summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-06-30man: a couple of additions to file-hierarchy(7)Lennart Poettering
2014-06-30tmpfiles: don't do automatic cleanup in $XDG_RUNTIME_DIRLennart Poettering
Now that logind will clean up all IPC resources of a user we should really consider $XDG_RUNTIME_DIR as just another kind of IPC with the same life-cycle logic as the other IPC resources. This should be safe now to do since every user gets his own $XDG_RUNTIME_DIR tmpfs instance with a fixed size limit, so that flooding of it will more effectively be averted.
2014-06-30man: drop references to manual StandardError=syslog from daemon(7), we do ↵Lennart Poettering
this implicitly since ages
2014-06-30man: add a minimized, modernized description of the file system hierarchy ↵Lennart Poettering
systemd suggests
2014-06-30nspawn: block open_by_handle_at() and others via seccompLennart Poettering
Let's protect ourselves against the recently reported docker security issue. Our man page makes clear that we do not make any security promises anyway, but well, this one is easy to mitigate, so let's do it. While we are at it block a couple of more syscalls that are no good in containers, too.
2014-06-30nspawn: let's avoid using goto to wildly for non-cleanup purposesLennart Poettering
2014-06-30nspawn: simplify exit condition checkLennart Poettering
2014-06-30nspawn: log a warning on failure from wait_for_terminate()Luke Shumaker
This is at the suggestion of Djalal Harouni on the mailing list, and reflects the behavior of shared/util.c:wait_for_terminate_and_warn().
2014-06-30nspawn: Fix regression with exit statusLuke Shumaker
Commit 113cea8 introduced a bug that caused the exit code of systemd-nspawn to not reflect the exit code of the program executed in the container.
2014-06-30shared/util.c:wait_for_terminate_and_warn(): Add a comment on the return valuesLuke Shumaker
2014-06-30units: networkd - don't order wait-online.service before network.targetTom Gundersen
Reported by Michael Olbrich.
2014-06-30networkd: dhcp - use same metric for all DHCP-related routesTom Gundersen
2014-06-30util: fix commentLennart Poettering
2014-06-30tests: add missing XDG_RUNTIME_DIR env variableRonny Chevalier
Otherwise the test fails because specifier_runtime() returns -ENOTSUP when XDG_RUNTIME_DIR is not set.
2014-06-29sysusers: split up default sysusers snippetLennart Poettering
This ways, distributions have an easier way to replace the OS specific generic groups/users while keeping systemd's own.
2014-06-29util: refuse considering UID 0xFFFF and 0xFFFFFFFF validLennart Poettering
2014-06-29man: document the sysusers toolLennart Poettering
2014-06-29network-internal: initialize _cleanup_ variableTom Gundersen
2014-06-29netowrkd:deserialize_dhcp_routes verify strndup retSusant Sahani
strndup need to be chcked
2014-06-29networkd: dhcp - update the lifetime of an existing addressTom Gundersen
The logic otherwise is that we leave anything preconfigured alone, but in the case of DHCP we actually need to update it whenever the lease is renewed.
2014-06-29sd-dhcp-client: don't fail hard if UDP socket can not be boundTom Gundersen
Even if we cannot renew the lease at T1, we will likely succeed at T2, so warn and ignore the failure. This could happen if for whatever reason the received address is not yet configured, or it has been lost.
2014-06-29networkd: improve DHCP error loggingTom Gundersen
2014-06-29units: local-fs.target - don't pull in default dependenciesTom Gundersen
Reported by Gerardo Exequiel Pozzi: Looks like [commit a4a878d0] also changes a unrelated file (units/local-fs.target) [partially]reverting the commit 40f862e3 (filesystem targets: disable default dependencies) The side effect, at least in my case is that the "nofail" option in both "crypttab" and "fstab" has partial effect does the default timeout instead of continue normal boot without timeout.
2014-06-29networkd: set static addresses immediatelyTom Gundersen
Don't wait for IPv4LL nor DHCP to finish before setting statically configured addresses.
2014-06-29Add support for DHCP static route optionsEugene Yakubovich
This adds support for DHCP options 33 and 121: Static Route and Classless Static Route. To enable this feature, set UseRoutes=true in .network file. Returned routes are added to the routing table.
2014-06-29networkd: merge DHCPv4 and DHCPv6 configTom Gundersen
If there are v4 or v6 specific options we can keep those in separate sections, but for the common options, we will use only one. Moreovere only use DHCP=[yes/both|no/none|v4|v6] to enable or disable the clients.
2014-06-29sd-dhcp-client/networkd: set lifetimes for IPv4 addressesPatrik Flykt
Note that /proc/sys/net/ipv4/ip_dynaddr needs to be non-zero. [tomegun: hook up DHCP renew events to increase the lifetime when necessary]
2014-06-29networkd/sd-dhcp-server: only start dhcp server when necessaryTom Gundersen
2014-06-28doc: use expanded forms for written styleJan Engelhardt
2014-06-28doc: typographical improvements and choice of wordsJan Engelhardt
2014-06-28doc: grammatical correctionsJan Engelhardt
2014-06-28units: remove RefuseManualStart from units which are always aroundZbigniew Jędrzejewski-Szmek
In a normal running system, non-passive targets and units used during early bootup are always started. So refusing "manual start" for them doesn't make any difference, because a "start" command doesn't cause any action. In early boot however, the administrator might want to start on of those targets or services by hand. We shouldn't interfere with that. Note: in case of systemd-tmpfiles-setup.service, really running the unit after system is up would break the system. So e.g. restarting should not be allowed. The unit has "RefuseManualStop=yes", which prevents restart too.
2014-06-27man: split systemd.network(5) and related into various sections for better ↵Lennart Poettering
readability
2014-06-27update TODOLennart Poettering
2014-06-27man: document automatic networkd IP range allocationLennart Poettering
2014-06-27rules: don't enable usb pm for Avocent devicesTom Hirst
The Avocent KVM over IP devices doesn't work correctly with USB power management enabled.
2014-06-27libudev: queue - watch entire directory to allow the re-use of the watch ↵Kay Sievers
descriptor
2014-06-27update TODOLennart Poettering
2014-06-27journald: make MaxFileSec really default to 1monthMichał Bartoszkiewicz
journald.conf(5) states that the default for MaxFileSec is one month, but the code didn't respect that.
2014-06-27man: fix sd_watchdog_enabled() prototype in man pageLennart Poettering
https://bugs.freedesktop.org/show_bug.cgi?id=80597
2014-06-27update TODOLennart Poettering
2014-06-27coredump: simplify compression logic a bitLennart Poettering
This also make sure we remove the original coredump temporary file if we successfully managed to compress the coredump.
2014-06-27coredump: replace Compression= setting by simpler Compress= boolean settingLennart Poettering
Let's move things closer to journald's configuration settings, which knows Compress= already, as a boolean. This makes things more uniform, but also gives us more freedom to possibly swap out the used compression algorithm one day.
2014-06-27coredump: don't expose the compression level as configuration optionLennart Poettering
This sounds overly low-level and implementation-detaily. Let's just use the default level XZ suggests. This gives us more room to possibly swap out the compression algorithm used, as the compression level range will not leak into user configuration.
2014-06-27journald: invoking fstatvfs() is now redundant in the vacuuming codeLennart Poettering
2014-06-27coredump: don't be annoyed if another coredump hook removes our coredump ↵Lennart Poettering
while we work on it
2014-06-27coredump: fix how the compression level is verifiedLennart Poettering
2014-06-27update TODOLennart Poettering
2014-06-27coredump: add simple coredump vacuumingLennart Poettering
When disk space taken up by coredumps grows beyond a configured limit start removing the oldest coredump of the user with the most coredumps, until we get below the limit again.
2014-06-27main: uid_to_name() might fail due to OOM, protect against thatLennart Poettering