X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=man%2Fsystemd.service.xml;h=da9079cbb8dfe37aafeae9c534711e7eeb50af0b;hp=be9bdcaf99689d5e03d34ac3090f6ce0fdcebfca;hb=85a8eeee36b57c1ab382b0225fa9a87525bbeee9;hpb=bcddd5bf8033b0c9cb15a9d017b7714ebe21473a
diff --git a/man/systemd.service.xml b/man/systemd.service.xml
index be9bdcaf9..da9079cbb 100644
--- a/man/systemd.service.xml
+++ b/man/systemd.service.xml
@@ -139,9 +139,10 @@
If set to
(the default
- value if neither
+ if neither
Type= nor
- BusName= are
+ BusName=, but
+ ExecStart= are
specified), it is expected that the
process configured with
ExecStart= is the
@@ -177,13 +178,17 @@
exits.Behavior of
- is similar
- to ; however,
- it is expected that the process has to
+ is similar to
+ ; however, it
+ is expected that the process has to
exit before systemd starts follow-up
units. RemainAfterExit=
is particularly useful for this type
- of service.
+ of service. This is the implied
+ default if neither
+ Type= or
+ ExecStart= are
+ specified.
Behavior of
is similar to
@@ -296,9 +301,48 @@
as. This option is mandatory for
services where
Type= is set to
- , but its use
- is otherwise recommended if the process
- takes a name on the D-Bus bus.
+ .
+
+
+
+
+ BusPolicy=
+
+ If specified, a custom
+ kdbus
+ endpoint will be created and installed as the
+ default bus node for the service. Such a custom
+ endpoint can hold an own set of policy rules
+ that are enforced on top of the bus-wide ones.
+ The custom endpoint is named after the service
+ it was created for, and its node will be
+ bind-mounted over the default bus node
+ location, so the service can only access the
+ bus through its own endpoint. Note that custom
+ bus endpoints default to a 'deny all' policy.
+ Hence, if at least one
+ BusPolicy= directive is
+ given, you have to make sure to add explicit
+ rules for everything the service should be able
+ to do.
+ The value of this directive is comprised
+ of two parts; the bus name, and a verb to
+ specify to granted access, which is one of
+ ,
+ , or
+ .
+ implies
+ , and
+ implies both and
+ .
+ If multiple access levels are specified for the
+ same bus name, the most powerful one takes
+ effect.
+
+ Examples:
+ BusPolicy=org.freedesktop.systemd1 talk
+ BusPolicy=org.foo.bar see
+ This option is only available on kdbus enabled systems.
@@ -306,67 +350,59 @@
ExecStart=Commands with their
arguments that are executed when this
- service is started. For each of the
- specified commands, the first argument
- must be an absolute and literal path
- to an executable.
+ service is started. The value is split
+ into zero or more command lines is
+ according to the rules described below
+ (see section "Command Lines" below).
+
When Type is
not , only one
- command may be given. When
+ command may and must be given. When
Type=oneshot is
- used, more than one command may be
- specified. Multiple command lines may
- be concatenated in a single directive
- by separating them with semicolons
- (these semicolons must be passed as
- separate words). Alternatively, this
- directive may be specified more than
- once with the same effect.
- Lone semicolons may be escaped as
- \;. If the empty
- string is assigned to this option, the
- list of commands to start is reset,
- prior assignments of this option will
- have no effect.
-
- Each command line is split on
- whitespace, with the first item being
- the command to execute, and the
- subsequent items being the arguments.
- Double quotes ("...") and single
- quotes ('...') may be used, in which
- case everything until the next
- matching quote becomes part of the
- same argument. Quotes themselves are
- removed after parsing. In addition, a
- trailing backslash
- (\) may be used to
- merge lines. This syntax is intended
- to be very similar to shell syntax,
- but only the meta-characters and
- expansions described in the following
- paragraphs are understood.
- Specifically, redirection using
- <,
- <<,
- >, and
- >>, pipes
- using |, and
- running programs in the background
- using &
- and other elements of shell
- syntax are not supported.
-
+ used, zero or more commands may be
+ specified. This can be specified by
+ providing multiple command lines in
+ the same directive, or alternatively,
+ this directive may be specified more
+ than once with the same effect. If the
+ empty string is assigned to this
+ option, the list of commands to start
+ is reset, prior assignments of this
+ option will have no effect. If no
+ ExecStart= is
+ specified, then the service must have
+ RemainAfterExit=yes
+ set.
+
+ For each of the specified
+ commands, the first argument must be
+ an absolute and literal path to an
+ executable. Optionally, if the
+ absolute file name is prefixed with
+ @, the second token
+ will be passed as
+ argv[0] to the
+ executed process, followed by the
+ further arguments specified. If the
+ absolute filename is prefixed with
+ -, an exit code of
+ the command normally considered a
+ failure (i.e. non-zero exit status or
+ abnormal exit due to signal) is
+ ignored and considered success. If
+ both - and
+ @ are used, they
+ can appear in either order.If more than one command is
specified, the commands are invoked
sequentially in the order they appear
in the unit file. If one of the
commands fails (and is not prefixed
- with -), other lines
- are not executed, and the unit is
- considered failed.
+ with -), other
+ lines are not executed, and the unit
+ is considered failed.
Unless
Type=forking is
@@ -374,106 +410,6 @@
command line will be considered the
main process of the daemon.
- The command line accepts
- % specifiers as
- described in
- systemd.unit5.
- Note that the first argument of the
- command line (i.e. the program to
- execute) may not include
- specifiers.
-
- Basic environment variable
- substitution is supported. Use
- ${FOO} as part of a
- word, or as a word of its own, on the
- command line, in which case it will be
- replaced by the value of the
- environment variable including all
- whitespace it contains, resulting in a
- single argument. Use
- $FOO as a separate
- word on the command line, in which
- case it will be replaced by the value
- of the environment variable split at
- whitespace, resulting in zero or more
- arguments. To pass a literal dollar
- sign, use $$.
- Variables whose value is not known at
- expansion time are treated as empty
- strings. Note that the first argument
- (i.e. the program to execute) may not
- be a variable.
-
- Variables to be used in this
- fashion may be defined through
- Environment= and
- EnvironmentFile=.
- In addition, variables listed in the
- section "Environment variables in
- spawned processes" in
- systemd.exec5,
- which are considered "static
- configuration", may be used (this includes
- e.g. $USER, but not
- $TERM).
-
- Optionally, if the absolute file
- name is prefixed with
- @, the second token
- will be passed as
- argv[0] to the
- executed process, followed by the
- further arguments specified. If the
- absolute filename is prefixed with
- -, an exit code of
- the command normally considered a
- failure (i.e. non-zero exit status or
- abnormal exit due to signal) is ignored
- and considered success. If both
- - and
- @ are used, they
- can appear in either order.
-
- Note that this setting does not
- directly support shell command
- lines. If shell command lines are to
- be used, they need to be passed
- explicitly to a shell implementation
- of some kind. Example:
- ExecStart=/bin/sh -c 'dmesg | tac'
- Example:
- ExecStart=/bin/echo one ; /bin/echo "two two"
- This will execute
- /bin/echo two
- times, each time with one argument:
- one and
- two two,
- respectively. Because two commands are
- specified,
- Type=oneshot must
- be used.
-
- Example:
- ExecStart=/bin/echo / >/dev/null & \; \
-/bin/ls
- This will execute
- /bin/echo with five
- arguments: /,
- >/dev/null,
- &,
- ;, and
- /bin/ls.
-
- Example:
- Environment="ONE=one" 'TWO=two two'
-ExecStart=/bin/echo $ONE $TWO ${TWO}
- This will execute
- /bin/echo with four
- arguments: one,
- two,
- two, and
- two two.
@@ -519,6 +455,20 @@ ExecStart=/bin/echo $ONE $TWO ${TWO}
following:
/bin/kill -HUP $MAINPID
+
+ Note however that reloading a
+ daemon by sending a signal (as with
+ the example line above) is usually not
+ a good choice, because this is an
+ asynchronous operation and hence not
+ suitable to order reloads of multiple
+ services against each other. It is
+ strongly recommended to set
+ ExecReload= to a
+ command that not only triggers a
+ configuration reload of the daemon,
+ but also synchronously waits for it to
+ complete.
@@ -591,11 +541,12 @@ ExecStart=/bin/echo $ONE $TWO ${TWO}
time span value such as "5min
20s". Pass 0 to
disable the timeout logic. Defaults to
- TimeoutStartSec= from
+ DefaultTimeoutStartSec= from
the manager configuration file, except
when Type=oneshot is
used, in which case the timeout
- is disabled by default.
+ is disabled by default
+ (see systemd-system.conf5).
@@ -614,8 +565,9 @@ ExecStart=/bin/echo $ONE $TWO ${TWO}
time span value such as "5min
20s". Pass 0 to disable
the timeout logic. Defaults to
- TimeoutStartSec= from the
- manager configuration file.
+ DefaultTimeoutStopSec= from the
+ manager configuration file
+ (see systemd-system.conf5).
@@ -639,8 +591,9 @@ ExecStart=/bin/echo $ONE $TWO ${TWO}
(i.e. the "keep-alive ping"). If the time
between two such calls is larger than
the configured time, then the service
- is placed in a failed state. By
- setting Restart= to
+ is placed in a failed state and it will
+ be terminated with SIGABRT.
+ By setting Restart= to
or
, the service
will be automatically restarted. The
@@ -674,7 +627,7 @@ ExecStart=/bin/echo $ONE $TWO ${TWO}
processes specified with
ExecStartPre=,
ExecStartPost=,
- ExecStopPre=,
+ ExecStop=,
ExecStopPost=, or
ExecReload=.
When the death of the process is a
@@ -689,51 +642,151 @@ ExecStart=/bin/echo $ONE $TWO ${TWO}
,
,
,
+ ,
,
, or
. If set to
(the default), the
- service will not be restarted. If set to
- , it will be
- restarted only when the service process
- exits cleanly.
- In this context, a clean exit means
- an exit code of 0, or one of the signals
+ service will not be restarted. If set
+ to , it
+ will be restarted only when the
+ service process exits cleanly. In
+ this context, a clean exit means an
+ exit code of 0, or one of the signals
SIGHUP,
SIGINT,
- SIGTERM,
- or SIGPIPE, and
- additionally, exit statuses and signals
- specified in SuccessExitStatus=.
+ SIGTERM or
+ SIGPIPE, and
+ additionally, exit statuses and
+ signals specified in
+ SuccessExitStatus=.
If set to ,
the service will be restarted when the
- process exits with a non-zero exit code,
- is terminated by a signal (including on
- core dump), when an operation (such as
- service reload) times out, and when the
- configured watchdog timeout is triggered.
- If set to
- , the service
- will be restarted only if the service
- process exits due to an uncaught
- signal not specified as a clean exit
- status.
- If set to
- , the service
- will be restarted only if the watchdog
- timeout for the service expires.
- If set to
+ process exits with a non-zero exit
+ code, is terminated by a signal
+ (including on core dump, but excluding
+ the aforementiond four signals), when
+ an operation (such as service reload)
+ times out, and when the configured
+ watchdog timeout is triggered. If set
+ to , the
+ service will be restarted when the
+ process is terminated by a signal
+ (including on core dump, excluding the
+ aforementioned four signals), when an
+ operation times out, or when the
+ watchdog timeout is triggered. If set
+ to , the
+ service will be restarted only if the
+ service process exits due to an
+ uncaught signal not specified as a
+ clean exit status. If set to
+ , the
+ service will be restarted only if the
+ watchdog timeout for the service
+ expires. If set to
, the service
- will be restarted regardless of whether
- it exited cleanly or not, got
+ will be restarted regardless of
+ whether it exited cleanly or not, got
terminated abnormally by a signal, or
hit a timeout.
- In addition to the above settings,
- the service will not be restarted if the
- exit code or signal is specified in
+
+ Exit causes and the effect of the <varname>Restart=</varname> settings on them
+
+
+
+
+
+
+ Restart settings/Exit causes
+
+
+
+
+
+
+
+
+
+
+
+ Clean exit code or signal
+
+ X
+ X
+
+
+
+
+
+
+ Unclean exit code
+
+ X
+
+ X
+
+
+
+
+
+ Unclean signal
+
+ X
+
+ X
+ X
+ X
+
+
+
+ Timeout
+
+ X
+
+ X
+ X
+
+
+
+
+ Watchdog
+
+ X
+
+ X
+ X
+
+ X
+
+
+
+
+
+ As exceptions to the setting
+ above the service will not be
+ restarted if the exit code or signal
+ is specified in
RestartPreventExitStatus=
- (see below).
+ (see below). Also, the services will
+ always be restarted if the exit code
+ or signal is specified in
+ RestartForceExitStatus=
+ (see below).
+
+ Setting this to
+ is the
+ recommended choice for long-running
+ services, in order to increase
+ reliability by attempting automatic
+ recovery from errors. For services
+ that shall be able to terminate on
+ their own choice (and avoid
+ immediate restarting),
+ is an
+ alternative choice.
+
@@ -747,33 +800,30 @@ ExecStart=/bin/echo $ONE $TWO ${TWO}
SIGTERM, and SIGPIPE. Exit status
definitions can either be numeric exit
codes or termination signal names,
- separated by spaces. Signals will only
- be considered if the service does not implement
- a signal handler and exits as a direct result
- of receiving the signal. For example:
- SuccessExitStatus=1 2 8 SIGKILL
- ensures that exit codes 1, 2, 8 and
- the termination signal
- SIGKILL are
- considered clean service terminations.
-
-
- Note that if a process has a
- signal handler installed and exits by
- calling
- _exit2
- in response to a signal, the
- information about the signal is lost.
- Programs should instead perform cleanup and kill themselves with the same signal instead. See
- Proper handling of SIGINT/SIGQUIT â How to be a proper program.
-
- This option may appear more than once
- in which case the list of successful
- exit statuses is merged. If the empty
- string is assigned to this option, the
- list is reset, all prior assignments
- of this option will have no
- effect.
+ separated by spaces. For example:
+ SuccessExitStatus=1 2 8 SIGKILL
+ ensures that exit codes 1, 2, 8 and
+ the termination signal
+ SIGKILL are
+ considered clean service terminations.
+
+
+ Note that if a process has a
+ signal handler installed and exits by
+ calling
+ _exit2
+ in response to a signal, the
+ information about the signal is lost.
+ Programs should instead perform cleanup and kill themselves with the same signal instead. See
+ Proper handling of SIGINT/SIGQUIT â How to be a proper program.
+
+ This option may appear more than once,
+ in which case the list of successful
+ exit statuses is merged. If the empty
+ string is assigned to this option, the
+ list is reset, all prior assignments
+ of this option will have no
+ effect.
@@ -791,9 +841,8 @@ ExecStart=/bin/echo $ONE $TWO ${TWO}
spaces. Defaults to the empty list, so
that, by default, no exit status is
excluded from the configured restart
- logic. Example:
- RestartPreventExitStatus=1 6
- SIGABRT, ensures that exit
+ logic. For example:
+ RestartPreventExitStatus=1 6 SIGABRT ensures that exit
codes 1 and 6 and the termination
signal SIGABRT will
not result in automatic service
@@ -807,6 +856,18 @@ ExecStart=/bin/echo $ONE $TWO ${TWO}
effect.
+
+ RestartForceExitStatus=
+ Takes a list of exit
+ status definitions that when returned
+ by the main service process will force
+ automatic service restarts, regardless
+ of the restart setting configured with
+ Restart=. The
+ argument format is similar to
+ RestartPreventExitStatus=.
+
+
PermissionsStartOnly=Takes a boolean
@@ -861,7 +922,7 @@ ExecStart=/bin/echo $ONE $TWO ${TWO}
for all file descriptors passed via
socket-based activation. If true, all
file descriptors >= 3 (i.e. all except
- STDIN/STDOUT/STDERR) will have
+ stdin, stdout, and stderr) will have
the O_NONBLOCK flag
set and hence are in
non-blocking mode. This option is only
@@ -906,21 +967,24 @@ ExecStart=/bin/echo $ONE $TWO ${TWO}
Sockets=Specifies the name of
the socket units this service shall
- inherit the sockets from when the
- service is started. Normally it
- should not be necessary to use this
- setting as all sockets whose unit
+ inherit socket file descriptors
+ from when the service is
+ started. Normally it should not be
+ necessary to use this setting as all
+ socket file descriptors whose unit
shares the same name as the service
- (ignoring the different suffix of course)
- are passed to the spawned
- process.
-
- Note that the same socket may be
- passed to multiple processes at the
- same time. Also note that a different
- service may be activated on incoming
- traffic than that which inherits the
- sockets. Or in other words: the
+ (subject to the different unit name
+ suffix of course) are passed to the
+ spawned process.
+
+ Note that the same socket file
+ descriptors may be passed to multiple
+ processes simultaneously. Also note
+ that a different service may be
+ activated on incoming socket traffic
+ than the one which is ultimately
+ configured to inherit the socket file
+ descriptors. Or in other words: the
Service= setting of
.socket units
does not have to match the inverse of
@@ -997,29 +1061,63 @@ ExecStart=/bin/echo $ONE $TWO ${TWO}
hit. Takes one of
,
,
- , or
- . If
- is set,
- hitting the rate limit will trigger no
- action besides that the start will not
- be permitted.
+ ,
+ ,
+ ,
+ or
+ . If
+ is set, hitting
+ the rate limit will trigger no action
+ besides that the start will not be
+ permitted.
causes a reboot following the normal
shutdown procedure (i.e. equivalent to
systemctl reboot).
- causes
- a forced reboot which will terminate
- all processes forcibly but should
- cause no dirty file systems on reboot
+ causes a
+ forced reboot which will terminate all
+ processes forcibly but should cause no
+ dirty file systems on reboot
(i.e. equivalent to systemctl
reboot -f) and
causes immediate execution of the
reboot2
system call, which might result in
- data loss. Defaults to
+ data loss. Similar,
+ ,
+ ,
+
+ have the effect of powering down the
+ system with similar
+ semantics. Defaults to
.
+
+ FailureAction=
+ Configure the action
+ to take when the service enters a failed
+ state. Takes the same values as
+ StartLimitAction=
+ and executes the same actions.
+ Defaults to .
+
+
+
+
+ RebootArgument=
+ Configure the optional
+ argument for the
+ reboot2
+ system call if
+ StartLimitAction=
+ or FailureAction=
+ is a reboot action. This works just
+ like the optional argument to
+ systemctl reboot
+ command.
+
+
Check
@@ -1031,44 +1129,137 @@ ExecStart=/bin/echo $ONE $TWO ${TWO}
- Compatibility Options
+ Command lines
+
+ This section describes command line parsing and
+ variable and specifier substitions for
+ ExecStart=,
+ ExecStartPre=,
+ ExecStartPost=,
+ ExecReload=,
+ ExecStop=, and
+ ExecStopPost= options.
+
+ Multiple command lines may be concatenated in a
+ single directive by separating them with semicolons
+ (these semicolons must be passed as separate words).
+ Lone semicolons may be escaped as
+ \;.
+
+ Each command line is split on whitespace, with
+ the first item being the command to execute, and the
+ subsequent items being the arguments. Double quotes
+ ("...") and single quotes ('...') may be used, in
+ which case everything until the next matching quote
+ becomes part of the same argument. Quotes themselves
+ are removed after parsing. In addition, a trailing
+ backslash (\) may be used to merge
+ lines.
+
+ This syntax is intended to be very similar to
+ shell syntax, but only the meta-characters and
+ expansions described in the following paragraphs are
+ understood. Specifically, redirection using
+ <, <<,
+ >, and
+ >>, pipes using
+ |, running programs in the
+ background using &, and
+ other elements of shell syntax are not
+ supported.
+
+ The command line accepts %
+ specifiers as described in
+ systemd.unit5.
+ Note that the first argument of the command line
+ (i.e. the program to execute) may not include
+ specifiers.
+
+ Basic environment variable substitution is
+ supported. Use ${FOO} as part of a
+ word, or as a word of its own, on the command line, in
+ which case it will be replaced by the value of the
+ environment variable including all whitespace it
+ contains, resulting in a single argument. Use
+ $FOO as a separate word on the
+ command line, in which case it will be replaced by the
+ value of the environment variable split at whitespace
+ resulting in zero or more arguments. For this type of
+ expansion, quotes and respected when splitting into
+ words, and afterwards removed.
+
+ Example:
+
+ Environment="ONE=one" 'TWO=two two'
+ExecStart=/bin/echo $ONE $TWO ${TWO}
- The following options are also available in the
- [Service] section, but exist purely
- for compatibility reasons and should not be used in
- newly written service files.
+ This will execute /bin/echo
+ with four arguments: one,
+ two, two, and
+ two two.
+
+ Example:
+ Environment=ONE='one' "TWO='two two' too" THREE=
+ExecStart=/bin/echo ${ONE} ${TWO} ${THREE}
+ExecStart=/bin/echo $ONE $TWO $THREE
+ This results in echo being
+ called twice, the first time with arguments
+ 'one',
+ 'two two' too, ,
+ and the second time with arguments
+ one, two two,
+ too.
+
-
-
- SysVStartPriority=
- Set the SysV start
- priority to use to order this service
- in relation to SysV services lacking
- LSB headers. This option is only
- necessary to fix ordering in relation
- to legacy SysV services that have no
- ordering information encoded in the
- script headers. As such, it should only
- be used as a temporary compatibility
- option and should not be used in new unit
- files. Almost always, it is a better
- choice to add explicit ordering
- directives via
- After= or
- Before=,
- instead. For more details, see
- systemd.unit5.
- If used, pass an integer value in the
- range 0-99.
-
-
+ To pass a literal dollar sign, use
+ $$. Variables whose value is not
+ known at expansion time are treated as empty
+ strings. Note that the first argument (i.e. the
+ program to execute) may not be a variable.
+
+ Variables to be used in this fashion may be
+ defined through Environment= and
+ EnvironmentFile=. In addition,
+ variables listed in the section "Environment variables
+ in spawned processes" in
+ systemd.exec5,
+ which are considered "static configuration", may be
+ used (this includes e.g. $USER, but
+ not $TERM).
+
+ Note that shell command lines are not directly
+ supported. If shell command lines are to be used, they
+ need to be passed explicitly to a shell implementation
+ of some kind. Example:
+ ExecStart=/bin/sh -c 'dmesg | tac'
+
+ Example:
+
+ ExecStart=/bin/echo one ; /bin/echo "two two"
+
+ This will execute /bin/echo
+ two times, each time with one argument:
+ one and two two,
+ respectively. Because two commands are specified,
+ Type=oneshot must be used.
+
+ Example:
+
+ ExecStart=/bin/echo / >/dev/null & \; \
+/bin/ls
+
+ This will execute /bin/echo
+ with five arguments: /,
+ >/dev/null,
+ &, ;, and
+ /bin/ls.See Alsosystemd1,
- systemctl8,
+ systemctl1,
systemd.unit5,
systemd.exec5,
systemd.resource-control5,