diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 20:49:52 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-10 20:49:52 +0000 |
commit | 55944e5e40b1be2afc4855d8d2baf4b73d1876b5 (patch) | |
tree | 33f869f55a1b149e9b7c2b7e201867ca5dd52992 /man/systemd.generator.xml | |
parent | Initial commit. (diff) | |
download | systemd-55944e5e40b1be2afc4855d8d2baf4b73d1876b5.tar.xz systemd-55944e5e40b1be2afc4855d8d2baf4b73d1876b5.zip |
Adding upstream version 255.4.upstream/255.4
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'man/systemd.generator.xml')
-rw-r--r-- | man/systemd.generator.xml | 403 |
1 files changed, 403 insertions, 0 deletions
diff --git a/man/systemd.generator.xml b/man/systemd.generator.xml new file mode 100644 index 0000000..b216ef9 --- /dev/null +++ b/man/systemd.generator.xml @@ -0,0 +1,403 @@ +<?xml version='1.0'?> <!--*-nxml-*--> +<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" + "http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd" [ +<!ENTITY % entities SYSTEM "custom-entities.ent" > +%entities; +]> +<!-- SPDX-License-Identifier: LGPL-2.1-or-later --> + +<refentry id="systemd.generator" xmlns:xi="http://www.w3.org/2001/XInclude"> + <refentryinfo> + <title>systemd.generator</title> + <productname>systemd</productname> + </refentryinfo> + + <refmeta> + <refentrytitle>systemd.generator</refentrytitle> + <manvolnum>7</manvolnum> + </refmeta> + + <refnamediv> + <refname>systemd.generator</refname> + <refpurpose>systemd unit generators</refpurpose> + </refnamediv> + + <refsynopsisdiv> + <cmdsynopsis> + <command index='false'>/path/to/generator</command> + <arg choice="plain"><replaceable>normal-dir</replaceable></arg> + <arg choice="option"><replaceable>early-dir</replaceable></arg> + <arg choice="option"><replaceable>late-dir</replaceable></arg> + </cmdsynopsis> + + <para> + <literallayout><filename>/run/systemd/system-generators/*</filename> +<filename>/etc/systemd/system-generators/*</filename> +<filename>/usr/local/lib/systemd/system-generators/*</filename> +<filename>&SYSTEM_GENERATOR_DIR;/*</filename></literallayout> + </para> + + <para> + <literallayout><filename>/run/systemd/user-generators/*</filename> +<filename>/etc/systemd/user-generators/*</filename> +<filename>/usr/local/lib/systemd/user-generators/*</filename> +<filename>&USER_GENERATOR_DIR;/*</filename></literallayout> + </para> + </refsynopsisdiv> + + <refsect1> + <title>Description</title> + <para>Generators are small executables placed in <filename>&SYSTEM_GENERATOR_DIR;/</filename> and other + directories listed above. + <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry> will execute + these binaries very early at bootup and at configuration reload time — before unit files are + loaded. Their main purpose is to convert configuration and execution context parameters that are not + native to the service manager into dynamically generated unit files, symlinks or unit file drop-ins, so + that they can extend the unit file hierarchy the service manager subsequently loads and operates + on.</para> + + <para><command>systemd</command> will call each generator with three directory paths that are to be used + for generator output. In these three directories, generators may dynamically generate unit files (regular + ones, instances, as well as templates), unit file <filename>.d/</filename> drop-ins, and create symbolic + links to unit files to add additional dependencies, create aliases, or instantiate existing templates. + Those directories are included in the unit load path, allowing generated configuration to extend or + override existing definitions. For tests, generators may be called with just one argument; the generator + should assume that all three paths are the same in that case.</para> + + <para>Directory paths for generator output differ by priority: <filename>…/generator.early</filename> has + priority higher than the admin configuration in <filename>/etc/</filename>, while + <filename>…/generator</filename> has lower priority than <filename>/etc/</filename> but higher than + vendor configuration in <filename>/usr/</filename>, and <filename>…/generator.late</filename> has + priority lower than all other configuration. See the next section and the discussion of unit load paths + and unit overriding in + <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. + </para> + + <para>Generators are loaded from a set of paths determined during compilation, as listed above. System + and user generators are loaded from directories with names ending in + <filename>system-generators/</filename> and <filename>user-generators/</filename>, + respectively. Generators found in directories listed earlier override the ones with the same name in + directories lower in the list. A symlink to <filename>/dev/null</filename> or an empty file can be used + to mask a generator, thereby preventing it from running. Please note that the order of the two + directories with the highest priority is reversed with respect to the unit load path, and generators in + <filename>/run/</filename> overwrite those in <filename>/etc/</filename>.</para> + + <para>After installing new generators or updating the configuration, <command>systemctl + daemon-reload</command> may be executed. This will delete the previous configuration created by + generators, re-run all generators, and cause <command>systemd</command> to reload units from disk. See + <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry> for more + information. + </para> + </refsect1> + + <refsect1> + <title>Output directories</title> + + <para>Generators are invoked with three arguments: paths to directories where generators can place their + generated unit files or symlinks. By default those paths are runtime directories that are included in the + search path of <command>systemd</command>, but a generator may be called with different paths for + debugging purposes. If only one argument is provided, the generator should use the same directory as the + three output paths.</para> + + <orderedlist> + <listitem> + <para><parameter>normal-dir</parameter></para> + <para>In normal use this is <filename>/run/systemd/generator</filename> in case of the system + generators and <filename>$XDG_RUNTIME_DIR/systemd/generator</filename> in case of the user + generators. Unit files placed in this directory take precedence over vendor unit configuration but + not over native user/administrator unit configuration. + </para> + </listitem> + + <listitem> + <para><parameter>early-dir</parameter></para> + <para>In normal use this is <filename>/run/systemd/generator.early</filename> in case of the system + generators and <filename>$XDG_RUNTIME_DIR/systemd/generator.early</filename> in case of the user + generators. Unit files placed in this directory override unit files in <filename>/usr/</filename>, + <filename>/run/</filename> and <filename>/etc/</filename>. This means that unit files placed in this + directory take precedence over all normal configuration, both vendor and user/administrator.</para> + </listitem> + + <listitem> + <para><parameter>late-dir</parameter></para> + <para>In normal use this is <filename>/run/systemd/generator.late</filename> in case of the system + generators and <filename>$XDG_RUNTIME_DIR/systemd/generator.late</filename> in case of the user + generators. This directory may be used to extend the unit file tree without overriding any other unit + files. Any native configuration files supplied by the vendor or user/administrator take + precedence.</para> + </listitem> + </orderedlist> + + <para>Note: generators <emphasis>must not</emphasis> write to other locations or otherwise make changes + to system state. Generator output is supposed to last only until the next + <command>daemon-reload</command> or <command>daemon-reexec</command>; if the generator is replaced + or masked, its effects should vanish.</para> + </refsect1> + + <refsect1> + <title>Environment</title> + + <para>The service manager sets a number of environment variables when invoking generator + executables. They carry information about the execution context of the generator, in order to simplify + conditionalizing generators to specific environments. The following environment variables are set:</para> + + <variablelist class='environment-variables'> + <varlistentry> + <term><varname>$SYSTEMD_SCOPE</varname></term> + + <listitem><para>If the generator is invoked from the system service manager this variable is set to + <literal>system</literal>; if invoked from the per-user service manager it is set to + <literal>user</literal>.</para> + + <xi:include href="version-info.xml" xpointer="v251"/></listitem> + </varlistentry> + + <varlistentry> + <term><varname>$SYSTEMD_IN_INITRD</varname></term> + + <listitem><para>If the generator is run as part of an initrd this is set to <literal>1</literal>. If + it is run from the regular host (i.e. after the transition from initrd to host) it is set to + <literal>0</literal>. This environment variable is only set for system generators.</para> + + <xi:include href="version-info.xml" xpointer="v251"/></listitem> + </varlistentry> + + <varlistentry> + <term><varname>$SYSTEMD_FIRST_BOOT</varname></term> + + <listitem><para>If this boot-up cycle is considered a "first boot", this is set to + <literal>1</literal>; if it is a subsequent, regular boot it is set to <literal>0</literal>. For + details see the documentation of <varname>ConditionFirstBoot=</varname> in + <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. This + environment variable is only set for system generators.</para> + + <xi:include href="version-info.xml" xpointer="v251"/></listitem> + </varlistentry> + + <varlistentry> + <term><varname>$SYSTEMD_VIRTUALIZATION</varname></term> + + <listitem><para>If the service manager is run in a virtualized environment, + <varname>$SYSTEMD_VIRTUALIZATION</varname> is set to a pair of strings, separated by a colon. The + first string is either <literal>vm</literal> or <literal>container</literal>, categorizing the type + of virtualization. The second string identifies the implementation of the virtualization + technology. If no virtualization is detected this variable will not be set. This data is identical to + what + <citerefentry><refentrytitle>systemd-detect-virt</refentrytitle><manvolnum>1</manvolnum></citerefentry> + detects and reports, and uses the same vocabulary of virtualization implementation + identifiers.</para> + + <xi:include href="version-info.xml" xpointer="v251"/></listitem> + </varlistentry> + + <varlistentry> + <term><varname>$SYSTEMD_ARCHITECTURE</varname></term> + + <listitem><para>This variable is set to a short identifier of the reported architecture of the + system. For details about defined values, see documentation of + <varname>ConditionArchitecture=</varname> in + <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para> + + <xi:include href="version-info.xml" xpointer="v251"/></listitem> + </varlistentry> + + <varlistentry> + <term><varname>$CREDENTIALS_DIRECTORY</varname></term> + <term><varname>$ENCRYPTED_CREDENTIALS_DIRECTORY</varname></term> + + <listitem><para>If set, refers to the directory system credentials have been placed in. Credentials + passed into the system in plaintext form will be placed in <varname>$CREDENTIALS_DIRECTORY</varname>, + and those passed in in encrypted form will be placed in + <varname>$ENCRYPTED_CREDENTIALS_DIRECTORY</varname>. Use the + <citerefentry><refentrytitle>systemd-creds</refentrytitle><manvolnum>1</manvolnum></citerefentry> + command to automatically decrypt/authenticate credentials passed in, if needed. Specifically, use the + <command>systemd-creds --system cat</command> command.</para> + + <xi:include href="version-info.xml" xpointer="v254"/></listitem> + </varlistentry> + + <varlistentry> + <term><varname>$SYSTEMD_CONFIDENTIAL_VIRTUALIZATION</varname></term> + + <listitem><para>If the service manager is run in a confidential virtualized environment, + <varname>$SYSTEMD_CONFIDENTIAL_VIRTUALIZATION</varname> is set to a string that identifies + the confidential virtualization hardware technology. If no confidential virtualization is + detected this variable will not be set. This data is identical to what + <citerefentry><refentrytitle>systemd-detect-virt</refentrytitle><manvolnum>1</manvolnum></citerefentry> + detects and reports, and uses the same vocabulary of confidential virtualization + technology identifiers.</para> + + <xi:include href="version-info.xml" xpointer="v254"/></listitem> + </varlistentry> + </variablelist> + </refsect1> + + <refsect1> + <title>Notes about writing generators</title> + + <itemizedlist> + <listitem> + <para>All generators are executed in parallel. That means all executables are started at the very + same time and need to be able to cope with this parallelism. + </para> + </listitem> + + <listitem> + <para>Generators are run very early at boot and cannot rely on any external services. They may not + talk to any other process. That includes simple things such as logging to <citerefentry + project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry>, or + <command>systemd</command> itself (this means: no + <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>)! + Non-essential file systems like <filename>/var/</filename> and <filename>/home/</filename> are + mounted after generators have run. Generators can however rely on the most basic kernel functionality + to be available, as well as mounted <filename>/sys/</filename>, <filename>/proc/</filename>, + <filename>/dev/</filename>, <filename>/usr/</filename> and <filename>/run/</filename> file systems. + </para> + </listitem> + + <listitem> + <para>Units written by generators are removed when the configuration is reloaded. That means the + lifetime of the generated units is closely bound to the reload cycles of <command>systemd</command> + itself.</para> + </listitem> + + <listitem> + <para>Generators should only be used to generate unit files, <filename>.d/*.conf</filename> drop-ins + for them and symlinks to them, not any other kind of non-unit related configuration. Due to the + lifecycle logic mentioned above, generators are not a good fit to generate dynamic configuration for + other services. If you need to generate dynamic configuration for other services, do so in normal + services you order before the service in question.</para> + + <para>Note that using the <varname>StandardInputData=</varname>/<varname>StandardInputText=</varname> + settings of service unit files (see + <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>), it + is possible to make arbitrary input data (including daemon-specific configuration) part of the unit + definitions, which often might be sufficient to embed data or configuration for other programs into + unit files in a native fashion.</para> + </listitem> + + <listitem> + <para>Since + <citerefentry project='man-pages'><refentrytitle>syslog</refentrytitle><manvolnum>3</manvolnum></citerefentry> + + is not available (see above), log messages have to be written to <filename>/dev/kmsg</filename> + instead.</para> + </listitem> + + <listitem> + <para>The generator should always include its own name in a comment at the top of the generated file, + so that the user can easily figure out which component created or amended a particular unit.</para> + + <para>The <varname>SourcePath=</varname> directive should be used in generated files to specify the + source configuration file they are generated from. This makes things more easily understood by the + user and also has the benefit that systemd can warn the user about configuration files that changed + on disk but have not been read yet by systemd. The <varname>SourcePath=</varname> value does not have + to be a file in a physical filesystem. For example, in the common case of the generator looking at + the kernel command line, <option>SourcePath=/proc/cmdline</option> should be used.</para> + </listitem> + + <listitem> + <para>Generators may write out dynamic unit files or just hook unit files into other units with the + usual <filename>.wants/</filename> or <filename>.requires/</filename> symlinks. Often, it is nicer to + simply instantiate a template unit file from <filename>/usr/</filename> with a generator instead of + writing out entirely dynamic unit files. Of course, this works only if a single parameter is to be + used.</para> + </listitem> + + <listitem> + <para>If you are careful, you can implement generators in shell scripts. We do recommend C code + however, since generators are executed synchronously and hence delay the entire boot if they are + slow.</para> + </listitem> + + <listitem> + <para>Regarding overriding semantics: there are two rules we try to follow when thinking about the + overriding semantics:</para> + + <orderedlist numeration="lowerroman"> + <listitem> + <para>User configuration should override vendor configuration. This (mostly) means that stuff + from <filename>/etc/</filename> should override stuff from <filename>/usr/</filename>.</para> + </listitem> + + <listitem> + <para>Native configuration should override non-native configuration. This (mostly) means that + stuff you generate should never override native unit files for the same purpose.</para> + </listitem> + </orderedlist> + + <para>Of these two rules the first rule is probably the more important one and breaks the second one + sometimes. Hence, when deciding whether to use argv[1], argv[2], or argv[3], your default choice + should probably be argv[1].</para> + </listitem> + + <listitem> + <para>Instead of heading off now and writing all kind of generators for legacy configuration file + formats, please think twice! It is often a better idea to just deprecate old stuff instead of keeping + it artificially alive. + </para> + </listitem> + </itemizedlist> + </refsect1> + + <refsect1> + <title>Examples</title> + <example> + <title>systemd-fstab-generator</title> + + <para><citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry> + converts <filename>/etc/fstab</filename> into native mount units. It uses argv[1] as location to place + the generated unit files in order to allow the user to override <filename>/etc/fstab</filename> with + their own native unit files, but also to ensure that <filename>/etc/fstab</filename> overrides any + vendor default from <filename>/usr/</filename>.</para> + + <para>After editing <filename>/etc/fstab</filename>, the user should invoke <command>systemctl + daemon-reload</command>. This will re-run all generators and cause <command>systemd</command> to reload + units from disk. To actually mount new directories added to <filename>fstab</filename>, + <command>systemctl start <replaceable>/path/to/mountpoint</replaceable></command> or <command>systemctl + start local-fs.target</command> may be used.</para> + </example> + + <example> + <title>systemd-system-update-generator</title> + + <para><citerefentry><refentrytitle>systemd-system-update-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry> + temporarily redirects <filename>default.target</filename> to <filename>system-update.target</filename>, + if a system update is scheduled. Since this needs to override the default user configuration for + <filename>default.target</filename>, it uses argv[2]. For details about this logic, see + <citerefentry><refentrytitle>systemd.offline-updates</refentrytitle><manvolnum>7</manvolnum></citerefentry>. + </para> + </example> + + <example> + <title>Debugging a generator</title> + + <programlisting>dir=$(mktemp -d) +SYSTEMD_LOG_LEVEL=debug &SYSTEM_GENERATOR_DIR;/systemd-fstab-generator \ + "$dir" "$dir" "$dir" +find $dir</programlisting> + </example> + </refsect1> + + <refsect1> + <title>See also</title> + + <para> + <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd-cryptsetup-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd-debug-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd-fstab-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + <citerefentry project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd-getty-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd-gpt-auto-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd-hibernate-resume-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd-rc-local-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd-system-update-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd-sysv-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd-xdg-autostart-generator</refentrytitle><manvolnum>8</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>, + <citerefentry><refentrytitle>systemd.environment-generator</refentrytitle><manvolnum>7</manvolnum></citerefentry> + </para> + </refsect1> +</refentry> |