Age | Commit message (Collapse) | Author |
|
This patch makes it possible to set extended attributes on files created
by tmpfiles. This can be especially used to set SMACK security labels on
volatile files and directories.
It is done by adding new line of type "t". Such line should contain
attributes in Argument field, using following format:
name=value
All other fields are ignored.
If value contains spaces, then it must be surrounded by quotation marks.
User can also put quotation mark in value by escaping it with backslash.
Example:
D /var/run/cups - - - -
t /var/run/cups - - - - security.SMACK64=printing
|
|
|
|
We should avoid creating static device nodes at runtime.
|
|
|
|
|
|
omitted
|
|
Previously it would recursively copy the entire tree in, and descend
into subdirectories even if the destination already exists. Let's do
what the documentation says and not do that.
If files down the tree shall be copied too, they should get their own
"C" lines.
|
|
|
|
destination before creating a symlink
Also, make use of this for mtab as long as mount insists on creating it
even if we invoke it with "-n".
|
|
files/directories
This way it makes a lot more sense to specify an access mode for "Z"
lines.
|
|
If two lines refer to paths that are suffix and prefix of each other,
then always process the prefix first, the suffix second. In all other
cases strictly process rules in the order they appear in the files.
This makes creating /var/run as symlink to /run a lot more fun, since it
is automatically created first.
|
|
"m" so far has been a non-globbing version of "z". Since this makes it
quite redundant, let's get rid of it. Remove "m" from the man pages,
beef up "z" docs instead, and make "m" nothing more than a compatibility
alias for "z".
|
|
|
|
Set commas where there should be some.
Some improvements to word order.
|
|
As discussed on the ML these are useful to manage runtime directories
below /run for services.
|
|
/run was already used almost everywhere, fix the remaining places
for consistency.
|
|
actual sources, so that we don't get spurious newlines in the man page output
|
|
Let's always call the security labels the same way:
SMACK: "Smack Label"
SELINUX: "SELinux Security Context"
And the low-level encapsulation is called "seclabel". Now let's hope we
stick to this vocabulary in future, too, and don't mix "label"s and
"security contexts" and so on wildly.
|
|
As suggested by Kay, it is better to describe what is done,
not what might happen.
|
|
This is a recurring submission and includes corrections to:
word omissions and word class choice.
|
|
Various operations done by systemd-tmpfiles may only be safely done at
boot (e.g. removal of X lockfiles in /tmp, creation of /run/nologin).
Other operations may be done at any point in time (e.g. setting the
ownership on /{run,var}/log/journal). This distinction is largely
orthogonal to the type of operation.
A new switch --unsafe is added, and operations which should only be
executed during bootup are marked with an exclamation mark in the
configuration files. systemd-tmpfiles.service is modified to use this
switch, and guards are added so it is hard to re-start it by mistake.
If we install a new version of systemd, we actually want to enforce
some changes to tmpfiles configuration immediately. This should now be
possible to do safely, so distribution packages can be modified to
execute the "safe" subset at package installation time.
/run/nologin creation is split out into a separate service, to make it
easy to override.
https://bugzilla.redhat.com/show_bug.cgi?id=1043212
https://bugzilla.redhat.com/show_bug.cgi?id=1045849
|
|
Condition for /lib (necessary for split /usr) was missing from the unit.
Some changes which were done in tmpfiles.d(5) were not carried over to
systemd-tmpfiles(1).
Also use markup where possible.
|
|
This is a recurring submission and includes corrections to various
issue spotted. I guess I can just skip over reporting ubiquitous comma
placement fixes…
|
|
|
|
it exists
|
|
|
|
This is a recurring submission and includes corrections to various
issue spotted. I guess I can just skip over reporting ubiquitous
comma placement fixes…
Highligts in this particular commit:
- the "unsigned" type qualifier is completed to form a full type
"unsigned int"
- alphabetic -> lexicographic (that way we automatically define how
numbers get sorted)
|
|
|
|
|
|
This includes regularly-submitted corrections to comma setting and
orthographical mishaps that appeared in man/ in recent commits.
In this particular commit:
- the usual comma fixes
- expand contractions (this is prose)
|
|
Use proper grammar, word usage, adjective hyphenation, commas,
capitalization, spelling, etc.
To improve readability, some run-on sentences or sentence fragments were
revised.
[zj: remove the space from 'file name', 'host name', and 'time zone'.]
|
|
Type X will exclude path itself from clean-up. However, if the path is a
directory systemd-tmpfiles will clean-up its content.
In contrast to type x, where path is ignored completely, type X needs some
Age parameter. In order to determine Age parameter, we will look for config
entries of type d or D and pick the best match. Best match is either
exact match or longest prefix match.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=55890
Fixed typos, serial comma, and removed "either" as there were more
than two options. Also did an extra rename of "system-shutdown"
to "systemd-shutdown" that was forgotten in commit
8bd3b8620c80d0f2383f2fb04315411fc8077ca1
|
|
Reported-by: Jason St. John <jstjohn@purdue.edu>
|
|
Mostly useful for testing purposes. Setting Age to 1s works just as
well, but it is surprising that using 0s (or just 0) does not work.
Also clarify this in the documentation.
|
|
This resolves problems with filesystems which do not implement the
aio_write file operation. In this case, the kernel will fall back using
a loop writing technique for each pointer in a received iovec. The
result is strange errors in dmesg such as:
[ 31.855871] elevator: type not found
[ 31.856262] elevator: switch to
[ 31.856262] failed
It does not make sense to implement a synchronous aio_write method for
sysfs as this isn't a real filesystem where a reasonable use case for
using writev exists, nor is there an expectation that tmpfiles will be
used to write more data than can be reasonably written in a single write
syscall.
In addition, some sysfs attrs are currently buggy and will NOT reject
the second write with the newline, causing the sysfs value to be zeroed
out. This of course should be fixed in the kernel regardless of any
wrongdoing in userspace, but this simple change makes us immune to such
a bug.
This change means that we do not write a trailing newline by default, as
the expected use case of 'w' is for sysfs and procfs. In exchange, honor
C-style backslash escapes so that if the newline is really needed, the
user can add it.
|
|
Break out the write logic into a separate function and simply use it as
a callback to glob_item.
This allows users to consolidate writes to sysfs with multiple similar
pathnames, e.g.
w /sys/class/block/sd[a-z]/queue/read_ahead_kb - - - - 1024
|
|
|
|
|
|
clean up
It's logind's job to maintain those user dirs, so avoid automatic clean
up for them. However, we do cover everything within them.
|
|
|
|
|
|
We finally got the OK from all contributors with non-trivial commits to
relicense systemd from GPL2+ to LGPL2.1+.
Some udev bits continue to be GPL2+ for now, but we are looking into
relicensing them too, to allow free copy/paste of all code within
systemd.
The bits that used to be MIT continue to be MIT.
The big benefit of the relicensing is that closed source code may now
link against libsystemd-login.so and friends.
|
|
After long consideration we came to the conclusion that user
configuration in /etc should always override the (generally computer
generated) configuration in /run. User configuration should always be
what matters over anything else. Hence rearrange the search orders
accordingly.
In general this should change very little as overriding like this is
seldomn done so far, and the order between /etc and /usr stays the same.
|
|
|
|
manipulations at boot time, a la sysctl
|
|
|
|
|
|
If changing ownership or permissions is not desired, they can be
configured to '-' or omitted entirely.
|
|
|