source: general/sysutils/systemd.xml@ a761478

10.0 10.1 11.0 11.1 11.2 11.3 12.0 12.1 12.2 gimp3 kea ken/TL2024 ken/inkscape-core-mods ken/tuningfonts lazarus lxqt plabs/newcss plabs/python-mods python3.11 qt5new rahul/power-profiles-daemon renodr/vulkan-addition trunk upgradedb xry111/for-12.3 xry111/intltool xry111/llvm18 xry111/soup3 xry111/spidermonkey128 xry111/test-20220226 xry111/xf86-video-removal
Last change on this file since a761478 was a761478, checked in by Douglas R. Reno <renodr@…>, 5 years ago

Remove the systemctl instructions from systemd and dbus.
Update to EOG-3.36.1
Update to Evince-3.36.0
Update to evolution-3.36.1
Update to file-roller-3.36.1
Update to gnome-calculator-3.36.0
Update to gnome-disk-utility-3.36.1
Update to gnome-maps-3.36.1
Update to gnome-screenshot-3.36.0
Update to gnome-system-monitor-3.36.0
Update to gnome-terminal-3.36.1.1

git-svn-id: svn://svn.linuxfromscratch.org/BLFS/trunk/BOOK@22940 af4574ff-66df-0310-9fd7-8a98e5e911e0

  • Property mode set to 100644
File size: 15.0 KB
Line 
1<?xml version="1.0" encoding="ISO-8859-1"?>
2<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
3 "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
4 <!ENTITY % general-entities SYSTEM "../../general.ent">
5 %general-entities;
6
7 <!-- <!ENTITY systemd-download-http "http://anduin.linuxfromscratch.org/LFS/systemd-&systemd-version;-&systemd-stable;.tar.xz"> For whenever we move to a stable snapshot for backports -->
8 <!ENTITY systemd-download-http "https://github.com/systemd/systemd/archive/v&systemd-version;/systemd-&systemd-version;.tar.gz">
9 <!ENTITY systemd-download-ftp " ">
10 <!ENTITY systemd-md5sum "04f02d9841ea5992a16f6b03c873da28">
11 <!ENTITY systemd-size "8.6 MB">
12 <!ENTITY systemd-buildsize "246 MB (with tests)">
13 <!ENTITY systemd-time "2.1 SBU (with tests)">
14
15]>
16
17<sect1 id="systemd" xreflabel="Systemd-&systemd-version;" revision="systemd">
18 <?dbhtml filename="systemd.html"?>
19
20 <sect1info>
21 <othername>$LastChangedBy$</othername>
22 <date>$Date$</date>
23 </sect1info>
24
25 <title>Systemd-&systemd-version;</title>
26 <!-- Whenever we switch back to stable backports, make sure to add the systemd-stable reference back. -->
27
28 <indexterm zone="systemd">
29 <primary sortas="a-systemd">systemd</primary>
30 </indexterm>
31
32 <sect2 role="package">
33 <title>Introduction to systemd</title>
34
35 <para>
36 While <application>systemd</application> was installed when
37 building LFS, there are many features provided by the package that
38 were not included in the initial installation because
39 <application>Linux-PAM</application> was not yet installed.
40 The <application>systemd</application> package needs to be
41 rebuilt to provide a working <command>systemd-logind</command> service,
42 which provides many additional features for dependent packages.
43 </para>
44
45 &lfs91_checked;
46
47 <bridgehead renderas="sect3">Package Information</bridgehead>
48 <itemizedlist spacing="compact">
49 <listitem>
50 <para>
51 Download (HTTP): <ulink url="&systemd-download-http;"/>
52 </para>
53 </listitem>
54 <listitem>
55 <para>
56 Download (FTP): <ulink url="&systemd-download-ftp;"/>
57 </para>
58 </listitem>
59 <listitem>
60 <para>
61 Download MD5 sum: &systemd-md5sum;
62 </para>
63 </listitem>
64 <listitem>
65 <para>
66 Download size: &systemd-size;
67 </para>
68 </listitem>
69 <listitem>
70 <para>
71 Estimated disk space required: &systemd-buildsize;
72 </para>
73 </listitem>
74 <listitem>
75 <para>
76 Estimated build time: &systemd-time;
77 </para>
78 </listitem>
79 </itemizedlist>
80
81<!--
82 <bridgehead renderas="sect3">Additional Downloads</bridgehead>
83 <itemizedlist spacing="compact">
84 <listitem>
85 <para>
86 Required patch:
87 <ulink url="&patch-root;/systemd-&systemd-version;-seccomp_and_cpuaffinity_fix-1.patch"/>
88 </para>
89 </listitem>
90 </itemizedlist>
91-->
92
93 <bridgehead renderas="sect3">systemd Dependencies</bridgehead>
94
95 <bridgehead renderas="sect4">Required</bridgehead>
96 <para role="required">
97 <xref linkend="linux-pam"/>
98 </para>
99
100 <bridgehead renderas="sect4">Recommended Runtime Dependencies</bridgehead>
101 <para role="recommended">
102 <xref role="runtime" linkend="polkit"/>
103 </para>
104
105 <bridgehead renderas="sect4">Optional</bridgehead>
106 <para role="optional">
107 <xref linkend="btrfs-progs"/> <!-- homed may support it, see the C.E.-->
108 <xref linkend="curl"/>,
109 <xref linkend="cryptsetup"/>,
110 <xref linkend="git"/>,
111 <xref linkend="gnutls"/>,
112 <xref linkend="iptables"/>,
113 <xref linkend="libgcrypt"/>,
114 <xref linkend="libidn2"/>,
115 <xref linkend="libpwquality"/>,
116 <xref linkend="libseccomp"/>,
117 <xref linkend="libxkbcommon"/>,
118 <xref linkend="make-ca"/>,
119 <xref linkend="pcre2"/>,
120 <xref linkend="qemu"/>,
121 <xref linkend="valgrind"/>,
122 <xref linkend="zsh"/> (for the zsh completions),
123 <ulink url="http://sourceforge.net/projects/gnu-efi/">gnu-efi</ulink>,
124 <ulink url="https://www.kernel.org/pub/linux/utils/kernel/kexec/">kexec-tools</ulink>,
125 <ulink url="https://www.gnu.org/software/libmicrohttpd/">libmicrohttpd</ulink>,
126 <ulink url="http://lz4.github.io/lz4/">lz4</ulink>,
127 <ulink url="http://fukuchi.org/works/qrencode/">qrencode</ulink>,
128 <ulink url="http://sourceforge.net/projects/linuxquota/">quota-tools</ulink> and
129 <ulink url="https://pypi.python.org/pypi/Sphinx">Sphinx</ulink>
130 </para>
131
132 <bridgehead renderas="sect4">Optional (to rebuild the manual pages)</bridgehead>
133 <para role="optional">
134 <xref linkend="DocBook"/>,
135 <xref linkend="docbook-xsl"/>,
136 <xref linkend="libxslt"/>, and
137 <xref linkend="lxml"/> (to build the index of systemd manual pages)
138 </para>
139
140 <para condition="html" role="usernotes">User Notes:
141 <ulink url="&blfs-wiki;/systemd"/>
142 </para>
143 </sect2>
144
145 <sect2 role="installation">
146 <title>Installation of systemd</title>
147 <!--
148 <para>
149 Apply a patch to fix problems with libseccomp-2.4.2+ and Linux-5.4+:
150 </para>
151
152<screen><userinput remap="pre">patch -Np1 -i ../systemd-&systemd-version;-seccomp_and_cpuaffinity_fix-1.patch</userinput></screen>
153 -->
154
155 <para>
156 Remove an unneeded group,
157 <systemitem class="groupname">render</systemitem>, from the default udev
158 rules:
159 </para>
160
161<screen><userinput remap="pre">sed -i 's/GROUP="render", //' rules.d/50-udev-default.rules.in</userinput></screen>
162
163 <para>
164 Rebuild <application>systemd</application> by running the
165 following commands:
166 </para>
167
168<screen><userinput>mkdir build &amp;&amp;
169cd build &amp;&amp;
170
171meson --prefix=/usr \
172 --sysconfdir=/etc \
173 --localstatedir=/var \
174 -Dblkid=true \
175 -Dbuildtype=release \
176 -Ddefault-dnssec=no \
177 -Dfirstboot=false \
178 -Dinstall-tests=false \
179 -Dldconfig=false \
180 -Dman=auto \
181 -Drootprefix= \
182 -Drootlibdir=/lib \
183 -Dsplit-usr=true \
184 -Dsysusers=false \
185 -Drpmmacrosdir=no \
186 -Db_lto=false \
187 -Dhomed=false \
188 -Duserdb=false \
189 .. &amp;&amp;
190
191ninja</userinput></screen>
192<!-- Regarding homed and userdb, see the note below in Command Explanations-->
193
194 <note>
195 <para>
196 For the best test results, make sure you run the testsuite from
197 a system that is booted by the same
198 <application>systemd</application> version you are rebuilding.
199 </para>
200 </note>
201
202 <para>
203 To test the results, issue: <command>ninja test</command>. <!--One test,
204 <filename>udev-test</filename> (test 273) fails due to changes in
205 the Linux 5.3+ kernel. It does not affect the package's
206 functionality. NO LONGER APPLICABLE AS OF 244 -->
207 </para>
208
209<!--
210 <warning>
211 <para>
212 Installing the package will overwrite all files installed by
213 <application>systemd</application> in LFS. It is critical that
214 nothing uses either <application>systemd</application> or
215 <application>Udev</application> libraries during the installation.
216 The best way to ensure that these libraries are not being used is to
217 run the installation in rescue mode. To switch to rescue mode,
218 run the following command as the
219 <systemitem class="username">root</systemitem> user (from a TTY):
220 </para>
221
222<screen role="root"><userinput>systemctl isolate rescue.target</userinput></screen>
223 </warning>
224 Nobody has reported problems with this in years. Let's comment it. -->
225
226 <para>
227 Now, as the <systemitem class="username">root</systemitem> user:
228 </para>
229
230<screen role="root"><userinput>ninja install</userinput></screen>
231 <!-- No longer needed as of systemd-244.
232 <para>
233 Remove a configuration file that causes some problems with PID files:
234 </para>
235
236<screen role="root"><userinput>rm -fv /etc/sysctl.d/50-pid-max.conf</userinput></screen>
237 -->
238 </sect2>
239
240 <sect2 role="commands">
241 <title>Command Explanations</title>
242
243 <para>
244 <parameter>-Duserdb=false</parameter>: Removes a daemon that does not
245 offer any use under a BLFS configuration. If you wish to enable the
246 <application>userdbd</application> daemon, replace "false" with "true"
247 in the above meson command.
248 </para>
249
250 <para>
251 <parameter>-Dhomed=false</parameter>: Remove a daemon that does not offer
252 any use under a traditional BLFS configuration, especially using accounts
253 created with useradd. To enable systemd-homed, first ensure that you have
254 <xref linkend="cryptsetup"/> and <xref linkend="libpwquality"/>, and then
255 change "false" to "true" in the above meson command.
256 </para>
257
258 <!-- EDITORS NOTE: Explanation on removing userdbd and homed:
259 In BLFS, we do not fully support disk encryption. We offer instructions for
260 building 'cryptsetup' as a dependency, but we do not offer instructions for
261 actually configuring it. In addition, we generally do not include
262 functionality that could potentially conflict with other packages, or that
263 is not of any use to us (in an enterprise configuration using Thin Clients
264 or laptops with LUKS encryption, it could make sense though, but that isn't
265 the configuration that we natively support).
266
267 A few of the complications of systemd-homed include:
268 - SSH Logins
269 - Disk Space Assignments
270 - UID Assignments (chown() on login)
271 (See https://cfp.all-systems-go.io/media/homed-asg2019.pdf)
272
273 In an article I read when systemd-homed was originally unveiled, I remember
274 reading about systemd-homed causing problems with OpenSSH Private Key Auth
275 because the user would have to login at the console in order to unlock
276 their home directory, thus allowing the private key to be unlocked and
277 processed by OpenSSH. Since BLFS does not fully support encrypted disks,
278 and because systemd-homed is incompatible with our usage of useradd /
279 traditional UNIX users and groups, I advise that we take the following
280 approach to avoid any confusion:
281
282 - Leave the added Short Descriptions for homectl and userdbctl
283 - Add the above command explanations and restore the previous behavior
284
285 Should we decide to enable homed by default anytime in the future,
286 let's move cryptsetup to recommended or required.
287
288 I would be open to discussing this after the next systemd version when
289 systemd-homed has matured a bit more. -renodr -->
290
291 </sect2>
292
293 <sect2 role="configuration">
294 <title>Configuring systemd</title>
295
296 <para>
297 The <filename>/etc/pam.d/system-session</filename> file needs to
298 be modified and a new file needs to be created in order for
299 <command>systemd-logind</command> to work correctly. Run the following
300 commands as the <systemitem class="username">root</systemitem> user:
301 </para>
302
303<screen role="root"><userinput>cat &gt;&gt; /etc/pam.d/system-session &lt;&lt; "EOF"
304<literal># Begin Systemd addition
305
306session required pam_loginuid.so
307session optional pam_systemd.so
308
309# End Systemd addition</literal>
310EOF
311
312cat &gt; /etc/pam.d/systemd-user &lt;&lt; "EOF"
313<literal># Begin /etc/pam.d/systemd-user
314
315account required pam_access.so
316account include system-account
317
318session required pam_env.so
319session required pam_limits.so
320session required pam_unix.so
321session required pam_loginuid.so
322session optional pam_keyinit.so force revoke
323session optional pam_systemd.so
324
325auth required pam_deny.so
326password required pam_deny.so
327
328# End /etc/pam.d/systemd-user</literal>
329EOF</userinput></screen>
330
331<!--
332 <para>
333 At this point, you should reload the systemd daemon, and reenter
334 multi-user mode with the following commands (as the
335 <systemitem class="username">root</systemitem> user). If a desktop
336 manager is installed and you wish to reenter the graphical mode,
337 replace <userinput>multi-user.target</userinput> with
338 <userinput>graphical.target</userinput>:
339 </para>
340
341<screen role="root"><userinput>systemctl daemon-reexec
342systemctl start multi-user.target</userinput></screen>-->
343
344 <warning>
345 <para>
346 If upgrading from a previous version of systemd and an
347 initrd is used for system boot, you should generate a new initrd before
348 rebooting the system.
349 </para>
350 </warning>
351
352 </sect2>
353
354 <sect2 role="content">
355 <title>Contents</title>
356
357 <para>
358 A list of the installed files, along with their short
359 descriptions can be found at
360 <ulink url="&lfs-root;/chapter06/systemd.html#contents-systemd"/>.
361 </para>
362
363 <para>
364 Listed below are the newly installed libraries and directories
365 along with short descriptions.
366 </para>
367
368 <segmentedlist>
369 <segtitle>Installed Programs</segtitle>
370 <segtitle>Installed Libraries</segtitle>
371 <segtitle>Installed Directories</segtitle>
372
373 <seglistitem>
374 <seg>
375 <!-- maybe userdbd/userdbctl can go in LFS, try at next time -->
376 homectl (if <xref linkend="cryptsetup"/> is installed)
377 and userdbctl (optionally)
378 </seg>
379 <seg>
380 pam_systemd.so
381 (in <filename class="directory">/lib/security</filename>)
382 </seg>
383 <seg>
384 None
385 </seg>
386 </seglistitem>
387 </segmentedlist>
388
389 <variablelist>
390 <bridgehead renderas="sect3">Short Descriptions</bridgehead>
391 <?dbfo list-presentation="list"?>
392 <?dbhtml list-presentation="table"?>
393
394 <varlistentry id="homectl">
395 <term><command>homectl</command></term>
396 <listitem>
397 <para>
398 is a tool to create, remove, change, or inspect a home directory
399 managed by <command>systemd-homed</command>; note that it's
400 useless for the classic UNIX users and home directories which
401 we are using in LFS/BLFS book
402 </para>
403 <indexterm zone="systemd homectl">
404 <primary sortas="b-homectl">homectl</primary>
405 </indexterm>
406 </listitem>
407 </varlistentry>
408
409 <varlistentry id="userdbctl">
410 <term><command>userdbctl</command></term>
411 <listitem>
412 <para>
413 inspect users, groups, and group memberships
414 </para>
415 <indexterm zone="systemd userdbctl">
416 <primary sortas="b-userdbctl">userdbctl</primary>
417 </indexterm>
418 </listitem>
419 </varlistentry>
420
421 <varlistentry id="pam_systemd">
422 <term><filename class="libraryfile">pam_systemd.so</filename></term>
423 <listitem>
424 <para>
425 is a PAM module used to register user sessions with the
426 <application>systemd</application> login manager,
427 <command>systemd-logind</command>.
428 </para>
429 <indexterm zone="systemd pam_systemd">
430 <primary sortas="c-pam_systemd">pam_systemd.so</primary>
431 </indexterm>
432 </listitem>
433 </varlistentry>
434
435 </variablelist>
436
437 </sect2>
438
439</sect1>
Note: See TracBrowser for help on using the repository browser.