diff options
Diffstat (limited to 'units')
181 files changed, 4323 insertions, 0 deletions
diff --git a/units/basic.target b/units/basic.target new file mode 100644 index 0000000..4f44292 --- /dev/null +++ b/units/basic.target @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Basic System +Documentation=man:systemd.special(7) +Requires=sysinit.target +Wants=sockets.target timers.target paths.target slices.target +After=sysinit.target sockets.target paths.target slices.target tmp.mount + +# We support /var, /tmp, /var/tmp, being on NFS, but we don't pull in +# remote-fs.target by default, hence pull them in explicitly here. Note that we +# require /var and /var/tmp, but only add a Wants= type dependency on /tmp, as +# we support that unit being masked, and this should not be considered an error. +RequiresMountsFor=/var /var/tmp +Wants=tmp.mount diff --git a/units/bluetooth.target b/units/bluetooth.target new file mode 100644 index 0000000..62407d3 --- /dev/null +++ b/units/bluetooth.target @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Bluetooth +Documentation=man:systemd.special(7) +StopWhenUnneeded=yes diff --git a/units/boot-complete.target b/units/boot-complete.target new file mode 100644 index 0000000..f0b9e57 --- /dev/null +++ b/units/boot-complete.target @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Boot Completion Check +Documentation=man:systemd.special(7) +Requires=sysinit.target +After=sysinit.target diff --git a/units/console-getty.service.m4 b/units/console-getty.service.m4 new file mode 100644 index 0000000..3c55324 --- /dev/null +++ b/units/console-getty.service.m4 @@ -0,0 +1,38 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Console Getty +Documentation=man:agetty(8) man:systemd-getty-generator(8) +After=systemd-user-sessions.service plymouth-quit-wait.service +m4_ifdef(`HAVE_SYSV_COMPAT', +After=rc-local.service getty-pre.target +)m4_dnl +Before=getty.target + +# OCI containers may be run without a console +ConditionPathExists=/dev/console + +[Service] +# The '-o' option value tells agetty to replace 'login' arguments with an +# option to preserve environment (-p), followed by '--' for safety, and then +# the entered username. +ExecStart=-/sbin/agetty -o '-p -- \\u' --noclear --keep-baud console 115200,38400,9600 $TERM +Type=idle +Restart=always +UtmpIdentifier=cons +TTYPath=/dev/console +TTYReset=yes +TTYVHangup=yes +KillMode=process +IgnoreSIGPIPE=no +SendSIGHUP=yes + +[Install] +WantedBy=getty.target diff --git a/units/container-getty@.service.m4 b/units/container-getty@.service.m4 new file mode 100644 index 0000000..087ab7f --- /dev/null +++ b/units/container-getty@.service.m4 @@ -0,0 +1,41 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Container Getty on /dev/pts/%I +Documentation=man:agetty(8) man:systemd-getty-generator(8) +Documentation=man:machinectl(1) +After=systemd-user-sessions.service plymouth-quit-wait.service +m4_ifdef(`HAVE_SYSV_COMPAT', +After=rc-local.service getty-pre.target +)m4_dnl +Before=getty.target +IgnoreOnIsolate=yes +ConditionPathExists=/dev/pts/%I + +# IgnoreOnIsolate is an issue: when someone isolates rescue.target, +# tradition expects that we shut down all but the main console. +Conflicts=rescue.service +Before=rescue.service + +[Service] +# The '-o' option value tells agetty to replace 'login' arguments with an +# option to preserve environment (-p), followed by '--' for safety, and then +# the entered username. +ExecStart=-/sbin/agetty -o '-p -- \\u' --noclear --keep-baud pts/%I 115200,38400,9600 $TERM +Type=idle +Restart=always +RestartSec=0 +UtmpIdentifier=pts/%I +TTYPath=/dev/pts/%I +TTYReset=yes +TTYVHangup=yes +KillMode=process +IgnoreSIGPIPE=no +SendSIGHUP=yes diff --git a/units/cryptsetup-pre.target b/units/cryptsetup-pre.target new file mode 100644 index 0000000..12e4107 --- /dev/null +++ b/units/cryptsetup-pre.target @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Local Encrypted Volumes (Pre) +Documentation=man:systemd.special(7) +RefuseManualStart=yes +Before=cryptsetup.target diff --git a/units/cryptsetup.target b/units/cryptsetup.target new file mode 100644 index 0000000..fdb572b --- /dev/null +++ b/units/cryptsetup.target @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Local Encrypted Volumes +Documentation=man:systemd.special(7) diff --git a/units/debug-shell.service.in b/units/debug-shell.service.in new file mode 100644 index 0000000..1127e68 --- /dev/null +++ b/units/debug-shell.service.in @@ -0,0 +1,37 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Early root shell on @DEBUGTTY@ FOR DEBUGGING ONLY +Documentation=man:sushell(8) +Documentation=man:systemd-debug-generator(8) +DefaultDependencies=no +IgnoreOnIsolate=yes +ConditionPathExists=@DEBUGTTY@ + +[Service] +Environment=TERM=linux +ExecStart=@SUSHELL@ +Restart=always +RestartSec=0 +StandardInput=tty +TTYPath=@DEBUGTTY@ +TTYReset=yes +TTYVHangup=yes +KillMode=process +IgnoreSIGPIPE=no +# bash ignores SIGTERM +KillSignal=SIGHUP + +# Unset locale for the console getty since the console has problems +# displaying some internationalized messages. +UnsetEnvironment=LANG LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION + +[Install] +WantedBy=sysinit.target diff --git a/units/dev-hugepages.mount b/units/dev-hugepages.mount new file mode 100644 index 0000000..278ed9b --- /dev/null +++ b/units/dev-hugepages.mount @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Huge Pages File System +Documentation=https://www.kernel.org/doc/Documentation/vm/hugetlbpage.txt +Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems +DefaultDependencies=no +Before=sysinit.target +ConditionPathExists=/sys/kernel/mm/hugepages +ConditionCapability=CAP_SYS_ADMIN +ConditionVirtualization=!private-users + +[Mount] +What=hugetlbfs +Where=/dev/hugepages +Type=hugetlbfs diff --git a/units/dev-mqueue.mount b/units/dev-mqueue.mount new file mode 100644 index 0000000..be32433 --- /dev/null +++ b/units/dev-mqueue.mount @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=POSIX Message Queue File System +Documentation=man:mq_overview(7) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems +DefaultDependencies=no +Before=sysinit.target +ConditionPathExists=/proc/sys/fs/mqueue +ConditionCapability=CAP_SYS_ADMIN + +[Mount] +What=mqueue +Where=/dev/mqueue +Type=mqueue diff --git a/units/emergency.service.in b/units/emergency.service.in new file mode 100644 index 0000000..d259b6b --- /dev/null +++ b/units/emergency.service.in @@ -0,0 +1,30 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Emergency Shell +Documentation=man:sulogin(8) +DefaultDependencies=no +Conflicts=shutdown.target +Conflicts=rescue.service +Before=shutdown.target +Before=rescue.service + +[Service] +Environment=HOME=/root +WorkingDirectory=-/root +ExecStartPre=-/bin/plymouth --wait quit +ExecStart=-@rootlibexecdir@/systemd-sulogin-shell emergency +Type=idle +StandardInput=tty-force +StandardOutput=inherit +StandardError=inherit +KillMode=process +IgnoreSIGPIPE=no +SendSIGHUP=yes diff --git a/units/emergency.target b/units/emergency.target new file mode 100644 index 0000000..a4e954e --- /dev/null +++ b/units/emergency.target @@ -0,0 +1,15 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Emergency Mode +Documentation=man:systemd.special(7) +Requires=emergency.service +After=emergency.service +AllowIsolate=yes diff --git a/units/exit.target b/units/exit.target new file mode 100644 index 0000000..0a79533 --- /dev/null +++ b/units/exit.target @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Exit the container +Documentation=man:systemd.special(7) +DefaultDependencies=no +Requires=systemd-exit.service +After=systemd-exit.service +AllowIsolate=yes + +[Install] +Alias=ctrl-alt-del.target diff --git a/units/final.target b/units/final.target new file mode 100644 index 0000000..0e12386 --- /dev/null +++ b/units/final.target @@ -0,0 +1,15 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Final Step +Documentation=man:systemd.special(7) +DefaultDependencies=no +RefuseManualStart=yes +After=shutdown.target umount.target diff --git a/units/getty-pre.target b/units/getty-pre.target new file mode 100644 index 0000000..adb98bf --- /dev/null +++ b/units/getty-pre.target @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Login Prompts (Pre) +Documentation=man:systemd.special(7) man:systemd-getty-generator(8) +Documentation=http://0pointer.de/blog/projects/serial-console.html diff --git a/units/getty.target b/units/getty.target new file mode 100644 index 0000000..b311017 --- /dev/null +++ b/units/getty.target @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Login Prompts +Documentation=man:systemd.special(7) man:systemd-getty-generator(8) +Documentation=http://0pointer.de/blog/projects/serial-console.html diff --git a/units/getty@.service.m4 b/units/getty@.service.m4 new file mode 100644 index 0000000..80e793b --- /dev/null +++ b/units/getty@.service.m4 @@ -0,0 +1,60 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Getty on %I +Documentation=man:agetty(8) man:systemd-getty-generator(8) +Documentation=http://0pointer.de/blog/projects/serial-console.html +After=systemd-user-sessions.service plymouth-quit-wait.service getty-pre.target +m4_ifdef(`HAVE_SYSV_COMPAT', +After=rc-local.service +)m4_dnl + +# If additional gettys are spawned during boot then we should make +# sure that this is synchronized before getty.target, even though +# getty.target didn't actually pull it in. +Before=getty.target +IgnoreOnIsolate=yes + +# IgnoreOnIsolate causes issues with sulogin, if someone isolates +# rescue.target or starts rescue.service from multi-user.target or +# graphical.target. +Conflicts=rescue.service +Before=rescue.service + +# On systems without virtual consoles, don't start any getty. Note +# that serial gettys are covered by serial-getty@.service, not this +# unit. +ConditionPathExists=/dev/tty0 + +[Service] +# the VT is cleared by TTYVTDisallocate +# The '-o' option value tells agetty to replace 'login' arguments with an +# option to preserve environment (-p), followed by '--' for safety, and then +# the entered username. +ExecStart=-/sbin/agetty -o '-p -- \\u' --noclear %I $TERM +Type=idle +Restart=always +RestartSec=0 +UtmpIdentifier=%I +TTYPath=/dev/%I +TTYReset=yes +TTYVHangup=yes +TTYVTDisallocate=yes +KillMode=process +IgnoreSIGPIPE=no +SendSIGHUP=yes + +# Unset locale for the console getty since the console has problems +# displaying some internationalized messages. +UnsetEnvironment=LANG LANGUAGE LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY LC_MESSAGES LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT LC_IDENTIFICATION + +[Install] +WantedBy=getty.target +DefaultInstance=tty1 diff --git a/units/graphical.target b/units/graphical.target new file mode 100644 index 0000000..f3e30e9 --- /dev/null +++ b/units/graphical.target @@ -0,0 +1,17 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Graphical Interface +Documentation=man:systemd.special(7) +Requires=multi-user.target +Wants=display-manager.service +Conflicts=rescue.service rescue.target +After=multi-user.target rescue.service rescue.target display-manager.service +AllowIsolate=yes diff --git a/units/halt-local.service.in b/units/halt-local.service.in new file mode 100644 index 0000000..f6c2e9c --- /dev/null +++ b/units/halt-local.service.in @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=@RC_LOCAL_SCRIPT_PATH_STOP@ Compatibility +ConditionFileIsExecutable=@RC_LOCAL_SCRIPT_PATH_STOP@ +DefaultDependencies=no +After=shutdown.target +Before=final.target + +[Service] +Type=oneshot +ExecStart=@RC_LOCAL_SCRIPT_PATH_STOP@ +TimeoutSec=0 +StandardOutput=tty +RemainAfterExit=yes diff --git a/units/halt.target b/units/halt.target new file mode 100644 index 0000000..87c3374 --- /dev/null +++ b/units/halt.target @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Halt +Documentation=man:systemd.special(7) +DefaultDependencies=no +Requires=systemd-halt.service +After=systemd-halt.service +AllowIsolate=yes + +[Install] +Alias=ctrl-alt-del.target diff --git a/units/hibernate.target b/units/hibernate.target new file mode 100644 index 0000000..8580c65 --- /dev/null +++ b/units/hibernate.target @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Hibernate +Documentation=man:systemd.special(7) +DefaultDependencies=no +Requires=systemd-hibernate.service +After=systemd-hibernate.service +StopWhenUnneeded=yes diff --git a/units/hybrid-sleep.target b/units/hybrid-sleep.target new file mode 100644 index 0000000..e5e22b8 --- /dev/null +++ b/units/hybrid-sleep.target @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Hybrid Suspend+Hibernate +Documentation=man:systemd.special(7) +DefaultDependencies=no +Requires=systemd-hybrid-sleep.service +After=systemd-hybrid-sleep.service +StopWhenUnneeded=yes diff --git a/units/initrd-cleanup.service.in b/units/initrd-cleanup.service.in new file mode 100644 index 0000000..9775540 --- /dev/null +++ b/units/initrd-cleanup.service.in @@ -0,0 +1,20 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Cleaning Up and Shutting Down Daemons +DefaultDependencies=no +ConditionPathExists=/etc/initrd-release +OnFailure=emergency.target +OnFailureJobMode=replace-irreversibly +After=initrd-root-fs.target initrd-fs.target initrd.target + +[Service] +Type=oneshot +ExecStart=@rootbindir@/systemctl --no-block isolate initrd-switch-root.target diff --git a/units/initrd-fs.target b/units/initrd-fs.target new file mode 100644 index 0000000..33822bd --- /dev/null +++ b/units/initrd-fs.target @@ -0,0 +1,18 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Initrd File Systems +Documentation=man:systemd.special(7) +OnFailure=emergency.target +OnFailureJobMode=replace-irreversibly +ConditionPathExists=/etc/initrd-release +After=initrd-parse-etc.service +DefaultDependencies=no +Conflicts=shutdown.target diff --git a/units/initrd-parse-etc.service.in b/units/initrd-parse-etc.service.in new file mode 100644 index 0000000..2b3cd61 --- /dev/null +++ b/units/initrd-parse-etc.service.in @@ -0,0 +1,24 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Reload Configuration from the Real Root +DefaultDependencies=no +Requires=initrd-root-fs.target +After=initrd-root-fs.target +OnFailure=emergency.target +OnFailureJobMode=replace-irreversibly +ConditionPathExists=/etc/initrd-release + +[Service] +Type=oneshot +ExecStartPre=-@rootbindir@/systemctl daemon-reload +# we have to retrigger initrd-fs.target after daemon-reload +ExecStart=-@rootbindir@/systemctl --no-block start initrd-fs.target +ExecStart=@rootbindir@/systemctl --no-block start initrd-cleanup.service diff --git a/units/initrd-root-device.target b/units/initrd-root-device.target new file mode 100644 index 0000000..580c666 --- /dev/null +++ b/units/initrd-root-device.target @@ -0,0 +1,17 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Initrd Root Device +Documentation=man:systemd.special(7) +ConditionPathExists=/etc/initrd-release +OnFailure=emergency.target +OnFailureJobMode=replace-irreversibly +DefaultDependencies=no +Conflicts=shutdown.target diff --git a/units/initrd-root-fs.target b/units/initrd-root-fs.target new file mode 100644 index 0000000..9b955f6 --- /dev/null +++ b/units/initrd-root-fs.target @@ -0,0 +1,17 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Initrd Root File System +Documentation=man:systemd.special(7) +ConditionPathExists=/etc/initrd-release +OnFailure=emergency.target +OnFailureJobMode=replace-irreversibly +DefaultDependencies=no +Conflicts=shutdown.target diff --git a/units/initrd-switch-root.service.in b/units/initrd-switch-root.service.in new file mode 100644 index 0000000..6ce468e --- /dev/null +++ b/units/initrd-switch-root.service.in @@ -0,0 +1,20 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Switch Root +DefaultDependencies=no +ConditionPathExists=/etc/initrd-release +OnFailure=emergency.target +OnFailureJobMode=replace-irreversibly +AllowIsolate=yes + +[Service] +Type=oneshot +ExecStart=@rootbindir@/systemctl --no-block switch-root /sysroot diff --git a/units/initrd-switch-root.target b/units/initrd-switch-root.target new file mode 100644 index 0000000..ea4f026 --- /dev/null +++ b/units/initrd-switch-root.target @@ -0,0 +1,18 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Switch Root +ConditionPathExists=/etc/initrd-release +DefaultDependencies=no +Requires=initrd-switch-root.service +Before=initrd-switch-root.service +AllowIsolate=yes +Wants=initrd-udevadm-cleanup-db.service initrd-root-fs.target initrd-fs.target systemd-journald.service initrd-cleanup.service +After=initrd-udevadm-cleanup-db.service initrd-root-fs.target initrd-fs.target emergency.service emergency.target initrd-cleanup.service diff --git a/units/initrd-udevadm-cleanup-db.service.in b/units/initrd-udevadm-cleanup-db.service.in new file mode 100644 index 0000000..5059605 --- /dev/null +++ b/units/initrd-udevadm-cleanup-db.service.in @@ -0,0 +1,20 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Cleanup udevd DB +DefaultDependencies=no +ConditionPathExists=/etc/initrd-release +Conflicts=systemd-udevd.service systemd-udevd-control.socket systemd-udevd-kernel.socket +After=systemd-udevd.service systemd-udevd-control.socket systemd-udevd-kernel.socket +Before=initrd-switch-root.target + +[Service] +Type=oneshot +ExecStart=-@rootbindir@/udevadm info --cleanup-db diff --git a/units/initrd.target b/units/initrd.target new file mode 100644 index 0000000..a74a447 --- /dev/null +++ b/units/initrd.target @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Initrd Default Target +Documentation=man:systemd.special(7) +OnFailure=emergency.target +OnFailureJobMode=replace-irreversibly +ConditionPathExists=/etc/initrd-release +Requires=basic.target +Wants=initrd-root-fs.target initrd-root-device.target initrd-fs.target initrd-parse-etc.service +After=initrd-root-fs.target initrd-root-device.target initrd-fs.target basic.target rescue.service rescue.target +AllowIsolate=yes diff --git a/units/kexec.target b/units/kexec.target new file mode 100644 index 0000000..706cd70 --- /dev/null +++ b/units/kexec.target @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Reboot via kexec +Documentation=man:systemd.special(7) +DefaultDependencies=no +Requires=systemd-kexec.service +After=systemd-kexec.service +AllowIsolate=yes + +[Install] +Alias=ctrl-alt-del.target diff --git a/units/kmod-static-nodes.service.in b/units/kmod-static-nodes.service.in new file mode 100644 index 0000000..a6c5eb2 --- /dev/null +++ b/units/kmod-static-nodes.service.in @@ -0,0 +1,20 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Create list of required static device nodes for the current kernel +DefaultDependencies=no +Before=sysinit.target systemd-tmpfiles-setup-dev.service +ConditionCapability=CAP_SYS_MODULE +ConditionFileNotEmpty=/lib/modules/%v/modules.devname + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@KMOD@ static-nodes --format=tmpfiles --output=/run/tmpfiles.d/kmod.conf diff --git a/units/ldconfig.service b/units/ldconfig.service new file mode 100644 index 0000000..3c3cbf5 --- /dev/null +++ b/units/ldconfig.service @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Rebuild Dynamic Linker Cache +Documentation=man:ldconfig(8) +DefaultDependencies=no +Conflicts=shutdown.target +After=local-fs.target +Before=sysinit.target shutdown.target systemd-update-done.service +ConditionNeedsUpdate=|/etc +ConditionFileNotEmpty=|!/etc/ld.so.cache + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=/sbin/ldconfig -X diff --git a/units/local-fs-pre.target b/units/local-fs-pre.target new file mode 100644 index 0000000..9aca15b --- /dev/null +++ b/units/local-fs-pre.target @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Local File Systems (Pre) +Documentation=man:systemd.special(7) +RefuseManualStart=yes diff --git a/units/local-fs.target b/units/local-fs.target new file mode 100644 index 0000000..6ba4930 --- /dev/null +++ b/units/local-fs.target @@ -0,0 +1,17 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Local File Systems +Documentation=man:systemd.special(7) +DefaultDependencies=no +Conflicts=shutdown.target +After=local-fs-pre.target +OnFailure=emergency.target +OnFailureJobMode=replace-irreversibly diff --git a/units/machine.slice b/units/machine.slice new file mode 100644 index 0000000..b4e4c17 --- /dev/null +++ b/units/machine.slice @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Virtual Machine and Container Slice +Documentation=man:systemd.special(7) +Before=slices.target diff --git a/units/machines.target b/units/machines.target new file mode 100644 index 0000000..224765a --- /dev/null +++ b/units/machines.target @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Containers +Documentation=man:systemd.special(7) +Before=multi-user.target + +[Install] +WantedBy=multi-user.target diff --git a/units/meson-add-wants.sh b/units/meson-add-wants.sh new file mode 100755 index 0000000..e2b2603 --- /dev/null +++ b/units/meson-add-wants.sh @@ -0,0 +1,28 @@ +#!/bin/sh +set -eu + +unitdir="$1" +target="$2" +unit="$3" + +case "$target" in + */?*) # a path, but not just a slash at the end + dir="${DESTDIR:-}${target}" + ;; + *) + dir="${DESTDIR:-}${unitdir}/${target}" + ;; +esac + +unitpath="${DESTDIR:-}${unitdir}/${unit}" + +case "$target" in + */) + mkdir -vp -m 0755 "$dir" + ;; + *) + mkdir -vp -m 0755 "$(dirname "$dir")" + ;; +esac + +ln -vfs --relative "$unitpath" "$dir" diff --git a/units/meson.build b/units/meson.build new file mode 100644 index 0000000..d695084 --- /dev/null +++ b/units/meson.build @@ -0,0 +1,332 @@ +# SPDX-License-Identifier: LGPL-2.1+ + +units = [ + ['basic.target', ''], + ['bluetooth.target', ''], + ['boot-complete.target', ''], + ['cryptsetup-pre.target', 'HAVE_LIBCRYPTSETUP'], + ['cryptsetup.target', 'HAVE_LIBCRYPTSETUP', + 'sysinit.target.wants/'], + ['dev-hugepages.mount', '', + 'sysinit.target.wants/'], + ['dev-mqueue.mount', '', + 'sysinit.target.wants/'], + ['emergency.target', ''], + ['exit.target', ''], + ['final.target', ''], + ['getty.target', '', + 'multi-user.target.wants/'], + ['getty-pre.target', ''], + ['graphical.target', '', + 'runlevel5.target default.target'], + ['halt.target', ''], + ['hibernate.target', 'ENABLE_HIBERNATE'], + ['hybrid-sleep.target', 'ENABLE_HIBERNATE'], + ['suspend-then-hibernate.target', 'ENABLE_HIBERNATE'], + ['initrd-fs.target', ''], + ['initrd-root-device.target', ''], + ['initrd-root-fs.target', ''], + ['initrd-switch-root.target', ''], + ['initrd.target', ''], + ['kexec.target', ''], + ['ldconfig.service', 'ENABLE_LDCONFIG', + 'sysinit.target.wants/'], + ['local-fs-pre.target', ''], + ['local-fs.target', ''], + ['machine.slice', 'ENABLE_MACHINED'], + ['machines.target', 'ENABLE_MACHINED', + join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')], + ['multi-user.target', '', + 'runlevel2.target runlevel3.target runlevel4.target'], + ['network-online.target', ''], + ['network-pre.target', ''], + ['network.target', ''], + ['nss-lookup.target', ''], + ['nss-user-lookup.target', ''], + ['paths.target', ''], + ['poweroff.target', '', + 'runlevel0.target'], + ['printer.target', ''], + ['proc-sys-fs-binfmt_misc.automount', 'ENABLE_BINFMT', + 'sysinit.target.wants/'], + ['proc-sys-fs-binfmt_misc.mount', 'ENABLE_BINFMT'], + ['reboot.target', '', + 'runlevel6.target ctrl-alt-del.target'], + ['remote-cryptsetup.target', 'HAVE_LIBCRYPTSETUP', + join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')], + ['remote-fs-pre.target', ''], + ['remote-fs.target', '', + join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')], + ['rescue.target', '', + 'runlevel1.target'], + ['rpcbind.target', ''], + ['shutdown.target', ''], + ['sigpwr.target', ''], + ['sleep.target', ''], + ['slices.target', ''], + ['smartcard.target', ''], + ['sockets.target', ''], + ['sound.target', ''], + ['suspend.target', ''], + ['swap.target', ''], + ['sys-fs-fuse-connections.mount', '', + 'sysinit.target.wants/'], + ['sys-kernel-config.mount', '', + 'sysinit.target.wants/'], + ['sys-kernel-debug.mount', '', + 'sysinit.target.wants/'], + ['sysinit.target', ''], + ['syslog.socket', ''], + ['system-update.target', ''], + ['system-update-pre.target', ''], + ['system-update-cleanup.service', ''], + ['systemd-ask-password-console.path', '', + 'sysinit.target.wants/'], + ['systemd-ask-password-wall.path', '', + 'multi-user.target.wants/'], + ['systemd-coredump.socket', 'ENABLE_COREDUMP', + 'sockets.target.wants/'], + ['systemd-exit.service', ''], + ['systemd-initctl.socket', '', + 'sockets.target.wants/'], + ['systemd-journal-gatewayd.socket', 'ENABLE_REMOTE HAVE_MICROHTTPD'], + ['systemd-journal-remote.socket', 'ENABLE_REMOTE HAVE_MICROHTTPD'], + ['systemd-journald-audit.socket', '', + 'sockets.target.wants/'], + ['systemd-journald-dev-log.socket', '', + 'sockets.target.wants/'], + ['systemd-journald.socket', '', + 'sockets.target.wants/'], + ['systemd-networkd.socket', 'ENABLE_NETWORKD', + join_paths(pkgsysconfdir, 'system/sockets.target.wants/')], + ['systemd-poweroff.service', ''], + ['systemd-reboot.service', ''], + ['systemd-rfkill.socket', 'ENABLE_RFKILL'], + ['systemd-tmpfiles-clean.timer', '', + 'timers.target.wants/'], + ['systemd-udevd-control.socket', '', + 'sockets.target.wants/'], + ['systemd-udevd-kernel.socket', '', + 'sockets.target.wants/'], + ['time-sync.target', ''], + ['timers.target', ''], + ['tmp.mount', '', + 'local-fs.target.wants/'], + ['umount.target', ''], + ['user.slice', ''], + ['var-lib-machines.mount', 'ENABLE_MACHINED', + 'remote-fs.target.wants/ machines.target.wants/'], +] + +in_units = [ + ['debug-shell.service', ''], + ['emergency.service', ''], + ['halt-local.service', 'HAVE_SYSV_COMPAT'], + ['initrd-cleanup.service', ''], + ['initrd-parse-etc.service', ''], + ['initrd-switch-root.service', ''], + ['initrd-udevadm-cleanup-db.service', ''], + ['kmod-static-nodes.service', 'HAVE_KMOD ENABLE_TMPFILES', + 'sysinit.target.wants/'], + ['quotaon.service', 'ENABLE_QUOTACHECK'], + ['rc-local.service', 'HAVE_SYSV_COMPAT'], + ['rescue.service', ''], + ['systemd-ask-password-console.service', ''], + ['systemd-ask-password-wall.service', ''], + ['systemd-backlight@.service', 'ENABLE_BACKLIGHT'], + ['systemd-binfmt.service', 'ENABLE_BINFMT', + 'sysinit.target.wants/'], + ['systemd-bless-boot.service', 'ENABLE_EFI HAVE_BLKID'], + ['systemd-boot-check-no-failures.service', ''], + ['systemd-coredump@.service', 'ENABLE_COREDUMP'], + ['systemd-firstboot.service', 'ENABLE_FIRSTBOOT', + 'sysinit.target.wants/'], + ['systemd-fsck-root.service', ''], + ['systemd-fsck@.service', ''], + ['systemd-halt.service', ''], + ['systemd-hibernate-resume@.service', 'ENABLE_HIBERNATE'], + ['systemd-hibernate.service', 'ENABLE_HIBERNATE'], + ['systemd-hybrid-sleep.service', 'ENABLE_HIBERNATE'], + ['systemd-suspend-then-hibernate.service', 'ENABLE_HIBERNATE'], + ['systemd-hostnamed.service', 'ENABLE_HOSTNAMED', + 'dbus-org.freedesktop.hostname1.service'], + ['systemd-hwdb-update.service', 'ENABLE_HWDB', + 'sysinit.target.wants/'], + ['systemd-importd.service', 'ENABLE_IMPORTD', + 'dbus-org.freedesktop.import1.service'], + ['systemd-initctl.service', ''], + ['systemd-journal-catalog-update.service', '', + 'sysinit.target.wants/'], + ['systemd-journal-flush.service', '', + 'sysinit.target.wants/'], + ['systemd-journal-gatewayd.service', 'ENABLE_REMOTE HAVE_MICROHTTPD'], + ['systemd-journal-remote.service', 'ENABLE_REMOTE HAVE_MICROHTTPD'], + ['systemd-journal-upload.service', 'ENABLE_REMOTE HAVE_LIBCURL'], + ['systemd-journald.service', '', + 'sysinit.target.wants/'], + ['systemd-kexec.service', ''], + ['systemd-localed.service', 'ENABLE_LOCALED', + 'dbus-org.freedesktop.locale1.service'], + ['systemd-logind.service', 'ENABLE_LOGIND', + 'multi-user.target.wants/ dbus-org.freedesktop.login1.service'], + ['systemd-machine-id-commit.service', '', + 'sysinit.target.wants/'], + ['systemd-machined.service', 'ENABLE_MACHINED', + 'dbus-org.freedesktop.machine1.service'], + ['systemd-modules-load.service', 'HAVE_KMOD', + 'sysinit.target.wants/'], + ['systemd-networkd.service', 'ENABLE_NETWORKD', + join_paths(pkgsysconfdir, 'system/dbus-org.freedesktop.network1.service') + ' ' + + join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')], + ['systemd-networkd-wait-online.service', 'ENABLE_NETWORKD', + join_paths(pkgsysconfdir, 'system/network-online.target.wants/')], + ['systemd-nspawn@.service', ''], + ['systemd-portabled.service', 'ENABLE_PORTABLED', + 'dbus-org.freedesktop.portable1.service'], + ['systemd-quotacheck.service', 'ENABLE_QUOTACHECK'], + ['systemd-random-seed.service', 'ENABLE_RANDOMSEED', + 'sysinit.target.wants/'], + ['systemd-remount-fs.service', '', + 'local-fs.target.wants/'], + ['systemd-resolved.service', 'ENABLE_RESOLVE', + join_paths(pkgsysconfdir, 'system/dbus-org.freedesktop.resolve1.service') + ' ' + + join_paths(pkgsysconfdir, 'system/multi-user.target.wants/')], + ['systemd-rfkill.service', 'ENABLE_RFKILL'], + ['systemd-suspend.service', ''], + ['systemd-sysctl.service', '', + 'sysinit.target.wants/'], + ['systemd-sysusers.service', 'ENABLE_SYSUSERS', + 'sysinit.target.wants/'], + ['systemd-timedated.service', 'ENABLE_TIMEDATED', + 'dbus-org.freedesktop.timedate1.service'], + ['systemd-timesyncd.service', 'ENABLE_TIMESYNCD', + join_paths(pkgsysconfdir, 'system/sysinit.target.wants/')], + ['systemd-time-wait-sync.service', 'ENABLE_TIMESYNCD'], + ['systemd-tmpfiles-clean.service', 'ENABLE_TMPFILES'], + ['systemd-tmpfiles-setup-dev.service', 'ENABLE_TMPFILES', + 'sysinit.target.wants/'], + ['systemd-tmpfiles-setup.service', 'ENABLE_TMPFILES', + 'sysinit.target.wants/'], + ['systemd-udev-settle.service', ''], + ['systemd-udev-trigger.service', '', + 'sysinit.target.wants/'], + ['systemd-udevd.service', '', + 'sysinit.target.wants/'], + ['systemd-update-done.service', '', + 'sysinit.target.wants/'], + ['systemd-update-utmp-runlevel.service', 'ENABLE_UTMP HAVE_SYSV_COMPAT', + 'multi-user.target.wants/ graphical.target.wants/ rescue.target.wants/'], + ['systemd-update-utmp.service', 'ENABLE_UTMP', + 'sysinit.target.wants/'], + ['systemd-user-sessions.service', 'HAVE_PAM', + 'multi-user.target.wants/'], + ['systemd-vconsole-setup.service', 'ENABLE_VCONSOLE'], + ['systemd-volatile-root.service', ''], + ['user-runtime-dir@.service', ''], + ['user@.service', ''], +] + +m4_units = [ + ['console-getty.service', ''], + ['container-getty@.service', ''], + ['getty@.service', '', + 'autovt@.service ' + + join_paths(pkgsysconfdir, 'system/getty.target.wants/getty@tty1.service')], + ['serial-getty@.service', ''], +] + +foreach tuple : in_units + file = tuple[0] + + # we do this here because install_data does not accept custom_target output + conds = tuple[1].split(' ') + install = ((conds.get(0, '') == '' or conf.get(conds[0]) == 1) and + (conds.get(1, '') == '' or conf.get(conds[1]) == 1)) + + gen1 = configure_file( + input : file + '.in', + output : file + '.tmp', + configuration : substs) + gen2 = custom_target( + file, + input : gen1, + output : file, + command : [sed, '/^## /d', '@INPUT@'], + capture : true, + install : install, + install_dir : systemunitdir) + + if install and tuple.length() > 2 + foreach target : tuple[2].split() + meson.add_install_script('meson-add-wants.sh', systemunitdir, target, file) + endforeach + endif +endforeach + +foreach tuple : m4_units + file = tuple[0] + input = tuple.get(3, file + '.m4') + + # we do this here because install_data does not accept custom_target output + conds = tuple[1].split(' ') + install = ((conds.get(0, '') == '' or conf.get(conds[0]) == 1) and + (conds.get(1, '') == '' or conf.get(conds[1]) == 1)) + + custom_target( + file, + input : input, + output: file, + command : [meson_apply_m4, config_h, '@INPUT@'], + capture : true, + install : install, + install_dir : systemunitdir) + + if tuple.length() > 2 and install + foreach target : tuple[2].split() + meson.add_install_script('meson-add-wants.sh', systemunitdir, target, file) + endforeach + endif +endforeach + +foreach tuple : units + file = tuple[0] + input = tuple.get(3, file) + + conds = tuple[1].split(' ') + install = ((conds.get(0, '') == '' or conf.get(conds[0]) == 1) and + (conds.get(1, '') == '' or conf.get(conds[1]) == 1)) + + if install + install_data(input, + install_dir : systemunitdir) + + if tuple.length() > 2 + foreach target : tuple[2].split() + meson.add_install_script( + 'meson-add-wants.sh', systemunitdir, target, file) + endforeach + endif + endif +endforeach + +install_data('user-.slice.d/10-defaults.conf', + install_dir : systemunitdir + '/user-.slice.d') + +############################################################ + +meson.add_install_script(meson_make_symlink, + join_paths(pkgsysconfdir, 'user'), + join_paths(sysconfdir, 'xdg/systemd/user')) +meson.add_install_script(meson_make_symlink, + join_paths(dbussystemservicedir, 'org.freedesktop.systemd1.service'), + join_paths(dbussessionservicedir, 'org.freedesktop.systemd1.service')) +if conf.get('HAVE_SYSV_COMPAT') == 1 + foreach i : [1, 2, 3, 4, 5] + meson.add_install_script( + 'sh', '-c', + mkdir_p + .format(join_paths(systemunitdir, 'runlevel@0@.target.wants'.format(i)))) + endforeach +endif + +subdir('user') diff --git a/units/multi-user.target b/units/multi-user.target new file mode 100644 index 0000000..386e1b5 --- /dev/null +++ b/units/multi-user.target @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Multi-User System +Documentation=man:systemd.special(7) +Requires=basic.target +Conflicts=rescue.service rescue.target +After=basic.target rescue.service rescue.target +AllowIsolate=yes diff --git a/units/network-online.target b/units/network-online.target new file mode 100644 index 0000000..8b8c785 --- /dev/null +++ b/units/network-online.target @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Network is Online +Documentation=man:systemd.special(7) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget +After=network.target diff --git a/units/network-pre.target b/units/network-pre.target new file mode 100644 index 0000000..806eb72 --- /dev/null +++ b/units/network-pre.target @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Network (Pre) +Documentation=man:systemd.special(7) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget +RefuseManualStart=yes diff --git a/units/network.target b/units/network.target new file mode 100644 index 0000000..3e4fdff --- /dev/null +++ b/units/network.target @@ -0,0 +1,15 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Network +Documentation=man:systemd.special(7) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/NetworkTarget +After=network-pre.target +RefuseManualStart=yes diff --git a/units/nss-lookup.target b/units/nss-lookup.target new file mode 100644 index 0000000..8d56c8e --- /dev/null +++ b/units/nss-lookup.target @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +# This exists mostly for compatibility with SysV/LSB units, and +# implementations lacking socket/bus activation. + +[Unit] +Description=Host and Network Name Lookups +Documentation=man:systemd.special(7) +RefuseManualStart=yes diff --git a/units/nss-user-lookup.target b/units/nss-user-lookup.target new file mode 100644 index 0000000..7436b6c --- /dev/null +++ b/units/nss-user-lookup.target @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +# This exists mostly for implementations lacking socket/bus +# activation. + +[Unit] +Description=User and Group Name Lookups +Documentation=man:systemd.special(7) +RefuseManualStart=yes diff --git a/units/paths.target b/units/paths.target new file mode 100644 index 0000000..9b6ed1c --- /dev/null +++ b/units/paths.target @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Paths +Documentation=man:systemd.special(7) diff --git a/units/poweroff.target b/units/poweroff.target new file mode 100644 index 0000000..47c109c --- /dev/null +++ b/units/poweroff.target @@ -0,0 +1,21 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Power-Off +Documentation=man:systemd.special(7) +DefaultDependencies=no +Requires=systemd-poweroff.service +After=systemd-poweroff.service +AllowIsolate=yes +JobTimeoutSec=30min +JobTimeoutAction=poweroff-force + +[Install] +Alias=ctrl-alt-del.target diff --git a/units/printer.target b/units/printer.target new file mode 100644 index 0000000..e1fb0d4 --- /dev/null +++ b/units/printer.target @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Printer +Documentation=man:systemd.special(7) +StopWhenUnneeded=yes diff --git a/units/proc-sys-fs-binfmt_misc.automount b/units/proc-sys-fs-binfmt_misc.automount new file mode 100644 index 0000000..30a6bc9 --- /dev/null +++ b/units/proc-sys-fs-binfmt_misc.automount @@ -0,0 +1,20 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Arbitrary Executable File Formats File System Automount Point +Documentation=https://www.kernel.org/doc/html/latest/admin-guide/binfmt-misc.html +Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems +DefaultDependencies=no +Before=sysinit.target +ConditionPathExists=/proc/sys/fs/binfmt_misc/ +ConditionPathIsReadWrite=/proc/sys/ + +[Automount] +Where=/proc/sys/fs/binfmt_misc diff --git a/units/proc-sys-fs-binfmt_misc.mount b/units/proc-sys-fs-binfmt_misc.mount new file mode 100644 index 0000000..091191e --- /dev/null +++ b/units/proc-sys-fs-binfmt_misc.mount @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Arbitrary Executable File Formats File System +Documentation=https://www.kernel.org/doc/html/latest/admin-guide/binfmt-misc.html +Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems +DefaultDependencies=no + +[Mount] +What=binfmt_misc +Where=/proc/sys/fs/binfmt_misc +Type=binfmt_misc diff --git a/units/quotaon.service.in b/units/quotaon.service.in new file mode 100644 index 0000000..25c7474 --- /dev/null +++ b/units/quotaon.service.in @@ -0,0 +1,21 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Enable File System Quotas +Documentation=man:quotaon(8) +DefaultDependencies=no +After=systemd-quotacheck.service +Before=remote-fs.target shutdown.target +ConditionPathExists=@QUOTAON@ + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@QUOTAON@ -aug diff --git a/units/rc-local.service.in b/units/rc-local.service.in new file mode 100644 index 0000000..78ce69e --- /dev/null +++ b/units/rc-local.service.in @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +# This unit gets pulled automatically into multi-user.target by +# systemd-rc-local-generator if @RC_LOCAL_SCRIPT_PATH_START@ is executable. +[Unit] +Description=@RC_LOCAL_SCRIPT_PATH_START@ Compatibility +Documentation=man:systemd-rc-local-generator(8) +ConditionFileIsExecutable=@RC_LOCAL_SCRIPT_PATH_START@ +After=network.target + +[Service] +Type=forking +ExecStart=@RC_LOCAL_SCRIPT_PATH_START@ start +TimeoutSec=0 +RemainAfterExit=yes +GuessMainPID=no diff --git a/units/reboot.target b/units/reboot.target new file mode 100644 index 0000000..c2782db --- /dev/null +++ b/units/reboot.target @@ -0,0 +1,21 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Reboot +Documentation=man:systemd.special(7) +DefaultDependencies=no +Requires=systemd-reboot.service +After=systemd-reboot.service +AllowIsolate=yes +JobTimeoutSec=30min +JobTimeoutAction=reboot-force + +[Install] +Alias=ctrl-alt-del.target diff --git a/units/remote-cryptsetup.target b/units/remote-cryptsetup.target new file mode 100644 index 0000000..4445d5d --- /dev/null +++ b/units/remote-cryptsetup.target @@ -0,0 +1,18 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Remote Encrypted Volumes +Documentation=man:systemd.special(7) +After=remote-fs-pre.target cryptsetup-pre.target +DefaultDependencies=no +Conflicts=shutdown.target + +[Install] +WantedBy=multi-user.target diff --git a/units/remote-fs-pre.target b/units/remote-fs-pre.target new file mode 100644 index 0000000..3f22605 --- /dev/null +++ b/units/remote-fs-pre.target @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Remote File Systems (Pre) +Documentation=man:systemd.special(7) +RefuseManualStart=yes diff --git a/units/remote-fs.target b/units/remote-fs.target new file mode 100644 index 0000000..0d44348 --- /dev/null +++ b/units/remote-fs.target @@ -0,0 +1,18 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Remote File Systems +Documentation=man:systemd.special(7) +After=remote-fs-pre.target +DefaultDependencies=no +Conflicts=shutdown.target + +[Install] +WantedBy=multi-user.target diff --git a/units/rescue.service.in b/units/rescue.service.in new file mode 100644 index 0000000..2a8f034 --- /dev/null +++ b/units/rescue.service.in @@ -0,0 +1,29 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Rescue Shell +Documentation=man:sulogin(8) +DefaultDependencies=no +Conflicts=shutdown.target +After=sysinit.target plymouth-start.service +Before=shutdown.target + +[Service] +Environment=HOME=/root +WorkingDirectory=-/root +ExecStartPre=-/bin/plymouth --wait quit +ExecStart=-@rootlibexecdir@/systemd-sulogin-shell rescue +Type=idle +StandardInput=tty-force +StandardOutput=inherit +StandardError=inherit +KillMode=process +IgnoreSIGPIPE=no +SendSIGHUP=yes diff --git a/units/rescue.target b/units/rescue.target new file mode 100644 index 0000000..0e04a94 --- /dev/null +++ b/units/rescue.target @@ -0,0 +1,15 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Rescue Mode +Documentation=man:systemd.special(7) +Requires=sysinit.target rescue.service +After=sysinit.target rescue.service +AllowIsolate=yes diff --git a/units/rpcbind.target b/units/rpcbind.target new file mode 100644 index 0000000..801ee4d --- /dev/null +++ b/units/rpcbind.target @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +# This exists mostly for compatibility with SysV/LSB units, and +# implementations lacking socket/bus activation. + +[Unit] +Description=RPC Port Mapper +Documentation=man:systemd.special(7) +RefuseManualStart=yes diff --git a/units/serial-getty@.service.m4 b/units/serial-getty@.service.m4 new file mode 100644 index 0000000..757b86a --- /dev/null +++ b/units/serial-getty@.service.m4 @@ -0,0 +1,48 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Serial Getty on %I +Documentation=man:agetty(8) man:systemd-getty-generator(8) +Documentation=http://0pointer.de/blog/projects/serial-console.html +BindsTo=dev-%i.device +After=dev-%i.device systemd-user-sessions.service plymouth-quit-wait.service getty-pre.target +m4_ifdef(`HAVE_SYSV_COMPAT', +After=rc-local.service +)m4_dnl + +# If additional gettys are spawned during boot then we should make +# sure that this is synchronized before getty.target, even though +# getty.target didn't actually pull it in. +Before=getty.target +IgnoreOnIsolate=yes + +# IgnoreOnIsolate causes issues with sulogin, if someone isolates +# rescue.target or starts rescue.service from multi-user.target or +# graphical.target. +Conflicts=rescue.service +Before=rescue.service + +[Service] +# The '-o' option value tells agetty to replace 'login' arguments with an +# option to preserve environment (-p), followed by '--' for safety, and then +# the entered username. +ExecStart=-/sbin/agetty -o '-p -- \\u' --keep-baud 115200,38400,9600 %I $TERM +Type=idle +Restart=always +UtmpIdentifier=%I +TTYPath=/dev/%I +TTYReset=yes +TTYVHangup=yes +KillMode=process +IgnoreSIGPIPE=no +SendSIGHUP=yes + +[Install] +WantedBy=getty.target diff --git a/units/shutdown.target b/units/shutdown.target new file mode 100644 index 0000000..d48e6d6 --- /dev/null +++ b/units/shutdown.target @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Shutdown +Documentation=man:systemd.special(7) +DefaultDependencies=no +RefuseManualStart=yes diff --git a/units/sigpwr.target b/units/sigpwr.target new file mode 100644 index 0000000..8228541 --- /dev/null +++ b/units/sigpwr.target @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Power Failure +Documentation=man:systemd.special(7) diff --git a/units/sleep.target b/units/sleep.target new file mode 100644 index 0000000..9409dc6 --- /dev/null +++ b/units/sleep.target @@ -0,0 +1,15 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Sleep +Documentation=man:systemd.special(7) +DefaultDependencies=no +RefuseManualStart=yes +StopWhenUnneeded=yes diff --git a/units/slices.target b/units/slices.target new file mode 100644 index 0000000..84a04d6 --- /dev/null +++ b/units/slices.target @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Slices +Documentation=man:systemd.special(7) +Wants=-.slice system.slice +After=-.slice system.slice diff --git a/units/smartcard.target b/units/smartcard.target new file mode 100644 index 0000000..717ea23 --- /dev/null +++ b/units/smartcard.target @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Smart Card +Documentation=man:systemd.special(7) +StopWhenUnneeded=yes diff --git a/units/sockets.target b/units/sockets.target new file mode 100644 index 0000000..9af67fd --- /dev/null +++ b/units/sockets.target @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Sockets +Documentation=man:systemd.special(7) diff --git a/units/sound.target b/units/sound.target new file mode 100644 index 0000000..19afc2a --- /dev/null +++ b/units/sound.target @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Sound Card +Documentation=man:systemd.special(7) +StopWhenUnneeded=yes diff --git a/units/suspend-then-hibernate.target b/units/suspend-then-hibernate.target new file mode 100644 index 0000000..999c0a9 --- /dev/null +++ b/units/suspend-then-hibernate.target @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Suspend; Hibernate if not used for a period of time +Documentation=man:systemd.special(7) +DefaultDependencies=no +Requires=systemd-suspend-then-hibernate.service +After=systemd-suspend-then-hibernate.service +StopWhenUnneeded=yes diff --git a/units/suspend.target b/units/suspend.target new file mode 100644 index 0000000..1a156b4 --- /dev/null +++ b/units/suspend.target @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Suspend +Documentation=man:systemd.special(7) +DefaultDependencies=no +Requires=systemd-suspend.service +After=systemd-suspend.service +StopWhenUnneeded=yes diff --git a/units/swap.target b/units/swap.target new file mode 100644 index 0000000..8cef5b6 --- /dev/null +++ b/units/swap.target @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Swap +Documentation=man:systemd.special(7) diff --git a/units/sys-fs-fuse-connections.mount b/units/sys-fs-fuse-connections.mount new file mode 100644 index 0000000..7e7b05c --- /dev/null +++ b/units/sys-fs-fuse-connections.mount @@ -0,0 +1,24 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=FUSE Control File System +Documentation=https://www.kernel.org/doc/Documentation/filesystems/fuse.txt +Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems +DefaultDependencies=no +ConditionPathExists=/sys/fs/fuse/connections +ConditionCapability=CAP_SYS_ADMIN +ConditionVirtualization=!private-users +After=systemd-modules-load.service +Before=sysinit.target + +[Mount] +What=fusectl +Where=/sys/fs/fuse/connections +Type=fusectl diff --git a/units/sys-kernel-config.mount b/units/sys-kernel-config.mount new file mode 100644 index 0000000..e213ca5 --- /dev/null +++ b/units/sys-kernel-config.mount @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Kernel Configuration File System +Documentation=https://www.kernel.org/doc/Documentation/filesystems/configfs/configfs.txt +Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems +DefaultDependencies=no +ConditionPathExists=/sys/kernel/config +ConditionCapability=CAP_SYS_RAWIO +After=systemd-modules-load.service +Before=sysinit.target + +[Mount] +What=configfs +Where=/sys/kernel/config +Type=configfs diff --git a/units/sys-kernel-debug.mount b/units/sys-kernel-debug.mount new file mode 100644 index 0000000..53ce820 --- /dev/null +++ b/units/sys-kernel-debug.mount @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Kernel Debug File System +Documentation=https://www.kernel.org/doc/Documentation/filesystems/debugfs.txt +Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems +DefaultDependencies=no +ConditionPathExists=/sys/kernel/debug +ConditionCapability=CAP_SYS_RAWIO +Before=sysinit.target + +[Mount] +What=debugfs +Where=/sys/kernel/debug +Type=debugfs diff --git a/units/sysinit.target b/units/sysinit.target new file mode 100644 index 0000000..b6c16a1 --- /dev/null +++ b/units/sysinit.target @@ -0,0 +1,15 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=System Initialization +Documentation=man:systemd.special(7) +Conflicts=emergency.service emergency.target +Wants=local-fs.target swap.target +After=local-fs.target swap.target emergency.service emergency.target diff --git a/units/syslog.socket b/units/syslog.socket new file mode 100644 index 0000000..c4b1cea --- /dev/null +++ b/units/syslog.socket @@ -0,0 +1,47 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Syslog Socket +Documentation=man:systemd.special(7) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/syslog +DefaultDependencies=no +Before=sockets.target + +# Don't allow logging until the very end +Conflicts=shutdown.target +Before=shutdown.target + +# Don't try to activate syslog.service if sysinit.target has failed. +Conflicts=emergency.service +Before=emergency.service + +[Socket] +ListenDatagram=/run/systemd/journal/syslog +SocketMode=0666 +PassCredentials=yes +PassSecurity=yes +ReceiveBuffer=8M + +# The default syslog implementation should make syslog.service a +# symlink to itself, so that this socket activates the right actual +# syslog service. +# +# Examples: +# +# /etc/systemd/system/syslog.service -> /lib/systemd/system/rsyslog.service +# /etc/systemd/system/syslog.service -> /lib/systemd/system/syslog-ng.service +# +# Best way to achieve that is by adding this to your unit file +# (i.e. to rsyslog.service or syslog-ng.service): +# +# [Install] +# Alias=syslog.service +# +# See https://www.freedesktop.org/wiki/Software/systemd/syslog for details. diff --git a/units/system-update-cleanup.service b/units/system-update-cleanup.service new file mode 100644 index 0000000..58baab3 --- /dev/null +++ b/units/system-update-cleanup.service @@ -0,0 +1,35 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Remove the Offline System Updates symlink +Documentation=man:systemd.special(5) man:systemd.offline-updates(7) +After=system-update.target +DefaultDependencies=no +Conflicts=shutdown.target +Before=shutdown.target +SuccessAction=reboot + +# system-update-generator uses laccess("/system-update"), while a plain +# ConditionPathExists=/system-update uses access("/system-update"), so +# we need an alternate condition to cover the case of a dangling symlink. +# +# This service is only invoked if /system-update exists, i.e. if the +# condition tested by system-update-generator remains true and the system +# would be diverted into system-update.target again after reboot. This way +# we guard against being diverted into system-update.target again, which +# works as a safety measure, but we will not step on the toes of the +# update script if it successfully removed the symlink and scheduled a +# reboot or some other action on its own. +ConditionPathExists=|/system-update +ConditionPathIsSymbolicLink=|/system-update + +[Service] +Type=oneshot +ExecStart=/bin/rm -fv /system-update diff --git a/units/system-update-pre.target b/units/system-update-pre.target new file mode 100644 index 0000000..163b75c --- /dev/null +++ b/units/system-update-pre.target @@ -0,0 +1,15 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Offline System Update (Pre) +Documentation=man:systemd.offline-updates(7) +Documentation=man:systemd.special(7) man:systemd-system-update-generator(8) +RefuseManualStart=yes +After=sysinit.target diff --git a/units/system-update.target b/units/system-update.target new file mode 100644 index 0000000..29812ed --- /dev/null +++ b/units/system-update.target @@ -0,0 +1,17 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Offline System Update +Documentation=man:systemd.offline-updates(7) +Documentation=man:systemd.special(7) man:systemd-system-update-generator(8) +Requires=sysinit.target +After=sysinit.target system-update-pre.target +AllowIsolate=yes +Wants=system-update-cleanup.service diff --git a/units/systemd-ask-password-console.path b/units/systemd-ask-password-console.path new file mode 100644 index 0000000..248d597 --- /dev/null +++ b/units/systemd-ask-password-console.path @@ -0,0 +1,21 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Dispatch Password Requests to Console Directory Watch +Documentation=man:systemd-ask-password-console.service(8) +DefaultDependencies=no +Conflicts=shutdown.target emergency.service +After=plymouth-start.service +Before=paths.target shutdown.target cryptsetup.target +ConditionPathExists=!/run/plymouth/pid + +[Path] +DirectoryNotEmpty=/run/systemd/ask-password +MakeDirectory=yes diff --git a/units/systemd-ask-password-console.service.in b/units/systemd-ask-password-console.service.in new file mode 100644 index 0000000..60fa7c3 --- /dev/null +++ b/units/systemd-ask-password-console.service.in @@ -0,0 +1,21 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Dispatch Password Requests to Console +Documentation=man:systemd-ask-password-console.service(8) +DefaultDependencies=no +Conflicts=shutdown.target emergency.service +After=plymouth-start.service systemd-vconsole-setup.service +Before=shutdown.target +ConditionPathExists=!/run/plymouth/pid + +[Service] +ExecStart=@rootbindir@/systemd-tty-ask-password-agent --watch --console +SystemCallArchitectures=native diff --git a/units/systemd-ask-password-wall.path b/units/systemd-ask-password-wall.path new file mode 100644 index 0000000..193a9b3 --- /dev/null +++ b/units/systemd-ask-password-wall.path @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Forward Password Requests to Wall Directory Watch +Documentation=man:systemd-ask-password-console.service(8) +DefaultDependencies=no +Conflicts=shutdown.target emergency.service +Before=paths.target shutdown.target cryptsetup.target + +[Path] +DirectoryNotEmpty=/run/systemd/ask-password +MakeDirectory=yes diff --git a/units/systemd-ask-password-wall.service.in b/units/systemd-ask-password-wall.service.in new file mode 100644 index 0000000..1e4808b --- /dev/null +++ b/units/systemd-ask-password-wall.service.in @@ -0,0 +1,18 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Forward Password Requests to Wall +Documentation=man:systemd-ask-password-console.service(8) +After=systemd-user-sessions.service + +[Service] +ExecStartPre=-@SYSTEMCTL@ stop systemd-ask-password-console.path systemd-ask-password-console.service systemd-ask-password-plymouth.path systemd-ask-password-plymouth.service +ExecStart=@rootbindir@/systemd-tty-ask-password-agent --wall +SystemCallArchitectures=native diff --git a/units/systemd-backlight@.service.in b/units/systemd-backlight@.service.in new file mode 100644 index 0000000..d302285 --- /dev/null +++ b/units/systemd-backlight@.service.in @@ -0,0 +1,24 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Load/Save Screen Backlight Brightness of %i +Documentation=man:systemd-backlight@.service(8) +DefaultDependencies=no +Conflicts=shutdown.target +After=systemd-remount-fs.service +Before=sysinit.target shutdown.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-backlight load %i +ExecStop=@rootlibexecdir@/systemd-backlight save %i +TimeoutSec=90s +StateDirectory=systemd/backlight diff --git a/units/systemd-binfmt.service.in b/units/systemd-binfmt.service.in new file mode 100644 index 0000000..e940c7c --- /dev/null +++ b/units/systemd-binfmt.service.in @@ -0,0 +1,30 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Set Up Additional Binary Formats +Documentation=man:systemd-binfmt.service(8) man:binfmt.d(5) +Documentation=https://www.kernel.org/doc/html/latest/admin-guide/binfmt-misc.html +Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems +DefaultDependencies=no +Conflicts=shutdown.target +After=proc-sys-fs-binfmt_misc.automount +Before=sysinit.target shutdown.target +ConditionPathIsReadWrite=/proc/sys/ +ConditionDirectoryNotEmpty=|/lib/binfmt.d +ConditionDirectoryNotEmpty=|/usr/lib/binfmt.d +ConditionDirectoryNotEmpty=|/usr/local/lib/binfmt.d +ConditionDirectoryNotEmpty=|/etc/binfmt.d +ConditionDirectoryNotEmpty=|/run/binfmt.d + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-binfmt +TimeoutSec=90s diff --git a/units/systemd-bless-boot.service.in b/units/systemd-bless-boot.service.in new file mode 100644 index 0000000..511d991 --- /dev/null +++ b/units/systemd-bless-boot.service.in @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Mark the Current Boot Loader Entry as Good +Documentation=man:systemd-bless-boot.service(8) +DefaultDependencies=no +Requires=boot-complete.target +After=local-fs.target boot-complete.target +Conflicts=shutdown.target +Before=shutdown.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-bless-boot good diff --git a/units/systemd-boot-check-no-failures.service.in b/units/systemd-boot-check-no-failures.service.in new file mode 100644 index 0000000..27e898b --- /dev/null +++ b/units/systemd-boot-check-no-failures.service.in @@ -0,0 +1,24 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Check if Any System Units Failed +Documentation=man:systemd-boot-check-no-failures.service(8) +After=default.target graphical.target multi-user.target +Before=boot-complete.target +Conflicts=shutdown.target +Before=shutdown.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-boot-check-no-failures + +[Install] +RequiredBy=boot-complete.target diff --git a/units/systemd-coredump.socket b/units/systemd-coredump.socket new file mode 100644 index 0000000..c9971b9 --- /dev/null +++ b/units/systemd-coredump.socket @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Process Core Dump Socket +Documentation=man:systemd-coredump(8) +DefaultDependencies=no + +[Socket] +ListenSequentialPacket=/run/systemd/coredump +SocketMode=0600 +Accept=yes +MaxConnections=16 diff --git a/units/systemd-coredump@.service.in b/units/systemd-coredump@.service.in new file mode 100644 index 0000000..ffcb5f3 --- /dev/null +++ b/units/systemd-coredump@.service.in @@ -0,0 +1,42 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Process Core Dump +Documentation=man:systemd-coredump(8) +DefaultDependencies=no +Conflicts=shutdown.target +After=systemd-remount-fs.service systemd-journald.socket +Requires=systemd-journald.socket +Before=shutdown.target + +[Service] +ExecStart=-@rootlibexecdir@/systemd-coredump +IPAddressDeny=any +LockPersonality=yes +MemoryDenyWriteExecute=yes +Nice=9 +NoNewPrivileges=yes +OOMScoreAdjust=500 +PrivateDevices=yes +PrivateNetwork=yes +PrivateTmp=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectSystem=strict +RestrictAddressFamilies=AF_UNIX +RestrictNamespaces=yes +RestrictRealtime=yes +RuntimeMaxSec=5min +StateDirectory=systemd/coredump +SystemCallArchitectures=native +SystemCallErrorNumber=EPERM +SystemCallFilter=@system-service diff --git a/units/systemd-exit.service b/units/systemd-exit.service new file mode 100644 index 0000000..773c400 --- /dev/null +++ b/units/systemd-exit.service @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Exit the Container +Documentation=man:systemd.special(7) +DefaultDependencies=no +Requires=shutdown.target umount.target final.target +After=shutdown.target umount.target final.target +SuccessAction=exit-force diff --git a/units/systemd-firstboot.service.in b/units/systemd-firstboot.service.in new file mode 100644 index 0000000..d4deba9 --- /dev/null +++ b/units/systemd-firstboot.service.in @@ -0,0 +1,26 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=First Boot Wizard +Documentation=man:systemd-firstboot(1) +DefaultDependencies=no +Conflicts=shutdown.target +After=systemd-remount-fs.service +Before=systemd-sysusers.service sysinit.target shutdown.target +ConditionPathIsReadWrite=/etc +ConditionFirstBoot=yes + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootbindir@/systemd-firstboot --prompt-locale --prompt-timezone --prompt-root-password +StandardOutput=tty +StandardInput=tty +StandardError=tty diff --git a/units/systemd-fsck-root.service.in b/units/systemd-fsck-root.service.in new file mode 100644 index 0000000..042081c --- /dev/null +++ b/units/systemd-fsck-root.service.in @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=File System Check on Root Device +Documentation=man:systemd-fsck-root.service(8) +DefaultDependencies=no +Conflicts=shutdown.target +Before=local-fs.target shutdown.target +ConditionPathIsReadWrite=!/ + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-fsck +TimeoutSec=0 diff --git a/units/systemd-fsck@.service.in b/units/systemd-fsck@.service.in new file mode 100644 index 0000000..3322083 --- /dev/null +++ b/units/systemd-fsck@.service.in @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=File System Check on %f +Documentation=man:systemd-fsck@.service(8) +DefaultDependencies=no +BindsTo=%i.device +Conflicts=shutdown.target +After=%i.device systemd-fsck-root.service local-fs-pre.target +Before=systemd-quotacheck.service shutdown.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-fsck %f +TimeoutSec=0 diff --git a/units/systemd-halt.service.in b/units/systemd-halt.service.in new file mode 100644 index 0000000..09c1005 --- /dev/null +++ b/units/systemd-halt.service.in @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Halt +Documentation=man:systemd-halt.service(8) +DefaultDependencies=no +Requires=shutdown.target umount.target final.target +After=shutdown.target umount.target final.target + +[Service] +Type=oneshot +ExecStart=@SYSTEMCTL@ --force halt diff --git a/units/systemd-hibernate-resume@.service.in b/units/systemd-hibernate-resume@.service.in new file mode 100644 index 0000000..d1b1aee --- /dev/null +++ b/units/systemd-hibernate-resume@.service.in @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Resume from hibernation using device %f +Documentation=man:systemd-hibernate-resume@.service(8) +DefaultDependencies=no +BindsTo=%i.device +Wants=local-fs-pre.target +After=%i.device +Before=local-fs-pre.target +ConditionPathExists=/etc/initrd-release + +[Service] +Type=oneshot +ExecStart=@rootlibexecdir@/systemd-hibernate-resume %f diff --git a/units/systemd-hibernate.service.in b/units/systemd-hibernate.service.in new file mode 100644 index 0000000..963b257 --- /dev/null +++ b/units/systemd-hibernate.service.in @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Hibernate +Documentation=man:systemd-suspend.service(8) +DefaultDependencies=no +Requires=sleep.target +After=sleep.target + +[Service] +Type=oneshot +ExecStart=@rootlibexecdir@/systemd-sleep hibernate diff --git a/units/systemd-hostnamed.service.in b/units/systemd-hostnamed.service.in new file mode 100644 index 0000000..9c925e8 --- /dev/null +++ b/units/systemd-hostnamed.service.in @@ -0,0 +1,38 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Hostname Service +Documentation=man:systemd-hostnamed.service(8) man:hostname(5) man:machine-info(5) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/hostnamed + +[Service] +BusName=org.freedesktop.hostname1 +CapabilityBoundingSet=CAP_SYS_ADMIN +ExecStart=@rootlibexecdir@/systemd-hostnamed +IPAddressDeny=any +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +PrivateDevices=yes +PrivateNetwork=yes +PrivateTmp=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectSystem=strict +ReadWritePaths=/etc +RestrictAddressFamilies=AF_UNIX +RestrictNamespaces=yes +RestrictRealtime=yes +SystemCallArchitectures=native +SystemCallErrorNumber=EPERM +SystemCallFilter=@system-service sethostname +WatchdogSec=3min diff --git a/units/systemd-hwdb-update.service.in b/units/systemd-hwdb-update.service.in new file mode 100644 index 0000000..259fe0d --- /dev/null +++ b/units/systemd-hwdb-update.service.in @@ -0,0 +1,26 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Rebuild Hardware Database +Documentation=man:hwdb(7) man:systemd-hwdb(8) +DefaultDependencies=no +Conflicts=shutdown.target +After=systemd-remount-fs.service +Before=sysinit.target shutdown.target systemd-update-done.service +ConditionNeedsUpdate=/etc +ConditionPathExists=|!@udevlibexecdir@/hwdb.bin +ConditionPathExists=|/etc/udev/hwdb.bin +ConditionDirectoryNotEmpty=|/etc/udev/hwdb.d/ + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootbindir@/systemd-hwdb update +TimeoutSec=90s diff --git a/units/systemd-hybrid-sleep.service.in b/units/systemd-hybrid-sleep.service.in new file mode 100644 index 0000000..466ade9 --- /dev/null +++ b/units/systemd-hybrid-sleep.service.in @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Hybrid Suspend+Hibernate +Documentation=man:systemd-suspend.service(8) +DefaultDependencies=no +Requires=sleep.target +After=sleep.target + +[Service] +Type=oneshot +ExecStart=@rootlibexecdir@/systemd-sleep hybrid-sleep diff --git a/units/systemd-importd.service.in b/units/systemd-importd.service.in new file mode 100644 index 0000000..20704a8 --- /dev/null +++ b/units/systemd-importd.service.in @@ -0,0 +1,29 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Virtual Machine and Container Download Service +Documentation=man:systemd-importd.service(8) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/importd + +[Service] +ExecStart=@rootlibexecdir@/systemd-importd +BusName=org.freedesktop.import1 +WatchdogSec=3min +KillMode=mixed +CapabilityBoundingSet=CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD CAP_SETFCAP CAP_SYS_ADMIN CAP_SETPCAP CAP_DAC_OVERRIDE +NoNewPrivileges=yes +MemoryDenyWriteExecute=yes +RestrictRealtime=yes +RestrictNamespaces=net +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +SystemCallFilter=@system-service @mount +SystemCallErrorNumber=EPERM +SystemCallArchitectures=native +LockPersonality=yes diff --git a/units/systemd-initctl.service.in b/units/systemd-initctl.service.in new file mode 100644 index 0000000..c276283 --- /dev/null +++ b/units/systemd-initctl.service.in @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=initctl Compatibility Daemon +Documentation=man:systemd-initctl.service(8) +DefaultDependencies=no + +[Service] +ExecStart=@rootlibexecdir@/systemd-initctl +NoNewPrivileges=yes +NotifyAccess=all +SystemCallArchitectures=native diff --git a/units/systemd-initctl.socket b/units/systemd-initctl.socket new file mode 100644 index 0000000..9d97579 --- /dev/null +++ b/units/systemd-initctl.socket @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=initctl Compatibility Named Pipe +Documentation=man:systemd-initctl.service(8) +DefaultDependencies=no +Before=sockets.target + +[Socket] +ListenFIFO=/run/initctl +Symlinks=/dev/initctl +SocketMode=0600 diff --git a/units/systemd-journal-catalog-update.service.in b/units/systemd-journal-catalog-update.service.in new file mode 100644 index 0000000..6a7bf00 --- /dev/null +++ b/units/systemd-journal-catalog-update.service.in @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Rebuild Journal Catalog +Documentation=man:systemd-journald.service(8) man:journald.conf(5) +DefaultDependencies=no +Conflicts=shutdown.target +After=local-fs.target +Before=sysinit.target shutdown.target systemd-update-done.service +ConditionNeedsUpdate=/var + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootbindir@/journalctl --update-catalog +TimeoutSec=90s diff --git a/units/systemd-journal-flush.service.in b/units/systemd-journal-flush.service.in new file mode 100644 index 0000000..bacfe51 --- /dev/null +++ b/units/systemd-journal-flush.service.in @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Flush Journal to Persistent Storage +Documentation=man:systemd-journald.service(8) man:journald.conf(5) +DefaultDependencies=no +Requires=systemd-journald.service +After=systemd-journald.service systemd-remount-fs.service +Before=systemd-tmpfiles-setup.service +RequiresMountsFor=/var/log/journal + +[Service] +ExecStart=@rootbindir@/journalctl --flush +Type=oneshot +RemainAfterExit=yes +TimeoutSec=90s diff --git a/units/systemd-journal-gatewayd.service.in b/units/systemd-journal-gatewayd.service.in new file mode 100644 index 0000000..ebc8bf9 --- /dev/null +++ b/units/systemd-journal-gatewayd.service.in @@ -0,0 +1,39 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Journal Gateway Service +Documentation=man:systemd-journal-gatewayd(8) +Requires=systemd-journal-gatewayd.socket + +[Service] +DynamicUser=yes +ExecStart=@rootlibexecdir@/systemd-journal-gatewayd +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +PrivateDevices=yes +PrivateNetwork=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +RestrictNamespaces=yes +RestrictRealtime=yes +SupplementaryGroups=systemd-journal +SystemCallArchitectures=native +User=systemd-journal-gateway + +# If there are many split up journal files we need a lot of fds to access them +# all in parallel. +LimitNOFILE=@HIGH_RLIMIT_NOFILE@ + +[Install] +Also=systemd-journal-gatewayd.socket diff --git a/units/systemd-journal-gatewayd.socket b/units/systemd-journal-gatewayd.socket new file mode 100644 index 0000000..7c3632b --- /dev/null +++ b/units/systemd-journal-gatewayd.socket @@ -0,0 +1,18 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Journal Gateway Service Socket +Documentation=man:systemd-journal-gatewayd(8) + +[Socket] +ListenStream=19531 + +[Install] +WantedBy=sockets.target diff --git a/units/systemd-journal-remote.service.in b/units/systemd-journal-remote.service.in new file mode 100644 index 0000000..29a99aa --- /dev/null +++ b/units/systemd-journal-remote.service.in @@ -0,0 +1,41 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Journal Remote Sink Service +Documentation=man:systemd-journal-remote(8) man:journal-remote.conf(5) +Requires=systemd-journal-remote.socket + +[Service] +ExecStart=@rootlibexecdir@/systemd-journal-remote --listen-https=-3 --output=/var/log/journal/remote/ +LockPersonality=yes +LogsDirectory=journal/remote +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +PrivateDevices=yes +PrivateNetwork=yes +PrivateTmp=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectSystem=strict +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +RestrictNamespaces=yes +RestrictRealtime=yes +SystemCallArchitectures=native +User=systemd-journal-remote +WatchdogSec=3min + +# If there are many split up journal files we need a lot of fds to access them +# all in parallel. +LimitNOFILE=@HIGH_RLIMIT_NOFILE@ + +[Install] +Also=systemd-journal-remote.socket diff --git a/units/systemd-journal-remote.socket b/units/systemd-journal-remote.socket new file mode 100644 index 0000000..48d0a65 --- /dev/null +++ b/units/systemd-journal-remote.socket @@ -0,0 +1,17 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Journal Remote Sink Socket + +[Socket] +ListenStream=19532 + +[Install] +WantedBy=sockets.target diff --git a/units/systemd-journal-upload.service.in b/units/systemd-journal-upload.service.in new file mode 100644 index 0000000..92cd4e5 --- /dev/null +++ b/units/systemd-journal-upload.service.in @@ -0,0 +1,41 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Journal Remote Upload Service +Documentation=man:systemd-journal-upload(8) +Wants=network-online.target +After=network-online.target + +[Service] +DynamicUser=yes +ExecStart=@rootlibexecdir@/systemd-journal-upload --save-state +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +PrivateDevices=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +RestrictNamespaces=yes +RestrictRealtime=yes +StateDirectory=systemd/journal-upload +SupplementaryGroups=systemd-journal +SystemCallArchitectures=native +User=systemd-journal-upload +WatchdogSec=3min + +# If there are many split up journal files we need a lot of fds to access them +# all in parallel. +LimitNOFILE=@HIGH_RLIMIT_NOFILE@ + +[Install] +WantedBy=multi-user.target diff --git a/units/systemd-journald-audit.socket b/units/systemd-journald-audit.socket new file mode 100644 index 0000000..cb8b774 --- /dev/null +++ b/units/systemd-journald-audit.socket @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Journal Audit Socket +Documentation=man:systemd-journald.service(8) man:journald.conf(5) +DefaultDependencies=no +Before=sockets.target +ConditionSecurity=audit +ConditionCapability=CAP_AUDIT_READ + +[Socket] +Service=systemd-journald.service +ReceiveBuffer=128M +ListenNetlink=audit 1 +PassCredentials=yes diff --git a/units/systemd-journald-dev-log.socket b/units/systemd-journald-dev-log.socket new file mode 100644 index 0000000..80ad6ac --- /dev/null +++ b/units/systemd-journald-dev-log.socket @@ -0,0 +1,34 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Journal Socket (/dev/log) +Documentation=man:systemd-journald.service(8) man:journald.conf(5) +DefaultDependencies=no +Before=sockets.target + +# Mount and swap units need this. If this socket unit is removed by an +# isolate request the mount and swap units would be removed too, +# hence let's exclude this from isolate requests. +IgnoreOnIsolate=yes + +[Socket] +Service=systemd-journald.service +ListenDatagram=/run/systemd/journal/dev-log +Symlinks=/dev/log +SocketMode=0666 +PassCredentials=yes +PassSecurity=yes + +# Increase both the send and receive buffer, so that things don't +# block early. Note that journald internally uses the this socket both +# for receiving syslog messages, and for forwarding them to any other +# syslog, hence we bump both values. +ReceiveBuffer=8M +SendBuffer=8M diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in new file mode 100644 index 0000000..4684f09 --- /dev/null +++ b/units/systemd-journald.service.in @@ -0,0 +1,41 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Journal Service +Documentation=man:systemd-journald.service(8) man:journald.conf(5) +DefaultDependencies=no +Requires=systemd-journald.socket +After=systemd-journald.socket systemd-journald-dev-log.socket systemd-journald-audit.socket syslog.socket +Before=sysinit.target + +[Service] +CapabilityBoundingSet=CAP_SYS_ADMIN CAP_DAC_OVERRIDE CAP_SYS_PTRACE CAP_SYSLOG CAP_AUDIT_CONTROL CAP_AUDIT_READ CAP_CHOWN CAP_DAC_READ_SEARCH CAP_FOWNER CAP_SETUID CAP_SETGID CAP_MAC_OVERRIDE +ExecStart=@rootlibexecdir@/systemd-journald +FileDescriptorStoreMax=4224 +IPAddressDeny=any +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +Restart=always +RestartSec=0 +RestrictAddressFamilies=AF_UNIX AF_NETLINK +RestrictNamespaces=yes +RestrictRealtime=yes +Sockets=systemd-journald.socket systemd-journald-dev-log.socket systemd-journald-audit.socket +StandardOutput=null +SystemCallArchitectures=native +SystemCallErrorNumber=EPERM +SystemCallFilter=@system-service +Type=notify +WatchdogSec=3min + +# If there are many split up journal files we need a lot of fds to access them +# all in parallel. +LimitNOFILE=@HIGH_RLIMIT_NOFILE@ diff --git a/units/systemd-journald.socket b/units/systemd-journald.socket new file mode 100644 index 0000000..c95ae5a --- /dev/null +++ b/units/systemd-journald.socket @@ -0,0 +1,28 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Journal Socket +Documentation=man:systemd-journald.service(8) man:journald.conf(5) +DefaultDependencies=no +Before=sockets.target + +# Mount and swap units need this. If this socket unit is removed by an +# isolate request the mount and swap units would be removed too, +# hence let's exclude this from isolate requests. +IgnoreOnIsolate=yes + +[Socket] +ListenStream=/run/systemd/journal/stdout +ListenDatagram=/run/systemd/journal/socket +SocketMode=0666 +PassCredentials=yes +PassSecurity=yes +ReceiveBuffer=8M +Service=systemd-journald.service diff --git a/units/systemd-kexec.service.in b/units/systemd-kexec.service.in new file mode 100644 index 0000000..1201b23 --- /dev/null +++ b/units/systemd-kexec.service.in @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Reboot via kexec +Documentation=man:systemd-halt.service(8) +DefaultDependencies=no +Requires=shutdown.target umount.target final.target +After=shutdown.target umount.target final.target + +[Service] +Type=oneshot +ExecStart=@SYSTEMCTL@ --force kexec diff --git a/units/systemd-localed.service.in b/units/systemd-localed.service.in new file mode 100644 index 0000000..01e0703 --- /dev/null +++ b/units/systemd-localed.service.in @@ -0,0 +1,38 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Locale Service +Documentation=man:systemd-localed.service(8) man:locale.conf(5) man:vconsole.conf(5) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/localed + +[Service] +BusName=org.freedesktop.locale1 +CapabilityBoundingSet= +ExecStart=@rootlibexecdir@/systemd-localed +IPAddressDeny=any +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +PrivateDevices=yes +PrivateNetwork=yes +PrivateTmp=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectSystem=strict +ReadWritePaths=/etc +RestrictAddressFamilies=AF_UNIX +RestrictNamespaces=yes +RestrictRealtime=yes +SystemCallArchitectures=native +SystemCallErrorNumber=EPERM +SystemCallFilter=@system-service +WatchdogSec=3min diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in new file mode 100644 index 0000000..38a7f26 --- /dev/null +++ b/units/systemd-logind.service.in @@ -0,0 +1,43 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Login Service +Documentation=man:systemd-logind.service(8) man:logind.conf(5) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/logind +Documentation=https://www.freedesktop.org/wiki/Software/systemd/multiseat +Wants=user.slice +After=nss-user-lookup.target user.slice + +# Ask for the dbus socket. +Wants=dbus.socket +After=dbus.socket + +[Service] +BusName=org.freedesktop.login1 +CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG +ExecStart=@rootlibexecdir@/systemd-logind +FileDescriptorStoreMax=512 +IPAddressDeny=any +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +Restart=always +RestartSec=0 +RestrictAddressFamilies=AF_UNIX AF_NETLINK +RestrictNamespaces=yes +RestrictRealtime=yes +SystemCallArchitectures=native +SystemCallErrorNumber=EPERM +SystemCallFilter=@system-service +WatchdogSec=3min + +# Increase the default a bit in order to allow many simultaneous logins since +# we keep one fd open per session. +LimitNOFILE=@HIGH_RLIMIT_NOFILE@ diff --git a/units/systemd-machine-id-commit.service.in b/units/systemd-machine-id-commit.service.in new file mode 100644 index 0000000..4f34873 --- /dev/null +++ b/units/systemd-machine-id-commit.service.in @@ -0,0 +1,24 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Commit a transient machine-id on disk +Documentation=man:systemd-machine-id-commit.service(8) +DefaultDependencies=no +Conflicts=shutdown.target +Before=sysinit.target shutdown.target +After=local-fs.target +ConditionPathIsReadWrite=/etc +ConditionPathIsMountPoint=/etc/machine-id + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootbindir@/systemd-machine-id-setup --commit +TimeoutSec=30s diff --git a/units/systemd-machined.service.in b/units/systemd-machined.service.in new file mode 100644 index 0000000..9f14768 --- /dev/null +++ b/units/systemd-machined.service.in @@ -0,0 +1,35 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Virtual Machine and Container Registration Service +Documentation=man:systemd-machined.service(8) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/machined +Wants=machine.slice +After=machine.slice +RequiresMountsFor=/var/lib/machines + +[Service] +BusName=org.freedesktop.machine1 +CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD +ExecStart=@rootlibexecdir@/systemd-machined +IPAddressDeny=any +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 +RestrictRealtime=yes +SystemCallArchitectures=native +SystemCallErrorNumber=EPERM +SystemCallFilter=@system-service @mount +WatchdogSec=3min + +# Note that machined cannot be placed in a mount namespace, since it +# needs access to the host's mount namespace in order to implement the +# "machinectl bind" operation. diff --git a/units/systemd-modules-load.service.in b/units/systemd-modules-load.service.in new file mode 100644 index 0000000..26abe21 --- /dev/null +++ b/units/systemd-modules-load.service.in @@ -0,0 +1,29 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Load Kernel Modules +Documentation=man:systemd-modules-load.service(8) man:modules-load.d(5) +DefaultDependencies=no +Conflicts=shutdown.target +Before=sysinit.target shutdown.target +ConditionCapability=CAP_SYS_MODULE +ConditionDirectoryNotEmpty=|/lib/modules-load.d +ConditionDirectoryNotEmpty=|/usr/lib/modules-load.d +ConditionDirectoryNotEmpty=|/usr/local/lib/modules-load.d +ConditionDirectoryNotEmpty=|/etc/modules-load.d +ConditionDirectoryNotEmpty=|/run/modules-load.d +ConditionKernelCommandLine=|modules-load +ConditionKernelCommandLine=|rd.modules-load + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-modules-load +TimeoutSec=90s diff --git a/units/systemd-networkd-wait-online.service.in b/units/systemd-networkd-wait-online.service.in new file mode 100644 index 0000000..7666e16 --- /dev/null +++ b/units/systemd-networkd-wait-online.service.in @@ -0,0 +1,25 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Wait for Network to be Configured +Documentation=man:systemd-networkd-wait-online.service(8) +DefaultDependencies=no +Conflicts=shutdown.target +Requires=systemd-networkd.service +After=systemd-networkd.service +Before=network-online.target shutdown.target + +[Service] +Type=oneshot +ExecStart=@rootlibexecdir@/systemd-networkd-wait-online +RemainAfterExit=yes + +[Install] +WantedBy=network-online.target diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in new file mode 100644 index 0000000..472ef04 --- /dev/null +++ b/units/systemd-networkd.service.in @@ -0,0 +1,55 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Network Service +Documentation=man:systemd-networkd.service(8) +ConditionCapability=CAP_NET_ADMIN +DefaultDependencies=no +# systemd-udevd.service can be dropped once tuntap is moved to netlink +After=systemd-udevd.service network-pre.target systemd-sysusers.service systemd-sysctl.service +Before=network.target multi-user.target shutdown.target +Conflicts=shutdown.target +Wants=network.target + +[Service] +AmbientCapabilities=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW +CapabilityBoundingSet=CAP_NET_ADMIN CAP_NET_BIND_SERVICE CAP_NET_BROADCAST CAP_NET_RAW +ExecStart=!!@rootlibexecdir@/systemd-networkd +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectKernelModules=yes +ProtectSystem=strict +Restart=on-failure +RestartSec=0 +RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 AF_PACKET +RestrictNamespaces=yes +RestrictRealtime=yes +RuntimeDirectory=systemd/netif +RuntimeDirectoryPreserve=yes +SystemCallArchitectures=native +SystemCallErrorNumber=EPERM +SystemCallFilter=@system-service +Type=notify +User=systemd-network +WatchdogSec=3min + +[Install] +WantedBy=multi-user.target +Also=systemd-networkd.socket +Alias=dbus-org.freedesktop.network1.service + +# We want to enable systemd-networkd-wait-online.service whenever this service +# is enabled. systemd-networkd-wait-online.service has +# WantedBy=network-online.target, so enabling it only has an effect if +# network-online.target itself is enabled or pulled in by some other unit. +Also=systemd-networkd-wait-online.service diff --git a/units/systemd-networkd.socket b/units/systemd-networkd.socket new file mode 100644 index 0000000..1133066 --- /dev/null +++ b/units/systemd-networkd.socket @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Network Service Netlink Socket +Documentation=man:systemd-networkd.service(8) man:rtnetlink(7) +ConditionCapability=CAP_NET_ADMIN +DefaultDependencies=no +Before=sockets.target + +[Socket] +ReceiveBuffer=8M +ListenNetlink=route 1361 +PassCredentials=yes + +[Install] +WantedBy=sockets.target diff --git a/units/systemd-nspawn@.service.in b/units/systemd-nspawn@.service.in new file mode 100644 index 0000000..c3194d4 --- /dev/null +++ b/units/systemd-nspawn@.service.in @@ -0,0 +1,48 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Container %i +Documentation=man:systemd-nspawn(1) +PartOf=machines.target +Before=machines.target +After=network.target systemd-resolved.service +RequiresMountsFor=/var/lib/machines + +[Service] +ExecStart=@bindir@/systemd-nspawn --quiet --keep-unit --boot --link-journal=try-guest --network-veth -U --settings=override --machine=%i +KillMode=mixed +Type=notify +RestartForceExitStatus=133 +SuccessExitStatus=133 +WatchdogSec=3min +Slice=machine.slice +Delegate=yes +TasksMax=16384 + +# Enforce a strict device policy, similar to the one nspawn configures when it +# allocates its own scope unit. Make sure to keep these policies in sync if you +# change them! +DevicePolicy=closed +DeviceAllow=/dev/net/tun rwm +DeviceAllow=char-pts rw + +# nspawn itself needs access to /dev/loop-control and /dev/loop, to implement +# the --image= option. Add these here, too. +DeviceAllow=/dev/loop-control rw +DeviceAllow=block-loop rw +DeviceAllow=block-blkext rw + +# nspawn can set up LUKS encrypted loopback files, in which case it needs +# access to /dev/mapper/control and the block devices /dev/mapper/*. +DeviceAllow=/dev/mapper/control rw +DeviceAllow=block-device-mapper rw + +[Install] +WantedBy=machines.target diff --git a/units/systemd-portabled.service.in b/units/systemd-portabled.service.in new file mode 100644 index 0000000..a44cdb3 --- /dev/null +++ b/units/systemd-portabled.service.in @@ -0,0 +1,26 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Portable Service Manager +Documentation=man:systemd-portabled.service(8) +RequiresMountsFor=/var/lib/portables + +[Service] +ExecStart=@rootlibexecdir@/systemd-portabled +BusName=org.freedesktop.portable1 +WatchdogSec=3min +CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD +MemoryDenyWriteExecute=yes +RestrictRealtime=yes +RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 +SystemCallFilter=@system-service @mount +SystemCallArchitectures=native +LockPersonality=yes +IPAddressDeny=any diff --git a/units/systemd-poweroff.service b/units/systemd-poweroff.service new file mode 100644 index 0000000..8d1d543 --- /dev/null +++ b/units/systemd-poweroff.service @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Power-Off +Documentation=man:systemd-halt.service(8) +DefaultDependencies=no +Requires=shutdown.target umount.target final.target +After=shutdown.target umount.target final.target +SuccessAction=poweroff-force diff --git a/units/systemd-quotacheck.service.in b/units/systemd-quotacheck.service.in new file mode 100644 index 0000000..244da0a --- /dev/null +++ b/units/systemd-quotacheck.service.in @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=File System Quota Check +Documentation=man:systemd-quotacheck.service(8) +DefaultDependencies=no +After=systemd-remount-fs.service +Before=remote-fs.target shutdown.target +ConditionPathExists=@QUOTACHECK@ + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-quotacheck +TimeoutSec=0 diff --git a/units/systemd-random-seed.service.in b/units/systemd-random-seed.service.in new file mode 100644 index 0000000..8903ee8 --- /dev/null +++ b/units/systemd-random-seed.service.in @@ -0,0 +1,25 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Load/Save Random Seed +Documentation=man:systemd-random-seed.service(8) man:random(4) +DefaultDependencies=no +RequiresMountsFor=@RANDOM_SEED@ +Conflicts=shutdown.target +After=systemd-remount-fs.service +Before=sysinit.target shutdown.target +ConditionVirtualization=!container + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-random-seed load +ExecStop=@rootlibexecdir@/systemd-random-seed save +TimeoutSec=30s diff --git a/units/systemd-reboot.service b/units/systemd-reboot.service new file mode 100644 index 0000000..505f60a --- /dev/null +++ b/units/systemd-reboot.service @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Reboot +Documentation=man:systemd-halt.service(8) +DefaultDependencies=no +Requires=shutdown.target umount.target final.target +After=shutdown.target umount.target final.target +SuccessAction=reboot-force diff --git a/units/systemd-remount-fs.service.in b/units/systemd-remount-fs.service.in new file mode 100644 index 0000000..2e5b75e --- /dev/null +++ b/units/systemd-remount-fs.service.in @@ -0,0 +1,24 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Remount Root and Kernel File Systems +Documentation=man:systemd-remount-fs.service(8) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems +DefaultDependencies=no +Conflicts=shutdown.target +After=systemd-fsck-root.service +Before=local-fs-pre.target local-fs.target shutdown.target +Wants=local-fs-pre.target +ConditionPathExists=/etc/fstab + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-remount-fs diff --git a/units/systemd-resolved.service.in b/units/systemd-resolved.service.in new file mode 100644 index 0000000..3144b70 --- /dev/null +++ b/units/systemd-resolved.service.in @@ -0,0 +1,52 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Network Name Resolution +Documentation=man:systemd-resolved.service(8) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/resolved +Documentation=https://www.freedesktop.org/wiki/Software/systemd/writing-network-configuration-managers +Documentation=https://www.freedesktop.org/wiki/Software/systemd/writing-resolver-clients +DefaultDependencies=no +After=systemd-sysusers.service systemd-networkd.service +Before=network.target nss-lookup.target shutdown.target +Conflicts=shutdown.target +Wants=nss-lookup.target + +[Service] +AmbientCapabilities=CAP_SETPCAP CAP_NET_RAW CAP_NET_BIND_SERVICE +CapabilityBoundingSet=CAP_SETPCAP CAP_NET_RAW CAP_NET_BIND_SERVICE +ExecStart=!!@rootlibexecdir@/systemd-resolved +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +PrivateDevices=yes +PrivateTmp=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectSystem=strict +Restart=always +RestartSec=0 +RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 +RestrictNamespaces=yes +RestrictRealtime=yes +RuntimeDirectory=systemd/resolve +RuntimeDirectoryPreserve=yes +SystemCallArchitectures=native +SystemCallErrorNumber=EPERM +SystemCallFilter=@system-service +Type=notify +User=systemd-resolve +WatchdogSec=3min + +[Install] +WantedBy=multi-user.target +Alias=dbus-org.freedesktop.resolve1.service diff --git a/units/systemd-rfkill.service.in b/units/systemd-rfkill.service.in new file mode 100644 index 0000000..3abb958 --- /dev/null +++ b/units/systemd-rfkill.service.in @@ -0,0 +1,24 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Load/Save RF Kill Switch Status +Documentation=man:systemd-rfkill.service(8) +DefaultDependencies=no +BindsTo=sys-devices-virtual-misc-rfkill.device +Conflicts=shutdown.target +After=sys-devices-virtual-misc-rfkill.device systemd-remount-fs.service +Before=shutdown.target + +[Service] +ExecStart=@rootlibexecdir@/systemd-rfkill +NoNewPrivileges=yes +StateDirectory=systemd/rfkill +TimeoutSec=30s +Type=notify diff --git a/units/systemd-rfkill.socket b/units/systemd-rfkill.socket new file mode 100644 index 0000000..9d40890 --- /dev/null +++ b/units/systemd-rfkill.socket @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Load/Save RF Kill Switch Status /dev/rfkill Watch +Documentation=man:systemd-rfkill.socket(8) +DefaultDependencies=no +BindsTo=sys-devices-virtual-misc-rfkill.device +After=sys-devices-virtual-misc-rfkill.device systemd-remount-fs.service +RequiresMountsFor=/var/lib/systemd/rfkill +Conflicts=shutdown.target +Before=shutdown.target + +[Socket] +ListenSpecial=/dev/rfkill +Writable=yes diff --git a/units/systemd-suspend-then-hibernate.service.in b/units/systemd-suspend-then-hibernate.service.in new file mode 100644 index 0000000..5d6a582 --- /dev/null +++ b/units/systemd-suspend-then-hibernate.service.in @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Suspend; Hibernate if not used for a period of time +Documentation=man:systemd-suspend.service(8) +DefaultDependencies=no +Requires=sleep.target +After=sleep.target + +[Service] +Type=oneshot +ExecStart=@rootlibexecdir@/systemd-sleep suspend-then-hibernate diff --git a/units/systemd-suspend.service.in b/units/systemd-suspend.service.in new file mode 100644 index 0000000..11ed383 --- /dev/null +++ b/units/systemd-suspend.service.in @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Suspend +Documentation=man:systemd-suspend.service(8) +DefaultDependencies=no +Requires=sleep.target +After=sleep.target + +[Service] +Type=oneshot +ExecStart=@rootlibexecdir@/systemd-sleep suspend diff --git a/units/systemd-sysctl.service.in b/units/systemd-sysctl.service.in new file mode 100644 index 0000000..5b0f7f9 --- /dev/null +++ b/units/systemd-sysctl.service.in @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Apply Kernel Variables +Documentation=man:systemd-sysctl.service(8) man:sysctl.d(5) +DefaultDependencies=no +Conflicts=shutdown.target +After=systemd-modules-load.service +Before=sysinit.target shutdown.target +ConditionPathIsReadWrite=/proc/sys/net/ + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-sysctl +TimeoutSec=90s diff --git a/units/systemd-sysusers.service.in b/units/systemd-sysusers.service.in new file mode 100644 index 0000000..4d11bbb --- /dev/null +++ b/units/systemd-sysusers.service.in @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Create System Users +Documentation=man:sysusers.d(5) man:systemd-sysusers.service(8) +DefaultDependencies=no +Conflicts=shutdown.target +After=systemd-remount-fs.service +Before=sysinit.target shutdown.target systemd-update-done.service +ConditionNeedsUpdate=/etc + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootbindir@/systemd-sysusers +TimeoutSec=90s diff --git a/units/systemd-time-wait-sync.service.in b/units/systemd-time-wait-sync.service.in new file mode 100644 index 0000000..475182d --- /dev/null +++ b/units/systemd-time-wait-sync.service.in @@ -0,0 +1,36 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Wait Until Kernel Time Synchronized +Documentation=man:systemd-time-wait-sync.service(8) + +# Note that this tool doesn't need CAP_SYS_TIME itself, but it's primary +# usecase is to run in conjunction with a local NTP service such as +# systemd-timesyncd.service, which is conditioned this way. There might be +# niche usecases where running this service independently is desired, but let's +# make this all "just work" for the general case, and leave it to local +# modifications to make it work in the remaining cases. + +ConditionCapability=CAP_SYS_TIME +ConditionVirtualization=!container + +DefaultDependencies=no +Before=time-sync.target shutdown.target +Wants=time-sync.target +Conflicts=shutdown.target + +[Service] +Type=oneshot +ExecStart=@rootlibexecdir@/systemd-time-wait-sync +TimeoutStartSec=infinity +RemainAfterExit=yes + +[Install] +WantedBy=sysinit.target diff --git a/units/systemd-timedated.service.in b/units/systemd-timedated.service.in new file mode 100644 index 0000000..6d53024 --- /dev/null +++ b/units/systemd-timedated.service.in @@ -0,0 +1,36 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Time & Date Service +Documentation=man:systemd-timedated.service(8) man:localtime(5) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/timedated + +[Service] +BusName=org.freedesktop.timedate1 +CapabilityBoundingSet=CAP_SYS_TIME +ExecStart=@rootlibexecdir@/systemd-timedated +IPAddressDeny=any +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +PrivateTmp=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectSystem=strict +ReadWritePaths=/etc +RestrictAddressFamilies=AF_UNIX +RestrictNamespaces=yes +RestrictRealtime=yes +SystemCallArchitectures=native +SystemCallErrorNumber=EPERM +SystemCallFilter=@system-service @clock +WatchdogSec=3min diff --git a/units/systemd-timesyncd.service.in b/units/systemd-timesyncd.service.in new file mode 100644 index 0000000..03ade45 --- /dev/null +++ b/units/systemd-timesyncd.service.in @@ -0,0 +1,51 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Network Time Synchronization +Documentation=man:systemd-timesyncd.service(8) +ConditionCapability=CAP_SYS_TIME +ConditionVirtualization=!container +DefaultDependencies=no +After=systemd-remount-fs.service systemd-sysusers.service +Before=time-sync.target sysinit.target shutdown.target +Conflicts=shutdown.target +Wants=time-sync.target + +[Service] +AmbientCapabilities=CAP_SYS_TIME +CapabilityBoundingSet=CAP_SYS_TIME +ExecStart=!!@rootlibexecdir@/systemd-timesyncd +LockPersonality=yes +MemoryDenyWriteExecute=yes +NoNewPrivileges=yes +PrivateDevices=yes +PrivateTmp=yes +ProtectControlGroups=yes +ProtectHome=yes +ProtectKernelModules=yes +ProtectKernelTunables=yes +ProtectSystem=strict +Restart=always +RestartSec=0 +RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 +RestrictNamespaces=yes +RestrictRealtime=yes +RuntimeDirectory=systemd/timesync +StateDirectory=systemd/timesync +SystemCallArchitectures=native +SystemCallErrorNumber=EPERM +SystemCallFilter=@system-service @clock +Type=notify +User=systemd-timesync +WatchdogSec=3min + +[Install] +WantedBy=sysinit.target +Alias=dbus-org.freedesktop.timesync1.service diff --git a/units/systemd-tmpfiles-clean.service.in b/units/systemd-tmpfiles-clean.service.in new file mode 100644 index 0000000..d1025af --- /dev/null +++ b/units/systemd-tmpfiles-clean.service.in @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Cleanup of Temporary Directories +Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) +DefaultDependencies=no +Conflicts=shutdown.target +After=local-fs.target time-sync.target +Before=shutdown.target + +[Service] +Type=oneshot +ExecStart=@rootbindir@/systemd-tmpfiles --clean +SuccessExitStatus=65 +IOSchedulingClass=idle diff --git a/units/systemd-tmpfiles-clean.timer b/units/systemd-tmpfiles-clean.timer new file mode 100644 index 0000000..3e30178 --- /dev/null +++ b/units/systemd-tmpfiles-clean.timer @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Daily Cleanup of Temporary Directories +Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) + +[Timer] +OnBootSec=15min +OnUnitActiveSec=1d diff --git a/units/systemd-tmpfiles-setup-dev.service.in b/units/systemd-tmpfiles-setup-dev.service.in new file mode 100644 index 0000000..50df15c --- /dev/null +++ b/units/systemd-tmpfiles-setup-dev.service.in @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Create Static Device Nodes in /dev +Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) +DefaultDependencies=no +Conflicts=shutdown.target +After=systemd-sysusers.service +Before=sysinit.target local-fs-pre.target systemd-udevd.service shutdown.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootbindir@/systemd-tmpfiles --prefix=/dev --create --boot +SuccessExitStatus=65 73 diff --git a/units/systemd-tmpfiles-setup.service.in b/units/systemd-tmpfiles-setup.service.in new file mode 100644 index 0000000..b02bbcd --- /dev/null +++ b/units/systemd-tmpfiles-setup.service.in @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Create Volatile Files and Directories +Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) +DefaultDependencies=no +Conflicts=shutdown.target +After=local-fs.target systemd-sysusers.service systemd-journald.service +Before=sysinit.target shutdown.target +RefuseManualStop=yes + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootbindir@/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev +SuccessExitStatus=65 73 diff --git a/units/systemd-udev-settle.service.in b/units/systemd-udev-settle.service.in new file mode 100644 index 0000000..c9e1c91 --- /dev/null +++ b/units/systemd-udev-settle.service.in @@ -0,0 +1,27 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +# This service can dynamically be pulled-in by legacy services which +# cannot reliably cope with dynamic device configurations, and wrongfully +# expect a populated /dev during bootup. + +[Unit] +Description=udev Wait for Complete Device Initialization +Documentation=man:udev(7) man:systemd-udevd.service(8) +DefaultDependencies=no +Wants=systemd-udevd.service +After=systemd-udev-trigger.service +Before=sysinit.target +ConditionPathIsReadWrite=/sys + +[Service] +Type=oneshot +TimeoutSec=180 +RemainAfterExit=yes +ExecStart=@rootbindir@/udevadm settle diff --git a/units/systemd-udev-trigger.service.in b/units/systemd-udev-trigger.service.in new file mode 100644 index 0000000..b60204e --- /dev/null +++ b/units/systemd-udev-trigger.service.in @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=udev Coldplug all Devices +Documentation=man:udev(7) man:systemd-udevd.service(8) +DefaultDependencies=no +Wants=systemd-udevd.service +After=systemd-udevd-kernel.socket systemd-udevd-control.socket +Before=sysinit.target +ConditionPathIsReadWrite=/sys + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootbindir@/udevadm trigger --type=subsystems --action=add +ExecStart=@rootbindir@/udevadm trigger --type=devices --action=add diff --git a/units/systemd-udevd-control.socket b/units/systemd-udevd-control.socket new file mode 100644 index 0000000..5b8628c --- /dev/null +++ b/units/systemd-udevd-control.socket @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=udev Control Socket +Documentation=man:systemd-udevd.service(8) man:udev(7) +DefaultDependencies=no +Before=sockets.target +ConditionPathIsReadWrite=/sys + +[Socket] +Service=systemd-udevd.service +ListenSequentialPacket=/run/udev/control +SocketMode=0600 +PassCredentials=yes +RemoveOnStop=yes diff --git a/units/systemd-udevd-kernel.socket b/units/systemd-udevd-kernel.socket new file mode 100644 index 0000000..b2a65f1 --- /dev/null +++ b/units/systemd-udevd-kernel.socket @@ -0,0 +1,21 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=udev Kernel Socket +Documentation=man:systemd-udevd.service(8) man:udev(7) +DefaultDependencies=no +Before=sockets.target +ConditionPathIsReadWrite=/sys + +[Socket] +Service=systemd-udevd.service +ReceiveBuffer=128M +ListenNetlink=kobject-uevent 1 +PassCredentials=yes diff --git a/units/systemd-udevd.service.in b/units/systemd-udevd.service.in new file mode 100644 index 0000000..6a3814e --- /dev/null +++ b/units/systemd-udevd.service.in @@ -0,0 +1,36 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=udev Kernel Device Manager +Documentation=man:systemd-udevd.service(8) man:udev(7) +DefaultDependencies=no +After=systemd-sysusers.service systemd-hwdb-update.service +Before=sysinit.target +ConditionPathIsReadWrite=/sys + +[Service] +Type=notify +OOMScoreAdjust=-1000 +Sockets=systemd-udevd-control.socket systemd-udevd-kernel.socket +Restart=always +RestartSec=0 +ExecStart=@rootlibexecdir@/systemd-udevd +KillMode=mixed +WatchdogSec=3min +TasksMax=infinity +PrivateMounts=yes +MemoryDenyWriteExecute=yes +RestrictRealtime=yes +RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 +SystemCallFilter=@system-service @module @raw-io +SystemCallErrorNumber=EPERM +SystemCallArchitectures=native +LockPersonality=yes +IPAddressDeny=any diff --git a/units/systemd-update-done.service.in b/units/systemd-update-done.service.in new file mode 100644 index 0000000..6e82ec7 --- /dev/null +++ b/units/systemd-update-done.service.in @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Update is Completed +Documentation=man:systemd-update-done.service(8) +DefaultDependencies=no +Conflicts=shutdown.target +After=local-fs.target +Before=sysinit.target shutdown.target +ConditionNeedsUpdate=|/etc +ConditionNeedsUpdate=|/var + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-update-done diff --git a/units/systemd-update-utmp-runlevel.service.in b/units/systemd-update-utmp-runlevel.service.in new file mode 100644 index 0000000..642d926 --- /dev/null +++ b/units/systemd-update-utmp-runlevel.service.in @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Update UTMP about System Runlevel Changes +Documentation=man:systemd-update-utmp.service(8) man:utmp(5) +DefaultDependencies=no +RequiresMountsFor=/var/log/wtmp +Conflicts=shutdown.target +Requisite=systemd-update-utmp.service +After=systemd-update-utmp.service +After=runlevel1.target runlevel2.target runlevel3.target runlevel4.target runlevel5.target +Before=shutdown.target + +[Service] +Type=oneshot +ExecStart=@rootlibexecdir@/systemd-update-utmp runlevel diff --git a/units/systemd-update-utmp.service.in b/units/systemd-update-utmp.service.in new file mode 100644 index 0000000..b9a668f --- /dev/null +++ b/units/systemd-update-utmp.service.in @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Update UTMP about System Boot/Shutdown +Documentation=man:systemd-update-utmp.service(8) man:utmp(5) +DefaultDependencies=no +RequiresMountsFor=/var/log/wtmp +Conflicts=shutdown.target +After=systemd-remount-fs.service systemd-tmpfiles-setup.service auditd.service +Before=sysinit.target shutdown.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-update-utmp reboot +ExecStop=@rootlibexecdir@/systemd-update-utmp shutdown diff --git a/units/systemd-user-sessions.service.in b/units/systemd-user-sessions.service.in new file mode 100644 index 0000000..6d585eb --- /dev/null +++ b/units/systemd-user-sessions.service.in @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Permit User Sessions +Documentation=man:systemd-user-sessions.service(8) +After=remote-fs.target nss-user-lookup.target network.target + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-user-sessions start +ExecStop=@rootlibexecdir@/systemd-user-sessions stop diff --git a/units/systemd-vconsole-setup.service.in b/units/systemd-vconsole-setup.service.in new file mode 100644 index 0000000..f4178f4 --- /dev/null +++ b/units/systemd-vconsole-setup.service.in @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Setup Virtual Console +Documentation=man:systemd-vconsole-setup.service(8) man:vconsole.conf(5) +DefaultDependencies=no +Before=initrd-switch-root.target shutdown.target +ConditionPathExists=/dev/tty0 + +[Service] +Type=oneshot +ExecStart=@rootlibexecdir@/systemd-vconsole-setup diff --git a/units/systemd-volatile-root.service.in b/units/systemd-volatile-root.service.in new file mode 100644 index 0000000..8f228bc --- /dev/null +++ b/units/systemd-volatile-root.service.in @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Enforce Volatile Root File Systems +Documentation=man:systemd-volatile-root.service(8) +DefaultDependencies=no +Conflicts=shutdown.target +After=sysroot.mount +Before=initrd-root-fs.target shutdown.target +AssertPathExists=/etc/initrd-release + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootlibexecdir@/systemd-volatile-root yes /sysroot diff --git a/units/time-sync.target b/units/time-sync.target new file mode 100644 index 0000000..1533c7c --- /dev/null +++ b/units/time-sync.target @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=System Time Synchronized +Documentation=man:systemd.special(7) +RefuseManualStart=yes diff --git a/units/timers.target b/units/timers.target new file mode 100644 index 0000000..b1aa8c7 --- /dev/null +++ b/units/timers.target @@ -0,0 +1,15 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Timers +Documentation=man:systemd.special(7) + +DefaultDependencies=no +Conflicts=shutdown.target diff --git a/units/tmp.mount b/units/tmp.mount new file mode 100644 index 0000000..742d863 --- /dev/null +++ b/units/tmp.mount @@ -0,0 +1,24 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Temporary Directory (/tmp) +Documentation=man:hier(7) +Documentation=https://www.freedesktop.org/wiki/Software/systemd/APIFileSystems +ConditionPathIsSymbolicLink=!/tmp +DefaultDependencies=no +Conflicts=umount.target +Before=local-fs.target umount.target +After=swap.target + +[Mount] +What=tmpfs +Where=/tmp +Type=tmpfs +Options=mode=1777,strictatime,nosuid,nodev diff --git a/units/umount.target b/units/umount.target new file mode 100644 index 0000000..54fa5ae --- /dev/null +++ b/units/umount.target @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Unmount All Filesystems +Documentation=man:systemd.special(7) +DefaultDependencies=no +RefuseManualStart=yes diff --git a/units/user-.slice.d/10-defaults.conf b/units/user-.slice.d/10-defaults.conf new file mode 100644 index 0000000..c81a00e --- /dev/null +++ b/units/user-.slice.d/10-defaults.conf @@ -0,0 +1,17 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=User Slice of UID %j +Documentation=man:user@.service(5) +After=systemd-user-sessions.service +StopWhenUnneeded=yes + +[Slice] +TasksMax=33% diff --git a/units/user-runtime-dir@.service.in b/units/user-runtime-dir@.service.in new file mode 100644 index 0000000..c168b89 --- /dev/null +++ b/units/user-runtime-dir@.service.in @@ -0,0 +1,22 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=User Runtime Directory /run/user/%i +Documentation=man:user@.service(5) +After=systemd-user-sessions.service dbus.service +StopWhenUnneeded=yes +IgnoreOnIsolate=yes + +[Service] +ExecStart=@rootlibexecdir@/systemd-user-runtime-dir start %i +ExecStop=@rootlibexecdir@/systemd-user-runtime-dir stop %i +Type=oneshot +RemainAfterExit=yes +Slice=user-%i.slice diff --git a/units/user.slice b/units/user.slice new file mode 100644 index 0000000..3f2d98f --- /dev/null +++ b/units/user.slice @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=User and Session Slice +Documentation=man:systemd.special(7) +Before=slices.target diff --git a/units/user/basic.target b/units/user/basic.target new file mode 100644 index 0000000..1ae8275 --- /dev/null +++ b/units/user/basic.target @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Basic System +Documentation=man:systemd.special(7) +Wants=sockets.target timers.target paths.target +After=sockets.target timers.target paths.target diff --git a/units/user/bluetooth.target b/units/user/bluetooth.target new file mode 100644 index 0000000..62407d3 --- /dev/null +++ b/units/user/bluetooth.target @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Bluetooth +Documentation=man:systemd.special(7) +StopWhenUnneeded=yes diff --git a/units/user/default.target b/units/user/default.target new file mode 100644 index 0000000..da319ce --- /dev/null +++ b/units/user/default.target @@ -0,0 +1,15 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Default +Documentation=man:systemd.special(7) +Requires=basic.target +After=basic.target +AllowIsolate=yes diff --git a/units/user/exit.target b/units/user/exit.target new file mode 100644 index 0000000..11a6f8e --- /dev/null +++ b/units/user/exit.target @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Exit the Session +Documentation=man:systemd.special(7) +DefaultDependencies=no +Requires=systemd-exit.service +After=systemd-exit.service +AllowIsolate=yes diff --git a/units/user/graphical-session-pre.target b/units/user/graphical-session-pre.target new file mode 100644 index 0000000..3adfc5a --- /dev/null +++ b/units/user/graphical-session-pre.target @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Session services which should run early before the graphical session is brought up +Documentation=man:systemd.special(7) +Requires=basic.target +Before=graphical-session.target +RefuseManualStart=yes +StopWhenUnneeded=yes diff --git a/units/user/graphical-session.target b/units/user/graphical-session.target new file mode 100644 index 0000000..a38eaab --- /dev/null +++ b/units/user/graphical-session.target @@ -0,0 +1,15 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Current graphical user session +Documentation=man:systemd.special(7) +Requires=basic.target +RefuseManualStart=yes +StopWhenUnneeded=yes diff --git a/units/user/meson.build b/units/user/meson.build new file mode 100644 index 0000000..36341a4 --- /dev/null +++ b/units/user/meson.build @@ -0,0 +1,38 @@ +# SPDX-License-Identifier: LGPL-2.1+ + +units = [ + 'basic.target', + 'bluetooth.target', + 'default.target', + 'exit.target', + 'graphical-session-pre.target', + 'graphical-session.target', + 'paths.target', + 'printer.target', + 'shutdown.target', + 'smartcard.target', + 'sockets.target', + 'sound.target', + 'timers.target', + 'systemd-exit.service', + 'systemd-tmpfiles-clean.timer', +] + +foreach file : units + install_data(file, + install_dir : userunitdir) +endforeach + +in_units = [ + 'systemd-tmpfiles-clean.service', + 'systemd-tmpfiles-setup.service', +] + +foreach file : in_units + gen = configure_file( + input : file + '.in', + output : file, + configuration : substs) + install_data(gen, + install_dir : userunitdir) +endforeach diff --git a/units/user/paths.target b/units/user/paths.target new file mode 100644 index 0000000..9b6ed1c --- /dev/null +++ b/units/user/paths.target @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Paths +Documentation=man:systemd.special(7) diff --git a/units/user/printer.target b/units/user/printer.target new file mode 100644 index 0000000..e1fb0d4 --- /dev/null +++ b/units/user/printer.target @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Printer +Documentation=man:systemd.special(7) +StopWhenUnneeded=yes diff --git a/units/user/shutdown.target b/units/user/shutdown.target new file mode 100644 index 0000000..d48e6d6 --- /dev/null +++ b/units/user/shutdown.target @@ -0,0 +1,14 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Shutdown +Documentation=man:systemd.special(7) +DefaultDependencies=no +RefuseManualStart=yes diff --git a/units/user/smartcard.target b/units/user/smartcard.target new file mode 100644 index 0000000..717ea23 --- /dev/null +++ b/units/user/smartcard.target @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Smart Card +Documentation=man:systemd.special(7) +StopWhenUnneeded=yes diff --git a/units/user/sockets.target b/units/user/sockets.target new file mode 100644 index 0000000..9af67fd --- /dev/null +++ b/units/user/sockets.target @@ -0,0 +1,12 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Sockets +Documentation=man:systemd.special(7) diff --git a/units/user/sound.target b/units/user/sound.target new file mode 100644 index 0000000..19afc2a --- /dev/null +++ b/units/user/sound.target @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Sound Card +Documentation=man:systemd.special(7) +StopWhenUnneeded=yes diff --git a/units/user/systemd-exit.service b/units/user/systemd-exit.service new file mode 100644 index 0000000..1d3b61e --- /dev/null +++ b/units/user/systemd-exit.service @@ -0,0 +1,16 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Exit the Session +Documentation=man:systemd.special(7) +DefaultDependencies=no +Requires=shutdown.target +After=shutdown.target +SuccessAction=exit-force diff --git a/units/user/systemd-tmpfiles-clean.service.in b/units/user/systemd-tmpfiles-clean.service.in new file mode 100644 index 0000000..9cd1972 --- /dev/null +++ b/units/user/systemd-tmpfiles-clean.service.in @@ -0,0 +1,21 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Cleanup of User's Temporary Files and Directories +Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) +DefaultDependencies=no +Conflicts=shutdown.target +Before=basic.target shutdown.target + +[Service] +Type=oneshot +ExecStart=@rootbindir@/systemd-tmpfiles --user --clean +SuccessExitStatus=65 +IOSchedulingClass=idle diff --git a/units/user/systemd-tmpfiles-clean.timer b/units/user/systemd-tmpfiles-clean.timer new file mode 100644 index 0000000..d1dbad9 --- /dev/null +++ b/units/user/systemd-tmpfiles-clean.timer @@ -0,0 +1,19 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Daily Cleanup of User's Temporary Directories +Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) + +[Timer] +OnStartupSec=5min +OnUnitActiveSec=1d + +[Install] +WantedBy=timers.target diff --git a/units/user/systemd-tmpfiles-setup.service.in b/units/user/systemd-tmpfiles-setup.service.in new file mode 100644 index 0000000..6467dab --- /dev/null +++ b/units/user/systemd-tmpfiles-setup.service.in @@ -0,0 +1,25 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Create User's Volatile Files and Directories +Documentation=man:tmpfiles.d(5) man:systemd-tmpfiles(8) +DefaultDependencies=no +Conflicts=shutdown.target +Before=basic.target shutdown.target +RefuseManualStop=yes + +[Service] +Type=oneshot +RemainAfterExit=yes +ExecStart=@rootbindir@/systemd-tmpfiles --user --create --remove --boot +SuccessExitStatus=65 + +[Install] +WantedBy=basic.target diff --git a/units/user/timers.target b/units/user/timers.target new file mode 100644 index 0000000..b1aa8c7 --- /dev/null +++ b/units/user/timers.target @@ -0,0 +1,15 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=Timers +Documentation=man:systemd.special(7) + +DefaultDependencies=no +Conflicts=shutdown.target diff --git a/units/user@.service.in b/units/user@.service.in new file mode 100644 index 0000000..ca98c05 --- /dev/null +++ b/units/user@.service.in @@ -0,0 +1,26 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=User Manager for UID %i +Documentation=man:user@.service(5) +After=systemd-user-sessions.service user-runtime-dir@%i.service dbus.service +Requires=user-runtime-dir@%i.service +IgnoreOnIsolate=yes + +[Service] +User=%i +PAMName=systemd-user +Type=notify +ExecStart=-@rootlibexecdir@/systemd --user +Slice=user-%i.slice +KillMode=mixed +Delegate=pids memory +TasksMax=infinity +TimeoutStopSec=120s diff --git a/units/var-lib-machines.mount b/units/var-lib-machines.mount new file mode 100644 index 0000000..3658199 --- /dev/null +++ b/units/var-lib-machines.mount @@ -0,0 +1,23 @@ +# SPDX-License-Identifier: LGPL-2.1+ +# +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +# This unit is required for pre-240 versions of systemd that automatically set +# up /var/lib/machines.raw as loopback-mounted btrfs file system. Later +# versions don't do that anymore, but let's keep minimal compatibility by +# mounting the image still, if it exists. + +[Unit] +Description=Virtual Machine and Container Storage (Compatibility) +ConditionPathExists=/var/lib/machines.raw + +[Mount] +What=/var/lib/machines.raw +Where=/var/lib/machines +Type=btrfs +Options=loop |