]> git.proxmox.com Git - systemd.git/blob - man/system.conf.d.html
projects / systemd.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
Imported Upstream version 218
[systemd.git] / man / system.conf.d.html
1 <html><head><meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><title>systemd-system.conf</title><meta name="generator" content="DocBook XSL Stylesheets V1.78.1"></head><body bgcolor="white" text="black" link="#0000FF" vlink="#840084" alink="#0000FF"><style>
2 a.headerlink {
3 color: #c60f0f;
4 font-size: 0.8em;
5 padding: 0 4px 0 4px;
6 text-decoration: none;
7 visibility: hidden;
8 }
9
10 a.headerlink:hover {
11 background-color: #c60f0f;
12 color: white;
13 }
14
15 h1:hover > a.headerlink, h2:hover > a.headerlink, h3:hover > a.headerlink, dt:hover > a.headerlink {
16 visibility: visible;
17 }
18 </style><a href="index.html">Index </a>·
19 <a href="systemd.directives.html">Directives </a>·
20 <a href="../python-systemd/index.html">Python </a>·
21 <a href="../libudev/index.html">libudev </a>·
22 <a href="../libudev/index.html">gudev </a><span style="float:right">systemd 218</span><hr><div class="refentry"><a name="systemd-system.conf"></a><div class="titlepage"></div><div class="refnamediv"><h2>Name</h2><p>systemd-system.conf, system.conf.d, systemd-user.conf, user.conf.d — System and session service manager configuration files</p></div><div class="refsynopsisdiv"><h2>Synopsis</h2><p><code class="filename">/etc/systemd/system.conf</code></p><p><code class="filename">/etc/systemd/system.conf.d/*.conf</code></p><p><code class="filename">/run/systemd/system.conf.d/*.conf</code></p><p><code class="filename">/usr/lib/systemd/system.conf.d/*.conf</code></p><p><code class="filename">/etc/systemd/user.conf</code></p><p><code class="filename">/etc/systemd/user.conf.d/*.conf</code></p><p><code class="filename">/run/systemd/user.conf.d/*.conf</code></p><p><code class="filename">/usr/lib/systemd/user.conf.d/*.conf</code></p></div><div class="refsect1"><a name="idm140581162333696"></a><h2 id="Description">Description<a class="headerlink" title="Permalink to this headline" href="#Description"></a></h2><p>When run as a system instance, systemd interprets the
23 configuration file <code class="filename">system.conf</code> and the
24 files in <code class="filename">system.conf.d</code> directories; when
25 run as a user instance, systemd interprets the configuration
26 file <code class="filename">user.conf</code> and the files in
27 <code class="filename">user.conf.d</code> directories. These
28 configuration files contain a few settings controlling
29 basic manager operations.</p></div><div class="refsection"><a name="confd"></a><h2>Configuration Directories and Precedence</h2><p>Configuration files are read from directories in
30 <code class="filename">/etc/</code>, <code class="filename">/run/</code>, and
31 <code class="filename">/usr/lib/</code>, in order of precedence.
32 Each configuration file in these configuration directories shall be named in
33 the style of <code class="filename"><em class="replaceable"><code>filename</code></em>.conf</code>.
34 Files in <code class="filename">/etc/</code> override files with the same name in
35 <code class="filename">/run/</code> and <code class="filename">/usr/lib/</code>. Files in
36 <code class="filename">/run/</code> override files with the same name in
37 <code class="filename">/usr/lib/</code>.</p><p>Packages should install their configuration files in
38 <code class="filename">/usr/lib/</code>. Files in <code class="filename">/etc/</code> are
39 reserved for the local administrator, who may use this logic to override the
40 configuration files installed by vendor packages. All configuration files
41 are sorted by their filename in lexicographic order, regardless of which of
42 the directories they reside in. If multiple files specify the same option,
43 the entry in the file with the lexicographically latest name will take
44 precedence. It is recommended to prefix all filenames with a two-digit number
45 and a dash, to simplify the ordering of the files.</p><p>If the administrator wants to disable a configuration file supplied by
46 the vendor, the recommended way is to place a symlink to
47 <code class="filename">/dev/null</code> in the configuration directory in
48 <code class="filename">/etc/</code>, with the same filename as the vendor
49 configuration file.</p></div><div class="refsection"><a name="conf"></a><h2>Configuration File</h2><p>Configuration is also read from a single configuration file in
50 <code class="filename">/etc/</code>. This file is read before any of the
51 configuration directories, and has the lowest precedence; entries in a file
52 in any configuration directory override entries in the single configuration
53 file.</p></div><div class="refsect1"><a name="idm140581162327632"></a><h2 id="Options">Options<a class="headerlink" title="Permalink to this headline" href="#Options"></a></h2><p>All options are configured in the
54 "<code class="literal">[Manager]</code>" section:</p><div class="variablelist"><dl class="variablelist"><dt id="LogLevel="><span class="term"><code class="varname">LogLevel=</code>, </span><span class="term"><code class="varname">LogTarget=</code>, </span><span class="term"><code class="varname">LogColor=</code>, </span><span class="term"><code class="varname">LogLocation=</code>, </span><span class="term"><code class="varname">DumpCore=yes</code>, </span><span class="term"><code class="varname">CrashShell=no</code>, </span><span class="term"><code class="varname">ShowStatus=yes</code>, </span><span class="term"><code class="varname">CrashChVT=1</code>, </span><span class="term"><code class="varname">DefaultStandardOutput=journal</code>, </span><span class="term"><code class="varname">DefaultStandardError=inherit</code></span><a class="headerlink" title="Permalink to this term" href="#LogLevel="></a></dt><dd><p>Configures various
55 parameters of basic manager
56 operation. These options may be
57 overridden by the respective command
58 line arguments. See
59 <a href="systemd.html"><span class="citerefentry"><span class="refentrytitle">systemd</span>(1)</span></a>
60 for details about these command line
61 arguments.</p></dd><dt id="CPUAffinity="><span class="term"><code class="varname">CPUAffinity=</code></span><a class="headerlink" title="Permalink to this term" href="#CPUAffinity="></a></dt><dd><p>Configures the initial
62 CPU affinity for the init
63 process. Takes a space-separated list
64 of CPU indices.</p></dd><dt id="JoinControllers=cpu,cpuacct net_cls,netprio"><span class="term"><code class="varname">JoinControllers=cpu,cpuacct net_cls,netprio</code></span><a class="headerlink" title="Permalink to this term" href="#JoinControllers=cpu,cpuacct%20net_cls,netprio"></a></dt><dd><p>Configures controllers
65 that shall be mounted in a single
66 hierarchy. By default, systemd will
67 mount all controllers which are
68 enabled in the kernel in individual
69 hierarchies, with the exception of
70 those listed in this setting. Takes a
71 space-separated list of comma-separated
72 controller names, in order
73 to allow multiple joined
74 hierarchies. Defaults to
75 'cpu,cpuacct'. Pass an empty string to
76 ensure that systemd mounts all
77 controllers in separate
78 hierarchies.</p><p>Note that this option is only
79 applied once, at very early boot. If
80 you use an initial RAM disk (initrd)
81 that uses systemd, it might hence be
82 necessary to rebuild the initrd if
83 this option is changed, and make sure
84 the new configuration file is included
85 in it. Otherwise, the initrd might
86 mount the controller hierarchies in a
87 different configuration than intended,
88 and the main system cannot remount
89 them anymore.</p></dd><dt id="RuntimeWatchdogSec="><span class="term"><code class="varname">RuntimeWatchdogSec=</code>, </span><span class="term"><code class="varname">ShutdownWatchdogSec=</code></span><a class="headerlink" title="Permalink to this term" href="#RuntimeWatchdogSec="></a></dt><dd><p>Configure the hardware
90 watchdog at runtime and at
91 reboot. Takes a timeout value in
92 seconds (or in other time units if
93 suffixed with "<code class="literal">ms</code>",
94 "<code class="literal">min</code>",
95 "<code class="literal">h</code>",
96 "<code class="literal">d</code>",
97 "<code class="literal">w</code>"). If
98 <code class="varname">RuntimeWatchdogSec=</code>
99 is set to a non-zero value, the
100 watchdog hardware
101 (<code class="filename">/dev/watchdog</code>)
102 will be programmed to automatically
103 reboot the system if it is not
104 contacted within the specified timeout
105 interval. The system manager will
106 ensure to contact it at least once in
107 half the specified timeout
108 interval. This feature requires a
109 hardware watchdog device to be
110 present, as it is commonly the case in
111 embedded and server systems. Not all
112 hardware watchdogs allow configuration
113 of the reboot timeout, in which case
114 the closest available timeout is
115 picked. <code class="varname">ShutdownWatchdogSec=</code>
116 may be used to configure the hardware
117 watchdog when the system is asked to
118 reboot. It works as a safety net to
119 ensure that the reboot takes place
120 even if a clean reboot attempt times
121 out. By default
122 <code class="varname">RuntimeWatchdogSec=</code>
123 defaults to 0 (off), and
124 <code class="varname">ShutdownWatchdogSec=</code>
125 to 10min. These settings have no
126 effect if a hardware watchdog is not
127 available.</p></dd><dt id="CapabilityBoundingSet="><span class="term"><code class="varname">CapabilityBoundingSet=</code></span><a class="headerlink" title="Permalink to this term" href="#CapabilityBoundingSet="></a></dt><dd><p>Controls which
128 capabilities to include in the
129 capability bounding set for PID 1 and
130 its children. See
131 <a href="http://man7.org/linux/man-pages/man7/capabilities.7.html"><span class="citerefentry"><span class="refentrytitle">capabilities</span>(7)</span></a>
132 for details. Takes a whitespace-separated
133 list of capability names as read by
134 <a href="cap_from_name.html"><span class="citerefentry"><span class="refentrytitle">cap_from_name</span>(3)</span></a>.
135 Capabilities listed will be included
136 in the bounding set, all others are
137 removed. If the list of capabilities
138 is prefixed with ~, all but the listed
139 capabilities will be included, the
140 effect of the assignment
141 inverted. Note that this option also
142 affects the respective capabilities in
143 the effective, permitted and
144 inheritable capability sets. The
145 capability bounding set may also be
146 individually configured for units
147 using the
148 <code class="varname">CapabilityBoundingSet=</code>
149 directive for units, but note that
150 capabilities dropped for PID 1 cannot
151 be regained in individual units, they
152 are lost for good.</p></dd><dt id="SystemCallArchitectures="><span class="term"><code class="varname">SystemCallArchitectures=</code></span><a class="headerlink" title="Permalink to this term" href="#SystemCallArchitectures="></a></dt><dd><p>Takes a
153 space-separated list of architecture
154 identifiers. Selects from which
155 architectures system calls may be
156 invoked on this system. This may be
157 used as an effective way to disable
158 invocation of non-native binaries
159 system-wide, for example to prohibit
160 execution of 32-bit x86 binaries on
161 64-bit x86-64 systems. This option
162 operates system-wide, and acts
163 similar to the
164 <code class="varname">SystemCallArchitectures=</code>
165 setting of unit files, see
166 <a href="systemd.exec.html"><span class="citerefentry"><span class="refentrytitle">systemd.exec</span>(5)</span></a>
167 for details. This setting defaults to
168 the empty list, in which case no
169 filtering of system calls based on
170 architecture is applied. Known
171 architecture identifiers are
172 "<code class="literal">x86</code>",
173 "<code class="literal">x86-64</code>",
174 "<code class="literal">x32</code>",
175 "<code class="literal">arm</code>" and the special
176 identifier
177 "<code class="literal">native</code>". The latter
178 implicitly maps to the native
179 architecture of the system (or more
180 specifically, the architecture the
181 system manager was compiled for). Set
182 this setting to
183 "<code class="literal">native</code>" to prohibit
184 execution of any non-native
185 binaries. When a binary executes a
186 system call of an architecture that is
187 not listed in this setting, it will be
188 immediately terminated with the SIGSYS
189 signal.</p></dd><dt id="TimerSlackNSec="><span class="term"><code class="varname">TimerSlackNSec=</code></span><a class="headerlink" title="Permalink to this term" href="#TimerSlackNSec="></a></dt><dd><p>Sets the timer slack
190 in nanoseconds for PID 1, which is
191 inherited by all executed processes,
192 unless overridden individually, for
193 example with the
194 <code class="varname">TimerSlackNSec=</code>
195 setting in service units (for details
196 see
197 <a href="systemd.exec.html"><span class="citerefentry"><span class="refentrytitle">systemd.exec</span>(5)</span></a>). The
198 timer slack controls the accuracy of
199 wake-ups triggered by system
200 timers. See
201 <a href="http://man7.org/linux/man-pages/man2/prctl.2.html"><span class="citerefentry"><span class="refentrytitle">prctl</span>(2)</span></a>
202 for more information. Note that in
203 contrast to most other time span
204 definitions this parameter takes an
205 integer value in nano-seconds if no
206 unit is specified. The usual time
207 units are understood
208 too.</p></dd><dt id="DefaultTimerAccuracySec="><span class="term"><code class="varname">DefaultTimerAccuracySec=</code></span><a class="headerlink" title="Permalink to this term" href="#DefaultTimerAccuracySec="></a></dt><dd><p>Sets the default
209 accuracy of timer units. This controls
210 the global default for the
211 <code class="varname">AccuracySec=</code>
212 setting of timer units, see
213 <a href="systemd.timer.html"><span class="citerefentry"><span class="refentrytitle">systemd.timer</span>(5)</span></a>
214 for
215 details. <code class="varname">AccuracySec=</code>
216 set in individual units override the
217 global default for the specific
218 unit. Defaults to 1min. Note that the
219 accuracy of timer units is also
220 affected by the configured timer slack
221 for PID 1, see
222 <code class="varname">TimerSlackNSec=</code>
223 above.</p></dd><dt id="DefaultTimeoutStartSec="><span class="term"><code class="varname">DefaultTimeoutStartSec=</code>, </span><span class="term"><code class="varname">DefaultTimeoutStopSec=</code>, </span><span class="term"><code class="varname">DefaultRestartSec=</code></span><a class="headerlink" title="Permalink to this term" href="#DefaultTimeoutStartSec="></a></dt><dd><p>Configures the default
224 timeouts for starting and stopping of
225 units, as well as the default time to
226 sleep between automatic restarts of
227 units, as configured per-unit in
228 <code class="varname">TimeoutStartSec=</code>,
229 <code class="varname">TimeoutStopSec=</code> and
230 <code class="varname">RestartSec=</code> (for
231 services, see
232 <a href="systemd.service.html"><span class="citerefentry"><span class="refentrytitle">systemd.service</span>(5)</span></a>
233 for details on the per-unit
234 settings). For non-service units,
235 <code class="varname">DefaultTimeoutStartSec=</code>
236 sets the default
237 <code class="varname">TimeoutSec=</code> value.
238 </p></dd><dt id="DefaultStartLimitInterval="><span class="term"><code class="varname">DefaultStartLimitInterval=</code>, </span><span class="term"><code class="varname">DefaultStartLimitBurst=</code></span><a class="headerlink" title="Permalink to this term" href="#DefaultStartLimitInterval="></a></dt><dd><p>Configure the default
239 unit start rate limiting, as
240 configured per-service by
241 <code class="varname">StartLimitInterval=</code>
242 and
243 <code class="varname">StartLimitBurst=</code>. See
244 <a href="systemd.service.html"><span class="citerefentry"><span class="refentrytitle">systemd.service</span>(5)</span></a>
245 for details on the per-service
246 settings.</p></dd><dt id="DefaultEnvironment="><span class="term"><code class="varname">DefaultEnvironment=</code></span><a class="headerlink" title="Permalink to this term" href="#DefaultEnvironment="></a></dt><dd><p>Sets manager
247 environment variables passed to all
248 executed processes. Takes a
249 space-separated list of variable
250 assignments. See
251 <a href="http://man7.org/linux/man-pages/man7/environ.7.html"><span class="citerefentry"><span class="refentrytitle">environ</span>(7)</span></a>
252 for details about environment
253 variables.</p><p>Example:
254
255 </p><pre class="programlisting">DefaultEnvironment="VAR1=word1 word2" VAR2=word3 "VAR3=word 5 6"</pre><p>
256
257 Sets three variables
258 "<code class="literal">VAR1</code>",
259 "<code class="literal">VAR2</code>",
260 "<code class="literal">VAR3</code>".</p></dd><dt id="DefaultCPUAccounting="><span class="term"><code class="varname">DefaultCPUAccounting=</code>, </span><span class="term"><code class="varname">DefaultBlockIOAccounting=</code>, </span><span class="term"><code class="varname">DefaultMemoryAccounting=</code></span><a class="headerlink" title="Permalink to this term" href="#DefaultCPUAccounting="></a></dt><dd><p>Configure the default
261 resource accounting settings, as
262 configured per-unit by
263 <code class="varname">CPUAccounting=</code>,
264 <code class="varname">BlockIOAccounting=</code>
265 and
266 <code class="varname">MemoryAccounting=</code>. See
267 <a href="systemd.resource-control.html"><span class="citerefentry"><span class="refentrytitle">systemd.resource-control</span>(5)</span></a>
268 for details on the per-unit
269 settings.</p></dd><dt id="DefaultLimitCPU="><span class="term"><code class="varname">DefaultLimitCPU=</code>, </span><span class="term"><code class="varname">DefaultLimitFSIZE=</code>, </span><span class="term"><code class="varname">DefaultLimitDATA=</code>, </span><span class="term"><code class="varname">DefaultLimitSTACK=</code>, </span><span class="term"><code class="varname">DefaultLimitCORE=</code>, </span><span class="term"><code class="varname">DefaultLimitRSS=</code>, </span><span class="term"><code class="varname">DefaultLimitNOFILE=</code>, </span><span class="term"><code class="varname">DefaultLimitAS=</code>, </span><span class="term"><code class="varname">DefaultLimitNPROC=</code>, </span><span class="term"><code class="varname">DefaultLimitMEMLOCK=</code>, </span><span class="term"><code class="varname">DefaultLimitLOCKS=</code>, </span><span class="term"><code class="varname">DefaultLimitSIGPENDING=</code>, </span><span class="term"><code class="varname">DefaultLimitMSGQUEUE=</code>, </span><span class="term"><code class="varname">DefaultLimitNICE=</code>, </span><span class="term"><code class="varname">DefaultLimitRTPRIO=</code>, </span><span class="term"><code class="varname">DefaultLimitRTTIME=</code></span><a class="headerlink" title="Permalink to this term" href="#DefaultLimitCPU="></a></dt><dd><p>These settings control
270 various default resource limits for
271 units. See
272 <a href="http://man7.org/linux/man-pages/man2/setrlimit.2.html"><span class="citerefentry"><span class="refentrytitle">setrlimit</span>(2)</span></a>
273 for details. Use the string
274 <code class="varname">infinity</code> to
275 configure no limit on a specific
276 resource. These settings may be
277 overridden in individual units
278 using the corresponding LimitXXX=
279 directives. Note that these resource
280 limits are only defaults for units,
281 they are not applied to PID 1
282 itself.</p></dd></dl></div></div><div class="refsect1"><a name="idm140581161227200"></a><h2 id="See Also">See Also<a class="headerlink" title="Permalink to this headline" href="#See%20Also"></a></h2><p>
283 <a href="systemd.html"><span class="citerefentry"><span class="refentrytitle">systemd</span>(1)</span></a>,
284 <a href="systemd.directives.html"><span class="citerefentry"><span class="refentrytitle">systemd.directives</span>(7)</span></a>,
285 <a href="systemd.exec.html"><span class="citerefentry"><span class="refentrytitle">systemd.exec</span>(5)</span></a>,
286 <a href="systemd.service.html"><span class="citerefentry"><span class="refentrytitle">systemd.service</span>(5)</span></a>,
287 <a href="http://man7.org/linux/man-pages/man7/environ.7.html"><span class="citerefentry"><span class="refentrytitle">environ</span>(7)</span></a>,
288 <a href="http://man7.org/linux/man-pages/man7/capabilities.7.html"><span class="citerefentry"><span class="refentrytitle">capabilities</span>(7)</span></a>
289 </p></div></div></body></html>
systemd for Proxmox projects