README revision 3dd26f3e3aa7fa0696d304e14551362133dd281f
d657c51f14601d0235434ffb78cf6ac0f27cc83cLennart Poetteringsystemd System and Service Manager
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart PoetteringDETAILS:
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering http://0pointer.de/blog/projects/systemd.html
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart PoetteringWEB SITE:
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering http://www.freedesktop.org/wiki/Software/systemd
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart PoetteringGIT:
9fa2f41077b2d76685058836f602f38715b5eef3Kay Sievers git://anongit.freedesktop.org/systemd/systemd
9fa2f41077b2d76685058836f602f38715b5eef3Kay Sievers ssh://git.freedesktop.org/git/systemd/systemd
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart PoetteringGITWEB:
9fa2f41077b2d76685058836f602f38715b5eef3Kay Sievers http://cgit.freedesktop.org/systemd/systemd
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart PoetteringMAILING LIST:
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering http://lists.freedesktop.org/mailman/listinfo/systemd-devel
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering http://lists.freedesktop.org/mailman/listinfo/systemd-commits
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart PoetteringIRC:
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering #systemd on irc.freenode.org
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart PoetteringBUG REPORTS:
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering https://bugs.freedesktop.org/enter_bug.cgi?product=systemd
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart PoetteringAUTHOR:
5430f7f2bc7330f3088b894166bf3524a067e3d8Lennart Poettering Lennart Poettering
5430f7f2bc7330f3088b894166bf3524a067e3d8Lennart Poettering Kay Sievers
5430f7f2bc7330f3088b894166bf3524a067e3d8Lennart Poettering ...and many others
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart Poettering
673eab9bf0d2d79a72f3d7c430807b8786de7ee3Lennart PoetteringLICENSE:
5430f7f2bc7330f3088b894166bf3524a067e3d8Lennart Poettering LGPLv2.1+ for all code
b67f541f130cd4c55da0b74af5fcbb4daeca1937Lennart Poettering - except src/shared/MurmurHash2.c which is Public Domain
b67f541f130cd4c55da0b74af5fcbb4daeca1937Lennart Poettering - except src/shared/siphash24.c which is CC0 Public Domain
85424725d1870e2c218e3e2d53971f7e5dc3f0aeKay Sievers - except src/journal/lookup3.c which is Public Domain
85424725d1870e2c218e3e2d53971f7e5dc3f0aeKay Sievers - except src/udev/* which is (currently still) GPLv2, GPLv2+
673eab9bf0d2d79a72f3d7c430807b8786de7ee3Lennart Poettering
31cee6f634ce07aa2c3514a506f93830f91f14a5Lennart PoetteringREQUIREMENTS:
be2ea723b1d023b3d385d3b791ee4607cbfb20caKay Sievers Linux kernel >= 3.7
23aedd029452b65c11b6eb838e44f60be1c66814Kay Sievers Linux kernel >= 3.8 for Smack support
23aedd029452b65c11b6eb838e44f60be1c66814Kay Sievers
23aedd029452b65c11b6eb838e44f60be1c66814Kay Sievers Kernel Config Options:
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers CONFIG_DEVTMPFS
d28315e4aff91560ed4c2fc9f876ec8bfc559f2dJan Engelhardt CONFIG_CGROUPS (it is OK to disable all controllers)
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers CONFIG_INOTIFY_USER
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers CONFIG_SIGNALFD
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers CONFIG_TIMERFD
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers CONFIG_EPOLL
41938693e76c32161d2b3b83253ce996468cbf9bKay Sievers CONFIG_NET
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers CONFIG_SYSFS
06d461ee6f3da6650e6d023d7828455752d70b0bShawn Landden CONFIG_PROC_FS
5d31974e44b8fa163f859d8467a3667ed52056d0Kay Sievers CONFIG_FHANDLE (libudev, mount and bind mount handling)
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers
be2ea723b1d023b3d385d3b791ee4607cbfb20caKay Sievers udev will fail to work with the legacy sysfs layout:
f28cbd0382ca53baa99803bbc907a469fbf68128Kay Sievers CONFIG_SYSFS_DEPRECATED=n
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers Legacy hotplug slows down the system and confuses udev:
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers CONFIG_UEVENT_HELPER_PATH=""
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers
be2ea723b1d023b3d385d3b791ee4607cbfb20caKay Sievers Userspace firmware loading is not supported and should
be2ea723b1d023b3d385d3b791ee4607cbfb20caKay Sievers be disabled in the kernel:
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers CONFIG_FW_LOADER_USER_HELPER=n
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers Some udev rules and virtualization detection relies on it:
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers CONFIG_DMIID
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers
a5c724b25b2930ecb4a64bb4d9b8619a1354afedKay Sievers Support for some SCSI devices serial number retrieval, to
a5c724b25b2930ecb4a64bb4d9b8619a1354afedKay Sievers create additional symlinks in /dev/disk/ and /dev/tape:
a5c724b25b2930ecb4a64bb4d9b8619a1354afedKay Sievers CONFIG_BLK_DEV_BSG
a5c724b25b2930ecb4a64bb4d9b8619a1354afedKay Sievers
b52a4a3b05a2a0d69868d57fd54f6e4b8fa0e7caZbigniew Jędrzejewski-Szmek Required for PrivateNetwork and PrivateDevices in service units:
13468826f2457cae45a79649e122deadb9dc9774Mike Gilbert CONFIG_NET_NS
b52a4a3b05a2a0d69868d57fd54f6e4b8fa0e7caZbigniew Jędrzejewski-Szmek CONFIG_DEVPTS_MULTIPLE_INSTANCES
b52a4a3b05a2a0d69868d57fd54f6e4b8fa0e7caZbigniew Jędrzejewski-Szmek Note that systemd-localed.service and other systemd units use
b52a4a3b05a2a0d69868d57fd54f6e4b8fa0e7caZbigniew Jędrzejewski-Szmek PrivateNetwork and PrivateDevices so this is effectively required.
13468826f2457cae45a79649e122deadb9dc9774Mike Gilbert
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers Optional but strongly recommended:
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers CONFIG_IPV6
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers CONFIG_AUTOFS4_FS
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers CONFIG_TMPFS_XATTR
a6cccd8f580fc1e062dba3895e232007acd38781Zbigniew Jędrzejewski-Szmek CONFIG_{TMPFS,EXT4,XFS,BTRFS_FS,...}_POSIX_ACL
f28cbd0382ca53baa99803bbc907a469fbf68128Kay Sievers CONFIG_SECCOMP
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers
a21b4670d404ca4e55fef921f94a4259075882a9Umut Tezduyar Lindskog Required for CPUShares in resource control unit settings
a21b4670d404ca4e55fef921f94a4259075882a9Umut Tezduyar Lindskog CONFIG_CGROUP_SCHED
a21b4670d404ca4e55fef921f94a4259075882a9Umut Tezduyar Lindskog CONFIG_FAIR_GROUP_SCHED
a21b4670d404ca4e55fef921f94a4259075882a9Umut Tezduyar Lindskog
0acd5a08f5b2ff0580d4fc4d7fc2ff144b2f788fWaLyong Cho Required for CPUQuota in resource control unit settings
0acd5a08f5b2ff0580d4fc4d7fc2ff144b2f788fWaLyong Cho CONFIG_CFS_BANDWIDTH
0acd5a08f5b2ff0580d4fc4d7fc2ff144b2f788fWaLyong Cho
06d461ee6f3da6650e6d023d7828455752d70b0bShawn Landden For systemd-bootchart, several proc debug interfaces are required:
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers CONFIG_SCHEDSTATS
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers CONFIG_SCHED_DEBUG
713bc0cfa477ca1df8769041cb3dbc83c10eace2Kay Sievers
f28cbd0382ca53baa99803bbc907a469fbf68128Kay Sievers For UEFI systems:
f33016ff8b56c45dc85485ecf4d59f435c42ca40Thomas Bächler CONFIG_EFIVAR_FS
f28cbd0382ca53baa99803bbc907a469fbf68128Kay Sievers CONFIG_EFI_PARTITION
f28cbd0382ca53baa99803bbc907a469fbf68128Kay Sievers
77b6e19458f37cfde127ec6aa9494c0ac45ad890Lennart Poettering Note that kernel auditing is broken when used with systemd's
77b6e19458f37cfde127ec6aa9494c0ac45ad890Lennart Poettering container code. When using systemd in conjunction with
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt containers, please make sure to either turn off auditing at
77b6e19458f37cfde127ec6aa9494c0ac45ad890Lennart Poettering runtime using the kernel command line option "audit=0", or
77b6e19458f37cfde127ec6aa9494c0ac45ad890Lennart Poettering turn it off at kernel compile time using:
77b6e19458f37cfde127ec6aa9494c0ac45ad890Lennart Poettering CONFIG_AUDIT=n
a7b1c3971a30546fe633e320d45033aba8b2ca3cLennart Poettering If systemd is compiled with libseccomp support on
a7b1c3971a30546fe633e320d45033aba8b2ca3cLennart Poettering architectures which do not use socketcall() and where seccomp
a7b1c3971a30546fe633e320d45033aba8b2ca3cLennart Poettering is supported (this effectively means x86-64 and ARM, but
70a44afee385c4afadaab9a002b3f9dd44aedf4aJan Engelhardt excludes 32-bit x86!), then nspawn will now install a
a7b1c3971a30546fe633e320d45033aba8b2ca3cLennart Poettering work-around seccomp filter that makes containers boot even
a7b1c3971a30546fe633e320d45033aba8b2ca3cLennart Poettering with audit being enabled. This works correctly only on kernels
a7b1c3971a30546fe633e320d45033aba8b2ca3cLennart Poettering 3.14 and newer though. TL;DR: turn audit off, still.
77b6e19458f37cfde127ec6aa9494c0ac45ad890Lennart Poettering
3dd26f3e3aa7fa0696d304e14551362133dd281fŁukasz Stelmach glibc >= 2.16
3ede835a0486f2ecc025dede0b33e9a1edc06d30Lennart Poettering libcap
8d3ae2bd4c9bf9fc2e57f7b3776325a1c750ca30Chris Leech libmount >= 2.20 (from util-linux)
c0467cf387548dc98c0254f63553d862b35a84e5Ronny Chevalier libseccomp >= 1.0.0 (optional)
d47f6ca5f9b7a0b400d8bdb050151a0284fb4bdbGabriel de Perthuis libblkid >= 2.24 (from util-linux) (optional)
a18535d9e138c525d0443ec9f30a90b3e2184686Tom Gundersen libkmod >= 15 (optional)
3ede835a0486f2ecc025dede0b33e9a1edc06d30Lennart Poettering PAM >= 1.1.2 (optional)
3ede835a0486f2ecc025dede0b33e9a1edc06d30Lennart Poettering libcryptsetup (optional)
3ede835a0486f2ecc025dede0b33e9a1edc06d30Lennart Poettering libaudit (optional)
19d5d4cb6a89c844e298eb65bce6ba0fa9d58b91Zbigniew Jędrzejewski-Szmek libacl (optional)
3ede835a0486f2ecc025dede0b33e9a1edc06d30Lennart Poettering libselinux (optional)
19d5d4cb6a89c844e298eb65bce6ba0fa9d58b91Zbigniew Jędrzejewski-Szmek liblzma (optional)
a509e0e6946aee5c3dd51bc3a6f40d0a623c9e2cZbigniew Jędrzejewski-Szmek liblz4 >= 119 (optional)
7b17a7d72f5ba5ad838b19803534c56a46f3bce9Lennart Poettering libgcrypt (optional)
7b17a7d72f5ba5ad838b19803534c56a46f3bce9Lennart Poettering libqrencode (optional)
7b17a7d72f5ba5ad838b19803534c56a46f3bce9Lennart Poettering libmicrohttpd (optional)
2cc86f094a8c316f7feb0336df3827a3264b116dZbigniew Jędrzejewski-Szmek libpython (optional)
f9ffbca2fb1ba7a7854d83439a4644590be0d9e1Lennart Poettering libidn (optional)
a900b827d4d67f4961d2e4ed48d73e6bc1d6b4b6Zbigniew Jędrzejewski-Szmek gobject-introspection > 1.40.0 (optional)
5b244719abc81b83d8a0d732c3b95a2845d8811aLennart Poettering elfutils >= 158 (optional)
2cc86f094a8c316f7feb0336df3827a3264b116dZbigniew Jędrzejewski-Szmek make, gcc, and similar tools
2cc86f094a8c316f7feb0336df3827a3264b116dZbigniew Jędrzejewski-Szmek
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt During runtime, you need the following additional
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt dependencies:
2cc86f094a8c316f7feb0336df3827a3264b116dZbigniew Jędrzejewski-Szmek
fdbbad981cc5da8bb4ed7e9b6646e7a114745ec5Lennart Poettering util-linux >= v2.25 required
df41776d66b5b7467a5cf9c719b97b66d6534c8cTom Gundersen dbus >= 1.4.0 (strictly speaking optional, but recommended)
2cc86f094a8c316f7feb0336df3827a3264b116dZbigniew Jędrzejewski-Szmek dracut (optional)
46ba8aae2b82bc5c87ba347e6bf914ecd5e9d51eLennart Poettering PolicyKit (optional)
3ede835a0486f2ecc025dede0b33e9a1edc06d30Lennart Poettering
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt When building from git, you need the following additional
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt dependencies:
3ede835a0486f2ecc025dede0b33e9a1edc06d30Lennart Poettering
f4e5354a1d69a4c9e7cf073a66cf25c2dadd6c85Peter Waller pkg-config
3ede835a0486f2ecc025dede0b33e9a1edc06d30Lennart Poettering docbook-xsl
3ede835a0486f2ecc025dede0b33e9a1edc06d30Lennart Poettering xsltproc
3ede835a0486f2ecc025dede0b33e9a1edc06d30Lennart Poettering automake
3ede835a0486f2ecc025dede0b33e9a1edc06d30Lennart Poettering autoconf
3ede835a0486f2ecc025dede0b33e9a1edc06d30Lennart Poettering libtool
19d5d4cb6a89c844e298eb65bce6ba0fa9d58b91Zbigniew Jędrzejewski-Szmek intltool
b62cfcea00862ccbf0e5e297f8a339f70987edefMichael Biebl gperf
19d5d4cb6a89c844e298eb65bce6ba0fa9d58b91Zbigniew Jędrzejewski-Szmek gtkdocize (optional)
19d5d4cb6a89c844e298eb65bce6ba0fa9d58b91Zbigniew Jędrzejewski-Szmek python (optional)
32dcef3ab1eb91ee469c3246ef859578dccd8a45Zbigniew Jędrzejewski-Szmek python-lxml (optional, but required to build the indices)
9015fa646e04fc3cb180bea24c33d34edbb48ed7Zbigniew Jędrzejewski-Szmek sphinx (optional)
21bc923aa35d455cdef1607eb7022608c705c9f3Lennart Poettering
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt When systemd-hostnamed is used, it is strongly recommended to
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt install nss-myhostname to ensure that, in a world of
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt dynamically changing hostnames, the hostname stays resolvable
fff2e5b58bab7a5ffbb7593742d462197b06728cLennart Poettering under all circumstances. In fact, systemd-hostnamed will warn
bf9e477c92506884977d6c8d761969e105528f3eKay Sievers if nss-myhostname is not installed.
fff2e5b58bab7a5ffbb7593742d462197b06728cLennart Poettering
9015fa646e04fc3cb180bea24c33d34edbb48ed7Zbigniew Jędrzejewski-Szmek To build HTML documentation for python-systemd using sphinx,
9015fa646e04fc3cb180bea24c33d34edbb48ed7Zbigniew Jędrzejewski-Szmek please first install systemd (using 'make install'), and then
9015fa646e04fc3cb180bea24c33d34edbb48ed7Zbigniew Jędrzejewski-Szmek invoke sphinx-build with 'make sphinx-<target>', with <target>
9015fa646e04fc3cb180bea24c33d34edbb48ed7Zbigniew Jędrzejewski-Szmek being 'html' or 'latexpdf'. If using DESTDIR for installation,
9015fa646e04fc3cb180bea24c33d34edbb48ed7Zbigniew Jędrzejewski-Szmek pass the same DESTDIR to 'make sphinx-html' invocation.
9015fa646e04fc3cb180bea24c33d34edbb48ed7Zbigniew Jędrzejewski-Szmek
a24c64f03f9c5c0304451d8542fee853187a5168Lennart PoetteringUSERS AND GROUPS:
37495eede95d3212b797c8459d7ed6258fb23c6aLennart Poettering Default udev rules use the following standard system group
37495eede95d3212b797c8459d7ed6258fb23c6aLennart Poettering names, which need to be resolvable by getgrnam() at any time,
37495eede95d3212b797c8459d7ed6258fb23c6aLennart Poettering even in the very early boot stages, where no other databases
37495eede95d3212b797c8459d7ed6258fb23c6aLennart Poettering and network are available:
37495eede95d3212b797c8459d7ed6258fb23c6aLennart Poettering
3dff3e00e044e2d53c76fa842b9a4759d4a50e69Kay Sievers audio, cdrom, dialout, disk, input, kmem, lp, tape, tty, video
37c0e8f35e92190a22b2ac0fbb23bf396121e84aKay Sievers
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt During runtime, the journal daemon requires the
1a9ce3f766a03c7daab4ca7edae7533841e1721aMichael Biebl "systemd-journal" system group to exist. New journal files will
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt be readable by this group (but not writable), which may be used
a48a62a1af02aec4473c9deed98dd5b89d210f93Zbigniew Jędrzejewski-Szmek to grant specific users read access. In addition, system
a48a62a1af02aec4473c9deed98dd5b89d210f93Zbigniew Jędrzejewski-Szmek groups "wheel" and "adm" will be given read-only access to
a48a62a1af02aec4473c9deed98dd5b89d210f93Zbigniew Jędrzejewski-Szmek journal files using systemd-tmpfiles.service.
a24c64f03f9c5c0304451d8542fee853187a5168Lennart Poettering
37495eede95d3212b797c8459d7ed6258fb23c6aLennart Poettering The journal gateway daemon requires the
1a9ce3f766a03c7daab4ca7edae7533841e1721aMichael Biebl "systemd-journal-gateway" system user and group to
37495eede95d3212b797c8459d7ed6258fb23c6aLennart Poettering exist. During execution this network facing service will drop
37495eede95d3212b797c8459d7ed6258fb23c6aLennart Poettering privileges and assume this uid/gid for security reasons.
37495eede95d3212b797c8459d7ed6258fb23c6aLennart Poettering
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt Similarly, the NTP daemon requires the "systemd-timesync" system
323a2f0b4b3db8f34c382e66f1940c1216bdfc9dLennart Poettering user and group to exist.
323a2f0b4b3db8f34c382e66f1940c1216bdfc9dLennart Poettering
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt Similarly, the network management daemon requires the
323a2f0b4b3db8f34c382e66f1940c1216bdfc9dLennart Poettering "systemd-network" system user and group to exist.
323a2f0b4b3db8f34c382e66f1940c1216bdfc9dLennart Poettering
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt Similarly, the name resolution daemon requires the
323a2f0b4b3db8f34c382e66f1940c1216bdfc9dLennart Poettering "systemd-resolve" system user and group to exist.
323a2f0b4b3db8f34c382e66f1940c1216bdfc9dLennart Poettering
8d0e0ddda6501479eb69164687c83c1a7667b33aJan Engelhardt Similarly, the kdbus dbus1 proxy daemon requires the
323a2f0b4b3db8f34c382e66f1940c1216bdfc9dLennart Poettering "systemd-bus-proxy" system user and group to exist.
682265d5e2157882861b0091c6b81fa92699b72aTom Gundersen
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart PoetteringNSS:
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering systemd ships with three NSS modules:
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering nss-myhostname resolves the local hostname to locally
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering configured IP addresses, as well as "localhost" to
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering 127.0.0.1/::1.
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering nss-resolve enables DNS resolution via the systemd-resolved
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering DNS/LLMNR caching stub resolver "systemd-resolved".
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering nss-mymachines enables resolution of all local containers
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering registered with machined to their respective IP addresses.
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering To make use of these NSS modules, please add them to the
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering "hosts: " line in /etc/nsswitch.conf. The "resolve" module
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering should replace the glibc "dns" module in this file.
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering The three modules should be used in the following order:
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering hosts: files mymachines resolve myhostname
a4a79605f7c2ba17ce74baabefa19c3686439e4aLennart Poettering
21bc923aa35d455cdef1607eb7022608c705c9f3Lennart PoetteringWARNINGS:
21bc923aa35d455cdef1607eb7022608c705c9f3Lennart Poettering systemd will warn you during boot if /etc/mtab is not a
21bc923aa35d455cdef1607eb7022608c705c9f3Lennart Poettering symlink to /proc/mounts. Please ensure that /etc/mtab is a
21bc923aa35d455cdef1607eb7022608c705c9f3Lennart Poettering proper symlink.
21bc923aa35d455cdef1607eb7022608c705c9f3Lennart Poettering
21bc923aa35d455cdef1607eb7022608c705c9f3Lennart Poettering systemd will warn you during boot if /usr is on a different
21bc923aa35d455cdef1607eb7022608c705c9f3Lennart Poettering file system than /. While in systemd itself very little will
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt break if /usr is on a separate partition, many of its
21bc923aa35d455cdef1607eb7022608c705c9f3Lennart Poettering dependencies very likely will break sooner or later in one
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt form or another. For example, udev rules tend to refer to
21bc923aa35d455cdef1607eb7022608c705c9f3Lennart Poettering binaries in /usr, binaries that link to libraries in /usr or
21bc923aa35d455cdef1607eb7022608c705c9f3Lennart Poettering binaries that refer to data files in /usr. Since these
19aadacf92ad86967ffb678e37b2ff9e83cb9480Jan Engelhardt breakages are not always directly visible, systemd will warn
21bc923aa35d455cdef1607eb7022608c705c9f3Lennart Poettering about this, since this kind of file system setup is not really
21bc923aa35d455cdef1607eb7022608c705c9f3Lennart Poettering supported anymore by the basic set of Linux OS components.
fc7a744cc44cdb80bf9bc6304fc3f80ca2cb65f9Lennart Poettering
47bc23c18cbc87471dc832534c8565625e4a9d16Lennart Poettering systemd requires that the /run mount point exists. systemd also
b8bde11658366290521e3d03316378b482600323Jan Engelhardt requires that /var/run is a a symlink to /run.
47bc23c18cbc87471dc832534c8565625e4a9d16Lennart Poettering
aa1671320df5bd8aa4108c0efb34a49fdedd0e5fLennart Poettering For more information on this issue consult
aa1671320df5bd8aa4108c0efb34a49fdedd0e5fLennart Poettering http://freedesktop.org/wiki/Software/systemd/separate-usr-is-broken
aa1671320df5bd8aa4108c0efb34a49fdedd0e5fLennart Poettering
1b4bb4fdac4dce4e658aa3743153d77c04d1a331Zbigniew Jędrzejewski-Szmek To run systemd under valgrind, compile with VALGRIND defined
1b4bb4fdac4dce4e658aa3743153d77c04d1a331Zbigniew Jędrzejewski-Szmek (e.g. ./configure CPPFLAGS='... -DVALGRIND=1'). Otherwise,
1b4bb4fdac4dce4e658aa3743153d77c04d1a331Zbigniew Jędrzejewski-Szmek false positives will be triggered by code which violates
1b4bb4fdac4dce4e658aa3743153d77c04d1a331Zbigniew Jędrzejewski-Szmek some rules but is actually safe.
2b671e9560d5a7e78374a33acfc7f089cfa05c2fLennart Poettering
2b671e9560d5a7e78374a33acfc7f089cfa05c2fLennart PoetteringENGINEERING AND CONSULTING SERVICES:
2b671e9560d5a7e78374a33acfc7f089cfa05c2fLennart Poettering ENDOCODE <https://endocode.com/> offers professional
2b671e9560d5a7e78374a33acfc7f089cfa05c2fLennart Poettering engineering and consulting services for systemd. Please
2b671e9560d5a7e78374a33acfc7f089cfa05c2fLennart Poettering contact Chris Kühl <chris@endocode.com> for more information.