Systemd

systemd-run(1)

systemd-system.conf(5)

Unit types

Syntax

systemd.syntax(7)

[Section A]
KeyOne=value 1
KeyTwo=value 2

# a comment

[Section B]
Setting="something" "some thing" "..."
KeyTwo=value 2 \
       value 2 continued

[Section C]
KeyThree=value 3\
# this line is ignored
; this line is ignored too
         value 3 continued

Search Path

systemd-analyze unit-paths

/usr/local/lib/systemd/system/* is probably the best place for “non Arch Linux installed” unit files.

systemd-analyze --user unit-paths

[Install]

/usr/lib/systemd/system/nginx.service and /usr/lib/systemd/system/postgresql.service

[Install]
WantedBy=multi-user.target

systemctl list-units

This lists processes with 10 different kinds of suffixes:

2. Socket

systemd.socket(5) daemon(7)

dbus.socket

3. Target

systemd.target(5)

basic.target

4. Device

systemd.device(5)

sys-devices-pci0000:00-0000:00:04.0-virtio2-net-eth0.device

5. Mount

systemd.mount(5)

tmp.mount

6. Automount

systemd.automount(5)

proc-sys-fs-binfmt_misc.automount

7. Timer

systemd.timer(5)

certbot-renewal.timer

8. Swap

systemd.swap(5)

dev-sdb.swap

9. Path

systemd.path(5)

systemd-ask-password-console.path

10. Slice

systemd.slice(5)

system-getty.slice

11. Scope

systemd.scope(5)

init.scope

systemd.special(7)

logging daemon

daemon config files, see systemd-system.conf(5), systemd-user.conf(5), logind.conf(5), journald.conf(5), journal- remote.conf(5), journal-upload.conf(5), systemd-sleep.conf(5), timesyncd.conf(5)

hostname

systemd contains native implementations of various tasks that need to be executed as part of the boot process. For example, it sets the hostname or configures the loopback network device. It also sets up and mounts various API file systems, such as /sys/, /proc/, and /dev/.

date

locale

maintain a list of logged-in users

running containers and virtual machines

system accounts

runtime directories and settings

daemons to manage simple network configuration

netdev and network files, see systemd.netdev(5), systemd.network(5)

network time synchronization

log forwarding

name resolution.

nspawn files, see systemd.nspawn(5)

Arch Linux

Components

systemd
systemctl
systemd-analyze
journald
libudev
localed
logind
hostnamed
homed
networkd
resolved
systemd-boot
systemd-bsod
systemd-nspawn
timedated
timesyncd
tmpfiles
udevd

[Unit] This is common to all unit types. It contains metadata about the service such as a description. systemd.unit(5) /usr/lib/systemd/system/nginx.service [Unit] Description=nginx web server After=network-online.target remote-fs.target nss-lookup.target Wants=network-online.target /usr/lib/systemd/system/postgresql.service [Unit] Description=PostgreSQL database server Documentation=man:postgres(1) After=network.target network-online.target Wants=network-online.target /usr/lib/systemd/system/tmp.mount [Unit] Description=Temporary Directory /tmp Documentation=https://systemd.io/TEMPORARY_DIRECTORIES Documentation=man:file-hierarchy(7) Documentation=https://systemd.io/API_FILE_SYSTEMS ConditionPathIsSymbolicLink=!/tmp DefaultDependencies=no Conflicts=umount.target Before=local-fs.target umount.target After=swap.target

service

[Service] systemd.service(5) /usr/lib/systemd/system/nginx.service [Service] Type=forking PIDFile=/run/nginx.pid PrivateDevices=yes PrivateTmp=true SyslogLevel=err ExecStart=/usr/bin/nginx ExecReload=/usr/bin/nginx -s reload Restart=on-failure KillMode=mixed KillSignal=SIGQUIT TimeoutStopSec=5 /usr/lib/systemd/system/postgresql.service [Service] Type=notify TimeoutSec=120 User=postgres Group=postgres Environment=PGROOT=/var/lib/postgres SyslogIdentifier=postgres PIDFile=/var/lib/postgres/data/postmaster.pid RuntimeDirectory=postgresql RuntimeDirectoryMode=755 ExecStartPre=/usr/bin/postgresql-check-db-dir ${PGROOT}/data ExecStart=/usr/bin/postgres -D ${PGROOT}/data ExecReload=/bin/kill -HUP ${MAINPID} KillMode=mixed KillSignal=SIGINT # Due to PostgreSQL's use of shared memory, OOM killer is often overzealous in # killing Postgres, so adjust it downward OOMScoreAdjust=-200 # Additional security-related features PrivateTmp=true ProtectHome=true ProtectSystem=full NoNewPrivileges=true ProtectControlGroups=true ProtectKernelModules=true ProtectKernelTunables=true PrivateDevices=true RestrictAddressFamilies=AF_UNIX AF_INET AF_INET6 RestrictNamespaces=true RestrictRealtime=true SystemCallArchitectures=native systemd.

sockets

Socket Activated Internet Services and OS Containers