X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=man%2Fsystemd-system.conf.xml;h=7137fdb07df3f564303e956be6409299b89040a2;hp=dfb180cc54c0dfb9649ca5ee38cdc605bcf6b468;hb=798d3a524ea57aaf40cb53858aaa45ec702f012d;hpb=35888b67f77fa7a5cae0973403cb97aa30cad70c diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml index dfb180cc5..7137fdb07 100644 --- a/man/systemd-system.conf.xml +++ b/man/systemd-system.conf.xml @@ -1,7 +1,7 @@ + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> - - systemd-system.conf - systemd - - - - Developer - Lennart - Poettering - lennart@poettering.net - - - - - - systemd-system.conf - 5 - - - - systemd-system.conf - system.conf.d - systemd-user.conf - user.conf.d - System and session service manager configuration files - - - - /etc/systemd/system.conf - /etc/systemd/system.conf.d/*.conf - /run/systemd/system.conf.d/*.conf - /usr/lib/systemd/system.conf.d/*.conf - /etc/systemd/user.conf - /etc/systemd/user.conf.d/*.conf - /run/systemd/user.conf.d/*.conf - /usr/lib/systemd/user.conf.d/*.conf - - - - Description - - When run as a system instance, systemd interprets the - configuration file system.conf and the - files in system.conf.d directories; when - run as a user instance, systemd interprets the configuration - file user.conf and the files in - user.conf.d directories. These - configuration files contain a few settings controlling - basic manager operations. - - - - - - - Options - - All options are configured in the - [Manager] section: - - - - - LogLevel= - LogTarget= - LogColor= - LogLocation= - DumpCore=yes - CrashShell=no - ShowStatus=yes - CrashChVT=1 - DefaultStandardOutput=journal - DefaultStandardError=inherit - - Configures various - parameters of basic manager - operation. These options may be - overridden by the respective command - line arguments. See - systemd1 - for details about these command line - arguments. - - - - CPUAffinity= - - Configures the initial - CPU affinity for the init - process. Takes a space-separated list - of CPU indices. - - - - JoinControllers=cpu,cpuacct net_cls,netprio - - Configures controllers - that shall be mounted in a single - hierarchy. By default, systemd will - mount all controllers which are - enabled in the kernel in individual - hierarchies, with the exception of - those listed in this setting. Takes a - space-separated list of comma-separated - controller names, in order - to allow multiple joined - hierarchies. Defaults to - 'cpu,cpuacct'. Pass an empty string to - ensure that systemd mounts all - controllers in separate - hierarchies. - - Note that this option is only - applied once, at very early boot. If - you use an initial RAM disk (initrd) - that uses systemd, it might hence be - necessary to rebuild the initrd if - this option is changed, and make sure - the new configuration file is included - in it. Otherwise, the initrd might - mount the controller hierarchies in a - different configuration than intended, - and the main system cannot remount - them anymore. - - - - RuntimeWatchdogSec= - ShutdownWatchdogSec= - - Configure the hardware - watchdog at runtime and at - reboot. Takes a timeout value in - seconds (or in other time units if - suffixed with ms, - min, - h, - d, - w). If - RuntimeWatchdogSec= - is set to a non-zero value, the - watchdog hardware - (/dev/watchdog) - will be programmed to automatically - reboot the system if it is not - contacted within the specified timeout - interval. The system manager will - ensure to contact it at least once in - half the specified timeout - interval. This feature requires a - hardware watchdog device to be - present, as it is commonly the case in - embedded and server systems. Not all - hardware watchdogs allow configuration - of the reboot timeout, in which case - the closest available timeout is - picked. ShutdownWatchdogSec= - may be used to configure the hardware - watchdog when the system is asked to - reboot. It works as a safety net to - ensure that the reboot takes place - even if a clean reboot attempt times - out. By default - RuntimeWatchdogSec= - defaults to 0 (off), and - ShutdownWatchdogSec= - to 10min. These settings have no - effect if a hardware watchdog is not - available. - - - - CapabilityBoundingSet= - - Controls which - capabilities to include in the - capability bounding set for PID 1 and - its children. See - capabilities7 - for details. Takes a whitespace-separated - list of capability names as read by - cap_from_name3. - Capabilities listed will be included - in the bounding set, all others are - removed. If the list of capabilities - is prefixed with ~, all but the listed - capabilities will be included, the - effect of the assignment - inverted. Note that this option also - affects the respective capabilities in - the effective, permitted and - inheritable capability sets. The - capability bounding set may also be - individually configured for units - using the - CapabilityBoundingSet= - directive for units, but note that - capabilities dropped for PID 1 cannot - be regained in individual units, they - are lost for good. - - - - SystemCallArchitectures= - - Takes a - space-separated list of architecture - identifiers. Selects from which - architectures system calls may be - invoked on this system. This may be - used as an effective way to disable - invocation of non-native binaries - system-wide, for example to prohibit - execution of 32-bit x86 binaries on - 64-bit x86-64 systems. This option - operates system-wide, and acts - similar to the - SystemCallArchitectures= - setting of unit files, see - systemd.exec5 - for details. This setting defaults to - the empty list, in which case no - filtering of system calls based on - architecture is applied. Known - architecture identifiers are - x86, - x86-64, - x32, - arm and the special - identifier - native. The latter - implicitly maps to the native - architecture of the system (or more - specifically, the architecture the - system manager was compiled for). Set - this setting to - native to prohibit - execution of any non-native - binaries. When a binary executes a - system call of an architecture that is - not listed in this setting, it will be - immediately terminated with the SIGSYS - signal. - - - - TimerSlackNSec= - - Sets the timer slack - in nanoseconds for PID 1, which is - inherited by all executed processes, - unless overridden individually, for - example with the - TimerSlackNSec= - setting in service units (for details - see - systemd.exec5). The - timer slack controls the accuracy of - wake-ups triggered by system - timers. See - prctl2 - for more information. Note that in - contrast to most other time span - definitions this parameter takes an - integer value in nano-seconds if no - unit is specified. The usual time - units are understood - too. - - - - DefaultTimerAccuracySec= - - Sets the default - accuracy of timer units. This controls - the global default for the - AccuracySec= - setting of timer units, see - systemd.timer5 - for - details. AccuracySec= - set in individual units override the - global default for the specific - unit. Defaults to 1min. Note that the - accuracy of timer units is also - affected by the configured timer slack - for PID 1, see - TimerSlackNSec= - above. - - - - DefaultTimeoutStartSec= - DefaultTimeoutStopSec= - DefaultRestartSec= - - Configures the default - timeouts for starting and stopping of - units, as well as the default time to - sleep between automatic restarts of - units, as configured per-unit in - TimeoutStartSec=, - TimeoutStopSec= and - RestartSec= (for - services, see - systemd.service5 - for details on the per-unit - settings). For non-service units, - DefaultTimeoutStartSec= - sets the default - TimeoutSec= value. - - - - - DefaultStartLimitInterval= - DefaultStartLimitBurst= - - Configure the default - unit start rate limiting, as - configured per-service by - StartLimitInterval= - and - StartLimitBurst=. See - systemd.service5 - for details on the per-service - settings. - - - - DefaultEnvironment= - - Sets manager - environment variables passed to all - executed processes. Takes a - space-separated list of variable - assignments. See - environ7 - for details about environment - variables. - - Example: - - DefaultEnvironment="VAR1=word1 word2" VAR2=word3 "VAR3=word 5 6" - - Sets three variables - VAR1, - VAR2, - VAR3. - - - - DefaultCPUAccounting= - DefaultBlockIOAccounting= - DefaultMemoryAccounting= - - Configure the default - resource accounting settings, as - configured per-unit by - CPUAccounting=, - BlockIOAccounting= - and - MemoryAccounting=. See - systemd.resource-control5 - for details on the per-unit - settings. - - - - DefaultLimitCPU= - DefaultLimitFSIZE= - DefaultLimitDATA= - DefaultLimitSTACK= - DefaultLimitCORE= - DefaultLimitRSS= - DefaultLimitNOFILE= - DefaultLimitAS= - DefaultLimitNPROC= - DefaultLimitMEMLOCK= - DefaultLimitLOCKS= - DefaultLimitSIGPENDING= - DefaultLimitMSGQUEUE= - DefaultLimitNICE= - DefaultLimitRTPRIO= - DefaultLimitRTTIME= - - These settings control - various default resource limits for - units. See - setrlimit2 - for details. Use the string - infinity to - configure no limit on a specific - resource. These settings may be - overridden in individual units - using the corresponding LimitXXX= - directives. Note that these resource - limits are only defaults for units, - they are not applied to PID 1 - itself. - - - - - - See Also - - systemd1, - systemd.directives7, - systemd.exec5, - systemd.service5, - environ7, - capabilities7 - - + xmlns:xi="http://www.w3.org/2001/XInclude"> + + systemd-system.conf + systemd + + + + Developer + Lennart + Poettering + lennart@poettering.net + + + + + + systemd-system.conf + 5 + + + + systemd-system.conf + system.conf.d + systemd-user.conf + user.conf.d + System and session service manager configuration files + + + + /etc/systemd/system.conf + /etc/systemd/system.conf.d/*.conf + /run/systemd/system.conf.d/*.conf + /usr/lib/systemd/system.conf.d/*.conf + /etc/systemd/user.conf + /etc/systemd/user.conf.d/*.conf + /run/systemd/user.conf.d/*.conf + /usr/lib/systemd/user.conf.d/*.conf + + + + Description + + When run as a system instance, systemd interprets the + configuration file system.conf and the files + in system.conf.d directories; when run as a + user instance, systemd interprets the configuration file + user.conf and the files in + user.conf.d directories. These configuration + files contain a few settings controlling basic manager + operations. + + + + + + + Options + + All options are configured in the + [Manager] section: + + + + + LogLevel= + LogTarget= + LogColor= + LogLocation= + DumpCore=yes + CrashShell=no + ShowStatus=yes + CrashChVT=1 + DefaultStandardOutput=journal + DefaultStandardError=inherit + + Configures various parameters of basic manager + operation. These options may be overridden by the respective + command line arguments. See + systemd1 + for details about these command line + arguments. + + + + CPUAffinity= + + Configures the initial CPU affinity for the + init process. Takes a space-separated list of CPU + indices. + + + + JoinControllers=cpu,cpuacct net_cls,netprio + + Configures controllers that shall be mounted + in a single hierarchy. By default, systemd will mount all + controllers which are enabled in the kernel in individual + hierarchies, with the exception of those listed in this + setting. Takes a space-separated list of comma-separated + controller names, in order to allow multiple joined + hierarchies. Defaults to 'cpu,cpuacct'. Pass an empty string + to ensure that systemd mounts all controllers in separate + hierarchies. + + Note that this option is only applied once, at very + early boot. If you use an initial RAM disk (initrd) that uses + systemd, it might hence be necessary to rebuild the initrd if + this option is changed, and make sure the new configuration + file is included in it. Otherwise, the initrd might mount the + controller hierarchies in a different configuration than + intended, and the main system cannot remount them + anymore. + + + + RuntimeWatchdogSec= + ShutdownWatchdogSec= + + Configure the hardware watchdog at runtime and + at reboot. Takes a timeout value in seconds (or in other time + units if suffixed with ms, + min, h, + d, w). If + RuntimeWatchdogSec= is set to a non-zero + value, the watchdog hardware + (/dev/watchdog) will be programmed to + automatically reboot the system if it is not contacted within + the specified timeout interval. The system manager will ensure + to contact it at least once in half the specified timeout + interval. This feature requires a hardware watchdog device to + be present, as it is commonly the case in embedded and server + systems. Not all hardware watchdogs allow configuration of the + reboot timeout, in which case the closest available timeout is + picked. ShutdownWatchdogSec= may be used to + configure the hardware watchdog when the system is asked to + reboot. It works as a safety net to ensure that the reboot + takes place even if a clean reboot attempt times out. By + default RuntimeWatchdogSec= defaults to 0 + (off), and ShutdownWatchdogSec= to 10min. + These settings have no effect if a hardware watchdog is not + available. + + + + CapabilityBoundingSet= + + Controls which capabilities to include in the + capability bounding set for PID 1 and its children. See + capabilities7 + for details. Takes a whitespace-separated list of capability + names as read by + cap_from_name3. + Capabilities listed will be included in the bounding set, all + others are removed. If the list of capabilities is prefixed + with ~, all but the listed capabilities will be included, the + effect of the assignment inverted. Note that this option also + affects the respective capabilities in the effective, + permitted and inheritable capability sets. The capability + bounding set may also be individually configured for units + using the CapabilityBoundingSet= directive + for units, but note that capabilities dropped for PID 1 cannot + be regained in individual units, they are lost for + good. + + + + SystemCallArchitectures= + + Takes a space-separated list of architecture + identifiers. Selects from which architectures system calls may + be invoked on this system. This may be used as an effective + way to disable invocation of non-native binaries system-wide, + for example to prohibit execution of 32-bit x86 binaries on + 64-bit x86-64 systems. This option operates system-wide, and + acts similar to the + SystemCallArchitectures= setting of unit + files, see + systemd.exec5 + for details. This setting defaults to the empty list, in which + case no filtering of system calls based on architecture is + applied. Known architecture identifiers are + x86, x86-64, + x32, arm and the special + identifier native. The latter implicitly + maps to the native architecture of the system (or more + specifically, the architecture the system manager was compiled + for). Set this setting to native to + prohibit execution of any non-native binaries. When a binary + executes a system call of an architecture that is not listed + in this setting, it will be immediately terminated with the + SIGSYS signal. + + + + TimerSlackNSec= + + Sets the timer slack in nanoseconds for PID 1, + which is inherited by all executed processes, unless + overridden individually, for example with the + TimerSlackNSec= setting in service units + (for details see + systemd.exec5). + The timer slack controls the accuracy of wake-ups triggered by + system timers. See + prctl2 + for more information. Note that in contrast to most other time + span definitions this parameter takes an integer value in + nano-seconds if no unit is specified. The usual time units are + understood too. + + + + DefaultTimerAccuracySec= + + Sets the default accuracy of timer units. This + controls the global default for the + AccuracySec= setting of timer units, see + systemd.timer5 + for details. AccuracySec= set in individual + units override the global default for the specific unit. + Defaults to 1min. Note that the accuracy of timer units is + also affected by the configured timer slack for PID 1, see + TimerSlackNSec= above. + + + + DefaultTimeoutStartSec= + DefaultTimeoutStopSec= + DefaultRestartSec= + + Configures the default timeouts for starting + and stopping of units, as well as the default time to sleep + between automatic restarts of units, as configured per-unit in + TimeoutStartSec=, + TimeoutStopSec= and + RestartSec= (for services, see + systemd.service5 + for details on the per-unit settings). For non-service units, + DefaultTimeoutStartSec= sets the default + TimeoutSec= value. + + + + DefaultStartLimitInterval= + DefaultStartLimitBurst= + + Configure the default unit start rate + limiting, as configured per-service by + StartLimitInterval= and + StartLimitBurst=. See + systemd.service5 + for details on the per-service settings. + + + + DefaultEnvironment= + + Sets manager environment variables passed to + all executed processes. Takes a space-separated list of + variable assignments. See + environ7 + for details about environment variables. + + Example: + + DefaultEnvironment="VAR1=word1 word2" VAR2=word3 "VAR3=word 5 6" + + Sets three variables + VAR1, + VAR2, + VAR3. + + + + DefaultCPUAccounting= + DefaultBlockIOAccounting= + DefaultMemoryAccounting= + + Configure the default resource accounting + settings, as configured per-unit by + CPUAccounting=, + BlockIOAccounting= and + MemoryAccounting=. See + systemd.resource-control5 + for details on the per-unit settings. + + + + DefaultLimitCPU= + DefaultLimitFSIZE= + DefaultLimitDATA= + DefaultLimitSTACK= + DefaultLimitCORE= + DefaultLimitRSS= + DefaultLimitNOFILE= + DefaultLimitAS= + DefaultLimitNPROC= + DefaultLimitMEMLOCK= + DefaultLimitLOCKS= + DefaultLimitSIGPENDING= + DefaultLimitMSGQUEUE= + DefaultLimitNICE= + DefaultLimitRTPRIO= + DefaultLimitRTTIME= + + These settings control various default + resource limits for units. See + setrlimit2 + for details. Use the string infinity to + configure no limit on a specific resource. These settings may + be overridden in individual units using the corresponding + LimitXXX= directives. Note that these resource limits are only + defaults for units, they are not applied to PID 1 + itself. + + + + + + See Also + + systemd1, + systemd.directives7, + systemd.exec5, + systemd.service5, + environ7, + capabilities7 + +