Age | Commit message (Collapse) | Author |
|
|
|
A variety of changes:
- Make sure all our calls distuingish OOM from other errors if OOM is
not the only error possible.
- Be much stricter when parsing escaped paths, do not accept trailing or
leading escaped slashes.
- Change unit validation to take a bit mask for allowing plain names,
instance names or template names or an combination thereof.
- Refuse manipulating invalid unit name
|
|
If NULL is specified for the bus it is now automatically derived from
the passed in message.
This commit also changes a number of invocations of sd_bus_send() to
make use of this.
|
|
This should simplify the prototype a bit. The bus parameter is redundant
in most cases, and in the few where it matters it can be derived from
the message via sd_bus_message_get_bus().
|
|
|
|
If a unit is stopped for a moment, we need to invalidate our knowledge
of it, otherwise we might be confused by automatic restarts
This makes reboots for nspawn containers run as service work correctly.
https://bugs.freedesktop.org/show_bug.cgi?id=87428
|
|
|
|
|
|
|
|
|
|
Replace ENOTSUP by EOPNOTSUPP as this is what linux actually uses.
|
|
|
|
|
|
|
|
Also, expose it in machinectl.
|
|
Strictly speaking, the output variable is undefined if asprintf fails.
We use the return value not the arg everywhere, and should we do here.
|
|
|
|
This also adds "machinectl import-raw" and "machinectl import-tar" to
wrap these new bus calls.
THe commands basically do for local files that "machinectl pull-raw" and
friends do for remote files.
|
|
downloads
If /var/lib/machines is mounted as btrfs loopback file system in
/var/lib/machines.raw with this change we automatically grow the file
system as it fills up. After each 10M we write to it during imports, we
check the free disk space, and if the fill level grows beyond 66% we
increase the size of the file system to 3x the fill level (thus lowering
it to 33%).
|
|
is called
|
|
pool size
|
|
This fixes "machinectl login" on systems configured with --disable-kdbus.
The error was:
machinectl login foo
Failed to get machine PTY: Input/output error
|
|
"machinectl set-limit"
When the pool size limit is altered with "machinectl set-limit", then
not only set the subvolume quota of the /var/lib/machine subvolume, but
also resize the backing loop file and the btrfs file system on it
dynamically.
|
|
|
|
CID#1271351
|
|
arguments show statistics about pool
|
|
Many of machined's operations are now opened up to unprivileged clients
via PolicyKit. Open up the dbus policy so that we can actually make
these calls.
kdbus doesn't reuqire this, hence this wasn't noticed before.
|
|
This patch removes includes that are not used. The removals were found with
include-what-you-use which checks if any of the symbols from a header is
in use.
|
|
Previously we always invoked the container PID 1 on /dev/console of the
container. With this change we do so only if nspawn was invoked
interactively (i.e. its stdin/stdout was connected to a TTY). In all other
cases we directly pass through the fds unmodified.
This has the benefit that nspawn can be added into shell pipelines.
https://bugs.freedesktop.org/show_bug.cgi?id=87732
|
|
Also, allow clients to alter their own objects without any further
priviliges. i.e. this allows clients to kill and lock their own sessions
without involving PK.
|
|
|
|
PolicyKit
|
|
operations
This way, any bus client can make use of these calls.
|
|
|
|
machined
This extends the bus interface, adding BindMountMachine() for bind
mounting directories from the host into the container.
|
|
This reverts commit d6d810fbf8071f8510450dbacd1d083f37603656.
It's apparently not OK to pass MSG_CMSG_CLOEXEC to recvmsg() of raw
sockets.
|
|
Also, document in adjacent comments and in CODING_STYLE why we do that.
|
|
|
|
After all it is now much more like strjoin() than strappend(). At the
same time, add support for NULL sentinels, even if they are normally not
necessary.
|
|
|
|
|
|
|
|
With this change the pull protocol implementation processes will pass
progress data to importd which then passes this information on via the
bus. We use sd_notify() as generic transport for this communication,
making importd listen to them, while matching the incoming messages to
the right transfer.
|
|
|
|
download, but continue it in the background
|
|
|
|
|
|
|
|
This is how we call it internally, and also a bit more descriptive.
|
|
client to it
The old "systemd-import" binary is now an internal tool. We still use it
as asynchronous backend for systemd-importd. Since the import tool might
require some IO and CPU resources (due to qcow2 explosion, and
decompression), and because we might want to run it with more minimal
priviliges we still keep it around as the worker binary to execute as
child process of importd.
machinectl now has verbs for pulling down images, cancelling them and
listing them.
|