Age | Commit message (Collapse) | Author |
|
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.
Implementation of label_get_child_label derived from xinetd.
Reviewed-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
Also, provide an example for -u.
|
|
|
|
The interface for creating tuntap devices should be ported to rtnl so it would support the same settings
as other kinds. In the meantime, the best one can do is to drop in a .link file to set the desired options.
|
|
Remove the sd_ prefix from internal functions and get rid of the sd_memfd
type. As a memfd is now just a native file descriptor, we can get rid of our
own wrapper type, and also use close() and dup() on them directly.
|
|
This allows the search/routing domanis to be specified per link/network and be passed
on to resolved.
|
|
This option will also apply to the search domains, so make it plural.
|
|
|
|
TCP_DEFER_ACCEPT Allow a listener to be awakened only when data
arrives on the socket. If TCP_DEFER_ACCEPT set on a server-side
listening socket, the TCP/IP stack will not to wait for the final
ACK packet and not to initiate the process until the first packet
of real data has arrived. After sending the SYN/ACK, the server will
then wait for a data packet from a client. Now, only three packets
will be sent over the network, and the connection establishment delay
will be significantly reduced.
|
|
The tcp keep alive variables now can be configured via conf
parameter. Follwing variables are now supported by this patch.
tcp_keepalive_intvl: The number of seconds between TCP keep-alive probes
tcp_keepalive_probes: The maximum number of TCP keep-alive probes to
send before giving up and killing the connection if no response is
obtained from the other end.
tcp_keepalive_time: The number of seconds a connection needs to be
idle before TCP begins sending out keep-alive probes.
|
|
Most routers will send garbage, so make this opt-in only.
|
|
This reverts commit 9528592ff8d7ff361da430285deba8196e8984d5.
Apparently TFO is actually the default at least for the server side now.
Also the setsockopt doesn't actually take a bool, but a qlen integer.
|
|
TCP Fast Open (TFO) speeds up the opening of successiveTCP)
connections between two endpoints.It works by using a TFO cookie
in the initial SYN packet to authenticate a previously connected
client. It starts sending data to the client before the receipt
of the final ACK packet of the three way handshake is received,
skipping a round trip and lowering the latency in the start of
transmission of data.
|
|
This patch adds support for TCP TCP_NODELAY socket option. This can be
configured via NoDelay conf parameter. TCP Nagle's algorithm works by
combining a number of small outgoing messages, and sending them all at
once. This controls the TCP_NODELAY socket option.
|
|
Avoids triggering timers prematurely on systems with significantly inaccurate
clocks, or some embedded platforms that lack one entirely.
|
|
This causes machines without connectivity to hang where they would otherwise fail. Keep it
opt-in for now, but consider whether we sholud just drop it.
|
|
|
|
|
|
|
|
|
|
directory when looking for unit file drop-ins.
|
|
|
|
|
|
Newer kernels export meta-information about the origin of an ifname. Respect this
from the ifname rename logic. We do not rename any interfaces that was originally
named by userspace, nor once which have already been renamed from userspace.
Moreover, we optionally do not (the default) rename interfaces which the kernel
claims to have named in a predictable way.
|
|
Noticed by thp on #systemd.
|
|
|
|
|
|
|
|
* systemd-bootchart always parses /proc/uptime, although the
information is unnecessary when --rel specified
* use /proc/uptime is overkill, since Linux 2.6.39 we have
clock_gettime(CLOCK_BOOTTIME, ...). The backend on kernel side is
get_monotonic_boottime() in both cases.
* main() uses "if (graph_start <= 0.0)" to detect that /proc is
available.
This is fragile solution as graph_start is always smaller than zero
on all systems after suspend/resume (e.g. laptops), because in this
case the system uptime includes suspend time and uptime is always
greater number than monotonic time. For example right now difference
between uptime and monotonic time is 37 hours on my laptop.
Note that main() calls log_uptime() (to parse /proc/uptime) for each
sample when it believes that /proc is not available. So on my laptop
systemd-boochars spends all live with /proc/uptime parsing +
nanosleep(), try
strace /usr/lib/systemd/systemd-bootchart
to see the never ending loop.
This patch uses access("/proc/vmstat", F_OK) to detect procfs.
|
|
We generally have separate man pages for all configuration files.
In this case udev.conf was already described in systemd-udevd.service(8),
but it was hard to find. Docbook makes it hard to add a .so link from
a different section, so describe udev.conf in its own page.
|
|
|
|
The docs for the DHCP= was updated, but not the example.
|
|
This changes the behavior when both DHCPv4 and IPv4LL are enabled. Before,
we would disable IPv4LL when we got a DHCPv4 lease and enable it if the
lease was lost.
Now we just always set up both, if both are enabled, but the DHCPv4
addresses and routes will always take precedence due to their metric
and scope.
|
|
|
|
Some events take longer than the default 30 seconds. Killing those
events will leave the machine halfway configured.
Add a commandline option '--event-timeout' to handle these cases.
|
|
This is necessary for non-ipv4ll hosts to communicate with ipv4ll-only hosts on the same link. Defaults
to being enabled, but can be opted out.
See: <http://avahi.org/wiki/AvahiAutoipd#Routes>
|
|
|
|
|
|
|
|
The following bond options are supported by this patch.
MIIMonitorSec:
Specifies the frequency in milli-seconds that MII link
monitoring will occur.
UpDelaySec:
Specifies the delay time in milli-seconds to enable a link
after a link up status has been detected.
DownDelaySec:
Specifies the delay time in milli-seconds to disable a link
after a link failure has been detected.
changes:
1. Added gconf variables.
2. man page
conf:
[NetDev]
Name=bond1
Kind=bond
[Bond]
Mode=802.3ad
TransmitHashPolicy=layer2+3
LacpduTransmitRate=fast
MIIMonitorSec=1s
UpDelaySec=2s
DownDelaySec=8s
cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2+3 (2)
MII Status: up
MII Polling Interval (ms): 1000
Up Delay (ms): 2000
Down Delay (ms): 8000
802.3ad info
LACP rate: fast
Min links: 0
Aggregator selection policy (ad_select): stable
bond bond1 has no active aggregator
[tomegun: rephrased manpage, dropped bond_ prefix from variables]
|
|
LacpduTransmitRate
option specifies the rate in which link partner to transmit
LACPDU packets in 802.3ad mode. Possible values
slow : Request partner to transmit LACPDUs every 30 seconds
fast : Request partner to transmit LACPDUs every 1 second
The default is slow.
chages:
1. Added enum bond_lacp_rate_table
2. gperf LacpduTransmitRate
Test:
conf file:
[NetDev]
Name=bond1
Kind=bond
[Bond]
Mode=802.3ad
LacpduTransmitRate=fast
test:
cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2+3 (2)
MII Status: up
MII Polling Interval (ms): 0
Up Delay (ms): 0
Down Delay (ms): 0
802.3ad info
LACP rate: fast
Min links: 0
Aggregator selection policy (ad_select): stable
bond bond1 has no active aggregator
[tomegun: renamed from LacpduTransmitRate to LACPTransmitRate, manpage fixes and
dropped bond_ prefix from variables]
|
|
This patch adds support the transmit hash policy to use
for slave selection in balance-xor, 802.3ad, and tlb modes
layer2, layer3+4, layer2+3, encap3+4, encap3+4
Added:
1. BondXmitHashPolicy
2. conf param TransmitHashPolicy
Test conf:
[NetDev]
Name=bond1
Kind=bond
[Bond]
Mode=802.3ad
TransmitHashPolicy=layer2+3
test output:
cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2+3 (2)
MII Status: up
MII Polling Interval (ms): 0
Up Delay (ms): 0
Down Delay (ms): 0
802.3ad info
LACP rate: slow
Min links: 0
Aggregator selection policy (ad_select): stable
bond bond1 has no active aggregator
[tomegun: dropped bond_ prefix from new Bond variable, drop repeated man-page section]
|
|
|
|
It can now contain more than one directory, and can be used
to only prepend, not totally override, the normal load path.
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1110712
|
|
Also modify the function itself to be a bit simpler to read.
|
|
A system that is running on a logical partition (LPAR) provided by
PR/SM has access to physical hardware (except CPU). It is true that
PR/SM abstracts the hardware, but only for sharing purposes.
Details are statet at:
http://publib.boulder.ibm.com/infocenter/eserver/v1r2/topic/eicaz/eicazzlpar.htm
-->--
In other words, PR/SM transforms physical resources into virtual resources so
that many logical partitions can share the same physical resources.
--<--
Still, from the OS point of view, the shared virtual resource is real
hardware. ConditionVirtualization must be set to false if the OS runs
directly on PR/SM (e.g. in an LPAR).
[zj: reorder code so that variables are not allocated when #if-def is
false. Add commit message.]
|