mirror of
https://github.com/systemd/systemd.git
synced 2024-12-22 17:35:35 +03:00
man/daemon: s/init system/service manager/
As pointed out in the review, all this applies to the user services too, so are not managed by the "init system", but by the more generic "service manager". Also: - use oxford comma - change "employ" to "use" in various places - change "the init system forwards messages to syslog" to "are forwarded to syslog". This is done by systemd-journald, so really there is no forwarding, because systemd-journald just writes them to a file in the common setup, so let's use the passive form to avoid specifying who does this.
This commit is contained in:
parent
d73f8ff95f
commit
7ab1a1be1c
221
man/daemon.xml
221
man/daemon.xml
@ -146,13 +146,11 @@
|
||||
new-style daemons. This makes it easier to supervise and control
|
||||
them at runtime and simplifies their implementation.</para>
|
||||
|
||||
<para>For developing a new-style daemon, none of the
|
||||
initialization steps recommended for SysV daemons need to be
|
||||
implemented. New-style init systems such as systemd make all of
|
||||
them redundant. Moreover, since some of these steps interfere
|
||||
with process monitoring, file descriptor passing and other
|
||||
functionality of the init system, it is recommended not to
|
||||
execute them when run as new-style service.</para>
|
||||
<para>For developing a new-style daemon, none of the initialization steps recommended for SysV daemons
|
||||
need to be implemented. New-style init systems such as systemd make all of them redundant. Moreover,
|
||||
since some of these steps interfere with process monitoring, file descriptor passing, and other
|
||||
functionality of the service manager, it is recommended not to execute them when run as new-style
|
||||
service.</para>
|
||||
|
||||
<para>Note that new-style init systems guarantee execution of daemon processes in a clean process context: it is
|
||||
guaranteed that the environment block is sanitized, that the signal handlers and mask is reset and that no
|
||||
@ -166,8 +164,8 @@
|
||||
following:</para>
|
||||
|
||||
<orderedlist>
|
||||
<listitem><para>If applicable, the daemon should notify the init system about startup completion or
|
||||
status updates via the
|
||||
<listitem><para>If applicable, the daemon should notify the service manager about startup completion
|
||||
or status updates via the
|
||||
<citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
interface, in particular <varname>READY=1</varname> and <varname>STATUS=…</varname>.
|
||||
</para></listitem>
|
||||
@ -183,13 +181,11 @@
|
||||
<varname>RELOADING=1</varname> and <varname>READY=1</varname>.
|
||||
</para></listitem>
|
||||
|
||||
<listitem><para>Provide a correct exit code from the main
|
||||
daemon process, as this is used by the init system to detect
|
||||
service errors and problems. It is recommended to follow the
|
||||
exit code scheme as defined in the <ulink
|
||||
<listitem><para>Provide a correct exit code from the main daemon process, as this is used by the
|
||||
service manager to detect service errors and problems. It is recommended to follow the exit code
|
||||
scheme as defined in the <ulink
|
||||
url="http://refspecs.linuxbase.org/LSB_3.1.1/LSB-Core-generic/LSB-Core-generic/iniscrptact.html">LSB
|
||||
recommendations for SysV init
|
||||
scripts</ulink>.</para></listitem>
|
||||
recommendations for SysV init scripts</ulink>.</para></listitem>
|
||||
|
||||
<listitem><para>If possible and applicable, expose the
|
||||
daemon's control interface via the D-Bus IPC system and grab a
|
||||
@ -202,15 +198,12 @@
|
||||
<citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for details.</para></listitem>
|
||||
|
||||
<listitem><para>As much as possible, rely on the init system's
|
||||
functionality to limit the access of the daemon to files,
|
||||
services and other resources, i.e. in the case of systemd,
|
||||
rely on systemd's resource limit control instead of
|
||||
implementing your own, rely on systemd's privilege dropping
|
||||
code instead of implementing it in the daemon, and similar.
|
||||
See
|
||||
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for the available controls.</para></listitem>
|
||||
<listitem><para>As much as possible, rely on the service manager's functionality to limit the access
|
||||
of the daemon to files, services, and other resources, i.e. in the case of systemd, rely on systemd's
|
||||
resource limit control instead of implementing your own, rely on systemd's privilege dropping code
|
||||
instead of implementing it in the daemon, and so on. See
|
||||
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
|
||||
the available controls.</para></listitem>
|
||||
|
||||
<listitem><para>If D-Bus is used, make your daemon
|
||||
bus-activatable by supplying a D-Bus service activation
|
||||
@ -237,19 +230,13 @@
|
||||
<citerefentry><refentrytitle>sd_notify</refentrytitle><manvolnum>3</manvolnum></citerefentry> with
|
||||
<varname>FDSTORE=1</varname>..</para></listitem>
|
||||
|
||||
<listitem><para>Instead of using the
|
||||
<function>syslog()</function> call to log directly to the
|
||||
system syslog service, a new-style daemon may choose to simply
|
||||
log to standard error via <function>fprintf()</function>,
|
||||
which is then forwarded to syslog by the init system. If log
|
||||
levels are necessary, these can be encoded by prefixing
|
||||
individual log lines with strings like
|
||||
<literal><4></literal> (for log level 4 "WARNING" in the
|
||||
syslog priority scheme), following a similar style as the
|
||||
Linux kernel's <function>printk()</function> level system. For
|
||||
details, see
|
||||
<citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
and
|
||||
<listitem><para>Instead of using the <function>syslog()</function> call to log directly to the system
|
||||
syslog service, a new-style daemon may choose to simply log to standard error via
|
||||
<function>fprintf()</function>, which is then forwarded to syslog. If log levels are necessary, these
|
||||
can be encoded by prefixing individual log lines with strings like <literal><4></literal> (for
|
||||
log level 4 "WARNING" in the syslog priority scheme), following a similar style as the Linux kernel's
|
||||
<function>printk()</function> level system. For details, see
|
||||
<citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry> and
|
||||
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para></listitem>
|
||||
|
||||
<listitem><para>As new-style daemons are invoked without a controlling TTY (but as their own session
|
||||
@ -294,17 +281,14 @@
|
||||
<refsect2>
|
||||
<title>Activation on Boot</title>
|
||||
|
||||
<para>Old-style daemons are usually activated exclusively on
|
||||
boot (and manually by the administrator) via SysV init scripts,
|
||||
as detailed in the <ulink
|
||||
<para>Old-style daemons are usually activated exclusively on boot (and manually by the administrator)
|
||||
via SysV init scripts, as detailed in the <ulink
|
||||
url="http://refspecs.linuxbase.org/LSB_3.1.1/LSB-Core-generic/LSB-Core-generic/iniscrptact.html">LSB
|
||||
Linux Standard Base Core Specification</ulink>. This method of
|
||||
activation is supported ubiquitously on Linux init systems, both
|
||||
old-style and new-style systems. Among other issues, SysV init
|
||||
scripts have the disadvantage of involving shell scripts in the
|
||||
boot process. New-style init systems generally employ updated
|
||||
versions of activation, both during boot-up and during runtime
|
||||
and using more minimal service description files.</para>
|
||||
Linux Standard Base Core Specification</ulink>. This method of activation is supported ubiquitously on
|
||||
Linux init systems, both old-style and new-style systems. Among other issues, SysV init scripts have
|
||||
the disadvantage of involving shell scripts in the boot process. New-style init systems generally use
|
||||
updated versions of activation, both during boot-up and during runtime and using more minimal service
|
||||
description files.</para>
|
||||
|
||||
<para>In systemd, if the developer or administrator wants to
|
||||
make sure that a service or other unit is activated
|
||||
@ -324,42 +308,29 @@
|
||||
<refsect2>
|
||||
<title>Socket-Based Activation</title>
|
||||
|
||||
<para>In order to maximize the possible parallelization and
|
||||
robustness and simplify configuration and development, it is
|
||||
recommended for all new-style daemons that communicate via
|
||||
listening sockets to employ socket-based activation. In a
|
||||
socket-based activation scheme, the creation and binding of the
|
||||
listening socket as primary communication channel of daemons to
|
||||
local (and sometimes remote) clients is moved out of the daemon
|
||||
code and into the init system. Based on per-daemon
|
||||
configuration, the init system installs the sockets and then
|
||||
hands them off to the spawned process as soon as the respective
|
||||
daemon is to be started. Optionally, activation of the service
|
||||
can be delayed until the first inbound traffic arrives at the
|
||||
socket to implement on-demand activation of daemons. However,
|
||||
the primary advantage of this scheme is that all providers and
|
||||
all consumers of the sockets can be started in parallel as soon
|
||||
as all sockets are established. In addition to that, daemons can
|
||||
be restarted with losing only a minimal number of client
|
||||
transactions, or even any client request at all (the latter is
|
||||
particularly true for state-less protocols, such as DNS or
|
||||
syslog), because the socket stays bound and accessible during
|
||||
the restart, and all requests are queued while the daemon cannot
|
||||
process them.</para>
|
||||
<para>In order to maximize the possible parallelization and robustness and simplify configuration and
|
||||
development, it is recommended for all new-style daemons that communicate via listening sockets to use
|
||||
socket-based activation. In a socket-based activation scheme, the creation and binding of the listening
|
||||
socket as primary communication channel of daemons to local (and sometimes remote) clients is moved out
|
||||
of the daemon code and into the service manager. Based on per-daemon configuration, the service manager
|
||||
installs the sockets and then hands them off to the spawned process as soon as the respective daemon is
|
||||
to be started. Optionally, activation of the service can be delayed until the first inbound traffic
|
||||
arrives at the socket to implement on-demand activation of daemons. However, the primary advantage of
|
||||
this scheme is that all providers and all consumers of the sockets can be started in parallel as soon
|
||||
as all sockets are established. In addition to that, daemons can be restarted with losing only a
|
||||
minimal number of client transactions, or even any client request at all (the latter is particularly
|
||||
true for state-less protocols, such as DNS or syslog), because the socket stays bound and accessible
|
||||
during the restart, and all requests are queued while the daemon cannot process them.</para>
|
||||
|
||||
<para>New-style daemons which support socket activation must be
|
||||
able to receive their sockets from the init system instead of
|
||||
creating and binding them themselves. For details about the
|
||||
programming interfaces for this scheme provided by systemd, see
|
||||
<citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
and
|
||||
<citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
|
||||
For details about porting existing daemons to socket-based
|
||||
activation, see below. With minimal effort, it is possible to
|
||||
implement socket-based activation in addition to traditional
|
||||
internal socket creation in the same codebase in order to
|
||||
support both new-style and old-style init systems from the same
|
||||
daemon binary.</para>
|
||||
<para>New-style daemons which support socket activation must be able to receive their sockets from the
|
||||
service manager instead of creating and binding them themselves. For details about the programming
|
||||
interfaces for this scheme provided by systemd, see
|
||||
<citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry> and
|
||||
<citerefentry><refentrytitle>sd-daemon</refentrytitle><manvolnum>3</manvolnum></citerefentry>. For
|
||||
details about porting existing daemons to socket-based activation, see below. With minimal effort, it
|
||||
is possible to implement socket-based activation in addition to traditional internal socket creation in
|
||||
the same codebase in order to support both new-style and old-style init systems from the same daemon
|
||||
binary.</para>
|
||||
|
||||
<para>systemd implements socket-based activation via
|
||||
<filename>.socket</filename> units, which are described in
|
||||
@ -385,23 +356,16 @@
|
||||
<refsect2>
|
||||
<title>Bus-Based Activation</title>
|
||||
|
||||
<para>When the D-Bus IPC system is used for communication with
|
||||
clients, new-style daemons should employ bus activation so that
|
||||
they are automatically activated when a client application
|
||||
accesses their IPC interfaces. This is configured in D-Bus
|
||||
service files (not to be confused with systemd service unit
|
||||
files!). To ensure that D-Bus uses systemd to start-up and
|
||||
maintain the daemon, use the <varname>SystemdService=</varname>
|
||||
directive in these service files to configure the matching
|
||||
systemd service for a D-Bus service. e.g.: For a D-Bus service
|
||||
whose D-Bus activation file is named
|
||||
<filename>org.freedesktop.RealtimeKit.service</filename>, make
|
||||
sure to set
|
||||
<varname>SystemdService=rtkit-daemon.service</varname> in that
|
||||
file to bind it to the systemd service
|
||||
<filename>rtkit-daemon.service</filename>. This is needed to
|
||||
make sure that the daemon is started in a race-free fashion when
|
||||
activated via multiple mechanisms simultaneously.</para>
|
||||
<para>When the D-Bus IPC system is used for communication with clients, new-style daemons should use
|
||||
bus activation so that they are automatically activated when a client application accesses their IPC
|
||||
interfaces. This is configured in D-Bus service files (not to be confused with systemd service unit
|
||||
files!). To ensure that D-Bus uses systemd to start-up and maintain the daemon, use the
|
||||
<varname>SystemdService=</varname> directive in these service files to configure the matching systemd
|
||||
service for a D-Bus service. e.g.: For a D-Bus service whose D-Bus activation file is named
|
||||
<filename>org.freedesktop.RealtimeKit.service</filename>, make sure to set
|
||||
<varname>SystemdService=rtkit-daemon.service</varname> in that file to bind it to the systemd service
|
||||
<filename>rtkit-daemon.service</filename>. This is needed to make sure that the daemon is started in a
|
||||
race-free fashion when activated via multiple mechanisms simultaneously.</para>
|
||||
</refsect2>
|
||||
|
||||
<refsect2>
|
||||
@ -461,10 +425,10 @@
|
||||
<title>Other Forms of Activation</title>
|
||||
|
||||
<para>Other forms of activation have been suggested and implemented in some systems. However, there are
|
||||
often simpler or better alternatives, or they can be put together of combinations of the schemes
|
||||
above. Example: Sometimes, it appears useful to start daemons or <filename>.socket</filename> units
|
||||
when a specific IP address is configured on a network interface, because network sockets shall be bound
|
||||
to the address. However, an alternative to implement this is by utilizing the Linux
|
||||
often simpler or better alternatives, or they can be put together of combinations of the schemes above.
|
||||
Example: Sometimes, it appears useful to start daemons or <filename>.socket</filename> units when a
|
||||
specific IP address is configured on a network interface, because network sockets shall be bound to the
|
||||
address. However, an alternative to implement this is by utilizing the Linux
|
||||
<constant>IP_FREEBIND</constant>/<constant>IPV6_FREEBIND</constant> socket option, as accessible via
|
||||
<varname>FreeBind=yes</varname> in systemd socket files (see
|
||||
<citerefentry><refentrytitle>systemd.socket</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
|
||||
@ -472,15 +436,14 @@
|
||||
address, and hence allows bindings to a particular IP address before it actually becomes available,
|
||||
making such an explicit dependency to the configured address redundant. Another often suggested trigger
|
||||
for service activation is low system load. However, here too, a more convincing approach might be to
|
||||
make proper use of features of the operating system, in particular, the CPU or I/O scheduler of
|
||||
Linux. Instead of scheduling jobs from userspace based on monitoring the OS scheduler, it is advisable
|
||||
to leave the scheduling of processes to the OS scheduler itself. systemd provides fine-grained access
|
||||
to the CPU and I/O schedulers. If a process executed by the init system shall not negatively impact the
|
||||
amount of CPU or I/O bandwidth available to other processes, it should be configured with
|
||||
<varname>CPUSchedulingPolicy=idle</varname> and/or
|
||||
<varname>IOSchedulingClass=idle</varname>. Optionally, this may be combined with timer-based activation
|
||||
to schedule background jobs during runtime and with minimal impact on the system, and remove it from
|
||||
the boot phase itself.</para>
|
||||
make proper use of features of the operating system, in particular, the CPU or I/O scheduler of Linux.
|
||||
Instead of scheduling jobs from userspace based on monitoring the OS scheduler, it is advisable to
|
||||
leave the scheduling of processes to the OS scheduler itself. systemd provides fine-grained access to
|
||||
the CPU and I/O schedulers. If a process executed by the service manager shall not negatively impact
|
||||
the amount of CPU or I/O bandwidth available to other processes, it should be configured with
|
||||
<varname>CPUSchedulingPolicy=idle</varname> and/or <varname>IOSchedulingClass=idle</varname>.
|
||||
Optionally, this may be combined with timer-based activation to schedule background jobs during runtime
|
||||
and with minimal impact on the system, and remove it from the boot phase itself.</para>
|
||||
</refsect2>
|
||||
|
||||
</refsect1>
|
||||
@ -687,26 +650,20 @@ fi</programlisting>
|
||||
is useful not only for using the daemon in new-style init
|
||||
systems, but also to ease debugging.</para></listitem>
|
||||
|
||||
<listitem><para>If the daemon offers interfaces to other
|
||||
software running on the local system via local
|
||||
<constant>AF_UNIX</constant> sockets, consider implementing
|
||||
socket-based activation (see above). Usually, a minimal patch is
|
||||
sufficient to implement this: Extend the socket creation in the
|
||||
daemon code so that
|
||||
<citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry>
|
||||
is checked for already passed sockets first. If sockets are
|
||||
passed (i.e. when <function>sd_listen_fds()</function> returns a
|
||||
positive value), skip the socket creation step and use the
|
||||
passed sockets. Secondly, ensure that the file system socket
|
||||
nodes for local <constant>AF_UNIX</constant> sockets used in the
|
||||
socket-based activation are not removed when the daemon shuts
|
||||
down, if sockets have been passed. Third, if the daemon normally
|
||||
closes all remaining open file descriptors as part of its
|
||||
initialization, the sockets passed from the init system must be
|
||||
spared. Since new-style init systems guarantee that no left-over
|
||||
file descriptors are passed to executed processes, it might be a
|
||||
good choice to simply skip the closing of all remaining open
|
||||
file descriptors if sockets are passed.</para></listitem>
|
||||
<listitem><para>If the daemon offers interfaces to other software running on the local system via local
|
||||
<constant>AF_UNIX</constant> sockets, consider implementing socket-based activation (see above).
|
||||
Usually, a minimal patch is sufficient to implement this: Extend the socket creation in the daemon code
|
||||
so that
|
||||
<citerefentry><refentrytitle>sd_listen_fds</refentrytitle><manvolnum>3</manvolnum></citerefentry> is
|
||||
checked for already passed sockets first. If sockets are passed (i.e. when
|
||||
<function>sd_listen_fds()</function> returns a positive value), skip the socket creation step and use
|
||||
the passed sockets. Secondly, ensure that the file system socket nodes for local
|
||||
<constant>AF_UNIX</constant> sockets used in the socket-based activation are not removed when the
|
||||
daemon shuts down, if sockets have been passed. Third, if the daemon normally closes all remaining open
|
||||
file descriptors as part of its initialization, the sockets passed from the service manager must be
|
||||
spared. Since new-style init systems guarantee that no left-over file descriptors are passed to
|
||||
executed processes, it might be a good choice to simply skip the closing of all remaining open file
|
||||
descriptors if sockets are passed.</para></listitem>
|
||||
|
||||
<listitem><para>Write and install a systemd unit file for the
|
||||
service (and the sockets if socket-based activation is used, as
|
||||
|
Loading…
Reference in New Issue
Block a user