8.75. Systemd-255

The systemd package contains programs for controlling the startup, running, and shutdown of the system.

Approximate build time: 0.7 SBU
Required disk space: 247 MB

8.75.1. Installation of systemd

Remove two unneeded groups, render and sgx, from the default udev rules:

sed -i -e 's/GROUP="render"/GROUP="video"/' \
       -e 's/GROUP="sgx", //' rules.d/50-udev-default.rules.in

Now fix a security vulnerability in the DNSSEC verification of systemd-resolved and a bug breaking running systemd-analyze verify on an instantiated systemd unit:

patch -Np1 -i ../systemd-255-upstream_fixes-1.patch

Prepare systemd for compilation:

mkdir -p build
cd       build

meson setup \
      --prefix=/usr                 \
      --buildtype=release           \
      -Ddefault-dnssec=no           \
      -Dfirstboot=false             \
      -Dinstall-tests=false         \
      -Dldconfig=false              \
      -Dsysusers=false              \
      -Drpmmacrosdir=no             \
      -Dhomed=disabled              \
      -Duserdb=false                \
      -Dman=disabled                \
      -Dmode=release                \
      -Dpamconfdir=no               \
      -Ddev-kvm-mode=0660           \
      -Dnobody-group=nogroup        \
      -Dsysupdate=disabled          \
      -Dukify=disabled              \
      -Ddocdir=/usr/share/doc/systemd-255 \

The meaning of the meson options:


This switch overrides the default buildtype (debug), which produces unoptimized binaries.


This switch turns off the experimental DNSSEC support.


This switch prevents installation of systemd services responsible for setting up the system for the first time. These are not useful in LFS, because everything is done manually.


This switch prevents installation of the compiled tests.


This switch prevents installation of a systemd unit that runs ldconfig at boot; this is not useful for source distributions such as LFS, and makes the boot time longer. Remove this option to enable running ldconfig at boot.


This switch prevents installation of systemd services responsible for setting up the /etc/group and /etc/passwd files. Both files were created in the previous chapter. This daemon is not useful on an LFS system since user accounts are manually created.


This switch disables installation of RPM Macros for use with systemd, because LFS does not support RPM.

-Dhomed=disabled and -Duserdb=false

Remove two daemons with dependencies that do not fit within the scope of LFS.


Prevent the generation of man pages to avoid extra dependencies. We will install pre-generated man pages for systemd from a tarball.


Disable some features considered experimental by upstream.


Prevent the installation of a PAM configuration file not functional on LFS.


The default udev rule would allow all users to access /dev/kvm. The editors consider it dangerous. This option overrides it.


Tell the package the group name with GID 65534 is nogroup.


Do not install the systemd-sysupdate tool. It's designed for automatically upgrading binary distros, so it's useless for a basic Linux system built from source. And it will report errors on boot if it's enabled but not properly configured.


Do not install the systemd-ukify script. At runtime this script requires the pefile Python module that neither LFS nor BLFS provides.

Compile the package:


Install the package:

ninja install

Install the man pages:

tar -xf ../../systemd-man-pages-255.tar.xz \
    --no-same-owner --strip-components=1   \
    -C /usr/share/man

Create the /etc/machine-id file needed by systemd-journald:


Set up the basic target structure:

systemctl preset-all

8.75.2. Contents of systemd

Installed programs: busctl, coredumpctl, halt (symlink to systemctl), hostnamectl, init, journalctl, kernel-install, localectl, loginctl, machinectl, mount.ddi (symlink to systemd-dissect), networkctl, oomctl, portablectl, poweroff (symlink to systemctl), reboot (symlink to systemctl), resolvconf (symlink to resolvectl), resolvectl, runlevel (symlink to systemctl), shutdown (symlink to systemctl), systemctl, systemd-ac-power, systemd-analyze, systemd-ask-password, systemd-cat, systemd-cgls, systemd-cgtop, systemd-confext (symlink to systemd-sysext), systemd-creds, systemd-delta, systemd-detect-virt, systemd-dissect, systemd-escape, systemd-hwdb, systemd-id128, systemd-inhibit, systemd-machine-id-setup, systemd-mount, systemd-notify, systemd-nspawn, systemd-path, systemd-repart, systemd-resolve (symlink to resolvectl), systemd-run, systemd-socket-activate, systemd-stdio-bridge, systemd-sysext, systemd-tmpfiles, systemd-tty-ask-password-agent, systemd-umount (symlink to systemd-mount), telinit (symlink to systemctl), timedatectl, and udevadm
Installed libraries: libnss_myhostname.so.2, libnss_mymachines.so.2, libnss_resolve.so.2, libnss_systemd.so.2, libsystemd.so, libsystemd-shared-255.so (in /usr/lib/systemd), and libudev.so
Installed directories: /etc/binfmt.d, /etc/init.d, /etc/kernel, /etc/modules-load.d, /etc/sysctl.d, /etc/systemd, /etc/tmpfiles.d, /etc/udev, /etc/xdg/systemd, /usr/lib/systemd, /usr/lib/udev, /usr/include/systemd, /usr/lib/binfmt.d, /usr/lib/environment.d, /usr/lib/kernel, /usr/lib/modules-load.d, /usr/lib/sysctl.d, /usr/lib/systemd, /usr/lib/tmpfiles.d, /usr/share/doc/systemd-255, /usr/share/factory, /usr/share/systemd, /var/lib/systemd, and /var/log/journal

Short Descriptions


Is used to introspect and monitor the D-Bus bus


Is used to retrieve coredumps from the systemd journal


Normally invokes shutdown with the -h option, except when already in run-level 0, when it tells the kernel to halt the system; it notes in the file /var/log/wtmp that the system is being brought down


Is used to query and change the system hostname and related settings


Is the first process to be started after the kernel has initialized the hardware; init takes over the boot process and starts the processes specified by its configuration files; in this case, it starts systemd


Is used to query the contents of the systemd journal


Is used to add and remove kernel and initramfs images to and from /boot; in LFS, this is done manually


Is used to query and change the system locale and keyboard layout settings


Is used to introspect and control the state of the systemd Login Manager


Is used to introspect and control the state of the systemd Virtual Machine and Container Registration Manager


Is used to introspect and configure the state of the network links configured by systemd-networkd


Controls the systemd Out Of Memory daemon


Is used to attach or detach portable services from the local system


Instructs the kernel to halt the system and switch off the computer (see halt)


Instructs the kernel to reboot the system (see halt)


Registers DNS server and domain configuration with systemd-resolved


Sends control commands to the network name resolution manager, or resolves domain names, IPv4 and IPv6 addresses, DNS records, and services


Outputs the previous and the current run-level, as noted in the last run-level record in /run/utmp


Brings the system down in a safe and secure manner, signaling all processes and notifying all logged-in users


Is used to introspect and control the state of the systemd system and service manager


Reports whether the system is connected to an external power source.


Is used to analyze system startup performance, as well as identify troublesome systemd units


Is used to query a system password or passphrase from the user, using a message specified on the Linux command line


Is used to connect the STDOUT and STDERR outputs of a process with the systemd journal


Recursively shows the contents of the selected Linux control group hierarchy in a tree


Shows the top control groups of the local Linux control group hierarchy, ordered by their CPU, memory and disk I/O loads


Displays and processes credentials


Is used to identify and compare configuration files in /etc that override the defaults in /usr


Detects whether the system is being run in a virtual environment, and adjusts udev accordingly


Is used to inspect OS disk images


Is used to escape strings for inclusion in systemd unit names


Is used to manage the hardware database (hwdb)


Generates and prints id128 (UUID) strings


Is used to execute a program with a shutdown, sleep or idle inhibitor lock taken, preventing an action such as a system shutdown until the process is completed


Is used by system installer tools to initialize the machine ID stored in /etc/machine-id at install time with a randomly generated ID


Is used to temporarily mount or automount disks


Is used by daemon scripts to notify the init system of status changes


Is used to run a command, or an entire OS, in a light-weight namespace container


Is used to query system and user paths


Is used to grow and add partitions to a partition table when systemd is used with an OS image (e.g. a container)


Is used to resolve domain names, IPV4 and IPv6 addresses, DNS resource records, and services


Is used to create and start a transient .service or a .scope unit and run the specified command in it; this is useful for validating systemd units


Is used to listen on socket devices and launch a process upon a successful connection to the socket


Activates system extension images


Creates, deletes, and cleans up volatile and temporary files and directories, based on the configuration file format and location specified in tmpfiles.d directories


Unmounts mount points


Is used to list and/or process pending systemd password requests


Tells init which run-level to change to


Is used to query and change the system clock and its settings


Is a generic udev administration tool which controls the udevd daemon, provides info from the udev hardware database, monitors uevents, waits for uevents to finish, tests udev configuration, and triggers uevents for a given device


Is the main systemd utility library


Is a library to access Udev device information