diff options
| author | Anthony G. Basile <blueness@gentoo.org> | 2012-11-15 10:33:16 -0500 |
|---|---|---|
| committer | Anthony G. Basile <blueness@gentoo.org> | 2012-11-15 10:33:16 -0500 |
| commit | 7d4a62f8c1404ed426500b97af03d4ef8d034a71 (patch) | |
| tree | 2436cd4f0460a3a3d589875d4ffba55556f3c582 /man/systemd.exec.xml | |
| parent | 2944f347d087ff24ec808e4b70fe104a772a97a0 (diff) | |
Isolation of udev code from remaining systemd
This commit is a first attempt to isolate the udev code from the
remaining code base. It intentionally does not modify any files
but purely delete files which, on a first examination, appear to
not be needed. This is a sweeping commit which may easily have
missed needed code. Files can be retrieved by doing a checkout
from the previous commit:
git checkout 2944f347d0 -- <filename>
Diffstat (limited to 'man/systemd.exec.xml')
| -rw-r--r-- | man/systemd.exec.xml | 1154 |
1 files changed, 0 insertions, 1154 deletions
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml deleted file mode 100644 index 7b6514375d..0000000000 --- a/man/systemd.exec.xml +++ /dev/null @@ -1,1154 +0,0 @@ -<?xml version='1.0'?> <!--*-nxml-*--> -<?xml-stylesheet type="text/xsl" href="http://docbook.sourceforge.net/release/xsl/current/xhtml/docbook.xsl"?> -<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN" - "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd"> - -<!-- - This file is part of systemd. - - Copyright 2010 Lennart Poettering - - systemd is free software; you can redistribute it and/or modify it - under the terms of the GNU Lesser General Public License as published by - the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - systemd is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with systemd; If not, see <http://www.gnu.org/licenses/>. ---> - -<refentry id="systemd.exec"> - <refentryinfo> - <title>systemd.exec</title> - <productname>systemd</productname> - - <authorgroup> - <author> - <contrib>Developer</contrib> - <firstname>Lennart</firstname> - <surname>Poettering</surname> - <email>lennart@poettering.net</email> - </author> - </authorgroup> - </refentryinfo> - - <refmeta> - <refentrytitle>systemd.exec</refentrytitle> - <manvolnum>5</manvolnum> - </refmeta> - - <refnamediv> - <refname>systemd.exec</refname> - <refpurpose>Execution environment configuration</refpurpose> - </refnamediv> - - <refsynopsisdiv> - <para><filename>systemd.service</filename>, - <filename>systemd.socket</filename>, - <filename>systemd.mount</filename>, - <filename>systemd.swap</filename></para> - </refsynopsisdiv> - - <refsect1> - <title>Description</title> - - <para>Unit configuration files for services, sockets, - mount points and swap devices share a subset of - configuration options which define the execution - environment of spawned processes.</para> - - <para>This man page lists the configuration options - shared by these four unit types. See - <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry> - for the common options of all unit configuration - files, and - <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>, - <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>, - <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry> - and - <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry> - for more information on the specific unit - configuration files. The execution specific - configuration options are configured in the [Service], - [Socket], [Mount], or [Swap] sections, depending on the unit - type.</para> - </refsect1> - - <refsect1> - <title>Options</title> - - <variablelist> - - <varlistentry> - <term><varname>WorkingDirectory=</varname></term> - - <listitem><para>Takes an absolute - directory path. Sets the working - directory for executed processes. If - not set defaults to the root directory - when systemd is running as a system - instance and the respective user's - home directory if run as - user.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>RootDirectory=</varname></term> - - <listitem><para>Takes an absolute - directory path. Sets the root - directory for executed processes, with - the - <citerefentry><refentrytitle>chroot</refentrytitle><manvolnum>2</manvolnum></citerefentry> - system call. If this is used it must - be ensured that the process and all - its auxiliary files are available in - the <function>chroot()</function> - jail.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>User=</varname></term> - <term><varname>Group=</varname></term> - - <listitem><para>Sets the Unix user - or group that the processes are executed - as, respectively. Takes a single user or group - name or ID as argument. If no group is - set, the default group of the user is - chosen.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>SupplementaryGroups=</varname></term> - - <listitem><para>Sets the supplementary - Unix groups the processes are executed - as. This takes a space separated list - of group names or IDs. This option may - be specified more than once in which - case all listed groups are set as - supplementary groups. This option does - not override but extends the list of - supplementary groups configured in the - system group database for the - user.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>Nice=</varname></term> - - <listitem><para>Sets the default nice - level (scheduling priority) for - executed processes. Takes an integer - between -20 (highest priority) and 19 - (lowest priority). See - <citerefentry><refentrytitle>setpriority</refentrytitle><manvolnum>2</manvolnum></citerefentry> - for details.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>OOMScoreAdjust=</varname></term> - - <listitem><para>Sets the adjustment - level for the Out-Of-Memory killer for - executed processes. Takes an integer - between -1000 (to disable OOM killing - for this process) and 1000 (to make - killing of this process under memory - pressure very likely). See <ulink - url="http://www.kernel.org/doc/Documentation/filesystems/proc.txt">proc.txt</ulink> - for details.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>IOSchedulingClass=</varname></term> - - <listitem><para>Sets the IO scheduling - class for executed processes. Takes an - integer between 0 and 3 or one of the - strings <option>none</option>, - <option>realtime</option>, - <option>best-effort</option> or - <option>idle</option>. See - <citerefentry><refentrytitle>ioprio_set</refentrytitle><manvolnum>2</manvolnum></citerefentry> - for details.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>IOSchedulingPriority=</varname></term> - - <listitem><para>Sets the IO scheduling - priority for executed processes. Takes - an integer between 0 (highest - priority) and 7 (lowest priority). The - available priorities depend on the - selected IO scheduling class (see - above). See - <citerefentry><refentrytitle>ioprio_set</refentrytitle><manvolnum>2</manvolnum></citerefentry> - for details.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>CPUSchedulingPolicy=</varname></term> - - <listitem><para>Sets the CPU - scheduling policy for executed - processes. Takes one of - <option>other</option>, - <option>batch</option>, - <option>idle</option>, - <option>fifo</option> or - <option>rr</option>. See - <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry> - for details.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>CPUSchedulingPriority=</varname></term> - - <listitem><para>Sets the CPU - scheduling priority for executed - processes. Takes an integer between 1 - (lowest priority) and 99 (highest - priority). The available priority - range depends on the selected CPU - scheduling policy (see above). See - <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry> - for details.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>CPUSchedulingResetOnFork=</varname></term> - - <listitem><para>Takes a boolean - argument. If true elevated CPU - scheduling priorities and policies - will be reset when the executed - processes fork, and can hence not leak - into child processes. See - <citerefentry><refentrytitle>sched_setscheduler</refentrytitle><manvolnum>2</manvolnum></citerefentry> - for details. Defaults to false.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>CPUAffinity=</varname></term> - - <listitem><para>Controls the CPU - affinity of the executed - processes. Takes a space-separated - list of CPU indexes. See - <citerefentry><refentrytitle>sched_setaffinity</refentrytitle><manvolnum>2</manvolnum></citerefentry> - for details.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>UMask=</varname></term> - - <listitem><para>Controls the file mode - creation mask. Takes an access mode in - octal notation. See - <citerefentry><refentrytitle>umask</refentrytitle><manvolnum>2</manvolnum></citerefentry> - for details. Defaults to - 0022.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>Environment=</varname></term> - - <listitem><para>Sets environment - variables for executed - processes. Takes a space-separated - list of variable assignments. This - option may be specified more than once - in which case all listed variables - will be set. If the same variable is - set twice the later setting will - override the earlier setting. See - <citerefentry><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry> - for details.</para></listitem> - </varlistentry> - <varlistentry> - <term><varname>EnvironmentFile=</varname></term> - <listitem><para>Similar to - <varname>Environment=</varname> but - reads the environment variables from a - text file. The text file should - contain new-line separated variable - assignments. Empty lines and lines - starting with ; or # will be ignored, - which may be used for commenting. The - parser strips leading and - trailing whitespace from the values - of assignments, unless you use - double quotes ("). - The - argument passed should be an absolute - file name, optionally prefixed with - "-", which indicates that if the file - does not exist it won't be read and no - error or warning message is - logged. The files listed with this - directive will be read shortly before - the process is executed. Settings from - these files override settings made - with - <varname>Environment=</varname>. If - the same variable is set twice from - these files the files will be read in - the order they are specified and the - later setting will override the - earlier setting. </para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>StandardInput=</varname></term> - <listitem><para>Controls where file - descriptor 0 (STDIN) of the executed - processes is connected to. Takes one - of <option>null</option>, - <option>tty</option>, - <option>tty-force</option>, - <option>tty-fail</option> or - <option>socket</option>. If - <option>null</option> is selected - standard input will be connected to - <filename>/dev/null</filename>, - i.e. all read attempts by the process - will result in immediate EOF. If - <option>tty</option> is selected - standard input is connected to a TTY - (as configured by - <varname>TTYPath=</varname>, see - below) and the executed process - becomes the controlling process of the - terminal. If the terminal is already - being controlled by another process the - executed process waits until the current - controlling process releases the - terminal. - <option>tty-force</option> - is similar to <option>tty</option>, - but the executed process is forcefully - and immediately made the controlling - process of the terminal, potentially - removing previous controlling - processes from the - terminal. <option>tty-fail</option> is - similar to <option>tty</option> but if - the terminal already has a controlling - process start-up of the executed - process fails. The - <option>socket</option> option is only - valid in socket-activated services, - and only when the socket configuration - file (see - <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry> - for details) specifies a single socket - only. If this option is set standard - input will be connected to the socket - the service was activated from, which - is primarily useful for compatibility - with daemons designed for use with the - traditional - <citerefentry><refentrytitle>inetd</refentrytitle><manvolnum>8</manvolnum></citerefentry> - daemon. This setting defaults to - <option>null</option>.</para></listitem> - </varlistentry> - <varlistentry> - <term><varname>StandardOutput=</varname></term> - <listitem><para>Controls where file - descriptor 1 (STDOUT) of the executed - processes is connected to. Takes one - of <option>inherit</option>, - <option>null</option>, - <option>tty</option>, - <option>syslog</option>, - <option>kmsg</option>, - <option>journal</option>, - <option>syslog+console</option>, - <option>kmsg+console</option>, - <option>journal+console</option> or - <option>socket</option>. If set to - <option>inherit</option> the file - descriptor of standard input is - duplicated for standard output. If set - to <option>null</option> standard - output will be connected to - <filename>/dev/null</filename>, - i.e. everything written to it will be - lost. If set to <option>tty</option> - standard output will be connected to a - tty (as configured via - <varname>TTYPath=</varname>, see - below). If the TTY is used for output - only the executed process will not - become the controlling process of the - terminal, and will not fail or wait - for other processes to release the - terminal. <option>syslog</option> - connects standard output to the - <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry> - system syslog - service. <option>kmsg</option> - connects it with the kernel log buffer - which is accessible via - <citerefentry><refentrytitle>dmesg</refentrytitle><manvolnum>1</manvolnum></citerefentry>. <option>journal</option> - connects it with the journal which is - accessible via - <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> - (Note that everything that is written - to syslog or kmsg is implicitly stored - in the journal as well, those options - are hence supersets of this - one). <option>syslog+console</option>, - <option>journal+console</option> and - <option>kmsg+console</option> work - similarly but copy the output to the - system console as - well. <option>socket</option> connects - standard output to a socket from - socket activation, semantics are - similar to the respective option of - <varname>StandardInput=</varname>. - This setting defaults to the value set - with - <option>DefaultStandardOutput=</option> - in - <citerefentry><refentrytitle>systemd.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, - which defaults to - <option>journal</option>.</para></listitem> - </varlistentry> - <varlistentry> - <term><varname>StandardError=</varname></term> - <listitem><para>Controls where file - descriptor 2 (STDERR) of the executed - processes is connected to. The - available options are identical to - those of - <varname>StandardOutput=</varname>, - with one exception: if set to - <option>inherit</option> the file - descriptor used for standard output is - duplicated for standard error. This - setting defaults to the value set with - <option>DefaultStandardError=</option> - in - <citerefentry><refentrytitle>systemd.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>, - which defaults to - <option>inherit</option>.</para></listitem> - </varlistentry> - <varlistentry> - <term><varname>TTYPath=</varname></term> - <listitem><para>Sets the terminal - device node to use if standard input, - output or stderr are connected to a - TTY (see above). Defaults to - <filename>/dev/console</filename>.</para></listitem> - </varlistentry> - <varlistentry> - <term><varname>TTYReset=</varname></term> - <listitem><para>Reset the terminal - device specified with - <varname>TTYPath=</varname> before and - after execution. Defaults to - <literal>no</literal>.</para></listitem> - </varlistentry> - <varlistentry> - <term><varname>TTYVHangup=</varname></term> - <listitem><para>Disconnect all clients - which have opened the terminal device - specified with - <varname>TTYPath=</varname> - before and after execution. Defaults - to - <literal>no</literal>.</para></listitem> - </varlistentry> - <varlistentry> - <term><varname>TTYVTDisallocate=</varname></term> - <listitem><para>If the terminal - device specified with - <varname>TTYPath=</varname> is a - virtual console terminal try to - deallocate the TTY before and after - execution. This ensures that the - screen and scrollback buffer is - cleared. Defaults to - <literal>no</literal>.</para></listitem> - </varlistentry> - <varlistentry> - <term><varname>SyslogIdentifier=</varname></term> - <listitem><para>Sets the process name - to prefix log lines sent to syslog or - the kernel log buffer with. If not set - defaults to the process name of the - executed process. This option is only - useful when - <varname>StandardOutput=</varname> or - <varname>StandardError=</varname> are - set to <option>syslog</option> or - <option>kmsg</option>.</para></listitem> - </varlistentry> - <varlistentry> - <term><varname>SyslogFacility=</varname></term> - <listitem><para>Sets the syslog - facility to use when logging to - syslog. One of <option>kern</option>, - <option>user</option>, - <option>mail</option>, - <option>daemon</option>, - <option>auth</option>, - <option>syslog</option>, - <option>lpr</option>, - <option>news</option>, - <option>uucp</option>, - <option>cron</option>, - <option>authpriv</option>, - <option>ftp</option>, - <option>local0</option>, - <option>local1</option>, - <option>local2</option>, - <option>local3</option>, - <option>local4</option>, - <option>local5</option>, - <option>local6</option> or - <option>local7</option>. See - <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry> - for details. This option is only - useful when - <varname>StandardOutput=</varname> or - <varname>StandardError=</varname> are - set to <option>syslog</option>. - Defaults to - <option>daemon</option>.</para></listitem> - </varlistentry> - <varlistentry> - <term><varname>SyslogLevel=</varname></term> - <listitem><para>Default syslog level - to use when logging to syslog or the - kernel log buffer. One of - <option>emerg</option>, - <option>alert</option>, - <option>crit</option>, - <option>err</option>, - <option>warning</option>, - <option>notice</option>, - <option>info</option>, - <option>debug</option>. See - <citerefentry><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry> - for details. This option is only - useful when - <varname>StandardOutput=</varname> or - <varname>StandardError=</varname> are - set to <option>syslog</option> or - <option>kmsg</option>. Note that - individual lines output by the daemon - might be prefixed with a different log - level which can be used to override - the default log level specified - here. The interpretation of these - prefixes may be disabled with - <varname>SyslogLevelPrefix=</varname>, - see below. For details see - <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>. - - Defaults to - <option>info</option>.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>SyslogLevelPrefix=</varname></term> - <listitem><para>Takes a boolean - argument. If true and - <varname>StandardOutput=</varname> or - <varname>StandardError=</varname> are - set to <option>syslog</option>, - <option>kmsg</option> or - <option>journal</option>, log lines - written by the executed process that - are prefixed with a log level will be - passed on to syslog with this log - level set but the prefix removed. If - set to false, the interpretation of - these prefixes is disabled and the - logged lines are passed on as-is. For - details about this prefixing see - <citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>. - Defaults to true.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>TimerSlackNSec=</varname></term> - <listitem><para>Sets the timer slack - in nanoseconds for the executed - processes. The timer slack controls - the accuracy of wake-ups triggered by - timers. See - <citerefentry><refentrytitle>prctl</refentrytitle><manvolnum>2</manvolnum></citerefentry> - for more information. Note that in - contrast to most other time span - definitions this parameter takes an - integer value in nano-seconds if no - unit is specified. The usual time - units are understood - too.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>LimitCPU=</varname></term> - <term><varname>LimitFSIZE=</varname></term> - <term><varname>LimitDATA=</varname></term> - <term><varname>LimitSTACK=</varname></term> - <term><varname>LimitCORE=</varname></term> - <term><varname>LimitRSS=</varname></term> - <term><varname>LimitNOFILE=</varname></term> - <term><varname>LimitAS=</varname></term> - <term><varname>LimitNPROC=</varname></term> - <term><varname>LimitMEMLOCK=</varname></term> - <term><varname>LimitLOCKS=</varname></term> - <term><varname>LimitSIGPENDING=</varname></term> - <term><varname>LimitMSGQUEUE=</varname></term> - <term><varname>LimitNICE=</varname></term> - <term><varname>LimitRTPRIO=</varname></term> - <term><varname>LimitRTTIME=</varname></term> - <listitem><para>These settings control - various resource limits for executed - processes. See - <citerefentry><refentrytitle>setrlimit</refentrytitle><manvolnum>2</manvolnum></citerefentry> - for details. Use the string - <varname>infinity</varname> to - configure no limit on a specific - resource.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>PAMName=</varname></term> - <listitem><para>Sets the PAM service - name to set up a session as. If set - the executed process will be - registered as a PAM session under the - specified service name. This is only - useful in conjunction with the - <varname>User=</varname> setting. If - not set no PAM session will be opened - for the executed processes. See - <citerefentry><refentrytitle>pam</refentrytitle><manvolnum>8</manvolnum></citerefentry> - for details.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>TCPWrapName=</varname></term> - <listitem><para>If this is a - socket-activated service this sets the - tcpwrap service name to check the - permission for the current connection - with. This is only useful in - conjunction with socket-activated - services, and stream sockets (TCP) in - particular. It has no effect on other - socket types (e.g. datagram/UDP) and - on processes unrelated to socket-based - activation. If the tcpwrap - verification fails daemon start-up - will fail and the connection is - terminated. See - <citerefentry><refentrytitle>tcpd</refentrytitle><manvolnum>8</manvolnum></citerefentry> - for details. Note that this option may - be used to do access control checks - only. Shell commands and commands - described in - <citerefentry><refentrytitle>hosts_options</refentrytitle><manvolnum>5</manvolnum></citerefentry> - are not supported.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>CapabilityBoundingSet=</varname></term> - - <listitem><para>Controls which - capabilities to include in the - capability bounding set for the - executed process. See - <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry> - for details. Takes a whitespace - separated list of capability names as - read by - <citerefentry><refentrytitle>cap_from_name</refentrytitle><manvolnum>3</manvolnum></citerefentry>. - Capabilities listed will be included - in the bounding set, all others are - removed. If the list of capabilities - is prefixed with ~ all but the listed - capabilities will be included, the - effect of the assignment - inverted. Note that this option also - effects the respective capabilities in - the effective, permitted and - inheritable capability sets, on top of - what <varname>Capabilities=</varname> - does. If this option is not used the - capability bounding set is not - modified on process execution, hence - no limits on the capabilities of the - process are - enforced.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>SecureBits=</varname></term> - <listitem><para>Controls the secure - bits set for the executed process. See - <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry> - for details. Takes a list of strings: - <option>keep-caps</option>, - <option>keep-caps-locked</option>, - <option>no-setuid-fixup</option>, - <option>no-setuid-fixup-locked</option>, - <option>noroot</option> and/or - <option>noroot-locked</option>. - </para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>Capabilities=</varname></term> - <listitem><para>Controls the - <citerefentry><refentrytitle>capabilities</refentrytitle><manvolnum>7</manvolnum></citerefentry> - set for the executed process. Take a - capability string describing the - effective, permitted and inherited - capability sets as documented in - <citerefentry><refentrytitle>cap_from_text</refentrytitle><manvolnum>3</manvolnum></citerefentry>. - Note that these capability sets are - usually influenced by the capabilities - attached to the executed file. Due to - that - <varname>CapabilityBoundingSet=</varname> - is probably the much more useful - setting.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>ControlGroup=</varname></term> - - <listitem><para>Controls the control - groups the executed processes shall be - made members of. Takes a - space-separated list of cgroup - identifiers. A cgroup identifier has a - format like - <filename>cpu:/foo/bar</filename>, - where "cpu" identifies the kernel - control group controller used, and - <filename>/foo/bar</filename> is the - control group path. The controller - name and ":" may be omitted in which - case the named systemd control group - hierarchy is implied. Alternatively, - the path and ":" may be omitted, in - which case the default control group - path for this unit is implied. This - option may be used to place executed - processes in arbitrary groups in - arbitrary hierarchies -- which can be - configured externally with additional - execution limits. By default systemd - will place all executed processes in - separate per-unit control groups - (named after the unit) in the systemd - named hierarchy. Since every process - can be in one group per hierarchy only - overriding the control group path in - the named systemd hierarchy will - disable automatic placement in the - default group. This option is - primarily intended to place executed - processes in specific paths in - specific kernel controller - hierarchies. It is however not - recommended to manipulate the service - control group path in the systemd - named hierarchy. For details about - control groups see <ulink - url="http://www.kernel.org/doc/Documentation/cgroups/cgroups.txt">cgroups.txt</ulink>.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>ControlGroupModify=</varname></term> - <listitem><para>Takes a boolean - argument. If true, the control groups - created for this unit will be owned by - the user specified with - <varname>User=</varname> (and the - appropriate group), and he/she can create - subgroups as well as add processes to - the group.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>ControlGroupPersistent=</varname></term> - <listitem><para>Takes a boolean - argument. If true, the control groups - created for this unit will be marked - to be persistent, i.e. systemd will - not remove them when stopping the - unit. The default is false, meaning - that the control groups will be - removed when the unit is stopped. For - details about the semantics of this - logic see <ulink - url="http://www.freedesktop.org/wiki/Software/systemd/PaxControlGroups">PaxControlGroups</ulink>.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>ControlGroupAttribute=</varname></term> - - <listitem><para>Set a specific control - group attribute for executed - processes, and (if needed) add the - executed processes to a cgroup in the - hierarchy of the controller the - attribute belongs to. Takes two - space-separated arguments: the - attribute name (syntax is - <literal>cpu.shares</literal> where - <literal>cpu</literal> refers to a - specific controller and - <literal>shares</literal> to the - attribute name), and the attribute - value. Example: - <literal>ControlGroupAttribute=cpu.shares - 512</literal>. If this option is used - for an attribute that belongs to a - kernel controller hierarchy the unit - is not already configured to be added - to (for example via the - <literal>ControlGroup=</literal> - option) then the unit will be added to - the controller and the default unit - cgroup path is implied. Thus, using - <varname>ControlGroupAttribute=</varname> - is in most case sufficient to make use - of control group enforcements, - explicit - <varname>ControlGroup=</varname> are - only necessary in case the implied - default control group path for a - service is not desirable. For details - about control group attributes see - <ulink - url="http://www.kernel.org/doc/Documentation/cgroups/cgroups.txt">cgroups.txt</ulink>. This - option may appear more than once, in - order to set multiple control group - attributes.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>CPUShares=</varname></term> - - <listitem><para>Assign the specified - overall CPU time shares to the - processes executed. Takes an integer - value. This controls the - <literal>cpu.shares</literal> control - group attribute, which defaults to - 1024. For details about this control - group attribute see <ulink - url="http://www.kernel.org/doc/Documentation/scheduler/sched-design-CFS.txt">sched-design-CFS.txt</ulink>.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>MemoryLimit=</varname></term> - <term><varname>MemorySoftLimit=</varname></term> - - <listitem><para>Limit the overall memory usage - of the executed processes to a certain - size. Takes a memory size in bytes. If - the value is suffixed with K, M, G or - T the specified memory size is parsed - as Kilobytes, Megabytes, Gigabytes, - or Terabytes (to the base - 1024), respectively. This controls the - <literal>memory.limit_in_bytes</literal> - and - <literal>memory.soft_limit_in_bytes</literal> - control group attributes. For details - about these control group attributes - see <ulink - url="http://www.kernel.org/doc/Documentation/cgroups/memory.txt">memory.txt</ulink>.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>DeviceAllow=</varname></term> - <term><varname>DeviceDeny=</varname></term> - - <listitem><para>Control access to - specific device nodes by the executed processes. Takes two - space separated strings: a device node - path (such as - <filename>/dev/null</filename>) - followed by a combination of r, w, m - to control reading, writing, or - creating of the specific device node - by the unit, respectively. This controls the - <literal>devices.allow</literal> - and - <literal>devices.deny</literal> - control group attributes. For details - about these control group attributes - see <ulink - url="http://www.kernel.org/doc/Documentation/cgroups/devices.txt">devices.txt</ulink>.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>BlockIOWeight=</varname></term> - - <listitem><para>Set the default or - per-device overall block IO weight - value for the executed - processes. Takes either a single - weight value (between 10 and 1000) to - set the default block IO weight, or a - space separated pair of a file path - and a weight value to specify the - device specific weight value (Example: - "/dev/sda 500"). The file path may be - specified as path to a block device - node or as any other file in which - case the backing block device of the - file system of the file is - determined. This controls the - <literal>blkio.weight</literal> and - <literal>blkio.weight_device</literal> - control group attributes, which - default to 1000. Use this option - multiple times to set weights for - multiple devices. For details about - these control group attributes see - <ulink - url="http://www.kernel.org/doc/Documentation/cgroups/blkio-controller.txt">blkio-controller.txt</ulink>.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>BlockIOReadBandwidth=</varname></term> - <term><varname>BlockIOWriteBandwidth=</varname></term> - - <listitem><para>Set the per-device - overall block IO bandwidth limit for - the executed processes. Takes a space - separated pair of a file path and a - bandwidth value (in bytes per second) - to specify the device specific - bandwidth. The file path may be - specified as path to a block device - node or as any other file in which - case the backing block device of the - file system of the file is determined. - If the bandwidth is suffixed with K, M, - G, or T the specified bandwidth is - parsed as Kilobytes, Megabytes, - Gigabytes, or Terabytes, respectively (Example: - "/dev/disk/by-path/pci-0000:00:1f.2-scsi-0:0:0:0 - 5M"). This controls the - <literal>blkio.read_bps_device</literal> - and - <literal>blkio.write_bps_device</literal> - control group attributes. Use this - option multiple times to set bandwidth - limits for multiple devices. For - details about these control group - attributes see <ulink - url="http://www.kernel.org/doc/Documentation/cgroups/blkio-controller.txt">blkio-controller.txt</ulink>.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>ReadWriteDirectories=</varname></term> - <term><varname>ReadOnlyDirectories=</varname></term> - <term><varname>InaccessibleDirectories=</varname></term> - - <listitem><para>Sets up a new - file-system name space for executed - processes. These options may be used - to limit access a process might have - to the main file-system - hierarchy. Each setting takes a - space-separated list of absolute - directory paths. Directories listed in - <varname>ReadWriteDirectories=</varname> - are accessible from within the - namespace with the same access rights - as from outside. Directories listed in - <varname>ReadOnlyDirectories=</varname> - are accessible for reading only, - writing will be refused even if the - usual file access controls would - permit this. Directories listed in - <varname>InaccessibleDirectories=</varname> - will be made inaccessible for processes - inside the namespace. Note that - restricting access with these options - does not extend to submounts of a - directory. You must list submounts - separately in these settings to - ensure the same limited access. These - options may be specified more than - once in which case all directories - listed will have limited access from - within the - namespace.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>PrivateTmp=</varname></term> - - <listitem><para>Takes a boolean - argument. If true sets up a new file - system namespace for the executed - processes and mounts a private - <filename>/tmp</filename> directory - inside it, that is not shared by - processes outside of the - namespace. This is useful to secure - access to temporary files of the - process, but makes sharing between - processes via - <filename>/tmp</filename> - impossible. Defaults to - false.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>PrivateNetwork=</varname></term> - - <listitem><para>Takes a boolean - argument. If true sets up a new - network namespace for the executed - processes and configures only the - loopback network device - <literal>lo</literal> inside it. No - other network devices will be - available to the executed process. - This is useful to securely turn off - network access by the executed - process. Defaults to - false.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>MountFlags=</varname></term> - - <listitem><para>Takes a mount - propagation flag: - <option>shared</option>, - <option>slave</option> or - <option>private</option>, which - control whether the file system - namespace set up for this unit's - processes will receive or propagate - new mounts. See - <citerefentry><refentrytitle>mount</refentrytitle><manvolnum>1</manvolnum></citerefentry> - for details. Default to - <option>shared</option>.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>UtmpIdentifier=</varname></term> - - <listitem><para>Takes a four - character identifier string for an - utmp/wtmp entry for this service. This - should only be set for services such - as <command>getty</command> - implementations where utmp/wtmp - entries must be created and cleared - before and after execution. If the - configured string is longer than four - characters it is truncated and the - terminal four characters are - used. This setting interprets %I style - string replacements. This setting is - unset by default, i.e. no utmp/wtmp - entries are created or cleaned up for - this service.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>IgnoreSIGPIPE=</varname></term> - - <listitem><para>Takes a boolean - argument. If true causes SIGPIPE to be - ignored in the executed - process. Defaults to true, since - SIGPIPE generally is useful only in - shell pipelines.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>NoNewPrivileges=</varname></term> - - <listitem><para>Takes a boolean - argument. If true ensures that the - service process and all its children - can never gain new privileges. This - option is more powerful than the respective - secure bits flags (see above), as it - also prohibits UID changes of any - kind. This is the simplest, most - effective way to ensure that a process - and its children can never elevate - privileges again.</para></listitem> - </varlistentry> - - <varlistentry> - <term><varname>SystemCallFilter=</varname></term> - - <listitem><para>Takes a space - separated list of system call - names. If this setting is used all - system calls executed by the unit - process except for the listed ones - will result in immediate process - termination with the SIGSYS signal - (whitelisting). If the first character - of the list is <literal>~</literal> - the effect is inverted: only the - listed system calls will result in - immediate process termination - (blacklisting). If this option is used - <varname>NoNewPrivileges=yes</varname> - is implied. This feature makes use of - the Secure Computing Mode 2 interfaces - of the kernel ('seccomp filtering') - and is useful for enforcing a minimal - sandboxing environment. Note that the - <function>execve</function>, - <function>rt_sigreturn</function>, - <function>sigreturn</function>, - <function>exit_group</function>, - <function>exit</function> system calls - are implicitly whitelisted and don't - need to be listed - explicitly.</para></listitem> - </varlistentry> - - </variablelist> - </refsect1> - - <refsect1> - <title>See Also</title> - <para> - <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, - <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>, - <citerefentry><refentrytitle>journalctl</refentrytitle><manvolnum>8</manvolnum></citerefentry>, - <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>, - <citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>, - <citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry>, - <citerefentry><refentrytitle>systemd.swap</refentrytitle><manvolnum>5</manvolnum></citerefentry>, - <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>, - <citerefentry><refentrytitle>systemd.kill</refentrytitle><manvolnum>5</manvolnum></citerefentry> - </para> - </refsect1> - -</refentry> |