Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
|
|
|
|
Due to the brokeness of much of the userspace audit code we cannot
really start too many systems without the audit caps set. To make nspawn
easier to use just add the audit caps by default.
To boot up containers successfully the kernel's auditing needs to be
turned off still (use "audit=0" on the kernel command line), but at
least no manual caps have to be passed anymore.
In the long run auditing will be fixed for containers and ve virtualized
properly at which time it should be safe to enable these caps anyway.
|
|
|
|
|
|
|
|
|
|
Print the journal for a user session unit. For now this filters by
_SYSTEMD_USER_UNIT and USER_UNIT and additionally _UID.
|
|
|
|
|
|
|
|
Variable definitions can be written on more than one line - if each ends
with a backslash, then is concatenated with a previous one. Only
backslash and unix end of line (\n) are treated as a continuation.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=58083
[zj: squashed two patches together; cleaned up grammar; removed
comment about ignoring trailing backslash -- it is not ignored.]
Document continuation support in systemd.exec
|
|
|
|
Returns "HTTP/1.0 406 Not Acceptable" instead of silently
closing the connection.
|
|
The request must not be answered immediately (at first call to
response_handler()), but on the second. This is also important
for authentication, which cannot be performed on the first call.
Before:
% wget -O/dev/null -S https://localhost:19531/
--2012-11-28 18:29:43-- https://localhost:19531/
Resolving localhost (localhost)... 127.0.0.1
Connecting to localhost (localhost)|127.0.0.1|:19531... connected.
HTTP request sent, awaiting response...
HTTP/1.1 301 Moved Permanently
Connection: close
Content-Length: 87
Location: /browse
Content-Type: text/html
Date: Wed, 28 Nov 2012 17:29:44 GMT
Location: /browse [following]
--2012-11-28 18:29:43-- https://localhost:19531/browse
Connecting to localhost (localhost)|127.0.0.1|:19531... connected.
HTTP request sent, awaiting response...
HTTP/1.1 200 OK
Connection: close
Content-Length: 23260
Content-Type: text/html
Date: Wed, 28 Nov 2012 17:29:44 GMT
Length: 23260 (23K) [text/html]
After:
% wget --no-check-certificate -O/dev/null -S https://localhost:19531/
--2012-11-28 18:30:05-- https://localhost:19531/
Resolving localhost (localhost)... 127.0.0.1
Connecting to localhost (localhost)|127.0.0.1|:19531... connected.
HTTP request sent, awaiting response...
HTTP/1.1 301 Moved Permanently
Content-Length: 87
Location: /browse
Content-Type: text/html
Date: Wed, 28 Nov 2012 17:30:05 GMT
Location: /browse [following]
--2012-11-28 18:30:05-- https://localhost:19531/browse
Reusing existing connection to localhost:19531.
HTTP request sent, awaiting response...
HTTP/1.1 200 OK
Content-Length: 23260
Content-Type: text/html
Date: Wed, 28 Nov 2012 17:30:06 GMT
Length: 23260 (23K) [text/html]
|
|
|
|
The new microhttpd logger doesn't know this information. It is
better to log nothing than fake values.
|
|
Explicit zeroing is replaced with initialization to {0}.
No functional change.
|
|
A prefix ("microhttpd: ") is added to the log lines to make it easy to
distinguish the source.
|
|
For now the certificates are passed around as options to the
program. This might not be the most convenient under "production",
but makes for fairly easy testing.
|
|
In preparation for adding more options, split out the option
handling code.
|
|
Repeating all tests in noinst_PROGRAMS and TESTS is pointless.
This way it is also clearer which noinst_PROGRAMs are not
part of the test suite.
|
|
|
|
Also adds a pair of bus calls for this to the daemon.
|
|
We generally follow the rule not to touch return values unless we
succeed, so for the sake of uniformity do the same here.
|
|
lines up anyway, so let's just assert
|
|
Now that strv_extend() is not so slow anymore, we can make use of it, to
shorten our code a bit.
|
|
|
|
|
|
It's a bit easier to read...
|
|
|
|
systemctl list-dependencies lists all unit's dependecies and
recursively expands all subsidiary target units into a tree.
Primary purpose for this command is to show all units which are
enabled in specified target.
|
|
|
|
We should not pimp up the kernel's VC stuff, it's too linited and
fragile.
At the moment not even the font uploaded early during bootup does
survive the KMS driver taking over the framebuffer driver. We
surely don't want to make promises about colors or resolution.
The future is fullscreen KMS/kmscon/wayland/... based terminals using
X fonts, keymaps, input methods, and not the old school too limited
kernel VC stuff. So leave the kernel VCs as they are, and don't expect
wonders.
|
|
In commit 246aa6d (core: add bus API and systemctl commands for altering
cgroup parameters during runtime), when rewriting unit_add_one_default_cgroup
to prefered style, the check of strduped b->controller was incorrectly
changed to check the containing structure. Correct it.
|
|
This makes sure that a service is not indefinitely restarted in a tight
loop if it fails before it is able to process its socket.
This corrects the breakage introduced with
8d1b002a2e389e79a2414491523de549783abf73. Shame on me.
|
|
|
|
|
|
|
|
resetting the lists
https://bugzilla.redhat.com/show_bug.cgi?id=756787
|
|
|
|
|
|
|
|
|
|
We no longer allow early-boot init scripts, however in late boot the
syslog socket and local mounts are established anyway, so let's simplify
our dep graph a bit.
If $syslog doesn't resolve to syslog.target anymore there's no reason to
keep syslog.target around anymore. Let's remove it.
Note that many 3rd party service unit files order themselves after
syslog.target. These will be dangling dependencies now, which should be
unproblematic, however.
|
|
|