manager: add ManagerEnvironment configuration setting

This is useful for various variables that modify process behaviour. This makes it easy to set it for pid1 without touching the kernel command line. Even for the *user manager* this also can be convenient for the unprivileged user, who cannot modify user@.service definition. Variables that could be set like this include $SD_EVENT_PROFILE_DELAYS, $SYSTEMD_FALLBACK_HOSTNAME, $SYSTEMD_MEMPOOL, $SYSTMED_RDRAND, etc.
2025-01-08 21:17:47 +03:00 · 2021-02-19 00:06:26 +01:00 · 2021-02-19 00:06:26 +01:00 · d55ed7de34
commit d55ed7de34
parent fa256f43e7
2 changed files with 37 additions and 5 deletions
--- a/man/systemd-system.conf.xml
+++ b/man/systemd-system.conf.xml
@ -323,11 +323,10 @@
      <varlistentry>
        <term><varname>DefaultEnvironment=</varname></term>

-        <listitem><para>Sets manager environment variables passed to
-        all executed processes. Takes a space-separated list of
-        variable assignments. See
-        <citerefentry project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry>
-        for details about environment variables.</para>
+        <listitem><para>Configures environment variables passed to all executed processes. Takes a
+        space-separated list of variable assignments. See <citerefentry
+        project='man-pages'><refentrytitle>environ</refentrytitle><manvolnum>7</manvolnum></citerefentry> for
+        details about environment variables.</para>

        <para>Example:

@ -339,6 +338,20 @@
        <literal>VAR3</literal>.</para></listitem>
      </varlistentry>

+      <varlistentry>
+        <term><varname>ManagerEnvironment=</varname></term>
+
+        <listitem><para>Takes the same arguments as <varname>DefaultEnvironment=</varname>, see above. Sets
+        environment variables just for the manager process itself. These variables are not inherited by
+        processes spawned by the service manager, use <varname>DefaultEnvironment=</varname> for that. Note
+        that these variables are merged into the existing environment block. In particular, in case of the
+        system manager, this includes variables set by the kernel based on the kernel command line.</para>
+
+        <para>Setting environment variables for the manager process may be useful to modify its behaviour.
+        See <ulink url="https://systemd.io/ENVIRONMENT">ENVIRONMENT</ulink> for a descriptions of some
+        variables understood by <command>systemd</command>.</para></listitem>
+      </varlistentry>
+
      <varlistentry>
        <term><varname>DefaultCPUAccounting=</varname></term>
        <term><varname>DefaultBlockIOAccounting=</varname></term>
--- a/src/core/main.c
+++ b/src/core/main.c
@ -134,6 +134,7 @@ static usec_t arg_kexec_watchdog;
 static char *arg_early_core_pattern;
 static char *arg_watchdog_device;
 static char **arg_default_environment;
+static char **arg_manager_environment;
 static struct rlimit *arg_default_rlimit[_RLIMIT_MAX];
 static uint64_t arg_capability_bounding_set;
 static bool arg_no_new_privs;
@ -670,6 +671,7 @@ static int parse_config_file(void) {
                { "Manager", "DefaultStartLimitIntervalSec", config_parse_sec,                   0, &arg_default_start_limit_interval      },
                { "Manager", "DefaultStartLimitBurst",       config_parse_unsigned,              0, &arg_default_start_limit_burst         },
                { "Manager", "DefaultEnvironment",           config_parse_environ,               0, &arg_default_environment               },
+                { "Manager", "ManagerEnvironment",           config_parse_environ,               0, &arg_manager_environment               },
                { "Manager", "DefaultLimitCPU",              config_parse_rlimit,                RLIMIT_CPU, arg_default_rlimit            },
                { "Manager", "DefaultLimitFSIZE",            config_parse_rlimit,                RLIMIT_FSIZE, arg_default_rlimit          },
                { "Manager", "DefaultLimitDATA",             config_parse_rlimit,                RLIMIT_DATA, arg_default_rlimit           },
@ -2301,6 +2303,19 @@ static void fallback_rlimit_memlock(const struct rlimit *saved_rlimit_memlock) {
        arg_default_rlimit[RLIMIT_MEMLOCK] = rl;
 }

+static void setenv_manager_environment(void) {
+        char **p;
+        int r;
+
+        STRV_FOREACH(p, arg_manager_environment) {
+                log_debug("Setting '%s' in our own environment.", *p);
+
+                r = putenv_dup(*p, true);
+                if (r < 0)
+                        log_warning_errno(errno, "Failed to setenv \"%s\", ignoring: %m", *p);
+        }
+}
+
 static void reset_arguments(void) {
        /* Frees/resets arg_* variables, with a few exceptions commented below. */

@ -2334,6 +2349,7 @@ static void reset_arguments(void) {
        arg_watchdog_device = NULL;

        arg_default_environment = strv_free(arg_default_environment);
+        arg_manager_environment = strv_free(arg_manager_environment);
        rlimit_free_all(arg_default_rlimit);

        arg_capability_bounding_set = CAP_ALL;
@ -2395,6 +2411,9 @@ static int parse_configuration(const struct rlimit *saved_rlimit_nofile,
        if (arg_show_status == _SHOW_STATUS_INVALID)
                arg_show_status = SHOW_STATUS_YES;

+        /* Push variables into the manager environment block */
+        setenv_manager_environment();
+
        return 0;
 }