Arch Linux systemd cleanup

Rationale

systemd is a somewhat controversial "init system" that seems to be taking over the linux world. I'm not a fan, but Arch Linux switched to it a while ago, and I haven't switched away from Arch yet.

One thing I particularly dislike about systemd is the number of automatic built-in "targets". I came to prefer Arch Linux long ago because it let me specify just what I want to install and run, instead of trying to figure out what wasn't really needed and clean it off, as I've done on Ubuntu (and Windows). With systemd I'm in clean-up mode again, struggling to unclutter the services list, process list, and even filesystem mount list.

Why bother to "clean up" packages and services? Some of the inclination to do so is admittedly OCD, but there are good practical arguments. A simpler configuration is easier to understand, debug, and modify. Most people don't care to do those things, true, but I do.

With systemd, there are a bunch of "targets" in a heirarchy in /usr/lib/systemd, and even more that seemed to be baked into the systemd binary (or library...) and have no visible configuration file. Targets include services, mounts, and device state. Check out the output of systemctl list-unit-files and systemctl --all and marvel at the collection. Some simple less-core services are disabled by default, waiting to be enabled, but many things are "static", meaning they are triggered automatically when certain conditions present themselves. The only way to "disable" most of these things is to "mask" them, which creates an "override" configuration for that target in /etc/systemd/ which just links to /dev/null.

Masking targets

First I mask a bunch of services and "mount" targets that I've found I don't need (and some which don't work on Arch Linux):

for SVC in                            \
    auditd.service                    \
    dev-hugepages.mount               \
    dev-mqueue.mount                  \
    plymouth-quit-wait.service        \
    plymouth-start.service            \
    proc-sys-fs-binfmt_misc.automount \
    proc-sys-fs-binfmt_misc.mount     \
    sys-fs-fuse-connections.mount     \
    sys-kernel-debug.mount            \
    sys-kernel-config.mount
do
    systemctl mask $SVC
done

Un-maskable mounts

There are other pseudo-filesystems that systemd mounts that have no maskable mountpoint target, as far as I know, so I clean them up near the end of bootup in my rc.local (now actually /etc/rc.local.sh, see systemd rc.local).

#!/bin/bash

# log all output to /var/log/
exec >>/var/log/rc-local.log 2>&1
echo Starting $(basename $0) on $(date)

# sleep a bit so the rest happens "late enough"
sleep 1

umount /sys/kernel/security
umount /sys/fs/pstore
umount /sys/firmware/efi/efivar

To get rid of cgroup controller tree mountpoints and such, I build a custom kernel with support for cgroups but without support for any controllers, since the "DefaultControllers" option in systemd/system.conf went away.