1 <?xml version='1.0'?> <!--*-nxml-*-->
2 <?xml-stylesheet type="text/xsl" href="http://docbook.sourceforge.net/release/xsl/current/xhtml/docbook.xsl"?>
3 <!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
4 "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
7 This file is part of systemd.
9 Copyright 2010 Lennart Poettering
11 systemd is free software; you can redistribute it and/or modify it
12 under the terms of the GNU General Public License as published by
13 the Free Software Foundation; either version 2 of the License, or
14 (at your option) any later version.
16 systemd is distributed in the hope that it will be useful, but
17 WITHOUT ANY WARRANTY; without even the implied warranty of
18 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
19 General Public License for more details.
21 You should have received a copy of the GNU General Public License
22 along with systemd; If not, see <http://www.gnu.org/licenses/>.
25 <refentry id="systemd.exec">
27 <title>systemd.exec</title>
28 <productname>systemd</productname>
32 <contrib>Developer</contrib>
33 <firstname>Lennart</firstname>
34 <surname>Poettering</surname>
35 <email>lennart@poettering.net</email>
41 <refentrytitle>systemd.exec</refentrytitle>
42 <manvolnum>5</manvolnum>
46 <refname>systemd.exec</refname>
47 <refpurpose>systemd execution environment configuration</refpurpose>
51 <para><filename>systemd.service</filename>,
52 <filename>systemd.socket</filename>,
53 <filename>systemd.mount</filename>,
54 <filename>systemd.swap</filename></para>
58 <title>Description</title>
60 <para>Unit configuration files for services, sockets
61 mount points and swap devices share a subset of
62 configuration options which define the execution
63 environment of spawned processes.</para>
65 <para>This man page lists the configuration options
66 shared by these three unit types. See
67 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
68 for the common options of all unit configuration
70 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
71 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
72 <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>
74 <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>
75 for more information on the specific unit
76 configuration files. The execution specific
77 configuration options are configured in the [Service],
78 [Socket], [Mount] resp. [Swap] section, depending on the unit
83 <title>Options</title>
88 <term><varname>WorkingDirectory=</varname></term>
90 <listitem><para>Takes an absolute
91 directory path. Sets the working
92 directory for executed
93 processes.</para></listitem>
97 <term><varname>RootDirectory=</varname></term>
99 <listitem><para>Takes an absolute
100 directory path. Sets the root
101 directory for executed processes, with
103 <citerefentry><refentrytitle>chroot</refentrytitle><manvolnum>2</manvolnum></citerefentry>
104 system call. If this is used it must
105 be ensured that the process and all
106 its auxiliary files are available in
107 the <function>chroot()</function>
108 jail.</para></listitem>
112 <term><varname>User=</varname></term>
113 <term><varname>Group=</varname></term>
115 <listitem><para>Sets the Unix user
116 resp. group the processes are executed
117 as. Takes a single user resp. group
118 name or ID as argument. If no group is
119 set the default group of the user is
120 chosen.</para></listitem>
124 <term><varname>SupplementaryGroups=</varname></term>
126 <listitem><para>Sets the supplementary
127 Unix groups the processes are executed
128 as. This takes a space separated list
129 of group names or IDs. This option may
130 be specified more than once in which
131 case all listed groups are set as
132 supplementary groups. This option does
133 not override but extends the list of
134 supplementary groups configured in the
135 system group database for the
136 user.</para></listitem>
140 <term><varname>Nice=</varname></term>
142 <listitem><para>Sets the default nice
143 level (scheduling priority) for
144 executed processes. Takes an integer
145 between -20 (highest priority) and 19
146 (lowest priority). See
147 <citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum></citerefentry>
148 for details.</para></listitem>
152 <term><varname>OOMScoreAdjust=</varname></term>
154 <listitem><para>Sets the adjustment
155 level for the Out-Of-Memory killer for
156 executed processes. Takes an integer
157 between -1000 (to disable OOM killing
158 for this process) and 1000 (to make
159 killing of this process under memory
160 pressure very likely). See <ulink
161 url="http://www.kernel.org/doc/Documentation/filesystems/proc.txt">proc.txt</ulink>
162 for details.</para></listitem>
166 <term><varname>IOSchedulingClass=</varname></term>
168 <listitem><para>Sets the IO scheduling
169 class for executed processes. Takes an
170 integer between 0 and 3 or one of the
171 strings <option>none</option>,
172 <option>realtime</option>,
173 <option>best-effort</option> or
174 <option>idle</option>. See
175 <citerefentry><refentrytitle>ioprio_set</refentrytitle><manvolnum>2</manvolnum></citerefentry>
176 for details.</para></listitem>
180 <term><varname>IOSchedulingPriority=</varname></term>
182 <listitem><para>Sets the IO scheduling
183 priority for executed processes. Takes
184 an integer between 0 (highest
185 priority) and 7 (lowest priority). The
186 available priorities depend on the
187 selected IO scheduling class (see
189 <citerefentry><refentrytitle>ioprio_set</refentrytitle><manvolnum>2</manvolnum></citerefentry>
190 for details.</para></listitem>
194 <term><varname>CPUSchedulingPolicy=</varname></term>
196 <listitem><para>Sets the CPU
197 scheduling policy for executed
198 processes. Takes one of
199 <option>other</option>,
200 <option>batch</option>,
201 <option>idle</option>,
202 <option>fifo</option> or
203 <option>rr</option>. See
204 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
205 for details.</para></listitem>
209 <term><varname>CPUSchedulingPriority=</varname></term>
211 <listitem><para>Sets the CPU
212 scheduling priority for executed
213 processes. Takes an integer between 1
214 (lowest priority) and 99 (highest
215 priority). The available priority
216 range depends on the selected CPU
217 scheduling policy (see above). See
218 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
219 for details.</para></listitem>
223 <term><varname>CPUSchedulingResetOnFork=</varname></term>
225 <listitem><para>Takes a boolean
226 argument. If true elevated CPU
227 scheduling priorities and policies
228 will be reset when the executed
229 processes fork, and can hence not leak
230 into child processes. See
231 <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry>
232 for details. Defaults to false.</para></listitem>
236 <term><varname>CPUAffinity=</varname></term>
238 <listitem><para>Controls the CPU
239 affinity of the executed
240 processes. Takes a space-separated
241 list of CPU indexes. See
242 <citerefentry><refentrytitle>sched_setaffinity</refentrytitle><manvolnum>2</manvolnum></citerefentry>
243 for details.</para></listitem>
247 <term><varname>UMask=</varname></term>
249 <listitem><para>Controls the file mode
250 creation mask. Takes an access mode in
252 <citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></citerefentry>
253 for details. Defaults to
254 0002.</para></listitem>
258 <term><varname>Environment=</varname></term>
260 <listitem><para>Sets environment
261 variables for executed
262 processes. Takes a space-separated
263 list of variable assignments. This
264 option may be specified more than once
265 in which case all listed variables
266 will be set. If the same variable is
267 set twice the later setting will
268 override the earlier setting. See
269 <citerefentry><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
270 for details.</para></listitem>
273 <term><varname>EnvironmentFile=</varname></term>
274 <listitem><para>Similar to
275 <varname>Environment=</varname> but
276 reads the environment variables from a
277 text file. The text file should
278 contain new-line separated variable
279 assignments. Empty lines and lines
280 starting with ; or # will be ignored,
281 which may be used for commenting. The
282 argument passed should be an absolute
283 file name, optionally prefixed with
284 "-", which indicates that if the file
285 does not exist it won't be read and no
286 error or warning message is
287 logged.</para></listitem>
291 <term><varname>StandardInput=</varname></term>
292 <listitem><para>Controls where file
293 descriptor 0 (STDIN) of the executed
294 processes is connected to. Takes one
295 of <option>null</option>,
296 <option>tty</option>,
297 <option>tty-force</option>,
298 <option>tty-fail</option> or
299 <option>socket</option>. If
300 <option>null</option> is selected
301 standard input will be connected to
302 <filename>/dev/null</filename>,
303 i.e. all read attempts by the process
304 will result in immediate EOF. If
305 <option>tty</option> is selected
306 standard input is connected to a TTY
308 <varname>TTYPath=</varname>, see
309 below) and the executed process
310 becomes the controlling process of the
311 terminal. If the terminal is already
312 being controlled by another process the
313 executed process waits until the current
314 controlling process releases the
316 <option>tty-force</option>
317 is similar to <option>tty</option>,
318 but the executed process is forcefully
319 and immediately made the controlling
320 process of the terminal, potentially
321 removing previous controlling
323 terminal. <option>tty-fail</option> is
324 similar to <option>tty</option> but if
325 the terminal already has a controlling
326 process start-up of the executed
328 <option>socket</option> option is only
329 valid in socket-activated services,
330 and only when the socket configuration
332 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>
333 for details) specifies a single socket
334 only. If this option is set standard
335 input will be connected to the socket
336 the service was activated from, which
337 is primarily useful for compatibility
338 with daemons designed for use with the
340 <citerefentry><refentrytitle>inetd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
341 daemon. This setting defaults to
342 <option>null</option>.</para></listitem>
345 <term><varname>StandardOutput=</varname></term>
346 <listitem><para>Controls where file
347 descriptor 1 (STDOUT) of the executed
348 processes is connected to. Takes one
349 of <option>inherit</option>,
350 <option>null</option>,
351 <option>tty</option>,
352 <option>syslog</option>,
353 <option>kmsg</option> or
354 <option>socket</option>. If set to
355 <option>inherit</option> the file
356 descriptor of standard input is
357 duplicated for standard output. If set
358 to <option>null</option> standard
359 output will be connected to
360 <filename>/dev/null</filename>,
361 i.e. everything written to it will be
362 lost. If set to <option>tty</option>
363 standard output will be connected to a
364 tty (as configured via
365 <varname>TTYPath=</varname>, see
366 below). If the TTY is used for output
367 only the executed process will not
368 become the controlling process of the
369 terminal, and will not fail or wait
370 for other processes to release the
371 terminal. <option>syslog</option>
372 connects standard output to the
373 <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
374 system logger. <option>kmsg</option>
375 connects it with the kernel log buffer
376 which is accessible via
377 <citerefentry><refentrytitle>dmesg</refentrytitle><manvolnum>1</manvolnum></citerefentry>. <option>socket</option>
378 connects standard output to a socket
379 from socket activation, semantics are
380 similar to the respective option of
381 <varname>StandardInput=</varname>.
382 This setting defaults to
383 <option>inherit</option>.</para></listitem>
386 <term><varname>StandardError=</varname></term>
387 <listitem><para>Controls where file
388 descriptor 2 (STDERR) of the executed
389 processes is connected to. The
390 available options are identical to
392 <varname>StandardOutput=</varname>,
393 with one exception: if set to
394 <option>inherit</option> the file
395 descriptor used for standard output is
396 duplicated for standard error. This
398 <option>inherit</option>.</para></listitem>
401 <term><varname>TTYPath=</varname></term>
402 <listitem><para>Sets the terminal
403 device node to use if standard input,
404 output or stderr are connected to a
405 TTY (see above). Defaults to
406 <filename>/dev/console</filename>.</para></listitem>
409 <term><varname>SyslogIdentifer=</varname></term>
410 <listitem><para>Sets the process name
411 to prefix log lines sent to syslog or
412 the kernel log buffer with. If not set
413 defaults to the process name of the
414 executed process. This option is only
416 <varname>StandardOutput=</varname> or
417 <varname>StandardError=</varname> are
418 set to <option>syslog</option> or
419 <option>kmsg</option>.</para></listitem>
422 <term><varname>SyslogFacility=</varname></term>
423 <listitem><para>Sets the syslog
424 facility to use when logging to
425 syslog. One of <option>kern</option>,
426 <option>user</option>,
427 <option>mail</option>,
428 <option>daemon</option>,
429 <option>auth</option>,
430 <option>syslog</option>,
431 <option>lpr</option>,
432 <option>news</option>,
433 <option>uucp</option>,
434 <option>cron</option>,
435 <option>authpriv</option>,
436 <option>ftp</option>,
437 <option>local0</option>,
438 <option>local1</option>,
439 <option>local2</option>,
440 <option>local3</option>,
441 <option>local4</option>,
442 <option>local5</option>,
443 <option>local6</option> or
444 <option>local7</option>. See
445 <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
446 for details. This option is only
448 <varname>StandardOutput=</varname> or
449 <varname>StandardError=</varname> are
450 set to <option>syslog</option>.
452 <option>daemon</option>.</para></listitem>
455 <term><varname>SyslogLevel=</varname></term>
456 <listitem><para>Default syslog level
457 to use when logging to syslog or the
458 kernel log buffer. One of
459 <option>emerg</option>,
460 <option>alert</option>,
461 <option>crit</option>,
462 <option>err</option>,
463 <option>warning</option>,
464 <option>notice</option>,
465 <option>info</option>,
466 <option>debug</option>. See
467 <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>
468 for details. This option is only
470 <varname>StandardOutput=</varname> or
471 <varname>StandardError=</varname> are
472 set to <option>syslog</option> or
473 <option>kmsg</option>. Note that
474 individual lines output by the daemon
475 might be prefixed with a different log
476 level which can be used to override
477 the default log level specified
478 here. The interpretation of these
479 prefixes may be disabled with
480 <varname>SyslogLevelPrefix=</varname>,
481 see below. For details see
482 <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
485 <option>info</option>.</para></listitem>
489 <term><varname>SyslogLevelPrefix=</varname></term>
490 <listitem><para>Takes a boolean
491 argument. If true and
492 <varname>StandardOutput=</varname> or
493 <varname>StandardError=</varname> are
494 set to <option>syslog</option> or
495 <option>kmsg</option> log lines
496 written by the executed process that
497 are prefixed with a log level will be
498 passed on to syslog with this log
499 level set but the prefix removed. If
500 set to false, the interpretation of
501 these prefixes is disabled and the
502 logged lines are passed on as-is. For
503 details about this prefixing see
504 <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
505 Defaults to true.</para></listitem>
509 <term><varname>TimerSlackNSec=</varname></term>
510 <listitem><para>Sets the timer slack
511 in nanoseconds for the executed
512 processes. The timer slack controls the
513 accuracy of wake-ups triggered by
515 <citerefentry><refentrytitle>prctl</refentrytitle><manvolnum>2</manvolnum></citerefentry>
516 for more information. Note that in
517 contrast to most other time span
518 definitions this parameter takes an
519 integer value in nano-seconds and does
520 not understand any other
521 units.</para></listitem>
525 <term><varname>LimitCPU=</varname></term>
526 <term><varname>LimitFSIZE=</varname></term>
527 <term><varname>LimitDATA=</varname></term>
528 <term><varname>LimitSTACK=</varname></term>
529 <term><varname>LimitCORE=</varname></term>
530 <term><varname>LimitRSS=</varname></term>
531 <term><varname>LimitNOFILE=</varname></term>
532 <term><varname>LimitAS=</varname></term>
533 <term><varname>LimitNPROC=</varname></term>
534 <term><varname>LimitMEMLOCK=</varname></term>
535 <term><varname>LimitLOCKS=</varname></term>
536 <term><varname>LimitSIGPENDING=</varname></term>
537 <term><varname>LimitMSGQUEUE=</varname></term>
538 <term><varname>LimitNICE=</varname></term>
539 <term><varname>LimitRTPRIO=</varname></term>
540 <term><varname>LimitRTTIME=</varname></term>
541 <listitem><para>These settings control
542 various resource limits for executed
544 <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry>
545 for details.</para></listitem>
549 <term><varname>PAMName=</varname></term>
550 <listitem><para>Sets the PAM service
551 name to set up a session as. If set
552 the executed process will be
553 registered as a PAM session under the
554 specified service name. This is only
555 useful in conjunction with the
556 <varname>User=</varname> setting. If
557 not set no PAM session will be opened
558 for the executed processes. See
559 <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry>
560 for details.</para></listitem>
564 <term><varname>TCPWrapName=</varname></term>
565 <listitem><para>If this is a
566 socket-activated service this sets the
567 tcpwrap service name to check the
568 permission for the current connection
569 with. This is only useful in
570 conjunction with socket-activated
571 services, and stream sockets (TCP) in
572 particular. It has no effect on other
573 socket types (e.g. datagram/UDP) and on processes
574 unrelated to socket-based
575 activation. If the tcpwrap
576 verification fails daemon start-up
577 will fail and the connection is
579 <citerefentry><refentrytitle>tcpd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
580 for details.</para></listitem>
584 <term><varname>Capabilities=</varname></term>
585 <listitem><para>Controls the
586 <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
587 set for the executed process. Take a
588 capability string as described in
589 <citerefentry><refentrytitle>cap_from_text</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
590 Note that this capability set is
591 usually influenced by the capabilities
592 attached to the executed
593 file.</para></listitem>
597 <term><varname>SecureBits=</varname></term>
598 <listitem><para>Controls the secure
599 bits set for the executed process. See
600 <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
601 for details. Takes a list of strings:
602 <option>keep-caps</option>,
603 <option>keep-caps-locked</option>,
604 <option>no-setuid-fixup</option>,
605 <option>no-setuid-fixup-locked</option>,
606 <option>no-setuid-noroot</option> and/or
607 <option>no-setuid-noroot-locked</option>.
612 <term><varname>CapabilityBoundingSetDrop=</varname></term>
614 <listitem><para>Controls the
615 capability bounding set drop set for
616 the executed process. See
617 <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry>
618 for details. Takes a list of
619 capability names as read by
620 <citerefentry><refentrytitle>cap_from_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
625 <term><varname>ControlGroup=</varname></term>
627 <listitem><para>Controls the control
628 groups the executed processes shall be
629 made members of. Takes a
630 space-separated list of cgroup
631 identifiers. A cgroup identifier has a
633 <filename>cpu:/foo/bar</filename>,
634 where "cpu" identifies the kernel
635 control group controller used, and
636 <filename>/foo/bar</filename> is the
637 control group path. The controller name
638 and ":" may be omitted in which case
639 the named systemd control group
640 hierarchy is implied. Alternatively,
641 the path and ":" may be omitted, in
642 which case the default control group
643 path for this unit is implied. This
644 option may be used to place executed
645 processes in arbitrary groups in
646 arbitrary hierachies -- which can be
647 configured externally with additional execution limits. By default
648 systemd will place all executed
649 processes in separate per-unit control
650 groups (named after the unit) in the
651 systemd named hierarchy. Since every
652 process can be in one group per
653 hierarchy only overriding the control group
654 path in the named systemd hierarchy
655 will disable automatic placement in
656 the default group. For details about control
658 url="http://www.kernel.org/doc/Documentation/cgroups/cgroups.txt">cgroups.txt</ulink>.</para></listitem>
662 <term><varname>ReadWriteDirectories=</varname></term>
663 <term><varname>ReadOnlyDirectories=</varname></term>
664 <term><varname>InaccessibleDirectories=</varname></term>
666 <listitem><para>Sets up a new
667 file-system name space for executed
668 processes. These options may be used
669 to limit access a process might have
670 to the main file-system
671 hierarchy. Each setting takes a
672 space-separated list of absolute
673 directory paths. Directories listed in
674 <varname>ReadWriteDirectories=</varname>
675 are accessible from within the
676 namespace with the same access rights
677 as from outside. Directories listed in
678 <varname>ReadOnlyDirectories=</varname>
679 are accessible for reading only,
680 writing will be refused even if the
681 usual file access controls would
682 permit this. Directories listed in
683 <varname>InaccessibleDirectories=</varname>
684 will be made inaccesible for processes
685 inside the namespace. Note that
686 restricting access with these options
687 does not extend to submounts of a
688 directory. You must list submounts
689 separately in these settings to
690 ensure the same limited access. These
691 options may be specified more than
692 once in which case all directories
693 listed will have limited access from
695 namespace.</para></listitem>
699 <term><varname>PrivateTmp=</varname></term>
701 <listitem><para>Takes a boolean
702 argument. If true sets up a new
703 namespace for the executed processes
705 <filename>/tmp</filename> directory
706 inside it, that is not shared by
707 processes outside of the
708 namespace. This is useful to secure
709 access to temporary files of the
710 process, but makes sharing between
712 <filename>/tmp</filename>
713 impossible. Defaults to false.</para></listitem>
717 <term><varname>MountFlags=</varname></term>
719 <listitem><para>Takes a mount
721 <option>shared</option>,
722 <option>slave</option> or
723 <option>private</option>, which
724 control whether namespaces set up with
725 <varname>ReadWriteDirectories=</varname>,
726 <varname>ReadOnlyDirectories=</varname>
728 <varname>InaccessibleDirectories=</varname>
729 receive or propagate new mounts
730 from/to the main namespace. See
731 <citerefentry><refentrytitle>mount</refentrytitle><manvolnum>1</manvolnum></citerefentry>
732 for details. Defaults to
733 <option>shared</option>, i.e. the new
734 namespace will both receive new mount
735 points from the main namespace as well
736 as propagate new mounts to
737 it.</para></listitem>
741 <term><varname>UtmpIdentifier=</varname></term>
743 <listitem><para>Takes a a four
744 character identifier string for an
745 utmp/wtmp entry for this service. This
746 should only be set for services such
747 as <command>getty</command>
748 implementations where utmp/wtmp
749 entries must be created and cleared
750 before and after execution. If the
751 configured string is longer than four
752 characters it is truncated and the
753 terminal four characters are
754 used. This setting interprets %I style
755 string replacements. This setting is
756 unset by default, i.e. no utmp/wtmp
757 entries are created or cleaned up for
758 this service.</para></listitem>
765 <title>See Also</title>
767 <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
768 <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
769 <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
770 <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
771 <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
772 <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
773 <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>