Age | Commit message (Collapse) | Author |
|
Just as with SMACK, we don't really know if a policy has been
loaded or not, as the policy interface is write-only. Assume
therefore that if ima is present in securityfs that it is
enabled.
Update the man page to reflect that "ima" is a valid option
now as well.
|
|
|
|
|
|
|
|
A new config file /etc/systemd/sleep.conf is added.
It is parsed by systemd-sleep and logind. The strings written
to /sys/power/disk and /sys/power/state can be configured.
This allows people to use different modes of suspend on
systems with broken or special hardware.
Configuration is shared between systemd-sleep and logind
to enable logind to answer the question "can the system be
put to sleep" as correctly as possible without actually
invoking the action. If the user configured systemd-sleep
to only use 'freeze', but current kernel does not support it,
logind will properly report that the system cannot be put
to sleep.
https://bugs.freedesktop.org/show_bug.cgi?id=57793
https://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=7e73c5ae6e7991a6c01f6d096ff8afaef4458c36
http://lists.freedesktop.org/archives/systemd-devel/2013-February/009238.html
SYSTEM_CONFIG_FILE and USER_CONFIG_FILE defines were removed
since they were used in only a few places and with the
addition of /etc/systemd/sleep.conf it becomes easier to just
append the name of each file to the dir name.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Bootchart has a help option. For the sake of consistency, this patch
adds it to the man page.
Also, the TODO is updated. Bootcharts were added to the journal in
commit c4d58b0.
|
|
|
|
normalized named hierarchies
|
|
|
|
|
|
systemd:/system subtree
|
|
Also, always accept both our simple hexdump syntax and UUID syntax.
|
|
This adds some syntactic sugar with a macro RUN_WITH_LOCALE() that reset
the thread-specific locale temporarily.
|
|
Disallow recursive .include, and make it unavailable in anything but
unit files.
|
|
Let's better be safe than sorry.
|
|
This makes sure nss-myhostname not only resolves the local host name to
127.0.0.2/::1 but also the host name 'localhost: to 127.0.0.1/::1. This
makes installation of /etc/passwd optional, as it usually only includes
a mapping for 'localhost'.
This change also resolves ::1 to the local hostname (as before), but
also lists 'localhost' as an alias. This means look-ups are now fully
reversible, even though they are 1:n mappings.
Finally, the module will no longer erroneously claim that local IP
addresses which aren't on the loopback device were.
|
|
parse_env_file_internal()
|
|
|
|
of their conditions fails
|
|
|
|
Session objects will now get the .session suffix, user objects the .user
suffix, nspawn containers the .nspawn suffix.
This also changes the user cgroups to be named after the numeric UID
rather than the username, since this allows us the parse these paths
standalone without requiring access to the cgroup file system.
This also changes the mapping of instanced units to cgroups. Instead of
mapping foo@bar.service to the cgroup path /user/foo@.service/bar we
will now map it to /user/foo@.service/foo@bar.service, in order to
ensure that all our objects are properly suffixed in the tree.
|
|
|
|
All attributes are stored as text, since root_directory is already
text, and it seems easier to have all of them in text format.
Attributes are written in the trusted. namespace, because the kernel
currently does not allow user. attributes on cgroups. This is a PITA,
and CAP_SYS_ADMIN is required to *read* the attributes. Alas.
A second pipe is opened for the child to signal the parent that the
cgroup hierarchy has been set up.
|
|
|
|
|
|
|
|
direction.
https://bugs.freedesktop.org/show_bug.cgi?id=63672
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Also show disabled units as candidates for reenable,
since it works and one may want to do enable-or-reenable
in one line.
|
|
|
|
|