Age | Commit message (Collapse) | Author |
|
Instead of individually checking for containers in each user do this
once in a new call proc_cmdline() that read the file only if we are not
in a container.
|
|
|
|
This reverts commit 47e737dc13bf4251ae5a2249ec29b34503ed92e1 - it
introduced a use-after-free. The only way the code would get simpler
is with a cleanup function, but eh, not worth it for just this one
bit.
Reviewed by kay on IRC.
|
|
|
|
A regression introduced when we moved to systemd's logging is that the only
way to adjust the log-level of the udev daemon is via the env var, kernel
commandline or the commandline.
This reintroduces support for specifying this in the configuration file.
|
|
Based on a patch by Kay Sievers.
A tag is exported at boot as a symlinks to the device node in the folder
/run/udev/static_node-tags/<tagname>/, if the device node exists.
These tags are cleaned up by udevadm info --cleanup-db, but are otherwise
never removed.
|
|
As of kmod v14, it is possible to export the static node information from
/lib/modules/`uname -r`/modules.devname in tmpfiles.d(5) format.
Use this functionality to let systemd-tmpfilesd create the static device nodes
at boot, and drop the functionality from systemd-udevd.
As an effect of this we can move from systemd-udevd to systemd-tmpfiles-setup-dev:
* the conditional CAP_MKNOD (replaced by checking if /sys is mounted rw)
* ordering before local-fs-pre.target (see 89d09e1b5c65a2d97840f682e0932c8bb499f166)
|
|
containers there
Containers will now carry a label (normally derived from the root
directory name, but configurable by the user), and the container's root
cgroup is /machine/<label>. This label is called "machine name", and can
cover both containers and VMs (as soon as libvirt also makes use of
/machine/).
libsystemd-login can be used to query the machine name from a process.
This patch also includes numerous clean-ups for the cgroup code.
|
|
You can write much more than just one line with this call (and we
frequently do), so let's correct the naming.
|
|
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=62864
|
|
Setting children_max according to RAM leads to too much concurrent I/O.
|
|
|
|
|
|
Also split out some fileio functions to fileio.c and provide a SELinux
aware pendant in fileio-label.c
see https://bugzilla.redhat.com/show_bug.cgi?id=881577
|
|
|
|
|
|
Parameter -e is set without additional argument in getopt
and this leads to segfault when calling 'systemd-udevd -e'.
|
|
|
|
|
|
The removal of the TIMEOUT= handling in udevd put firmware requests into the
devpath parent/child dependency tracking. Drivers which block in module_init()
asking userspace for firmware ran into a 30 sec device timeout.
The whole firmware loading willl hopefully move into the kernel and
the fragile-since-day-one fake async driver-core device dance involving
udev can be retired:
http://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=abb139e75c2cdbb955e840d6331cb5863e409d0e
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=54501
|
|
|
|
With this adjustment, we can reuse this code elsewhere, such as in
nspawn.
|
|
|
|
|
|
|
|
|
|
|
|
<falconindy> kay: just curious -- it looks like nodes created by udev from
modules.devname all have 000 perms, and there's nothing in udev that attempts
to change this. is it intended?
<falconindy> c--------- 1 root root 10, 223 Jul 1 23:10 uinput
<kay> falconindy: we might miss the default of 0600
<falconindy> seems like it
<kay> falconindy: stuff that has a rule works i guess
<kay> falconindy: i'll add the 0600 now
|
|
The filename parameter passed to mkdir can't contain anything but a
garbage value at this point. This was meant to be the full pathname to
the new udev DB, as the mkdir_parents() call before it won't create the
trailing child directory.
[replace mkdir_parents() + mkdir() with mkdir_p() -- kay]
|
|
|
|
|
|
|
|
Only the main daemon process should be excluded from OOM handling,
not the worker processes or their child processes.
|
|
|
|
23mb to 5mb
Udev was the limiting factor for us on low-RAM systems.
Given an average RSS of 180kb, 128 workers would require ~23mb of RAM.
Now, please consider what happens when there is only, say, 15mb free.
Udev protects itself from OOM, and the kernel can do nothing but panic.
28 workers * 0.18mb = ~5mb. This change should not affect more powerful
systems much, given that they still get the addition from the amount of RAM.
|
|
This reverts commit 9b5af248f04b6cad8a5bca836e89a39e9f6823d9.
Udev now explicitely labels only files/directories in /dev. The selinux
array API is not released and will not work on other distros at this moment.
|
|
|
|
context
|
|
systemd-udev is currently incorrectly labeling /run/udev/* content because it is
using selinux prefix labeling of /dev. This patch will allow systemd-udev to
use prefix labeling of /dev and /run.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|