Age | Commit message (Collapse) | Author |
|
Both plain opendir() and glob() will bump access time. Privileged
option O_NOATIME can be used to prevent the access time from being
updated. We already used it for subdirectories of the directories
which we were cleaning up. But for the directories specified directly
in the config files, we wouldn't do that. This means that,
paradoxically, our own temporary directories for PrivateTmp would stay
around forever, as long as one let systemd-tmpfiles-clean.service run
regularly, because they had their own glob patterns specified.
https://bugzilla.redhat.com/show_bug.cgi?id=1183684
|
|
systemd-tmpfiles can be used by users, but it can be quite hard to
figure out the logic it follows, especially since the logic is in some
places rather torturous. Hopefuly this will make it easier for users
to understand what is happening.
|
|
|
|
Current systemd requires kernel >= 3.7 per the README file
but CONFIG_USB_DEVICEFS disappeared from the kernel in
upstream commit fb28d58b72aa9215b26f1d5478462af394a4d253
(kernel 3.5-rc1)
|
|
server again
Previously we tried to stick to a DNS server as long as it is available.
When /etc/resolv.conf changed, and the old DNS server we used was still
in there we'd continue to use it, even if it was at the end of the list.
With this change we'll now always start with the first DNS server in the
list again.
Rationale: certain network managing implementations (notably
NetworkManager) when connected to a VPN place both the VPN DNS server as
well as the local DNS server in /etc/resolv.conf. If we used the local
one before we would thus continue to use the local one, making VPN names
unresolvable. NetworkManager really should be fixed to only place the
VPN DNS servers in the file, but with this commit things are at least
similarly bad as they used to be...
|
|
|
|
Build would fail when assert was used on the same line in
different files #included together.
https://bugs.freedesktop.org/show_bug.cgi?id=87339
|
|
According to systemctl man page, 'systemctl reboot [arg]' should work
without any errors. However, it does not work because of 'Invalid number
of arguments' error, except for 'reboot [arg]'. This patch fixes the bug
so that both of commands work in exactly the same way.
|
|
/dev when shutting down
After all, mounts below these directories are pretty much guaranteed to
be virtual, and it's hence unnecessary to unmount them during shutdown.
Moreover, in less-priviliged containers we might lack the rights to
unmount them, hence don't even try.
http://lists.freedesktop.org/archives/systemd-devel/2015-January/027113.html
|
|
them anymore
|
|
|
|
|
|
This is exposed the memory.usage_in_bytes cgroup property on the bus,
and makes "systemctl status" show it in its default output.
|
|
After 3637713a20 it is not necessary anymore.
|
|
options for the superblock as the host
Otherwise we'll generate kernel runtime warnings about non-matching
mount options.
|
|
We really want /tmp to be properly mounted, especially in containers
that lack CAP_SYS_ADMIN or that are not fully booted up and only get a
shell, hence let's do so in nspawn already.
|
|
|
|
With this change the pull protocol implementation processes will pass
progress data to importd which then passes this information on via the
bus. We use sd_notify() as generic transport for this communication,
making importd listen to them, while matching the incoming messages to
the right transfer.
|
|
|
|
|
|
We really need to use va_arg() with the right type here as uint64_t and
double might have the same size, but are passed differently as
arguments.
|
|
|
|
|
|
Otherwise they can be optimized away with -DNDEBUG
|
|
In addition to the benefits listed in the RFC, this allows DHCP to work also in
case several interfaces share the same MAC address on the same link (IPVLAN).
Note that this will make the ClientID (so probably the assigned IP address)
change on upgrades. If it is desired to avoid that we would have to remember and
write back the ID (which the library supports, but networkd currently does not).
|
|
This is useful for testing.
|
|
This patch introduces ipv6 gre and gretap.
test:
ip6gre.netdev:
[NetDev]
Name=ip6gretap
Kind=ip6gretap
[Tunnel]
Local=2a00:ffde:4567:edde::4987
Remote=2001:473:fece:cafe::5179
ip6gre.network:
[Match]
Name=eno16777736
[Network]
Tunnel=ip6gretap
ip link
6: ip6gre@eno16777736: <POINTOPOINT,NOARP> mtu 1448 qdisc noop state
DOWN mode DEFAULT group default
link/gre6 2a:00:ff:de:45:67:ed:de:00:00:00:00:00:00:49:87 peer
20:01:04:73:fe:ce:ca:fe:00:00:00:00:00:00:51:79
|
|
This patch enables networkd to create IP6 tunnels
example conf:
ipip6.netdev:
[NetDev]
Name=ipip6-tunnel
Kind=ip6tnl
[Tunnel]
Mode=ip4ipv6
Local=2a00:ffde:4567:edde::4987
Remote=2001:473:fece:cafe::5179
ipip6.network
[Match]
Name=wlan0
[Network]
Tunnel=ipip6-tunnel
23: ipip6-tunnel@wlan0: <POINTOPOINT,NOARP> mtu 1452 qdisc noop state
DOWN mode DEFAULT group default
link/tunnel6 2a00:ffde:4567:edde::4987 peer 2001:473:fece:cafe::5179
|
|
This patch introdeces gretap to networkd
|
|
|
|
That way it cannot get access to the network
|
|
|
|
shut up
|
|
the verbs
Atfer all "systemd-pull pull-tar" is unnecessarily redundant, over
"systemd-pull tar"...
|
|
"systemd-pull"
This way "systemd-importd" is the daemon that uses "systemd-pull" as
backend worker.
|
|
download, but continue it in the background
|
|
|
|
|
|
|
|
instead of extending it
This way the user has the ability to remove keys from the
vendor-supplied keyring if he intends so.
|
|
If the third argument is non-null, the kernel will always error out with
EINVAL and devices won't get revoked.
Reported-by: Benjamin Tissoires <benjamin.tissoires@gmail.com>
Signed-off-by: Peter Hutterer <peter.hutterer@who-t.net>
|
|
|
|
This is how we call it internally, and also a bit more descriptive.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=88545
|
|
Otherwise, if the directory contains other directories we fail
at fopen in load_sysv() with EISDIR.
|
|
|
|
For ACLs to be valid, a set of entries for user, group, and other
must be always present. Always add those entries.
While at it, only add the mask ACL if it is actually required, i.e.
when at least on ACL for non-owner group or user exists.
|
|
This is much more useful in practice (equivalent to setfacl -m).
|
|
For types which adapt existing files it is generally more useful to accept
globs.
In analogy to z and Z, add recursive versions using uppercase letters.
Technically, making a accept globs is backwards incompatible, but in
practice it probably isn't yet widely used and we can assume that most
people don't create files with wildcards in names.
Functions which are used as callbacks, but not directly on items, are
renamed not to have "item_" prefix.
|
|
|