summaryrefslogtreecommitdiff
path: root/man/systemd.service.xml
AgeCommit message (Collapse)Author
2016-06-10core/execute: add the magic character '!' to allow privileged execution (#3493)Alessandro Puccetti
This patch implements the new magic character '!'. By putting '!' in front of a command, systemd executes it with full privileges ignoring paramters such as User, Group, SupplementaryGroups, CapabilityBoundingSet, AmbientCapabilities, SecureBits, SystemCallFilter, SELinuxContext, AppArmorProfile, SmackProcessLabel, and RestrictAddressFamilies. Fixes partially https://github.com/systemd/systemd/issues/3414 Related to https://github.com/coreos/rkt/issues/2482 Testing: 1. Create a user 'bob' 2. Create the unit file /etc/systemd/system/exec-perm.service (You can use the example below) 3. sudo systemctl start ext-perm.service 4. Verify that the commands starting with '!' were not executed as bob, 4.1 Looking to the output of ls -l /tmp/exec-perm 4.2 Each file contains the result of the id command. ````````````````````````````````````````````````````````````````` [Unit] Description=ext-perm [Service] Type=oneshot TimeoutStartSec=0 User=bob ExecStartPre=!/usr/bin/sh -c "/usr/bin/rm /tmp/exec-perm*" ; /usr/bin/sh -c "/usr/bin/id > /tmp/exec-perm-start-pre" ExecStart=/usr/bin/sh -c "/usr/bin/id > /tmp/exec-perm-start" ; !/usr/bin/sh -c "/usr/bin/id > /tmp/exec-perm-star-2" ExecStartPost=/usr/bin/sh -c "/usr/bin/id > /tmp/exec-perm-start-post" ExecReload=/usr/bin/sh -c "/usr/bin/id > /tmp/exec-perm-reload" ExecStop=!/usr/bin/sh -c "/usr/bin/id > /tmp/exec-perm-stop" ExecStopPost=/usr/bin/sh -c "/usr/bin/id > /tmp/exec-perm-stop-post" [Install] WantedBy=multi-user.target] `````````````````````````````````````````````````````````````````
2016-04-12man: clarify that DefaultDependencies= is in the [Unit] sectionLennart Poettering
This hopefully reduces confusion resulting in issues like #2992.
2016-02-11Merge pull request #2590 from zonque/bus-endpoint-removalZbigniew Jędrzejewski-Szmek
Remove kdbus custom endpoint support
2016-02-12man: fix typosJakub Wilk
2016-02-11Remove kdbus custom endpoint supportDaniel Mack
This feature will not be used anytime soon, so remove a bit of cruft. The BusPolicy= config directive will stay around as compat noop.
2016-02-10man: document that ExecStartPost= is only run if ExecStart= succeededLennart Poettering
Fixes: #846
2016-02-10core: make the StartLimitXYZ= settings generic and apply to any kind of ↵Lennart Poettering
unit, not just services This moves the StartLimitBurst=, StartLimitInterval=, StartLimitAction=, RebootArgument= from the [Service] section into the [Unit] section of unit files, and thus support it in all unit types, not just in services. This way we can enforce the start limit much earlier, in particular before testing the unit conditions, so that repeated start-up failure due to failed conditions is also considered for the start limit logic. For compatibility the four options may also be configured in the [Service] section still, but we only document them in their new section [Unit]. This also renamed the socket unit failure code "service-failed-permanent" into "service-start-limit-hit" to express more clearly what it is about, after all it's only triggered through the start limit being hit. Finally, the code in busname_trigger_notify() and socket_trigger_notify() is altered to become more alike. Fixes: #2467
2016-02-03core: when a service's ExecStartPre= times out, skip ExecStop=Lennart Poettering
This makes sure we never run two control processes at the same time, we cannot keep track off. This introduces a slight change of behaviour but cleans up the definition of ExecStop= and ExecStopPost=. The former is now invoked only if the service managed to start-up correctly. The latter is called even if start-up failed half-way. Thus, ExecStopPost= may be used as clean-up step for both successful and failed start-up attempts, but ExecStop='s purpose is clearly defined as being responsible for shutting down the service and nothing else. The precise behaviour of this was not documented yet. This commit adds the necessary docs. Fixes: #1254
2016-02-01man: document the new RuntimeMaxSec= settingLennart Poettering
2016-01-29man: document special considerations when mixing templated service units and ↵Lennart Poettering
DefaultDependencies=no Fixes #2189.
2015-11-21man: update WatchdogSec sectionEvgeny Vereshchagin
* add info about sd_event_set_watchdog * add missing Restart values
2015-11-19man: fully document sd-event interfacesLennart Poettering
This completes the set of man pages for sd-event and contains some minor other fixes for other man pages too. The sd_event_set_name(3) man page is renamed to sd_event_source_set_description(3), which is the correct name of the concept today.
2015-11-13man: add note about sd_watchdog_enabledEvgeny Vereshchagin
2015-11-11man: document automatic dependenciesLennart Poettering
For all units ensure there's an "Automatic Dependencies" section in the man page, and explain which dependencies are automatically added in all cases, and which ones are added on top if DefaultDependencies=yes is set. This is also done for systemd.exec(5), systemd.resource-control(5) and systemd.unit(5) as these pages describe common behaviour of various unit types.
2015-11-06doc: use expanded forms for written styleJan Engelhardt
2015-11-06doc: correct orthography, word forms and missing/extraneous wordsJan Engelhardt
2015-11-06doc: correct punctuation and improve typography in documentationJan Engelhardt
2015-10-07man: fix typo ('and' -> 'are')Michal Schmidt
2015-10-01man: minor wording improvements to USB FunctionFS documentationLennart Poettering
2015-09-30man: use "=" when referring to configuration file settingsZbigniew Jędrzejewski-Szmek
This convention is almost universal in systemd man pages, and makes it easier to visually parse the docs. Also fix some markup along the way.
2015-09-30man: add link to functionfs docsZbigniew Jędrzejewski-Szmek
Also reword some ungainly grammar constructs.
2015-09-22man: Add documentation for functionfs socket activationPawel Szewczyk
2015-08-11man: Describe when ExecStartFoo= commands are run in more detailRichard Maw
Previously it was just descibed that ExecStartPost= commands were started "after" the ExecStart= command(s). This hasn't specified after which event, which varies from after it has been started, after it has exited, after it has sent READY=1 or after it has taken the bus name, depending on Type=. This now describes that it happens after the *service* has "started", as defined by the Type=, and provides some clarification about precisely when this is. This may be unnecessary duplication, but it removes the ambiguity as to whether RemainAfterExit=no means that ExecStartPost= shouldn't be started because it means the service has stopped when the ExecStart= command terminates, not "started".
2015-08-07man: clarify that unknown escapes must be escapedZbigniew Jędrzejewski-Szmek
https://bugzilla.redhat.com/show_bug.cgi?id=1251334 is about a unit file which has Environment=TERM=linux PS1=system-upgrade:\w\$\x20 We used to allow that, but after recent tightening of parsing rules, we barf. Make it clear that this is intentional.
2015-06-27systemd.service.xml: document that systemd removes the PIDFileFelipe Sateler
2015-06-22man: remove links to outdated kdbus development repositoryKay Sievers
2015-06-18man: revert dynamic paths for split-usr setupsTom Gundersen
This did not really work out as we had hoped. Trying to do this upstream introduced several problems that probably makes it better suited as a downstream patch after all. At any rate, it is not releaseable in the current state, so we at least need to revert this before the release. * by adjusting the path to binaries, but not do the same thing to the search path we end up with inconsistent man-pages. Adjusting the search path too would be quite messy, and it is not at all obvious that this is worth the effort, but at any rate it would have to be done before we could ship this. * this means that distributed man-pages does not make sense as they depend on config options, and for better or worse we are still distributing man pages, so that is something that definitely needs sorting out before we could ship with this patch. * we have long held that split-usr is only minimally supported in order to boot, and something we hope will eventually go away. So before we start adding even more magic/effort in order to make this work nicely, we should probably question if it makes sense at all.
2015-06-15man: document that ExecStop= needs a synchronous toolLennart Poettering
As requested in #199.
2015-05-28man: generate configured paths in manpagesFilipe Brandenburger
In particular, use /lib/systemd instead of /usr/lib/systemd in distributions like Debian which still have not adopted a /usr merge setup. Use XML entities from man/custom-entities.ent to replace configured paths while doing XSLT processing of the original XML files. There was precedent of some files (such as systemd.generator.xml) which were already using this approach. This addresses most of the (manual) fixes from this patch: http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/tree/debian/patches/Fix-paths-in-man-pages.patch?h=experimental-220 The idea of using generic XML entities was presented here: http://lists.freedesktop.org/archives/systemd-devel/2015-May/032240.html This patch solves almost all the issues, with the exception of: - Path to /bin/mount and /bin/umount. - Generic statements about preference of /lib over /etc. These will be handled separately by follow up patches. Tested: - With default configure settings, ran "make install" to two separate directories and compared the output to confirm they matched exactly. - Used a set of configure flags including $CONFFLAGS from Debian: http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/tree/debian/rules Installed the tree and confirmed the paths use /lib/systemd instead of /usr/lib/systemd and that no other unexpected differences exist. - Confirmed that `make distcheck` still passes.
2015-05-11treewide: Correct typos and spell plural of bus consistentTorstein Husebø
2015-03-09man: document that ExecStartPre= is not the place to start long-running ↵Lennart Poettering
processes
2015-02-10man: boilerplate unificationZbigniew Jędrzejewski-Szmek
2015-02-03Reindent man pages to 2chZbigniew Jędrzejewski-Szmek
2015-01-27man: systemd.service(5): add some simple examplesChristian Seiler
Add a couple of exampels, at least one for each service type that include some explanations and pointers to various relevant options.
2015-01-06core: add new logic for services to store file descriptors in PID 1Lennart Poettering
With this change it is possible to send file descriptors to PID 1, via sd_pid_notify_with_fds() which PID 1 will store individually for each service, and pass via the usual fd passing logic on next invocation. This is useful for enable daemon reload schemes where daemons serialize their state to /run, push their fds into PID 1 and terminate, restoring their state on next start from the data in /run and passed in from PID 1. The fds are kept by PID 1 as long as no POLLHUP or POLLERR is seen on them, and the service they belong to are either not dead or failed, or have a job queued.
2014-12-18load-fragment: allow quoting in command name and document allowed escapesZbigniew Jędrzejewski-Szmek
The handling of the command name and other arguments is unified. This simplifies things and should make them more predictable for users. Incidentally, this makes ExecStart handling match the .desktop file specification, apart for the requirment for an absolute path. https://bugs.freedesktop.org/show_bug.cgi?id=86171
2014-11-30man: BusName= is not optional for Type!=busUmut Tezduyar Lindskog
http://lists.freedesktop.org/archives/systemd-devel/2014-November/025492.html
2014-11-30core: warn and ignore SysVStartPriority=Zbigniew Jędrzejewski-Szmek
Option was being parsed but not used for anything.
2014-10-28core: send sigabrt on watchdog timeout to get the stacktraceUmut Tezduyar Lindskog
if sigabrt doesn't do the job, follow regular shutdown routine, sigterm > sigkill.
2014-10-20man: try to reword explanation of Sockets= a bitLennart Poettering
2014-10-15man: fix typosJan Synacek
2014-10-07man: document stripping of quotesZbigniew Jędrzejewski-Szmek
2014-10-07man: move commandline parsing to a separate sectionZbigniew Jędrzejewski-Szmek
It is very long already, and obscures the description of ExecStart, and it is about to get longer.
2014-09-22man: fix typo and add linkZbigniew Jędrzejewski-Szmek
2014-09-08bus: parse BusPolicy directive in service filesDaniel Mack
Add a new directive called BusPolicy to define custom endpoint policies. If one such directive is given, an endpoint object in the service's ExecContext is created and the given policy is added to it.
2014-09-06man: fix references to systemctl man page which is now in section 1Michael Biebl
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760613
2014-08-22core: introduce "poweroff" as new failure action typesLennart Poettering
Also, change the default action on a system start-up timeout to powering off.
2014-08-22core: add support for a configurable system-wide start-up timeoutLennart Poettering
When this system-wide start-up timeout is hit we execute one of the failure actions already implemented for services that fail. This should not only be useful on embedded devices, but also on laptops which have the power-button reachable when the lid is closed. This devices, when in a backpack might get powered on by accident due to the easily reachable power button. We want to make sure that the system turns itself off if it starts up due this after a while. When the system manages to fully start-up logind will suspend the machine by default if the lid is closed. However, in some cases we don't even get as far as logind, and the boot hangs much earlier, for example because we ask for a LUKS password that nobody ever enters. Yeah, this is a real-life problem on my Yoga 13, which has one of those easily accessible power buttons, even if the device is closed.
2014-08-21service: allow services of Type=oneshot that specify no ExecStart= commandsLennart Poettering
This is useful for services that simply want to run something on shutdown, but not at bootup. They should only set ExecStop= but leave ExecStart= unset.
2014-08-07man: correct references to DefaultTimeout*SecZbigniew Jędrzejewski-Szmek
Noticed by thp on #systemd.