summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2016-04-26systemd --user: call pam_loginuid when creating user@.service (#3120)Zbigniew Jędrzejewski-Szmek
This way the user service will have a loginuid, and it will be inherited by child services. This shouldn't change anything as far as systemd itself is concerned, but is nice for various services spawned from by systemd --user that expect a loginuid. pam_loginuid(8) says that it should be enabled for "..., crond and atd". user@.service should behave similarly to those two as far as audit is concerned. https://bugzilla.redhat.com/show_bug.cgi?id=1328947#c28
2016-04-25Merge pull request #3109 from poettering/journal-by-fdZbigniew Jędrzejewski-Szmek
rework "journalctl -M"
2016-04-25Merge pull request #3114 from poettering/journalctl-bZbigniew Jędrzejewski-Szmek
Fix endless loops in journalctl --list-boots (closes #617).
2016-04-25machined: generate a nicer error when the user tries "machinectl clone" on ↵Lennart Poettering
non-btrfs file systems (#3117) Fixes: #2060 (Of course, in the long run, we should probably add a copy-based fall-back. But given how slow that is, this probably requires some asynchronous forking logic like the CopyFrom() and CopyTo() method calls already implement.)
2016-04-25core: fix description of "resources" service error (#3119)Lennart Poettering
The "resources" error is really just the generic error we return when we hit some kind of error and we have no more appropriate error for the case to return, for example because of some OS error. Hence, reword the explanation and don't claim any relation to resource limits. Admittedly, the "resources" service error is a bit of a misnomer, but I figure it's kind of API now. Fixes: #2716
2016-04-25Merge pull request #3113 from ssahani/route-fixLennart Poettering
netwotkd: fix address and route conf
2016-04-25journal: fix already offline check and thread leak (#2810)Vito Caputo
Early in journal_file_set_offline() f->header->state is tested to see if it's != STATE_ONLINE, and since there's no need to do anything if the journal isn't online, the function simply returned here. Since moving part of the offlining process to a separate thread, there are two problems here: 1. We can't simply check f->header->state, because if there is an offline thread active it may modify f->header->state. 2. Even if the journal is deemed offline, the thread responsible may still need joining, so a bare return may leak the thread's resources like its stack. To address #1, the helper journal_file_is_offlining() is called prior to accessing f->header->state. If journal_file_is_offlining() returns true, f->header->state isn't even checked, because an offlining journal is obviously online, and we'll just continue with the normal set offline code path. If journal_file_is_offlining() returns false, then it's safe to check f->header->state, because the offline_state is beyond the point of modifying f->header->state, and there's a memory barrier in the helper. If we find f->header->state is != STATE_ONLINE, then we call the idempotent journal_file_set_offline_thread_join() on the way out of the function, to join a potential lingering offline thread.
2016-04-25journalctl: turn --unit= in combination with --user into --user-unit=Lennart Poettering
Let's be nice to users, and let's turn the nonsensical "--unit=… --user" into "--user-unit=…" which the user more likely meant. Fixes #1621
2016-04-25sd-journal: "soft" deprecate sd_journal_open_container()Lennart Poettering
Let's document the call as deprecated, since it doesn't cover containers with directories that aren#t visible to the host properly.
2016-04-25journalctl: port --machine= switch to use machined's OpenMachineRootDirectory()Lennart Poettering
This way, the switch becomes compatible with nspawn containers using --image=, and those which only store journal data in /run (i.e. have persistant logs off). Fixes: #49
2016-04-25journalctl: don't trust the per-field entry tables when looking for boot IDsLennart Poettering
When appending to a journal file, journald will: a) first, append the actual entry to the end of the journal file b) second, add an offset reference to it to the global entry array stored at the beginning of the file c) third, add offset references to it to the per-field entry array stored at various places of the file The global entry array, maintained by b) is used when iterating through the journal without matches applied. The per-field entry array maintained by c) is used when iterating through the journal with a match for that specific field applied. In the wild, there are journal files where a) and b) were completed, but c) was not before the files were abandoned. This means, that in some cases log entries are at the end of these files that appear in the global entry array, but not in the per-field entry array of the _BOOT_ID= field. Now, the "journalctl --list-boots" command alternatingly uses the global entry array and the per-field entry array of the _BOOT_ID= field. It seeks to the last entry of a specific _BOOT_ID=field by having the right match installed, and then jumps to the next following entry with no match installed anymore, under the assumption this would bring it to the next boot ID. However, if the per-field entry wasn't written fully, it might actually turn out that the global entry array might know one more entry with the same _BOOT_ID, thus resulting in a indefinite loop around the same _BOOT_ID. This patch fixes that, by updating the boot search logic to always continue reading entries until the boot ID actually changed from the previous. Thus, the per-field entry array is used as quick jump index (i.e. as an optimization), but not trusted otherwise. Only the global entry array is trusted. This replaces PR #1904, which is actually very similar to this one. However, this one actually reads the boot ID directly from the entry header, and doesn't try to read it at all until the read pointer is actually really located on the first item to read. Fixes: #617 Replaces: #1904
2016-04-25journalctl: improve output of --header a bitLennart Poettering
Show the various timestamps in hexadecimal too. This is useful for matching the timestamps included in cursor strings (which are encoded in hex, too), with the references in the journal header.
2016-04-25nspawn: explicitly remove veth links after use (#3111)Lennart Poettering
* sd-netlink: permit RTM_DELLINK messages with no ifindex This is useful for removing network interfaces by name. * nspawn: explicitly remove veth links we created after use Sometimes the kernel keeps veth links pinned after the namespace they have been joined to died. Let's hence explicitly remove veth links after use. Fixes: #2173
2016-04-25journalctl: simplify discover_next_boot() a bitLennart Poettering
Drop the "read_realtime" parameter. Getting the realtime timestamp from an entry is cheap, as it is a normal header field, hence let's just get this unconditionally, and simplify our code a bit.
2016-04-25journalctl: simplify get_boots() a bit, by getting rid of one BootId objectLennart Poettering
Let's store the reference as simple sd_id128_t, since we don't actually need a BootId for it.
2016-04-25journalctl: add some explanatory comments to get_boots()Lennart Poettering
2016-04-25sd-journal: add logic to open journal files of a specific OS treeLennart Poettering
With this change a new flag SD_JOURNAL_OS_ROOT is introduced. If specified while opening the journal with the per-directory calls (specifically: sd_journal_open_directory() and sd_journal_open_directory_fd()) the passed directory is assumed to be the root directory of an OS tree, and the journal files are searched for in /var/log/journal, /run/log/journal relative to it. This is useful to allow usage of sd-journal on file descriptors returned by the OpenRootDirectory() call of machined.
2016-04-25machined: add new OpenRootDirectory() call to Machine objectsLennart Poettering
This new call returns a file descriptor for the root directory of a container. This file descriptor may then be used to access the rest of the container's file system, via openat() and similar calls. Since the file descriptor returned is for the file system namespace inside of the container it may be used to access all files of the container exactly the way the container itself would see them. This is particularly useful for containers run directly from loopback media, for example via systemd-nspawn's --image= switch. It also provides access to directories such as /run of a container that are normally not accessible to the outside of a container. This replaces PR #2870. Fixes: #2870
2016-04-25sd-journal: add API for opening journal files or directories by fdLennart Poettering
Also, expose this via the "journalctl --file=-" syntax for STDIN. This feature remains undocumented though, as it is probably not too useful in real-life as this still requires fds that support mmaping and seeking, i.e. does not work for pipes, for which reading from STDIN is most commonly used.
2016-04-25sd-journal: minor simplificationLennart Poettering
2016-04-25journalctl: improve error message when we have trouble reading journal filesLennart Poettering
Let's output the actual error code encountered, and let's not claim this was purely triggered by files, because it can also be triggered by directories.
2016-04-25sd-journal: properly collect errors from readdir()Lennart Poettering
Let's also collect errors returned by readdir() into our set of errors, like we do this for all other errors from journal files.
2016-04-25journal: add inotify watches by-fd instead of by-pathLennart Poettering
This is slightly nicer, since we actually watch the directories we opened and enumerate. However, primarily this is preparation for adding support for opening journal files by fd without specifying any path, to be added in a later commit.
2016-04-25networkd: Address- initialize the node before adding to list.Susant Sahani
It make more sense to initalize the node first then we add to the list.
2016-04-25networkd: Fix route properties.Susant Sahani
We are not able to add multiple properties. wlp3s0.network: [Match] Name=wlp3s0 [Route] Gateway=10.68.5.26 Metric=10 sudo ./systemd-networkd Failed to parse file '/usr/lib/systemd/network/wlp3s0.network': File exists Could not load configuration files: File exists This patch fixes it.
2016-04-22machinectl: don't parse command line switches after "shell" verb (#3095)Lennart Poettering
Fixes: #2420
2016-04-22tree-wide: remove unused variables (#3098)Thomas H. P. Andersen
2016-04-22Merge pull request #3094 from poettering/run-sliceZbigniew Jędrzejewski-Szmek
systemd-run: fix --slice= in conjunction with --scope
2016-04-22journal-remote : Ensure reallocation of source->buf does not result in ↵Klearchos Chaloulos
source->size < source->filled (#3086) While the function journal-remote-parse.c:get_line() enforces an assertion that source->filled <= source->size, in function journal-remote-parse.c:process_source() there is a chance that source->size will be decreased to a lower value than source->filled, when source->buf is reallocated. Therefore a check is added that ensures that source->buf is reallocated only when source->filled is smaller than target / 2.
2016-04-22run: make --slice= work in conjunction with --scopeLennart Poettering
Fixes: #2991
2016-04-22core: don't dispatch load queue when setting Slice= for transient unitsLennart Poettering
Let's be more careful when setting up the Slice= property of transient units: let's use manager_load_unit_prepare() instead of manager_load_unit(), so that the load queue isn't dispatched right away, because our own transient unit is in it, and we don#t want to have it loaded until we finished initializing it.
2016-04-22machinectl: fix misplaced newline in --help outputLennart Poettering
2016-04-22journalctl: add --no-hostname switchLennart Poettering
This suppresses output of the hostname for messages from the local system. Fixes: #2342
2016-04-22journalctl: add output mode where time is shown in seconds since 1st Jan ↵Lennart Poettering
1970 UTC aka "UNIX time". Fixes: #2120
2016-04-22shared: move output_mode_to_string() into output-mode.cLennart Poettering
After all, the enum definition is in output-mode.h
2016-04-22coredump,basic: generalize O_TMPFILE handling a bitLennart Poettering
This moves the O_TMPFILE handling from the coredumping code into common library code, and generalizes it as open_tmpfile_linkable() + link_tmpfile(). The existing open_tmpfile() function (which creates an unlinked temporary file that cannot be linked into the fs) is renamed to open_tmpfile_unlinkable(), to make the distinction clear. Thus, code may now choose between: a) open_tmpfile_linkable() + link_tmpfile() b) open_tmpfile_unlinkable() Depending on whether they want a file that may be linked back into the fs later on or not. In a later commit we should probably convert fopen_temporary() to make use of open_tmpfile_linkable(). Followup for: #3065
2016-04-22systemctl: add two minor assert()sLennart Poettering
2016-04-22path-lookup: optimize a common strv copy operation awayLennart Poettering
Follow-up for: https://github.com/systemd/systemd/pull/3033#discussion_r59689398
2016-04-22tree-wide: don't assume CLOCK_BOOTIME is generally availableLennart Poettering
Before we invoke now(CLOCK_BOOTTIME), let's make sure we actually have that clock, since now() will otherwise hit an assert. Specifically, let's refuse CLOCK_BOOTTIME early in sd-event if the kernel doesn't actually support it. This is a follow-up for #3037, and specifically: https://github.com/systemd/systemd/pull/3037#issuecomment-210199167
2016-04-22machine-id-setup: explicitly fsync() the machine ID after writingLennart Poettering
As discussed here: https://github.com/systemd/systemd/issues/2619#issuecomment-184670042 Explicitly syncing /etc/machine-id after writing it, is probably a good idea, since it has a strong "commit" character and is generally a one-time thing. Fixes #2619.
2016-04-22shared: move unit-specific code from bus-util.h to bus-unit-util.hLennart Poettering
Previously we'd have generally useful sd-bus utilities in bust-util.h, intermixed with code that is specifically for writing clients for PID 1, wrapping job and unit handling. Let's split the latter out and move it into bus-unit-util.c, to make the sources a bit short and easier to grok.
2016-04-22shared: drop kernel_thread bool from cgroups show codeLennart Poettering
Make this an output flag instead, so that our function prototypes can lose one parameter
2016-04-22loginctl,machinectl: also make use of new GetProcesses() bus callLennart Poettering
This ports over machinectl and loginctl to also use the new GetProcesses() bus call to show the process tree of a container or login session. This is similar to how systemctl already has been ported over in a previous commit.
2016-04-22networkd: consider various IPv6 features as disabled if IPv6 is not ↵Lennart Poettering
available in the kernel
2016-04-22core,systemctl: add bus API to retrieve processes of a unitLennart Poettering
This adds a new GetProcesses() bus call to the Unit object which returns an array consisting of all PIDs, their process names, as well as their full cgroup paths. This is then used by "systemctl status" to show the per-unit process tree. This has the benefit that the client-side no longer needs to access the cgroupfs directly to show the process tree of a unit. Instead, it now uses this new API, which means it also works if -H or -M are used correctly, as the information from the specific host is used, and not the one from the local system. Fixes: #2945
2016-04-22shared: fix minor memory leak in log display codeLennart Poettering
2016-04-22treewide: fix typos (#3092)Torstein Husebø
2016-04-22Merge pull request #3084 from keszybz/preset-fixesLennart Poettering
Nicer error message is symlinking chokes on an existing file
2016-04-21tree-wide: use mdash instead of a two minusesZbigniew Jędrzejewski-Szmek
2016-04-21shared/install: always overwrite symlinks in .wants and .requiresZbigniew Jędrzejewski-Szmek
Before: $ systemctl preset getty@.service Failed to preset unit, file /etc/systemd/system/getty.target.wants/getty@tty1.service already exists and is a symlink to ../../../../usr/lib/systemd/system/getty@.service. After: $ systemctl preset getty@.service Created symlink /etc/systemd/system/getty.target.wants/getty@tty1.service, pointing to /usr/lib/systemd/system/getty@.service. We don't really care where the symlink points to. For example, it might point to /usr/lib or /etc, and systemd will always load the unit from /etc in preference to /usr/lib. In fact, if we make a symlink like /etc/systemd/system/multi-user.target.wants/b.service -> ../a.service, pid1 will still start b.service. The name of the symlink is the only thing that matters, as far as systemd is concerned. For humans it's confusing when the symlinks points to anything else than the actual unit file. At the very least, the symlink is supposed to point to a file with the same name in some other directory. Since we don't care where the symlink points, we can always replace an existing symlink. Another option I considered would be to simply leave an existing symlink in place. That would work too, but replacing the symlink with the expected value seems more intuitive. Of course those considerations only apply to .wants and .requires. Symlinks created with "link" and "alias" are a separate matter. Fixes #3056.