systemd is a
software suite that provides an array of system components for
Linux[7] operating systems. The main aim is to unify service configuration and behavior across
Linux distributions.[8] Its primary component is a "system and service manager" – an
init system used to
bootstrapuser space and manage
user processes. It also provides replacements for various
daemons and utilities, including device management, login management, network connection management, and event logging. The name systemd adheres to the
Unix convention of naming daemons by appending the letter d.[9] It also plays on the term "
System D", which refers to a person's ability to adapt quickly and improvise to solve problems.[10]
Since 2015, the majority of Linux distributions have adopted systemd, having replaced other init systems such as
SysV init. It has been praised by developers and users of distributions that adopted it for providing a stable, fast out-of-the-box solution for issues that had existed in the Linux space for years.[11][12][13] At the time of adoption of systemd on most Linux distributions, it was the only software suite that offered reliable
parallelism during boot as well as centralized management of
processes, daemons, services and
mount points.
Critics of systemd contend that it suffers from
mission creep and
bloat, the latter affecting other software (such as the
GNOME desktop), adding dependencies on systemd, reducing its compatibility with other
Unix-like operating systems and making it difficult for sysadmins to integrate alternative solutions. In addition, they contend that the complexity of systemd results in a larger
attack surface, reducing the overall security of the platform.[14] Concerns have also been raised about
Red Hat and its parent company
IBM controlling the scene of init systems on Linux.[15][1]
History
Lennart Poettering and
Kay Sievers, the
software engineers then working for
Red Hat who initially developed systemd,[2] started a project to replace Linux's conventional System V init in 2010.[16] An April 2010 blog post from Poettering, titled "Rethinking PID 1", introduced an experimental version of what would later become systemd.[17] They sought to surpass the efficiency of the
init daemon in several ways. They wanted to improve the
software framework for expressing dependencies, to allow more processing to be done
concurrently or in
parallel during system
booting, and to reduce the
computational overhead of the
shell.
In May 2011
Fedora Linux became the first major Linux distribution to enable systemd by default, replacing
Upstart. The reasoning at the time was that systemd provided extensive parallelization during startup, better management of processes and overall a saner, dependency-based approach to control of the system.[18]
In October 2012,
Arch Linux made systemd the default, switching from
SysVinit.[19] Developers had debated since August 2012[13] and came to the conclusion that it was faster and had more features than SysVinit, and that maintaining the latter was not worth the effort in patches.[20] Some of them thought that the criticism towards the implementation of systemd was not based on actual shortcomings of the software, rather the disliking of Lennart from a part of the Linux community and the general hesitation for change. Specifically, some of the complaints regarding systemd not being programmed in bash, it being bigger and more extensive than SysVinit, the use of
D-bus, and the optional on-disk format of the journal were regarded as advantages by programmers.[21]
Between October 2013 and February 2014, a long debate among the Debian Technical Committee occurred on the
Debian mailing list,[22] discussing which init system to use as the default in Debian 8 "jessie", and culminating in a decision in favor of systemd. The debate was widely publicized[23][24] and in the wake of the decision the debate continues on the Debian mailing list. In February 2014, after Debian's decision was made,
Mark Shuttleworth announced on his blog that
Ubuntu would follow in implementing systemd, discarding its own
Upstart.[25][26]
In November 2014 Debian Developer Joey Hess,[27] Debian Technical Committee members Russ Allbery[28] and
Ian Jackson,[29] and systemd package-maintainer Tollef Fog Heen[30] resigned from their positions. All four justified their decision on the public Debian mailing list and in personal blogs with their exposure to extraordinary stress-levels related to ongoing disputes on systemd integration within the Debian and
FOSS community that rendered regular maintenance virtually impossible.
In August 2015 systemd started providing a login shell, callable via machinectl shell.[31]
In September 2016, a
security bug was discovered that allowed any unprivileged user to perform a denial-of-service attack against systemd.[32] Rich Felker, developer of
musl, stated that this bug reveals a major "system development design flaw".[33] In 2017 another security bug was discovered in systemd,
CVE-
2017-9445, which "allows disruption of service" by a "malicious DNS server".[34][35] Later in 2017, the
Pwnie Awards gave author Lennart Poettering a "lamest vendor response" award due to his handling of the vulnerabilities.[36]
Design
Poettering describes systemd development as "never finished, never complete, but tracking progress of technology". In May 2014, Poettering further described systemd as unifying "pointless differences between distributions", by providing the following three general functions:[39]
A system and service manager (manages both the system, by applying various configurations, and its services)
A
software platform (serves as a basis for developing other software)
The glue between
applications and the
kernel (provides various interfaces that expose functionalities provided by the kernel)
systemd includes features like on-demand starting of daemons, snapshot support, process tracking[40] and Inhibitor Locks.[41] It is not just the name of the init daemon but also refers to the entire software bundle around it, which, in addition to the systemd init daemon, includes the daemons journald, logind and networkd, and many other low-level components. In January 2013, Poettering described systemd not as one program, but rather a large software suite that includes 69 individual binaries.[42] As an integrated
software suite, systemd replaces the
startup sequences and
runlevels controlled by the traditional init daemon, along with the
shell scripts executed under its control. systemd also integrates many other services that are common on Linux systems by handling user logins, the
system console, device hotplugging (see
udev), scheduled execution (replacing
cron), logging, hostnames and locales.
Like the init daemon, systemd is a daemon that manages other daemons, which, including systemd itself, are
background processes. systemd is the first daemon to start during
booting and the last daemon to terminate during
shutdown. The systemd daemon serves as the root of the user space's
process tree; the first process (
PID 1) has a special role on Unix systems, as it replaces the parent of a process when the original parent terminates. Therefore, the first process is particularly well suited for the purpose of monitoring daemons.
systemd executes elements of its startup sequence in parallel, which is theoretically faster than the traditional startup sequence approach.[43] For
inter-process communication (IPC), systemd makes
Unix domain sockets and
D-Bus available to the running daemons. The state of systemd itself can also be preserved in a
snapshot for future recall.
Core components and libraries
Following its integrated approach, systemd also provides replacements for various daemons and utilities, including the startup shell scripts, pm-utils,
inetd, acpid,
syslog, watchdog,
cron and atd. systemd's core components include the following:
systemd is a system and service manager for Linux operating systems.
systemctl is a command to introspect and control the state of the systemd system and service manager. Not to be confused with
sysctl.
systemd-analyze may be used to determine system boot-up performance statistics and retrieve other state and tracing information from the system and service manager.
systemd tracks processes using the Linux kernel's
cgroups subsystem instead of using
process identifiers (PIDs); thus, daemons cannot "escape" systemd, not even by double-
forking. systemd not only uses cgroups, but also augments them with systemd-nspawn and machinectl, two utility programs that facilitate the creation and management of
Linux containers.[44] Since version 205, systemd also offers ControlGroupInterface, which is an API to the Linux kernel cgroups.[45] The Linux kernel cgroups are adapted to support
kernfs,[46] and are being modified to support a unified hierarchy.[47]
Ancillary components
Beside its primary purpose of providing a Linux init system, the systemd suite can provide additional functionality, including the following components:
journald
systemd-journald is a daemon responsible for
eventlogging, with append-only
binary files serving as its
logfiles. The
system administrator may choose whether to log system events with systemd-journald, syslog-ng or rsyslog. The potential for corruption of the binary format has led to much heated debate.[48]
libudev
libudev is the standard library for utilizing udev, which allows third-party applications to query udev resources.
systemd-logind is a daemon that manages user logins and seats in various ways. It is an integrated login manager that offers
multiseat improvements[49] and replaces ConsoleKit, which is no longer maintained.[50] For
X11 display managers the switch to logind requires a minimal amount of porting.[51] It was integrated in systemd version 30.
homed is a daemon that provides portable human-user accounts that are independent of current system configuration. homed moves various pieces of data such as UID/GID from various places across the filesystem into one file, ~/.identity. homed manages the user's home directory in various ways such as a plain directory, a
btrfs subvolume, a
Linux Unified Key Setup volume, an fscrypt directory, or mounted from an
SMB server.
networkd
networkd is a daemon to handle the configuration of the network interfaces; in version 209, when it was first integrated, support was limited to statically assigned addresses and basic support for
bridging configuration.[52][53][54][55][56] In July 2014, systemd version 215 was released, adding new features such as a
DHCP server for
IPv4 hosts, and
VXLAN support.[57][58]networkctl may be used to review the state of the network links as seen by systemd-networkd.[59] Configuration of new interfaces has to be added under the /lib/systemd/network/ as a new file ending with .network extension.
resolved
provides network name resolution to local applications
systemd-boot
systemd-boot is a boot manager, formerly known as
gummiboot. Kay Sievers merged it into systemd with rev 220.
systemd-nspawn may be used to run a command or OS in a namespace container.
timedated
systemd-timedated is a daemon that can be used to control time-related settings, such as the system time, system
time zone, or selection between
UTC and local time-zone system clock. It is accessible through D-Bus.[60] It was integrated in systemd version 30.
timesyncd
is a client
NTP daemon for synchronizing the system clock across the network.
tmpfiles
systemd-tmpfiles is a utility that takes care of creation and clean-up of temporary files and directories. It is normally run once at startup and then in specified intervals.
udevd
udev is a device manager for the
Linux kernel, which handles the /dev directory and all
user space actions when adding/removing devices, including
firmware loading. In April 2012, the
source tree for udev was
merged into the systemd source tree.[61][62] In order to match the version number of udev, systemd maintainers bumped the version number directly from 44 to 183.[63]
On 29 May 2014, support for firmware loading through udev was dropped from systemd, as it was decided that the kernel should be responsible for loading firmware.[64]
systemd records initialization instructions for each daemon in a
configuration file (referred to as a "unit file") that uses a
declarative language, replacing the traditionally used per-daemon startup
shell scripts. The syntax of the language is inspired by
.ini files.[65]
While many distributions boot systemd by default, some allow other init systems to be used; in this case switching the init system is possible by installing the appropriate packages. A
fork of Debian called
Devuan was developed to avoid systemd[98][99] and has reached version 4.0 for stable usage. In December 2019, the Debian project voted in favour of retaining systemd as the default init system for the distribution, but with support for "exploring alternatives".[100]
Integration with other software
In the interest of enhancing the interoperability between systemd and the
GNOME desktop environment, systemd coauthor Lennart Poettering asked
the GNOME Project to consider making systemd an external
dependency of GNOME 3.2.[101]
In November 2012, the GNOME Project concluded that basic GNOME functionality should not rely on systemd.[102] However, GNOME 3.8 introduced a compile-time choice between the logind and ConsoleKit API, the former being provided at the time only by systemd. Ubuntu provided a separate logind binary but systemd became a de facto dependency of GNOME for most
Linux distributions, in particular since ConsoleKit is no longer actively maintained and upstream recommends the use of systemd-logind instead.[103] The developers of
Gentoo Linux also attempted to adapt these changes in
OpenRC, but the implementation contained too many bugs, causing the distribution to mark systemd as a dependency of GNOME.[104][105]
GNOME has further integrated logind.[106] As of
Mutter version 3.13.2, logind is a dependency for
Wayland sessions.[107]
Reception
The design of systemd has ignited controversy within the
free-software community. Critics regard systemd as overly complex and suffering from continued
feature creep, arguing that its architecture violates the
Unix philosophy. There is also concern that it forms a system of interlocked dependencies, thereby giving distribution maintainers little choice but to adopt systemd as more user-space software comes to depend on its components, which is similar to the problems created by
PulseAudio, another project which was also developed by Lennart Poettering.[108][109]
In a 2012 interview,
Slackware's lead
Patrick Volkerding expressed reservations about the systemd architecture, stating his belief that its design was contrary to the Unix philosophy of interconnected utilities with narrowly defined functionalities.[110] As of August 2018[update], Slackware does not support or use systemd, but Volkerding has not ruled out the possibility of switching to it.[111]
In January 2013, Lennart Poettering attempted to address concerns about systemd in a blog post called The Biggest Myths.[42]
In February 2014,
musl's Rich Felker opined that
PID 1 is too special to be saddled with additional responsibilities, believing that PID 1 should only be responsible for starting the rest of the init system and reaping
zombie processes, and that the additional functionality added by systemd can be provided elsewhere and unnecessarily increases the complexity and attack surface of PID 1.[112]
In March 2014
Eric S. Raymond commented that systemd's design goals were prone to
mission creep and
software bloat.[113] In April 2014,
Linus Torvalds expressed reservations about the attitude of
Kay Sievers, a key systemd developer, toward users and bug reports in regard to modifications to the Linux kernel submitted by Sievers.[114] In late April 2014 a campaign to boycott systemd was launched, with a website listing various reasons against its adoption.[115][116]
In an August 2014 article published in InfoWorld, Paul Venezia wrote about the systemd controversy and attributed the controversy to violation of the Unix philosophy, and to "enormous egos who firmly believe they can do no wrong".[117] The article also characterizes the architecture of systemd as similar to that of
svchost.exe, a critical system component in
Microsoft Windows with a broad functional scope.[117]
In a September 2014
ZDNet interview, prominent Linux kernel developer
Theodore Ts'o expressed his opinion that the dispute over systemd's centralized design philosophy, more than technical concerns, indicates a dangerous general trend toward uniformizing the Linux ecosystem, alienating and marginalizing parts of the open-source community, and leaving little room for alternative projects. He cited similarities with the attitude he found in the GNOME project toward non-standard configurations.[118] On social media, Ts'o also later compared the attitudes of Sievers and his co-developer, Lennart Poettering, to that of GNOME's developers.[119]
Forks and alternative implementations
Forks of systemd are closely tied to critiques of it outlined in the above section. Forks generally try to improve on at least one of portability (to other libcs and Unix-like systems), modularity, or size. A few forks have collaborated under the FreeInit banner.[120]
Forks of components
eudev
In 2012, the
Gentoo Linux project created a
fork of
udev in order to avoid dependency on the systemd architecture. The resulting fork is called eudev and it makes udev functionality available without systemd.[121] A stated goal of the project is to keep eudev independent of any Linux distribution or init system.[122] In 2021, Gentoo announced that support of eudev would cease at the beginning of 2022. An independent group of maintainers have since taken up eudev.[123]
elogind
Elogind is the systemd project's "logind", extracted to be a standalone daemon. It integrates with PAM to know the set of users that are logged into a system and whether they are logged in graphically, on the console, or remotely. Elogind exposes this information via the standard org.freedesktop.login1
D-Bus interface, as well as through the file system using systemd's standard /run/systemd layout. Elogind also provides "libelogind", which is a subset of the facilities offered by "libsystemd". There is a "libelogind.pc"
pkg-config file as well.[124]
Alternatives to components
ConsoleKit2
ConsoleKit was forked in October 2014 by
Xfce developers wanting its features to still be maintained and available on operating systems other than Linux. While not ruling out the possibility of reviving the original repository in the long term, the main developer considers ConsoleKit2 a temporary necessity until systembsd matures.[125]
Abandoned forks
Fork of components
LoginKit
LoginKit was an attempt to implement a logind (systemd-logind)
shim, which would allow packages that depend on systemd-logind to work without dependency on a specific init system.[126] The project has been defunct since February 2015.[127]
systembsd
In 2014, a
Google Summer of Code project named "systembsd" was started in order to provide alternative implementations of these APIs for
OpenBSD. The original project developer began it in order to ease his transition from Linux to OpenBSD.[128] Project development finished in July 2016.[129]
The systembsd project did not provide an init replacement, but aimed to provide OpenBSD with compatible daemons for hostnamed, timedated, localed, and logind. The project did not create new systemd-like functionality, and was only meant to act as a wrapper over the native OpenBSD system. The developer aimed for systembsd to be installable as part of the
ports collection, not as part of a base system, stating that "systemd and *BSD differ fundamentally in terms of philosophy and development practices."[128]
notsystemd
Notsystemd intends to implement all systemd's features working on any init system.[130] It was forked by the
Parabola GNU/Linux-libre developers to build packages with their development tools without the necessity of having systemd installed to run systemd-nspawn. Development ceased in July 2018.[131]
Fork including init system
uselessd
In 2014, uselessd was created as a lightweight fork of systemd. The project sought to remove features and programs deemed unnecessary for an init system, as well as address other perceived faults.[132] Project development halted in January 2015.[133]
uselessd supported the
musl and
μClibc libraries, so it may have been used on
embedded systems, whereas systemd only supports
glibc. The uselessd project had planned further improvements on cross-platform compatibility, as well as architectural overhauls and refactoring for the Linux build in the future.[134]
InitWare
InitWare is a modular refactor of systemd, porting the system to BSD platforms without glibc or Linux-specific system calls. It is known to work on DragonFly BSD, FreeBSD, NetBSD, and GNU/Linux. Components considered unnecessary are dropped.[135]
^systemd is supported in Gentoo as an alternative to OpenRC, the default init system[79] for those who "want to use systemd instead, or are planning to use Gnome 3.8 and later (which requires systemd)"[80]
^Missing functionality using init systems other than systemd[citation needed]
^Poettering, Lennart (21 April 2012),
systemd Status Update,
archived from the original on 23 April 2012, retrieved 28 April 2012
^"Rethinking PID 1". 30 April 2010.
Archived from the original on 22 February 2022. Retrieved 20 August 2021. systemd uses many Linux-specific features, and does not limit itself to POSIX. That unlocks a lot of functionality a system that is designed for portability to other operating systems cannot provide.
^"systemd System and Service Manager". freedesktop.org.
Archived from the original on 15 October 2020. Retrieved 19 March 2016. Yes, it is written systemd, not system D or System D, or even SystemD. And it isn't system d either. Why? Because it's a system daemon, and under Unix/Linux those are in lower case, and get suffixed with a lower case d.
^
abGaudreault, Stéphane (14 August 2012).
"Migration to systemd". arch-dev-public (Mailing list).
Archived from the original on 20 October 2020. Retrieved 15 November 2021.
^
Simmonds, Chris (2015). "9: Starting up - the init Program".
Mastering Embedded Linux Programming. Packt Publishing Ltd. p. 239.
ISBN9781784399023. Retrieved 20 June 2016. systemd defines itself as a system and service manager. The project was initiated in 2010 by Lennart Poettering and Kay Sievers to create an integrated set of tools for managing a Linux system including an init daemon.
^Lennart Poettering (30 April 2010).
"Rethinking PID 1".
Archived from the original on 15 January 2017. Retrieved 28 August 2010.
^Groot, Jan de (14 August 2012).
"Migration to systemd". arch-dev-public (Mailing list).
Archived from the original on 17 January 2022. Retrieved 11 November 2021.
^"CVE-2017-9445 Details", National Vulnerability Database, National Institute of Standards and Technology (U.S.), 6 July 2017,
archived from the original on 6 July 2018, retrieved 6 July 2018
^"CVE-2017-9445", The Common Vulnerabilities and Exposures database, The Mitre Corporation, 5 June 2017,
archived from the original on 6 July 2018, retrieved 6 July 2018
^Gundersen, Tom E. (25 September 2014).
"The End of Linux".
Archived from the original on 26 October 2014. Retrieved 25 October 2014. It certainly is not something that comes with systemd from upstream.
^Heo, Tejun (28 January 2014).
"cgroup: convert to kernfs". linux-kernel (Mailing list).
Archived from the original on 12 October 2018. Retrieved 24 May 2014.
^"timedated". freedesktop.org.
Archived from the original on 11 October 2014. Retrieved 9 November 2014.
^Sievers, Kay.
"The future of the udev source tree". vger.kernel.org/vger-lists.html#linux-hotplug linux-hotplug (Mailing list).
Archived from the original on 16 February 2015. Retrieved 22 May 2013.
^"systemd.slice (5) - Linux Man Pages".
Archived from the original on 19 February 2023. Retrieved 12 March 2018. ... a slice ... is a concept for hierarchically managing resources of a group of processes.
^"systemd.scope". FreeDesktop.org.
Archived from the original on 27 July 2021. Retrieved 27 July 2021.
^"KNOPPIX 8.0 Die Antwort auf Systemd (German)". Archived from
the original on 13 June 2018. Retrieved 13 June 2018. ...Knoppix 'boot process continues to run via Sys-V init with few bash scripts that start the system services efficiently sequentially or in parallel. (The original German text: Knoppix' Startvorgang läuft nach wie vor per Sys-V-Init mit wenigen Bash-Skripten, welche die Systemdienste effizient sequenziell oder parallel starten.)
^Peters, Frederic (4 November 2011).
"20121104 meeting minutes". GNOME release-team (Mailing list).
Archived from the original on 7 September 2014. Retrieved 14 January 2013.
^"ConsoleKit".
Archived from the original on 18 October 2014. Retrieved 15 November 2014. ConsoleKit is currently not actively maintained. The focus has shifted to the built-in seat/user/session management of Software/systemd called systemd-logind!
^Basile, Anthony G. (24 August 2021).
"eudev retirement on 2022-01-01". Repository news items. Gentoo Linux.
Archived from the original on 30 June 2022. Retrieved 14 June 2022.