X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?a=blobdiff_plain;f=README;h=5222637c2c77c210010e36df42fdd701e1a10fa7;hb=cf1755bac0426132c21fdca519a336ce7d920277;hp=2fd95e926a924919fa48789bacb57c5375eb4482;hpb=cc219d7bab9172bc28e5c07c4346fd1d36b2272a;p=elogind.git
diff --git a/README b/README
index 2fd95e926..5222637c2 100644
--- a/README
+++ b/README
@@ -30,15 +30,13 @@ AUTHOR:
LICENSE:
LGPLv2.1+ for all code
- - except sd-readahead.[ch] which is MIT
- except src/shared/MurmurHash2.c which is Public Domain
- except src/shared/siphash24.c which is CC0 Public Domain
- except src/journal/lookup3.c which is Public Domain
- except src/udev/* which is (currently still) GPLv2, GPLv2+
REQUIREMENTS:
- Linux kernel >= 3.0
- Linux kernel >= 3.3 for loop device partition support features with nspawn
+ Linux kernel >= 3.7
Linux kernel >= 3.8 for Smack support
Kernel Config Options:
@@ -53,14 +51,14 @@ REQUIREMENTS:
CONFIG_PROC_FS
CONFIG_FHANDLE (libudev, mount and bind mount handling)
- Udev will fail to work with the legacy layout:
+ udev will fail to work with the legacy sysfs layout:
CONFIG_SYSFS_DEPRECATED=n
Legacy hotplug slows down the system and confuses udev:
CONFIG_UEVENT_HELPER_PATH=""
- Userspace firmware loading is deprecated, will go away, and
- sometimes causes problems:
+ Userspace firmware loading is not supported and should
+ be disabled in the kernel:
CONFIG_FW_LOADER_USER_HELPER=n
Some udev rules and virtualization detection relies on it:
@@ -70,20 +68,26 @@ REQUIREMENTS:
create additional symlinks in /dev/disk/ and /dev/tape:
CONFIG_BLK_DEV_BSG
- Required for PrivateNetwork in service units:
+ Required for PrivateNetwork and PrivateDevices in service units:
CONFIG_NET_NS
+ CONFIG_DEVPTS_MULTIPLE_INSTANCES
+ Note that systemd-localed.service and other systemd units use
+ PrivateNetwork and PrivateDevices so this is effectively required.
Optional but strongly recommended:
CONFIG_IPV6
CONFIG_AUTOFS4_FS
- CONFIG_TMPFS_POSIX_ACL
CONFIG_TMPFS_XATTR
+ CONFIG_{TMPFS,EXT4,XFS,BTRFS_FS,...}_POSIX_ACL
CONFIG_SECCOMP
Required for CPUShares in resource control unit settings
CONFIG_CGROUP_SCHED
CONFIG_FAIR_GROUP_SCHED
+ Required for CPUQuota in resource control unit settings
+ CONFIG_CFS_BANDWIDTH
+
For systemd-bootchart, several proc debug interfaces are required:
CONFIG_SCHEDSTATS
CONFIG_SCHED_DEBUG
@@ -108,8 +112,9 @@ REQUIREMENTS:
glibc >= 2.14
libcap
+ libmount >= 2.20 (from util-linux)
libseccomp >= 1.0.0 (optional)
- libblkid >= 2.20 (from util-linux) (optional)
+ libblkid >= 2.24 (from util-linux) (optional)
libkmod >= 15 (optional)
PAM >= 1.1.2 (optional)
libcryptsetup (optional)
@@ -117,26 +122,28 @@ REQUIREMENTS:
libacl (optional)
libselinux (optional)
liblzma (optional)
+ liblz4 >= 119 (optional)
libgcrypt (optional)
libqrencode (optional)
libmicrohttpd (optional)
libpython (optional)
+ libidn (optional)
+ gobject-introspection > 1.40.0 (optional)
+ elfutils >= 158 (optional)
make, gcc, and similar tools
During runtime, you need the following additional
dependencies:
- util-linux >= v2.19 (requires fsck -l, agetty -s),
- v2.21 required for tests in test/
+ util-linux >= v2.25 required
dbus >= 1.4.0 (strictly speaking optional, but recommended)
- sulogin (from util-linux >= 2.22 or sysvinit-tools, optional but recommended,
- required for tests in test/)
dracut (optional)
PolicyKit (optional)
When building from git, you need the following additional
dependencies:
+ pkg-config
docbook-xsl
xsltproc
automake
@@ -172,32 +179,48 @@ USERS AND GROUPS:
During runtime, the journal daemon requires the
"systemd-journal" system group to exist. New journal files will
be readable by this group (but not writable), which may be used
- to grant specific users read access.
-
- It is also recommended to grant read access to all journal
- files to the system groups "wheel" and "adm" with a command
- like the following in the post installation script of the
- package:
-
- # setfacl -nm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/
+ to grant specific users read access. In addition, system
+ groups "wheel" and "adm" will be given read-only access to
+ journal files using systemd-tmpfiles.service.
The journal gateway daemon requires the
"systemd-journal-gateway" system user and group to
exist. During execution this network facing service will drop
privileges and assume this uid/gid for security reasons.
- Similar, the NTP daemon requires the "systemd-timesync" system
+ Similarly, the NTP daemon requires the "systemd-timesync" system
user and group to exist.
- Similar, the network management daemon requires the
+ Similarly, the network management daemon requires the
"systemd-network" system user and group to exist.
- Similar, the name resolution daemon requires the
+ Similarly, the name resolution daemon requires the
"systemd-resolve" system user and group to exist.
- Similar, the kdbus dbus1 proxy daemon requires the
+ Similarly, the kdbus dbus1 proxy daemon requires the
"systemd-bus-proxy" system user and group to exist.
+NSS:
+ systemd ships with three NSS modules:
+
+ nss-myhostname resolves the local hostname to locally
+ configured IP addresses, as well as "localhost" to
+ 127.0.0.1/::1.
+
+ nss-resolve enables DNS resolution via the systemd-resolved
+ DNS/LLMNR caching stub resolver "systemd-resolved".
+
+ nss-mymachines enables resolution of all local containers
+ registered with machined to their respective IP addresses.
+
+ To make use of these NSS modules, please add them to the
+ "hosts: " line in /etc/nsswitch.conf. The "resolve" module
+ should replace the glibc "dns" module in this file.
+
+ The three modules should be used in the following order:
+
+ hosts: files mymachines resolve myhostname
+
WARNINGS:
systemd will warn you during boot if /etc/mtab is not a
symlink to /proc/mounts. Please ensure that /etc/mtab is a
@@ -224,3 +247,8 @@ WARNINGS:
(e.g. ./configure CPPFLAGS='... -DVALGRIND=1'). Otherwise,
false positives will be triggered by code which violates
some rules but is actually safe.
+
+ENGINEERING AND CONSULTING SERVICES:
+ ENDOCODE offers professional
+ engineering and consulting services for systemd. Please
+ contact Chris Kühl for more information.