1SYSTEMD-RUN(1) systemd-run SYSTEMD-RUN(1)
2
6 systemd-run - Run programs in transient scope units, service units, or
7 path-, socket-, or timer-triggered service units
8
10 systemd-run [OPTIONS...] COMMAND [ARGS...]
11 systemd-run [OPTIONS...] [PATH OPTIONS...] {COMMAND} [ARGS...]
13 systemd-run [OPTIONS...] [SOCKET OPTIONS...] {COMMAND} [ARGS...]
15 systemd-run [OPTIONS...] [TIMER OPTIONS...] {COMMAND} [ARGS...]
17
19 systemd-run may be used to create and start a transient .service or
20 .scope unit and run the specified COMMAND in it. It may also be used to
21 create and start a transient .path, .socket, or .timer unit, that
22 activates a .service unit when elapsing.
23 If a command is run as transient service unit, it will be started and
25 managed by the service manager like any other service, and thus shows
26 up in the output of systemctl list-units like any other unit. It will
27 run in a clean and detached execution environment, with the service
28 manager as its parent process. In this mode, systemd-run will start the
29 service asynchronously in the background and return after the command
30 has begun execution (unless --no-block or --wait are specified, see
31 below).
32 If a command is run as transient scope unit, it will be executed by
34 systemd-run itself as parent process and will thus inherit the
35 execution environment of the caller. However, the processes of the
36 command are managed by the service manager similar to normal services,
37 and will show up in the output of systemctl list-units. Execution in
38 this case is synchronous, and will return only when the command
39 finishes. This mode is enabled via the --scope switch (see below).
40 If a command is run with path, socket, or timer options such as
42 --on-calendar= (see below), a transient path, socket, or timer unit is
43 created alongside the service unit for the specified command. Only the
44 transient path, socket, or timer unit is started immediately, the
45 transient service unit will be triggered by the path, socket, or timer
46 unit. If the --unit= option is specified, the COMMAND may be omitted.
47 In this case, systemd-run creates only a .path, .socket, or .timer unit
48 that triggers the specified unit.
49 By default, services created with systemd-run default to the simple
51 type, see the description of Type= in systemd.service(5) for details.
52 Note that when this type is used the service manager (and thus the
53 systemd-run command) considers service start-up successful as soon as
54 the fork() for the main service process succeeded, i.e. before the
55 execve() is invoked, and thus even if the specified command cannot be
56 started. Consider using the exec service type (i.e.
57 --property=Type=exec) to ensure that systemd-run returns successfully
58 only if the specified command line has been successfully started.
59
61 The following options are understood:
62 --no-ask-password
64 Do not query the user for authentication for privileged operations.
65 --scope
67 Create a transient .scope unit instead of the default transient
68 .service unit (see above).
69 --unit=, -u
71 Use this unit name instead of an automatically generated one.
72 --property=, -p
74 Sets a property on the scope or service unit that is created. This
75 option takes an assignment in the same format as systemctl(1)'s
76 set-property command.
77 --description=
79 Provide a description for the service, scope, path, socket, or
80 timer unit. If not specified, the command itself will be used as a
81 description. See Description= in systemd.unit(5).
82 --slice=
84 Make the new .service or .scope unit part of the specified slice,
85 instead of system.slice.
86 -r, --remain-after-exit
88 After the service process has terminated, keep the service around
89 until it is explicitly stopped. This is useful to collect runtime
90 information about the service after it finished running. Also see
91 RemainAfterExit= in systemd.service(5).
92 --send-sighup
94 When terminating the scope or service unit, send a SIGHUP
95 immediately after SIGTERM. This is useful to indicate to shells and
96 shell-like processes that the connection has been severed. Also see
97 SendSIGHUP= in systemd.kill(5).
98 --service-type=
100 Sets the service type. Also see Type= in systemd.service(5). This
101 option has no effect in conjunction with --scope. Defaults to
102 simple.
103 --uid=, --gid=
105 Runs the service process under the specified UNIX user and group.
106 Also see User= and Group= in systemd.exec(5).
107 --nice=
109 Runs the service process with the specified nice level. Also see
110 Nice= in systemd.exec(5).
111 --working-directory=
113 Runs the service process with the specified working directory. Also
114 see WorkingDirectory= in systemd.exec(5).
115 --same-dir, -d
117 Similar to --working-directory= but uses the current working
118 directory of the caller for the service to execute.
119 -E NAME=VALUE, --setenv=NAME=VALUE
121 Runs the service process with the specified environment variable
122 set. Also see Environment= in systemd.exec(5).
123 --pty, -t
125 When invoking the command, the transient service connects its
126 standard input, output and error to the terminal systemd-run is
127 invoked on, via a pseudo TTY device. This allows running programs
128 that expect interactive user input/output as services, such as
129 interactive command shells.
130 Note that machinectl(1)'s shell command is usually a better
132 alternative for requesting a new, interactive login session on the
133 local host or a local container.
134 See below for details on how this switch combines with --pipe.
136 --pipe, -P
138 If specified, standard input, output, and error of the transient
139 service are inherited from the systemd-run command itself. This
140 allows systemd-run to be used within shell pipelines. Note that
141 this mode is not suitable for interactive command shells and
142 similar, as the service process will not become a TTY controller
143 when invoked on a terminal. Use --pty instead in that case.
144 When both --pipe and --pty are used in combination the more
146 appropriate option is automatically determined and used.
147 Specifically, when invoked with standard input, output and error
148 connected to a TTY --pty is used, and otherwise --pipe.
149 When this option is used the original file descriptors systemd-run
151 receives are passed to the service processes as-is. If the service
152 runs with different privileges than systemd-run, this means the
153 service might not be able to re-open the passed file descriptors,
154 due to normal file descriptor access restrictions. If the invoked
155 process is a shell script that uses the echo "hello" > /dev/stderr
156 construct for writing messages to stderr, this might cause
157 problems, as this only works if stderr can be re-opened. To
158 mitigate this use the construct echo "hello" >&2 instead, which is
159 mostly equivalent and avoids this pitfall.
160 --shell, -S
162 A shortcut for "--pty --same-dir --wait --collect
163 --service-type=exec $SHELL", i.e. requests an interactive shell in
164 the current working directory, running in service context,
165 accessible with a single switch.
166 --quiet, -q
168 Suppresses additional informational output while running. This is
169 particularly useful in combination with --pty when it will suppress
170 the initial message explaining how to terminate the TTY connection.
171 --on-active=, --on-boot=, --on-startup=, --on-unit-active=,
173 --on-unit-inactive=
174 Defines a monotonic timer relative to different starting points for
175 starting the specified command. See OnActiveSec=, OnBootSec=,
176 OnStartupSec=, OnUnitActiveSec= and OnUnitInactiveSec= in
177 systemd.timer(5) for details. These options are shortcuts for
178 --timer-property= with the relevant properties. These options may
179 not be combined with --scope or --pty.
180 --on-calendar=
182 Defines a calendar timer for starting the specified command. See
183 OnCalendar= in systemd.timer(5). This option is a shortcut for
184 --timer-property=OnCalendar=. This option may not be combined with
185 --scope or --pty.
186 --on-clock-change, --on-timezone-change
188 Defines a trigger based on system clock jumps or timezone changes
189 for starting the specified command. See OnClockChange= and
190 OnTimezoneChange= in systemd.timer(5). These options are shortcuts
191 for --timer-property=OnClockChange=yes and
192 --timer-property=OnTimezoneChange=yes. These options may not be
193 combined with --scope or --pty.
194 --path-property=, --socket-property=, --timer-property=
196 Sets a property on the path, socket, or timer unit that is created.
197 This option is similar to --property= but applies to the transient
198 path, socket, or timer unit rather than the transient service unit
199 created. This option takes an assignment in the same format as
200 systemctl(1)'s set-property command. These options may not be
201 combined with --scope or --pty.
202 --no-block
204 Do not synchronously wait for the unit start operation to finish.
205 If this option is not specified, the start request for the
206 transient unit will be verified, enqueued and systemd-run will wait
207 until the unit's start-up is completed. By passing this argument,
208 it is only verified and enqueued. This option may not be combined
209 with --wait.
210 --wait
212 Synchronously wait for the transient service to terminate. If this
213 option is specified, the start request for the transient unit is
214 verified, enqueued, and waited for. Subsequently the invoked unit
215 is monitored, and it is waited until it is deactivated again (most
216 likely because the specified command completed). On exit, terse
217 information about the unit's runtime is shown, including total
218 runtime (as well as CPU usage, if --property=CPUAccounting=1 was
219 set) and the exit code and status of the main process. This output
220 may be suppressed with --quiet. This option may not be combined
221 with --no-block, --scope or the various path, socket, or timer
222 options.
223 -G, --collect
225 Unload the transient unit after it completed, even if it failed.
226 Normally, without this option, all units that ran and failed are
227 kept in memory until the user explicitly resets their failure state
228 with systemctl reset-failed or an equivalent command. On the other
229 hand, units that ran successfully are unloaded immediately. If this
230 option is turned on the "garbage collection" of units is more
231 aggressive, and unloads units regardless if they exited
232 successfully or failed. This option is a shortcut for
233 --property=CollectMode=inactive-or-failed, see the explanation for
234 CollectMode= in systemd.unit(5) for further information.
235 --user
237 Talk to the service manager of the calling user, rather than the
238 service manager of the system.
239 --system
241 Talk to the service manager of the system. This is the implied
242 default.
243 -H, --host=
245 Execute the operation remotely. Specify a hostname, or a username
246 and hostname separated by "@", to connect to. The hostname may
247 optionally be suffixed by a port ssh is listening on, separated by
248 ":", and then a container name, separated by "/", which connects
249 directly to a specific container on the specified host. This will
250 use SSH to talk to the remote machine manager instance. Container
251 names may be enumerated with machinectl -H HOST. Put IPv6 addresses
252 in brackets.
253 -M, --machine=
255 Execute operation on a local container. Specify a container name to
256 connect to.
257 -h, --help
259 Print a short help text and exit.
260 --version
262 Print a short version string and exit.
263 All command line arguments after the first non-option argument become
265 part of the command line of the launched process. If a command is run
266 as service unit, the first argument needs to be an absolute program
267 path.
268
270 On success, 0 is returned. If systemd-run failed to start the service,
271 a non-zero return value will be returned. If systemd-run waits for the
272 service to terminate, the return value will be propagated from the
273 service. 0 will be returned on success, including all the cases where
274 systemd considers a service to have exited cleanly, see the discussion
275 of SuccessExitStatus= in systemd.service(5).
276
278 Example 1. Logging environment variables provided by systemd to
279 services
280 # systemd-run env
282 Running as unit: run-19945.service
283 # journalctl -u run-19945.service
284 Sep 08 07:37:21 bupkis systemd[1]: Starting /usr/bin/env...
285 Sep 08 07:37:21 bupkis systemd[1]: Started /usr/bin/env.
286 Sep 08 07:37:21 bupkis env[19948]: PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
287 Sep 08 07:37:21 bupkis env[19948]: LANG=en_US.UTF-8
288 Sep 08 07:37:21 bupkis env[19948]: BOOT_IMAGE=/vmlinuz-3.11.0-0.rc5.git6.2.fc20.x86_64
289 Example 2. Limiting resources available to a command
291 # systemd-run -p BlockIOWeight=10 updatedb
293 This command invokes the updatedb(8) tool, but lowers the block I/O
295 weight for it to 10. See systemd.resource-control(5) for more
296 information on the BlockIOWeight= property.
297 Example 3. Running commands at a specified time
299 The following command will touch a file after 30 seconds.
301 # date; systemd-run --on-active=30 --timer-property=AccuracySec=100ms /bin/touch /tmp/foo
303 Mon Dec 8 20:44:24 KST 2014
304 Running as unit: run-71.timer
305 Will run service as unit: run-71.service
306 # journalctl -b -u run-71.timer
307 -- Logs begin at Fri 2014-12-05 19:09:21 KST, end at Mon 2014-12-08 20:44:54 KST. --
308 Dec 08 20:44:38 container systemd[1]: Starting /bin/touch /tmp/foo.
309 Dec 08 20:44:38 container systemd[1]: Started /bin/touch /tmp/foo.
310 # journalctl -b -u run-71.service
311 -- Logs begin at Fri 2014-12-05 19:09:21 KST, end at Mon 2014-12-08 20:44:54 KST. --
312 Dec 08 20:44:48 container systemd[1]: Starting /bin/touch /tmp/foo...
313 Dec 08 20:44:48 container systemd[1]: Started /bin/touch /tmp/foo.
314 Example 4. Allowing access to the tty
316 The following command invokes /bin/bash as a service passing its
318 standard input, output and error to the calling TTY.
319 # systemd-run -t --send-sighup /bin/bash
321 Example 5. Start screen as a user service
323 $ systemd-run --scope --user screen
325 Running scope as unit run-r14b0047ab6df45bfb45e7786cc839e76.scope.
326 $ screen -ls
328 There is a screen on:
329 492..laptop (Detached)
330 1 Socket in /var/run/screen/S-fatima.
331 This starts the screen process as a child of the systemd --user process
333 that was started by user@.service, in a scope unit. A systemd.scope(5)
334 unit is used instead of a systemd.service(5) unit, because screen will
335 exit when detaching from the terminal, and a service unit would be
336 terminated. Running screen as a user unit has the advantage that it is
337 not part of the session scope. If KillUserProcesses=yes is configured
338 in logind.conf(5), the default, the session scope will be terminated
339 when the user logs out of that session.
340 The user@.service is started automatically when the user first logs in,
342 and stays around as long as at least one login session is open. After
343 the user logs out of the last session, user@.service and all services
344 underneath it are terminated. This behavior is the default, when
345 "lingering" is not enabled for that user. Enabling lingering means that
346 user@.service is started automatically during boot, even if the user is
347 not logged in, and that the service is not terminated when the user
348 logs out.
349 Enabling lingering allows the user to run processes without being
351 logged in, for example to allow screen to persist after the user logs
352 out, even if the session scope is terminated. In the default
353 configuration, users can enable lingering for themselves:
354 $ loginctl enable-linger
356 Example 6. Return value
358 $ systemd-run --user --wait true
360 $ systemd-run --user --wait -p SuccessExitStatus=11 bash -c 'exit 11'
361 $ systemd-run --user --wait -p SuccessExitStatus=SIGUSR1 bash -c 'kill -SIGUSR1 $$$$'
362 Those three invocations will succeed, i.e. terminate with an exit code
364 of 0.
365
367 systemd(1), systemctl(1), systemd.unit(5), systemd.service(5),
368 systemd.scope(5), systemd.slice(5), systemd.exec(5), systemd.resource-
369 control(5), systemd.timer(5), systemd-mount(1), machinectl(1)
370systemd 245 SYSTEMD-RUN(1)