[ab4fdfc] | 1 | <?xml version="1.0" encoding="UTF-8"?>
|
---|
[f852e706] | 2 | <!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
|
---|
| 3 | "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
|
---|
| 4 | <!ENTITY % general-entities SYSTEM "../../general.ent">
|
---|
| 5 | %general-entities;
|
---|
| 6 |
|
---|
[6e2eb5cf] | 7 | <!-- <!ENTITY systemd-download-http "https://anduin.linuxfromscratch.org/LFS/systemd-&systemd-version;-&systemd-stable;.tar.xz"> For whenever we move to a stable snapshot for backports -->
|
---|
[4478c65a] | 8 | <!ENTITY systemd-download-http "https://github.com/systemd/systemd/archive/v&systemd-version;/systemd-&systemd-version;.tar.gz">
|
---|
[f852e706] | 9 | <!ENTITY systemd-download-ftp " ">
|
---|
[b044aeb] | 10 | <!ENTITY systemd-md5sum "03bd1ff158ec0bc55428c77a8f8495bd">
|
---|
[5481e1f1] | 11 | <!ENTITY systemd-size "15 MB">
|
---|
[b044aeb] | 12 | <!ENTITY systemd-buildsize "328 MB (with tests)">
|
---|
| 13 | <!ENTITY systemd-time "1.5 SBU (with tests using 4 cores)">
|
---|
[f852e706] | 14 |
|
---|
| 15 | ]>
|
---|
| 16 |
|
---|
[4478c65a] | 17 | <sect1 id="systemd" xreflabel="Systemd-&systemd-version;" revision="systemd">
|
---|
[f852e706] | 18 | <?dbhtml filename="systemd.html"?>
|
---|
| 19 |
|
---|
| 20 |
|
---|
[4478c65a] | 21 | <title>Systemd-&systemd-version;</title>
|
---|
| 22 | <!-- Whenever we switch back to stable backports, make sure to add the systemd-stable reference back. -->
|
---|
[f852e706] | 23 |
|
---|
| 24 | <indexterm zone="systemd">
|
---|
| 25 | <primary sortas="a-systemd">systemd</primary>
|
---|
| 26 | </indexterm>
|
---|
| 27 |
|
---|
| 28 | <sect2 role="package">
|
---|
| 29 | <title>Introduction to systemd</title>
|
---|
| 30 |
|
---|
| 31 | <para>
|
---|
| 32 | While <application>systemd</application> was installed when
|
---|
| 33 | building LFS, there are many features provided by the package that
|
---|
[77a6d25] | 34 | were not included in the initial installation because
|
---|
[f852e706] | 35 | <application>Linux-PAM</application> was not yet installed.
|
---|
| 36 | The <application>systemd</application> package needs to be
|
---|
| 37 | rebuilt to provide a working <command>systemd-logind</command> service,
|
---|
[77a6d25] | 38 | which provides many additional features for dependent packages.
|
---|
[f852e706] | 39 | </para>
|
---|
[8558044] | 40 |
|
---|
[e8b3f50] | 41 | &lfs121_checked;
|
---|
[f852e706] | 42 |
|
---|
| 43 | <bridgehead renderas="sect3">Package Information</bridgehead>
|
---|
| 44 | <itemizedlist spacing="compact">
|
---|
| 45 | <listitem>
|
---|
[b1532549] | 46 | <para>
|
---|
| 47 | Download (HTTP): <ulink url="&systemd-download-http;"/>
|
---|
| 48 | </para>
|
---|
[f852e706] | 49 | </listitem>
|
---|
| 50 | <listitem>
|
---|
[b1532549] | 51 | <para>
|
---|
| 52 | Download (FTP): <ulink url="&systemd-download-ftp;"/>
|
---|
| 53 | </para>
|
---|
[f852e706] | 54 | </listitem>
|
---|
| 55 | <listitem>
|
---|
[b1532549] | 56 | <para>
|
---|
| 57 | Download MD5 sum: &systemd-md5sum;
|
---|
| 58 | </para>
|
---|
[f852e706] | 59 | </listitem>
|
---|
| 60 | <listitem>
|
---|
[b1532549] | 61 | <para>
|
---|
| 62 | Download size: &systemd-size;
|
---|
| 63 | </para>
|
---|
[f852e706] | 64 | </listitem>
|
---|
| 65 | <listitem>
|
---|
[b1532549] | 66 | <para>
|
---|
| 67 | Estimated disk space required: &systemd-buildsize;
|
---|
| 68 | </para>
|
---|
[f852e706] | 69 | </listitem>
|
---|
| 70 | <listitem>
|
---|
[b1532549] | 71 | <para>
|
---|
| 72 | Estimated build time: &systemd-time;
|
---|
| 73 | </para>
|
---|
[f852e706] | 74 | </listitem>
|
---|
| 75 | </itemizedlist>
|
---|
[c130abf] | 76 |
|
---|
[01fb1a6] | 77 | <!-- Comment out (instead of remove) in case a patch will be needed.
|
---|
[b5d17476] | 78 | <bridgehead renderas="sect3">Additional Downloads</bridgehead>
|
---|
| 79 | <itemizedlist spacing="compact">
|
---|
| 80 | <listitem>
|
---|
| 81 | <para>
|
---|
| 82 | Required patch:
|
---|
[d9142ec4] | 83 | <ulink url="&patch-root;/systemd-&systemd-version;-upstream_fixes-1.patch"/>
|
---|
[6406b296] | 84 | </para>
|
---|
| 85 | </listitem>
|
---|
[b5d17476] | 86 | </itemizedlist>
|
---|
[01fb1a6] | 87 | -->
|
---|
[f852e706] | 88 | <bridgehead renderas="sect3">systemd Dependencies</bridgehead>
|
---|
| 89 |
|
---|
[bb4bb1db] | 90 | <bridgehead renderas="sect4">Recommended</bridgehead>
|
---|
| 91 |
|
---|
| 92 | <note>
|
---|
| 93 | <para>
|
---|
| 94 | <xref linkend='linux-pam'/> is not strictly required to build
|
---|
| 95 | <application>systemd</application>, but the main reason to rebuild
|
---|
| 96 | <application>systemd</application> in BLFS (it's already built in
|
---|
| 97 | LFS anyway) is for the <command>systemd-logind</command> daemon and
|
---|
| 98 | the
|
---|
| 99 | <filename class='libraryfile'>pam_systemd.so</filename> PAM module.
|
---|
| 100 | <xref linkend='linux-pam'/> is required for them. All packages in
|
---|
| 101 | BLFS book with a dependency on <application>systemd</application>
|
---|
| 102 | expects it has been rebuilt with <xref linkend='linux-pam'/>.
|
---|
| 103 | </para>
|
---|
| 104 | </note>
|
---|
[f852e706] | 105 |
|
---|
| 106 | <para role="recommended">
|
---|
[bb4bb1db] | 107 | <xref linkend="linux-pam"/> and
|
---|
| 108 | <xref role="runtime" linkend="polkit"/> (runtime)
|
---|
[f852e706] | 109 | </para>
|
---|
| 110 |
|
---|
| 111 | <bridgehead renderas="sect4">Optional</bridgehead>
|
---|
| 112 | <para role="optional">
|
---|
[81e5e5a] | 113 | <xref linkend="btrfs-progs"/>, <!-- homed may support it, see the C.E.-->
|
---|
[f852e706] | 114 | <xref linkend="curl"/>,
|
---|
[b1be08a] | 115 | <xref linkend="cryptsetup"/>,
|
---|
[5fff3896] | 116 | <xref linkend="git"/>,
|
---|
[f852e706] | 117 | <xref linkend="gnutls"/>,
|
---|
| 118 | <xref linkend="iptables"/>,
|
---|
| 119 | <xref linkend="libgcrypt"/>,
|
---|
[531f138] | 120 | <xref linkend="libidn2"/>,
|
---|
[c130abf] | 121 | <xref linkend="libpwquality"/>,
|
---|
[11f3b7e] | 122 | <xref linkend="libseccomp"/>,
|
---|
[f852e706] | 123 | <xref linkend="libxkbcommon"/>,
|
---|
[b1be08a] | 124 | <xref linkend="make-ca"/>,
|
---|
[58ab63b9] | 125 | <xref linkend="p11-kit"/>,
|
---|
[ebb31dbd] | 126 | <xref linkend="pcre2"/>,
|
---|
[f852e706] | 127 | <xref linkend="qemu"/>,
|
---|
[206e0be] | 128 | <xref linkend="qrencode"/>,
|
---|
[115de74] | 129 | <xref linkend="rsync"/>,
|
---|
[c10acfe] | 130 | <xref linkend="sphinx"/>,
|
---|
[f852e706] | 131 | <xref linkend="valgrind"/>,
|
---|
[7c99c52] | 132 | <xref linkend="zsh"/> (for the zsh completions),
|
---|
[dfb8390] | 133 | <ulink url="https://www.apparmor.net/">AppArmor</ulink>,
|
---|
| 134 | <ulink url="https://github.com/linux-audit/audit-userspace">audit-userspace</ulink>,
|
---|
| 135 | <ulink url="https://github.com/scop/bash-completion">bash-completion</ulink>,
|
---|
| 136 | <ulink url="https://jekyllrb.com/">jekyll</ulink>,
|
---|
[f852e706] | 137 | <ulink url="https://www.kernel.org/pub/linux/utils/kernel/kexec/">kexec-tools</ulink>,
|
---|
[7cc0c9d] | 138 | <ulink url="https://github.com/libbpf/libbpf">libbpf</ulink>,
|
---|
[229d0692] | 139 | <ulink url="https://sourceware.org/elfutils/">libdw</ulink>,
|
---|
[ae0944a3] | 140 | <ulink url="https://developers.yubico.com/libfido2/">libfido2</ulink>,
|
---|
[f852e706] | 141 | <ulink url="https://www.gnu.org/software/libmicrohttpd/">libmicrohttpd</ulink>,
|
---|
[5481e1f1] | 142 | <ulink url="https://pypi.org/project/pefile/">pefile</ulink>,
|
---|
[dfb8390] | 143 | <ulink url="https://pypi.org/project/pyelftools/">pyelftools</ulink>,
|
---|
| 144 | <ulink url="https://sourceforge.net/projects/linuxquota/">quota-tools</ulink>,
|
---|
| 145 | <ulink url="https://rpm.org/">rpm</ulink>,
|
---|
| 146 | <ulink url="https://github.com/SELinuxProject/selinux">SELinux</ulink>,
|
---|
| 147 | <ulink url="https://sourceware.org/systemtap/">systemtap</ulink>,
|
---|
[229d0692] | 148 | <ulink url="https://tpm2-tss.readthedocs.io/en/latest/">tpm2-tss</ulink>
|
---|
[dfb8390] | 149 | and <ulink url="https://xenproject.org">Xen</ulink>
|
---|
[f852e706] | 150 | </para>
|
---|
| 151 |
|
---|
| 152 | <bridgehead renderas="sect4">Optional (to rebuild the manual pages)</bridgehead>
|
---|
| 153 | <para role="optional">
|
---|
| 154 | <xref linkend="DocBook"/>,
|
---|
[6f8d4ed] | 155 | <xref linkend="docbook-xsl"/>,
|
---|
| 156 | <xref linkend="libxslt"/>, and
|
---|
| 157 | <xref linkend="lxml"/> (to build the index of systemd manual pages)
|
---|
[f852e706] | 158 | </para>
|
---|
| 159 |
|
---|
[2f19398] | 160 | <para condition="html" role="usernotes">
|
---|
| 161 | Editor Notes: <ulink url="&blfs-wiki;/Logind"/>
|
---|
| 162 | </para>
|
---|
| 163 |
|
---|
[f852e706] | 164 | </sect2>
|
---|
| 165 |
|
---|
| 166 | <sect2 role="installation">
|
---|
| 167 | <title>Installation of systemd</title>
|
---|
[7c42137] | 168 |
|
---|
[b1532549] | 169 | <para>
|
---|
[4f60bf0] | 170 | Remove two unneeded groups,
|
---|
| 171 | <systemitem class="groupname">render</systemitem> and
|
---|
| 172 | <systemitem class="groupname">sgx</systemitem>, from the default udev
|
---|
[b1532549] | 173 | rules:
|
---|
| 174 | </para>
|
---|
[b4e1b81] | 175 |
|
---|
[4f60bf0] | 176 | <screen><userinput remap="pre">sed -i -e 's/GROUP="render"/GROUP="video"/' \
|
---|
| 177 | -e 's/GROUP="sgx", //' rules.d/50-udev-default.rules.in</userinput></screen>
|
---|
[b4e1b81] | 178 |
|
---|
[f852e706] | 179 | <para>
|
---|
| 180 | Rebuild <application>systemd</application> by running the
|
---|
| 181 | following commands:
|
---|
| 182 | </para>
|
---|
| 183 |
|
---|
[e1a8598d] | 184 | <screen><userinput>mkdir build &&
|
---|
| 185 | cd build &&
|
---|
| 186 |
|
---|
[7c83169b] | 187 | meson setup .. \
|
---|
| 188 | --prefix=/usr \
|
---|
| 189 | --buildtype=release \
|
---|
| 190 | -D default-dnssec=no \
|
---|
| 191 | -D firstboot=false \
|
---|
| 192 | -D install-tests=false \
|
---|
| 193 | -D ldconfig=false \
|
---|
| 194 | -D man=auto \
|
---|
| 195 | -D sysusers=false \
|
---|
| 196 | -D rpmmacrosdir=no \
|
---|
| 197 | -D homed=disabled \
|
---|
| 198 | -D userdb=false \
|
---|
| 199 | -D mode=release \
|
---|
| 200 | -D pam=enabled \
|
---|
| 201 | -D pamconfdir=/etc/pam.d \
|
---|
| 202 | -D dev-kvm-mode=0660 \
|
---|
| 203 | -D nobody-group=nogroup \
|
---|
| 204 | -D sysupdate=disabled \
|
---|
| 205 | -D ukify=disabled \
|
---|
| 206 | -D docdir=/usr/share/doc/systemd-&systemd-version; &&
|
---|
[e1a8598d] | 207 |
|
---|
[71becb2] | 208 | ninja</userinput></screen>
|
---|
[bdfc854] | 209 | <!-- Regarding homed and userdb, see the note below in Command Explanations-->
|
---|
[f852e706] | 210 |
|
---|
| 211 | <note>
|
---|
| 212 | <para>
|
---|
[48771ae] | 213 | For the best test results, make sure you run the test suite from
|
---|
[f852e706] | 214 | a system that is booted by the same
|
---|
| 215 | <application>systemd</application> version you are rebuilding.
|
---|
| 216 | </para>
|
---|
| 217 | </note>
|
---|
| 218 |
|
---|
| 219 | <para>
|
---|
[92981242] | 220 | To test the results, issue: <command>ninja test</command>.
|
---|
[04c01df] | 221 | The test named <filename>test-stat-util</filename> is known to fail
|
---|
[92981242] | 222 | if some kernel features are not enabled.
|
---|
[88af2cc] | 223 | If the test suite is run as the &root; user, some
|
---|
[f935d0d] | 224 | other tests may fail because they depend on various kernel
|
---|
| 225 | configuration options.
|
---|
[f852e706] | 226 | </para>
|
---|
| 227 |
|
---|
| 228 | <para>
|
---|
| 229 | Now, as the <systemitem class="username">root</systemitem> user:
|
---|
| 230 | </para>
|
---|
| 231 |
|
---|
[71becb2] | 232 | <screen role="root"><userinput>ninja install</userinput></screen>
|
---|
[7cc0c9d] | 233 |
|
---|
[f852e706] | 234 | </sect2>
|
---|
| 235 |
|
---|
[bdfc854] | 236 | <sect2 role="commands">
|
---|
| 237 | <title>Command Explanations</title>
|
---|
| 238 |
|
---|
[3918112a] | 239 | <xi:include xmlns:xi="http://www.w3.org/2001/XInclude"
|
---|
| 240 | href="../../xincludes/meson-buildtype-release.xml"/>
|
---|
| 241 |
|
---|
[ae0944a3] | 242 | <para>
|
---|
[7c83169b] | 243 | <parameter>-D pamconfdir=/etc/pam.d</parameter>: Forces the PAM files to
|
---|
[ae0944a3] | 244 | be installed in /etc/pam.d rather than /usr/lib/pam.d.
|
---|
| 245 | </para>
|
---|
| 246 |
|
---|
[bdfc854] | 247 | <para>
|
---|
[7c83169b] | 248 | <parameter>-D userdb=false</parameter>: Removes a daemon that does not
|
---|
[bdfc854] | 249 | offer any use under a BLFS configuration. If you wish to enable the
|
---|
| 250 | <application>userdbd</application> daemon, replace "false" with "true"
|
---|
| 251 | in the above meson command.
|
---|
| 252 | </para>
|
---|
| 253 |
|
---|
| 254 | <para>
|
---|
[7c83169b] | 255 | <parameter>-D homed=disabled</parameter>: Removes a daemon that does not offer
|
---|
[bdfc854] | 256 | any use under a traditional BLFS configuration, especially using accounts
|
---|
| 257 | created with useradd. To enable systemd-homed, first ensure that you have
|
---|
[f1a479c7] | 258 | <xref linkend="cryptsetup"/> and <xref linkend="libpwquality"/> installed,
|
---|
[5481e1f1] | 259 | and then change <quote>disabled</quote> to <quote>enabled</quote>
|
---|
| 260 | in the above <command>meson setup</command> command.
|
---|
| 261 | </para>
|
---|
| 262 |
|
---|
| 263 | <para>
|
---|
[7c83169b] | 264 | <parameter>-D ukify=disabled</parameter>: Removes a script for
|
---|
[5481e1f1] | 265 | combining a kernel, an initramfs, and a kernel command line etc.
|
---|
| 266 | into an UEFI application which can be loaded by the UEFI firmware
|
---|
| 267 | to start the embedded Linux kernel. It's not needed for booting a
|
---|
| 268 | BLFS system with UEFI if following <xref linkend='grub-setup'/>.
|
---|
| 269 | And, it requires the <application>pefile</application> Python module
|
---|
| 270 | at runtime, so if it's enabled but <application>pefile</application>
|
---|
| 271 | is not installed, in the test suite one test for it will fail. To
|
---|
| 272 | enable <command>systemd-ukify</command>, install the
|
---|
| 273 | <application>pefile</application> module and then change
|
---|
| 274 | <quote>disabled</quote> to <quote>enabled</quote> in the above
|
---|
| 275 | <command>meson setup</command> command.
|
---|
[bdfc854] | 276 | </para>
|
---|
| 277 |
|
---|
| 278 | <!-- EDITORS NOTE: Explanation on removing userdbd and homed:
|
---|
| 279 | In BLFS, we do not fully support disk encryption. We offer instructions for
|
---|
| 280 | building 'cryptsetup' as a dependency, but we do not offer instructions for
|
---|
| 281 | actually configuring it. In addition, we generally do not include
|
---|
| 282 | functionality that could potentially conflict with other packages, or that
|
---|
| 283 | is not of any use to us (in an enterprise configuration using Thin Clients
|
---|
| 284 | or laptops with LUKS encryption, it could make sense though, but that isn't
|
---|
| 285 | the configuration that we natively support).
|
---|
| 286 |
|
---|
| 287 | A few of the complications of systemd-homed include:
|
---|
| 288 | - SSH Logins
|
---|
| 289 | - Disk Space Assignments
|
---|
| 290 | - UID Assignments (chown() on login)
|
---|
| 291 | (See https://cfp.all-systems-go.io/media/homed-asg2019.pdf)
|
---|
| 292 |
|
---|
| 293 | In an article I read when systemd-homed was originally unveiled, I remember
|
---|
| 294 | reading about systemd-homed causing problems with OpenSSH Private Key Auth
|
---|
| 295 | because the user would have to login at the console in order to unlock
|
---|
| 296 | their home directory, thus allowing the private key to be unlocked and
|
---|
| 297 | processed by OpenSSH. Since BLFS does not fully support encrypted disks,
|
---|
| 298 | and because systemd-homed is incompatible with our usage of useradd /
|
---|
| 299 | traditional UNIX users and groups, I advise that we take the following
|
---|
| 300 | approach to avoid any confusion:
|
---|
| 301 |
|
---|
| 302 | - Leave the added Short Descriptions for homectl and userdbctl
|
---|
| 303 | - Add the above command explanations and restore the previous behavior
|
---|
| 304 |
|
---|
[8558044] | 305 | Should we decide to enable homed by default anytime in the future,
|
---|
[bdfc854] | 306 | let's move cryptsetup to recommended or required.
|
---|
| 307 |
|
---|
| 308 | I would be open to discussing this after the next systemd version when
|
---|
| 309 | systemd-homed has matured a bit more. -renodr -->
|
---|
| 310 |
|
---|
| 311 | </sect2>
|
---|
| 312 |
|
---|
[f852e706] | 313 | <sect2 role="configuration">
|
---|
| 314 | <title>Configuring systemd</title>
|
---|
| 315 |
|
---|
| 316 | <para>
|
---|
[325d88d6] | 317 | The <filename>/etc/pam.d/system-session</filename> file needs to
|
---|
[f852e706] | 318 | be modified and a new file needs to be created in order for
|
---|
| 319 | <command>systemd-logind</command> to work correctly. Run the following
|
---|
| 320 | commands as the <systemitem class="username">root</systemitem> user:
|
---|
| 321 | </para>
|
---|
| 322 |
|
---|
[cb8d788] | 323 | <screen role="root"><userinput>grep 'pam_systemd' /etc/pam.d/system-session ||
|
---|
| 324 | cat >> /etc/pam.d/system-session << "EOF"
|
---|
[f852e706] | 325 | <literal># Begin Systemd addition
|
---|
[8558044] | 326 |
|
---|
[d267a13] | 327 | session required pam_loginuid.so
|
---|
| 328 | session optional pam_systemd.so
|
---|
[f852e706] | 329 |
|
---|
| 330 | # End Systemd addition</literal>
|
---|
| 331 | EOF
|
---|
| 332 |
|
---|
| 333 | cat > /etc/pam.d/systemd-user << "EOF"
|
---|
| 334 | <literal># Begin /etc/pam.d/systemd-user
|
---|
| 335 |
|
---|
[d267a13] | 336 | account required pam_access.so
|
---|
| 337 | account include system-account
|
---|
[f852e706] | 338 |
|
---|
[d267a13] | 339 | session required pam_env.so
|
---|
| 340 | session required pam_limits.so
|
---|
| 341 | session required pam_loginuid.so
|
---|
| 342 | session optional pam_keyinit.so force revoke
|
---|
| 343 | session optional pam_systemd.so
|
---|
[f852e706] | 344 |
|
---|
[d267a13] | 345 | auth required pam_deny.so
|
---|
| 346 | password required pam_deny.so
|
---|
[f852e706] | 347 |
|
---|
| 348 | # End /etc/pam.d/systemd-user</literal>
|
---|
| 349 | EOF</userinput></screen>
|
---|
| 350 |
|
---|
[0daaeef2] | 351 | <!-- For some unknown reason if I don't do this, the per-user systemd
|
---|
| 352 | manager fails to start with "Trying to run as user instance,
|
---|
| 353 | but $XDG_RUNTIME_DIR is not set." This command is enough to
|
---|
| 354 | fix the issue, and it also seems logical to start using the newly
|
---|
| 355 | rebuilt systemd right away (like "exec bash -‐login" in LFS),
|
---|
| 356 | so just add it. -->
|
---|
| 357 | <para>
|
---|
| 358 | As the &root; user, replace the running <command>systemd</command>
|
---|
| 359 | manager (the <command>init</command> process) with the
|
---|
| 360 | <command>systemd</command> executable newly built and installed:
|
---|
| 361 | </para>
|
---|
| 362 |
|
---|
| 363 | <screen role='root'><userinput>systemctl daemon-reexec</userinput></screen>
|
---|
| 364 |
|
---|
| 365 | <important>
|
---|
| 366 | <para>
|
---|
| 367 | Now ensure <xref linkend='shadow'/> has been already rebuilt with
|
---|
| 368 | <xref linkend='linux-pam'/> support first, then logout, and login
|
---|
| 369 | again. This ensures the running login session registered with
|
---|
| 370 | <command>systemd-logind</command> and a per-user systemd instance
|
---|
| 371 | running for each user owning a login session. Many BLFS packages
|
---|
| 372 | listing Systemd as a dependency needs the
|
---|
| 373 | <command>systemd-logind</command> integration and/or a running
|
---|
| 374 | per-user systemd instance.
|
---|
| 375 | </para>
|
---|
| 376 | </important>
|
---|
| 377 |
|
---|
[b1532549] | 378 | <warning>
|
---|
| 379 | <para>
|
---|
| 380 | If upgrading from a previous version of systemd and an
|
---|
| 381 | initrd is used for system boot, you should generate a new initrd before
|
---|
| 382 | rebooting the system.
|
---|
| 383 | </para>
|
---|
| 384 | </warning>
|
---|
[f852e706] | 385 |
|
---|
| 386 | </sect2>
|
---|
| 387 |
|
---|
| 388 | <sect2 role="content">
|
---|
| 389 | <title>Contents</title>
|
---|
| 390 |
|
---|
| 391 | <para>
|
---|
| 392 | A list of the installed files, along with their short
|
---|
| 393 | descriptions can be found at
|
---|
[f0dc9578] | 394 | <ulink url="&lfs-root;/chapter08/systemd.html#contents-systemd"/>.
|
---|
[f852e706] | 395 | </para>
|
---|
| 396 |
|
---|
| 397 | <para>
|
---|
[a17c33d] | 398 | Listed below are the newly installed programs
|
---|
[f852e706] | 399 | along with short descriptions.
|
---|
| 400 | </para>
|
---|
| 401 |
|
---|
| 402 | <segmentedlist>
|
---|
| 403 | <segtitle>Installed Programs</segtitle>
|
---|
| 404 |
|
---|
| 405 | <seglistitem>
|
---|
| 406 | <seg>
|
---|
[6a609bd7] | 407 | <!-- maybe userdbd/userdbctl can go in LFS, try at next time -->
|
---|
[aa3a5e0] | 408 | homectl (optional),
|
---|
[6cbf1b1] | 409 | systemd-cryptenroll (if <xref linkend="cryptsetup"/> is installed),
|
---|
[aa3a5e0] | 410 | and userdbctl (optional)
|
---|
[f852e706] | 411 | </seg>
|
---|
| 412 | </seglistitem>
|
---|
| 413 | </segmentedlist>
|
---|
| 414 |
|
---|
| 415 | <variablelist>
|
---|
| 416 | <bridgehead renderas="sect3">Short Descriptions</bridgehead>
|
---|
| 417 | <?dbfo list-presentation="list"?>
|
---|
| 418 | <?dbhtml list-presentation="table"?>
|
---|
| 419 |
|
---|
[6a609bd7] | 420 | <varlistentry id="homectl">
|
---|
| 421 | <term><command>homectl</command></term>
|
---|
| 422 | <listitem>
|
---|
| 423 | <para>
|
---|
| 424 | is a tool to create, remove, change, or inspect a home directory
|
---|
| 425 | managed by <command>systemd-homed</command>; note that it's
|
---|
| 426 | useless for the classic UNIX users and home directories which
|
---|
| 427 | we are using in LFS/BLFS book
|
---|
| 428 | </para>
|
---|
| 429 | <indexterm zone="systemd homectl">
|
---|
| 430 | <primary sortas="b-homectl">homectl</primary>
|
---|
| 431 | </indexterm>
|
---|
| 432 | </listitem>
|
---|
| 433 | </varlistentry>
|
---|
| 434 |
|
---|
[6cbf1b1] | 435 | <varlistentry id="systemd-cryptenroll">
|
---|
| 436 | <term><command>systemd-cryptenroll</command></term>
|
---|
| 437 | <listitem>
|
---|
| 438 | <para>
|
---|
| 439 | Is used to enroll or remove a system from full disk encryption,
|
---|
| 440 | as well as set and query private keys and recovery keys
|
---|
| 441 | </para>
|
---|
| 442 | <indexterm zone="systemd systemd-cryptenroll">
|
---|
| 443 | <primary sortas="b-systemd-cryptenroll">systemd-cryptenroll</primary>
|
---|
| 444 | </indexterm>
|
---|
| 445 | </listitem>
|
---|
| 446 | </varlistentry>
|
---|
| 447 |
|
---|
[6a609bd7] | 448 | <varlistentry id="userdbctl">
|
---|
| 449 | <term><command>userdbctl</command></term>
|
---|
| 450 | <listitem>
|
---|
| 451 | <para>
|
---|
[ccc69593] | 452 | inspects users, groups, and group memberships
|
---|
[6a609bd7] | 453 | </para>
|
---|
| 454 | <indexterm zone="systemd userdbctl">
|
---|
| 455 | <primary sortas="b-userdbctl">userdbctl</primary>
|
---|
| 456 | </indexterm>
|
---|
| 457 | </listitem>
|
---|
| 458 | </varlistentry>
|
---|
| 459 |
|
---|
[f852e706] | 460 | <varlistentry id="pam_systemd">
|
---|
| 461 | <term><filename class="libraryfile">pam_systemd.so</filename></term>
|
---|
| 462 | <listitem>
|
---|
| 463 | <para>
|
---|
| 464 | is a PAM module used to register user sessions with the
|
---|
| 465 | <application>systemd</application> login manager,
|
---|
[4c24eb0a] | 466 | <command>systemd-logind</command>
|
---|
[f852e706] | 467 | </para>
|
---|
| 468 | <indexterm zone="systemd pam_systemd">
|
---|
| 469 | <primary sortas="c-pam_systemd">pam_systemd.so</primary>
|
---|
| 470 | </indexterm>
|
---|
| 471 | </listitem>
|
---|
| 472 | </varlistentry>
|
---|
| 473 |
|
---|
| 474 | </variablelist>
|
---|
| 475 |
|
---|
| 476 | </sect2>
|
---|
| 477 |
|
---|
| 478 | </sect1>
|
---|