <option>false</option>, service units will
<para>If set to
<option>simple</option> (the default
value if <varname>BusName=</varname>
- is not specified) it is expected that
+ is not specified), it is expected that
the process configured with
<varname>ExecStart=</varname> is the
main process of the service. In this
mode, if the process offers
functionality to other processes on
- the system its communication channels
+ the system, its communication channels
should be installed before the daemon
is started up (e.g. sockets set up by
systemd, via socket activation), as
starting follow-up units.</para>
<para>If set to
- <option>forking</option> it is
+ <option>forking</option>, it is
expected that the process configured
with <varname>ExecStart=</varname>
will call <function>fork()</function>
as part of its start-up. The parent process is
expected to exit when start-up is
complete and all communication
- channels set up. The child continues
+ channels are set up. The child continues
to run as the main daemon
process. This is the behavior of
traditional UNIX daemons. If this
starting up. systemd will proceed
starting follow-up units after this
notification message has been sent. If
- this option is used
+ this option is used,
<varname>NotifyAccess=</varname> (see
below) should be set to open access to
the notification socket provided by
systemd. If
<varname>NotifyAccess=</varname> is
not set, it will be implicitly set to
- <option>main</option>.</para>
+ <option>main</option>. Note that
+ currently
+ <varname>Type=</varname><option>notify</option>
+ will not work if used in combination with
+ <varname>PrivateNetwork=</varname><option>yes</option>.</para>
<para>Behavior of
<option>idle</option> is very similar
guessing algorithm might come to
incorrect conclusions if a daemon
consists of more than one process. If
- the main PID cannot be determined
+ the main PID cannot be determined,
failure detection and automatic
restarting of a service will not work
reliably. Defaults to
<term><varname>ExecStart=</varname></term>
<listitem><para>Commands with their
arguments that are executed when this
- service is started. The first
- argument must be an absolute path
- name.</para>
+ service is started. For each of the
+ specified commands, the first argument
+ must be an absolute and literal path
+ to an executable.</para>
<para>When <varname>Type</varname> is
not <option>oneshot</option>, only one
suitable for XDG
<filename>.desktop</filename> files.
Lone semicolons may be escaped as
- '<literal>\;</literal>'. If the empty
- string is assigned to this option the
+ <literal>\;</literal>. If the empty
+ string is assigned to this option, the
list of commands to start is reset,
prior assignments of this option will
have no effect.</para>
+ <para>Each command line is split on
+ whitespace, with the first item being
+ the command to execute, and the
+ subsequent items being the arguments.
+ Double quotes ("...") and single
+ quotes ('...') may be used, in which
+ case everything until the next
+ matching quote becomes part of the
+ same argument. Quotes themselves are
+ removed after parsing. In addition, a
+ trailing backslash
+ (<literal>\</literal>) may be used to
+ merge lines. This syntax is intended
+ to be very similar to shell syntax,
+ but only the meta-characters and
+ expansions described in the following
+ paragraphs are understood.
+ Specifically, redirection using
+ <literal><</literal>,
+ <literal><<</literal>,
+ <literal>></literal>, and
+ <literal>>></literal>, pipes
+ using <literal>|</literal>, and
+ running programs in the background
+ using <literal>&</literal>
+ and <emphasis>other elements of shell
+ syntax are not supported</emphasis>.
+ </para>
+
<para>If more than one command is
specified, the commands are invoked
one by one sequentially in the order
they appear in the unit file. If one
of the commands fails (and is not
- prefixed with '<literal>-</literal>'),
+ prefixed with <literal>-</literal>),
other lines are not executed and the
unit is considered failed.</para>
main process of the daemon.</para>
<para>The command line accepts
- '<literal>%</literal>' specifiers as
+ <literal>%</literal> specifiers as
described in
- <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Note
- that the first argument of the command
- line (i.e. the program to execute) may
- not include specifiers.</para>
+ <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ Note that the first argument of the
+ command line (i.e. the program to
+ execute) may not include
+ specifiers.</para>
<para>Basic environment variable
substitution is supported. Use
case it will be replaced by the value
of the environment variable split up
at whitespace, resulting in zero or
- more arguments. Note that the first
+ more arguments. To pass a literal dollar sign,
+ use <literal>$$</literal>. Note that the first
argument (i.e. the program to execute)
- may not be a variable, since it must
- be a literal and absolute path
- name.</para>
+ may not be a variable.</para>
<para>Optionally, if the absolute file
name is prefixed with
- '<literal>@</literal>', the second token
+ <literal>@</literal>, the second token
will be passed as
<literal>argv[0]</literal> to the
executed process, followed by the
further arguments specified. If the
- absolute file name is prefixed with
- '<literal>-</literal>' an exit code of
+ absolute filename is prefixed with
+ <literal>-</literal>, an exit code of
the command normally considered a
failure (i.e. non-zero exit status or
abnormal exit due to signal) is ignored
and considered success. If both
- '<literal>-</literal>' and
- '<literal>@</literal>' are used they
+ <literal>-</literal> and
+ <literal>@</literal> are used, they
can appear in either order.</para>
<para>Note that this setting does not
directly support shell command
lines. If shell command lines are to
- be used they need to be passed
+ be used, they need to be passed
explicitly to a shell implementation
of some kind. Example:</para>
<programlisting>ExecStart=/bin/sh -c 'dmesg | tac'
</programlisting>
- <para>For services run by a user
- instance of systemd the special
- environment variable
- <varname>$MANAGERPID</varname> is set
- to the PID of the systemd
- instance.</para>
- </listitem>
+ <para>Only select environment variables
+ are set for executed commands. See
+ <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ </para>
+
+ <para>Example:</para>
+ <programlisting>ExecStart=/bin/echo one ; /bin/echo "two two"
+ </programlisting>
+ <para>This will execute
+ <command>/bin/echo</command> two
+ times, each time with one argument,
+ <literal>one</literal> and
+ <literal>two two</literal>,
+ respectively. Since two commands are
+ specified
+ <varname>Type=oneshot</varname> must
+ be used.</para>
+
+ <para>Example:</para>
+ <programlisting>ExecStart=/bin/echo / >/dev/null & \; \
+/bin/ls
+ </programlisting>
+ <para>This will execute
+ <command>/bin/echo</command> with five
+ arguments: <literal>/</literal>,
+ <literal>>/dev/null</literal>,
+ <literal>&</literal>,
+ <literal>;</literal>, and
+ <literal>/bin/ls</literal>.</para>
+
+ <para>Example:</para>
+ <programlisting>Environment="ONE=one" 'TWO=two two'
+ExecStart=/bin/echo $ONE $TWO ${TWO}
+ </programlisting>
+ <para>This will execute
+ <command>/bin/echo</command> with four
+ arguments: <literal>one</literal>,
+ <literal>two</literal>,
+ <literal>two</literal>, and
+ <literal>two two</literal>.</para>
+ </listitem>
</varlistentry>
<varlistentry>
after the other, serially.</para>
<para>If any of those commands (not
- prefixed with '<literal>-</literal>')
+ prefixed with <literal>-</literal>)
fail, the rest are not executed and
the unit is considered failed.</para>
</listitem>
<varname>KillMode=</varname> setting
(see
<citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>). If
- this option is not specified the
+ this option is not specified, the
process is terminated right-away when
service stop is requested. Specifier
and environment variable substitution
was stopped. This includes cases where
the commands configured in
<varname>ExecStop=</varname> were used,
- where the service doesn't have any
+ where the service does not have any
<varname>ExecStop=</varname> defined, or
where the service exited unexpectedly. This
argument takes multiple command lines,
Takes a unit-less value in seconds, or a
time span value such as "5min
20s". Pass 0 to disable the timeout
- logic. Defaults to 90s, except when
+ logic. Defaults to <varname>TimeoutStartSec=</varname> from the
+ manager configuration file, except when
<varname>Type=oneshot</varname> is
- used in which case the timeout
+ used, in which case the timeout
is disabled by default.
</para></listitem>
</varlistentry>
wait for stop. If a service is asked
to stop but does not terminate in the
specified time, it will be terminated
- forcibly via SIGTERM, and after
+ forcibly via <constant>SIGTERM</constant>, and after
another delay of this time with
- SIGKILL (See
+ <constant>SIGKILL</constant> (See
<varname>KillMode=</varname>
in <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>).
Takes a unit-less value in seconds, or a
time span value such as "5min
20s". Pass 0 to disable the timeout
- logic. Defaults to 90s.
+ logic. Defaults to <varname>TimeoutStartSec=</varname> from the
+ manager configuration file.
</para></listitem>
</varlistentry>
regularly with "WATCHDOG=1" (i.e. the
"keep-alive ping"). If the time
between two such calls is larger than
- the configured time then the service
+ the configured time, then the service
is placed in a failure state. By
setting <varname>Restart=</varname> to
<option>on-failure</option> or
- <option>always</option> the service
+ <option>always</option>, the service
will be automatically restarted. The
time configured here will be passed to
the executed service process in the
daemons to automatically enable the
keep-alive pinging logic if watchdog
support is enabled for the service. If
- this option is used
+ this option is used,
<varname>NotifyAccess=</varname> (see
below) should be set to open access to
the notification socket provided by
<option>no</option>,
<option>on-success</option>,
<option>on-failure</option>,
+ <option>on-watchdog</option>,
<option>on-abort</option>, or
<option>always</option>. If set to
- <option>no</option> (the default) the
+ <option>no</option> (the default), the
service will not be restarted. If set to
- <option>on-success</option> it will be
+ <option>on-success</option>, it will be
restarted only when the service process
exits cleanly.
In this context, a clean exit means
an exit code of 0, or one of the signals
- SIGHUP, SIGINT, SIGTERM, or SIGPIPE, and
- additonally, exit statuses and signals
+ <constant>SIGHUP</constant>, <constant>SIGINT</constant>, <constant>SIGTERM</constant>, or <constant>SIGPIPE</constant>, and
+ additionally, exit statuses and signals
specified in <varname>SuccessExitStatus=</varname>.
- If set to <option>on-failure</option>
+ If set to <option>on-failure</option>,
the service will be restarted when the
process exits with an nonzero exit code,
is terminated by a signal (including on
service reload) times out, and when the
configured watchdog timeout is triggered.
If set to
- <option>on-abort</option> the service
+ <option>on-abort</option>, the service
will be restarted only if the service
process exits due to an uncaught
signal not specified as a clean exit
status.
If set to
- <option>always</option> the service
+ <option>on-watchdog</option>, the service
+ will be restarted only if the watchdog
+ timeout for the service expires.
+ If set to
+ <option>always</option>, the service
will be restarted regardless whether
it exited cleanly or not, got
terminated abnormally by a signal or
by the main service process will be
considered successful termination, in
addition to the normal successful exit
- code 0 and the signals SIGHUP, SIGINT,
- SIGTERM and SIGPIPE. Exit status
+ code 0 and the signals <constant>SIGHUP</constant>, <constant>SIGINT</constant>,
+ <constant>SIGTERM</constant> and <constant>SIGPIPE</constant>. Exit status
definitions can either be numeric exit
codes or termination signal names,
separated by spaces. Example:
- "<literal>SuccessExitStatus=1 2 8
- SIGKILL</literal>", ensures that exit
+ <literal>SuccessExitStatus=1 2 8
+ <constant>SIGKILL</constant></literal>, ensures that exit
codes 1, 2, 8 and the termination
- signal SIGKILL are considered clean
+ signal <constant>SIGKILL</constant> are considered clean
service terminations. This option may
appear more than once in which case
the list of successful exit statuses
is merged. If the empty string is
- assigned to this option the list is
+ assigned to this option, the list is
reset, all prior assignments of this
option will have no
effect.</para></listitem>
that by default no exit status is
excluded from the configured restart
logic. Example:
- "<literal>RestartPreventExitStatus=1 6
- SIGABRT</literal>", ensures that exit
+ <literal>RestartPreventExitStatus=1 6
+ SIGABRT</literal>, ensures that exit
codes 1 and 6 and the termination
signal SIGABRT will not result in
automatic service restarting. This
option may appear more than once in
which case the list of restart preventing
statuses is merged. If the empty
- string is assigned to this option the
+ string is assigned to this option, the
list is reset, all prior assignments
of this option will have no
effect.</para></listitem>
<option>none</option> (the default),
<option>main</option> or
<option>all</option>. If
- <option>none</option> no daemon status
+ <option>none</option>, no daemon status
updates are accepted from the service
processes, all status update messages
- are ignored. If <option>main</option>
+ are ignored. If <option>main</option>,
only service updates sent from the
main process of the service are
- accepted. If <option>all</option> all
+ accepted. If <option>all</option>, all
services updates from all members of
the service's control group are
accepted. This option should be set to
<varname>Type=notify</varname> or
<varname>WatchdogSec=</varname> (see
above). If those options are used but
- <varname>NotifyAccess=</varname> not
- configured it will be implicitly set
+ <varname>NotifyAccess=</varname> is not
+ configured, it will be implicitly set
to
<option>main</option>.</para></listitem>
</varlistentry>
in other words: the
<varname>Service=</varname> setting of
<filename>.socket</filename> units
- doesn't have to match the inverse of
+ does not have to match the inverse of
the <varname>Sockets=</varname>
setting of the
<filename>.service</filename> it
<para>This option may appear more than
once, in which case the list of socket
units is merged. If the empty string
- is assigned to this option the list of
+ is assigned to this option, the list of
sockets is reset, all prior uses of
this setting will have no
effect.</para></listitem>
<term><varname>StartLimitBurst=</varname></term>
<listitem><para>Configure service
- start rate limiting. By default
+ start rate limiting. By default,
services which are started more often
than 5 times within 10s are not
permitted to start any more times
until the 10s interval ends. With
- these two options this rate limiting
+ these two options, this rate limiting
may be modified. Use
<varname>StartLimitInterval=</varname>
- to configure the checking interval
- (defaults to 10s, set to 0 to disable
+ to configure the checking interval (defaults to
+ <varname>DefaultStartLimitInterval=</varname> in
+ manager configuration file, set to 0 to disable
any kind of rate limiting). Use
<varname>StartLimitBurst=</varname> to
configure how many starts per interval
- are allowed (defaults to 5). These
+ are allowed (defaults to
+ <varname>DefaultStartLimitBurst=</varname> in
+ manager configuration file). These
configuration options are particularly
useful in conjunction with
<varname>Restart=</varname>, however
range 0-99.</para></listitem>
</varlistentry>
- <varlistentry>
- <term><varname>FsckPassNo=</varname></term>
- <listitem><para>Set the fsck passno
- priority to use to order this service
- in relation to other file system
- checking services. This option is only
- necessary to fix ordering in relation
- to fsck jobs automatically created for
- all <filename>/etc/fstab</filename>
- entries with a value in the fs_passno
- column > 0. As such it should only be
- used as option for fsck
- services. Almost always it is a better
- choice to add explicit ordering
- directives via
- <varname>After=</varname> or
- <varname>Before=</varname>,
- instead. For more details see
- <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. If
- used, pass an integer value in the
- same range as
- <filename>/etc/fstab</filename>'s
- fs_passno column. See
- <citerefentry><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>
- for details.</para></listitem>
- </varlistentry>
-
</variablelist>
</refsect1>
<citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>
</para>
~ianmdlvl / elogind.git / blobdiff