| Age | Commit message (Collapse) | Author |
|---|
|
Turns out we can just do kmod_setup() earlier, before we do mount_setup(),
so there's no need for mount_setup_late() anymore. Instead, put kdbusfs in
mount_table[].
|
|
kdbus has seen a larger update than expected lately, most notably with
kdbusfs, a file system to expose the kdbus control files:
* Each time a file system of this type is mounted, a new kdbus
domain is created.
* The layout inside each mount point is the same as before, except
that domains are not hierarchically nested anymore.
* Domains are therefore also unnamed now.
* Unmounting a kdbusfs will automatically also detroy the
associated domain.
* Hence, the action of creating a kdbus domain is now as
privileged as mounting a filesystem.
* This way, we can get around creating dev nodes for everything,
which is last but not least something that is not limited by
20-bit minor numbers.
The kdbus specific bits in nspawn have all been dropped now, as nspawn
can rely on the container OS to set up its own kdbus domain, simply by
mounting a new instance.
A new set of mounts has been added to mount things *after* the kernel
modules have been loaded. For now, only kdbus is in this set, which is
invoked with mount_setup_late().
|
|
Otherwise we cannot know when a service exited
|
|
It is unused since cf1265e188e876dda906dca0029248a06dc80c33
|
|
Use the same robust logic of mkdir + unlink of any existing AF_UNIX
socket, ignoring the return value, right before bind().
|
|
Also simplify the code a bit by moving mkdir to the common path.
|
|
A timer configured with OnActiveSec will start its associated unit again
if the timer is stopped, then started. However, if the timer unit is
restarted -- with "systemctl restart", say -- this does not occur.
This commit ensures that TIMER_ACTIVE timers are re-enabled whenever the
timer is started, even if that's within a restart job.
|
|
Also, make all parsing of the kernel cmdline non-fatal.
|
|
Our initrd interface specifies that the verb is in argv[1].
This is where systemd passes it to systemd-shutdown, but getopt
permutes argv[]. This confuses dracut's shutdown script:
Shutdown called with argument '--log-level'. Rebooting!
getopt can be convinced to not permute argv[] by having '-' as the first
character of optstring. Let's use it. This requires changing the way
non-option arguments (in our case, the verb) are processed.
This fixes a bug where the system would reboot instead of powering off.
|
|
|
|
Now that we only have one file with condition implementations around, we
can drop the -util suffix and simplify things a bit.
|
|
That way only one file with condition code remaining, in src/shared/,
rather than src/core/.
Next step: dropping the "-util" suffix from condition-util.[ch].
|
|
fatal for a start job if not met
|
|
|
|
|
|
|
|
subhierarchies
For priviliged units this resource control property ensures that the
processes have all controllers systemd manages enabled.
For unpriviliged services (those with User= set) this ensures that
access rights to the service cgroup is granted to the user in question,
to create further subgroups. Note that this only applies to the
name=systemd hierarchy though, as access to other controllers is not
safe for unpriviliged processes.
Delegate=yes should be set for container scopes where a systemd instance
inside the container shall manage the hierarchies below its own cgroup
and have access to all controllers.
Delegate=yes should also be set for user@.service, so that systemd
--user can run, controlling its own cgroup tree.
This commit changes machined, systemd-nspawn@.service and user@.service
to set this boolean, in order to ensure that container management will
just work, and the user systemd instance can run fine.
|
|
This mirrors code in dbus.c when creating the private socket and
avoids error messages like:
systemd[1353]: bind(/run/user/603/systemd/notify) failed: No such file or directory
systemd[1353]: Failed to fully start up daemon: No such file or directory
|
|
always pass along comm, as documented by audit. Always set the correct
comm value.
|
|
And conditionalize journald audit support with it
|
|
|
|
This way they always show up together with 'Found ordering cycle...'.
Ordering cycles are a serious error and a major pain to debug. If
quiet is enabled, only the first and the last line of output are
shown:
systemd[1]: Found ordering cycle on basic.target/start
systemd[1]: Breaking ordering cycle by deleting job timers.target/start
systemd[1]: Job timers.target/start deleted to break ordering cycle starting with basic.target/start
which isn't particularly enlightening. So just show the whole message
at the same level.
https://bugzilla.redhat.com/show_bug.cgi?id=1158206
|
|
|
|
|
|
|
|
I tried to preserve most errno values, but in some cases they were
inconsistent (different errno values for the same error name) or just
mismatched.
|
|
|
|
if sigabrt doesn't do the job, follow regular shutdown
routine, sigterm > sigkill.
|
|
|
|
|
|
We nowadays always set them to "false" anyway, hence let's get rid of
them entirely.
|
|
For now, it's systemd itself that parses the options string, but as soon
as util-linux' swapon can take the option string directly with -o we
should pass it on unmodified.
|
|
It will be printed even if a prompt is blocking other messages.
|
|
In preparation for subsequent changes.
|
|
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=73942
|
|
UID or GID of 0 is valid, so we cannot use that to distinguish whether
calls to sd_bus_creds_get_* succeeded, and the return value from the
function is the only way to know about missing fields. Print "n/a" if
the fields are missing.
CID #1238779
|
|
|
|
The system start timeout as previously implemented would get confused by
long-running services that are included in the initial system startup
transaction for example by being cron-job-like long-running services
triggered immediately at boot. Such long-running jobs would be subject
to the default 15min timeout, esily triggering it.
Hence, remove this again. In a subsequent commit, introduce per-target
job timeouts instead, that allow us to control these timeouts more
finegrained.
|
|
If we run in the container then we run in a mount namespace. If namespace dies
then kernel should do unmounting for us, hence we skip unmounting in containers.
Also, it may be the case that we no longer have capability to do umount,
because we are running in the unprivileged container.
See: http://lists.freedesktop.org/archives/systemd-devel/2014-October/023536.html
|
|
Function queries system hostname and applies changes only when necessary. Also,
migrate all client of sethostname to sethostname_idempotent while at it.
|
|
After all we have lots of those.
|
|
In order to make object destruction easier (in particular in combination
with _cleanup_) we usually make destructors deal with NULL objects as
NOPs. Change the calendar spec destructor to follow the same scheme.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=84931
|
|
Since commit b1e90ec515408aec2702522f6f68c4920b56375b systemd passes
its log settings to systemd-shutdown via command line parameters.
However, systemd-shutdown doesn't pass these parameters to
/run/initramfs/shutdown, causing it to fall back to the default log
settings.
This fixes the following bugs about the shutdown not being quiet
despite "quiet" being in the kernel parameters:
https://bugs.freedesktop.org/show_bug.cgi?id=79582
https://bugs.freedesktop.org/show_bug.cgi?id=57216
|
|
|
|
|
|
|
|
APIs that query and return something cannot silently fail, they must
either return something useful, or an error. Fix that.
Also, properly rollback socket unit fd creation when something goes
wrong with the security framework.
|
|
a) always return negative errno error codes
b) always become a noop if smack is off
c) always take a NULL label as a request to remove it
|
