system namespace for the executed
processes and mounts private
<filename>/tmp</filename> and
- <filename>/var/tmp</filename> directories
- inside it, that are not shared by
- processes outside of the
+ <filename>/var/tmp</filename>
+ directories inside it that are not
+ shared by processes outside of the
namespace. This is useful to secure
access to temporary files of the
process, but makes sharing between
<filename>/tmp</filename> or
<filename>/var/tmp</filename>
impossible. All temporary data created
- by service will be removed after service
- is stopped. Defaults to
- false.</para></listitem>
+ by service will be removed after
+ service is stopped. Defaults to
+ false. Note that it is possible to run
+ two or more units within the same
+ private <filename>/tmp</filename> and
+ <filename>/var/tmp</filename>
+ namespace by using the
+ <varname>JoinsNamespaceOf=</varname>
+ directive, see
+ <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ for details.</para></listitem>
</varlistentry>
<varlistentry>
available to the executed process.
This is useful to securely turn off
network access by the executed
- process. Defaults to
- false.</para></listitem>
+ process. Defaults to false. Note that
+ it is possible to run two or more
+ units within the same private network
+ namespace by using the
+ <varname>JoinsNamespaceOf=</varname>
+ directive, see
+ <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ for details.</para></listitem>
</varlistentry>
<varlistentry>
<varlistentry>
<term><varname>$USER</varname></term>
+ <term><varname>$LOGNAME</varname></term>
<term><varname>$HOME</varname></term>
+ <term><varname>$SHELL</varname></term>
- <listitem><para>User name and home
- directory. Set for the units which
+ <listitem><para>User name (twice), home
+ directory, and the login shell.
+ The variables are set for the units that
have <varname>User=</varname> set,
which includes user
<command>systemd</command> instances.
<term><varname>$XDG_VTNR</varname></term>
<listitem><para>The identifier of the
- session, and the seat name, and
+ session, the seat name, and
virtual terminal of the session. Set
by
<citerefentry><refentrytitle>pam_systemd</refentrytitle><manvolnum>8</manvolnum></citerefentry>
for login sessions.
<varname>$XDG_SEAT</varname> and
- <varname>$XDG_VTNR</varname> will be
- only set when attached to a seat and a
+ <varname>$XDG_VTNR</varname> will
+ only be set when attached to a seat and a
tty.</para></listitem>
</varlistentry>
<citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
</para></listitem>
</varlistentry>
+
+ <varlistentry>
+ <term><varname>$TERM</varname></term>
+
+ <listitem><para>Terminal type, set
+ only for units connected to a terminal
+ (<varname>StandardInput=tty</varname>,
+ <varname>StandardOutput=tty</varname>,
+ or
+ <varname>StandardError=tty</varname>).
+ See
+ <citerefentry><refentrytitle>termcap</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ </para></listitem>
+ </varlistentry>
</variablelist>
<para>Additional variables may be configured by the
<citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
- <citerefentry><refentrytitle>systemd.cgroup</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>,
<citerefentry><refentrytitle>exec</refentrytitle><manvolnum>3</manvolnum></citerefentry>
</para>