Age | Commit message (Collapse) | Author |
|
This option specifies the label to assign the root of the file system if
it lacks the Smack extended attribute. Note that this option will be
ignored if kernel does not support the Smack feature by runtime
checking.
|
|
journalctl: clarify -q option
|
|
btrfs quota beef up and various other unrelated changes
|
|
-q suppresses info messages too
|
|
Without the updates repo, we are installing packages from the time
that that version of Fedora was released. Normally, during the
lifetime of the release most packages are updated, so most of the
packages installed would be outdated, and the first update after
installation would update a massive set of packages. Avoid all this
by installing from the updates repo from the start.
|
|
Keys for previous and future Fedora distributions were added
for the fedora-repos package recently:
https://bugzilla.redhat.com/show_bug.cgi?id=1246701.
There is no need to skip signature checking.
Also, update to the latest and greatest and remove unnecessary quotes.
|
|
This allows us to set up the quota group hierarchy in a reasonable way
on btrfs file systems.
|
|
networkd: add support to configure IPv6 DAD
|
|
systemd.resource-control(5)
This is after all where we expose all the other cgroup props, especially
those that can be adjusted dynamically.
|
|
`systemd-tmpfiles --clean ./some.conf` doesn't work:
Failed to open './some.conf', ignoring: No such file or directory
`systemd-tmpfiles --clean $(realpath ./some.conf)` works fine.
|
|
The age field applies to lines starting with `v`, `C`, `X` too.
See the function `clean_item` in the file `src/tmpfiles/tmpfiles.c`
|
|
|
|
|
|
|
|
Fixup for #1542.
|
|
Make journald audit socket maskable
|
|
man: describe IPv6AcceptRouterAdvertisements= better
|
|
Fixes #1514.
|
|
Adding them to the documentation makes it easier to find
the right man page for people who are trying to understand
where some socket in the filesystem is coming from.
|
|
With the previous description it wasn't clear that the
kernel default is being described.
Add link to kernel docs.
|
|
cache harddisk passwords in the kernel keyring
|
|
Fix env expansion
|
|
|
|
Instead of freezing in PID1 and letting the forked child freeze or
reboot when exec("/bin/sh") fails, just wait for the child's
exit and then do the freeze_or_reboot in PID1 as usual.
This means that when both crash_shell and crash_reboot are enabled, the
system will reboot after the shell exits.
|
|
This adds support for caching harddisk passwords in the kernel keyring
if it is available, thus supporting caching without Plymouth being
around.
This is also useful for hooking up "gdm-auto-login" with the collected
boot-time harddisk password, in order to support gnome keyring
passphrase unlocking via the HDD password, if it is the same.
Any passwords added to the kernel keyring this way have a timeout of
2.5min at which time they are purged from the kernel.
|
|
|
|
Add support for naming fds for socket activation and more
|
|
networkd: document ability to disable MACAddressPolicy
|
|
It's already documented in prose, now add it to the synopsis too.
|
|
This adds support for naming file descriptors passed using socket
activation. The names are passed in a new $LISTEN_FDNAMES= environment
variable, that matches the existign $LISTEN_FDS= one and contains a
colon-separated list of names.
This also adds support for naming fds submitted to the per-service fd
store using FDNAME= in the sd_notify() message.
This also adds a new FileDescriptorName= setting for socket unit files
to set the name for fds created by socket units.
This also adds a new call sd_listen_fds_with_names(), that is similar to
sd_listen_fds(), but also returns the names of the fds.
systemd-activate gained the new --fdname= switch to specify a name for
testing socket activation.
This is based on #1247 by Maciej Wereski.
Fixes #1247.
|
|
A variety of journal vacuuming improvements, plus an nspawn fix
|
|
While it is currently possible to either not set MACAddressPolicy or set
it to a value different from "persistent" or "random", it is not obvious
that a user can do so. Add a policy, "none", which simply retains kernel
MAC addresses (same as not filling in the policy at all) and document it
so that users are aware of this setting.
Signed-off-by: Jacob Keller <jacob.keller@gmail.com>
|
|
man: LEVEL in systemd-analyze set-log level is not optional
|
|
networkd: add bridge properties
|
|
networkd: add support to configure preferred source of static routes
|
|
rhbz#1268336
|
|
|
|
.network files
In order to avoid confusion with the default files we ship, let's use a
low prefix number for all examples.
Fixes #1409.
|
|
We don't actually accept patterns, hence don't claim so. This is a
fix-up for 730836403aee5f5bb998e6e3622ea7068fce0699.
Fixes #1256.
|
|
Fixes #1441.
|
|
|
|
Implement a maximum limit on number of journal files to keep around.
Enforcing a limit is useful on this since our performance when viewing
pays a heavy penalty for each journal file to interleve. This setting is
turned on now by default, and set to 100.
Also, actully implement what 348ced909724a1331b85d57aede80a102a00e428
promised: use whatever we find on disk at startup as lower bound on how
much disk space we can use. That commit introduced some provisions to
implement this, but actually never did.
This also adds "journalctl --vacuum-files=" to vacuum files on disk by
their number explicitly.
|
|
With this rework we introduce systemd-rfkill.service as singleton that
is activated via systemd-rfkill.socket that listens on /dev/rfkill. That
way, we get notified each time a new rfkill device shows up or changes
state, in which case we restore and save its current setting to disk.
This is nicer than the previous logic, as this means we save/restore
state even of rfkill devices that are around only intermittently, and
save/restore the state even if the system is shutdown abruptly instead
of cleanly.
This implements what I suggested in #1019 and obsoletes it.
|
|
Writable= is a new boolean setting. If ture, then ListenSpecial= will
open the specified path in O_RDWR mode, rather than just O_RDONLY.
This is useful for implementing services like rfkill, where /dev/rfkill
is more useful when opened in write mode, if we want to not only save
but also restore its state.
|
|
|
|
Shell completion tweaks
|
|
|
|
exit.target is now used for both system and user sessions,
so remove "on user service manager exit". Also reword that
paragraph: services will be killed before the manager exits,
even if they do not conflict with shutdown target, but we
recommend that they conflict with shutdown target so that
systemd schedules them to be stopped immediately when starting
to exit.
In the first paragraph, containers should be mentioned last,
and the more general systems first.
|
|
|
|
This convention is almost universal in systemd man pages, and makes
it easier to visually parse the docs.
Also fix some markup along the way.
|