Age | Commit message (Collapse) | Author |
|
Replace the very generic cgroup hookup with a much simpler one. With
this change only the high-level cgroup settings remain, the ability to
set arbitrary cgroup attributes is removed, so is support for adding
units to arbitrary cgroup controllers or setting arbitrary paths for
them (especially paths that are different for the various controllers).
This also introduces a new -.slice root slice, that is the parent of
system.slice and friends. This enables easy admin configuration of
root-level cgrouo properties.
This replaces DeviceDeny= by DevicePolicy=, and implicitly adds in
/dev/null, /dev/zero and friends if DeviceAllow= is used (unless this is
turned off by DevicePolicy=).
|
|
|
|
It is not allowed.
|
|
When looking at verbose output, additional "work" is required to
pick out the interesting MESSAGE= lines from all the fields.
Also, show long fields in full in verbose output mode when
OUTPUT_FULL_WIDTH is specified.
|
|
|
|
|
|
When manpages are displayed on a terminal, <literal>s are indistinguishable
from surrounding text. Add quotes everywhere, remove duplicate quotes,
and tweak a few lists for consistent formatting.
https://bugzilla.redhat.com/show_bug.cgi?id=874631
|
|
check for pid file existance before returning 1
|
|
|
|
http://fedoraproject.org/wiki/Packaging:SysVInitScript#Exit_Codes_for_the_Status_Action
https://bugzilla.redhat.com/show_bug.cgi?id=975016
|
|
Corrupted empty files are relatively common. I think they are created
when a coredump for a user who never logged anything before is
attempted to be written, but the write does not succeed because the
coredump is too big, but there are probably other ways to create
those, especially if the machine crashes at the right time.
Non-corrupted empty files can also happen, e.g. if a journal file is
opened, but nothing is ever successfully written to it and it is
rotated because of MaxFileSec=. Either way, each "empty" journal file
costs around 3 MB, and there's little point in keeping them around.
|
|
Reporting of the free space was bogus, since the remaining space
was compared with the maximum allowed, instead of the current
use being compared with the maximum allowed. Simplify and fix
by reporting limits directly at the point where they are calculated.
Also, assign a UUID to the message.
|
|
|
|
|
|
Sometimes an entry is not successfully written, and we end up with
data items which are "unlinked", not connected to, and not used by any
entry. This will usually happen when we write to write a core dump,
and the initial small data fields are written successfully, but
the huge COREDUMP= field is not written. This situation is hard
to avoid, but the results are mostly harmless. Thus only warn about
unused data items.
Also, be more verbose about why journal files failed verification.
This should help diagnose journal failure modes without resorting
to a hexadecimal editor.
https://bugs.freedesktop.org/show_bug.cgi?id=65235 (esp. see
system.journal attached to the bug report).
|
|
|
|
|
|
|
|
Too many people kept hitting them, so let's increase the limits a bit.
https://bugzilla.redhat.com/show_bug.cgi?id=965803
|
|
https://launchpad.net/bugs/1193147
|
|
Replace mallocs with alloca while at it.
|
|
Before we only checked the MESSAGE_ID and COREDUMP_UNIT.
Those are both user-controlled fields.
For COREDUMP_USER_UNIT, relax the rules a bit, and also
allow messages from _UID=0.
|
|
When journald encounters a message with OBJECT_PID= set
coming from a priviledged process (UID==0), additional fields
will be added to the message:
OBJECT_UID=,
OBJECT_GID=,
OBJECT_COMM=,
OBJECT_EXE=,
OBJECT_CMDLINE=,
OBJECT_AUDIT_SESSION=,
OBJECT_AUDIT_LOGINUID=,
OBJECT_SYSTEMD_CGROUP=,
OBJECT_SYSTEMD_SESSION=,
OBJECT_SYSTEMD_OWNER_UID=,
OBJECT_SYSTEMD_UNIT= or OBJECT_SYSTEMD_USER_UNIT=.
This is for other logging daemons, like setroubleshoot, to be able to
augment their logs with data about the process.
https://bugzilla.redhat.com/show_bug.cgi?id=951627
|
|
|
|
|
|
|
|
|
|
The example mentioned Environment= rather than DefaultEnvironment=.
Also made some other clean-ups.
|
|
socket activation
|
|
This complements existing functionality of setting variables
through 'systemctl set-environment', the kernel command line,
and through normal environment variables for systemd in session
mode.
|
|
In 31f7bf1 "logs-show: print multiline messages", I forgot
to take into account the fact that --all implies --full for
journalctl.
|
|
|
|
|
|
|
|
Fixup for 9444b1f "logind: add infrastructure to keep track of
machines, and move to slices."
|
|
/run/systemd/machines/
|
|
|
|
- This changes all logind cgroup objects to use slice objects rather
than fixed croup locations.
- logind can now collect minimal information about running
VMs/containers. As fixed cgroup locations can no longer be used we
need an entity that keeps track of machine cgroups in whatever slice
they might be located. Since logind already keeps track of users,
sessions and seats this is a trivial addition.
- nspawn will now register with logind and pass various bits of metadata
along. A new option "--slice=" has been added to place the container
in a specific slice.
- loginctl gained commands to list, introspect and terminate machines.
- user.slice and machine.slice will now be pulled in by logind.service,
since only logind.service requires this slice.
|
|
Describe how to handle an AF_UNIX socket, with Accept set to false,
received from systemd, upon exit.
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=65945
|
|
Fixup for 98a6e13 "journalctl,loginctl,systemctl,systemd-cgls: add -l
as alias for --full".
|
|
|
|
|
|
|
|
Onboard network controllers are not always on PCI domain 0.
[Kay: use int instead of long, add [P] to slot naming, remove sysname var]
|
|
|
|
|
|
|
|
In order to prepare for the kernel cgroup rework, let's introduce a new
unit type to systemd, the "slice". Slices can be arranged in a tree and
are useful to partition resources freely and hierarchally by the user.
Each service unit can now be assigned to one of these slices, and later
on login users and machines may too.
Slices translate pretty directly to the cgroup hierarchy, and the
various objects can be assigned to any of the slices in the tree.
|
|
Otherwise, when a network device is renamed, systemd-sysctl is run twice
with the same network device name: once for ACTION="add" and once for
ACTION="move".
|