summaryrefslogtreecommitdiff
path: root/man
AgeCommit message (Collapse)Author
2014-03-18core: drop CAP_MKNOD when PrivateDevices= is setLennart Poettering
2014-03-18machinectl: reimplement machinectl's "reboot" verb on top of "kill", and add ↵Lennart Poettering
new verb "poweroff" There's really no point to send the reboot SIGINT from machinectl directly, if machined can do that anyway. This saves code, and makes machinectl network transparent for these verbs. And while we are at it we can easily add a "poweroff" verb in addition to "reboot". Yay!
2014-03-17man: networkd - additional examples related to bridgingpoma
2014-03-17sd-login: add calls that retrieve credentials of peers connected to AF_UNIX ↵Lennart Poettering
peers This is supposed to be an extension of SO_PEERCRED and SO_PEERSEC, except for cgroup information.
2014-03-17man: improve wording of systemctl's --after/--beforeJason St. John
Commit 4a77ca7 was an attempt at fixing the wording of --after and --before, but the new wording was unclear. Split the combined --after/--before section into a separate section for each, explicitly state what each option does, and add information about how these lists are generated. Reported-by: Andrey Borzenkov <arvidjaar@gmail.com> Reported-by: Lennart Poettering <lennart@poettering.net>
2014-03-17journal-remote: implement inheriting http(s) socketsZbigniew Jędrzejewski-Szmek
Now --listen-http=-3 --listen-https=-4 can be used to spawn a µhttpd server on those two ports, in http and https modes respectively. As before, --listen-http=3 --listen-https=4 will launch µhttpd servers on ports 3 and 4.
2014-03-17journal-remote: HTTP(s) supportZbigniew Jędrzejewski-Szmek
The whole tool is made dependent on µhttpd availability. It should be easy to make the µhttpd parts conditional, but since transfer over HTTP seems to be the primary use case, currently this is not done. Current implementation uses nested epoll loops: sd-event is used for the external event loop, and µhttpd uses epoll in its own loop. Unfortunately µhttpd does not expose enough information to add the descriptors it uses to the external event loop. This means that starvation of other events is possible, if one of the inner µhttpd loops is constantly busy. This means that µhttpd servers should not be mixed with other sources. The TLS authentication parts haven't been really tested properly, and should not be take too seriously.
2014-03-17journal-remote: tool to receive messages over the networkZbigniew Jędrzejewski-Szmek
2014-03-17systemctl: introduce -r switch to show units running in local containers in ↵Lennart Poettering
addition to the host
2014-03-14journald: add support for wall forwardingSebastian Thorarensen
This will let journald forward logs as messages sent to all logged in users (like wall). Two options are added: * ForwardToWall (default yes) * MaxLevelWall (default emerg) 'ForwardToWall' is overridable by kernel command line option 'systemd.journald.forward_to_wall'. This is used to emulate the traditional syslogd behaviour of sending emergency messages to all logged in users.
2014-03-14tmpfiles: add --root option to operate on an alternate fs treeMichael Marineau
This makes it possible to initialize or cleanup an arbitrary filesystem hierarchy in the same way that it would be during system boot.
2014-03-14machine-id-setup: use path_kill_slashes and modernizationsZbigniew Jędrzejewski-Szmek
2014-03-14man: network - clarify which options may be specified more than once.Tom Gundersen
2014-03-14machine-id: add --root option to operate on an alternate fs treeGreg KH
This makes it possible to initialize the /etc/machine-id file on an arbitrary filesystem hierarchy. This helps systems that wish to run this at image creation time in a subdirectory, or from initramfs before pivot-root is called. [tomegun: converted to using _cleanup_free_ macros]
2014-03-14networkd: allow more than one static DNS serverTom Gundersen
2014-03-14logind: automatically remove SysV + POSIX IPC objects when the users owning ↵Lennart Poettering
them fully log out
2014-03-12systemctl: when "systemctl status" is called without arguments show a short ↵Lennart Poettering
overall system state Previously "systemctl status" without argument would print the status of all loaded units. This has now been moved to "systemctl status -a".
2014-03-12systemctl: add new "list-machines" commandLennart Poettering
"systemctl list-machines" shows one line per local container which includes the current system state of the container, the number of failed units as well as the number of currently queued jobs.
2014-03-11man: improve nspawn's --user= documentationLennart Poettering
2014-03-11bus: replace sd_bus_label_{escape,unescape}() by new ↵Lennart Poettering
sd_bus_path_{encode,decode}() The new calls work similarly, but enforce a that a common, fixed bus path prefix is used. This follows discussions with Simon McVittie on IRC that it should be a good idea to make sure that people don't use the escaping applied here too wildly as anything other than the last label of a bus path.
2014-03-11core: support globbing matches in DeviceAllow= when checking for device groupsLennart Poettering
2014-03-11man: fix description of systemctl --after/--beforeAndrey Borzenkov
It was backward - --after fetches After property, so units shown really come *before* unit given as argument. Same for --before.
2014-03-11man: multiple sleep modes are to be separated by whitespace, not commasLennart Poettering
As pointed out by Jason A. Donenfeld.
2014-03-10nspawn: add --image= switch to boot GPT disk images that follow the ↵Lennart Poettering
Discoverable Partitions Specification
2014-03-10man: fix formatting of uuidsLennart Poettering
2014-03-09man: fix example in systemd.linkpoma
'man/systemd.link.xml' recovery from: commit eac684ef1c29684b1bcd27a89c38c202e568e469 Author: Tom Gundersen <teg@jklm.no> Date: Tue Feb 25 19:30:40 2014 +0100 man: split out systemd.net{work,dev}(5) from systemd-networkd(8)
2014-03-07man: reference the Discoverable Partitions Spec from the gpt-auto-generator ↵Lennart Poettering
man page
2014-03-07man: add missing commaZbigniew Jędrzejewski-Szmek
marcosf0> missing comma in udevadm "see also" section
2014-03-06build-sys: update intructions for Makefile-man.am regenerationZbigniew Jędrzejewski-Szmek
2014-03-06man: describe functions for appending to messagesZbigniew Jędrzejewski-Szmek
2014-03-07gpt-auto-generator: automatically find the root disk of the systemLennart Poettering
When run in an initrd and no root= argument is set (or is set to root=gpt-auto) we will automatically look for the root partition on the same disk the EFI ESP is located on. Since we look for swap, /home and /srv on the disk the root partition is located on, we hence have a fully discoverable chain: Firmware discovers the EFI ESP partition → the initrd discovers the root partition → the host OS discovers swap, /home, and /srv. Note that this requires an EFI boot loader that sets the LoaderDevicePartUUID EFI variable, such as Gummiboot.
2014-03-06man: systemd-bootchart - fix spacing in commandZachary Cook
Use the same formatting as the systemd-analyze man page, so that man shows a space.
2014-03-06man: update link to LSBZbigniew Jędrzejewski-Szmek
https://bugzilla.redhat.com/show_bug.cgi?id=1073402
2014-03-06man: bring gpt-auto-generator up to dateLennart Poettering
2014-03-05man: ipv4 link-localUmut Tezduyar Lindskog
2014-03-05systemd-run: make sure --nice=, --uid=, --gid=, --setenv= also work in ↵Lennart Poettering
--scope mode
2014-03-05man: document missing options of systemd-runLennart Poettering
2014-03-05systemd-run: add new --property= switch that can set arbitrary properties ↵Lennart Poettering
for the unit that is created The code for parsing these properties is shared with "systemctl set-property", which means all the resource control settings are immediately available.
2014-03-04logind: make $XDG_RUNTIME_DIR a per-user tmpfsLennart Poettering
This way each user allocates from his own pool, with its own size limit. This puts the size limit by default to 10% of the physical RAM size but makes it configurable in logind.conf.
2014-03-04man: networkd - fix typoUmut Tezduyar Lindskog
2014-03-03logind: ignore lid switch if more than 1 display is connectedLennart Poettering
Previously we expected the desktop environment to take an inhibitor lock, but this opened a race on boot-up where logind might already be running but no DE is active. Hence, let's move checking for additional displays into logind. This also opens up this logic for other DEs, given that only GNOME implemented the inhibitor logic so far.
2014-03-03man: networkd - mention resolv.conf symlinkTom Gundersen
2014-03-03core: introduce new RuntimeDirectory= and RuntimeDirectoryMode= unit settingsLennart Poettering
As discussed on the ML these are useful to manage runtime directories below /run for services.
2014-02-25Use /var/run/dbus/system_bus_socket for the D-Bus socketZbigniew Jędrzejewski-Szmek
2014-02-26Revert back to /var/run at a couple of problemsLennart Poettering
This partially reverts 41a55c46ab8fb4ef6727434227071321fc762cce Some specifications we want to stay compatibility actually document /var/run, not /run, and we should stay compatible with that. In order to make sure our D-Bus implementation works on any system, regardless if running systemd or not, we should always use /var/run which is the only path mandated by the D-Bus spec. Similar, glibc hardcodes the utmp location to /var/run, and this is exposed in _UTMP_PATH in limits.h, hence let's stay in sync with this public API, too. We simply do not support systems where /var/run is not a symlink → /run. Hence both are equivalent. Staying compatible with upstream specifications hence weighs more than cleaning up superficial appearance.
2014-02-25Replace /var/run with /run in remaining placesZbigniew Jędrzejewski-Szmek
/run was already used almost everywhere, fix the remaining places for consistency.
2014-02-26exec: imply NoNewPriviliges= only when seccomp filters are used in user modeLennart Poettering
2014-02-26core: add new RestrictAddressFamilies= switchLennart Poettering
This new unit settings allows restricting which address families are available to processes. This is an effective way to minimize the attack surface of services, by turning off entire network stacks for them. This is based on seccomp, and does not work on x86-32, since seccomp cannot filter socketcall() syscalls on that platform.
2014-02-25networkd: add basic support for MACVLANsTom Gundersen
2014-02-25man: refer to systemd.net{work,dev}(5) from systemd-networkd(8)Tom Gundersen