8.75. Systemd-255

The systemd package contains programs for controlling the startup, running, and shutdown of the system.

Approximate build time: 0.7 SBU
Required disk space: 247 MB

8.75.1. Installation of systemd

Remove two unneeded groups, render and sgx, from the default udev rules:

sed -i -e 's/GROUP="render"/GROUP="video"/' \
       -e 's/GROUP="sgx", //' rules.d/50-udev-default.rules.in

Now fix a security vulnerability in the DNSSEC verification of systemd-resolved and a bug breaking running systemd-analyze verify on an instantiated systemd unit:

patch -Np1 -i ../systemd-255-upstream_fixes-1.patch

Prepare systemd for compilation:

mkdir -p build
cd       build

CFLAGS+=" -Wno-format-overflow" \
meson setup \
      --prefix=/usr                 \
      --buildtype=release           \
      -Ddefault-dnssec=no           \
      -Dfirstboot=false             \
      -Dinstall-tests=false         \
      -Dldconfig=false              \
      -Dsysusers=false              \
      -Drpmmacrosdir=no             \
      -Dhomed=disabled              \
      -Duserdb=false                \
      -Dman=disabled                \
      -Dmode=release                \
      -Dpamconfdir=no               \
      -Ddev-kvm-mode=0660           \
      -Dnobody-group=nogroup        \
      -Dsysupdate=disabled          \
      -Dukify=disabled              \
      -Ddocdir=/usr/share/doc/systemd-255 \
      ..

The meaning of the meson options:

--buildtype=release

This switch overrides the default buildtype (debug), which produces unoptimized binaries.

-Ddefault-dnssec=no

This switch turns off the experimental DNSSEC support.

-Dfirstboot=false

This switch prevents installation of systemd services responsible for setting up the system for the first time. These are not useful in LFS, because everything is done manually.

-Dinstall-tests=false

This switch prevents installation of the compiled tests.

-Dldconfig=false

This switch prevents installation of a systemd unit that runs ldconfig at boot; this is not useful for source distributions such as LFS, and makes the boot time longer. Remove this option to enable running ldconfig at boot.

-Dsysusers=false

This switch prevents installation of systemd services responsible for setting up the /etc/group and /etc/passwd files. Both files were created in the previous chapter. This daemon is not useful on an LFS system since user accounts are manually created.

-Drpmmacrosdir=no

This switch disables installation of RPM Macros for use with systemd, because LFS does not support RPM.

-Dhomed=disabled and -Duserdb=false

Remove two daemons with dependencies that do not fit within the scope of LFS.

-Dman=disabled

Prevent the generation of man pages to avoid extra dependencies. We will install pre-generated man pages for systemd from a tarball.

-Dmode=release

Disable some features considered experimental by upstream.

-Dpamconfdir=no

Prevent the installation of a PAM configuration file not functional on LFS.

-Ddev-kvm-mode=0660

The default udev rule would allow all users to access /dev/kvm. The editors consider it dangerous. This option overrides it.

-Dnobody-group=nogroup

Tell the package the group name with GID 65534 is nogroup.

-Dsysupdate=disabled

Do not install the systemd-sysupdate tool. It's designed for automatically upgrading binary distros, so it's useless for a basic Linux system built from source. And it will report errors on boot if it's enabled but not properly configured.

-Dukify=disabled

Do not install the systemd-ukify script. At runtime this script requires the pefile Python module that neither LFS nor BLFS provides.

Compile the package:

ninja

Install the package:

ninja install

Install the man pages:

tar -xf ../../systemd-man-pages-255.tar.xz \
    --no-same-owner --strip-components=1   \
    -C /usr/share/man

Create the /etc/machine-id file needed by systemd-journald:

systemd-machine-id-setup

Set up the basic target structure:

systemctl preset-all

8.75.2. Contents of systemd

Installed programs: busctl, coredumpctl, halt (symlink to systemctl), hostnamectl, init, journalctl, kernel-install, localectl, loginctl, machinectl, mount.ddi (symlink to systemd-dissect), networkctl, oomctl, portablectl, poweroff (symlink to systemctl), reboot (symlink to systemctl), resolvconf (symlink to resolvectl), resolvectl, runlevel (symlink to systemctl), shutdown (symlink to systemctl), systemctl, systemd-ac-power, systemd-analyze, systemd-ask-password, systemd-cat, systemd-cgls, systemd-cgtop, systemd-confext (symlink to systemd-sysext), systemd-creds, systemd-delta, systemd-detect-virt, systemd-dissect, systemd-escape, systemd-hwdb, systemd-id128, systemd-inhibit, systemd-machine-id-setup, systemd-mount, systemd-notify, systemd-nspawn, systemd-path, systemd-repart, systemd-resolve (symlink to resolvectl), systemd-run, systemd-socket-activate, systemd-stdio-bridge, systemd-sysext, systemd-tmpfiles, systemd-tty-ask-password-agent, systemd-umount (symlink to systemd-mount), telinit (symlink to systemctl), timedatectl, and udevadm
Installed libraries: libnss_myhostname.so.2, libnss_mymachines.so.2, libnss_resolve.so.2, libnss_systemd.so.2, libsystemd.so, libsystemd-shared-255.so (in /usr/lib/systemd), and libudev.so
Installed directories: /etc/binfmt.d, /etc/init.d, /etc/kernel, /etc/modules-load.d, /etc/sysctl.d, /etc/systemd, /etc/tmpfiles.d, /etc/udev, /etc/xdg/systemd, /usr/lib/systemd, /usr/lib/udev, /usr/include/systemd, /usr/lib/binfmt.d, /usr/lib/environment.d, /usr/lib/kernel, /usr/lib/modules-load.d, /usr/lib/sysctl.d, /usr/lib/systemd, /usr/lib/tmpfiles.d, /usr/share/doc/systemd-255, /usr/share/factory, /usr/share/systemd, /var/lib/systemd, and /var/log/journal

Short Descriptions

busctl

Is used to introspect and monitor the D-Bus bus

coredumpctl

Is used to retrieve coredumps from the systemd journal

halt

Normally invokes shutdown with the -h option, except when already in run-level 0, when it tells the kernel to halt the system; it notes in the file /var/log/wtmp that the system is being brought down

hostnamectl

Is used to query and change the system hostname and related settings

init

Is the first process to be started after the kernel has initialized the hardware; init takes over the boot process and starts the processes specified by its configuration files; in this case, it starts systemd

journalctl

Is used to query the contents of the systemd journal

kernel-install

Is used to add and remove kernel and initramfs images to and from /boot; in LFS, this is done manually

localectl

Is used to query and change the system locale and keyboard layout settings

loginctl

Is used to introspect and control the state of the systemd Login Manager

machinectl

Is used to introspect and control the state of the systemd Virtual Machine and Container Registration Manager

networkctl

Is used to introspect and configure the state of the network links configured by systemd-networkd

oomctl

Controls the systemd Out Of Memory daemon

portablectl

Is used to attach or detach portable services from the local system

poweroff

Instructs the kernel to halt the system and switch off the computer (see halt)

reboot

Instructs the kernel to reboot the system (see halt)

resolvconf

Registers DNS server and domain configuration with systemd-resolved

resolvectl

Sends control commands to the network name resolution manager, or resolves domain names, IPv4 and IPv6 addresses, DNS records, and services

runlevel

Outputs the previous and the current run-level, as noted in the last run-level record in /run/utmp

shutdown

Brings the system down in a safe and secure manner, signaling all processes and notifying all logged-in users

systemctl

Is used to introspect and control the state of the systemd system and service manager

systemd-ac-power

Reports whether the system is connected to an external power source.

systemd-analyze

Is used to analyze system startup performance, as well as identify troublesome systemd units

systemd-ask-password

Is used to query a system password or passphrase from the user, using a message specified on the Linux command line

systemd-cat

Is used to connect the STDOUT and STDERR outputs of a process with the systemd journal

systemd-cgls

Recursively shows the contents of the selected Linux control group hierarchy in a tree

systemd-cgtop

Shows the top control groups of the local Linux control group hierarchy, ordered by their CPU, memory and disk I/O loads

systemd-creds

Displays and processes credentials

systemd-delta

Is used to identify and compare configuration files in /etc that override the defaults in /usr

systemd-detect-virt

Detects whether the system is being run in a virtual environment, and adjusts udev accordingly

systemd-dissect

Is used to inspect OS disk images

systemd-escape

Is used to escape strings for inclusion in systemd unit names

systemd-hwdb

Is used to manage the hardware database (hwdb)

systemd-id128

Generates and prints id128 (UUID) strings

systemd-inhibit

Is used to execute a program with a shutdown, sleep or idle inhibitor lock taken, preventing an action such as a system shutdown until the process is completed

systemd-machine-id-setup

Is used by system installer tools to initialize the machine ID stored in /etc/machine-id at install time with a randomly generated ID

systemd-mount

Is used to temporarily mount or automount disks

systemd-notify

Is used by daemon scripts to notify the init system of status changes

systemd-nspawn

Is used to run a command, or an entire OS, in a light-weight namespace container

systemd-path

Is used to query system and user paths

systemd-repart

Is used to grow and add partitions to a partition table when systemd is used with an OS image (e.g. a container)

systemd-resolve

Is used to resolve domain names, IPV4 and IPv6 addresses, DNS resource records, and services

systemd-run

Is used to create and start a transient .service or a .scope unit and run the specified command in it; this is useful for validating systemd units

systemd-socket-activate

Is used to listen on socket devices and launch a process upon a successful connection to the socket

systemd-sysext

Activates system extension images

systemd-tmpfiles

Creates, deletes, and cleans up volatile and temporary files and directories, based on the configuration file format and location specified in tmpfiles.d directories

systemd-umount

Unmounts mount points

systemd-tty-ask-password-agent

Is used to list and/or process pending systemd password requests

telinit

Tells init which run-level to change to

timedatectl

Is used to query and change the system clock and its settings

udevadm

Is a generic udev administration tool which controls the udevd daemon, provides info from the udev hardware database, monitors uevents, waits for uevents to finish, tests udev configuration, and triggers uevents for a given device

libsystemd

Is the main systemd utility library

libudev

Is a library to access Udev device information