Age | Commit message (Collapse) | Author |
|
|
|
The input data would have to be borked, so this is unlikely to happen,
but since we have a nice helper function to do it properly... why not?
CID #1261390.
|
|
Strictly speaking, the output variable is undefined if asprintf fails.
We use the return value not the arg everywhere, and should we do here.
|
|
Not terribly important, but the loop wasn't an actual loop,
making coverity unhappy.
CID #1261725.
|
|
CID #128739.
|
|
This is needed to interoperate firstboot and sysusers. The former one is started
first, and it writes only /etc/shadow when it is told to set the root password.
It's better to relax checks here than to duplicate functionality in firstboot.
|
|
|
|
Because the order of coldplugging is not defined, we can reference a
not-yet-coldplugged unit and read its state while it has not yet been
set to a meaningful value.
This way, already active units may get started again.
We fix this by deferring such actions until all units have been at
least somehow coldplugged.
Fixes https://bugs.freedesktop.org/show_bug.cgi?id=88401
|
|
it is trivial to fall back to our own timestamp
v2: use now()
v3: remove useless if ()
v4: add comment
|
|
I observe that upon loading of framebuffer drivers, I do not get the
desired system font, but the kernel-level defaults (usually
lib/fonts/font_8x16.c, but your mileage may vary depending on kernel
config and boot options).
The fbcon driver may be loaded at a time way before the first
framebuffer device is active, such that the vconsole setup helper
runs too early.
The existing rule is non-fitting. The going live of the fbcon kernel
component does not indicate the proper time at which to load the
visuals, which really ought to be done when a new vtcon object comes
into existence. (The font table is a per-vtcon property.)
|
|
This introduces 'HoldoffTimeoutSec' to logind.conf to make
IGNORE_LID_SWITCH_{SUSPEND,STARTUP}_USEC configurable.
Background: If an external monitor is connected, or if the system is
docked, we want to ignore LID events. This is required to support setups
where a laptop is used with external peripherals while the LID is closed.
However, this requires us to probe all hot-plugged devices before reacting
to LID events. But with modern buses like USB, the standards do not impose
any timeout on the slots, so we have no chance to know whether a given
slot is used or not. Hence, after resume and startup, we have to wait a
fixed timeout to give the kernel a chance to probe devices. Our timeout
has always been generous enough to support even the slowest devices.
However, a lot of people didn't use these features and wanted to disable
the hold-off timer. Now we provide a knob to do that.
|
|
|
|
Commit 3f93da987 accidentally dropped the "return 0" after detection of a
duplicate line. Put it back, to get back the documented and intended "first
match wins" behaviour.
https://launchpad.net/bugs/1428540
|
|
This change makes it so all seccomp filters are mapped
to the appropriate capability and are only added if that
capability was not requested when running the container.
This unbreaks the remaining use cases broken by the
addition of seccomp filters without respecting requested
capabilities.
Co-Authored-By: Clif Houck <me@clifhouck.com>
[zj: - adapt to our coding style, make struct anonymous]
|
|
Everything that is generated can be assumed to belong to CLEANFILES,
which means that the original file has to be in EXTRA_DIST. Simplify
the rules by generating as in $subject.
We have less lists to adjust manually, and 'make clean' actually
removes more stuff that before.
|
|
On large system we hit the limit on 512 simultaneous dbus
connections, resulting in tons of annoying messages:
Too many concurrent connections, refusing
This patch raises the limit to 4096.
|
|
Currently the code will silently blank out events if there are more
then 512 epoll events, causing them never to be handled at all. This
patch removes the cap on the number of events for epoll_wait, thereby
avoiding this issue.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=89421
|
|
This also adds "machinectl import-raw" and "machinectl import-tar" to
wrap these new bus calls.
THe commands basically do for local files that "machinectl pull-raw" and
friends do for remote files.
|
|
|
|
import and pull calls
|
|
That way we can call the code for local container/VM imports "import"
without confusion.
|
|
sd_dhcp6_client_new() tried to set the DUID based on the machine id.
If the host has no /etc/machine-id, the constructor would fail
making it impossible to create an sd_dhcp6_client instance.
Relax this and create a DUID only later as needed. This way a caller
caller can workaround a missing machine-id file and set a DUID of his
choosing via sd_dhcp6_client_set_duid().
|
|
|
|
The crucial point here is that we will not change the settings of a netdev created by someone else
we simply use it as is and trust it was set up as intended.
This is confusing in the case of the pre-created netdev's (bond0 etc.), the solution should probably
be to simply make the kernel stop creating these devices as they are pretty useless.
|
|
On s390 (at least) /sys/class/power_supply is not present. We should
treat this like if this directory was empty, and not an error.
|
|
For daemons which have a main configuration file, there's
little reason for the administrator to use configuration snippets.
They are useful for packagers which need to override settings, but
we shouldn't advertise that as the main way of configuring those
services.
https://bugs.freedesktop.org/show_bug.cgi?id=89397
|
|
|
|
gcc was complaining that progress_rc might be used uninitalized.
But it was actually always set, because the condition was always
satisfied. Remove the condition.
|
|
A warning is printed if ACLs cannot be retrieved for any reason other
than -ENOSYS. For -ENOSYS, debug log is printed.
|
|
downloads
If /var/lib/machines is mounted as btrfs loopback file system in
/var/lib/machines.raw with this change we automatically grow the file
system as it fills up. After each 10M we write to it during imports, we
check the free disk space, and if the fill level grows beyond 66% we
increase the size of the file system to 3x the fill level (thus lowering
it to 33%).
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=89379
|
|
gpg2 insists on created a trust db even if we tun off all trust db
support. Hence create a temporary home where the trust db is placed, and
remove it after use.
|
|
is called
|
|
Logs constantly show
systemd-journald[395]: Failed to set file attributes: Inappropriate ioctl for device
This is because ext4 does not support FS_NOCOW_FL.
[zj: fold into one conditional as suggested on the ML and
fix (preexisting) r/errno confusion in error message.]
|
|
Binary fields were not processed properly, and resulting journal files
were non-conforming, resulting in an error ("Invalid field.") when reading.
https://bugs.freedesktop.org/show_bug.cgi?id=89391
|
|
pool size
|
|
This way, we can safely set up the directories from two processes at the
same time, including machined and importd simultaneously.
|
|
|
|
This adds support for showing the accumulated consumed CPU time per-unit
in the "systemctl status" output. The property is also readable via the
bus.
|
|
After some reconsideration, we decided to move the binary protocol
back to 64-bit wide UIDs and GIDs. After all, it should be possible
to redefine [gu]id_t to uint64_t and things should continue to
work. As we want to avoid such data types in kdbus.h, let's move
back to 64-bit values and be safe.
In sd-bus, we have to do a translation between uint64_t and gid_t
now for supplementary gids.
Some inline comments have also been updated in kdbus upstream.
|
|
|
|
|
|
Otherwise every daemon reload prints out warnings like:
systemd[1]: Unit type .busname is not supported on this system.
systemd[1]: Unit type .swap is not supported on this system.
|
|
|
|
This fixes "machinectl login" on systems configured with --disable-kdbus.
The error was:
machinectl login foo
Failed to get machine PTY: Input/output error
|
|
|
|
This change introduces a new state "tentative" for device units. Device
units are considered "plugged" when udev announced them, "dead" when
they are not available in the kernel, and "tentative" when they are
referenced in /proc/self/mountinfo or /proc/swaps but not (yet)
announced via udev.
This should fix a race when device nodes (like loop devices) are created
and immediately mounted. Previously, systemd might end up seeing the
mount unit before the device, and would thus pull down the mount because
its BindTo dependency on the device would not be fulfilled.
|
|
|
|
Suggested by Zbyszek on IRC.
[zj: /run/nologin is used with PAM. systemd-user-session is independent
of logind.]
|