Difference between revisions of "Systemd/User"
(→Setup since systemd 206: added PAM workaround for 207) |
(→Setup since systemd 206: system-login change) |
||
| Line 24: | Line 24: | ||
{{Note|Since version 207, systemd uses a different PAM service for user@.service, and includes an incorrect default PAM config. | {{Note|Since version 207, systemd uses a different PAM service for user@.service, and includes an incorrect default PAM config. | ||
Fix it with: {{ic|# sed -i s/system-auth/system-login/g /etc/pam.d/systemd-user}} (or replace all occurrences of {{ic|system-auth}} in that file with {{ic|system-login}}).}} | Fix it with: {{ic|# sed -i s/system-auth/system-login/g /etc/pam.d/systemd-user}} (or replace all occurrences of {{ic|system-auth}} in that file with {{ic|system-login}}).}} | ||
| + | {{Note|system-login needs to start pam_systemd: it should contain {{ic|-session optional pam_systemd.so}}; check if a .pacnew file exists}} | ||
2. Add the environment variables you need, in a drop in config file for {{ic|user@.service}}. At least it should contain the following | 2. Add the environment variables you need, in a drop in config file for {{ic|user@.service}}. At least it should contain the following | ||
{{hc|/etc/systemd/system/user@.service.d/environment.conf| | {{hc|/etc/systemd/system/user@.service.d/environment.conf| | ||
Revision as of 18:57, 8 October 2013
Template:Article summary start Template:Article summary text Template:Article summary heading Template:Article summary wiki Template:Article summary end
systemd offers users the ability to run an instance of systemd to manage their session and services. This allows users to start, stop, enable, and disable units found within certain directories when systemd is run by the user. This is convenient for daemons and other services that are commonly run as a user other than root or a special user, such as mpd.
Setup since systemd 206
Since version 206, the mechanism for systemd user instances has changed. Now the pam_systemd.so module launches a user instance by default on the first login of an user, by starting user@.service. In its current state there are some differences with respect to previous systemd versions, that one must be aware of:
- The
systemd --userinstance runs outside of any user session. This is ok for running, saympd, but may be annoying if one tries to start a window manager from the systemd user instance. Then polkit will prevent from mounting usb's, rebooting, etc. as an unprivileged user, because the window manager is running outside of the active session. - The units in the user instance do not inherit any environment, so it must be set manually.
-
user-session@.servicefrom user-session-unitsAUR is obsolete now.
Steps to use user instance units:
1. Make sure the systemd user instance starts properly. You can check if it is there withsystemctl --user statusSince systemd 206 there should be a systemd user instance running by default, which is started in the
pam_systemd.so pam module for the first login of a user.
2. Add the environment variables you need, in a drop in config file for user@.service. At least it should contain the following
/etc/systemd/system/user@.service.d/environment.conf
[Service] Environment=DISPLAY=:0 Environment=XDG_RUNTIME_DIR=/run/user/%I Environment=SHELL=%s
3. Put all your user units in $HOME/.config/systemd/user. When the user instance starts, it launches the default target at $HOME/.config/systemd/user/default.target. After that, you can manage your user units with systemctl --user.
Setup
startx
Users should first set up systemd-logind to manage their session. If systemd is running as the system init daemon, then this is already happening.
Next, the user must launch systemd by putting the following in their ~/.xinitrc.
/usr/lib/systemd/systemd --userIf the user is not launching the window manager through /usr/lib/systemd/systemd --user, then
/usr/lib/systemd/systemd --user &should be used and launched like anything else in
~/.xinitrc, before execing the window manager.
After starting X, the user can check whether their session is now being managed by systemd-logind with the following command:
$ loginctl --no-pager show-session $XDG_SESSION_ID | grep Active
If this command prints Active=yes, then the user is now using systemd-logind to manage their session. The user should remove any instances of ck-launch-session or dbus-launch from their ~/.xinitrc, as those commands are unneeded.
Display Managers
All of the major display managers are now using systemd-logind by default, so the loginctl command from the previous section should work as stated. A user simply has to add /usr/lib/systemd/systemd --user as a program to be started by their desktop environment.
GNOME 3 (using GDM)
For users who wish to have GDM/GNOME 3 auto-start their /usr/lib/systemd/systemd --user session upon login, they just need to add a special log in session for this:
/usr/share/xsessions/gnome-systemd.desktop
[Desktop Entry] Type=Application Name=systemd Comment=Runs 'systemd' as a user instance. Exec=/usr/lib/systemd/systemd --user
Make sure to choose the systemd session option at the GDM login screen.
Using /usr/lib/systemd/systemd --user To Manage Your Session
Systemd has many amazing features, one of which is the ability to track programs using cgroups (by running systemctl status). While awesome for a pid 1 process to do, it is also extremely useful for users, and having it set up and initialize user programs, all the while tracking what is in each cgroup is even more amazing.
All of your systemd user units will go to $HOME/.config/systemd/user. These units take precedence over units in other systemd unit directories.
There are two packages you need to get this working, both currently available from the AUR: systemd-xorg-launch-helper-gitAUR and optionally, systemd-user-session-units-gitAUR if you want to have autologin working.
Next is setting up your targets. You should set up two, one for window manager and another as a default target. The window manager target should be populated like so:
$HOME/.config/systemd/user/wm.target
[Unit] Description=Window manager target Wants=xorg.target Wants=mystuff.target Requires=dbus.socket AllowIsolate=true [Install] Alias=default.target
This will be the target for your graphical interface.
Put together a second target called mystuff.target. All services but your window manager should contain a WantedBy line, under [Install], pointing at this unit.
$HOME/.config/systemd/user/mystuff.target
[Unit] Description=Xinitrc Stuff Wants=wm.target [Install] Alias=default.target
Create a symbolic link from this unit to default.target. When you start /usr/lib/systemd/systemd --user, it will start this target.
Next you need to begin writing services. First you should throw together a service for your window manager:
$HOME/.config/systemd/user/YOUR_WM.service
[Unit] Description=your window manager service Before=mystuff.target After=xorg.target Requires=xorg.target [Service] #Environment=PATH=uncomment:to:override:your:PATH ExecStart=/full/path/to/wm/executable Restart=always RestartSec=10 [Install] WantedBy=wm.target
You can fill your user unit directory with a plethora of services, including ones for mpd, gpg-agent, offlineimap, parcellite, pulse, tmux, urxvtd, xbindkeys and xmodmap to name a few.
To exit your session, use systemctl --user exit.
Auto-login
If you want to have systemd automatically log you in on boot, then you can use the unit in user-session-units to do so. Enabling a screen locker for will stop someone from booting your computer into a nice, logged in session.
Add this line to /etc/pam.d/login and /etc/pam.d/system-auth:
session required pam_systemd.so
Because user-session@.service starts on tty1, you will need to add Conflicts=getty@tty1.service to the service file, if it doesn't exist already. Alternately, you can have it run on tty7 instead by modifying TTYPath accordingly as well as the ExecStart line in xorg.service (cp /usr/lib/systemd/user/xorg.service /etc/systemd/user/ and make the modifications there).
Once this is done, systemctl --user enable YOUR_WM.service
One of the most important things you can add to the service files you will be writing is the use of Before= and After= in the [Unit] section. These two parts will determine the order things are started. Say you have a graphical application you want to start on boot, you would put After=xorg.target into your unit. Say you start ncmpcpp, which requires mpd to start, you can put After=mpd.service into your ncmpcpp unit. You will eventually figure out exactly how this needs to go either from experience or from reading the systemd manual pages. Starting with systemd.unit(5) is a good idea.
Other use cases
Persistent terminal multiplexer
You may wish your user session to default to running a terminal multiplexer, such as GNU Screen or Tmux, in the background rather than logging you into a window manager session. Separating login from X login is most likely only useful for those who boot to a TTY instead of to a display manager (in which case you can simply bundle everything you start in with myStuff.target).
To create this type of user session, procede as above, but instead of creating wm.target, create multiplexer.target:
[Unit] Description=Terminal multiplexer Documentation=info:screen man:screen(1) man:tmux(1) After=cruft.target Wants=cruft.target [Install] Alias=default.target
cruft.target, like mystuff.target above, should start anything you think should run before tmux or screen starts (or which you want started at boot regardless of timing), such as a GnuPG daemon session.
You then need to create a service for your multiplexer session. Here is a sample service, using tmux as an example and sourcing a gpg-agent session which wrote its information to /tmp/gpg-agent-info. This sample session, when you start X, will also be able to run X programs, since DISPLAY is set.
[Unit] Description=tmux: A terminal multiplixer Documentation=man:tmux(1) After=gpg-agent.service Wants=gpg-agent.service [Service] Type=forking ExecStart=/usr/bin/tmux start ExecStop=/usr/bin/tmux kill-server Environment=DISPLAY=:0 EnvironmentFile=/tmp/gpg-agent-info [Install] WantedBy=multiplexer.target
Once this is done, systemctl --user enable tmux.service, multiplexer.target and any services you created to be run by cruft.target and you should be set to go! Activated user-session@.service as described above, but be sure to remove the Conflicts=getty@tty1.service from user-session@.service, since your user session will not be taking over a TTY. Congratulations! You have a running terminal multiplexer and some other useful programs ready to start at boot!
Starting X
You have probably noticed that, since the terminal multiplexer is now default.target, X will not start automatically at boot. To start X, proceed as above, but do not activate or manually link to default.target wm.target. Instead, assuming you are booting to a terminal, we will simply be using a hack-ish workaround and masking /usr/bin/startx with a shell alias:
alias startx='systemctl --user start wm.target'
User Services
Users may now interact with units located in the following directories just as they would with system services (ordered by ascending precedence):
-
/usr/lib/systemd/user/ -
/etc/systemd/user/ -
~/.config/systemd/user/
To control the systemd instance, the user must use the command systemctl --user.
Installed by packages
A unit installed by a package that is meant to be run by a systemd user instance should install the unit to /usr/lib/systemd/user/. The system adminstration can then modify the unit by copying it to /etc/systemd/user/. A user can then modify the unit by copying it to ~/.config/systemd/user/.
Example
The following is an example of a user version of the mpd service.
mpd.service
[Unit] Description=Music Player Daemon [Service] ExecStart=/usr/bin/mpd --no-daemon [Install] WantedBy=default.target
Example with variables
The following is an example of a user version of sickbeard.service, which takes into account variable home directories where SickBeard can find certain files:
sickbeard.service
[Unit] Description=SickBeard Daemon [Service] ExecStart=/usr/bin/env python2 /opt/sickbeard/SickBeard.py --config %h/.sickbeard/config.ini --datadir %h/.sickbeard [Install] WantedBy=default.target
As detailed in man systemd.unit, the %h variable is replaced by the home directory of the user running the service. There are other variables that can be taken into account in the systemd manpages.
Note about X applications
Most X apps need a DISPLAY variable to run (so it's likely the first reason why your service files aren't starting), so you have to make sure to include it:
$HOME/.config/systemd/user/parcellite.service
[Unit] Description=Parcellite clipboard manager [Service] ExecStart=/usr/bin/parcellite Environment=DISPLAY=:0 # <= ! [Install] WantedBy=mystuff.target
A simpler way, if using user-session-unitsAUR, is to define it in user-session@yourloginname.service so it's inherited. Add Environment=DISPLAY=:0 to the [Service] section. Another helpful environment variable to set here is SHELL.
A cleaner way though, is to not hard code the DISPLAY environment variable (specially if you run more than on display):
$HOME/.config/systemd/user/x-app-template@.service
[Unit] Description=Your amazing and original description [Service] ExecStart=/full/path/to/the/app Environment=DISPLAY=%i # <= ! [Install] WantedBy=mystuff.target
Then you can run it with:
systemctl --user {start|enable} x-app@your-desired-display.service # <= :0 in most cases
Some X apps may not start up because the display socket is not available yet. This can be fixed by adding something like
$HOME/.config/systemd/user/x-app-template@.service
[Unit] After=xorg.target Requires=xorg.target ...
to your units (the xorg.target is part of xorg-launch-helperAUR).