summaryrefslogtreecommitdiff
path: root/man
AgeCommit message (Collapse)Author
2016-08-07core: add cgroup CPU controller support on the unified hierarchyTejun Heo
Unfortunately, due to the disagreements in the kernel development community, CPU controller cgroup v2 support has not been merged and enabling it requires applying two small out-of-tree kernel patches. The situation is explained in the following documentation. https://git.kernel.org/cgit/linux/kernel/git/tj/cgroup.git/tree/Documentation/cgroup-v2-cpu.txt?h=cgroup-v2-cpu While it isn't clear what will happen with CPU controller cgroup v2 support, there are critical features which are possible only on cgroup v2 such as buffered write control making cgroup v2 essential for a lot of workloads. This commit implements systemd CPU controller support on the unified hierarchy so that users who choose to deploy CPU controller cgroup v2 support can easily take advantage of it. On the unified hierarchy, "cpu.weight" knob replaces "cpu.shares" and "cpu.max" replaces "cpu.cfs_period_us" and "cpu.cfs_quota_us". [Startup]CPUWeight config options are added with the usual compat translation. CPU quota settings remain unchanged and apply to both legacy and unified hierarchies. v2: - Error in man page corrected. - CPU config application in cgroup_context_apply() refactored. - CPU accounting now works on unified hierarchy.
2016-08-04Merge pull request #3885 from keszybz/help-outputLennart Poettering
Update help for "short-full" and shorten to 80 columns
2016-08-04networkd: add support to configure NOARP/ARP for interface (#3854)Susant Sahani
https://lists.freedesktop.org/archives/systemd-devel/2016-August/037268.html
2016-08-04man: describe list-dependencies --allZbigniew Jędrzejewski-Szmek
Meaning of --all was mentioned in list-dependencies description, but the this effect should also be mentioned in the description of the option itself.
2016-08-03Merge pull request #3820 from poettering/nspawn-resolvconfZbigniew Jędrzejewski-Szmek
nspawn resolv.conf handling improvements, and inherit $TERM all the way through nspawn → console login
2016-08-03journalctl: add new output mode "short-full" (#3880)Lennart Poettering
This new output mode formats all timestamps using the usual format_timestamp() call we use pretty much everywhere else. Timestamps formatted this way are some ways more useful than traditional syslog timestamps as they include weekday, month and timezone information, while not being much longer. They are also not locale-dependent. The primary advantage however is that they may be passed directly to journalctl's --since= and --until= switches as soon as #3869 is merged. While we are at it, let's also add "short-unix" to shell completion.
2016-08-03util-lib: make timestamp generation and parsing reversible (#3869)Lennart Poettering
This patch improves parsing and generation of timestamps and calendar specifications in two ways: - The week day is now always printed in the abbreviated English form, instead of the locale's setting. This makes sure we can always parse the week day again, even if the locale is changed. Given that we don't follow locale settings for printing timestamps in any other way either (for example, we always use 24h syntax in order to make uniform parsing possible), it only makes sense to also stick to a generic, non-localized form for the timestamp, too. - When parsing a timestamp, the local timezone (in its DST or non-DST name) may be specified, in addition to "UTC". Other timezones are still not supported however (not because we wouldn't want to, but mostly because libc offers no nice API for that). In itself this brings no new features, however it ensures that any locally formatted timestamp's timezone is also parsable again. These two changes ensure that the output of format_timestamp() may always be passed to parse_timestamp() and results in the original input. The related flavours for usec/UTC also work accordingly. Calendar specifications are extended in a similar way. The man page is updated accordingly, in particular this removes the claim that timestamps systemd prints wouldn't be parsable by systemd. They are now. The man page previously showed invalid timestamps as examples. This has been removed, as the man page shouldn't be a unit test, where such negative examples would be useful. The man page also no longer mentions the names of internal functions, such as format_timestamp_us() or UNIX error codes such as EINVAL.
2016-08-03nspawn: deprecate --share-system supportLennart Poettering
This removes the --share-system switch: from the documentation, the --help text as well as the command line parsing. It's an ugly option, given that it kinda contradicts the whole concept of PID namespaces that nspawn implements. Since it's barely ever used, let's just deprecate it and remove it from the options. It might be useful as a debugging option, hence the functionality is kept around for now, exposed via an undocumented $SYSTEMD_NSPAWN_SHARE_SYSTEM environment variable.
2016-08-03Merge pull request #3828 from keszybz/drop-systemd-vconsole-setup-serviceLennart Poettering
Update documentation for systemd-vconsole-setup
2016-08-02socket: add support to control no. of connections from one source (#3607)Susant Sahani
Introduce MaxConnectionsPerSource= that is number of concurrent connections allowed per IP. RFE: 1939
2016-08-02units: add graphical-session-pre.target user unit (#3848)Martin Pitt
This complements graphical-session.target for services which set up the environment (e. g. dbus-update-activation-environment) and need to run before the actual graphical session.
2016-08-01virt: detect bhyve (FreeBSD hypervisor) (#3840)Leonardo Brondani Schenkel
The CPUID and DMI vendor strings do not seem to be documented. Values were found experimentally and by inspecting the source code.
2016-07-31man: move description of kernel vconsole.conf overrides to vconsole.conf(5)Zbigniew Jędrzejewski-Szmek
They were outdated, and this way it's less likely that they'll get out of sync again. Anyway, it's easier for the reader to have the kernel and config file options next to one another.
2016-07-31Merge pull request #3843 from maxime1986/minor-systemd.resource-controlZbigniew Jędrzejewski-Szmek
2016-07-31documentation: cgroup-v1 and systemd user instanceMaxime de Roucy
Explain in the systemd.resource-control man that systemd user instance can't use resource control on cgroup-v1.
2016-07-31documentation: add cgroup-v2.txt linkMaxime de Roucy
add cgroup-v2.txt link in section "Unified and Legacy Control Group Hierarchies" of systemd.resource-control man.
2016-07-28Merge pull request #3742 from msoltyspl/vconfix2Zbigniew Jędrzejewski-Szmek
vconsole-setup: updates & fixes V2
2016-07-27vconsole: update man pageMichal Soltys
- about namespace - about udev rules
2016-07-26journald: deprecate SplitMode=login (#3805)Zbigniew Jędrzejewski-Szmek
In this mode, messages from processes which are not part of the session land in the main journal file, and only output of processes which are properly part of the session land in the user's journal. This is confusing, in particular because systemd-coredump runs outside of the login session. "Deprecate" SplitMode=login by removing it from documentation, to discourage people from using it.
2016-07-25Merge pull request #3728 from poettering/dynamic-usersZbigniew Jędrzejewski-Szmek
2016-07-25Merge pull request #3757 from poettering/efi-searchZbigniew Jędrzejewski-Szmek
2016-07-25units: add graphical-session.target user unit (#3678)Martin Pitt
This unit acts as a dynamic "alias" target for any concrete graphical user session like gnome-session.target; these should declare "BindsTo=graphical-session.target" so that both targets stop and start at the same time. This allows services that run in a particular graphical user session (e. g. gnome-settings-daemon.service) to declare "PartOf=graphical-session.target" without having to know or get updated for all/new session types. This will ensure that stopping the graphical session will stop all services which are associated to it.
2016-07-25Merge pull request #3802 from poettering/id128-fixesZbigniew Jędrzejewski-Szmek
Id128 fixes and more
2016-07-25man: extend documentation on the SplitMode= setting (#3801)Lennart Poettering
Adressing https://github.com/systemd/systemd/issues/3755#issuecomment-234214273
2016-07-25man: minor man page fixLennart Poettering
Addressing: https://github.com/systemd/systemd/commit/b541146bf8c34aaaa9efcf58325f18da9253c4ec#commitcomment-17997074
2016-07-25Merge pull request #3798 from keszybz/news-and-man-tweaksLennart Poettering
News and man tweaks
2016-07-25core: change ExecStart=! syntax to ExecStart=+ (#3797)Lennart Poettering
As suggested by @mbiebl we already use the "!" special char in unit file assignments for negation, hence we should not use it in a different context for privileged execution. Let's use "+" instead.
2016-07-25man: use "search for unit"Zbigniew Jędrzejewski-Szmek
To "search something", in the meaning of looking for it, is valid, but "search _for_ something" is much more commonly used, especially when the meaning could be confused with "looking _through_ something" (for some other object). (C.f. "the police search a person", "the police search for a person".) Also reword the rest of the paragraph to avoid using "automatically" three times.
2016-07-25man: make chroot less prominent in discussion of nspawnZbigniew Jędrzejewski-Szmek
Not as many people use chroot as before, so make the flow a bit nicer by talking less about chroot. "change to the either" is awkward and unclear. Just remove that part, because all changes are lost, period.
2016-07-25man: update systemctl man page for unit file commands, in particular ↵Lennart Poettering
"systemctl enable" Clarify that "systemctl enable" can operate either on unit names or on unit file paths (also, adjust the --help text to clarify this). Say that "systemctl enable" on unit file paths also links the unit into the search path. Many other fixes. This should improve the documentation to avoid further confusion around #3706.
2016-07-22Merge pull request #3784 from poettering/NEWS-v231Zbigniew Jędrzejewski-Szmek
2016-07-22Merge pull request #3777 from poettering/id128-reworkZbigniew Jędrzejewski-Szmek
uuid/id128 code rework
2016-07-22man: rework resolved.conf's Cache= documentationLennart Poettering
Let's not mention the supposed security benefit of turning off caching. It is really questionnable, and I#d rather not create the impression that we actually believed turning off caching would be a good idea. Instead, mention that Cache=no is implicit if a DNS server on the local host is used.
2016-07-22nss: add new "nss-systemd" NSS module for mapping dynamic usersLennart Poettering
With this NSS module all dynamic service users will be resolvable via NSS like any real user.
2016-07-22core: add a concept of "dynamic" user ids, that are allocated as long as a ↵Lennart Poettering
service is running This adds a new boolean setting DynamicUser= to service files. If set, a new user will be allocated dynamically when the unit is started, and released when it is stopped. The user ID is allocated from the range 61184..65519. The user will not be added to /etc/passwd (but an NSS module to be added later should make it show up in getent passwd). For now, care should be taken that the service writes no files to disk, since this might result in files owned by UIDs that might get assigned dynamically to a different service later on. Later patches will tighten sandboxing in order to ensure that this cannot happen, except for a few selected directories. A simple way to test this is: systemd-run -p DynamicUser=1 /bin/sleep 99999
2016-07-22core: change TasksMax= default for system services to 15%Lennart Poettering
As it turns out 512 is max number of tasks per service is hit by too many applications, hence let's bump it a bit, and make it relative to the system's maximum number of PIDs. With this change the new default is 15%. At the kernel's default pids_max value of 32768 this translates to 4915. At machined's default TasksMax= setting of 16384 this translates to 2457. Why 15%? Because it sounds like a round number and is close enough to 4096 which I was going for, i.e. an eight-fold increase over the old 512 Summary: | on the host | in a container old default | 512 | 512 new default | 4915 | 2457
2016-07-22logind: change TasksMax= value for user logins to 33%Lennart Poettering
Let's change from a fixed value of 12288 tasks per user to a relative value of 33%, which with the kernel's default of 32768 translates to 10813. This is a slight decrease of the limit, for no other reason than "33%" sounding like a nice round number that is close enough to 12288 (which would translate to 37.5%). (Well, it also has the nice effect of still leaving a bit of room in the PID space if there are 3 cooperating evil users that try to consume all PIDs... Also, I like my bikesheds blue). Since the new value is taken relative, and machined's TasksMax= setting defaults to 16384, 33% inside of containers is usually equivalent to 5406, which should still be ample space. To summarize: | on the host | in the container old default | 12288 | 12288 new default | 10813 | 5406
2016-07-22core: support percentage specifications on TasksMax=Lennart Poettering
This adds support for a TasksMax=40% syntax for specifying values relative to the system's configured maximum number of processes. This is useful in order to neatly subdivide the available room for tasks within containers.
2016-07-22machine-id-setup: add new --print switchLennart Poettering
If specified we'll simply output the used machine ID.
2016-07-22sd-id128: handle NULL return parameter in sd_id128_from_string() nicerLennart Poettering
If the return parameter is NULL, simply validate the string, and return no error.
2016-07-21man: add missing whitespace to bootctl command linesLennart Poettering
2016-07-21man: use <filename> in bootctl man page where appropriateLennart Poettering
2016-07-21bootctl: rework to use common verbs parsing, and add searching of ESP pathLennart Poettering
This rearranges bootctl a bit, so that it uses the usual verbs parsing routines, and automatically searches the ESP in /boot, /efi or /boot/efi, thus increasing compatibility with mainstream distros that insist on /boot/efi. This also adds minimal support for running bootctl in a container environment: when run inside a container verification of the ESP via raw block device access, trusting the container manager to mount the ESP correctly. Moreover, EFI variables are not accessed when running in the container.
2016-07-21gpt-generator: use /efi as mount point for the ESP if it existsLennart Poettering
Let's make the EFI generator a bit smarter: if /efi exists it is used as mount point for the ESP, otherwise /boot is used. This should increase compatibility with distros which use legacy boot loaders that insist on having /boot as something that isn't the ESP.
2016-07-21Merge pull request #3770 from AlexanderKurtz/masterLennart Poettering
bootctl: Always use upper case for "/EFI/BOOT" and "/EFI/BOOT/BOOT*.EFI".
2016-07-21bootctl: Always use upper case for "/EFI/BOOT" and "/EFI/BOOT/BOOT*.EFI".Alexander Kurtz
If the ESP is not mounted with "iocharset=ascii", but with "iocharset=utf8" (which is for example the default in Debian), the file system becomes case sensitive. This means that a file created as "FooBarBaz" cannot be accessed as "foobarbaz" since those are then considered different files. Moreover, a file created as "FooBar" can then also not be accessed as "foobar", and it also prevents such a file from being created, as both would use the same 8.3 short name "FOOBAR". Even though the UEFI specification [0] does give the canonical spelling for the files mentioned above, not all implementations completely conform to that, so it's possible that those files would already exist, but with a different spelling, causing subtle bugs when scanning or modifying the ESP. While the proper fix would of course be that everybody conformed to the standard, we can work around this problem by just referencing the files by their 8.3 short names, i.e. using upper case. Fixes: #3740 [0] <http://www.uefi.org/specifications>, version 2.6, section 3.5.1.1
2016-07-20man: document a tiny bit better what udev_device_get_is_initialized() ↵Lennart Poettering
actually returns
2016-07-19man: revise entry about specifying a file path (#3739)mulkieran
* Specifying a device node has an effect much larger than a simple shortcut for a field/value match, so the original sentence is no longer a good way to start the paragraph. * Specifying a device node causes matches to be generated for all ancestor devices of the device specified, not just its parents. * Indicates that the path must be absolute, but that it may be a link. * Eliminates a few typos.
2016-07-19man: mention that locale changes might require initramfs to be rebuilt (#3754)Zbigniew Jędrzejewski-Szmek
https://bugzilla.redhat.com/show_bug.cgi?id=1151651 Also explain what localectl does a bit better: https://bugzilla.redhat.com/show_bug.cgi?id=1357861
2016-07-19Merge pull request #3685 from kinvolk/alessandro/inaccessible-pathsLennart Poettering
namespace: unify limit behavior on non-directory paths