systemd is a software suite that provides an array of system components for Linux[7] operating systems. The main aim is to unify service configuration and behavior across Linux distributions.[8] Its primary component is a "system and service manager" — an init system used to bootstrapuser space and manage user processes. It also provides replacements for various daemons and utilities, including device management, login management, network connection management, and event logging. The name systemd adheres to the Unix convention of naming daemons by appending the letter d.[9] It also plays on the term "System D", which refers to a person's ability to adapt quickly and improvise to solve problems.[10]
Since 2015, the majority of Linux distributions have adopted systemd, having replaced other init systems such as SysV init. It has been praised by developers and users of distributions that adopted it for providing a stable, fast out-of-the-box solution for issues that had existed in the Linux space for years.[11][12][13] At the time of adoption of systemd on most Linux distributions, it was the only software suite that offered reliable parallelism during boot as well as centralized management of processes, daemons, services and mount points.
Critics of systemd contend that it suffers from mission creep and bloat, the latter affecting other software (such as the GNOME desktop), adding dependencies on systemd, reducing its compatibility with other Unix-like operating systems and making it difficult for sysadmins to integrate alternative solutions. In addition, they contend that the complexity of systemd results in a larger attack surface, reducing the overall security of the platform.[14] Concerns have also been raised about Red Hat and its parent company IBM controlling the scene of init systems on Linux.[15][1]
History
Lennart Poettering and Kay Sievers, the software engineers then working for Red Hat who initially developed systemd,[2] started a project to replace Linux's conventional System V init in 2010.[16] An April 2010 blog post from Poettering, titled "Rethinking PID 1", introduced an experimental version of what would later become systemd.[17] They sought to surpass the efficiency of the init daemon in several ways. They wanted to improve the software framework for expressing dependencies, to allow more processes to run concurrently or in parallel during system booting, and to reduce the computational overhead of the shell.
In May 2011, Fedora Linux became the first major Linux distribution to enable systemd by default, replacing Upstart. The reasoning at the time was that systemd provided extensive parallelization during startup, better management of processes and overall a saner, dependency-based approach to control of the system.[18]
In October 2012, Arch Linux made systemd the default, switching from SysVinit.[19] Developers had debated since August 2012[13] and came to the conclusion that it was faster and had more features than SysVinit, and that maintaining the latter was not worth the effort in patches.[20] Some of them thought that the criticism towards the implementation of systemd was not based on actual shortcomings of the software, rather the disliking of Lennart from a part of the Linux community and the general hesitation for change. Specifically, some of the complaints regarding systemd not being programmed in bash, it being bigger and more extensive than SysVinit, the use of D-bus, and the optional on-disk format of the journal were regarded as advantages by programmers.[21]
Between October 2013 and February 2014, a long debate among the Debian Technical Committee occurred on the Debian mailing list,[22] discussing which init system to use as the default in Debian 8 "jessie", and culminating in a decision in favor of systemd. The debate was widely publicized[23][24] and in the wake of the decision the debate continues on the Debian mailing list. In February 2014, after Debian's decision was made, Mark Shuttleworth announced in his blog that Ubuntu would follow in implementing systemd, discarding its own Upstart.[25][26]
In November 2014, Debian Developer Joey Hess,[27] Debian Technical Committee members Russ Allbery[28] and Ian Jackson,[29] and systemd package-maintainer Tollef Fog Heen[30] resigned from their positions. All four justified their decision on the public Debian mailing list and in personal blogs with their exposure to extraordinary stress-levels related to ongoing disputes on systemd integration within the Debian and FOSS community that rendered regular maintenance virtually impossible.
In August 2015, systemd started providing a login shell, callable via machinectl shell.[31]
In September 2016, a security bug was discovered that allowed any unprivileged user to perform a denial-of-service attack against systemd.[32] Rich Felker, developer of musl, stated that this bug reveals a major "system development design flaw".[33] In 2017 another security bug was discovered in systemd, CVE-2017-9445, which "allows disruption of service" by a "malicious DNS server".[34][35] Later in 2017, the Pwnie Awards gave author Lennart Poettering a "lamest vendor response" award due to his handling of the vulnerabilities.[36]
Design
Poettering describes systemd development as "never finished, never complete, but tracking progress of technology". In May 2014, Poettering further described systemd as unifying "pointless differences between distributions", by providing the following three general functions:[39]
A system and service manager (manages both the system, by applying various configurations, and its services)
A software platform (serves as a basis for developing other software)
The glue between applications and the kernel (provides various interfaces that expose functionalities provided by the kernel)
systemd includes features like on-demand starting of daemons, snapshot support, process tracking[40] and Inhibitor Locks.[41] It is not just the name of the init daemon but also refers to the entire software bundle around it, which, in addition to the systemd init daemon, includes the daemons journald, logind and networkd, and many other low-level components. In January 2013, Poettering described systemd not as one program, but rather a large software suite that includes 69 individual binaries.[42] As an integrated software suite, systemd replaces the startup sequences and runlevels controlled by the traditional init daemon, along with the shell scripts executed under its control. systemd also integrates many other services that are common on Linux systems by handling user logins, the system console, device hotplugging (see udev), scheduled execution (replacing cron), logging, hostnames and locales.
Like the init daemon, systemd is a daemon that manages other daemons, which, including systemd itself, are background processes. systemd is the first daemon to start during booting and the last daemon to terminate during shutdown. The systemd daemon serves as the root of the user space's process tree; the first process (PID 1) has a special role on Unix systems, as it replaces the parent of a process when the original parent terminates. Therefore, the first process is particularly well suited for the purpose of monitoring daemons.
systemd executes elements of its startup sequence in parallel, which is theoretically faster than the traditional startup sequence approach.[43] For inter-process communication (IPC), systemd makes Unix domain sockets and D-Bus available to the running daemons. The state of systemd itself can also be preserved in a snapshot for future recall.
Core components and libraries
Following its integrated approach, systemd also provides replacements for various daemons and utilities, including the startup shell scripts, pm-utils, inetd, acpid, syslog, watchdog, cron and atd. systemd's core components include:
systemd is a system and service manager for Linux operating systems.
systemctl is a command to introspect and control the state of the systemd system and service manager. Not to be confused with sysctl.
systemd-analyze may be used to determine system boot-up performance statistics and retrieve other state and tracing information from the system and service manager.
systemd tracks processes using the Linux kernel's cgroups subsystem instead of using process identifiers (PIDs); thus, daemons cannot "escape" systemd, not even by double-forking. systemd not only uses cgroups, but also augments them with systemd-nspawn and machinectl, two utility programs that facilitate the creation and management of Linux containers.[44] Since version 205, systemd also offers ControlGroupInterface, which is an API to the Linux kernel cgroups.[45] The Linux kernel cgroups are adapted to support kernfs,[46] and are being modified to support a unified hierarchy.[47]
Ancillary components
Beside its primary purpose of providing a Linux init system, the systemd suite can provide additional functionality, including the following components:
journald
systemd-journald is a daemon responsible for eventlogging, with append-only binary files serving as its logfiles. The system administrator may choose whether to log system events with systemd-journald, syslog-ng or rsyslog. The potential for corruption of the binary format has led to much heated debate.[48]
libudev
libudev is the standard library for utilizing udev, which allows third-party applications to query udev resources.
systemd-logind is a daemon that manages user logins and seats in various ways. It is an integrated login manager that offers multiseat improvements[49] and replaces ConsoleKit, which is no longer maintained.[50] For X11 display managers the switch to logind requires a minimal amount of porting.[51] It was integrated in systemd version 30.
homed is a daemon that provides portable human-user accounts that are independent of current system configuration. homed moves various pieces of data such as UID/GID from various places across the filesystem into one file, ~/.identity. homed manages the user's home directory in various ways such as a plain directory, a btrfs subvolume, a Linux Unified Key Setup volume, an fscrypt directory, or mounted from an SMB server.
networkd
networkd is a daemon to handle the configuration of the network interfaces; in version 209, when it was first integrated, support was limited to statically assigned addresses and basic support for bridging configuration.[52][53][54][55][56] In July 2014, systemd version 215 was released, adding new features such as a DHCP server for IPv4 hosts, and VXLAN support.[57][58]networkctl may be used to review the state of the network links as seen by systemd-networkd.[59] Configuration of new interfaces has to be added under the /lib/systemd/network/ as a new file ending with .network extension.
resolved
provides network name resolution to local applications
systemd-boot
systemd-boot is a boot manager, formerly known as gummiboot. Kay Sievers merged it into systemd with rev 220.
systemd-nspawn may be used to run a command or OS in a namespace container.
timedated
systemd-timedated is a daemon that can be used to control time-related settings, such as the system time, system time zone, or selection between UTC and local time-zone system clock. It is accessible through D-Bus.[60] It was integrated in systemd version 30.
timesyncd
timesyncd is a client NTP daemon for synchronizing the system clock across the network.
tmpfiles
systemd-tmpfiles is a utility that takes care of creation and clean-up of temporary files and directories. It is normally run once at startup and then in specified intervals.
udevd
udev is a device manager for the Linux kernel, which handles the /dev directory and all user space actions when adding/removing devices, including firmware loading. In April 2012, the source tree for udev was merged into the systemd source tree.[61][62] In order to match the version number of udev, systemd maintainers bumped the version number directly from 44 to 183.[63]
On 29 May 2014, support for firmware loading through udev was dropped from systemd, as it was decided that the kernel should be responsible for loading firmware.[64]
systemd records initialization instructions for each daemon in a configuration file (referred to as a "unit file") that uses a declarative language, replacing the traditionally used per-daemon startup shell scripts. The syntax of the language is inspired by .ini files.[65]
While many distributions boot systemd by default, some allow other init systems to be used; in this case switching the init system is possible by installing the appropriate packages. A fork of Debian called Devuan was developed to avoid systemd[98][99] and has reached version 5.0 for stable usage. In December 2019, the Debian project voted in favour of retaining systemd as the default init system for the distribution, but with support for "exploring alternatives".[100]
Integration with other software
In the interest of enhancing the interoperability between systemd and the GNOME desktop environment, systemd coauthor Lennart Poettering asked the GNOME Project to consider making systemd an external dependency of GNOME 3.2.[101]
In November 2012, the GNOME Project concluded that basic GNOME functionality should not rely on systemd.[102] However, GNOME 3.8 introduced a compile-time choice between the logind and ConsoleKit API, the former being provided at the time only by systemd. Ubuntu provided a separate logind binary, but systemd became a de facto dependency of GNOME for most Linux distributions, in particular since ConsoleKit is no longer actively maintained and upstream recommends the use of systemd-logind instead.[103] The developers of Gentoo Linux also attempted to adapt these changes in OpenRC, but the implementation contained too many bugs, causing the distribution to mark systemd as a dependency of GNOME.[104][105]
GNOME has further integrated logind.[106] As of Mutter version 3.13.2, logind is a dependency for Wayland sessions.[107]
Reception
The design of systemd has ignited controversy within the free-software community. Critics regard systemd as overly complex and suffering from continued feature creep, arguing that its architecture violates the Unix philosophy. There is also concern that it forms a system of interlocked dependencies, thereby giving distribution maintainers little choice but to adopt systemd as more user-space software comes to depend on its components, which is similar to the problems created by PulseAudio, another of Lennart Poettering's projects.[108][109]
In a 2012 interview, Slackware's lead Patrick Volkerding expressed reservations about the systemd architecture, stating his belief that its design was contrary to the Unix philosophy of interconnected utilities with narrowly defined functionalities.[110] As of August 2018[update], Slackware does not support or use systemd, but Volkerding has not ruled out the possibility of switching to it.[111]
In January 2013, Lennart Poettering attempted to address concerns about systemd in a blog post called The Biggest Myths.[42]
In February 2014, musl's Rich Felker opined that PID 1 is too special to be saddled with additional responsibilities, believing that PID 1 should only be responsible for starting the rest of the init system and reaping zombie processes, and that the additional functionality added by systemd can be provided elsewhere and unnecessarily increases the complexity and attack surface of PID 1.[112]
In March 2014, Eric S. Raymond commented that systemd's design goals were prone to mission creep and software bloat.[113] In April 2014, Linus Torvalds expressed reservations about the attitude of Kay Sievers, a key systemd developer, toward users and bug reports in regard to modifications to the Linux kernel submitted by Sievers.[114] In late April 2014, a campaign to boycott systemd was launched, with a website listing various reasons against its adoption.[115][116]
In an August 2014 article published in InfoWorld, Paul Venezia wrote about the systemd controversy and attributed the controversy to violation of the Unix philosophy, and to "enormous egos who firmly believe they can do no wrong".[117] The article also characterizes the architecture of systemd as similar to that of svchost.exe, a critical system component in Microsoft Windows with a broad functional scope.[117]
In a September 2014 ZDNet interview, prominent Linux kernel developer Theodore Ts'o expressed his opinion that the dispute over systemd's centralized design philosophy, more than technical concerns, indicates a dangerous general trend toward uniformizing the Linux ecosystem, alienating and marginalizing parts of the open-source community, and leaving little room for alternative projects. He cited similarities with the attitude he found in the GNOME project toward non-standard configurations.[118] On social media, Ts'o also later compared the attitudes of Sievers and his co-developer, Lennart Poettering, to that of GNOME's developers.[119]
Forks and alternative implementations
Forks of systemd are closely tied to critiques of it outlined in the above section. Forks generally try to improve on at least one of portability (to other libcs and Unix-like systems), modularity, or size. A few forks have collaborated under the FreeInit banner.[120]
Forks of components
eudev
In 2012, the Gentoo Linux project created a fork of udev in order to avoid dependency on the systemd architecture. The resulting fork is called eudev and it makes udev functionality available without systemd.[121] A stated goal of the project is to keep eudev independent of any Linux distribution or init system.[122] In 2021, Gentoo announced that support of eudev would cease at the beginning of 2022. An independent group of maintainers have since taken up eudev.[123]
elogind
Elogind is the systemd project's "logind", extracted to be a standalone daemon. It integrates with PAM to know the set of users that are logged into a system and whether they are logged in graphically, on the console, or remotely. Elogind exposes this information via the standard org.freedesktop.login1 D-Bus interface, as well as through the file system using systemd's standard /run/systemd layout. Elogind also provides "libelogind", which is a subset of the facilities offered by "libsystemd". There is a "libelogind.pc" pkg-config file as well.[124]
Alternatives to components
ConsoleKit2
ConsoleKit was forked in October 2014 by Xfce developers wanting its features to still be maintained and available on operating systems other than Linux. While not ruling out the possibility of reviving the original repository in the long term, the main developer considers ConsoleKit2 a temporary necessity until systembsd matures.[125]
Abandoned forks
Fork of components
LoginKit
LoginKit was an attempt to implement a logind (systemd-logind) shim, which would allow packages that depend on systemd-logind to work without dependency on a specific init system.[126] The project has been defunct since February 2015.[127]
systembsd
In 2014, a Google Summer of Code project named "systembsd" was started in order to provide alternative implementations of these APIs for OpenBSD. The original project developer began it in order to ease his transition from Linux to OpenBSD.[128] Project development finished in July 2016.[129]
The systembsd project did not provide an init replacement, but aimed to provide OpenBSD with compatible daemons for hostnamed, timedated, localed, and logind. The project did not create new systemd-like functionality, and was only meant to act as a wrapper over the native OpenBSD system. The developer aimed for systembsd to be installable as part of the ports collection, not as part of a base system, stating that "systemd and *BSD differ fundamentally in terms of philosophy and development practices."[128]
notsystemd
Notsystemd intends to implement all systemd's features working on any init system.[130] It was forked by the Parabola GNU/Linux-libre developers to build packages with their development tools without the necessity of having systemd installed to run systemd-nspawn. Development ceased in July 2018.[131]
Fork including init system
uselessd
In 2014, uselessd was created as a lightweight fork of systemd. The project sought to remove features and programs deemed unnecessary for an init system, as well as address other perceived faults.[132] Project development halted in January 2015.[133]
uselessd supported the musl and μClibc libraries, so it may have been used on embedded systems, whereas systemd only supports glibc. The uselessd project had planned further improvements on cross-platform compatibility, as well as architectural overhauls and refactoring for the Linux build in the future.[134]
InitWare
InitWare is a modular refactor of systemd, porting the system to BSD platforms without glibc or Linux-specific system calls. It is known to work on DragonFly BSD, FreeBSD, NetBSD, and GNU/Linux. Components considered unnecessary are dropped.[135]
^systemd is supported in Gentoo as an alternative to OpenRC, the default init system[79] for those who "want to use systemd instead, or are planning to use Gnome 3.8 and later (which requires systemd)"[80]
^Missing functionality using init systems other than systemd[citation needed]
^Poettering, Lennart (21 April 2012), systemd Status Update, archived from the original on 23 April 2012, retrieved 28 April 2012
^"Rethinking PID 1". 30 April 2010. Archived from the original on 22 February 2022. Retrieved 20 August 2021. systemd uses many Linux-specific features, and does not limit itself to POSIX. That unlocks a lot of functionality a system that is designed for portability to other operating systems cannot provide.
^"systemd System and Service Manager". freedesktop.org. Archived from the original on 15 October 2020. Retrieved 19 March 2016. Yes, it is written systemd, not system D or System D, or even SystemD. And it isn't system d either. Why? Because it's a system daemon, and under Unix/Linux those are in lower case, and get suffixed with a lower case d.
^ abGaudreault, Stéphane (14 August 2012). "Migration to systemd". arch-dev-public (Mailing list). Archived from the original on 20 October 2020. Retrieved 15 November 2021.
^
Simmonds, Chris (2015). "9: Starting up - the init Program". Mastering Embedded Linux Programming. Packt Publishing Ltd. p. 239. ISBN9781784399023. Retrieved 20 June 2016. systemd defines itself as a system and service manager. The project was initiated in 2010 by Lennart Poettering and Kay Sievers to create an integrated set of tools for managing a Linux system including an init daemon.
^Lennart Poettering (30 April 2010). "Rethinking PID 1". Archived from the original on 15 January 2017. Retrieved 28 August 2010.
^Groot, Jan de (14 August 2012). "Migration to systemd". arch-dev-public (Mailing list). Archived from the original on 17 January 2022. Retrieved 11 November 2021.
^"CVE-2017-9445 Details", National Vulnerability Database, National Institute of Standards and Technology (U.S.), 6 July 2017, archived from the original on 6 July 2018, retrieved 6 July 2018
^"CVE-2017-9445", The Common Vulnerabilities and Exposures database, The Mitre Corporation, 5 June 2017, archived from the original on 6 July 2018, retrieved 6 July 2018
^Gundersen, Tom E. (25 September 2014). "The End of Linux". Archived from the original on 26 October 2014. Retrieved 25 October 2014. It certainly is not something that comes with systemd from upstream.
^Heo, Tejun (28 January 2014). "cgroup: convert to kernfs". linux-kernel (Mailing list). Archived from the original on 12 October 2018. Retrieved 24 May 2014.
^"timedated". freedesktop.org. Archived from the original on 11 October 2014. Retrieved 9 November 2014.
^Sievers, Kay. "The future of the udev source tree". vger.kernel.org/vger-lists.html#linux-hotplug linux-hotplug (Mailing list). Archived from the original on 16 February 2015. Retrieved 22 May 2013.
^"systemd.slice (5) - Linux Man Pages". Archived from the original on 19 February 2023. Retrieved 12 March 2018. ... a slice ... is a concept for hierarchically managing resources of a group of processes.
^"systemd.scope". FreeDesktop.org. Archived from the original on 27 July 2021. Retrieved 27 July 2021.
^"KNOPPIX 8.0 Die Antwort auf Systemd (German)". Archived from the original on 13 June 2018. Retrieved 13 June 2018. ...Knoppix 'boot process continues to run via Sys-V init with few bash scripts that start the system services efficiently sequentially or in parallel. (The original German text: Knoppix' Startvorgang läuft nach wie vor per Sys-V-Init mit wenigen Bash-Skripten, welche die Systemdienste effizient sequenziell oder parallel starten.)
^Peters, Frederic (4 November 2011). "20121104 meeting minutes". GNOME release-team (Mailing list). Archived from the original on 7 September 2014. Retrieved 14 January 2013.
^"ConsoleKit". Archived from the original on 18 October 2014. Retrieved 15 November 2014. ConsoleKit is currently not actively maintained. The focus has shifted to the built-in seat/user/session management of Software/systemd called systemd-logind!
^Basile, Anthony G. (24 August 2021). "eudev retirement on 2022-01-01". Repository news items. Gentoo Linux. Archived from the original on 30 June 2022. Retrieved 14 June 2022.