diff options
| -rw-r--r-- | man/journald.conf.xml | 31 | ||||
| -rw-r--r-- | src/core/automount.c | 6 | ||||
| -rw-r--r-- | src/core/transaction.c | 3 | ||||
| -rw-r--r-- | src/coredump/coredump.c | 9 |
4 files changed, 28 insertions, 21 deletions
diff --git a/man/journald.conf.xml b/man/journald.conf.xml index 3964cd6bc5..fef4fde898 100644 --- a/man/journald.conf.xml +++ b/man/journald.conf.xml @@ -129,21 +129,22 @@ <varlistentry> <term><varname>SplitMode=</varname></term> - <listitem><para>Controls whether to split up journal files per - user. One of <literal>uid</literal>, <literal>login</literal> - and <literal>none</literal>. If <literal>uid</literal>, all - users will get each their own journal files regardless of - whether they possess a login session or not, however system - users will log into the system journal. If - <literal>login</literal>, actually logged-in users will get - each their own journal files, but users without login session - and system users will log into the system journal. If - <literal>none</literal>, journal files are not split up by - user and all messages are instead stored in the single system - journal. Note that splitting up journal files by user is only - available for journals stored persistently. If journals are - stored on volatile storage (see above), only a single journal - file for all user IDs is kept. Defaults to + <listitem><para>Controls whether to split up journal files per user. Split-up journal files are primarily + useful for access control: on UNIX/Linux access control is managed per file, and the journal daemon will assign + users read access to their journal files. This setting takes one of <literal>uid</literal>, + <literal>login</literal> or <literal>none</literal>. If <literal>uid</literal>, all regular users will get each + their own journal files regardless of whether their processes possess login sessions or not, however system + users will log into the system journal. If <literal>login</literal>, actually logged-in users will get each + their own journal files, but users without login session and system users will log into the system + journal. Note that in this mode, user code running outside of any login session will log into the system log + instead of the split-out user logs. Most importantly, this means that information about core dumps of user + processes collected via the + <citerefentry><refentrytitle>systemd-coredump</refentrytitle><manvolnum>8</manvolnum></citerefentry> subsystem + will end up in the system logs instead of the user logs, and thus not be accessible to the owning users. If + <literal>none</literal>, journal files are not split up by user and all messages are instead stored in the + single system journal. In this mode unprivileged users generally do not have access to their own log data. Note + that splitting up journal files by user is only available for journals stored persistently. If journals are + stored on volatile storage (see above), only a single journal file for all user IDs is kept. Defaults to <literal>uid</literal>.</para></listitem> </varlistentry> diff --git a/src/core/automount.c b/src/core/automount.c index 85803a9c4a..4e9891569c 100644 --- a/src/core/automount.c +++ b/src/core/automount.c @@ -98,9 +98,6 @@ static void unmount_autofs(Automount *a) { if (a->pipe_fd < 0) return; - automount_send_ready(a, a->tokens, -EHOSTDOWN); - automount_send_ready(a, a->expire_tokens, -EHOSTDOWN); - a->pipe_event_source = sd_event_source_unref(a->pipe_event_source); a->pipe_fd = safe_close(a->pipe_fd); @@ -109,6 +106,9 @@ static void unmount_autofs(Automount *a) { if (a->where && (UNIT(a)->manager->exit_code != MANAGER_RELOAD && UNIT(a)->manager->exit_code != MANAGER_REEXECUTE)) { + automount_send_ready(a, a->tokens, -EHOSTDOWN); + automount_send_ready(a, a->expire_tokens, -EHOSTDOWN); + r = repeat_unmount(a->where, MNT_DETACH); if (r < 0) log_error_errno(r, "Failed to unmount: %m"); diff --git a/src/core/transaction.c b/src/core/transaction.c index af539171fd..8370b864fb 100644 --- a/src/core/transaction.c +++ b/src/core/transaction.c @@ -591,6 +591,9 @@ static int transaction_apply(Transaction *tr, Manager *m, JobMode mode) { HASHMAP_FOREACH(j, m->jobs, i) { assert(j->installed); + if (j->unit->ignore_on_isolate) + continue; + if (hashmap_get(tr->jobs, j->unit)) continue; diff --git a/src/coredump/coredump.c b/src/coredump/coredump.c index 043d785dd4..dcc09fcc6d 100644 --- a/src/coredump/coredump.c +++ b/src/coredump/coredump.c @@ -918,9 +918,6 @@ static int process_special_crash(const char *context[], int input_fd) { log_notice("Detected coredump of the journal daemon or PID 1, diverted to %s.", filename); - log_notice("Due to the special circumstances, coredump collection will now be turned off."); - (void) write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0); - return 0; } @@ -980,6 +977,12 @@ static int process_kernel(int argc, char* argv[]) { if (cg_pid_get_unit(pid, &t) >= 0) { + /* If this is PID 1 disable coredump collection, we'll unlikely be able to process it later on. */ + if (streq(t, SPECIAL_INIT_SCOPE)) { + log_notice("Due to PID 1 having crashed coredump collection will now be turned off."); + (void) write_string_file("/proc/sys/kernel/core_pattern", "|/bin/false", 0); + } + /* Let's avoid dead-locks when processing journald and init crashes, as socket activation and logging * are unlikely to work then. */ if (STR_IN_SET(t, SPECIAL_JOURNALD_SERVICE, SPECIAL_INIT_SCOPE)) { |