Age | Commit message (Collapse) | Author |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
objects on the bus
This adds a lightweight scheme how to define interfaces in static fixed
arrays which then can be easily registered on a bus connection. This
makes it much easier to write bus services.
This automatically handles implementation of the Properties,
ObjectManager, and Introspection bus interfaces.
|
|
|
|
The Service type's forbid_restart field was not preserved by
serialization/deserialization, so the fact that the service should not
be restarted after stopping was lost.
If a systemctl stop foo command has been given, but the foo service
has not yet stopped, and then the systemctl --system daemon-reload was
given, then when the foo service eventually stopped, systemd would
restart it.
https://bugs.freedesktop.org/show_bug.cgi?id=69800
|
|
We already shew lines in full when using a pager or not on a
tty. The commit disables ellipsization in the sole remaining case,
namely when --follow is used.
This has been a popular request for a long time, and indeed, full
output seems much more useful. Old behaviour can still be requested by
using --no-full. Old options retain their behaviour for compatiblity,
but aren't advertised as much. This change applies only to jornalctl,
not to systemctl, when ellipsization is useful to keep the layout.
https://bugzilla.redhat.com/show_bug.cgi?id=984758
|
|
|
|
Allows the systemd --system process to change its current
SMACK label to a predefined custom label (usually "system")
at boot time.
This is needed to have a few system-generated folders and
sockets automatically be created with the right SMACK
label. Without that, processes either cannot communicate with
systemd or systemd fails to perform some actions.
|
|
Once systemd itself is running in a security domain for SMACK,
it will fail to start countless tasks due to missing privileges
for mounted and created directory structures. For /run and shm
specifically, we grant all tasks access.
These 2 mounts are allowed to fail, which will happen if the
system is not running a SMACK enabled kernel or security=none is
passed to the kernel.
|
|
Triggered false negatives when encoding a string which needed every
character to be escaped, e.g. "LABEL=/".
|
|
|
|
For cifs mount like //server/share, we would get
RequiresMountsFor=/server/share, which probably isn't
harmful, but quite confusing.
Unfortunately a bunch of static functions had to be moved
up, but patch is really one line.
|
|
Since a57f7e2c828b85, a mount unit with garbage in it would cause
systemd to crash on loading it.
ref: https://bugs.freedesktop.org/show_bug.cgi?id=70148
|
|
|
|
check for "reload" rather "reboot"
This appears to be a copy/paste error.
|
|
|
|
Usually the network is stopped before filesystems are umounted.
Ordering network filesystems before remote-fs.target means that their
unmounting will be performed earlier, and can terminate sucessfully.
https://bugs.freedesktop.org/show_bug.cgi?id=70002
|
|
|
|
Otherwise we get an ugly warning when running systemd in
a container.
|
|
|
|
|
|
In e6dca81 $SHELL was added to user@.service. Let's
instead provide it to all units which have a user.
|
|
4608af4333d0f7f5 set permissions for journal storage on persistent disk
but not the volatile storage.
ref: https://bugs.archlinux.org/task/37170
|
|
We were already creating the file if it was missing, and this way
containers can reconfigure the file without running into problems.
This also makes resolv.conf handling more alike to handling of
/etc/localtime, which is also not a bind mount.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This should have been part of ef5bfcf668e6029faa78534dfe.
|
|
|
|
This allows us to get rid of the dep on libsystemd-label for cgroup
management.
https://bugs.freedesktop.org/show_bug.cgi?id=69966
|
|
Otherwise, why is mkdir-label.[ch] split out?
|
|
|
|
|
|
Remove "logind fbdev removal" as it is no longer supported.
|
|
fbdev does not support access-handover so it is quite useless to route it
through logind. If compositors want to use it they ought to open it
themselves. It's highly recommended to be ignored entirely, though. fbdev
is about to be deprecated in the kernel.
|
|
DRM Master access requires CAP_SYS_ADMIN, yay! Add it to the capability
bounding set for systemd-logind. As CAP_SYS_ADMIN actually allows a huge
set of actions, this mostly renders the restriction-set useless. Anyway,
patches are already pending to reduce the restriction on the kernel side.
But these won't really make it into any stable-release so for now we're
stuck with CAP_SYS_ADMIN.
|
|
We only send the PropertyChanged signal for the to-be-activated session
but not for the to-be-deactivated one. Fix that so both listeners get
notified about the new state.
|
|
The initial drmSetMaster may fail if there is an active master already. We
must not assume that all existing clients comply to logind rules. We check
for this during session-activation already but didn't during device setup.
Fix this by checking the return code.
As drmSetMaster has had horrible return codes in the past (0 for failure?
EINVAL for denied access, ..) we need to be quite pedantic. To guarantee
an open file-descriptor we need to close the device and reopen it without
master if setting master failed first.
|