systemd-system.conf, system.conf.d, systemd-user.conf, user.conf.d — System and session service manager configuration files
When run as a system instance, systemd interprets the configuration file
system.conf and the files in
system.conf.d directories; when
run as a user instance, it interprets the configuration file
user.conf (either in
the home directory of the user, or if not found, under
/etc/systemd/) and the files
user.conf.d directories. These configuration files contain a few settings
controlling basic manager operations.
See systemd.syntax(7) for a general description of the syntax.
The default configuration is set during compilation, so configuration is only needed when it is
necessary to deviate from those defaults. Initially, the main configuration file in
/etc/systemd/ contains commented out entries showing the defaults as a guide to the
administrator. Local overrides can be created by editing this file or by creating drop-ins, as described
below. Using drop-ins for local configuration is recommended over modifications to the main configuration
In addition to the "main" configuration file, drop-in configuration snippets are read from
/etc/systemd/*.conf.d/. Those drop-ins have higher precedence and override the
main configuration file. Files in the
*.conf.d/ configuration subdirectories are
sorted by their filename in lexicographic order, regardless of in which of the subdirectories they
reside. When multiple files specify the same option, for options which accept just a single value, the
entry in the file sorted last takes precedence, and for options which accept a list of values, entries
are collected as they occur in the sorted files.
When packages need to customize the configuration, they can install drop-ins under
/usr/. Files in
/etc/ are reserved for the local administrator,
who may use this logic to override the configuration files installed by vendor packages. Drop-ins have to
be used to override package drop-ins, since the main configuration file has lower precedence. It is
recommended to prefix all filenames in those subdirectories with a two-digit number and a dash, to
simplify the ordering of the files.
To disable a configuration file supplied by the vendor, the recommended way is to place a symlink
/dev/null in the configuration directory in
/etc/, with the
same filename as the vendor configuration file.
All options are configured in the [Manager] section:
Configures various parameters of basic manager operation. These options may be overridden by the respective process and kernel command line arguments. See systemd(1) for details.
Defines what action will be performed
if user presses Ctrl-Alt-Delete more than 7 times in 2s.
Can be set to "
or disabled with "
none". Defaults to
Configures the CPU affinity for the service manager as well as the default CPU
affinity for all forked off processes. Takes a list of CPU indices or ranges separated by either
whitespace or commas. CPU ranges are specified by the lower and upper CPU indices separated by a
dash. This option may be specified more than once, in which case the specified CPU affinity masks are
merged. If the empty string is assigned, the mask is reset, all assignments prior to this will have
no effect. Individual services may override the CPU affinity for their processes with the
CPUAffinity= setting in unit files, see
Configures the NUMA memory policy for the service manager and the default NUMA memory policy
for all forked off processes. Individual services may override the default policy with the
NUMAPolicy= setting in unit files, see
Configures the NUMA node mask that will be associated with the selected NUMA policy. Note that
local NUMA policies don't require explicit NUMA node mask and
value of the option can be empty. Similarly to
NUMAPolicy=, value can be overridden
by individual services in unit files, see
Configure the hardware watchdog at runtime and at reboot. Takes a timeout value in seconds (or
in other time units if suffixed with "
RuntimeWatchdogSec= is set to a non-zero
value, the watchdog hardware (
/dev/watchdog or the path specified with
WatchdogDevice= or the kernel option
systemd.watchdog-device=) will be
programmed to automatically reboot the system if it is not contacted within the specified timeout interval. The
system manager will ensure to contact it at least once in half the specified timeout interval. This feature
requires a hardware watchdog device to be present, as it is commonly the case in embedded and server
systems. Not all hardware watchdogs allow configuration of all possible reboot timeout values, in which case
the closest available timeout is picked.
RebootWatchdogSec= may be used to configure the
hardware watchdog when the system is asked to reboot. It works as a safety net to ensure that the reboot takes
place even if a clean reboot attempt times out. Note that the
applies only to the second phase of the reboot, i.e. after all regular services are already terminated, and
after the system and service manager process (PID 1) got replaced by the
binary, see system bootup(7)
for details. During the first phase of the shutdown operation the system and service manager remains running
RuntimeWatchdogSec= is still honoured. In order to define a timeout on this first
phase of system shutdown, configure
in the [Unit] section of the
shutdown.target unit. By default
RuntimeWatchdogSec= defaults to 0 (off), and
KExecWatchdogSec= may be used to additionally enable the watchdog when kexec
is being executed rather than when rebooting. Note that if the kernel does not reset the watchdog on kexec (depending
on the specific hardware and/or driver), in this case the watchdog might not get disabled after kexec succeeds
and thus the system might get rebooted, unless
RuntimeWatchdogSec= is also enabled at the same time.
For this reason it is recommended to enable
KExecWatchdogSec= only if
RuntimeWatchdogSec= is also enabled.
These settings have no effect if a hardware watchdog is not available.
Configure the hardware watchdog device that the
runtime and shutdown watchdog timers will open and use. Defaults
/dev/watchdog. This setting has no
effect if a hardware watchdog is not available.
Controls which capabilities to include in the
capability bounding set for PID 1 and its children. See
for details. Takes a whitespace-separated list of capability
names as read by
Capabilities listed will be included in the bounding set, all
others are removed. If the list of capabilities is prefixed
with ~, all but the listed capabilities will be included, the
effect of the assignment inverted. Note that this option also
affects the respective capabilities in the effective,
permitted and inheritable capability sets. The capability
bounding set may also be individually configured for units
for units, but note that capabilities dropped for PID 1 cannot
be regained in individual units, they are lost for
Takes a boolean argument. If true, ensures that PID 1 and all its children can never gain new privileges through execve(2) (e.g. via setuid or setgid bits, or filesystem capabilities). Defaults to false. General purpose distributions commonly rely on executables with setuid or setgid bits and will thus not function properly with this option enabled. Individual units cannot disable this option. Also see No New Privileges Flag.
Takes a space-separated list of architecture
identifiers. Selects from which architectures system calls may
be invoked on this system. This may be used as an effective
way to disable invocation of non-native binaries system-wide,
for example to prohibit execution of 32-bit x86 binaries on
64-bit x86-64 systems. This option operates system-wide, and
acts similar to the
SystemCallArchitectures= setting of unit
for details. This setting defaults to the empty list, in which
case no filtering of system calls based on architecture is
applied. Known architecture identifiers are
arm" and the special
native". The latter implicitly
maps to the native architecture of the system (or more
specifically, the architecture the system manager was compiled
for). Set this setting to "
prohibit execution of any non-native binaries. When a binary
executes a system call of an architecture that is not listed
in this setting, it will be immediately terminated with the
Sets the timer slack in nanoseconds for PID 1,
which is inherited by all executed processes, unless
overridden individually, for example with the
TimerSlackNSec= setting in service units
(for details see
The timer slack controls the accuracy of wake-ups triggered by
system timers. See
for more information. Note that in contrast to most other time
span definitions this parameter takes an integer value in
nano-seconds if no unit is specified. The usual time units are
description as the value. If
name, the system manager will use unit names in status messages, instead of the
longer and more informative descriptions set with
Sets the default accuracy of timer units. This
controls the global default for the
AccuracySec= setting of timer units, see
AccuracySec= set in individual
units override the global default for the specific unit.
Defaults to 1min. Note that the accuracy of timer units is
also affected by the configured timer slack for PID 1, see
Configures the default timeouts for starting,
stopping and aborting of units, as well as the default time to sleep
between automatic restarts of units, as configured per-unit in
RestartSec= (for services, see
for details on the per-unit settings). Disabled by default, when
Type=oneshot is used.
For non-service units,
DefaultTimeoutStartSec= sets the default
DefaultTimeoutStopSec= default to
DefaultTimeoutAbortSec= is not set by default
so that all units fall back to
DefaultRestartSec= defaults to
Configure the default unit start rate
limiting, as configured per-service by
for details on the per-service settings.
DefaultStartLimitIntervalSec= defaults to
DefaultStartLimitBurst= defaults to
Configures environment variables passed to all executed processes. Takes a space-separated list of variable assignments. See environ(7) for details about environment variables.
DefaultEnvironment="VAR1=word1 word2" VAR2=word3 "VAR3=word 5 6"
Sets three variables
Takes the same arguments as
DefaultEnvironment=, see above. Sets
environment variables just for the manager process itself. These variables are not inherited by
processes spawned by the service manager, use
DefaultEnvironment= for that. Note
that these variables are merged into the existing environment block. In particular, in case of the
system manager, this includes variables set by the kernel based on the kernel command line.
Setting environment variables for the manager process may be useful to modify its behaviour. See ENVIRONMENT for a descriptions of some variables understood by systemd.
Configure the default resource accounting settings, as configured per-unit by
for details on the per-unit settings.
DefaultTasksAccounting= defaults to yes,
DefaultMemoryAccounting= to yes.
defaults to yes if enabling CPU accounting doesn't require the CPU controller to be enabled (Linux 4.15+ using the
unified hierarchy for resource control), otherwise it defaults to no. The other three settings default to no.
Configure the default value for the per-unit
TasksMax= setting. See
for details. This setting applies to all unit types that support resource control settings, with the exception
of slice units. Defaults to 15% of the minimum of
and root cgroup
Kernel has a default value for
kernel.pid_max= and an algorithm of counting in case of more than 32 cores.
For example with the default
DefaultTasksMax= defaults to 4915,
but might be greater in other systems or smaller in OS containers.
These settings control various default resource limits for processes executed by
details. These settings may be overridden in individual units using the corresponding
LimitXXX= directives and they accept the same parameter syntax,
for details. Note that these resource limits are only defaults
for units, they are not applied to the service manager process (i.e. PID 1) itself.
Configure the default policy for reacting to processes being killed by the Linux
Out-Of-Memory (OOM) killer. This may be used to pick a global default for the per-unit
OOMPolicy= setting. See
for details. Note that this default is not used for services that have