1SYSTEMD-RUN(1)                    systemd-run                   SYSTEMD-RUN(1)
2
3
4

NAME

6       systemd-run - Run programs in transient scope units, service units, or
7       path-, socket-, or timer-triggered service units
8

SYNOPSIS

10       systemd-run [OPTIONS...] COMMAND [ARGS...]
11
12       systemd-run [OPTIONS...] [PATH OPTIONS...] {COMMAND} [ARGS...]
13
14       systemd-run [OPTIONS...] [SOCKET OPTIONS...] {COMMAND} [ARGS...]
15
16       systemd-run [OPTIONS...] [TIMER OPTIONS...] {COMMAND} [ARGS...]
17

DESCRIPTION

19       systemd-run may be used to create and start a transient .service or
20       .scope unit and run the specified COMMAND in it. It may also be used to
21       create and start a transient .path, .socket, or .timer unit, that
22       activates a .service unit when elapsing.
23
24       If a command is run as transient service unit, it will be started and
25       managed by the service manager like any other service, and thus shows
26       up in the output of systemctl list-units like any other unit. It will
27       run in a clean and detached execution environment, with the service
28       manager as its parent process. In this mode, systemd-run will start the
29       service asynchronously in the background and return after the command
30       has begun execution (unless --no-block or --wait are specified, see
31       below).
32
33       If a command is run as transient scope unit, it will be executed by
34       systemd-run itself as parent process and will thus inherit the
35       execution environment of the caller. However, the processes of the
36       command are managed by the service manager similar to normal services,
37       and will show up in the output of systemctl list-units. Execution in
38       this case is synchronous, and will return only when the command
39       finishes. This mode is enabled via the --scope switch (see below).
40
41       If a command is run with path, socket, or timer options such as
42       --on-calendar= (see below), a transient path, socket, or timer unit is
43       created alongside the service unit for the specified command. Only the
44       transient path, socket, or timer unit is started immediately, the
45       transient service unit will be triggered by the path, socket, or timer
46       unit. If the --unit= option is specified, the COMMAND may be omitted.
47       In this case, systemd-run creates only a .path, .socket, or .timer unit
48       that triggers the specified unit.
49
50       By default, services created with systemd-run default to the simple
51       type, see the description of Type= in systemd.service(5) for details.
52       Note that when this type is used the service manager (and thus the
53       systemd-run command) considers service start-up successful as soon as
54       the fork() for the main service process succeeded, i.e. before the
55       execve() is invoked, and thus even if the specified command cannot be
56       started. Consider using the exec service type (i.e.
57       --property=Type=exec) to ensure that systemd-run returns successfully
58       only if the specified command line has been successfully started.
59

OPTIONS

61       The following options are understood:
62
63       --no-ask-password
64           Do not query the user for authentication for privileged operations.
65
66       --scope
67           Create a transient .scope unit instead of the default transient
68           .service unit (see above).
69
70       --unit=
71           Use this unit name instead of an automatically generated one.
72
73       --property=, -p
74           Sets a property on the scope or service unit that is created. This
75           option takes an assignment in the same format as systemctl(1)'s
76           set-property command.
77
78       --description=
79           Provide a description for the service, scope, path, socket, or
80           timer unit. If not specified, the command itself will be used as a
81           description. See Description= in systemd.unit(5).
82
83       --slice=
84           Make the new .service or .scope unit part of the specified slice,
85           instead of system.slice.
86
87       -r, --remain-after-exit
88           After the service process has terminated, keep the service around
89           until it is explicitly stopped. This is useful to collect runtime
90           information about the service after it finished running. Also see
91           RemainAfterExit= in systemd.service(5).
92
93       --send-sighup
94           When terminating the scope or service unit, send a SIGHUP
95           immediately after SIGTERM. This is useful to indicate to shells and
96           shell-like processes that the connection has been severed. Also see
97           SendSIGHUP= in systemd.kill(5).
98
99       --service-type=
100           Sets the service type. Also see Type= in systemd.service(5). This
101           option has no effect in conjunction with --scope. Defaults to
102           simple.
103
104       --uid=, --gid=
105           Runs the service process under the specified UNIX user and group.
106           Also see User= and Group= in systemd.exec(5).
107
108       --nice=
109           Runs the service process with the specified nice level. Also see
110           Nice= in systemd.exec(5).
111
112       --working-directory=
113           Runs the service process with the specified working directory. Also
114           see WorkingDirectory= in systemd.exec(5).
115
116       --same-dir, -d
117           Similar to --working-directory= but uses the current working
118           directory of the caller for the service to execute.
119
120       -E NAME=VALUE, --setenv=NAME=VALUE
121           Runs the service process with the specified environment variable
122           set. Also see Environment= in systemd.exec(5).
123
124       --pty, -t
125           When invoking the command, the transient service connects its
126           standard input, output and error to the terminal systemd-run is
127           invoked on, via a pseudo TTY device. This allows running programs
128           that expect interactive user input/output as services, such as
129           interactive command shells.
130
131           Note that machinectl(1)'s shell command is usually a better
132           alternative for requesting a new, interactive login session on the
133           local host or a local container.
134
135           See below for details on how this switch combines with --pipe.
136
137       --pipe, -P
138           If specified, standard input, output, and error of the transient
139           service are inherited from the systemd-run command itself. This
140           allows systemd-run to be used within shell pipelines. Note that
141           this mode is not suitable for interactive command shells and
142           similar, as the service process will not become a TTY controller
143           when invoked on a terminal. Use --pty instead in that case.
144
145           When both --pipe and --pty are used in combination the more
146           appropriate option is automatically determined and used.
147           Specifically, when invoked with standard input, output and error
148           connected to a TTY --pty is used, and otherwise --pipe.
149
150           When this option is used the original file descriptors systemd-run
151           receives are passed to the service processes as-is. If the service
152           runs with different privileges than systemd-run, this means the
153           service might not be able to re-open the passed file descriptors,
154           due to normal file descriptor access restrictions. If the invoked
155           process is a shell script that uses the echo "hello" > /dev/stderr
156           construct for writing messages to stderr, this might cause
157           problems, as this only works if stderr can be re-opened. To
158           mitigate this use the construct echo "hello" >&2 instead, which is
159           mostly equivalent and avoids this pitfall.
160
161       --shell, -S
162           A shortcut for "--pty --same-dir --wait --collect
163           --service-type=exec $SHELL", i.e. requests an interactive shell in
164           the current working directory, running in service context,
165           accessible with a single switch.
166
167       --quiet, -q
168           Suppresses additional informational output while running. This is
169           particularly useful in combination with --pty when it will suppress
170           the initial message explaining how to terminate the TTY connection.
171
172       --on-active=, --on-boot=, --on-startup=, --on-unit-active=,
173       --on-unit-inactive=
174           Defines a monotonic timer relative to different starting points for
175           starting the specified command. See OnActiveSec=, OnBootSec=,
176           OnStartupSec=, OnUnitActiveSec= and OnUnitInactiveSec= in
177           systemd.timer(5) for details. These options are shortcuts for
178           --timer-property= with the relevant properties. These options may
179           not be combined with --scope or --pty.
180
181       --on-calendar=
182           Defines a calendar timer for starting the specified command. See
183           OnCalendar= in systemd.timer(5). This option is a shortcut for
184           --timer-property=OnCalendar=. This option may not be combined with
185           --scope or --pty.
186
187       --path-property=, --socket-property=, --timer-property=
188           Sets a property on the path, socket, or timer unit that is created.
189           This option is similar to --property= but applies to the transient
190           path, socket, or timer unit rather than the transient service unit
191           created. This option takes an assignment in the same format as
192           systemctl(1)'s set-property command. These options may not be
193           combined with --scope or --pty.
194
195       --no-block
196           Do not synchronously wait for the unit start operation to finish.
197           If this option is not specified, the start request for the
198           transient unit will be verified, enqueued and systemd-run will wait
199           until the unit's start-up is completed. By passing this argument,
200           it is only verified and enqueued. This option may not be combined
201           with --wait.
202
203       --wait
204           Synchronously wait for the transient service to terminate. If this
205           option is specified, the start request for the transient unit is
206           verified, enqueued, and waited for. Subsequently the invoked unit
207           is monitored, and it is waited until it is deactivated again (most
208           likely because the specified command completed). On exit, terse
209           information about the unit's runtime is shown, including total
210           runtime (as well as CPU usage, if --property=CPUAccounting=1 was
211           set) and the exit code and status of the main process. This output
212           may be suppressed with --quiet. This option may not be combined
213           with --no-block, --scope or the various path, socket, or timer
214           options.
215
216       -G, --collect
217           Unload the transient unit after it completed, even if it failed.
218           Normally, without this option, all units that ran and failed are
219           kept in memory until the user explicitly resets their failure state
220           with systemctl reset-failed or an equivalent command. On the other
221           hand, units that ran successfully are unloaded immediately. If this
222           option is turned on the "garbage collection" of units is more
223           aggressive, and unloads units regardless if they exited
224           successfully or failed. This option is a shortcut for
225           --property=CollectMode=inactive-or-failed, see the explanation for
226           CollectMode= in systemd.unit(5) for further information.
227
228       --user
229           Talk to the service manager of the calling user, rather than the
230           service manager of the system.
231
232       --system
233           Talk to the service manager of the system. This is the implied
234           default.
235
236       -H, --host=
237           Execute the operation remotely. Specify a hostname, or a username
238           and hostname separated by "@", to connect to. The hostname may
239           optionally be suffixed by a port ssh is listening on, seperated by
240           ":", and then a container name, separated by "/", which connects
241           directly to a specific container on the specified host. This will
242           use SSH to talk to the remote machine manager instance. Container
243           names may be enumerated with machinectl -H HOST. Put IPv6 addresses
244           in brackets.
245
246       -M, --machine=
247           Execute operation on a local container. Specify a container name to
248           connect to.
249
250       -h, --help
251           Print a short help text and exit.
252
253       --version
254           Print a short version string and exit.
255
256       All command line arguments after the first non-option argument become
257       part of the command line of the launched process. If a command is run
258       as service unit, the first argument needs to be an absolute program
259       path.
260

EXIT STATUS

262       On success, 0 is returned, a non-zero failure code otherwise.
263

EXAMPLES

265       Example 1. Logging environment variables provided by systemd to
266       services
267
268           # systemd-run env
269           Running as unit: run-19945.service
270           # journalctl -u run-19945.service
271           Sep 08 07:37:21 bupkis systemd[1]: Starting /usr/bin/env...
272           Sep 08 07:37:21 bupkis systemd[1]: Started /usr/bin/env.
273           Sep 08 07:37:21 bupkis env[19948]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
274           Sep 08 07:37:21 bupkis env[19948]: LANG=en_US.UTF-8
275           Sep 08 07:37:21 bupkis env[19948]: BOOT_IMAGE=/vmlinuz-3.11.0-0.rc5.git6.2.fc20.x86_64
276
277       Example 2. Limiting resources available to a command
278
279           # systemd-run -p BlockIOWeight=10 updatedb
280
281       This command invokes the updatedb(8) tool, but lowers the block I/O
282       weight for it to 10. See systemd.resource-control(5) for more
283       information on the BlockIOWeight= property.
284
285       Example 3. Running commands at a specified time
286
287       The following command will touch a file after 30 seconds.
288
289           # date; systemd-run --on-active=30 --timer-property=AccuracySec=100ms /bin/touch /tmp/foo
290           Mon Dec  8 20:44:24 KST 2014
291           Running as unit: run-71.timer
292           Will run service as unit: run-71.service
293           # journalctl -b -u run-71.timer
294           -- Logs begin at Fri 2014-12-05 19:09:21 KST, end at Mon 2014-12-08 20:44:54 KST. --
295           Dec 08 20:44:38 container systemd[1]: Starting /bin/touch /tmp/foo.
296           Dec 08 20:44:38 container systemd[1]: Started /bin/touch /tmp/foo.
297           # journalctl -b -u run-71.service
298           -- Logs begin at Fri 2014-12-05 19:09:21 KST, end at Mon 2014-12-08 20:44:54 KST. --
299           Dec 08 20:44:48 container systemd[1]: Starting /bin/touch /tmp/foo...
300           Dec 08 20:44:48 container systemd[1]: Started /bin/touch /tmp/foo.
301
302       Example 4. Allowing access to the tty
303
304       The following command invokes /bin/bash as a service passing its
305       standard input, output and error to the calling TTY.
306
307           # systemd-run -t --send-sighup /bin/bash
308
309       Example 5. Start screen as a user service
310
311           $ systemd-run --scope --user screen
312           Running scope as unit run-r14b0047ab6df45bfb45e7786cc839e76.scope.
313
314           $ screen -ls
315           There is a screen on:
316                   492..laptop     (Detached)
317           1 Socket in /var/run/screen/S-fatima.
318
319       This starts the screen process as a child of the systemd --user process
320       that was started by user@.service, in a scope unit. A systemd.scope(5)
321       unit is used instead of a systemd.service(5) unit, because screen will
322       exit when detaching from the terminal, and a service unit would be
323       terminated. Running screen as a user unit has the advantage that it is
324       not part of the session scope. If KillUserProcesses=yes is configured
325       in logind.conf(5), the default, the session scope will be terminated
326       when the user logs out of that session.
327
328       The user@.service is started automatically when the user first logs in,
329       and stays around as long as at least one login session is open. After
330       the user logs out of the last session, user@.service and all services
331       underneath it are terminated. This behavior is the default, when
332       "lingering" is not enabled for that user. Enabling lingering means that
333       user@.service is started automatically during boot, even if the user is
334       not logged in, and that the service is not terminated when the user
335       logs out.
336
337       Enabling lingering allows the user to run processes without being
338       logged in, for example to allow screen to persist after the user logs
339       out, even if the session scope is terminated. In the default
340       configuration, users can enable lingering for themselves:
341
342           $ loginctl enable-linger
343

SEE ALSO

345       systemd(1), systemctl(1), systemd.unit(5), systemd.service(5),
346       systemd.scope(5), systemd.slice(5), systemd.exec(5), systemd.resource-
347       control(5), systemd.timer(5), systemd-mount(1), machinectl(1)
348
349
350
351systemd 241                                                     SYSTEMD-RUN(1)
Impressum