Age | Commit message (Collapse) | Author |
|
This adds SMACK label configuration options to socket units.
SMACK labels should be applied to most objects on disk well before
execution time, but two items remain that are generated dynamically
at run time that require SMACK labels to be set in order to enforce
MAC on all objects.
Files on disk can be labelled using package management.
For device nodes, simple udev rules are sufficient to add SMACK labels
at boot/insertion time.
Sockets can be created at run time and systemd does just that for
several services. In order to protect FIFO's and UNIX domain sockets,
we must instruct systemd to apply SMACK labels at runtime.
This patch adds the following options:
Smack - applicable to FIFO's.
SmackIpIn/SmackIpOut - applicable to sockets.
No external dependencies are required to support SMACK, as setting
the labels is done using fsetxattr(). The labels can be set on a
kernel that does not have SMACK enabled either, so there is no need
to #ifdef any of this code out.
For more information about SMACK, please see Documentation/Smack.txt
in the kernel source code.
v3 of this patch changes the config options to be CamelCased.
|
|
|
|
|
|
|
|
|
|
|
|
to recheck the journal manually for changes in regular intervals
Network file systems generally do not offer inotify() that would work
across the network. We hence cannot rely on inotify() exclusiely in
those case. Provide an API to determine these cases, and suggest doing
manual regular rechecks.
Note that this is not complete yet, as we need to rescan journal dirs on
network file systems explicitly to find new/removed files
|
|
|
|
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=55890
Fixed typos, serial comma, and removed "either" as there were more
than two options. Also did an extra rename of "system-shutdown"
to "systemd-shutdown" that was forgotten in commit
8bd3b8620c80d0f2383f2fb04315411fc8077ca1
|
|
This now matches the JSON serialization spec from:
http://www.freedesktop.org/wiki/Software/systemd/json
|
|
|
|
Reported-by: Jason St. John <jstjohn@purdue.edu>
|
|
Mostly useful for testing purposes. Setting Age to 1s works just as
well, but it is surprising that using 0s (or just 0) does not work.
Also clarify this in the documentation.
|
|
|
|
|
|
|
|
'systemd-coredumpctl' will list available coredumps:
PID UID GID sig exe
32452 500 500 11 /home/zbyszek/systemd/build/journalctl
32666 500 500 11 /usr/lib64/valgrind/memcheck-amd64-linux
...
'systemd-coredumpctl dump PID' will write the coredump
to specified file or stdout.
|
|
There's no point in making this configurable, so let's drop it in order
to simplify configuration a bit.
|
|
Given that "journalctl -u" exists now there's no need to duplicate this
functionality in systemctl, so let's drop this, especially given that it
always felt a bit awkward to overload "-f" to both --force and --follow,
and to have continues output with a status header for this.
systemctl status -f avahi-daemon
now becomes:
journalctl -fu avahi-daemon
Which is shorter and a lot less redundant.
|
|
|
|
|
|
|
|
|
|
Example:
journalctl -F _SYSTEMD_UNIT
will list all units that ever logged to the journal.
|
|
entries of the journal
The new 'unique' API allows listing all unique field values that a field
specified by a field name can take in all entries of the journal. This
allows answering queries such as "What units logged to the journal?",
"What hosts have logged into the journal?", "Which boot IDs have logged
into the journal?".
Ultimately this allows implementation of tools similar to lastlog based
on journal data.
Note that listing these field values will not work for journal files
created with older journald, as the field values are not indexed in
older files.
|
|
|
|
PID of systemd
|
|
Quite long to read but hopefully less misleading.
|
|
|
|
Much like logind has a client in loginctl, and journald in journalctl
introduce timedatectl, to change the system time (incl. RTC), timezones
and related settings.
|
|
This also enables time-based rotation (but not vacuuming) after 1month,
so that not more one month of journal is lost at a time per vacuuming.
|
|
|
|
This applies unit_name_mangle() to the specified unit names and hence
can handle weird characters nicely and will add unit suffixes as
necessary.
|
|
|
|
As you likely know, Arch Linux is in the process of moving to systemd.
So I was reading through the various systemd docs and quickly became
baffled by this new abbreviation "resp.", which I've never seen before
in my English-mother-tongue life.
Some quick Googling turned up a reference:
<http://www.transblawg.eu/index.php?/archives/870-Resp.-and-other-non-existent-English-wordsNicht-existente-englische-Woerter.html>
I guess it's a literal translation of the German "Beziehungsweise", but
English doesn't work the same way. The word "respectively" is used
exclusively to provide an ordering connection between two lists. E.g.
"the prefixes k, M, and G refer to kilo-, mega-, and giga-,
respectively." It is also never abbreviated to "resp." So the sentence
"Sets the default output resp. error output for all services and
sockets" makes no sense to a natural English speaker.
This patch removes all instances of "resp." in the man pages and
replaces them with sentences which are much more clear and, hopefully,
grammatically valid. In almost all instances, it was simply replacing
"resp." with "or," which the original author (Lennart?) could probably
just do in the future.
The only other instances of "resp." are in the src/ subtree, which I
don't feel privileged to correct.
Signed-off-by: Andrew Eikum <aeikum@codeweavers.com>
|
|
|
|
text/event-stream
|
|
to show their details
|
|
Fix reference to "system-shutdown" as being a binary.
|
|
handle-hibernate-key in systemd-inhibit help and man.
|
|
to IPv4/IPv6
|
|
No longer override the default kernel font if nothing is specified in
vconsole.conf.
The default kernel font[0] provides ISO-8859-1 and box characters. Users
of Arabic, Cyrilic or Hebrew must set a different font manually as these
character sets were provided by the old default font [1], but are not
any longer.
Rationale:
* it is counter-intuitive that an empty vconsole.conf file is different
from adding FONT="";
* the version of the default font shipped with Arch (which is the
upstream one) behaves very badly during early boot[2] (which should
admittedly be fixed in the font itself);
* the kernel already supplies a default font, it seems reasonable to
use that unless anything else is specified;
* This also avoids a needless slow call to setfont; and
* We don't want to work around problems in the kernel (in case the
compiled-in font is not acceptable for whatever reason).
[0]: <https://dev.archlinux.org/~tomegun/kernel.bdf>
[1]: <https://dev.archlinux.org/~tomegun/latarcyrheb.bdf>
[2]: <http://i.imgur.com/J2tM4.jpg>
|
|
s/Generator/Generators/
|
|
The documentation for --link-journal is also reworded.
|
|
|
|
implements
|
|
|
|
|
|
The kernel and X11 distuingish these two, and Thinkpad keys have both,
hence we really should distinguish them too.
|