summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2011-12-20log: never block on syslog in PID 1Michal Schmidt
Use a non-blocking syslog socket if logging from PID 1. If sendmsg fails with EAGAIN, fall back to kmsg or console only for the current message. Next message will try syslog again.
2011-12-20dbus: no sync D-Bus connection flushingMichal Schmidt
Blocking on D-Bus in a system manager could lead to deadlock.
2011-12-20dbus: register to DBus asynchronouslyMichal Schmidt
Chen Jie observed and analyzed a deadlock. Assuming systemd-kmsg-syslogd is already stopped, but rsyslogd is not started yet: 1. systemd makes a synchronous call to dbus-daemon. 2. dbus-daemon wants to write something to syslog. 3. syslog needs to be started by systemd. ... but cannot be, because systemd is waiting in 1. Solve this by avoiding synchronous D-Bus calls. I had to write an async bus registration call. Interestingly, D-Bus authors anticipated this, in documentation to dbus_bus_set_unique_name(): > The only reason to use this function is to re-implement the equivalent > of dbus_bus_register() yourself. One (probably unusual) reason to do > that might be to do the bus registration call asynchronously instead > of synchronously. Lennart's comments from IRC: > though I think this doesn't fix the problem in its entirety > simply because dbus_connection_open_private() itself is still synchronous > i.e. the connect() call behind it is not async > I think I listed that issue actually on some D-Bus todo list > i.e. to make dbus_connection_get() fully async > but that's going to be hard > so your patch looks good So it may not be perfect, but it's clearly an improvement. I did not manage to reproduce the original deadlock with the patch.
2011-12-19label: fix labeling of symbolic linksDan Walsh
2011-12-17execute: fix losing of start timestampsMichal Schmidt
Start timestamps were always cleared before saving exit timestamps. Fix it by removing a condition that makes no sense any way I look at it.
2011-12-17man: fix misplaced remark in description of Sockets=Michal Schmidt
2011-12-16tmpfiles: add 'z', like 'Z' but not recursiveMichal Schmidt
2011-12-16tmpfiles: apply chown, chmod for 'Z' entries tooMichal Schmidt
If changing ownership or permissions is not desired, they can be configured to '-' or omitted entirely.
2011-12-16service: use 'syslog+console' for sysv_consoleMichal Schmidt
The default output to 'tty' for SysV service was making it hard to debug problems because error messages were missing from syslog.
2011-12-16man: mention that 'Z' ignores uid/gid/modeMichal Schmidt
2011-12-16man: document 'Z' in tmpfilesMichal Schmidt
2011-12-16tmpfiles: add RECURSIVE_RELABEL_PATH ('Z')Michal Schmidt
Feature requested by Dan Walsh.
2011-12-15tmpfiles: separate a generic item glob processing functionMichal Schmidt
Item glob processing will be useful for more than just removing.
2011-12-15tmpfiles: use a common function to set owner/group/mode/labelMichal Schmidt
2011-12-15tmpfiles: rename a couple of functionsMichal Schmidt
remove_item -> remove_item_instance remove_item_glob -> remove_item
2011-12-15tmpfiles: use an enum instead of plain char for item typeMichal Schmidt
For better safety. gcc can warn about missing values in switch statements.
2011-12-15systemctl: fix typo in 'is-enabled'Michal Schmidt
It prevented the action from working without dbus.
2011-12-15fsck: Fix typo in commentGregs Gregs
2011-12-14update TODOLennart Poettering
2011-12-14pam-module: add a couple of debugging printsMichal Schmidt
2011-12-09unit: check for unneeded dependencies even when unit stop was expectedMichal Schmidt
systemd did not stop units marked as "StopWhenUnneeded=yes" when the requiring unit was stopped on user's request. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=704197
2011-12-09unit: fix false positive in check for unneeded unitMichal Schmidt
A freshly started unit A was immediately considered unneeded just because unit B, which Requires A, was starting later in the transaction. Fix it by looking not only at the state of B, but also at its pending job. Also fix a copied&pasted comment.
2011-12-08path: add missing pieces for PathModifiedMichal Schmidt
PATH_MODIFIED worked internally for PID files detection, but was unusable in units.
2011-12-08'@' is an 'ampersat' not an 'ampersand'; let's call it 'at symbol'Tim Waugh
2011-12-06systemctl: print 'error' load state in redMichal Schmidt
Be consistent in coloring of load states in list-units and status. Print only 'error' in red. There are no 'banned' or 'failed' states. Do not color 'masked', it's not an error.
2011-12-06unit: garbage collect units with load errorMichal Schmidt
Units that failed to load were never cleaned up. It was possible to reach the 128K limit of units by attempting to load a bunch of nonsense. Bug observed by Reartes Guillermo in https://bugzilla.redhat.com/show_bug.cgi?id=680122
2011-12-05Allow 'list-unit-files' to run with --root.Bill Nottingham
To do so, move the check for the bus to the bus-using portion of list_unit_files(), and ensure that get_config_path doesn't abort when checking the runtime path with --root.
2011-12-03service: stop the service if ExecStartPost ends with a failureMichal Schmidt
The handling of failures in ExecStartPost is inconsistent. If the command times out, the service is stopped. But if the command exits with a failure, the service keeps running. It makes more sense to stop the service when ExecStartPost fails. If this behaviour is not desired, the ExecStartPost command can be prefixed with "-".
2011-12-03service: handle services with racy daemonization gracefullyMichal Schmidt
There are a lot of forking daemons that do not exactly follow the initialization steps as described in daemon(7). It is common that they do not bother waiting in the parent process for the child to write the PID file before exiting. The daemons' developers often do not perceive this as a bug and they're unwilling to change. Currently systemd warns about the missing PID file and falls back to guessing the main PID. Being not quite deterministic, the guess can be wrong with bad consequences. If the guessing is disabled, determinism is achieved at the cost of losing the ability of noticing when the main process of the service dies. As long as it does not negatively affect properly written services, systemd should strive for compatibility even with services with racy daemonization. It is possible to provide determinism _and_ main process supervision to them. If the PID file is not there, rather than guessing and considering the service running immediately after getting the SIGCHLD from the ExecStart (or ExecStartPost) process, we can keep the service in the activating state for a bit longer. We can use inotify to wait for the PID file to appear. Only when it finally does appear and we read a valid PID from it, we'll move the service to the running state. If the PID file never appears, the usual timeout kicks in and the service fails.
2011-12-03path: add PathModified (= PathChanged + IN_MODIFY)Michal Schmidt
2011-12-03path: refactor PathSpec usageMichal Schmidt
path_*() functions operate on "Path *p" and they do not touch PathSpec internals directly. pathspec_*() functions operate on "PathSpec *s". The PathSpec class will be useful outside of path.c.
2011-12-03path: use %m instead of strerror(errno)Michal Schmidt
and strerror(-errno) was just wrong.
2011-12-03util: fix error checking after fgets()Michal Schmidt
fgets() does not set errno on EOF.
2011-12-02rc-local: order after network.targetMichal Schmidt
As suggested by Bill Nottingham: rc.local is often used for frobbing the network. https://bugzilla.redhat.com/show_bug.cgi?id=754789
2011-12-02rc-local: no need to check if the script is executableMichal Schmidt
rc-local.service is pulled in by a generator only if the script is executable. No need to check again.
2011-12-02add a generator to pull rc-local.service inMichal Schmidt
rc-local.service acts as an ordering barrier even if its condition is false, because conditions are evaluated when the service is about to be started. To avoid the ordering barrier in a legacy-free system, add a generator to pull rc-local.service into the transaction only if the script is executable. If/when we rewrite SysV compatibility into a generator, this one can become a part of it.
2011-11-30man: document the PassCred optionMichal Schmidt
2011-11-30syslog: use PassCred=yes for the /dev/log socketMichal Schmidt
Both kmsg-syslogd and the real syslog service want to receive SCM_CREDENTIALS. With socket activation it is too late to set SO_PASSCRED in the services.
2011-11-30shutdownd: use PassCred=yes in the socket unitMichal Schmidt
Since Linux 3.2 in order to receive SCM_CREDENTIALS it is not sufficient to set SO_PASSCRED just before recvmsg(). The option has to be already set when the sender sends the message. With socket activation it is too late to set the option in the service. It must be set on the socket right from the start. See the kernel commit: 16e57262 af_unix: dont send SCM_CREDENTIALS by default Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=757628
2011-11-30socket: add option for SO_PASSCREDMichal Schmidt
Add an option to enable SO_PASSCRED for unix sockets.
2011-11-19let mount and swap units log to the configured defaultsMichal Schmidt
Related-to: https://bugzilla.redhat.com/show_bug.cgi?id=750032
2011-11-19pam-module: treat "cron" in PAM_TTY as empty ttyMichal Schmidt
cron sets PAM_TTY to "cron" and it has been doing it for a long time. It cannot be changed because user configurations may depend on it. https://bugzilla.redhat.com/show_bug.cgi?id=727315
2011-11-19pam-module: use the correct session type "unspecified"Michal Schmidt
logind does not understand "other".
2011-11-17execute: log errors from "sd(EXEC)"Michal Schmidt
To give the administrator more hints about failures occuring in spawning of commands than just the exit code, log the strerror. All fds are closed, so reopen the log. Related-to: https://bugzilla.redhat.com/show_bug.cgi?id=752901
2011-11-17execute: make setup_pam() return -errno when possibleMichal Schmidt
The only caller currently checks if the result is non-zero, so nothing changes there.
2011-11-16execute: avoid logging to closed fdsMichal Schmidt
Several functions called from the "sd(EXEC)" process try to log messages when all the file descriptors are already closed, including the logging ones. The logging functions do not expect their fds to be closed and they hit an assertion failure. The failure wants to be logged too, so there is an infinite recursion, ended by a SIGSEGV. When we close all fds, we must let log.c know about it.
2011-11-14Fix same expression on both sides of '&&'Thomas Jarosch
The code should probably look like the statements above it. Please verify, I just detected it using cppcheck. Signed-off-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
2011-11-11man: fix typo in sd_notifyMichal Schmidt
Noticed by guzu.
2011-11-11job: colored status messages on bootMichal Schmidt
The lack or green/red status marks on boot has been described by some users as "critical", "dramatic", "dealbreaker", "showstopper". Seriously.
2011-11-10service: don't warn if the pidfile still exists after SIGCHLDMichal Schmidt
A service that drops its privileges may not be able to remove it when it exits. The stale pidfile is not a problem as long as the service carefully recognizes it on its next start. systemd would produce a warning after the service exits: PID ... read from file ... does not exist. Your service or init script might be broken. Silence the warning in this case. Still warn if this error is detected when loading the pidfile after service start. Noticed by Miroslav Lichvar in https://bugzilla.redhat.com/show_bug.cgi?id=752396