| Age | Commit message (Collapse) | Author |
|---|
|
If SMACK is enabled, 'smackfsroot=*' option should be specified when
/tmp is mounted since many non-root processes use /tmp for temporary
usage. If not, /tmp is labeled as '_' and smack denial occurs when
writing.
In order to do that, 'SmackFileSystemRoot=*' is newly added into
tmp.mount.
|
|
|
|
|
|
The actual code rename will follow. The reason for the change of name is to make it
simpler and more uniform with how we name other libraries (we don't include the
underlying protocol). The new name also matches the naming in the kernel (which
is particularly relevent here as we expect to let the kernel do some parts of
the protocol and we do others).
|
|
build: install journal-remote units and directory regardless of GNUTLS
|
|
This reverts commit 409c2a13fd65692c611b7bcaba12e908ef7cf1e5.
It breaks the bootup of systems which enable smack at compile time, but have no
smack enabled in the kernel. This needs a different solution.
|
|
|
|
units: add 'smackfsroot=*' option into tmp.mount when SMACK is enabled
|
|
If SMACK is enabled, 'smackfsroot=*' option should be specified in
tmp.mount file since many non-root processes use /tmp for temporary
usage. If not, /tmp is labeled as '_' and smack denial occurs when
writing.
|
|
build: fix overlinking
|
|
Not everything needs to link to libdl. dlopen+dlsym are used only by
libnss_resolve.
|
|
We don't use that anywhere any more. With the introduction of alias names it
also is not a proper mapping any more as several keys (e. g. KEY_COFFEE and
KEY_SCREENLOCK) have the same numerical mapping.
|
|
linux/input.h contains alias definitions like
#define KEY_COFFEE 152
#define KEY_SCREENLOCK KEY_COFFEE
#define KEY_ROTATE_DISPLAY 153
#define KEY_DIRECTION KEY_ROTATE_DISPLAY
But we ignored these when building keyboard-keys-list.txt. Also allow the value
to start with "K" now (for KEY_*), and drop the hardcoded COFFEE → SCREENLOCK
aliasing.
This fixes assignments to key "direction".
Fixes #1151
|
|
|
|
|
|
With this rework we introduce systemd-rfkill.service as singleton that
is activated via systemd-rfkill.socket that listens on /dev/rfkill. That
way, we get notified each time a new rfkill device shows up or changes
state, in which case we restore and save its current setting to disk.
This is nicer than the previous logic, as this means we save/restore
state even of rfkill devices that are around only intermittently, and
save/restore the state even if the system is shutdown abruptly instead
of cleanly.
This implements what I suggested in #1019 and obsoletes it.
|
|
|
|
And remove machine-id-commit as separate binary.
There's really no point in keeping this separate, as the sources are
pretty much identical, and have pretty identical interfaces. Let's unify
this in one binary.
Given that machine-id-commit was a private binary of systemd (shipped in
/usr/lib/) removing the tool is not an API break.
While we are at it, improve the documentation of the command substantially.
|
|
Introduce personality support for Linux on z Systems to run
particular services with a 64-bit or 31-bit personality.
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1262933
|
|
mount: use libmount to monitor mountinfo & utab
|
|
When a systemd service running in a container exits with a non-zero
code, it can be useful to terminate the container immediately and get
the exit code back to the host, when systemd-nspawn returns. This was
not possible to do. This patch adds the following to make it possible:
- Add a read-only "ExitCode" property on PID 1's "Manager" bus object.
By default, it is 0 so the behaviour stays the same as previously.
- Add a method "SetExitCode" on the same object. The method fails when
called on baremetal: it is only allowed in containers or in user
session.
- Add support in systemctl to call "systemctl exit 42". It reuses the
existing code for user session.
- Add exit.target and systemd-exit.service to the system instance.
- Change main() to actually call systemd-shutdown to exit() with the
correct value.
- Add verb 'exit' in systemd-shutdown with parameter --exit-code
- Update systemctl manpage.
I used the following to test it:
| $ sudo rkt --debug --insecure-skip-verify run \
| --mds-register=false --local docker://busybox \
| --exec=/bin/chroot -- /proc/1/root \
| systemctl --force exit 42
| ...
| Container rkt-895a0cba-5c66-4fa5-831c-e3f8ddc5810d failed with error code 42.
| $ echo $?
| 42
Fixes https://github.com/systemd/systemd/issues/1290
|
|
These programs should be run manually, typically two instances on a
veth pair to check conflict detection.
Both test programs take the ifname as input, the ACD also takes the
IP address to check, whereas LL (optionally) takes the seed, which
determines the sequence of IP addresses to try.
|
|
This splits the Address Conflict Detection out of the Link Local
library so that we can reuse it for DHCP and static addresses in
the future.
Implements RFC5227.
|
|
We currently process every ARP packet, but we should only care about the ones
relating to our IP address.
Also rename ipv4ll helpers to apr-utils.[ch], and rework the helpers a bit.
|
|
The current implementation directly monitor /proc/self/mountinfo and
/run/mount/utab files. It's really not optimal because utab file is
private libmount stuff without any official guaranteed semantic.
The libmount since v2.26 provides API to monitor mount kernel &
userspace changes and since v2.27 the monitor is usable for
non-root users too.
This patch replaces the current implementation with libmount based
solution.
Signed-off-by: Karel Zak <kzak@redhat.com>
|
|
This was used by consoled, which was removed, let's remove this too now.
|
|
|
|
Bump version info and update NEWS for the upcoming release.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
.nspawn fiels are simple settings files that may accompany container
images and directories and contain settings otherwise passed on the
nspawn command line. This provides an efficient way to attach execution
data directly to containers.
|
|
Various networkd and dhcp updates
|
|
No functional changes, just moving definitions into separate header
files.
|
|
|
|
|
|
build-sys: allow skipping installation of completions
|
|
Manual merge of https://github.com/systemd/systemd/pull/751.
|
|
Tests are modified to check behaviour with relax and without relax.
New tests are added for hostname_cleanup().
Tests are moved a new file (test-hostname-util) because there's
now a bunch of them.
New parameter is not used anywhere, except in tests, so there should
be no observable change.
|
|
./configure --with-bashcompletiondir=no or --without-bashcompletiondir
now works as expected. Similarly for zsh.
https://github.com/systemd/systemd/issues/533
|
|
Test af-list and arphdr-list.
|
|
Prepare for bug-fix release and bump versions.
|
|
|
|
|
|
|
