1 <?xml version='1.0'?> <!--*-nxml-*-->
2 <?xml-stylesheet type="text/xsl" href="http://docbook.sourceforge.net/release/xsl/current/xhtml/docbook.xsl"?>
3 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
4 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
7 This file is part of systemd.
9 Copyright 2010 Lennart Poettering
11 systemd is free software; you can redistribute it and/or modify it
12 under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 2 of the License, or
14 (at your option) any later version.
16 systemd is distributed in the hope that it will be useful, but
17 WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 General Public License for more details.
21 You should have received a copy of the GNU General Public License
22 along with systemd; If not, see <http://www.gnu.org/licenses/>.
25 <refentry id="systemd.exec">
27 <title>systemd.exec</title>
28 <productname>systemd</productname>
32 <contrib>Developer</contrib>
33 <firstname>Lennart</firstname>
34 <surname>Poettering</surname>
35 <email>lennart@poettering.net</email>
41 <refentrytitle>systemd.exec</refentrytitle>
42 <manvolnum>5</manvolnum>
46 <refname>systemd.exec</refname>
47 <refpurpose>systemd execution environment configuration</refpurpose>
51 <para><filename>systemd.service</filename>,
52 <filename>systemd.socket</filename>,
53 <filename>systemd.mount</filename>,
54 <filename>systemd.swap</filename></para>
58 <title>Description</title>
60 <para>Unit configuration files for services, sockets
61 mount points and swap devices share a subset of
62 configuration options which define the execution
63 environment of spawned processes.</para>
65 <para>This man page lists the configuration options
66 shared by these three unit types. See
67 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
68 for the common options of all unit configuration
70 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
71 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
72 <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>
74 <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>
75 for more information on the specific unit
76 configuration files. The execution specific
77 configuration options are configured in the [Service],
78 [Socket], [Mount] resp. [Swap] section, depending on the unit
83 <title>Options</title>
88 <term><varname>WorkingDirectory=</varname></term>
90 <listitem><para>Takes an absolute
91 directory path. Sets the working
92 directory for executed
93 processes.</para></listitem>
97 <term><varname>RootDirectory=</varname></term>
99 <listitem><para>Takes an absolute
100 directory path. Sets the root
101 directory for executed processes, with
103 <citerefentry><refentrytitle>chroot</refentrytitle><manvolnum>2</manvolnum></citerefentry>
104 system call. If this is used it must
105 be ensured that the process and all
106 its auxiliary files are available in
107 the <function>chroot()</function>
108 jail.</para></listitem>
112 <term><varname>User=</varname></term>
113 <term><varname>Group=</varname></term>
115 <listitem><para>Sets the Unix user
116 resp. group the processes are executed
117 as. Takes a single user resp. group
118 name or ID as argument. If no group is
119 set the default group of the user is
120 chosen.</para></listitem>
124 <term><varname>SupplementaryGroups=</varname></term>
126 <listitem><para>Sets the supplementary
127 Unix groups the processes are executed
128 as. This takes a space separated list
129 of group names or IDs. This option may
130 be specified more than once in which
131 case all listed groups are set as
132 supplementary groups. This option does
133 not override but extends the list of
134 supplementary groups configured in the
135 system group database for the
136 user.</para></listitem>
140 <term><varname>Nice=</varname></term>
142 <listitem><para>Sets the default nice
143 level (scheduling priority) for
144 executed processes. Takes an integer
145 between -20 (highest priority) and 19
146 (lowest priority). See
147 <citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum></citerefentry>
148 for details.</para></listitem>
152 <term><varname>OOMScoreAdjust=</varname></term>
154 <listitem><para>Sets the adjustment
155 level for the Out-Of-Memory killer for
156 executed processes. Takes an integer
157 between -1000 (to disable OOM killing
158 for this process) and 1000 (to make
159 killing of this process under memory
160 pressure very likely). See <ulink
161 url="http://www.kernel.org/doc/Documentation/filesystems/proc.txt">proc.txt</ulink>
162 for details.</para></listitem>
166 <term><varname>IOSchedulingClass=</varname></term>
168 <listitem><para>Sets the IO scheduling
169 class for executed processes. Takes an
170 integer between 0 and 3 or one of the
171 strings <option>none</option>,
172 <option>realtime</option>,
173 <option>best-effort</option> or
174 <option>idle</option>. See
175 <citerefentry><refentrytitle>ioprio_set</refentrytitle><manvolnum>2</manvolnum></citerefentry>
176 for details.</para></listitem>
180 <term><varname>IOSchedulingPriority=</varname></term>
182 <listitem><para>Sets the IO scheduling
183 priority for executed processes. Takes
184 an integer between 0 (highest
185 priority) and 7 (lowest priority). The
186 available priorities depend on the
187 selected IO scheduling class (see
189 <citerefentry><refentrytitle>ioprio_set</refentrytitle><manvolnum>2</manvolnum></citerefentry>
190 for details.</para></listitem>
194 <term><varname>CPUSchedulingPolicy=</varname></term>
196 <listitem><para>Sets the CPU
197 scheduling policy for executed
198 processes. Takes one of
199 <option>other</option>,
200 <option>batch</option>,
201 <option>idle</option>,
202 <option>fifo</option> or
203 <option>rr</option>. See
204 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
205 for details.</para></listitem>
209 <term><varname>CPUSchedulingPriority=</varname></term>
211 <listitem><para>Sets the CPU
212 scheduling priority for executed
213 processes. Takes an integer between 1
214 (lowest priority) and 99 (highest
215 priority). The available priority
216 range depends on the selected CPU
217 scheduling policy (see above). See
218 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
219 for details.</para></listitem>
223 <term><varname>CPUSchedulingResetOnFork=</varname></term>
225 <listitem><para>Takes a boolean
226 argument. If true elevated CPU
227 scheduling priorities and policies
228 will be reset when the executed
229 processes fork, and can hence not leak
230 into child processes. See
231 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
232 for details. Defaults to false.</para></listitem>
236 <term><varname>CPUAffinity=</varname></term>
238 <listitem><para>Controls the CPU
239 affinity of the executed
240 processes. Takes a space-separated
241 list of CPU indexes. See
242 <citerefentry><refentrytitle>sched_setaffinity</refentrytitle><manvolnum>2</manvolnum></citerefentry>
243 for details.</para></listitem>
247 <term><varname>UMask=</varname></term>
249 <listitem><para>Controls the file mode
250 creation mask. Takes an access mode in
252 <citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></citerefentry>
253 for details. Defaults to
254 0002.</para></listitem>
258 <term><varname>Environment=</varname></term>
260 <listitem><para>Sets environment
261 variables for executed
262 processes. Takes a space-separated
263 list of variable assignments. This
264 option may be specified more than once
265 in which case all listed variables
266 will be set. If the same variable is
267 set twice the later setting will
268 override the earlier setting. See
269 <citerefentry><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
270 for details.</para></listitem>
273 <term><varname>EnvironmentFile=</varname></term>
274 <listitem><para>Similar to
275 <varname>Environment=</varname> but
276 reads the environment variables from a
277 text file. The text file should
278 contain new-line separated variable
279 assignments. Empty lines and lines
280 starting with ; or # will be ignored,
281 which may be used for commenting. The
282 argument passed should be an absolute
283 file name, optionally prefixed with
284 "-", which indicates that if the file
285 does not exist it won't be read and no
286 error or warning message is
287 logged.</para></listitem>
291 <term><varname>StandardInput=</varname></term>
292 <listitem><para>Controls where file
293 descriptor 0 (STDIN) of the executed
294 processes is connected to. Takes one
295 of <option>null</option>,
296 <option>tty</option>,
297 <option>tty-force</option>,
298 <option>tty-fail</option> or
299 <option>socket</option>. If
300 <option>null</option> is selected
301 standard input will be connected to
302 <filename>/dev/null</filename>,
303 i.e. all read attempts by the process
304 will result in immediate EOF. If
305 <option>tty</option> is selected
306 standard input is connected to a TTY
308 <varname>TTYPath=</varname>, see
309 below) and the executed process
310 becomes the controlling process of the
311 terminal. If the terminal is already
312 being controlled by another process the
313 executed process waits until the current
314 controlling process releases the
316 <option>tty-force</option>
317 is similar to <option>tty</option>,
318 but the executed process is forcefully
319 and immediately made the controlling
320 process of the terminal, potentially
321 removing previous controlling
323 terminal. <option>tty-fail</option> is
324 similar to <option>tty</option> but if
325 the terminal already has a controlling
326 process start-up of the executed
328 <option>socket</option> option is only
329 valid in socket-activated services,
330 and only when the socket configuration
332 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>
333 for details) specifies a single socket
334 only. If this option is set standard
335 input will be connected to the socket
336 the service was activated from, which
337 is primarily useful for compatibility
338 with daemons designed for use with the
340 <citerefentry><refentrytitle>inetd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
341 daemon. This setting defaults to
342 <option>null</option>.</para></listitem>
345 <term><varname>StandardOutput=</varname></term>
346 <listitem><para>Controls where file
347 descriptor 1 (STDOUT) of the executed
348 processes is connected to. Takes one
349 of <option>inherit</option>,
350 <option>null</option>,
351 <option>tty</option>,
352 <option>syslog</option>,
353 <option>kmsg</option>,
354 <option>kmsg+console</option>,
355 <option>syslog+console</option> or
356 <option>socket</option>. If set to
357 <option>inherit</option> the file
358 descriptor of standard input is
359 duplicated for standard output. If set
360 to <option>null</option> standard
361 output will be connected to
362 <filename>/dev/null</filename>,
363 i.e. everything written to it will be
364 lost. If set to <option>tty</option>
365 standard output will be connected to a
366 tty (as configured via
367 <varname>TTYPath=</varname>, see
368 below). If the TTY is used for output
369 only the executed process will not
370 become the controlling process of the
371 terminal, and will not fail or wait
372 for other processes to release the
373 terminal. <option>syslog</option>
374 connects standard output to the
375 <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
376 system logger. <option>kmsg</option>
377 connects it with the kernel log buffer
378 which is accessible via
379 <citerefentry><refentrytitle>dmesg</refentrytitle><manvolnum>1</manvolnum></citerefentry>. <option>syslog+console</option>
380 and <option>kmsg+console</option> work
381 similarly but copy the output to the
383 well. <option>socket</option> connects
384 standard output to a socket from
385 socket activation, semantics are
386 similar to the respective option of
387 <varname>StandardInput=</varname>.
388 This setting defaults to
389 <option>inherit</option>.</para></listitem>
392 <term><varname>StandardError=</varname></term>
393 <listitem><para>Controls where file
394 descriptor 2 (STDERR) of the executed
395 processes is connected to. The
396 available options are identical to
398 <varname>StandardOutput=</varname>,
399 with one exception: if set to
400 <option>inherit</option> the file
401 descriptor used for standard output is
402 duplicated for standard error. This
404 <option>inherit</option>.</para></listitem>
407 <term><varname>TTYPath=</varname></term>
408 <listitem><para>Sets the terminal
409 device node to use if standard input,
410 output or stderr are connected to a
411 TTY (see above). Defaults to
412 <filename>/dev/console</filename>.</para></listitem>
415 <term><varname>SyslogIdentifier=</varname></term>
416 <listitem><para>Sets the process name
417 to prefix log lines sent to syslog or
418 the kernel log buffer with. If not set
419 defaults to the process name of the
420 executed process. This option is only
422 <varname>StandardOutput=</varname> or
423 <varname>StandardError=</varname> are
424 set to <option>syslog</option> or
425 <option>kmsg</option>.</para></listitem>
428 <term><varname>SyslogFacility=</varname></term>
429 <listitem><para>Sets the syslog
430 facility to use when logging to
431 syslog. One of <option>kern</option>,
432 <option>user</option>,
433 <option>mail</option>,
434 <option>daemon</option>,
435 <option>auth</option>,
436 <option>syslog</option>,
437 <option>lpr</option>,
438 <option>news</option>,
439 <option>uucp</option>,
440 <option>cron</option>,
441 <option>authpriv</option>,
442 <option>ftp</option>,
443 <option>local0</option>,
444 <option>local1</option>,
445 <option>local2</option>,
446 <option>local3</option>,
447 <option>local4</option>,
448 <option>local5</option>,
449 <option>local6</option> or
450 <option>local7</option>. See
451 <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
452 for details. This option is only
454 <varname>StandardOutput=</varname> or
455 <varname>StandardError=</varname> are
456 set to <option>syslog</option>.
458 <option>daemon</option>.</para></listitem>
461 <term><varname>SyslogLevel=</varname></term>
462 <listitem><para>Default syslog level
463 to use when logging to syslog or the
464 kernel log buffer. One of
465 <option>emerg</option>,
466 <option>alert</option>,
467 <option>crit</option>,
468 <option>err</option>,
469 <option>warning</option>,
470 <option>notice</option>,
471 <option>info</option>,
472 <option>debug</option>. See
473 <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
474 for details. This option is only
476 <varname>StandardOutput=</varname> or
477 <varname>StandardError=</varname> are
478 set to <option>syslog</option> or
479 <option>kmsg</option>. Note that
480 individual lines output by the daemon
481 might be prefixed with a different log
482 level which can be used to override
483 the default log level specified
484 here. The interpretation of these
485 prefixes may be disabled with
486 <varname>SyslogLevelPrefix=</varname>,
487 see below. For details see
488 <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
491 <option>info</option>.</para></listitem>
495 <term><varname>SyslogLevelPrefix=</varname></term>
496 <listitem><para>Takes a boolean
497 argument. If true and
498 <varname>StandardOutput=</varname> or
499 <varname>StandardError=</varname> are
500 set to <option>syslog</option> or
501 <option>kmsg</option> log lines
502 written by the executed process that
503 are prefixed with a log level will be
504 passed on to syslog with this log
505 level set but the prefix removed. If
506 set to false, the interpretation of
507 these prefixes is disabled and the
508 logged lines are passed on as-is. For
509 details about this prefixing see
510 <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
511 Defaults to true.</para></listitem>
515 <term><varname>TimerSlackNSec=</varname></term>
516 <listitem><para>Sets the timer slack
517 in nanoseconds for the executed
518 processes. The timer slack controls the
519 accuracy of wake-ups triggered by
521 <citerefentry><refentrytitle>prctl</refentrytitle><manvolnum>2</manvolnum></citerefentry>
522 for more information. Note that in
523 contrast to most other time span
524 definitions this parameter takes an
525 integer value in nano-seconds and does
526 not understand any other
527 units.</para></listitem>
531 <term><varname>LimitCPU=</varname></term>
532 <term><varname>LimitFSIZE=</varname></term>
533 <term><varname>LimitDATA=</varname></term>
534 <term><varname>LimitSTACK=</varname></term>
535 <term><varname>LimitCORE=</varname></term>
536 <term><varname>LimitRSS=</varname></term>
537 <term><varname>LimitNOFILE=</varname></term>
538 <term><varname>LimitAS=</varname></term>
539 <term><varname>LimitNPROC=</varname></term>
540 <term><varname>LimitMEMLOCK=</varname></term>
541 <term><varname>LimitLOCKS=</varname></term>
542 <term><varname>LimitSIGPENDING=</varname></term>
543 <term><varname>LimitMSGQUEUE=</varname></term>
544 <term><varname>LimitNICE=</varname></term>
545 <term><varname>LimitRTPRIO=</varname></term>
546 <term><varname>LimitRTTIME=</varname></term>
547 <listitem><para>These settings control
548 various resource limits for executed
550 <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry>
551 for details.</para></listitem>
555 <term><varname>PAMName=</varname></term>
556 <listitem><para>Sets the PAM service
557 name to set up a session as. If set
558 the executed process will be
559 registered as a PAM session under the
560 specified service name. This is only
561 useful in conjunction with the
562 <varname>User=</varname> setting. If
563 not set no PAM session will be opened
564 for the executed processes. See
565 <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>
566 for details.</para></listitem>
570 <term><varname>TCPWrapName=</varname></term>
571 <listitem><para>If this is a
572 socket-activated service this sets the
573 tcpwrap service name to check the
574 permission for the current connection
575 with. This is only useful in
576 conjunction with socket-activated
577 services, and stream sockets (TCP) in
578 particular. It has no effect on other
579 socket types (e.g. datagram/UDP) and on processes
580 unrelated to socket-based
581 activation. If the tcpwrap
582 verification fails daemon start-up
583 will fail and the connection is
585 <citerefentry><refentrytitle>tcpd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
586 for details.</para></listitem>
590 <term><varname>Capabilities=</varname></term>
591 <listitem><para>Controls the
592 <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
593 set for the executed process. Take a
594 capability string as described in
595 <citerefentry><refentrytitle>cap_from_text</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
596 Note that this capability set is
597 usually influenced by the capabilities
598 attached to the executed
599 file.</para></listitem>
603 <term><varname>SecureBits=</varname></term>
604 <listitem><para>Controls the secure
605 bits set for the executed process. See
606 <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
607 for details. Takes a list of strings:
608 <option>keep-caps</option>,
609 <option>keep-caps-locked</option>,
610 <option>no-setuid-fixup</option>,
611 <option>no-setuid-fixup-locked</option>,
612 <option>no-setuid-noroot</option> and/or
613 <option>no-setuid-noroot-locked</option>.
618 <term><varname>CapabilityBoundingSetDrop=</varname></term>
620 <listitem><para>Controls the
621 capability bounding set drop set for
622 the executed process. See
623 <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
624 for details. Takes a list of
625 capability names as read by
626 <citerefentry><refentrytitle>cap_from_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
631 <term><varname>ControlGroup=</varname></term>
633 <listitem><para>Controls the control
634 groups the executed processes shall be
635 made members of. Takes a
636 space-separated list of cgroup
637 identifiers. A cgroup identifier has a
639 <filename>cpu:/foo/bar</filename>,
640 where "cpu" identifies the kernel
641 control group controller used, and
642 <filename>/foo/bar</filename> is the
643 control group path. The controller name
644 and ":" may be omitted in which case
645 the named systemd control group
646 hierarchy is implied. Alternatively,
647 the path and ":" may be omitted, in
648 which case the default control group
649 path for this unit is implied. This
650 option may be used to place executed
651 processes in arbitrary groups in
652 arbitrary hierachies -- which can be
653 configured externally with additional execution limits. By default
654 systemd will place all executed
655 processes in separate per-unit control
656 groups (named after the unit) in the
657 systemd named hierarchy. Since every
658 process can be in one group per
659 hierarchy only overriding the control group
660 path in the named systemd hierarchy
661 will disable automatic placement in
662 the default group. For details about control
664 url="http://www.kernel.org/doc/Documentation/cgroups/cgroups.txt">cgroups.txt</ulink>.</para></listitem>
668 <term><varname>ReadWriteDirectories=</varname></term>
669 <term><varname>ReadOnlyDirectories=</varname></term>
670 <term><varname>InaccessibleDirectories=</varname></term>
672 <listitem><para>Sets up a new
673 file-system name space for executed
674 processes. These options may be used
675 to limit access a process might have
676 to the main file-system
677 hierarchy. Each setting takes a
678 space-separated list of absolute
679 directory paths. Directories listed in
680 <varname>ReadWriteDirectories=</varname>
681 are accessible from within the
682 namespace with the same access rights
683 as from outside. Directories listed in
684 <varname>ReadOnlyDirectories=</varname>
685 are accessible for reading only,
686 writing will be refused even if the
687 usual file access controls would
688 permit this. Directories listed in
689 <varname>InaccessibleDirectories=</varname>
690 will be made inaccesible for processes
691 inside the namespace. Note that
692 restricting access with these options
693 does not extend to submounts of a
694 directory. You must list submounts
695 separately in these settings to
696 ensure the same limited access. These
697 options may be specified more than
698 once in which case all directories
699 listed will have limited access from
701 namespace.</para></listitem>
705 <term><varname>PrivateTmp=</varname></term>
707 <listitem><para>Takes a boolean
708 argument. If true sets up a new
709 namespace for the executed processes
711 <filename>/tmp</filename> directory
712 inside it, that is not shared by
713 processes outside of the
714 namespace. This is useful to secure
715 access to temporary files of the
716 process, but makes sharing between
718 <filename>/tmp</filename>
719 impossible. Defaults to false.</para></listitem>
723 <term><varname>MountFlags=</varname></term>
725 <listitem><para>Takes a mount
727 <option>shared</option>,
728 <option>slave</option> or
729 <option>private</option>, which
730 control whether namespaces set up with
731 <varname>ReadWriteDirectories=</varname>,
732 <varname>ReadOnlyDirectories=</varname>
734 <varname>InaccessibleDirectories=</varname>
735 receive or propagate new mounts
736 from/to the main namespace. See
737 <citerefentry><refentrytitle>mount</refentrytitle><manvolnum>1</manvolnum></citerefentry>
738 for details. Defaults to
739 <option>shared</option>, i.e. the new
740 namespace will both receive new mount
741 points from the main namespace as well
742 as propagate new mounts to
743 it.</para></listitem>
747 <term><varname>UtmpIdentifier=</varname></term>
749 <listitem><para>Takes a a four
750 character identifier string for an
751 utmp/wtmp entry for this service. This
752 should only be set for services such
753 as <command>getty</command>
754 implementations where utmp/wtmp
755 entries must be created and cleared
756 before and after execution. If the
757 configured string is longer than four
758 characters it is truncated and the
759 terminal four characters are
760 used. This setting interprets %I style
761 string replacements. This setting is
762 unset by default, i.e. no utmp/wtmp
763 entries are created or cleaned up for
764 this service.</para></listitem>
771 <title>See Also</title>
773 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
774 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
775 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
776 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
777 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
778 <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
779 <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>