System D

systemd - Gentoo Wiki
systemd
https://wiki.gentoo.org/wiki/Systemd
(/)
Wiki
From Gentoo Wiki
systemd is a modern SysV-style init and rc (run command) [1]

replacement for Linux systems. It is supported in Gentoo as an alternate
init system.
Contents
1 Pre-installation Conguration
1.1 Kernel
1.2 The /run directory
1.3 /etc/mtab
1.4 Ensure /usr is present at boot time
1.5 Using LVM2 and initramfs
2 Installation
3 Booting with systemd
3.1 Grub Legacy (0.x)
3.2 Grub 2
3.3 In kernel cong
3.4 Setting root password
4 Post-installation conguration
4.1 Hostname
4.2 Locale
4.3 Time and date
4.4 Automatic module loading
4.5 Network
4.5.1 systemd-networkd
4.5.2 NetworkManager
4.6 Handling of log les
4.7 /tmp is now in tmpfs
4.8 Congure verbosity of boot process
5 Services
5.1 OpenRC services
5.2 Listing available services
5.3 Enabling, disabling, starting, and stopping services
5.4 Installing custom unit les
5.5 Customizing unit les
5.6 Enabling a service under a custom name
5.7 Native services
5.8 Timer services
5.8.1 Emailing failures
5.8.2 Replacing cron
6 Troubleshooting
6.1 Graphical sessions opened in random places
6.2 lvm
6.3 systemd-bootchart
6.4 syslog-ng conicts with systemd
6.5 sys-fs/cryptsetup conguration
6.6 Check for units that failed to start
6.7 Enable Debug Mode
6.8 e4rat usage
1 of 18
Resources
Home (http://freedesktop.org
/wiki/Software/systemd)
Wikipedia (http://en.wikipedia.org
/wiki/Systemd)
GitWeb (http://cgit.freedesktop.org
/systemd/systemd/)
09/03/2016 02:55
6.9 GRSecurity hardening

7 See also
8 External resources
9 References
Pre-installation Configuration
Note
When updating from <=sys-apps/systemd-203 check the upgrade subpage (/wiki/Systemd/upgrade).
Kernel
systemd makes use of many modern Linux kernel features. Right now, the lower bound on kernel version is set in
the ebuild to 2.6.39. In recent versions of sys-kernel/gentoo-sources (https://packages.gentoo.org/packages
/sys-kernel/gentoo-sources), there is a convenient way of selecting the mandatory and optional kernel options for
systemd:
KERNEL
Quick setup using gentoo-sources
Gentoo Linux --->

Support for init systems, system and service managers --->
[*] systemd
To congure the kernel options manually (which is the only option when not using sys-kernel/gentoo-sources
(https://packages.gentoo.org/packages/sys-kernel/gentoo-sources)), the following kernel conguration options are
required or recommended:
KERNEL
Mandatory options
General setup --->

[*] Control Group support
[*] open by fhandle syscalls
[ ] Enable deprecated sysfs features to support old userspace tools
[*] Configure standard kernel features (expert users) --->
[*] Enable eventpoll support
[*] Enable signalfd() system call
[*] Enable timerfd() system call
[*] Networking support --->
Device Drivers --->
Generic Driver Options --->
[*] Maintain a devtmpfs filesystem to mount at /dev
File systems --->
[*] Inotify support for userspace
Pseudo filesystems --->
[*] /proc file system support
[*] sysfs file system support
KERNEL
2 of 18
Recommended options
09/03/2016 02:55
General setup --->

[*] Namespaces support --->
[*] Network namespace
[*] Enable the block layer --->
[*] Block layer SG support v4
Processor type and features --->
[*] Enable seccomp to safely compute untrusted bytecode
Networking support --->
Networking options --->
<*> The IPv6 protocol
Device Drivers --->
Generic Driver Options --->
() path to uevent helper
[ ] Fallback user-helper invocation for firmware loading
Firmware Drivers --->
[*] Export DMI identification via sysfs to userspace
File systems --->
<*> Kernel automounter version 4 support (also supports v3)
[*] Tmpfs virtual memory file system support (former shm fs)
[*]
Tmpfs POSIX Access Control Lists
[*]
Tmpfs extended attributes
For an UEFI system also enable the following:

KERNEL
UEFI support
[*] Enable the block layer --->

Partition Types --->
[*] Advanced partition selection
[*]
EFI GUID Partition support
Processor type and features --->
[*] EFI runtime service support
Firmware Drivers --->
EFI (Extensible Firmware Interface) Support -->
<*> EFI Variable Support via sysfs
If the system is using the BFQ scheduler, it's recommended by BFQ upstream to enable "BFQ hierarchical
scheduling support" under "Enable the block layer -> IO Schedulers".
For an up-to-date list, see section "REQUIREMENTS" in the upstream README (http://cgit.freedesktop.org/systemd
/systemd/tree/README) le.
The /run directory

The /run directory is used by systemd and other applications as a non-persistent storage for runtime data like pid
les, sockets and state les.
The systemd package will create the /run directory itself. However, please note that this change will trigger
automatic mounting of it in OpenRC (/wiki/OpenRC) as well, and may trigger its use by dierent software packages.
/etc/mtab
Upstream only supports the /etc/mtab le being a symlink to /proc/self/mounts. Not creating this symlink will
also cause problems with mount ( bug #434090 (https://bugs.gentoo.org/show_bug.cgi?id=434090)) and df (
bug #477240 (https://bugs.gentoo.org/show_bug.cgi?id=477240)). In the past some utilities wrote information (like
3 of 18
09/03/2016 02:55
mount options) into /etc/mtab and thus it was supposed to be a regular le. Nowadays all software is supposed to
avoid this problem. Still, before switching the le to become a symbolic link, please check bug #477498
(https://bugs.gentoo.org/show_bug.cgi?id=477498) to be sure that the system is not aected by any reported
regressions.
To create the symlink, run:
root # ln -sf /proc/self/mounts /etc/mtab
Ensure /usr is present at boot time

For a split /usr conguration, use an initramfs (/wiki/Initramfs) to mount /usr before starting systemd. For now,
this means using sys-kernel/dracut (https://packages.gentoo.org/packages/sys-kernel/dracut) or
sys-kernel/genkernel-next (https://packages.gentoo.org/packages/sys-kernel/genkernel-next) until support for /usr
is available in sys-kernel/genkernel (https://packages.gentoo.org/packages/sys-kernel/genkernel). Set aside time
now to migrate:
root # emerge --ask--unmerge sys-kernel/genkernel
root # emerge --ask sys-kernel/dracut
root # emerge --ask sys-kernel/genkernel-next
When using dracut, enable the usrmount module if it is not automatically enabled to mount /usr automatically.
FILE
/etc/dracut/dracut.conf
# Dracut modules to add to the default

add_dracutmodules+="usrmount"
If using genkernel-next, before rebuilding the kernel, be sure to set the UDEV variable in genkernel's conguration
le to yes . This will pull /usr into the initramfs:
FILE
/etc/genkernel.conf
# Use udev instead of mdev as the default device manager for the initramfs.
# If you use systemd and perhaps lvm, you _must_ keep this turned on.
UDEV="yes"
root # genkernel --install all
See the Initramfs guide (/wiki/Initramfs/Guide) for more alternatives.
Using LVM2 and initramfs

When sys-fs/lvm2 (/wiki/LVM) is used and the system is booted using an initramfs, the initramfs will have to be
created using sys-kernel/genkernel-next (https://packages.gentoo.org/packages/sys-kernel/genkernel-next) by
running:
root # genkernel --udev --lvm <target>
<target> is either initramfs or one of the other genkernel targets which imply the creation of an initramfs. For
more information, look at the output of genkernel --help:
user $ genkernel --help
When LVM is used, the lvmetad daemon needs to be started as well. Otherwise systemd will be unable to mount
LVM volumes. lvmetad can be enabled in /etc/lvm/lvm.conf:
FILE
/etc/lvm/lvm.conf Snippet of required changes in lvm.conf
# Set use_lvmetad to '1' for systemd

use_lvmetad = 1
Note
Instead of modifying /etc/lvm/lvm.conf this could probably be achieved through a lvmetad.socket unit
which activates a lvmetad.service, but current versions of sys-fs/lvm2 (https://packages.gentoo.org/packages
4 of 18
09/03/2016 02:55
/sys-fs/lvm2) don't ship those yet.
Installation
sys-apps/systemd (https://packages.gentoo.org/packages/sys-apps/systemd) contains udev. Once installed,
sys-fs/udev (https://packages.gentoo.org/packages/sys-fs/udev) can be removed as systemd will be the provider for
virtual/udev (https://packages.gentoo.org/packages/virtual/udev).
Enable the systemd USE ag globally (in make.conf). The consolekit USE ag should also be disabled to prevent
conicts with the systemd-logind service. It is also possible to switch to a systemd subprole to use saner USE
ags defaults in which case it is not necessary to change make.conf:
root # eselect profile list
Finally update the system with the new ags:

root # emerge -avDN @world
When dependency problems occur (such as sys-fs/udev (https://packages.gentoo.org/packages/sys-fs/udev)

blocking sys-apps/systemd (https://packages.gentoo.org/packages/sys-apps/systemd)), sys-fs/udev
(https://packages.gentoo.org/packages/sys-fs/udev) might be registered in the world le. Try to resolve this by
deselecting it:
root # emerge --deselect sys-fs/udev
Booting with systemd

In order to run systemd, switch the init that the executable kernel (or the initramfs) uses.
Warning
The services that are set up for the previous service manager will not be automatically started. This is because
the system is switching to a dierent service manager. In order to obtain back the functionality like networking
or a login manager, these services will need to be enabled again. More information about this follows in the
services section later in this article.
Note
In case the migration yields a broken state, it is always possible to boot back into the default service manager
(OpenRC) by undoing this init change step. This allows safe return and a way to follow through the
troubleshooting section at the end of this article to x the problem.
The following subsections document how to switch the init in one of the boot managers or the kernel.
Grub Legacy (0.x)

The init=/usr/lib/systemd/systemd argument should be added to the kernel command-line. An example excerpt
from grub.conf would look like so:
FILE
/boot/grub/grub.conf Example GRUB cong for systemd
title=Gentoo with systemd

root (hd0,0)
kernel /vmlinuz root=/dev/sda2 init=/usr/lib/systemd/systemd
Should the system boot using OpenRC, try using real_init instead of init .
Grub 2
When grub2-mkconfig is used, add the init option to GRUB_CMDLINE_LINUX:
Note
This is not needed when using an initramfs generated by dracut with systemd inside as the initramfs already
starts systemd.
5 of 18
09/03/2016 02:55
FILE
/etc/default/grub Congure GRUB 2 for systemd
# Append parameters to the linux kernel command line

GRUB_CMDLINE_LINUX="init=/usr/lib/systemd/systemd"
When the GRUB 2 conguration le is written by hand (experts only), append the init= parameter to the linux or
linux16 command.
FILE
/boot/grub/grub.cfg Example GRUB2 conguration fragment
linux /vmlinuz-3.10.9 root=UUID=508868e4-54c6-4e6b-84b0-b3b28b1656b6 init=/usr/lib/systemd/systemd
When using genkernel-next's initrd, use real_init instead of init .

Note
This use of the deprecated real_init should not be needed for stable versions of genkernel-next.
In kernel config
The init conguration can also be hard-coded in the kernel conguration. See Processor type and features ->
Built-in kernel command line. Note that this technique works for both grub and grub2.
Setting root password

At this point don't forget to set the system's root password. If something goes wrong, systemd will prompt for the
root password to go into maintenance mode.
Post-installation configuration
systemd supports a few system conguration les to set the most basic system details.
Note
While some system conguration parameters can be updated by modifying the appropriate conguration
les, most settings are managed using utilities that require systemd to be running. In this case, it is safe to
reboot the computer with systemd and use the hostnamectl, localectl, and timedatectl utilities as
required.
Hostname
To set the hostname, create/edit /etc/hostname and simply provide the desired hostname.
When booted using systemd, a tool called hostnamectl exists for editing /etc/hostname and /etc/machine-info.
To change the hostname, run:
root # hostnamectl set-hostname <HOSTNAME>
Refer to man hostnamectl for more options.
Locale
Usually, locales will be properly migrated from OpenRC when installing systemd. When required, the locale can be
set in /etc/locale.conf as per the Gentoo handbook instructions:
FILE
/etc/locale.conf System locale conguration
LANG="en_US.utf8"
Once booted with systemd, the tool localectl is used to set locale and console or X11 keymaps. To change the
system locale, run the following command:
6 of 18
09/03/2016 02:55
root # localectl set-locale LANG=<LOCALE>
To change the virtual console keymap:

root # localectl set-keymap <KEYMAP>
And nally, to set the X11 layout:

root # localectl set-x11-keymap <LAYOUT>
If needed the model, variant and options can be specied as well:

root # localectl set-x11-keymap <LAYOUT> <MODEL> <VARIANT> <OPTIONS>
Time and date

Time and date can be set using the timedatectl utility. That will also allow users to set up synchronization without
needing to rely on net-misc/ntp (https://packages.gentoo.org/packages/net-misc/ntp) or other providers than
systemd's own implementation.
To learn how to use timedatectl simply run:
root # timedatectl --help
Automatic module loading

Automatic module loading is congured in a dierent le, or rather directory of les. The conguration les are
stored in /etc/modules-load.d. On boot every le with a list of modules will be loaded. The le format is a list of
modules separated by newlines and can have any name as long as it ends with .conf. The module loading can be
separated by program, service or whatever way that ts personal preference. An example virtualbox.conf is
listed below:
FILE
/etc/modules-load.d/virtualbox.conf Example le for the virtualbox modules
vboxdrv
vboxnetflt
vboxnetadp
vboxpci
Network
systemd-networkd
systemd-networkd is useful for simple conguration of wired network interfaces. It is disabled by default.
To congure systemd-networkd, create a *.network le under /etc/systemd/network. See systemd.network(5)
(http://www.freedesktop.org/software/systemd/man/systemd.network.html) for reference. A simple DHCP
conguration is given below:
FILE
/etc/systemd/network/50-dhcp.network
[Match]
Name=en*
[Network]
DHCP=yes
root # systemctl enable systemd-networkd.service

root # systemctl start systemd-networkd.service
Note that systemd-networkd does not update resolv.conf by default. To have systemd manage the DNS settings,
replace resolv.conf with a symlink and start systemd-resolved.
root # ln -snf /run/systemd/resolve/resolv.conf /etc/resolv.conf
root # systemctl enable systemd-resolved.service
root # systemctl start systemd-resolved.service
NetworkManager
7 of 18
09/03/2016 02:55
Often NetworkManager is used to congure network settings. For that purpose, simply run the following command
when using an X11-powered desktop:
root # nm-connection-editor
If that is not the case and the network needs to be congured from console, give nmcli (https://access.redhat.com
/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Networking_Guide
/sec-Using_the_NetworkManager_Command_Line_Tool_nmcli.html) a try, or follow a guided conguration process
through nmtui:
root # nmtui
nmtui (https://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/7/html/Networking_Guide
/sec-Networking_Cong_Using_nmtui.html) is a curses frontend that will guide the user in the process while
running in console mode.
Handling of log files

systemd has its own way of handling log les without needing to rely on any external log system (like
app-admin/syslog-ng (https://packages.gentoo.org/packages/app-admin/syslog-ng) or app-admin/rsyslog
(https://packages.gentoo.org/packages/app-admin/rsyslog)). Messages can now be read with journalctl. It can
still be congured to use a preferred external tool for handling them. See man journald.conf to learn how to
congure journald to suit personal needs.
Some common journalctl options:
Command line options
for journalctl
Result
journalctl without
Show all log entries, starting with earliest.
options
-b , --boot
Show all log entries from this boot.
-r , --reverse
Newest entries rst.
-f , --follow
Show the last few entries and display new log entries as they're being produced.
-p , --priority=
Specify (minimum) priority to display messages, with a choice from: "emerg" (0),
"alert" (1), "crit" (2), "err" (3), "warning" (4), "notice" (5), "info" (6), "debug" (7).
--since= , --until=
Restrict entries by time. Accepts the format "YYYY-MM-DD hh:mm:ss" or the strings
"yesterday", "today" and "tomorrow".
-n , --lines=
Restrict to a number of entries.
-k , --dmesg
Restrict to kernel messages.
-u , --unit=
Restrict to a certain Systemd unit.
For more information and many more options, look at man journalctl.
/tmp is now in tmpfs

Unless some other lesystem is explicitly mounted to /tmp in /etc/fstab, systemd will mount /tmp as tmpfs. That
means it will be emptied on every boot and its size will be limited to 50% of the system's RAM size. To know why
this is the desired behavior and how to modify it, take a look at API File Systems (http://www.freedesktop.org
/wiki/Software/systemd/APIFileSystems/).
Configure verbosity of boot process

When migrating to systemd users usually notice dierences regarding verbosity of boot process:
The boot option quiet not only inuences the kernel output, but also that of systemd itself. Then, while
setting up systemd for the machine, drop the option to see any errors could arise more easily. After that, add
it back to get a quiet (and faster) boot.
Even passing the quiet boot option, systemd can still be congured to show its status by also passing
systemd.show_status=1 .
When not using the quiet boot option, some messages might be overwriting consoles. That is caused by the
8 of 18
09/03/2016 02:55
kernel conguration (see man 5 proc and look for /proc/sys/kernel/printk). To tweak it pass the
loglevel=5 boot parameter to the kernel (and update the value according to preference, for instance set a
lower value like 1).
Services
At some point the system will need to be rebooted in order to get systemd running (in system mode). Be sure to
read all of this document to ensure systemd is congured as completely as possible before rebooting. Note that
journalctl works with systemd not running, but that systemctl will not do anything useful without systemd
running. Complete the service conguration (enabling and starting of services) after logging in to the system
running systemd.
OpenRC services
Although systemd originally intended to support running old init.d scripts, that support is not suited well for a
dependency-based RC like OpenRC and thus is completely disabled on Gentoo. OpenRC provides additional
measures to ensure that init.d scripts can't be run when OpenRC was not used to boot the system (otherwise the
results would be unpredictable).
Listing available services

All available service units can be listed using the list-units argument of systemctl:
root # systemctl list-units
UNIT
boot.automount
proc-sys-fs-binfmt_misc.automount
...
LOAD
ACTIVE SUB
loaded active waiting
loaded active waiting
DESCRIPTION
EFI System Partition Automount
Arbitrary Executable File Formats File System Automo
The following le suxes are of interest:

Sux
Description
.service
plain service les (e.g. ones just running a daemon directly),
.socket
socket listeners (much like inetd),
.path
lesystem triggers for services (running services when les change etc.).
Alternatively the systemctl tool can be used to list all services (including implicit ones):
root # systemctl --all --full
And nally check for services that failed to start:

root # systemctl --failed
Enabling, disabling, starting, and stopping services

The usual way of enabling a service is using the following command:
root # systemctl enable foo.service
Services can be disabled likewise:

root # systemctl disable foo.service
These commands enable services using their default name in default target (both specied in "Install" section of
the service le). However, sometimes services either don't provide that information or users prefer to have
another name/target.
Note that these commands only enable or disable the system to be started on a next boot; to start the service right
now, use:
root # systemctl start foo.service
Services can be stopped likewise:

root # systemctl stop foo.service
9 of 18
09/03/2016 02:55
Installing custom unit files

Custom unit les can be placed in /etc/systemd/system, where they will be recognized after running systemctl
daemon-reload:
root # systemctl daemon-reload
/usr/lib/systemd/system is reserved for service les installed by the package manager.
Customizing unit files

When only minor changes to a unit are needed, there's no need to create a full copy of the original unit le in
/etc/systemd/system. Overriding settings in a package management provided unit can be achieved by drop-in
les in a *.d directory named after the original unit (e.g. apache2.d) in /etc/systemd/system/.
FILE
/etc/systemd/system/apache2.d/mem-limit.conf Example of adding/overriding settings in a service le
[Service]
MemoryLimit=1G
A reload of systemd is needed to inform it of the changes:

root # systemctl daemon-reload
Then the service needs to be restarted to apply the changes:

root # systemctl restart apache2
Verify that the changed property was applied to the service:

root # systemctl show --property=MemoryLimit apache2
MemoryLimit=1074000000
Enabling a service under a custom name

When the name provided by "Alias" in the unit's "[Install]" section does not meet the expectations and providing a
permanent new value for this through a customization is not desired, a symlink can be created manually in
/etc/systemd/system/*.wants/. The name of the *.wants directory can either specify a target or another service
which will depend on the new one.
For example, to install mysqld.service as db.service in the multi-user.target:
root # ln -s /usr/lib/systemd/system/mysqld.service /etc/systemd/system/multi-user.target.wants/db.service
To disable the service, just remove the symlink:

root # rm /etc/systemd/system/multi-user.target.wants/db.service
Native services
Some of Gentoo packages already install systemd unit les. For these services, it is enough to enable them. A quick
summary of packages installing unit les can be seen on systemd eclass users list (http://qa-reports.gentoo.org
/output/eclass-usage/systemd.txt).
The following table lists systemd services matching OpenRC ones:
Migration chart
Gentoo package
sys-apps/openrc
(https://packages.gentoo.org
/packages/sys-apps/openrc)
OpenRC service
systemd unit
Notes
bootmisc
systemd-tmplessetup.service
always enabled, uses tmpfiles.d
consolefont
systemd-vconsolesetup.service
always enabled, uses

vconsole.conf
devfs
dmesg
10 of 18
09/03/2016 02:55
fsck
fsck*.service
pulled in implicitly by mounts
functions.sh
See note
bug #373219
(https://bugs.gentoo.org
/show_bug.cgi?id=373219)
hostname
(builtin)
/etc/hostname
hwclock
See note
always enabled as part of

systemd (ie It is baked in and is
not a unit)
keymaps

vconsole.conf
localmount
local-fs.target
actual units are created implicitly

from fstab
modules
systemd-modulesload.service
killprocs
local

/etc/modules-load.d/*.conf
mount-ro
mtab
netmount
remote-fs.target
numlock
procfs
(builtin)
root
remount-rootfs.service
savecache
n/a
OpenRC internals
swap.target
actual units are created implicitly

from fstab
sysctl
systemd-sysctl.service
sysctl.conf and sysctl.d/
sysfs
(builtin)
termencoding
urandom
systemd-randomseed-load.service
staticroute
swap
swclock

vconsole.conf
systemd-randomseed-save.service
11 of 18
09/03/2016 02:55
12 of 18
app-admin/rsyslog
/packages/app-admin
/rsyslog)
rsyslog
rsyslog.service
app-admin/syslog-ng
/packages/app-admin
/syslog-ng)
syslog-ng
syslog-ng.service
media-sound/alsa-utils
/packages/mediasound/alsa-utils)
alsasound
alsa-store.service
(enabled by default)
alsa-restore.socket
(enabled by default)
net-misc/dhcpcd
/packages/net-misc/dhcpcd)
dhcpcd
dhcpcd.service
net-misc/netifrc
/packages/net-misc/netifrc)
net.*
net@.service
systemd wrapper for net.*

scripts (comes with
net-misc/netifrc)
netctl@.service
net-misc/netctl is originally an
Arch Linux tool.
NetworkManager.service
For <networkmanager-0.9.8.4:
enable NetworkManagerdispatcher.service for
dispatcher.d scripts to work.
Enable NetworkManagerwait-online.service to detect that
the system has a working
internet connection.
Disable all other managers (e.g.,
wicd, dhcpcd) and
wpa_supplicant.
dhcpcd.service
Provided by net-misc/dhcpcd
systemd.networkd.service
Part of systemd
net-misc/openntpd
/packages/net-misc
/openntpd)
ntpd
ntpd.service
net-misc/openssh
/packages/net-misc
/openssh)
sshd
sshd.service
runs sshd as a daemon
sshd.socket
runs sshd on a inetd-like basis

(for each incoming connection)
net-wireless/wpa_supplicant
/packages/net-wireless
/wpa_supplicant)
wpa-supplicant
wpa_supplicant.service
D-Bus controlled daemon (e.g.

for NetworkManager (/wiki
/NetworkManager#Systemd))
wpa_supplicant@.service
interface-specic wpa_supplicant
(used like
wpa_supplicant@wlan0.service)
09/03/2016 02:55
net-print/cups
/packages/net-print/cups)
cupsd
cups.service
classic on-boot start up service
cups.socket
socket and path activation (cups

only started on-demand)
cups.path
net-wireless/bluez
/packages/net-wireless
/bluez)
bluetooth
bluetooth.service
sys-apps/dbus
/packages/sys-apps/dbus)
dbus
dbus.service
sys-apps/irqbalance
/packages/sys-apps
/irqbalance)
irqbalance
sys-apps/microcode-ctl
/packages/sys-apps
/microcode-ctl)
microcode_ctl
sys-fs/udev
/packages/sys-fs/udev)
udev
udev.service
udev-mount
(builtin)
udev-postmount
udev-trigger.service
dbus.socket
irqbalance.service
supports daemon mode only
Congure microcode as a
module to let it load the
microcode itself. Go to
"Processor type and features" ->
"CPU microcode loading
support" and remember to add
the option you need depending
on you having intel or amd
processor.
/dev is mounted as tmpfs
udev-settle.service
sys-power/acpid
/packages/sys-power/acpid)
acpid
acpid.service
Most of its functionality is done

by systemd itself, then, maybe
you could consider to stop
enabling this
x11-apps/xdm
/packages/x11-apps/xdm)
(xdm)
xdm.service
OpenRC uses common xdm init.d

installed by x11-base/xorg-server
/packages/x11-base/xorg-server).
With systemd you will need to
enable corresponding unit le
for each DM (gdm.service,
kdm.service...)
net-rewall/iptables
/packages/net-rewall
/iptables)
iptables
iptables-store.service
iptables-restore.service
Timer services
Since version 197 systemd supports timers, making cron unnecessary on a systemd system. Since version 212
persistent services are supported, replacing even anacron. Persistent timers are run at the next opportunity if the
13 of 18
09/03/2016 02:55
system was powered down when the timer was scheduled.

The following is an example on how to make a simple timer that runs in the context of a user. It will even run if the
user is not logged in. Every timed service needs a timer and a service le that is activated by the timer as follows:
FILE
~/.local/share/systemd/user/backup-work.timer Example of a timer running every working day
[Unit]
Description=daily backup work
RefuseManualStart=no
RefuseManualStop=no
[Timer]
Persistent=false
OnCalendar=Mon-Fri *-*-* 11:30:00
Unit=backup-work.service
[Install]
WantedBy=default.target
FILE
~/.local/share/systemd/user/backup-work.service Example of a service triggering backup
[Unit]
RefuseManualStop=yes
[Service]
Type=oneshot
ExecStart=/home/<user>/scripts/backup-work.sh
Firstly, tell systemd to rescan the service les:

user $ systemctl --user daemon-reload
It is possible to trigger the backup manually by running the following command:

user $ systemctl --user start backup-work.service
Start and stop the timer manually as follows:

user $ systemctl --user start backup-work.timer
user $ systemctl --user stop backup-work.timer
Finally, to activate the timer at every system start, run:

user $ systemctl --user enable backup-work.timer
To check the last results of running the service:

user $ systemctl --user list-timers
Emailing failures
If a timed service runs and fails an e-mail can be send out to inform the user or administrator. This is possible with
the "OnFailure" stanza which species what should happen if a service fails. A failure is detected by a non-zero
return code of the invoked script.
For that change the script as follows:
FILE
14 of 18
~/.local/share/systemd/user/backup-work.service Example of a service triggering backup
09/03/2016 02:55
[Unit]
RefuseManualStop=yes
OnFailure=failure-email@%i.service
[Service]
Type=oneshot
ExecStart=/home/<user>/scripts/backup-work.sh
This requires to have the service failure-email@.service installed, which can be found in kylemanna's
systemd-utils repository (https://github.com/kylemanna/systemd-utils/tree/master/onfailure).
Replacing cron
The above timer and service les can also be added to /usr/lib/systemd/system to make them available
system-wide. The install section should then say WantedBy=multi-user.target to enable the service at system start.
However, cron also runs the scripts in /etc/cron.daily and other locations. Several packages place scripts there
that they expect to be run daily. This behavior can be emulated with systemd by installing
sys-process/systemd-cron (https://packages.gentoo.org/packages/sys-process/systemd-cron). Then activate the
new cron replacement with the following commands:
root # systemctl enable cron.target
root # systemctl start cron.target
Troubleshooting
Gentoo bugtracker: known bugs (https://bugs.gentoo.org/buglist.cgi?quicksearch=systemd&
order=bug_id%20DESC)
Freedesktop.org bugtracker: known bugs (https://bugs.freedesktop.org
/buglist.cgi?bug_status=UNCONFIRMED&bug_status=NEW&bug_status=CONFIRMED&
bug_status=ASSIGNED&bug_status=REOPENED&bug_status=NEEDINFO&bug_status=PLEASETEST&
bug_status=IN_PROGRESS&product=systemd&component=&order=bug_id%20DESC)
Upstream debugging guide (http://freedesktop.org/wiki/Software/systemd/Debugging)
Graphical sessions opened in random places

By default systemd only launches a getty process when it's going to be used. This causes some display managers
(like GDM) to use the remaining TTYs for opening graphical sessions on demand, which can result in having
consoles and graphical sessions placed randomly depending on the order they were used.
To stick with a more "classical" behavior (i.e, consoles placed from tty1 to tty6 and graphical sessions using the
remaining TTYs) force it to always launch getty on those:
root # systemctl enable getty@tty{2,3,4,5,6}.service
lvm
When switching from OpenRC to systemd and lvm is needed to properly mount the system volumes, activate the
lvm service:
root # systemctl enable lvm2-monitor.service
While it might not be needed for activation of the root volume (if lvm is integrated into the initramfs) it might not
work for other lvm volumes, unless the service is activated.
systemd-bootchart
KERNEL
15 of 18
systemd-bootchart support
09/03/2016 02:55
File systems --->

[*] /proc file system support
Kernel hacking --->
[*] Kernel debugging
[*] Collect scheduler debugging info
[*] Collect scheduler statistics
As systemd-bootchart attempts to start /sbin/init, recongure it to invoke systemd instead:

FILE
/etc/systemd/bootchart.conf
...
Init=/usr/lib/systemd/systemd
...
The result of the bootchart is a report in SVG format located in /run/log/.
syslog-ng conflicts with systemd

systemd creates /dev/log as datagram socket [2] [3] so syslog-ng needs to be told to read from a unix-dgram
instead of a unix-stream as otherwise syslog-ng would be using a "wrong" stream:
FILE
/etc/syslog-ng/syslog-ng.conf
# By default syslog-ng uses unix-stream. Comment this out and add unix-dgram instead.
# unix-stream('/dev/log');
unix-dgram('/dev/log');
sys-fs/cryptsetup configuration
systemd does not seem to respect /etc/conf.d/dmcrypt (see bug #429966 (https://bugs.gentoo.org
/show_bug.cgi?id=429966)) so it needs to be congured through the /etc/crypttab le:
FILE
/etc/crypttab Conguration le for encrypted block devices
crypt-home UUID=c25dd0f3-ecdd-420e-99a8-0ff2eaf3f391 -
You may need to create a new service le from your /etc/crypttab le. To do this, enable the cryptsetup USE ag
for sys-apps/systemd (https://packages.gentoo.org/packages/sys-apps/systemd). It will install /usr/lib/systemd
/system-generators/systemd-cryptsetup-generator. Executing it will create a service le in /tmp/, which you
can now copy to /etc/systemd/system, adjust manually and add to the desired runlevel.
Check for units that failed to start

Check for units that failed to start with:
root # systemctl --failed
Enable Debug Mode

To get more informations set the following in /etc/systemd/system.conf:
FILE
16 of 18
/etc/systemd/system.conf
09/03/2016 02:55
LogLevel=debug
Or enable the debug-shell, that opens a terminal at tty9. This helps to debug services during the boot process.
root # systemctl enable debug-shell.service
e4rat usage
Please remember to edit /etc/e4rat.conf setting 'init' to /usr/lib/systemd/systemd, otherwise it will keep
booting OpenRC.
GRSecurity hardening
With grsecurity enabled, systemd-networkd might log the following error:
CODE
systemd-networkd error
could not find udev device: Permission denied
The error raises due to systemd-networkd working under a non-root user with grsecurity refusing access to the
complete /sys structure for such users. To disable this option, disable the CONFIG_GRKERNSEC_SYSFS_RESTRICT
kernel option.
See also
Comparison of init systems (/wiki/Comparison_of_init_systems) - An article comparing and contrasting the
dierences in Gentoo init systems.
Sakaki's EFI Install Guide (/wiki/Sakaki%27s_EFI_Install_Guide) - Particularly look at the chapter entitled
Conguring systemd and installing necessary tools (/wiki/Sakaki%27s_EFI_Install_Guide
/Conguring_systemd_and_Installing_Necessary_Tools)
OpenRC to Systemd Cheatsheet (/wiki/OpenRC_to_Systemd_Cheatsheet)
External resources
FAQ (http://www.freedesktop.org/wiki/Software/systemd/FrequentlyAskedQuestions)
Tips and tricks (http://www.freedesktop.org/wiki/Software/systemd/TipsAndTricks)
References
1. Eric S. Raymond. http://www.catb.org/jargon/html/R/rc-le.html (http://www.catb.org/jargon/html/R
/rc-le.html) Retrieved on June 27th, 2015
2. Jose Pedro Oliveira. Note about custom syslog-ng congurations les (https://bugzilla.redhat.com
/show_bug.cgi?id=770810#c10), Red Hat Bugzilla (https://bugzilla.redhat.com/), January 11, 2012. Retrieved
on January 12th, 2015
3. Systemd and syslog-ng interaction problems: system freezes / syslog-ng fails to start
(https://fedoraproject.org/wiki/Common_F16_bugs#systemd-syslog-ng-problems), Fedora Project Wiki
(https://fedoraproject.org/wiki/Fedora_Project_Wiki). Retrieved on January 12th, 2015
Retrieved from "http://wiki.gentoo.org/index.php?title=Systemd&oldid=464184 (http://wiki.gentoo.org
/index.php?title=Systemd&oldid=464184)"
Category (/wiki/Special:Categories): Init systems (/wiki/Category:Init_systems)
This page was last modied on 4 March 2016, at 21:20.

20012016 Gentoo Foundation, Inc.
Gentoo is a trademark of the Gentoo Foundation, Inc. The contents of this document, unless otherwise
expressly stated, are licensed under the CC-BY-SA-3.0 (https://creativecommons.org/licenses/by-sa/3.0/)
17 of 18
09/03/2016 02:55
license. The Gentoo Name and Logo Usage Guidelines (https://www.gentoo.org/inside-gentoo

/foundation/name-logo-guidelines.html) apply.
18 of 18
09/03/2016 02:55

System D

Uploaded by

Copyright:

Available Formats

System D

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

System D

Uploaded by

Copyright:

Available Formats

systemd - Gentoo Wiki

From Gentoo Wiki

systemd is a modern SysV-style init and rc (run command) [1]

systemd - Gentoo Wiki

6.9 GRSecurity hardening

Quick setup using gentoo-sources

Gentoo Linux --->

General setup --->

systemd - Gentoo Wiki

General setup --->

For an UEFI system also enable the following:

[*] Enable the block layer --->

The /run directory

systemd - Gentoo Wiki

Ensure /usr is present at boot time

# Dracut modules to add to the default

root # genkernel --install all

See the Initramfs guide (/wiki/Initramfs/Guide) for more alternatives.

Using LVM2 and initramfs

/etc/lvm/lvm.conf Snippet of required changes in lvm.conf

# Set use_lvmetad to '1' for systemd

which activates a lvmetad.service, but current versions of sys-fs/lvm2 (https://packages.gentoo.org/packages

systemd - Gentoo Wiki

/sys-fs/lvm2) don't ship those yet.

Finally update the system with the new ags:

When dependency problems occur (such as sys-fs/udev (https://packages.gentoo.org/packages/sys-fs/udev)

Booting with systemd

Grub Legacy (0.x)

/boot/grub/grub.conf Example GRUB cong for systemd

title=Gentoo with systemd

systemd - Gentoo Wiki

/etc/default/grub Congure GRUB 2 for systemd

# Append parameters to the linux kernel command line

/boot/grub/grub.cfg Example GRUB2 conguration fragment

linux /vmlinuz-3.10.9 root=UUID=508868e4-54c6-4e6b-84b0-b3b28b1656b6 init=/usr/lib/systemd/systemd

When using genkernel-next's initrd, use real_init instead of init .

Setting root password

Refer to man hostnamectl for more options.

/etc/locale.conf System locale conguration

systemd - Gentoo Wiki

root # localectl set-locale LANG=<LOCALE>

To change the virtual console keymap:

And nally, to set the X11 layout:

If needed the model, variant and options can be specied as well:

Time and date

Automatic module loading

/etc/modules-load.d/virtualbox.conf Example le for the virtualbox modules

root # systemctl enable systemd-networkd.service

systemd - Gentoo Wiki

Handling of log files

Show all log entries, starting with earliest.

Show all log entries from this boot.

Newest entries rst.

Restrict to a number of entries.

Restrict to kernel messages.

Restrict to a certain Systemd unit.

/tmp is now in tmpfs

Configure verbosity of boot process

systemd - Gentoo Wiki