Age | Commit message (Collapse) | Author |
|
background process
This is a follow-up to 5d2036b5f3506bd0ff07042aee8d69c26db32298, and also makes
the "machinectl clean" verb asynchronous, after all it's little more than a
series of image removals.
The changes required to make this happen are a bit more comprehensive as we
need to pass information about deleted images back to the client, as well as
information about the image we failed on if we failed on one. Hence, create a
temporary file in /tmp, serialize that data into, and read it from the parent
after the operation is complete.
|
|
resolved: more fixes, among them "systemctl-resolve --status" to see DNS configuration in effect, and a local DNS stub listener on 127.0.0.53
|
|
It makes use of the sd_listen_fds() call, and as such should live in
src/shared, as the distinction between src/basic and src/shared is that the
latter may use libsystemd APIs, the former does not.
Note that btrfs-util.[ch] and log.[ch] also include header files from
libsystemd, but they only need definitions, they do not invoke any function
from it. Hence they may stay in src/basic.
|
|
variables
|
|
When we return the full RR wire data, let's make sure the TTL included in it is
adjusted by the time the RR sat in the cache.
As an optimization we do this only for ResolveRecord() and not for
ResolveHostname() and friends, since adjusting the TTL means copying the RR
object, and we don#t want to do that if there's no reason to.
(ResolveHostname() and friends don't return the TTL hence there's no reason to
in that case)
|
|
It's like set_put_strdup(), but splits up a string via an extract_first_word()
loop.
|
|
NULL strings nicely
xyz_from_string() functions defined with DEFINE_STRING_TABLE_LOOKUP() properly
handle NULL strings already. make sure the equivalent functions defined with
DEFINE_STRING_TABLE_LOOKUP_WITH_BOOLEAN() do the same.
|
|
See:
https://github.com/systemd/systemd/pull/3529#issuecomment-226421007
|
|
networkd: add support for vrf interfaces (#3316)
|
|
various changes, most importantly regarding memory metrics
|
|
|
|
executed services
This permits services to detect whether their stdout/stderr is connected to the
journal, and if so talk to the journal directly, thus permitting carrying of
metadata.
As requested by the gtk folks: #2473
|
|
buffer (#3541)
Calling recv with a NULL buffer returns EFAULT instead of EOPNOTSUPP on
older kernels (3.14).
Fixes #3407
Signed-off-by: Kai Ruhnau <kai.ruhnau@target-sg.com>
|
|
Super-important change, yeah!
|
|
This reworks get_process_cmdline() quite substantially, fixing the following:
- Fixes:
https://github.com/systemd/systemd/pull/3512/commits/a4e3bf4d7ac2de51191ce136ee9361ba319e106c#r66837630
- The passed max_length is also applied to the "comm" name, if comm_fallback is
set.
- The right thing happens if max_length == 1 is specified
- when the cmdline "foobar" is abbreviated to 6 characters the result is not
"foobar" instead of "foo...".
- trailing whitespace are removed before the ... suffix is appended. The 7
character abbreviation of "foo barz" is hence "foo..." instead of "foo ...".
- leading whitespace are suppressed from the cmdline
- a comprehensive test case is added
|
|
The various bits of code did the scaling all different, let's unify this,
given that the code is not trivial.
|
|
And port a couple of users over to it.
|
|
limit into account
When determining the amount of RAM in the system, let's make sure we also read
the root-level cgroup memory limit into account. This isn't particularly useful
on the host, but in containers it makes sure that whatever memory the container
got assigned is actually used for RAM size calculations.
|
|
Systemctl fixes
|
|
Fix issue where IN6_ADDR_GEN_MODE_STABLE_PRIVACY is undefined but
IFLA_INET6_ADDR_GEN_MODE is defined and thus the former does not get
fixed in missing.h. This occurs with kernel headers new enough to have
the IFLA_INET6_ADDR_GEN_MODE but old enough to not yet have
IN6_ADDR_GEN_MODE_STABLE_PRIVACY (e.g. 3.18).
|
|
|
|
Typing `rd.rescue` is easier than `rd.systemd.unit=rescue.target`.
|
|
Our functions that query /proc/pid/ support using pid==0 to mean
self. get_process_id also seemed to support that, but it was not implemented
correctly: the result should be in *uid, not returned, and also it gave
completely bogus result when called from get_process_gid(). But afaict,
get_process_{uid,gid} were never called with pid==0, so it's not an actual
bug. Remove the broken code to avoid confusion.
|
|
If max_length is equal or greater than cmdline length all trailing non-printable
characters are dropped. If max_length is 0 it should do the same.
This should also fix cmdline truncation if the last character is not '\0'.
Fixes #3469.
|
|
|
|
|
|
resolved: support IPv6 DNS servers on the local link
|
|
|
|
|
|
|
|
|
|
We already have a double timestamp object that we use whenever we need both a
MONOTONIC and a REALTIME timestamp taken and stored. With this change we
also add a triple timestamp object that in addition stores a BOOTTIME
timestamp, which is useful for a few usecases.
Note that we keep dual_timestamp around, as it is useful in many cases where
triple_timestamp is not, in particular because retrieving the monotonic and
realtime timestamps is much cheaper on Linux that getting the boottime
timestamp.
|
|
Make sure we can parse DNS server addresses that use the "zone id" syntax for
local link addresses, i.e. "fe80::c256:27ff:febb:12f%wlp3s0", when reading
/etc/resolv.conf.
Also make sure we spit this out correctly again when writing /etc/resolv.conf
and via the bus.
Fixes: #3359
|
|
Assorted stuff
|
|
|
|
As suggested here:
https://bugs.freedesktop.org/show_bug.cgi?id=64737#c8
This adds a new call terminal_is_dumb() and makes use of this where
appropriate.
|
|
|
|
and make use of it everywhere
|
|
The current raw_clone function takes two arguments, the cloning flags and
a pointer to the stack for the cloned child. The raw cloning without
passing a "thread main" function does not make sense if a new stack is
specified, as it returns in both the parent and the child, which will fail
in the child as the stack is virgin. All uses of raw_clone indeed pass NULL
for the stack pointer which indicates that both processes should share the
stack address (so you better don't pass CLONE_VM).
This commit refactors the code to not require the caller to pass the stack
address, as NULL is the only sensible option. It also adds the magic code
needed to make raw_clone work on sparc64, which does not return 0 in %o0
for the child, but indicates the child process by setting %o1 to non-zero.
This refactoring is not plain aesthetic, because non-NULL stack addresses
need to get mangled before being passed to the clone syscall (you have to
apply STACK_BIAS), whereas NULL must not be mangled. Implementing the
conditional mangling of the stack address would needlessly complicate the
code.
raw_clone is moved to a separete header, because the burden of including
the assert machinery and sched.h shouldn't be applied to every user of
missing_syscalls.h
|
|
networkd: IPv6 fixes
|
|
Add some special filesystems that should not be shifted, most of them
relate to the host and not to containers.
|
|
Although networkd has option (LinkLocalAddressing=) to toggle IPv6LL autoconfiguration, when it is enabled, the address is autoconfigured by the kernel, but not networkd.
Therefore, we do not statically set IFLA_INET6_ADDR_GEN_MODE to IN6_ADDR_GEN_MODE_EUI64, but dynamically depending on whether stable_secret is set, just as what the kernel does by default.
Note that this does NOT affect the global addresses configured by networkd.
|
|
ask-password: ask for passphrases not only on the first console
|
|
but also on all other consoles. This does help on e.g. mainframes
where often a serial console together with other consoles are
used. Even rack based servers attachted to both a serial console
as well as having a virtual console do sometimes miss a connected
monitor.
To be able to ask on all terminal devices of /dev/console the devices
are collected. If more than one device are found, then on each of the
terminals a inquiring task for passphrase is forked and do not return
to the caller.
Every task has its own session and its own controlling terminal.
If one of the tasks does handle a password, the remaining tasks
will be terminated.
Also let contradictory options on the command of
systemd-tty-ask-password-agent fail.
Spwan for each device of the system console /dev/console a own process.
Replace the system call wait() with with system call waitid().
Use SIGTERM instead of SIGHUP to get unresponsive childs down.
Port the collect_consoles() function forward to a pulbic and strv
based function "get_kernel_consoles()" in terminal-util.c and use this
in tty-ask-password-agent.c.
|
|
Fixes:
-bash-4.3# echo core >/proc/sys/kernel/core_pattern
-bash-4.3# kill -ABRT 1
-bash-4.3# kill -ABRT 1
[ 61.373922] systemd[1]: segfault at 7fff1d0a8f48 ip 00007fc9ca91b1c3 sp 00007fff1d0a8f50 error 6 in libc-2.23.so[7fc9ca8ce000+1c0000]
[ 61.768017] Kernel panic - not syncing: Attempted to kill init! exitcode=0x0000008b
[ 61.768017]
...
Recursive ABRT and segfault:
PID 1 - core
TID 1:
...
#153905 0x00005575fc3f829d log_dispatch
#153906 0x00005575fc3f8aa3 log_assert
#153907 0x00005575fc3f8ae9 log_assert_failed
#153908 0x00005575fc3e7eb1 safe_close
#153909 0x00005575fc3f6d5e log_close_journal
#153910 0x00005575fc3f829d log_dispatch
#153911 0x00005575fc3f85a1 log_internalv
#153912 0x00005575fc3f86a1 log_internal
#153913 0x00005575fc31c4c1 crash
#153914 0x00007fb26f2cf3d0 __restore_rt
#153915 0x00007fb26f2ced00 pause
#153916 0x00005575fc403944 freeze
#153917 0x00005575fc31bf7b freeze_or_reboot
...
|
|
Implement compat translation between IO* and BlockIO* settings
|
|
minor improvements for dealing with MAC Addresses
|
|
rm_rf_physical_and_freep in tests (#3292)
Some distros don't mount /tmp as tmpfs.
For example:
https://lists.ubuntu.com/archives/ubuntu-cloud/2016-January/001009.html
Some tests:
* print 'Attempted to remove disk file system, and we can't allow that.'
* don't really cleanup /tmp
|
|
cgroup IO controller supports maximum limits for both bandwidth and IOPS but
systemd resource control currently only supports bandwidth limits. This patch
adds support for IOReadIOPSMax and IOWriteIOPSMax when unified cgroup hierarchy
is in use.
It isn't difficult to also add BlockIOReadIOPS and BlockIOWriteIOPS for legacy
hierarchies but IO control on legacy hierarchies is half-broken anyway, so
let's leave it alone for now.
|
|
Currently, there are two cgroup IO limits, bandwidth max for read and write,
and they are hard-coded in various places. This is fine for two limits but IO
is expected to grow more limits - low, high and max limits for bandwidth and
IOPS - and hard-coding each limit won't make sense.
This patch replaces hard-coded limits with an array indexed by
CGroupIOLimitType and accompanying string and default value tables so that new
limits can be added trivially.
|