конфигурация среды выполнения (Execution environment configuration)
Окружение (Environment)
Environment=
Sets environment variables for executed processes. Each line
is unquoted using the rules described in "Quoting" section in
systemd.syntax(7) and becomes a list of variable assignments.
If you need to assign a value containing spaces or the equals
sign to a variable, put quotes around the whole assignment.
Variable expansion is not performed inside the strings and
the "$" character has no special meaning. Specifier expansion
is performed, see the "Specifiers" section in
systemd.unit(5).
This option may be specified more than once, in which case
all listed variables will be set. If the same variable is
listed twice, the later setting will override the earlier
setting. If the empty string is assigned to this option, the
list of environment variables is reset, all prior assignments
have no effect.
The names of the variables can contain ASCII letters, digits,
and the underscore character. Variable names cannot be empty
or start with a digit. In variable values, most characters
are allowed, but non-printable characters are currently
rejected.
Example:
Environment="VAR1=word1 word2" VAR2=word3 "VAR3=$word 5 6"
gives three variables "VAR1", "VAR2", "VAR3" with the values
"word1 word2", "word3", "$word 5 6".
See environ(7) for details about environment variables.
Note that environment variables are not suitable for passing
secrets (such as passwords, key material, ...) to service
processes. Environment variables set for a unit are exposed
to unprivileged clients via D-Bus IPC, and generally not
understood as being data that requires protection. Moreover,
environment variables are propagated down the process tree,
including across security boundaries (such as setuid/setgid
executables), and hence might leak to processes that should
not have access to the secret data. Use LoadCredential=,
LoadCredentialEncrypted= or SetCredentialEncrypted= (see
below) to pass data to unit processes securely.
EnvironmentFile=
Similar to Environment= but reads the environment variables
from a text file. The text file should contain
new-line-separated variable assignments. Empty lines, lines
without an "=" separator, or lines starting with ; or # will
be ignored, which may be used for commenting. A line ending
with a backslash will be concatenated with the following one,
allowing multiline variable definitions. The parser strips
leading and trailing whitespace from the values of
assignments, unless you use double quotes (").
C escapesmost control
characters
The argument passed should be an absolute filename or
wildcard expression, optionally prefixed with "-", which
indicates that if the file does not exist, it will not be
read and no error or warning message is logged. This option
may be specified more than once in which case all specified
files are read. If the empty string is assigned to this
option, the list of file to read is reset, all prior
assignments have no effect.
The files listed with this directive will be read shortly
before the process is executed (more specifically, after all
processes from a previous unit state terminated. This means
you can generate these files in one unit state, and read it
with this option in the next. The files are read from the
file system of the service manager, before any file system
changes like bind mounts take place).
Settings from these files override settings made with
Environment=. If the same variable is set twice from these
files, the files will be read in the order they are specified
and the later setting will override the earlier setting.
PassEnvironment=
Pass environment variables set for the system service manager
to executed processes. Takes a space-separated list of
variable names. This option may be specified more than once,
in which case all listed variables will be passed. If the
empty string is assigned to this option, the list of
environment variables to pass is reset, all prior assignments
have no effect. Variables specified that are not set for the
system manager will not be passed and will be silently
ignored. Note that this option is only relevant for the
system service manager, as system services by default do not
automatically inherit any environment variables set for the
service manager itself. However, in case of the user service
manager all environment variables are passed to the executed
processes anyway, hence this option is without effect for the
user service manager.
Variables set for invoked processes due to this setting are
subject to being overridden by those configured with
Environment= or EnvironmentFile=.
C escapesmost control
characters
Example:
PassEnvironment=VAR1 VAR2 VAR3
passes three variables "VAR1", "VAR2", "VAR3" with the values
set for those variables in PID1.
See environ(7) for details about environment variables.
UnsetEnvironment=
Explicitly unset environment variable assignments that would
normally be passed from the service manager to invoked
processes of this unit. Takes a space-separated list of
variable names or variable assignments. This option may be
specified more than once, in which case all listed
variables/assignments will be unset. If the empty string is
assigned to this option, the list of environment
variables/assignments to unset is reset. If a variable
assignment is specified (that is: a variable name, followed
by "=", followed by its value), then any environment variable
matching this precise assignment is removed. If a variable
name is specified (that is a variable name without any
following "=" or value), then any assignment matching the
variable name, regardless of its value is removed. Note that
the effect of UnsetEnvironment= is applied as final step when
the environment list passed to executed processes is
compiled. That means it may undo assignments from any
configuration source, including assignments made through
Environment= or EnvironmentFile=, inherited from the system
manager's global set of environment variables, inherited via
PassEnvironment=, set by the service manager itself (such as
$NOTIFY_SOCKET and such), or set by a PAM module (in case
PAMName= is used).
See "Environment Variables in Spawned Processes" below for a
description of how those settings combine to form the
inherited environment. See environ(7) for general information
about environment variables.
