| Age | Commit message (Collapse) | Author |
|---|
|
different umask
|
|
Instead of outputting "5h 55s 50ms 3us" we'll now output "5h
55.050003s". Also, while outputting the accuracy is configurable.
Basically we now try use "dot notation" for all time values > 1min. For
>= 1s we use 's' as unit, otherwise for >= 1ms we use 'ms' as unit, and
finally 'us'.
This should give reasonably values in most cases.
|
|
Implement this with a proper state machine, so that newlines and
escaped chars can appear in string assignments. This should bring the
parser much closer to shell.
|
|
Internally we store all time values in usec_t, however parse_usec()
actually was used mostly to parse values in seconds (unless explicit
units were specified to define a different unit). Hence, be clear about
this and name the function about what we pass into it, not what we get
out of it.
|
|
You can write much more than just one line with this call (and we
frequently do), so let's correct the naming.
|
|
|
|
|
|
|
|
sockets.socket - Test
Loaded: loaded (/home/alxchk/.config/systemd/user/sockets.socket; static)
Active: inactive (dead)
Listen: Stream: /tmp/stream1
Stream: @stream4
Stream: [::]:9999
Stream: 127.0.0.2:9996
Stream: [::1]:9996
Datagram: /tmp/stream2
Datagram: @stream5
Datagram: [::]:9998
Datagram: 127.0.0.2:9995
Datagram: [::1]:9995
SequentialPacket: @stream6
SequentialPacket: /tmp/stream3
FIFO: /tmp/fifo1
Special: /dev/input/event9
Netlink: kobject-uevent 0
MessageQueue: /msgqueue1
[zj: - minor cleanups,
- free i.listen,
- remove sorting, because the order or sockets matters.]
|
|
Previously we simply counted how many processes we killed and expected
as many waitpid() calls to succeed. That however is incorrect to do.
As we might kill processes that are not our immediate children, and as
there might be left-over processes in the waitpid() queue from earlier
the we might get more ore less waitpid() events that we expect.
Hence: keep precise track of the processes we kill, remove the ones we
get waitpid() for, and after each time we get SIGCHLD check if all
others still exist. We use getpgid() to check if a PID still exists.
This should fix issues with journald not setting journal files offline
correctly on shutdown, because we'd too quickly proceed from SIGTERM to
SIGKILL because some left-over process was in our waitpid() queue.
|
|
When showing an error like 'Socket service not loaded', the
error won't show up in the status for the socket, unless it is
marked as SYSTEMD_UNIT=*.socket. Marking it as SYSTEMD_UNIT=*.service,
when the service is non-existent, is not useful.
|
|
|
|
The ~80 chars per line part wasn't well received.
|
|
Use _cleanup_ and wrap lines to ~80 chars and such.
|
|
They are not crucial, but they shouldn't fail.
|
|
C.f. http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5975c725dfd6f7d36f493ab1453fbdbd35c1f0e3
|
|
Based on coverity report.
|
|
|
|
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=787314
|
|
|
|
The rules governing %s where just too complicated. First of
all, looking at $SHELL is dangerous. For systemd --system,
it usually wouldn't be set. But it could be set if the admin
first started a debug shell, let's say /sbin/sash, and then
launched systemd from it. This shouldn't influence how daemons
are started later on, so is better ignored. Similar reasoning
holds for session mode. Some shells set $SHELL, while other
set it only when it wasn't set previously (e.g. zsh). This
results in fragility that is better avoided by ignoring $SHELL
totally.
With $SHELL out of the way, simplify things by saying that
%s==/bin/sh for root, and the configured shell otherwise.
get_shell() is the only caller, so it can be inlined.
Fixes one issue seen with 'make check'.
|
|
Previously it was necessary to pull in remote-fs-pre.target to order the
mount units against network.target since the ordering was done
transitively via remote-fs-pre.target.
As network implementations shouldn't need to know about the specific
use-case of network mounts we instead now simply order network.target
against all mounts too. This should make it unnecessary for network
managing services to import remote-fs-pre.target explicitly, as
network.target will now suffice.
|
|
mounts
This introduces remote-fs-setup.target independently of
remote-fs-pre.target. The former is only for pulling things in, the
latter only for ordering.
The new semantics:
remote-fs-setup.target: is pulled in automatically by all remote mounts.
Shall be used to pull in other units that want to run when at least one
remote mount is set up. Is not ordered against the actual mount units,
in order to allow activation of its dependencies even 'a posteriori',
i.e. when a mount is established outside of systemd and is only picked
up by it.
remote-fs-pre.target: needs to be pulled in automatically by the
implementing service, is otherwise not part of the initial transaction.
This is ordered before all remote mount units.
A service that wants to be pulled in and run before all remote mounts
should hence have:
a) WantedBy=remote-fs-setup.target -- so that it is pulled in
b) Wants=remote-fs-pre.target + Before=remote-fs-pre.target -- so that
it is ordered before the mount point, normally.
|
|
into for boot
|
|
Let's say you have two initscripts, A and B:
A contains in its LSB header:
Required-Start: C
and B contains in its LSB header:
Provides: C
When systemd is parsing /etc/rc.d/, depending on the file order, you
can end up with either:
- B is parsed first. An unit "C.service" will be "created" and will be
added as additional name to B.service, with unit_add_name. No bug.
- A is parsed first. An unit "C.service" is created for the
"Required-Start" dependency (it will have no file attached, since
nothing provides this dependency yet). Then B is parsed and when trying
to handle "Provides: C", unit_add_name is called but will fail, because
"C.service" already exists in manager->units. Therefore, a merge should
occur for that case.
|
|
The manager already prints "Time has been changed" at level info. It
seems too verbose to print the time change message additionally for
every waiting timer unit.
Downgrade the per-unit message to debug.
|
|
This reverts commit f5c88ec1330b61787441156de7d764a140774bd2. It is no
longer necessary, and adds unnecessary magic.
|
|
Requesites are not supposed to be auto-started afterall, they are just
checks, so don't try to be smarter here than appropriate.
Based on a patch from Michal Schmidt.
|
|
Previously, it would set all caps, but it should drop them all, anything
else makes little sense.
Also, document that this works as it does, and what to do in order to
assign all caps to the bounding set.
https://bugzilla.redhat.com/show_bug.cgi?id=914705
|
|
|
|
|
|
|
|
|
|
This completes c1dae1b3c9729fb8ab749dd4e2dad07e0fad7ed8 in a way.
|
|
|
|
|
|
Currently, PrivateTmp=yes means that the service cannot see the /tmp
shared by rest of the system and is isolated from other services using
PrivateTmp, but users can access and modify /tmp as seen by the
service.
Move the private /tmp and /var/tmp directories into a 0077-mode
directory. This way unpriviledged users on the system cannot see (or
modify) /tmp as seen by the service.
|
|
This is a followup to: commit 1a37b9b9043ef83e9900e460a9a1fccced3acf89
It will fix denial messages from dbus-daemon between gdm and
systemd-logind on logging into GNOME due to this.
See the previous commit for more details.
|
|
|
|
All Execs within the service, will get mounted the same
/tmp and /var/tmp directories, if service is configured with
PrivateTmp=yes. Temporary directories are cleaned up by service
itself in addition to systemd-tmpfiles. Directory which is mounted
as inaccessible is created at runtime in /run/systemd.
|
|
CIPSO is the Common IP Security Option, an IETF standard for setting
security levels for a process sending packets. In Smack kernels,
CIPSO headers are mapped to Smack labels automatically, but can be changed.
This patch writes label/category mappings from /etc/smack/cipso/ to
/sys/fs/smackfs/cipso2. The mapping format is "%s%4d%4d"["%4d"]...
For more information about Smack and CIPSO, see:
https://kernel.org/doc/Documentation/security/Smack.txt
|
|
Check all errors.
|
|
.mount units coming from /proc/self/mountinfo file are
unmounted after local-fs.target is reached during shutdown.
Problem: .mount units popping up in mountinfo file are
added to systemd without any dependency. For that reason,
they are the first one to be unmounted during shutdown.
Whichever program mounted the file system deserves a
chance to also unmount it. This patch ensures that
/proc/self/mountinfo units will be unmounted after
local-fs.target during shutdown (if they haven't been
unmounted already)
|
|
Previously we were testing whether /sys/fs/cgroup/systemd/ was a mount
point. This might be problematic however, when the cgroup trees are bind
mounted into a container from the host (which should be absolutely
valid), which might create the impression that the container was running
systemd, but only the host actually is.
Replace this by a check for the existance of the directory
/run/systemd/system/, which should work unconditionally, since /run can
never be a bind mount but *must* be a tmpfs on systemd systems, which is
flushed at boots. This means that data in /run always reflects
information about the current boot, and only of the local container,
which makes it the perfect choice for a check like this.
(As side effect this is nice to Ubuntu people who now use logind with
the systemd cgroup hierarchy, where the old sd_booted() check misdetects
systemd, even though they still run legacy Upstart.)
|
|
First, rename root-fs.target to initrd-root-fs.target to clarify its usage.
Mount units with "x-initrd-rootfs.mount" are now ordered before
initrd-root-fs.target. As we sometimes construct /sysroot mounts in
/etc/fstab in the initrd, we want these to be mounted before the
initrd-root-fs.target is active.
initrd.target can be the default target in the initrd.
(normal startup)
:
:
v
basic.target
|
______________________/|
/ |
| sysroot.mount
| |
| v
| initrd-root-fs.target
| |
| v
| initrd-parse-etc.service
(custom initrd services) |
| v
| (sysroot-usr.mount and
| various mounts marked
| with fstab option
| x-initrd.mount)
| |
| v
| initrd-fs.target
| |
\______________________ |
\|
v
initrd.target
|
v
initrd-cleanup.service
isolates to
initrd-switch-root.target
|
v
______________________/|
/ |
| initrd-udevadm-cleanup-db.service
| |
(custom initrd services) |
| |
\______________________ |
\|
v
initrd-switch-root.target
|
v
initrd-switch-root.service
|
v
switch-root
|
|
Back from old times when we developed systemd on non-systemd hosts we
still mounted the missing directories such as the cgroup stuff even when
running with a PID != 1. There's no point for that anymore, so let's
just do that if we are actually PID 1, and never otherwise.
https://bugs.freedesktop.org/show_bug.cgi?id=62354
|
|
There are very few differences in the implementations of the kill method in the
unit types that have one. Let's unify them.
This does not yet unify unit_kill() with unit_kill_context().
|
|
Just like mempcpy() is almost identical to memcpy() except the useful
return value, so is the relation of mempset() to memset().
|
|
|
