<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
which define the execution environment the commands
are executed in, and in
- <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>
+ <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
which define the way the processes of the service are
- terminated.</para>
+ terminated, and in
+ <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ which configure resource control settings for the
+ processes of the service.</para>
<para>Unless <varname>DefaultDependencies=</varname>
is set to <option>false</option>, service units will
<para>If set to
<option>simple</option> (the default
value if <varname>BusName=</varname>
- is not specified) it is expected that
+ is not specified), it is expected that
the process configured with
<varname>ExecStart=</varname> is the
main process of the service. In this
mode, if the process offers
functionality to other processes on
- the system its communication channels
+ the system, its communication channels
should be installed before the daemon
is started up (e.g. sockets set up by
systemd, via socket activation), as
starting follow-up units.</para>
<para>If set to
- <option>forking</option> it is
+ <option>forking</option>, it is
expected that the process configured
with <varname>ExecStart=</varname>
will call <function>fork()</function>
as part of its start-up. The parent process is
expected to exit when start-up is
complete and all communication
- channels set up. The child continues
+ channels are set up. The child continues
to run as the main daemon
process. This is the behavior of
traditional UNIX daemons. If this
starting up. systemd will proceed
starting follow-up units after this
notification message has been sent. If
- this option is used
+ this option is used,
<varname>NotifyAccess=</varname> (see
below) should be set to open access to
the notification socket provided by
systemd. If
<varname>NotifyAccess=</varname> is
not set, it will be implicitly set to
- <option>main</option>.</para>
+ <option>main</option>. Note that
+ currently
+ <varname>Type=</varname><option>notify</option>
+ will not work if used in combination with
+ <varname>PrivateNetwork=</varname><option>yes</option>.</para>
<para>Behavior of
<option>idle</option> is very similar
guessing algorithm might come to
incorrect conclusions if a daemon
consists of more than one process. If
- the main PID cannot be determined
+ the main PID cannot be determined,
failure detection and automatic
restarting of a service will not work
reliably. Defaults to
<term><varname>ExecStart=</varname></term>
<listitem><para>Commands with their
arguments that are executed when this
- service is started.
- </para>
-
- <para>When
+ service is started. For each of the
+ specified commands, the first argument
+ must be an absolute and literal path
+ to an executable.</para>
+
+ <para>When <varname>Type</varname> is
+ not <option>oneshot</option>, only one
+ command may be given. When
<varname>Type=oneshot</varname> is
used, more than one command may be
specified. Multiple command lines may
(these semicolons must be passed as
separate words). Alternatively, this
directive may be specified more than
- once with the same effect. However,
- the latter syntax is not recommended
- for compatibility with parsers
- suitable for XDG
- <filename>.desktop</filename> files.
- The commands are invoked one by one
- sequentially in the order they appear
- in the unit file. When
- <varname>Type</varname> is not
- <option>oneshot</option>, only one
- command may be given. Lone semicolons
- may be escaped as
- '<literal>\;</literal>'. If the empty
- string is assigned to this option the
+ once with the same effect.
+ Lone semicolons may be escaped as
+ <literal>\;</literal>. If the empty
+ string is assigned to this option, the
list of commands to start is reset,
prior assignments of this option will
have no effect.</para>
+ <para>Each command line is split on
+ whitespace, with the first item being
+ the command to execute, and the
+ subsequent items being the arguments.
+ Double quotes ("...") and single
+ quotes ('...') may be used, in which
+ case everything until the next
+ matching quote becomes part of the
+ same argument. Quotes themselves are
+ removed after parsing. In addition, a
+ trailing backslash
+ (<literal>\</literal>) may be used to
+ merge lines. This syntax is intended
+ to be very similar to shell syntax,
+ but only the meta-characters and
+ expansions described in the following
+ paragraphs are understood.
+ Specifically, redirection using
+ <literal><</literal>,
+ <literal><<</literal>,
+ <literal>></literal>, and
+ <literal>>></literal>, pipes
+ using <literal>|</literal>, and
+ running programs in the background
+ using <literal>&</literal>
+ and <emphasis>other elements of shell
+ syntax are not supported</emphasis>.
+ </para>
+
+ <para>If more than one command is
+ specified, the commands are invoked
+ one by one sequentially in the order
+ they appear in the unit file. If one
+ of the commands fails (and is not
+ prefixed with <literal>-</literal>),
+ other lines are not executed and the
+ unit is considered failed.</para>
+
<para>Unless
<varname>Type=forking</varname> is
set, the process started via this
main process of the daemon.</para>
<para>The command line accepts
- '<literal>%</literal>' specifiers as
+ <literal>%</literal> specifiers as
described in
- <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Note
- that the first argument of the command
- line (i.e. the program to execute) may
- not include specifiers.</para>
-
- <para>On top of that basic environment
- variable substitution is
- supported. Use
+ <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ Note that the first argument of the
+ command line (i.e. the program to
+ execute) may not include
+ specifiers.</para>
+
+ <para>Basic environment variable
+ substitution is supported. Use
<literal>${FOO}</literal> as part of a
word, or as a word of its own on the
command line, in which case it will be
word on the command line, in which
case it will be replaced by the value
of the environment variable split up
- at whitespace, resulting in no or more
- arguments. Note that the first
+ at whitespace, resulting in zero or
+ more arguments. To pass a literal dollar sign,
+ use <literal>$$</literal>. Note that the first
argument (i.e. the program to execute)
- may not be a variable, and must be a
- literal and absolute path
- name.</para>
+ may not be a variable.</para>
<para>Optionally, if the absolute file
name is prefixed with
- '<literal>@</literal>', the second token
+ <literal>@</literal>, the second token
will be passed as
<literal>argv[0]</literal> to the
executed process, followed by the
further arguments specified. If the
- absolute file name is prefixed with
- '<literal>-</literal>' an exit code of
+ absolute filename is prefixed with
+ <literal>-</literal>, an exit code of
the command normally considered a
failure (i.e. non-zero exit status or
abnormal exit due to signal) is ignored
and considered success. If both
- '<literal>-</literal>' and
- '<literal>@</literal>' are used they
+ <literal>-</literal> and
+ <literal>@</literal> are used, they
can appear in either order.</para>
<para>Note that this setting does not
directly support shell command
lines. If shell command lines are to
- be used they need to be passed
+ be used, they need to be passed
explicitly to a shell implementation
- of some kind. Example:
- <literal>ExecStart=/bin/sh -c 'dmesg | tac'</literal></para>
-
- <para>For services run by a user
- instance of systemd the special
- environment variable
- <literal>MANAGERPID</literal> is set
- to the PID of the systemd
- instance.</para>
- </listitem>
+ of some kind. Example:</para>
+ <programlisting>ExecStart=/bin/sh -c 'dmesg | tac'
+ </programlisting>
+
+ <para>Only select environment variables
+ are set for executed commands. See
+ <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
+ </para>
+
+ <para>Example:</para>
+ <programlisting>ExecStart=/bin/echo one ; /bin/echo "two two"
+ </programlisting>
+ <para>This will execute
+ <command>/bin/echo</command> two
+ times, each time with one argument,
+ <literal>one</literal> and
+ <literal>two two</literal>,
+ respectively. Since two commands are
+ specified
+ <varname>Type=oneshot</varname> must
+ be used.</para>
+
+ <para>Example:</para>
+ <programlisting>ExecStart=/bin/echo / >/dev/null & \; \
+/bin/ls
+ </programlisting>
+ <para>This will execute
+ <command>/bin/echo</command> with five
+ arguments: <literal>/</literal>,
+ <literal>>/dev/null</literal>,
+ <literal>&</literal>,
+ <literal>;</literal>, and
+ <literal>/bin/ls</literal>.</para>
+
+ <para>Example:</para>
+ <programlisting>Environment="ONE=one" 'TWO=two two'
+ExecStart=/bin/echo $ONE $TWO ${TWO}
+ </programlisting>
+ <para>This will execute
+ <command>/bin/echo</command> with four
+ arguments: <literal>one</literal>,
+ <literal>two</literal>,
+ <literal>two</literal>, and
+ <literal>two two</literal>.</para>
+ </listitem>
</varlistentry>
<varlistentry>
that multiple command lines are allowed
and the commands are executed one
after the other, serially.</para>
+
+ <para>If any of those commands (not
+ prefixed with <literal>-</literal>)
+ fail, the rest are not executed and
+ the unit is considered failed.</para>
</listitem>
</varlistentry>
optional. Specifier and environment
variable substitution is supported
here following the same scheme as for
- <varname>ExecStart=</varname>. One
- additional special environment
- variables is set: if known
- <literal>$MAINPID</literal> is set to
+ <varname>ExecStart=</varname>.</para>
+
+ <para>One additional special
+ environment variables is set: if known
+ <varname>$MAINPID</varname> is set to
the main process of the daemon, and
may be used for command lines like the
- following: <command>/bin/kill -HUP
- $MAINPID</command>.</para></listitem>
+ following:</para>
+
+ <programlisting>/bin/kill -HUP $MAINPID</programlisting>
+ </listitem>
</varlistentry>
<varlistentry>
<varname>KillMode=</varname> setting
(see
<citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>). If
- this option is not specified the
+ this option is not specified, the
process is terminated right-away when
service stop is requested. Specifier
and environment variable substitution
is supported (including
- <literal>$MAINPID</literal>, see
+ <varname>$MAINPID</varname>, see
above).</para></listitem>
</varlistentry>
<term><varname>ExecStopPost=</varname></term>
<listitem><para>Additional commands
that are executed after the service
- was stopped using the commands
- configured in
- <varname>ExecStop=</varname>. This
+ was stopped. This includes cases where
+ the commands configured in
+ <varname>ExecStop=</varname> were used,
+ where the service does not have any
+ <varname>ExecStop=</varname> defined, or
+ where the service exited unexpectedly. This
argument takes multiple command lines,
following the same scheme as described
for <varname>ExecStart</varname>. Use
Takes a unit-less value in seconds, or a
time span value such as "5min
20s". Pass 0 to disable the timeout
- logic. Defaults to 90s, except when
+ logic. Defaults to <varname>TimeoutStartSec=</varname> from the
+ manager configuration file, except when
<varname>Type=oneshot</varname> is
- used in which case the timeout
+ used, in which case the timeout
is disabled by default.
</para></listitem>
</varlistentry>
wait for stop. If a service is asked
to stop but does not terminate in the
specified time, it will be terminated
- forcibly via SIGTERM, and after
+ forcibly via <constant>SIGTERM</constant>, and after
another delay of this time with
- SIGKILL (See
+ <constant>SIGKILL</constant> (See
<varname>KillMode=</varname>
in <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>).
Takes a unit-less value in seconds, or a
time span value such as "5min
20s". Pass 0 to disable the timeout
- logic. Defaults to 90s.
+ logic. Defaults to <varname>TimeoutStartSec=</varname> from the
+ manager configuration file.
</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>WatchdogSec=</varname></term>
<listitem><para>Configures the
- watchdog timeout for a service. This
- is activated when the start-up is
+ watchdog timeout for a service. The
+ watchdog is activated when the start-up is
completed. The service must call
<citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry>
regularly with "WATCHDOG=1" (i.e. the
"keep-alive ping"). If the time
between two such calls is larger than
- the configured time then the service
+ the configured time, then the service
is placed in a failure state. By
setting <varname>Restart=</varname> to
<option>on-failure</option> or
- <option>always</option> the service
+ <option>always</option>, the service
will be automatically restarted. The
time configured here will be passed to
the executed service process in the
daemons to automatically enable the
keep-alive pinging logic if watchdog
support is enabled for the service. If
- this option is used
+ this option is used,
<varname>NotifyAccess=</varname> (see
below) should be set to open access to
the notification socket provided by
<varlistentry>
<term><varname>Restart=</varname></term>
<listitem><para>Configures whether the
- main service process shall be
- restarted when it exits. Takes one of
+ service shall be restarted when the
+ service process exits, is killed,
+ or a timeout is reached. The service
+ process may be the main service
+ process, but also one of the processes
+ specified with
+ <varname>ExecStartPre=</varname>,
+ <varname>ExecStartPost=</varname>,
+ <varname>ExecStopPre=</varname>,
+ <varname>ExecStopPost=</varname>, or
+ <varname>ExecReload=</varname>.
+ When the death of the process is a
+ result of systemd operation (e.g. service
+ stop or restart), the service will not be
+ restarted. Timeouts include missing
+ the watchdog "keep-alive ping"
+ deadline and a service start, reload,
+ and stop operation timeouts.</para>
+
+ <para>Takes one of
<option>no</option>,
<option>on-success</option>,
<option>on-failure</option>,
- <option>on-abort</option> or
+ <option>on-watchdog</option>,
+ <option>on-abort</option>, or
<option>always</option>. If set to
- <option>no</option> (the default) the
- service will not be restarted when it
- exits. If set to
- <option>on-success</option> it will be
- restarted only when it exited cleanly,
- i.e. terminated with an exit code of
- 0. If set to
- <option>on-failure</option> it will be
- restarted only when it exited with an
- exit code not equaling 0, when
- terminated by a signal (including on
+ <option>no</option> (the default), the
+ service will not be restarted. If set to
+ <option>on-success</option>, it will be
+ restarted only when the service process
+ exits cleanly.
+ In this context, a clean exit means
+ an exit code of 0, or one of the signals
+ <constant>SIGHUP</constant>, <constant>SIGINT</constant>, <constant>SIGTERM</constant>, or <constant>SIGPIPE</constant>, and
+ additionally, exit statuses and signals
+ specified in <varname>SuccessExitStatus=</varname>.
+ If set to <option>on-failure</option>,
+ the service will be restarted when the
+ process exits with an nonzero exit code,
+ is terminated by a signal (including on
core dump), when an operation (such as
- service reload) times out or when the
- configured watchdog timeout is
- triggered. If set to
- <option>on-abort</option> it will be
- restarted only if it exits due to
- reception of an uncaught signal
- (including on core dump). If set to
- <option>always</option> the service
+ service reload) times out, and when the
+ configured watchdog timeout is triggered.
+ If set to
+ <option>on-abort</option>, the service
+ will be restarted only if the service
+ process exits due to an uncaught
+ signal not specified as a clean exit
+ status.
+ If set to
+ <option>on-watchdog</option>, the service
+ will be restarted only if the watchdog
+ timeout for the service expires.
+ If set to
+ <option>always</option>, the service
will be restarted regardless whether
it exited cleanly or not, got
terminated abnormally by a signal or
- hit a timeout.</para></listitem>
+ hit a timeout.</para>
+
+ <para>In addition to the above settings,
+ the service will not be restarted if the
+ exit code or signal is specified in
+ <varname>RestartPreventExitStatus=</varname>
+ (see below).</para></listitem>
</varlistentry>
<varlistentry>
by the main service process will be
considered successful termination, in
addition to the normal successful exit
- code 0 and the signals SIGHUP, SIGINT,
- SIGTERM and SIGPIPE. Exit status
+ code 0 and the signals <constant>SIGHUP</constant>, <constant>SIGINT</constant>,
+ <constant>SIGTERM</constant> and <constant>SIGPIPE</constant>. Exit status
definitions can either be numeric exit
- codes or termination signal names, and
- are separated by spaces. Example:
- "<literal>SuccessExitStatus=1 2 8
- SIGKILL</literal>", ensures that exit
+ codes or termination signal names,
+ separated by spaces. Example:
+ <literal>SuccessExitStatus=1 2 8
+ <constant>SIGKILL</constant></literal>, ensures that exit
codes 1, 2, 8 and the termination
- signal SIGKILL are considered clean
+ signal <constant>SIGKILL</constant> are considered clean
service terminations. This option may
appear more than once in which case
the list of successful exit statuses
is merged. If the empty string is
- assigned to this option the list is
+ assigned to this option, the list is
reset, all prior assignments of this
option will have no
effect.</para></listitem>
that by default no exit status is
excluded from the configured restart
logic. Example:
- "<literal>RestartPreventExitStatus=1 6
- SIGABRT</literal>", ensures that exit
+ <literal>RestartPreventExitStatus=1 6
+ SIGABRT</literal>, ensures that exit
codes 1 and 6 and the termination
signal SIGABRT will not result in
automatic service restarting. This
option may appear more than once in
which case the list of restart preventing
statuses is merged. If the empty
- string is assigned to this option the
+ string is assigned to this option, the
list is reset, all prior assignments
of this option will have no
effect.</para></listitem>
<option>none</option> (the default),
<option>main</option> or
<option>all</option>. If
- <option>none</option> no daemon status
+ <option>none</option>, no daemon status
updates are accepted from the service
processes, all status update messages
- are ignored. If <option>main</option>
+ are ignored. If <option>main</option>,
only service updates sent from the
main process of the service are
- accepted. If <option>all</option> all
+ accepted. If <option>all</option>, all
services updates from all members of
the service's control group are
accepted. This option should be set to
<varname>Type=notify</varname> or
<varname>WatchdogSec=</varname> (see
above). If those options are used but
- <varname>NotifyAccess=</varname> not
- configured it will be implicitly set
+ <varname>NotifyAccess=</varname> is not
+ configured, it will be implicitly set
to
<option>main</option>.</para></listitem>
</varlistentry>
in other words: the
<varname>Service=</varname> setting of
<filename>.socket</filename> units
- doesn't have to match the inverse of
+ does not have to match the inverse of
the <varname>Sockets=</varname>
setting of the
<filename>.service</filename> it
<para>This option may appear more than
once, in which case the list of socket
units is merged. If the empty string
- is assigned to this option the list of
+ is assigned to this option, the list of
sockets is reset, all prior uses of
this setting will have no
effect.</para></listitem>
<term><varname>StartLimitBurst=</varname></term>
<listitem><para>Configure service
- start rate limiting. By default
+ start rate limiting. By default,
services which are started more often
than 5 times within 10s are not
permitted to start any more times
until the 10s interval ends. With
- these two options this rate limiting
+ these two options, this rate limiting
may be modified. Use
<varname>StartLimitInterval=</varname>
- to configure the checking interval
- (defaults to 10s, set to 0 to disable
+ to configure the checking interval (defaults to
+ <varname>DefaultStartLimitInterval=</varname> in
+ manager configuration file, set to 0 to disable
any kind of rate limiting). Use
<varname>StartLimitBurst=</varname> to
configure how many starts per interval
- are allowed (defaults to 5). These
+ are allowed (defaults to
+ <varname>DefaultStartLimitBurst=</varname> in
+ manager configuration file). These
configuration options are particularly
useful in conjunction with
<varname>Restart=</varname>, however
range 0-99.</para></listitem>
</varlistentry>
- <varlistentry>
- <term><varname>FsckPassNo=</varname></term>
- <listitem><para>Set the fsck passno
- priority to use to order this service
- in relation to other file system
- checking services. This option is only
- necessary to fix ordering in relation
- to fsck jobs automatically created for
- all <filename>/etc/fstab</filename>
- entries with a value in the fs_passno
- column > 0. As such it should only be
- used as option for fsck
- services. Almost always it is a better
- choice to add explicit ordering
- directives via
- <varname>After=</varname> or
- <varname>Before=</varname>,
- instead. For more details see
- <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. If
- used, pass an integer value in the
- same range as
- <filename>/etc/fstab</filename>'s
- fs_passno column. See
- <citerefentry><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>
- for details.</para></listitem>
- </varlistentry>
-
</variablelist>
</refsect1>
<citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
+ <citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.directives</refentrytitle><manvolnum>7</manvolnum></citerefentry>
</para>
~ianmdlvl / elogind.git / blobdiff