summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2013-03-15smack-setup: enable Smack/CIPSO mappingNathaniel Chen
CIPSO is the Common IP Security Option, an IETF standard for setting security levels for a process sending packets. In Smack kernels, CIPSO headers are mapped to Smack labels automatically, but can be changed. This patch writes label/category mappings from /etc/smack/cipso/ to /sys/fs/smackfs/cipso2. The mapping format is "%s%4d%4d"["%4d"]... For more information about Smack and CIPSO, see: https://kernel.org/doc/Documentation/security/Smack.txt
2013-03-15smack-setup: extract rule writing into a separate functionZbigniew Jędrzejewski-Szmek
Check all errors.
2013-03-15units: ignore systemd-sysctl on shutdownUmut Tezduyar
No need to try to stop systemd-sysctl on shutdown as this service doesn't have ExecStop= anyways.
2013-03-15core: keep mountinfo .mounts until late shutdownUmut Tezduyar
.mount units coming from /proc/self/mountinfo file are unmounted after local-fs.target is reached during shutdown. Problem: .mount units popping up in mountinfo file are added to systemd without any dependency. For that reason, they are the first one to be unmounted during shutdown. Whichever program mounted the file system deserves a chance to also unmount it. This patch ensures that /proc/self/mountinfo units will be unmounted after local-fs.target during shutdown (if they haven't been unmounted already)
2013-03-15man: fix grammarZbigniew Jędrzejewski-Szmek
2013-03-15systemd-python: add systemd.daemon wrapping sd-daemonZbigniew Jędrzejewski-Szmek
Please see the documentation (e.g. pydoc3 systemd.daemon) for full description. As usual, systemd._daemon wraps the raw interface, while systemd.daemon provides the more pythonic API. sd_listen_fds, sd_booted, sd_is_fifo, sd_is_socket, sd_is_socket_unix, sd_is_socket_inet, sd_is_mq, and SD_LISTEN_FDS_START are currently wrapped.
2013-03-15systemd-activate: pass environment variables throughZbigniew Jędrzejewski-Szmek
I need this to test half-installed socket-activated python script, which requires PYTHONPATH and LD_LIBRARY_PATH set. I assume that other people might find it useful to. -E VAR passes through VAR from the environment, while -E VAR=value sets VAR=value. systemd-activate -E PYTHONPATH=/var/tmp/inst1/usr/lib64/python3.3/site-packages -E LD_LIBRARY_PATH=/var/tmp/inst1/usr/lib -l 2000 python3 -c 'from systemd.daemon import listen_fds; print(listen_fds())'
2013-03-15sysctl: default - add safe sysrq optionsKay Sievers
2013-03-15TODO: updateKay Sievers
2013-03-15nspawn: don't make assumptions about the size of pid_tLennart Poettering
2013-03-15logind: explicitly create state directories during early initializationLennart Poettering
Strictly speaking this isn't necessary for the /run/systemd/seats/ directory, since that is created anyway as the first seat is found, and seat0 is always found. But let's be explicit here, and also create the sessions/ and users/ directories, so that people can always install inotify watches from very early on, even when nobody logged in yet.
2013-03-15sd-booted: update sd_booted() check a bitLennart Poettering
Previously we were testing whether /sys/fs/cgroup/systemd/ was a mount point. This might be problematic however, when the cgroup trees are bind mounted into a container from the host (which should be absolutely valid), which might create the impression that the container was running systemd, but only the host actually is. Replace this by a check for the existance of the directory /run/systemd/system/, which should work unconditionally, since /run can never be a bind mount but *must* be a tmpfs on systemd systems, which is flushed at boots. This means that data in /run always reflects information about the current boot, and only of the local container, which makes it the perfect choice for a check like this. (As side effect this is nice to Ubuntu people who now use logind with the systemd cgroup hierarchy, where the old sd_booted() check misdetects systemd, even though they still run legacy Upstart.)
2013-03-15strv: fix STRV_FOREACH_PAIR macro definitionLennart Poettering
2013-03-15sysctl: add 50-default.confKay Sievers
2013-03-15sysctl: coredump.conf -> 50-coredump.confKay Sievers
2013-03-15man: bootup - "Systemd in the Initrd" -> "Initrd System Manager Bootup"Kay Sievers
2013-03-15Make initrd.target the default target in the initrdHarald Hoyer
First, rename root-fs.target to initrd-root-fs.target to clarify its usage. Mount units with "x-initrd-rootfs.mount" are now ordered before initrd-root-fs.target. As we sometimes construct /sysroot mounts in /etc/fstab in the initrd, we want these to be mounted before the initrd-root-fs.target is active. initrd.target can be the default target in the initrd. (normal startup) : : v basic.target | ______________________/| / | | sysroot.mount | | | v | initrd-root-fs.target | | | v | initrd-parse-etc.service (custom initrd services) | | v | (sysroot-usr.mount and | various mounts marked | with fstab option | x-initrd.mount) | | | v | initrd-fs.target | | \______________________ | \| v initrd.target | v initrd-cleanup.service isolates to initrd-switch-root.target | v ______________________/| / | | initrd-udevadm-cleanup-db.service | | (custom initrd services) | | | \______________________ | \| v initrd-switch-root.target | v initrd-switch-root.service | v switch-root
2013-03-14main: don't mount /sys, /dev and friends when we run with PID != 1Lennart Poettering
Back from old times when we developed systemd on non-systemd hosts we still mounted the missing directories such as the cgroup stuff even when running with a PID != 1. There's no point for that anymore, so let's just do that if we are actually PID 1, and never otherwise. https://bugs.freedesktop.org/show_bug.cgi?id=62354
2013-03-13fileio: use _cleanup_Zbigniew Jędrzejewski-Szmek
2013-03-13build-sys: link libsystemd-login also against libsystemd-daemon-internalZbigniew Jędrzejewski-Szmek
https://bugs.freedesktop.org/show_bug.cgi?id=62085 /usr/lib/gcc/x86_64-pc-linux-gnu/4.6.3/../../../../lib64/libsystemd-login.so: undefined reference to `sd_listen_fds' In ee465038ce8 'build-sys: break dependency loop between libsystemd-id128.la and -shared.la', a partial fix was applied, and the use of functions from libsystemd-id128 was removed from libsystemd-shared. Nevertheless, fdset.c was still using sd_listen_fds, so libsystemd-login should be linked against libysystemd-daemon or libsystemd-daemon-internal. Tested-by: Elias Probst <mail@eliasprobst.eu>
2013-03-13systemctl: remove unused variableMichal Sekletar
2013-03-13tmpfiles: add missing missing.h includeZbigniew Jędrzejewski-Szmek
mbiebl> src/tmpfiles/tmpfiles.c:221:13: error: ‘MAX_HANDLE_SZ’ undeclared (first use in this function) Fixup for 427b47c4abaf4b5.
2013-03-13initctl: catch write error, use _cleanup_Zbigniew Jędrzejewski-Szmek
!= operator always returns something nonnegative, so the error condition was not caught.
2013-03-13journalctl: show systemd messages about unit for -uZbigniew Jędrzejewski-Szmek
journalctl -u unit is not very useful, because it doesn't show systemd messages about starting, stopping, coredumps, etc, like systemctl status unit does. Make it show the same information using the same rules. If somebody really want to see just messages from by the unit, it is easy enough to use _SYSTEMD_UNIT=...
2013-03-13logs-show: export logic to add matches for unitsZbigniew Jędrzejewski-Szmek
After that functions which add matches, show_journal_by_unit and show_journal_by_user_unit, become nearly identical, so I merged them into one function.
2013-03-13man: fix some typosThomas Hindoe Paaboel Andersen
2013-03-13build-sys: add two new files to EXTRA_DISTZbigniew Jędrzejewski-Szmek
Also move custom-*.xsl EXTRA_DIST additions closer to where they are used.
2013-03-13libudev: implement udev_device_set_attribute_value()Hannes Reinecke
2013-03-13core: single unit_kill implementation for all unit typesMichal Schmidt
There are very few differences in the implementations of the kill method in the unit types that have one. Let's unify them. This does not yet unify unit_kill() with unit_kill_context().
2013-03-13util, manager: and mempset() and use itMichal Schmidt
Just like mempcpy() is almost identical to memcpy() except the useful return value, so is the relation of mempset() to memset().
2013-03-13manager: use more stpcpy()Michal Schmidt
2013-03-13tmpfiles: --clean -- check for bind mounts of the same filesystem and skip themKay Sievers
2013-03-13cryptsetup-generator: use _cleanup_ where possibleHarald Hoyer
2013-03-13add initrd-fs.target and root-fs.targetHarald Hoyer
Instead of using local-fs*.target in the initrd, use root-fs.target for sysroot.mount and initrd-fs.target for /sysroot/usr and friends. Using local-fs.target would mean to carry over the activated local-fs.target to the isolated initrd-switch-root.target and thus in the real root. Having local-fs.target already active after deserialization causes ordering problems with the real root services and targets. We better isolate to targets for initrd-switch-root.target, which are only available in the initrd.
2013-03-13build-sys: use -f with ln -sZbigniew Jędrzejewski-Szmek
Parallel builds would sometimes try to recreate the link, and fail since 'ln -s' would refuse to overwrite.
2013-03-13man: Document the actual behaviour of ExecStopPostMathieu Bridon
The documentation makes it sound like ExecStopPost is only run when stopping the service with `systemctl stop foo.service` However, that is not the case, as it also gets run when the service unexpectedly exists, crashes, or gets SIGKILLed.
2013-03-12man,html: say 'systemd 198' in the headerZbigniew Jędrzejewski-Szmek
This should help readers of the man or HTML pages know if the documentation is out of date. An alternative to use a date generated from 'git log' was considered, but since we try to keep user visible documentation up to date, showing the project version should be enough.
2013-03-12man: strip the comments in man page headersZbigniew Jędrzejewski-Szmek
They contained the date, which creates a problem with multiarch packages, since the generated file would be different each time.
2013-03-12build-sys: break dependency loop between libsystemd-id128.la and -shared.laZbigniew Jędrzejewski-Szmek
The loop was added in d848b9cbfa0ba72 'Move generic specifier functions to shared'.
2013-03-13shutdown: move attribute packed to the end of the declaration, so it is not ↵Michal Sekletar
ignored
2013-03-13manager: push back animation timer whenever a job finishesMichal Schmidt
The running jobs animation is supposed to hide itself when jobs are progressing sufficiently fast.
2013-03-12remote-fs.target: want remote-fs-pre.targetHarald Hoyer
This pulls in remote-fs-pre.target if remote-fs.target is needed. Previously remote-fs-pre.target was not active, if no remote fs was mounted from /etc/fstab. So, every manual remote fs mount was ordered against the inactive remote-fs-pre.target and umount.target. Because remote-fs-pre.target was not active, the remote fs was umounted at umount.target time, which was too late (network already down). Now remote-fs-pre.target is active, even if no remote fs is mounted. On shutdown it is deactivated in the correct order and all manual remote fs mounts also.
2013-03-12core: fix getting information about mount unitMichal Sekletar
We should not try to get information about mount unit from fragment if the unit was created because of /proc/self/mountinfo event.
2013-03-12udevd: sort into sysinit instead of basic targetKay Sievers
2013-03-11core/smack: downgrade info to debugZbigniew Jędrzejewski-Szmek
BogdanR> I think it's cool it supports SMACK and that it encourages them to use a propper mount point for smackfs but I don't think it's cool that it's printing on the screen even when I parse quiet to the kernel that "SMACK support is not enabled ...".
2013-03-11Remove or indent #define GNU_SOURCEZbigniew Jędrzejewski-Szmek
It is only needed in files designed to be usable in standalone compilation. In those files the #ifdefinery is indented. When compiling in-tree, GNU_SOURCE is always defined, so remove one definition.
2013-03-11bootchart: bump RLIMIT_NOFILE only after we forked us off, so that the init ↵Lennart Poettering
system inherits the kernel default
2013-03-11bootchart: various superficial cleanupsLennart Poettering
Let's update bootchar to share the coding style a bit more with the rest of the package. - Some tabs/spaces fixes - add #pragma to header - split up header so that we have a 1:1 relation between .c and .h files like everywhere else - Prefix user command line arguments/configuration settings with "arg_". - other coding style fixes
2013-03-11bootchart: rename log.c to store.c to aovid confusion with src/shared/log.cLennart Poettering
2013-03-11update TODOLennart Poettering