Age | Commit message (Collapse) | Author |
|
core/timer: in containers OnBootSec should count from container startup
|
|
core: support IEC suffixes for RLIMIT stuff
|
|
nspawn: support custom container service name
|
|
|
|
We were hardcoding "systemd-nspawn" as the value of the $container env
variable and "nspawn" as the service string in machined registration.
This commit allows the user to configure it by setting the
$SYSTEMD_NSPAWN_CONTAINER_SERVICE env variable when calling
systemd-nspawn.
If $SYSTEMD_NSPAWN_CONTAINER_SERVICE is not set, we use the string
"systemd-nspawn" for both, fixing the previous inconsistency.
|
|
journal: reduce minimum journal file size to 512 KiB
|
|
In Fedora dnf-makecache.timer specifies OnBootSec=10min, but it fired
during boot in systemd-nspawn, because the clock ticks since the host's
boot.
Fix it by treating OnBootSec the same as OnStartupSec when running in
a container.
|
|
unused since 7b2313f5
|
|
For low end embedded systems 4 MiB for each journal file is a lot of
memory. Journald will use at least 512 KiB even if JOURNAL_FILE_SIZE_MIN is
set to less than that so just use 512 KiB.
|
|
Let's make things more user-friendly and support for example
LimitAS=16G
rather than force users to always use LimitAS=16106127360.
The change is relevant for options:
[Default]Limit{FSIZE,DATA,STACK,CORE,RSS,AS,MEMLOCK,MSGQUEUE}
The patch introduces config_parse_bytes_limit(), it's the same as
config_parse_limit() but uses parse_size() tu support the suffixes.
Addresses: https://github.com/systemd/systemd/issues/1772
|
|
|
|
core: parse socket port to extract_first_word
|
|
Some guests (ARM, AArch64, x86-RHEL) have 'KVM' in the product name.
Look for that first in order to more precisely report "kvm" when
detecting a QEMU/KVM guest. Without this patch we report "qemu",
even if KVM acceleration is in use on ARM/AArch64 guests.
I've only tested a backported version of this and the previous
patch on an AArch64 guest (which worked). Of course it would be
nice to get regression testing on all guest types that depend on
dmi done.
|
|
ARM/AArch64 guests now have SMBIOS tables populated (when boot
with a late enough QEMU and a late enough AAVMF is used as the
bootloader). Furthermore, when booting ARM/AArch64 guests with
ACPI, the DT detection obviously no longer works, so we need
dmi detection.
|
|
afaict, this will fix a regression caused by commit 75f86906c5.
Where we used to report "kvm" before that patch, without this patch,
we would only report "qemu". The reason is because cpuid detection
must come before dmi detection. Also, both can safely come before
other xen heuristics. Untested.
|
|
|
|
core: small fixes to parse_namespace
|
|
sd-daemon: fix potential LISTEN_FDS overflow in sd_listen_fds()
|
|
* don't hide ENOMEM
* log r instead of 0
|
|
|
|
|
|
|
|
We already filter out 0, and as -1 is usually special (meaning infinity,
as in USEC_INFINITY) we should better not accept it either. Better safe
than sorry...
|
|
After all, this is not some compiler or C magic, but something very
specific to how systemd works, hence let's move it into def.h, and out
of macro.h
|
|
|
|
(V2) networkd: bridge convert to jiffies
|
|
|
|
|
|
It is really unclear if we want to / have the resources to support this fully, so drop it
for now. It can easily be brought back if a killer usecase emerges.
Note that this code was never hooked up, so this does not remove any features.
|
|
networkd: (de)serialize more state and support expiring routes
|
|
debug-generator: respect kernel parameters for default unit setting
|
|
|
|
|
|
|
|
core: drop check for /etc/mtab
|
|
A grab bag of stuff
|
|
This is useful to check that compression actually works, and how
compression influences file size in the best-case-scenario for
compression. (The answer is that not as much as one would hope:
there's still a big overhead of the indexing and since every field
is compressed separately, even fields that compress very well
contribute to the file size. This overhead becomes negligible only
for very big fields.)
|
|
We have enough places where we parse an ifindex, hence introduce a
proper parsing function for it, that verifies all parameters.
|
|
don't try again
If we failed to extract a word, then that's how it is, we shouldn't try
to extract it again and again, it's unlikely to work, and we just
deadlock.
This is a fix-up for 52278ad31d92dffa9029c8a171b9e9348f5dcc8f.
|
|
When we enumerate journal files and encounter an invalid one, remember
which this, and show it to the user.
Note the possibly slightly surprising logic here: we store only one path
per error code. This means we show all error kinds but not every actual
error we encounter. This has the benefit of not requiring us to keep a
potentially unbounded list of errors with their sources around, but can
still provide a pretty complete overview on the errors we encountered.
Fixes #1669.
|
|
- Always print a debug log message about files and directories we cannot
open right when it happens instead of the caller, thus reducing the
number of places where we need to generate the debug message.
- Always push the errors we encounter immediately into the error set,
when we run into them, instead of in the caller. Thus, we never forget
to push them in.
- Use stack instead of heap memory where we can.
- Make remove_file() void, since it cannot fail anyway and always
returned 0.
- Make local machine check of journal directories explicit in a
function, to make things more readable.
- Port to all directory listing loops FOREACH_DIRENT_ALL()
- sd-daemon is library code, hence never log at higher log levels than
LOG_DEBUG.
|
|
|
|
When reading stuff, we should only return EIO when an actual read error
occured, not when we don't like the data for whatever reason.
We already return ENODATA for all other kinds of file truncation, hence
do the same for the most obvious kind, so that callers know what ENODATA
means.
|
|
For each service expose how many file descriptors there are currently in
the fd store.
(Also, fix the exporting of the fdstore limit, given that the field is
just an "unsigned" but we exported it as "uint32_t". Not that there way
any effective difference, but let's make this clean...)
|
|
Let's not eat up errors in shall_restore_state(), but in the consumers
instead, just for the sake of keeping the library calls generic.
|
|
Only that way it actually has an effect on all our sockets, including
$NOTIFY_SOCKET.
|
|
I assume this was a typo in c279613f861636c816f2f7df051b02c2f55a5134
|
|
memory_erase() so far just called memset(), which the compiler might
optimize away under certain conditions if it feels there's benefit in
it. C11 knows a new memset_s() call that is like memset(), but may not
be optimized away. Ideally, we'd just use that call, but glibc currently
does not support it. Hence, implement our own simplistic version of it.
We use a GCC pragma to turn off optimization for this call, and also use
the "volatile" keyword on the pointers to ensure that gcc will use the
pointers as-is. According to a variety of internet sources, either one
does the trick. However, there are also reports that at least the
volatile thing isn't fully correct, hence let's add some snake oil and
employ both techniques.
https://news.ycombinator.com/item?id=4711346
|
|
systemd-run can launch units with RuntimeDirectory
|
|
test-execute: add more tests
|