Age | Commit message (Collapse) | Author |
|
Since 11ec7ce, journald isn't setting the ACLs properly anymore if
the files had no ACLs to begin with: acl_set_fd fails with EINVAL.
An ACL with ACL_USER or ACL_GROUP entries but no ACL_MASK entry is
invalid, so make sure a mask exists before trying to set the ACL.
|
|
|
|
Lennart:
> Hmm, I just noticed this patch:
>
> https://code.launchpad.net/~mdeslaur/upstart/apparmor-support/+merge/164169
>
> It contains a different check for AppArmor. Basically something like this:
>
> /sys/module/apparmor/parameters/enabled == 'Y'
>
> I'd prefer if we could change our code to do the same, given that
> the Ubuntu guys are guys are upstream for apparmor.
https://bugs.freedesktop.org/show_bug.cgi?id=63312
|
|
When an index key appeared in multiple sections (e.g.
CPUAffinity= was present in both "SYSTEM MANAGER DIRECTIVES"
and "UNIT DIRECTIVES"), when lxml was used, the key would
be not be displayed in all but one of those sections, and
only an empty <term/> element would be present. This
happens because lxml allows only one parent for each node,
and when the same formatted element was used in multiple places,
it was actually moved between them. Fix this by making a copy
of the element. The bug was present since lxml support was
introduced.
Also fix some indentation issues.
|
|
|
|
This fixes the error message "Unknown or unsupported cgroup attribute
CPUShares".
|
|
|
|
This partially reverts commit c3a170f3, which moved
efi_get_boot_timestamps too early in main(), before
/sys is assured to be mounted
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=64371
[tomegun: in particular /sys/firmware/efi/efivars needs to be
mounted, which is not a problem if a systemd-initramfs containing
the correct module is being used. But not everyone uses an
initramfs...]
|
|
|
|
remainder
|
|
|
|
https://launchpad.net/bugs/1152377
|
|
|
|
Unit names were mangled in function enable_unit only when dbus was
used. This patch adds mangling also when the dbus is not in use.
This makes it possible to say e.g.:
systemctl --root=/path enable cups
without spelling cups.service out in full.
|
|
POSIX_ME_HARDER mode is disabled for localectl. It doesn't
make much sense in case of localectl, and there's little reason
for localectl to behave specially.
|
|
|
|
|
|
|
|
Patch resolves the problem that 'systemctl is-enabled' does
not work for templated units.
Without this patch, systemctl is-enabled something@abc.service
returned "No such file or directory", because it first checked
if /usr/lib/systemd/system/something@abc.service, etc. exists.
If systemctl is-enabled is called for templated units, this
check should be omitted and it should search for symlinks in
the .wants dirs right away.
This patch fixes the broken behaviour and resolves
https://bugs.freedesktop.org/show_bug.cgi?id=55318.
[zj: fixed the patch to still check for broken symlinks and
masked instances. Also removed untrue assumptions from
the patch description.]
|
|
Just calling service_enter_dead() does not kill any processes.
As a result, the old process may still be running when the new one is
started.
After a watchdog failure the service is in an undefined state.
Using the normal shutdown mechanism makes no sense. Instead all processes
are just killed and the service can try to restart.
|
|
|
|
https://launchpad.net/bugs/1157334
|
|
https://launchpad.net/bugs/727139
|
|
https://launchpad.net/bugs/1012365
|
|
Possibly due to copy&paste error it was identical to
ExecMainStartTimestamp.
|
|
|
|
|
|
Yay! Filtering using kernel bloom filter matches works now! Yippieh!
|
|
This change is based on existing usage in systemd and online.
'File-system' may make sense in adjectival form, but man pages
seem to prefer 'file system' even in those situations.
|
|
|
|
Additionally, compile out rule loading if feature is disabled.
|
|
|
|
We want to allow clients to process an sd_bus_message on a different
thread than it was received on. Since unreffing a bus message might
readd some of its memfds to the memfd cache add some minimal locking
around the cache.
|
|
fork()
|
|
|
|
We need this since we might need to invoke the release ioctl for
messages. Since we don't want to add any locking for that we simply keep
a reference to the bus and then rely that the fd stays valid all the
time.
|
|
|
|
|
|
This is preparation to allow sd_bus_message obejcts to be processed in a
different thread from their originating sd_bus object.
|
|
|
|
|
|
|
|
Bug-spotted-by: Steven Hiscocks <steven-systemd@hiscocks.me.uk>
|
|
|
|
Use timespec_store instead of (incorrectly) doing it inline.
|
|
|
|
|
|
With this change systemd-update-utmp-shutdown.service is replaced by
systemd-update-utmp.service which is started at boot and stays around
until shutdown. This allows us to properly order the unit against both
/var/log and auditd.
https://bugzilla.redhat.com/show_bug.cgi?id=853104
https://bugs.freedesktop.org/show_bug.cgi?id=64365
|
|
|
|
That way ordering it with MountsRequiredFor= works properly, as this no
longer results in mount units start requests to be added to the shutdown
transaction that conflict with stop requests for the same unit.
|