X-Git-Url: https://www.chiark.greenend.org.uk/ucgi/~ianmdlvl/git?p=elogind.git;a=blobdiff_plain;f=README;h=3cd93f01f43780f08750ba159b6dcdab5abe8bc4;hp=d8b1b1296a74f7abd5f2106a771420c2a7281c94;hb=310b59edcf0a98343425a47ea5835fc670c0cda3;hpb=8ab85e2d2d9bf049e8f9a4c598ba32ff3cf19b6d diff --git a/README b/README index d8b1b1296..3cd93f01f 100644 --- a/README +++ b/README @@ -31,13 +31,61 @@ AUTHOR: LICENSE: LGPLv2.1+ for all code - except sd-daemon.[ch] and sd-readahead.[ch] which are MIT - - except src/udev/ which is GPLv2.0+ + - except src/udev/ which is (currently still) GPLv2+ REQUIREMENTS: Linux kernel >= 2.6.39 - with devtmpfs - with cgroups (but it's OK to disable all controllers) - optional but strongly recommended: autofs4, ipv6 + CONFIG_DEVTMPFS + CONFIG_CGROUPS (it's OK to disable all controllers) + CONFIG_INOTIFY_USER + CONFIG_SIGNALFD + CONFIG_TIMERFD + CONFIG_EPOLL + CONFIG_NET + CONFIG_SYSFS + + Linux kernel >= 3.8 for Smack support + + Udev will fail to work with the legacy layout: + CONFIG_SYSFS_DEPRECATED=n + + Legacy hotplug slows down the system and confuses udev: + CONFIG_UEVENT_HELPER_PATH="" + + Userspace firmware loading is deprecated, will go away, and + sometimes causes problems: + CONFIG_FW_LOADER_USER_HELPER=n + + Some udev rules and virtualization detection relies on it: + CONFIG_DMIID + + Mount and bind mount handling might require it: + CONFIG_FHANDLE + + Optional but strongly recommended: + CONFIG_IPV6 + CONFIG_AUTOFS4_FS + CONFIG_TMPFS_POSIX_ACL + CONFIG_TMPFS_XATTR + CONFIG_SECCOMP + + For systemd-bootchart a kernel with procfs support and several + proc output options enabled is required: + CONFIG_PROC_FS + CONFIG_SCHEDSTATS + CONFIG_SCHED_DEBUG + + For UEFI systems: + CONFIG_EFI_VARS + CONFIG_EFI_PARTITION + + Note that kernel auditing is broken when used with systemd's + container code. When using systemd in conjunction with + containers please make sure to either turn off auditing at + runtime using the kernel command line option "audit=0", or + turn it off at kernel compile time using: + CONFIG_AUDIT=n + dbus >= 1.4.0 libcap libblkid >= 2.20 (from util-linux) (optional) @@ -63,13 +111,6 @@ REQUIREMENTS: dracut (optional) PolicyKit (optional) - For systmed-bootchart a kernel with procfs support and several - proc output options enabled is required: - - CONFIG_PROC_FS - CONFIG_SCHEDSTATS - CONFIG_SCHED_DEBUG - When building from git you need the following additional dependencies: docbook-xsl @@ -82,6 +123,7 @@ REQUIREMENTS: gtkdocize (optional) python (optional) sphinx (optional) + python-lxml (entirely optional) When systemd-hostnamed is used it is strongly recommended to install nss-myhostname to ensure that in a world of @@ -100,6 +142,31 @@ REQUIREMENTS: being 'html' or 'latexpdf'. If using DESTDIR for installation, pass the same DESTDIR to 'make sphinx-html' invocation. +USERS AND GROUPS: + Default udev rules use the following standard system group + names, which need to be resolvable by getgrnam() at any time, + even in the very early boot stages, where no other databases + and network are available: + + tty, dialout, kmem, video, audio, lp, floppy, cdrom, tape, disk + + During runtime the journal daemon requires the + "systemd-journal" system group to exist. New journal files will + be readable by this group (but not writable) which may be used + to grant specific users read access. + + It is also recommended to grant read access to all journal + files to the system groups "wheel" and "adm" with a command + like the following in the post installation script of the + package: + + # setfacl -nm g:wheel:rx,d:g:wheel:rx,g:adm:rx,d:g:adm:rx /var/log/journal/ + + The journal gateway daemon requires the + "systemd-journal-gateway" system user and group to + exist. During execution this network facing service will drop + privileges and assume this uid/gid for security reasons. + WARNINGS: systemd will warn you during boot if /etc/mtab is not a symlink to /proc/mounts. Please ensure that /etc/mtab is a