source: general/sysutils/systemd.xml@ b5d17476

<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE sect1 PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN"
   "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd" [
  <!ENTITY % general-entities SYSTEM "../../general.ent">
  %general-entities;

  <!--  <!ENTITY systemd-download-http "http://anduin.linuxfromscratch.org/LFS/systemd-&systemd-version;-&systemd-stable;.tar.xz"> For whenever we move to a stable snapshot for backports -->
  <!ENTITY systemd-download-http "https://github.com/systemd/systemd/archive/v&systemd-version;/systemd-&systemd-version;.tar.gz">
  <!ENTITY systemd-download-ftp  " ">
  <!ENTITY systemd-md5sum        "0e4f91b513d4b04e2c10a5173e5a87b2">
  <!ENTITY systemd-size          "7.2 MB">
  <!ENTITY systemd-buildsize     "222 MB (an additonal 11 MB for tests)">
  <!ENTITY systemd-time          "2.2 SBU (&lt; 0.1 SBU for tests)">

]>

<sect1 id="systemd" xreflabel="Systemd-&systemd-version;" revision="systemd">
  <?dbhtml filename="systemd.html"?>

  <sect1info>
    <othername>$LastChangedBy$</othername>
    <date>$Date$</date>
  </sect1info>

  <title>Systemd-&systemd-version;</title>
  <!-- Whenever we switch back to stable backports, make sure to add the systemd-stable reference back. -->

  <indexterm zone="systemd">
    <primary sortas="a-systemd">systemd</primary>
  </indexterm>

  <sect2 role="package">
    <title>Introduction to systemd</title>

    <para>
      While <application>systemd</application> was installed when
      building LFS, there are many features provided by the package that
      were not included in the initial installation because
      <application>Linux-PAM</application> was not yet installed.
      The <application>systemd</application> package needs to be
      rebuilt to provide a working <command>systemd-logind</command> service,
      which provides many additional features for dependent packages.
    </para>
    
    &lfs83_checked;

    <bridgehead renderas="sect3">Package Information</bridgehead>
    <itemizedlist spacing="compact">
      <listitem>
        <para>Download (HTTP): <ulink url="&systemd-download-http;"/></para>
      </listitem>
      <listitem>
        <para>Download (FTP): <ulink url="&systemd-download-ftp;"/></para>
      </listitem>
      <listitem>
        <para>Download MD5 sum: &systemd-md5sum;</para>
      </listitem>
      <listitem>
        <para>Download size: &systemd-size;</para>
      </listitem>
      <listitem>
        <para>Estimated disk space required: &systemd-buildsize;</para>
      </listitem>
      <listitem>
        <para>Estimated build time: &systemd-time;</para>
      </listitem>
    </itemizedlist>

    <bridgehead renderas="sect3">Additional Downloads</bridgehead>
    <itemizedlist spacing="compact">
      <listitem>
        <para>
         Required patch:
         <ulink url="&patch-root;/systemd-&systemd-version;-security_fixes-1.patch"/>
        </para>
      </listitem>
    </itemizedlist>

    <bridgehead renderas="sect3">systemd Dependencies</bridgehead>

    <bridgehead renderas="sect4">Required</bridgehead>
    <para role="required">
      <xref linkend="linux-pam"/>
    </para>

    <bridgehead renderas="sect4">Recommended Runtime Dependencies</bridgehead>
    <para role="recommended">
      <xref role="runtime" linkend="polkit"/> 
    </para>

    <bridgehead renderas="sect4">Optional</bridgehead>
    <para role="optional">
      <xref linkend="curl"/>,
      <xref linkend="cryptsetup"/>,
      <xref linkend="git"/>,
      <xref linkend="gnutls"/>,
      <xref linkend="iptables"/>,
      <xref linkend="libgcrypt"/>,
      <xref linkend="libidn2"/>,
      <xref linkend="libseccomp"/>,
      <xref linkend="libxkbcommon"/>,
      <xref linkend="make-ca"/>,
      <xref linkend="qemu"/>,
      <xref linkend="valgrind"/>,
      <xref linkend="zsh"/> (for the zsh completions),
      <ulink url="http://sourceforge.net/projects/gnu-efi/">gnu-efi</ulink>,
      <ulink url="https://www.kernel.org/pub/linux/utils/kernel/kexec/">kexec-tools</ulink>,
      <ulink url="https://www.gnu.org/software/libmicrohttpd/">libmicrohttpd</ulink>,
      <ulink url="http://lz4.github.io/lz4/">lz4</ulink>,
      <ulink url="http://fukuchi.org/works/qrencode/">qrencode</ulink>,
      <ulink url="http://sourceforge.net/projects/linuxquota/">quota-tools</ulink> and
      <ulink url="https://pypi.python.org/pypi/Sphinx">Sphinx</ulink>
    </para>

    <bridgehead renderas="sect4">Optional (to rebuild the manual pages)</bridgehead>
    <para role="optional">
      <xref linkend="DocBook"/>,
      <xref linkend="docbook-xsl"/>, and
      <xref linkend="libxslt"/>
    </para>

    <para condition="html" role="usernotes">User Notes:
      <ulink url="&blfs-wiki;/systemd"/>
    </para>
  </sect2>

  <sect2 role="installation">
    <title>Installation of systemd</title>

    <para>Apply a critical security patch for journald:</para>

<screen><userinput remap="pre">patch -Np1 -i ../systemd-&systemd-version;-security_fixes-1.patch</userinput></screen>

    <para>Remove an unneeded group,
    <systemitem class="groupname">render</systemitem>, from the default udev
    rules:</para>

<screen><userinput remap="pre">sed -i 's/GROUP="render", //' rules/50-udev-default.rules.in</userinput></screen>

    <para>
      Rebuild <application>systemd</application> by running the
      following commands:
    </para>

<screen><userinput>mkdir build &amp;&amp;
cd    build &amp;&amp;

meson --prefix=/usr         \
      --sysconfdir=/etc     \
      --localstatedir=/var  \
      -Dblkid=true          \
      -Dbuildtype=release   \
      -Ddefault-dnssec=no   \
      -Dfirstboot=false     \
      -Dinstall-tests=false \
      -Dldconfig=false      \
      -Drootprefix=         \
      -Drootlibdir=/lib     \
      -Dsplit-usr=true      \
      -Dsysusers=false      \
      -Db_lto=false         \
      ..                    &amp;&amp;

ninja</userinput></screen>

    <note>
      <para>
        For the best test results, make sure you run the testsuite from
        a system that is booted by the same
        <application>systemd</application> version you are rebuilding.
      </para>
    </note>

    <para>
       To test the results, issue: <command>ninja test</command>. <!--One test,
       <filename>test-fs-util</filename>, is known to fail.-->
      <!-- https://github.com/systemd/systemd/pull/10263/commits -->
    </para>

    <warning>
      <para>
        Installing the package will overwrite all files installed by
        <application>systemd</application> in LFS. It is critical that
        nothing uses either <application>systemd</application> or
        <application>Udev</application> libraries during the installation.
        The best way to ensure that these libraries are not being used is to
        run the installation in rescue mode. To switch to rescue mode,
        run the following command as the
        <systemitem class="username">root</systemitem> user (from a TTY):
      </para>

<screen role="root"><userinput>systemctl start rescue.target</userinput></screen>
    </warning>

   <para>
     Now, as the <systemitem class="username">root</systemitem> user:
   </para>

<screen role="root"><userinput>ninja install</userinput></screen>

    <para>
      If <application>RPM</application> is not installed, remove an
      unnecessary directory by running the following command as the
      <systemitem class="username">root</systemitem> user:
    </para>

<screen role="root"><userinput>rm -rfv /usr/lib/rpm</userinput></screen>

  </sect2>

  <sect2 role="configuration">
    <title>Configuring systemd</title>

    <para>
      The <filename>/etc/pam.d/system-session</filename> file needs to
      be modified and a new file needs to be created in order for
      <command>systemd-logind</command> to work correctly. Run the following
      commands as the <systemitem class="username">root</systemitem> user:
    </para>

<screen role="root"><userinput>cat &gt;&gt; /etc/pam.d/system-session &lt;&lt; "EOF"
<literal># Begin Systemd addition
    
session  required    pam_loginuid.so
session  optional    pam_systemd.so

# End Systemd addition</literal>
EOF

cat &gt; /etc/pam.d/systemd-user &lt;&lt; "EOF"
<literal># Begin /etc/pam.d/systemd-user

account  required    pam_access.so
account  include     system-account

session  required    pam_env.so
session  required    pam_limits.so
session  required    pam_unix.so
session  required    pam_loginuid.so
session  optional    pam_keyinit.so force revoke
session  optional    pam_systemd.so

auth     required    pam_deny.so
password required    pam_deny.so

# End /etc/pam.d/systemd-user</literal>
EOF</userinput></screen>

    <para>
      At this point, you should reload the systemd daemon, and reenter
      multi-user mode with the following commands (as the
      <systemitem class="username">root</systemitem> user):
    </para>

<screen role="root"><userinput>systemctl daemon-reload
systemctl start multi-user.target</userinput></screen>

    <warning><para>If upgrading from a previous version of systemd and an
    initrd is used for system boot, you should generate a new initrd before
    rebooting the system.</para></warning>

  </sect2>

  <sect2 role="content">
    <title>Contents</title>

      <para>
        A list of the installed files, along with their short
        descriptions can be found at
        <ulink url="&lfs-root;/chapter06/systemd.html#contents-systemd"/>.
      </para>

      <para>
        Listed below are the newly installed libraries and directories
        along with short descriptions.
      </para>

    <segmentedlist>
      <segtitle>Installed Programs</segtitle>
      <segtitle>Installed Libraries</segtitle>
      <segtitle>Installed Directories</segtitle>

      <seglistitem>
        <seg>
          None
        </seg>
        <seg>
          pam_systemd.so
          (in <filename class="directory">/lib/security</filename>)
        </seg>
        <seg>
          None
        </seg>
      </seglistitem>
    </segmentedlist>

    <variablelist>
      <bridgehead renderas="sect3">Short Descriptions</bridgehead>
      <?dbfo list-presentation="list"?>
      <?dbhtml list-presentation="table"?>

      <varlistentry id="pam_systemd">
        <term><filename class="libraryfile">pam_systemd.so</filename></term>
        <listitem>
          <para>
            is a PAM module used to register user sessions with the
            <application>systemd</application> login manager,
            <command>systemd-logind</command>.
          </para>
          <indexterm zone="systemd pam_systemd">
            <primary sortas="c-pam_systemd">pam_systemd.so</primary>
          </indexterm>
        </listitem>
      </varlistentry>

    </variablelist>

  </sect2>

</sect1>