- Service Units
- Command Lines
- Prefixes
- Command Resolution
- Environment
- Variable Expansion
- Default Environment Variables
- Custom Envrionment Variables
- Service Types
- Starting a service
- Stopping a service
- Reloading a service
- Command Lines
Service Units
Described at pathnames ending with .service.
Provides information on a process supervised by systemd.
Execution / Environment Options
User=Group=DynanmicUser=SupplementaryGroups=SetLoginEnvironment=PAMName=WorkingDirectory=
Security
NoNewPrivileges=:SecureBits=:
Root options
RootDirectory=: sets the root director of the processRootImage=: likeRootDirectory=but for blok device nodesRootImageOptions=:RootEphemeral=: if enabled processes run in ephermeral copy of rootRootHash=: for data integrity set;RootHashSignature=RootVerity=RootImagePolicy=``
Command Lines
<prefixes> <command> <arguments>
Prefixes:
@-:+,!, or!!
Command Resolution
A command is either an absolute path either a filename without slashes.
Filanames without slashes are searched inside directories defined at compilation time.
Run systemd-path search-binaries-default to see these directories.
Envrionment
Variable Expansion
Environment variable expansionis supported and behaves as follows.
FOO=bar baz
${FOO} #expands as one argument
$FOO #expands as two arguments
Default Environment Variables
$PATH$LANG$USER$LOGNAME$HOME$SHELL$INVOCATION_ID$XDG_RUNTIME_DIR$RUNTIME_DIRECTORY$STATE_DIRECTORY$CACHE_DIRECTORY$LOGS_DIRECTORY$CONFIGURATION_DIRECTORY$CREDENTIAL_DIRECTORY$MAINPID$MANAGEPID$LISTEND_FDS$LISTEN_PID$LISTEN_FDNAMES$NOTIFY_SOCKET$WATCHDOG_PID$WATCHDOG_USEC$SYSTEMD_EXEC_PID$TERM$LOG_NAMESPACE$JOURNAL_STREAM$SERVICE_RESULTEXIT_CODEEXIT_STATUS$MONITOR_SERVICE_RESULT$MONITOR_EXIT_CODE$MONITOR_EXIT_STATUS$MONITOR_INVOCATION_ID$MONITOR_UNIT$PIDFILE$REMOTE_ADDR$REMOTE_PORT$TRIGGER_UNIT$TRIGGER_PATH$TRIGGER_TIMER_REALTIME_USEC$TRIGGER_TIMER_MONOTONIC_USEC$MEMORY_PRESSURE_WATCH$MEMORY_PRESSUE_WRITE$FDSTORE$DEBUG_INVOCATION
Custom Environment
The custom environment of a process is defined by these two options:
Environment=EnvironmentFile=
Service Types
Type=: defines the main process and what does it mean for a service to be started:simple: the unit is considered started whenforkis called;exec: the unit is considered started afterexecveis called;forking: the unit is considerd started when the forked process exits;oneshot: likesimple, but the unit is considerd still active after the forked process exits;dbus: likesimplebut the service unit must have theBusName=specified,...notify: likesimple, but the service must send a "READY=1" notification viasd_notify,...;notify-reload: ...;idle: ...;
ExitType=main: unit is considered stopped when the main process exits (cannot be used withType=oneshot);cgroup: the service is considered running as long as the cgroup has at least one process has not exited;
Service process execution
Starting a service
ExecCondition=: executed before the commands inExecStartPre=. Multiple lines can be used. If the exit status is:1-254: the remaining commands are skipped and the unit is NOT MARKED asfailed.255: if the exit status is 255 the unit will be considerdfailed.0orSuccessExitStatus=values:
ExecStartPre=: executed before the command ofExecStart=. Multiple lines can be used. Processes forked from these commands are killed.ExecStart=: Multiple lines can be used only ifType=oneshot.ExecStartPost=: executed after the command ofExecStart=. Multiple lines can be usedTimeoutStartSec=: if a daemon does not signal start-up complation within this time, it is marked as failed.
Stopping a service
ExecStop: excuted to stop a service. Multiple lines can be used.ExecStopPost: commands executed after the service is stopped.TimeoutStopSec: time to wait for eachExecStop=command. If any times out, nextExecStop=commands are skipped and service is terminated with aSIGTERM.
Reloading a service
ExecReload
Restarting services
Restart=: possible values:no;on-success;on-failure;on-abnormal;on-watchdog;on-abort;always;
RestartMode=: possible values:normal;direct;debug;
RestartPreventExitStatus=: list of exits status that if returned by the main process, will prevent restart, ignoring policy defined inRestart=;RestartForceExitStatus=: list of exits status that if returned by the main process, will force restart, ignoring policy defined inRestart=;RestartSec=: initial time to sleep before restarting a service;RestartMaxSec=longest time to sellep before restarting a service;RestartSteps: number of steps betweenRestartSec=andRestartMaxSec=;
Limit options
LimitCPU=LimitFSIZE=LimitDATA=LimitSTACK=LimitCORE=LimitRSSLimitNOFILE=LimitAS=LimitNPROC=LimitMEMLOCK=LimitLOCKS=LimitSIGPENDING=LimitMSGQUEUE=LimitNICE=LimitRTPRIO=LimitRTTIME=
Sandboxing options
ProtectSystem[Mode]=ProtectHome[Mode]=RuntimeDirectory[Mode]=StateDirectory[Mode]=CacheDirectory[Mode]=LogsDirectory[Mode]=ConfigurationDirectory[Mode]=RuntimeDirectoryPreserve=TimeoutCleanSec=ReadWritePaths=ReadOnlyPathsInaccessiblePaths=ExecPaths=NoExecPaths=TemporaryFileSystem=PrivateTmp=PrivateDevices=PrivateNetwork=NetworkNamespacePath=PrivateIPC=IPCNamespacePath=MemoryKSM=PrivatePIDs=PrivateUsers=ProtectHostname=ProtectClock=ProtectKernelTunables=ProtectKernelModules=ProtectKernelLogs=ProtectControlGroups=RestrictAddressFamilies=RestrictFileSystems=RestrictNamespaces=LockPersonality=MemoryDenyWriteExecute=RestrictRealtime=RestrictSUIDSGID=RemoveIPC=PrivateMountsMountFlags=
System call filtering options
SystemCallFilter=SystemCallErrorNumber=SystemCallArchitecture=SystemCallLog=
Environment options
Environment=EnvironmentFile=PassEnvironment=UnsetEnvironment=
Standard I/O options
StandardInput=StandardOutput=StandardError=StandardInputText=StandardInputData=
TTY options
TTYPath=TTUReset=TTYHangup=TTYColumns=TTYRows=TTYVTDisallocate=
Logging options
LogLevelMax=LogExtraFiels=LogRateLimitIntervalSec=LogRateLimitBurst=LogFilterPatterns=LogNamespace
Credentials options
LoadCredential=LoadCredentialEncrypted=ImportCredential=SetCredential=SetCredentialEncrypted=