| Age | Commit message (Collapse) | Author |
|---|
|
fixes #3881
|
|
Fix 3607
|
|
|
|
Without the address the message is not very useful.
Aug 04 23:52:21 rawhide systemd[1]: testlimit.socket: Too many incoming connections (4) from source ::1, dropping connection.
|
|
|
|
This fixes an issue during reexec — the count of connections would be lost:
[zbyszek@fedora-rawhide ~]$ systemctl status testlimit.socket | grep Connected
Accepted: 1; Connected: 1
[zbyszek@fedora-rawhide ~]$ sudo systemctl daemon-reexec
[zbyszek@fedora-rawhide ~]$ systemctl status testlimit.socket | grep Connected
Accepted: 1; Connected: 0
With the patch, Connected count is preserved.
Also add "Accept Socket" to the dump output for services.
|
|
Make functions and definitions that don't need to be shared local to
socket.c.
|
|
util-lib: unify parsing of nice level values
|
|
This adds parse_nice() that parses a nice level and ensures it is in the right
range, via a new nice_is_valid() helper. It then ports over a number of users
to this.
No functional changes.
|
|
Fixes #3890.
|
|
The intention is to clamp the value to READ_FULL_BYTES_MAX, which
would be the minimum of the two.
|
|
journal-(gatewayd,remote).c don't actually utilize libgnutls even when
HAVE_GNUTLS is defined.
|
|
|
|
|
|
|
|
read_full_stream() _always_ allocated twice the memory needed, due to
only breaking the realloc() && fread() loop when fread() returned 0,
requiring another iteration and exponentially enlarged buffer just to
discover the EOF condition.
This also caused file sizes >2MiB && <= 4MiB to erroneously be treated
as E2BIG, due to the inappropriately doubled buffer size exceeding
4*1024*1024.
Also made the 4*1024*1024 magic number a READ_FULL_BYTES_MAX constant.
|
|
networkd: apply bridge vlan configuration correct
|
|
bridge vlan configuration was applied even if it wasn't configured.
fixes #3876
|
|
allow transient mounts and automounts
|
|
Update help for "short-full" and shorten to 80 columns
|
|
https://lists.freedesktop.org/archives/systemd-devel/2016-August/037268.html
|
|
Fixes #3669.
|
|
|
|
Meaning of --all was mentioned in list-dependencies description, but the this
effect should also be mentioned in the description of the option itself.
|
|
make dist-check-help FTW!
|
|
|
|
This permits CPUQuota to accept greater values as documented.
|
|
nspawn resolv.conf handling improvements, and inherit $TERM all the way through nspawn → console login
|
|
Commit e5bc3f4fdc matches on e.g. a T440s, but not a T440 (i.e. the one
without a suffix).
|
|
This new output mode formats all timestamps using the usual format_timestamp()
call we use pretty much everywhere else. Timestamps formatted this way are some
ways more useful than traditional syslog timestamps as they include weekday,
month and timezone information, while not being much longer. They are also not
locale-dependent. The primary advantage however is that they may be passed
directly to journalctl's --since= and --until= switches as soon as #3869 is
merged.
While we are at it, let's also add "short-unix" to shell completion.
|
|
This patch improves parsing and generation of timestamps and calendar
specifications in two ways:
- The week day is now always printed in the abbreviated English form, instead
of the locale's setting. This makes sure we can always parse the week day
again, even if the locale is changed. Given that we don't follow locale
settings for printing timestamps in any other way either (for example, we
always use 24h syntax in order to make uniform parsing possible), it only
makes sense to also stick to a generic, non-localized form for the timestamp,
too.
- When parsing a timestamp, the local timezone (in its DST or non-DST name)
may be specified, in addition to "UTC". Other timezones are still not
supported however (not because we wouldn't want to, but mostly because libc
offers no nice API for that). In itself this brings no new features, however
it ensures that any locally formatted timestamp's timezone is also parsable
again.
These two changes ensure that the output of format_timestamp() may always be
passed to parse_timestamp() and results in the original input. The related
flavours for usec/UTC also work accordingly. Calendar specifications are
extended in a similar way.
The man page is updated accordingly, in particular this removes the claim that
timestamps systemd prints wouldn't be parsable by systemd. They are now.
The man page previously showed invalid timestamps as examples. This has been
removed, as the man page shouldn't be a unit test, where such negative examples
would be useful. The man page also no longer mentions the names of internal
functions, such as format_timestamp_us() or UNIX error codes such as EINVAL.
|
|
state (#3874)
Otherwise for example services that are failing on start and have Restart=on-failure
and bigger RestartSec systemctl status will return 0.
Fixes: #3864
|
|
It's probably better to be safe here.
|
|
interesting data
|
|
This way, invoking nspawn from a shell in the best case inherits the TERM
setting all the way down into the login shell spawned in the container.
Fixes: #3697
|
|
|
|
This removes the --share-system switch: from the documentation, the --help text
as well as the command line parsing. It's an ugly option, given that it kinda
contradicts the whole concept of PID namespaces that nspawn implements. Since
it's barely ever used, let's just deprecate it and remove it from the options.
It might be useful as a debugging option, hence the functionality is kept
around for now, exposed via an undocumented $SYSTEMD_NSPAWN_SHARE_SYSTEM
environment variable.
|
|
This has the benefit that the container can follow the host's DNS server
changes without us having to constantly update the container's resolv.conf
settings.
|
|
Update documentation for systemd-vconsole-setup
|
|
Each series has identical hardware, let's use a glob instead of listing them
one by one.
|
|
Whether a device is a trackball or not is a physical property so we should
store this globally, in one place. The new property must be set in addition to
ID_INPUT_MOUSE, otherwise existing clients won't detect the device.
No actual code changes required, the default match rule is simply checking for
"Trackball" in the name (in a few versions), other entries need to be added
manually.
|
|
Introduce MaxConnectionsPerSource= that is number of concurrent
connections allowed per IP.
RFE: 1939
|
|
Coredump: save information useful for debuging crashes in containers - v2
|
|
|
|
…since 4de282cf9324ab.
|
|
Process container parent is the process used to start processes with a new
user namespace - e.g systemd-nspawn, runc, lxc, etc.
There is not standard way how to find such a process - or I do not know
about it - hence I have decided to find the first process in the parent
process hierarchy with a different mount namespace and different
/proc/self/root's inode.
I have decided for this criteria because in ABRT we take special care
only if the crashed process runs different code than installed on the
host. Other processes with namespaces different than PID 1's namespaces
are just processes running code shipped by the OS vendor and bug
reporting tools can get information about the provider of the code
without the need to deal with changed root and so on.
|
|
IMA wiki says: "If the IMA policy contains LSM labels, then the LSM
policy must be loaded prior to the IMA policy." Right now, in case of
Smack, the IMA policy is loaded before the Smack policy. Move the order
around to allow Smack labels to be used in IMA policy.
|
|
This complements graphical-session.target for services which set up the
environment (e. g. dbus-update-activation-environment) and need to run before
the actual graphical session.
|
|
(#3850)
The password directory watch should get ordered before cryptsetup to make sure
that the password for unlocking the crypt device gets prompted.
|
|
The file contains information one can use to debug processes running
within a container.
|
