Age | Commit message (Collapse) | Author |
|
|
|
Leave the env vars used in the container/initrd logic set for PID1, but
don't inherit them to any children.
|
|
Only 34 of 74 tools need libselinux linked, and libselinux is a pain
with its unconditional library constructor.
|
|
This adds minimal hardware watchdog support to PID 1. The idea is that
PID 1 supervises and watchdogs system services, while the hardware
watchdog is used to supervise PID 1.
This adds two hardware watchdog configuration options, for the runtime
watchdog and for a shutdown watchdog. The former is active during normal
operation, the latter only at reboots to ensure that if a clean reboot
times out we reboot nonetheless.
If the runtime watchdog is enabled PID 1 will automatically wake up at
half the configured interval and write to the watchdog daemon.
By default we enable the shutdown watchdog, but leave the runtime
watchdog disabled in order not to break independent hardware watchdog
daemons people might be using.
This is only the most basic hookup. If necessary we can later on hook
up the watchdog ping more closely with services deemed crucial.
|
|
The assumption that the initial job is the job with id==1 is incorrect.
Some jobs may be enqueued before the job that starts the default unit as
in this example:
-.mount changed dead -> mounted
Trying to enqueue job quotacheck.service/start/fail
Installed new job quotacheck.service/start as 1
Installed new job systemd-stdout-syslog-bridge.socket/start as 2
Enqueued job quotacheck.service/start as 1
Trying to enqueue job quotaon.service/start/fail
Installed new job quotaon.service/start as 5
Enqueued job quotaon.service/start as 5
Activating default unit: default.target
Trying to enqueue job graphical.target/start/replace
This fixes a bug where displaying of boot status messages was turned off
too early.
|
|
|
|
Always use the macros for downcasting.
Remove a few obviously pointless casts.
|
|
Now that objects of all unit types are allocated the exact amount of
memory they need, the Unit union has lost its purpose. Remove it.
"Unit" is a more natural name for the base unit class than "Meta", so
rename Meta to Unit.
Access to members of the base class gets simplified.
|
|
The storage of the unit objects on the heap is currently not very
efficient. For every unit object we allocate a chunk of memory as large
as the biggest unit type, although there are significant differences in
the units' real requirements.
pahole shows the following sizes of structs:
488 Target
496 Snapshot
512 Device
528 Path
560 Timer
576 Automount
1080 Socket
1160 Swap
1168 Service
1280 Mount
Usually there aren't many targets or snapshots in the system, but Device
is one of the most common unit types and for every one we waste
1280 - 512 = 768 bytes.
Fix it by allocating only the right amount for the given unit type.
On my machine (x86_64, with 39 LVM volumes) this decreases systemd's
USS (unique set size) by more than 300 KB.
|
|
|
|
|
|
|
|
|
|
|
|
Chen Jie observed and analyzed a deadlock. Assuming systemd-kmsg-syslogd
is already stopped, but rsyslogd is not started yet:
1. systemd makes a synchronous call to dbus-daemon.
2. dbus-daemon wants to write something to syslog.
3. syslog needs to be started by systemd.
... but cannot be, because systemd is waiting in 1.
Solve this by avoiding synchronous D-Bus calls. I had to write an async
bus registration call. Interestingly, D-Bus authors anticipated this, in
documentation to dbus_bus_set_unique_name():
> The only reason to use this function is to re-implement the equivalent
> of dbus_bus_register() yourself. One (probably unusual) reason to do
> that might be to do the bus registration call asynchronously instead
> of synchronously.
Lennart's comments from IRC:
> though I think this doesn't fix the problem in its entirety
> simply because dbus_connection_open_private() itself is still synchronous
> i.e. the connect() call behind it is not async
> I think I listed that issue actually on some D-Bus todo list
> i.e. to make dbus_connection_get() fully async
> but that's going to be hard
> so your patch looks good
So it may not be perfect, but it's clearly an improvement.
I did not manage to reproduce the original deadlock with the patch.
|
|
|
|
When running on a kernel without audit support, systemd currently
writes a mysterious-sounding error to its log:
systemd[1]: Failed to connect to audit log: Protocol not supported
Better to suppress the audit_open() failure message when (and only
when) it is due to running on a kernel without audit support, since in
this case the admin probably does not mind systemd not writing to the
audit log. This way, more serious errors like ENOMEM and EACCES will
stand out more.
|
|
HASHMAP_FOREACH is safe against the removal of the current entry, but
not against the removal of other entries. job_finish_and_invalidate()
can recursively remove other entries.
It triggered an assertion failure:
Assertion 'j->installed' failed at src/manager.c:1218, function
transaction_apply(). Aborting.
Fix the crash by iterating from the beginning when there is a
possibility that the iterator could be invalid.
It is O(n^2) in the worst case, but that's better than a crash.
https://bugzilla.redhat.com/show_bug.cgi?id=717325
|
|
|
|
|
|
signal_to_string:
Produce names for SIGRTMIN+n.
Never give an "n/a" result. In the worst case give the number itself as
a string.
signal_from_string:
Parse "RTMIN+n".
Parse any valid signal number.
|
|
The test did not work as intended and always resulted in JOB_REPLACE.
|
|
|
|
|
|
creds on connections
|
|
|
|
|
|
|
|
|
|
increase it when reexecuting
Instead of having individual counters n_serializing and n_deserializing
have a single one n_reloading, which should be sufficient.
Set n_reloading when we are about to go down for reexecution to avoid
cgroup trimming when we free the units for reexecution.
|
|
|
|
In some cases systemd forgets to start enabled services, e.g. in this scenario:
1. The job "sendmail.service/start" is installed.
2. Before systemd proceeds with this job, a process requests a reload of
sendmail. The job "sendmail.service/reload" is enqueued.
3. The original job is silently discarded. The service is not started.
The reload job proceeds by doing nothing.
The fix is to allow merging transaction jobs with the active job.
With the fix the resulting merged job "sendmail.service/reload-or-start" is
installed and the service works as expected.
https://bugzilla.redhat.com/show_bug.cgi?id=633774
|
|
|
|
|
|
|
|
|
|
We simply keep open copies of the dbus connections across the
reexecution and close them as last step of it. A client can thus simply
wait until its connection is dropped to know when the reexecution is
finished.
https://bugzilla.redhat.com/show_bug.cgi?id=698198
|
|
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=678555
|
|
/run/systemd/generator
|
|
|
|
around when isolating
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
This should fix the crash reported by Dan Horak on s390x which
does not have VTs.
|