Age | Commit message (Collapse) | Author |
|
|
|
Systemd creates directories in /dev. These directories will
get the label of systemd, which is the label of the System
domain, which is not accessable to everyone. Relabel the
directories, files and symlinks created so that they can be
generally used.
Based on a patch by Casey Schaufler <casey@schaufler-ca.com>.
|
|
This makes llvm happy when we assign an error code to the variable.
|
|
for sizes
According to Wikipedia it is customary to specify hardware metrics and
transfer speeds to the basis 1000 (SI decimal), while software metrics
and physical volatile memory (RAM) sizes to the basis 1024 (IEC binary).
So far we specified everything in IEC, let's fix that and be more
true to what's otherwise customary. Since we don't want to parse "Mi"
instead of "M" we document each time what the context used is.
|
|
../src/shared/unit-name.c:462: error: undefined reference to 'sd_bus_label_escape'
../src/shared/unit-name.c:477: error: undefined reference to 'sd_bus_label_unescape'
collect2: error: ld returned 1 exit status
|
|
Also fix a copy-paste error that broke matching on interface name.
|
|
to deprecate them one day
|
|
Apparently bash doesn't turn off non-blocking mode on stdin/stdout when
reading from it, so be nice to bash. Ideally bash would do this on its
own for robustness reasons, though.
https://bugs.freedesktop.org/show_bug.cgi?id=70622
|
|
|
|
Use 'if defined()', not 'ifdef defined()'. Fixes the following warning.
CC src/shared/architecture.lo
In file included from src/shared/architecture.c:24:0:
src/shared/architecture.h:89:17: warning: extra tokens at end of #ifdef
directive [enabled by default]
# ifdef defined(WORDS_BIGENDIAN)
^
|
|
This permit to switch to a specific apparmor profile when starting a daemon. This
will result in a non operation if apparmor is disabled.
It also add a new build requirement on libapparmor for using this feature.
|
|
|
|
Debian Stable is still using glibc 2.13, which doesn't provide the setns().
So we detect this and provide a tiny wrapper that issues the setns syscall
towards the kernel.
|
|
by uname()'s machine field.
|
|
For now support globbing for interface name and path.
|
|
|
|
The parts that require linknig to libcap, libselinux and friends stays in libsystemd-core.
|
|
|
|
|
|
|
|
Suggested by Holger Schurig.
|
|
|
|
If -flto is used then gcc will generate a lot more warnings than before,
among them a number of use-without-initialization warnings. Most of them
without are false positives, but let's make them go away, because it
doesn't really matter.
|
|
|
|
These were added to the kernel between 3.5 and 3.9, let's not require such
recent kernels (yet).
|
|
processes
|
|
containers on a 64bit host
|
|
And make use of it where appropriate for executing services and for
nspawn.
|
|
|
|
Resolve spotted issues related to missing or extraneous commas, dashes.
|
|
Previously, we'd fixed show_state only after printing the welcome
message which had the effect that the welcome message was almost always
suppressed.
|
|
enabled when enabling/disabling cgroup controllers for units
|
|
If PID 1 debug logging is enabled, it is nice to keep those settings
when switching to systemd-shutdown binary, independently of whether
this was done through /proc/cmdline options, or through runtime
manipulations.
|
|
In cryptsetup-generator automatic cleanup had to be replaced
with manual cleanup, and the code gets a bit longer. But existing
code had the issue that it returned negative values from main(),
which was wrong, so should be reworked anyway.
|
|
|
|
|
|
Commit 5ba6985b moves the UNIT_VTABLE(u)->sigchld_event before systemd
actually reaps the zombie. Which leads to service_load_pid_file accepting
zombie as a valid pid.
This fixes timeouts like:
[ 2746.602243] systemd[1]: chronyd.service stop-sigterm timed out. Killing.
[ 2836.852545] systemd[1]: chronyd.service still around after SIGKILL. Ignoring.
[ 2927.102187] systemd[1]: chronyd.service stop-final-sigterm timed out. Killing.
[ 3017.352560] systemd[1]: chronyd.service still around after final SIGKILL. Entering failed mode.
|
|
The conf_files_list family accepts an alternate root path to prefix all
directories in the list but path_strv_canonicalize_uniq doesn't use it.
This results in the suspicious behavior of resolving directory symlinks
based on the contents of / instead of the alternate root.
This adds a prefix argument to path_strv_canonicalize which will now
prepend the prefix, if given, to every path in the list. To avoid
answering what a relative path means when called with a root prefix
path_strv_canonicalize is now path_strv_canonicalize_absolute and only
considers absolute paths. Fortunately all users of already call
path_strv_canonicalize with a list of absolute paths.
|
|
|
|
|
|
architecture support for system calls
Also, turn system call filter bus properties into complex types instead
of concatenated strings.
|
|
|
|
This allows customization of the arguments used by less. The main
motivation is that some folks might not like having --no-init on every
invocation of less.
|
|
of this
|
|
|
|
disabled
|
|
or services) as machine with machined
|
|
|
|
|
|
This permit to let system administrators decide of the domain of a service.
This can be used with templated units to have each service in a différent
domain ( for example, a per customer database, using MLS or anything ),
or can be used to force a non selinux enabled system (jvm, erlang, etc)
to start in a different domain for each service.
|