summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2015-09-21containers: systemd exits with non-zero codeAlban Crequy
When a systemd service running in a container exits with a non-zero code, it can be useful to terminate the container immediately and get the exit code back to the host, when systemd-nspawn returns. This was not possible to do. This patch adds the following to make it possible: - Add a read-only "ExitCode" property on PID 1's "Manager" bus object. By default, it is 0 so the behaviour stays the same as previously. - Add a method "SetExitCode" on the same object. The method fails when called on baremetal: it is only allowed in containers or in user session. - Add support in systemctl to call "systemctl exit 42". It reuses the existing code for user session. - Add exit.target and systemd-exit.service to the system instance. - Change main() to actually call systemd-shutdown to exit() with the correct value. - Add verb 'exit' in systemd-shutdown with parameter --exit-code - Update systemctl manpage. I used the following to test it: | $ sudo rkt --debug --insecure-skip-verify run \ | --mds-register=false --local docker://busybox \ | --exec=/bin/chroot -- /proc/1/root \ | systemctl --force exit 42 | ... | Container rkt-895a0cba-5c66-4fa5-831c-e3f8ddc5810d failed with error code 42. | $ echo $? | 42 Fixes https://github.com/systemd/systemd/issues/1290
2015-09-21Merge pull request #1288 from teg/ipv4acd-3Tom Gundersen
sd-ipv4acd: split out as separate library from sd-ipv4ll
2015-09-21Merge pull request #1311 from jsynacek/kill-errors-v2Lennart Poettering
core: extend KillUnit() to return error when no unit was killed
2015-09-21cgtop: add -M/--machineEvgeny Vereshchagin
2015-09-21core: extend KillUnit() to return error when no unit was killedJan Synacek
2015-09-20Merge pull request #1292 from gebi/resolve-specifier-in-runtime-directoryLennart Poettering
load-fragment: resolve specifiers in RuntimeDirectory
2015-09-18cgls: show controller without args tooEvgeny Vereshchagin
2015-09-18sd-ipv4{acd,ll}: add simple test programsTom Gundersen
These programs should be run manually, typically two instances on a veth pair to check conflict detection. Both test programs take the ifname as input, the ACD also takes the IP address to check, whereas LL (optionally) takes the seed, which determines the sequence of IP addresses to try.
2015-09-18sd-ipv4acd: introduce new library split out from sd-ipv4llTom Gundersen
This splits the Address Conflict Detection out of the Link Local library so that we can reuse it for DHCP and static addresses in the future. Implements RFC5227.
2015-09-18sd-ipv4ll: simplify conflict handlingTom Gundersen
Use stop() and start() to drop some pulicate code.
2015-09-18sd-ipv4ll: rework callbacksTom Gundersen
Firstly, no longer distinguish between STOP and INIT states. Secondly, do not trigger STOP events when calls to sd_ipv4ll_*() fail. The caller is the one who would receive the event and will already know that the call to sd_ipv4ll_*() has failed, so it is redundant. STOP events will now only be triggered by calling sd_ipv4ll_stop() explicitly or by some internal error in the library triggered by receiving a packet or an expiring timeout (i.e., any error that would otherwise not be reported back to the consumer of the library). Lastly, follow CODING_STYLE and always return NULL on unref. Protect from objects being destroyed in callbacks accordingly.
2015-09-18sd-ipv4ll: don't allow changing MAC address whilst runningTom Gundersen
This requires the caller to stop and restart the statemachine if they want to change the MAC address.
2015-09-18sd-ipv4ll: code cleanupsTom Gundersen
Simplify timeout handling.
2015-09-18sd-ipv4ll: remove duplicate packet verificationTom Gundersen
Most packets are filtered out by the BPF, so only check for the parts that may actually differ.
2015-09-18sd-ipv4ll: minor cleanupsTom Gundersen
2015-09-18sd-ipv4ll: split out on_conflict() from on_packet()Tom Gundersen
2015-09-18sd-ipv4ll: split run_state_machine() into on_packet() and on_timeout()Tom Gundersen
Simplify the code a bit, no functional change.
2015-09-18sd-ipv4ll: filter out unwanted ARP packets in the kernelTom Gundersen
We currently process every ARP packet, but we should only care about the ones relating to our IP address. Also rename ipv4ll helpers to apr-utils.[ch], and rework the helpers a bit.
2015-09-18Merge pull request #1241 from ssahani/netLennart Poettering
networkd: add support for accept ra
2015-09-18load-fragment: resolve specifiers in RuntimeDirectoryMichael Gebetsroither
2015-09-16sd-bus: correct size calculation in DBus fd receiveMichal Schmidt
The size of the allocated array for received file descriptors was incorrectly calculated. This did not matter when a single file descriptor was received, but for more descriptors the allocation was insufficient.
2015-09-16Merge pull request #1269 from zonque/netclsLennart Poettering
cgroup: add support for net_cls controllers
2015-09-16resolved: cache - cache what we can of negative redirect chainsTom Gundersen
When a NXDATA or a NODATA response is received for an alias it may include CNAME records from the redirect chain. We should cache the response for each of these names to avoid needless roundtrips in the future. It is not sufficient to do the negative caching only for the canonical name, as the included redirection chain is not guaranteed to be complete. In fact, only the final CNAME record from the chain is guaranteed to be included. We take care not to cache entries that redirects outside the current zone, as the SOA will then not be valid.
2015-09-16resolved: cache - handle CNAME redirectionTom Gundersen
CNAME records are special in the way they are treated by DNS servers, and our cache should mimic that behavior: In case a domain name has an alias, its CNAME record is returned in place of any other. Our cache was not doing this despite caching the CNAME records, this entailed needless lookups to re-resolve the CNAME.
2015-09-16resolved: cache - only allow putting a single question key at a timeTom Gundersen
Only one key is allowed per transaction now, so let's simplify things and only allow putting one question key into the cache at a time.
2015-09-16resolved: rr - introduce dns_resource_key_new_redirect()Tom Gundersen
Takes a key and CNAME RR and returns the canonical RR of the right type. Make use of this in dns_question_redirect().
2015-09-16resolved: rr - introduce dns_resource_key_new_cname()Tom Gundersen
Creates a new CNAME RR key with the same class and name as an existing key.
2015-09-16resolved: cache - clarify loggingTom Gundersen
2015-09-16basic: nicer xsprintf and xstrftime assert messagesMichal Schmidt
It's nicer if the assertion failure message from a bad use of xsprintf actually mentions xsprintf instead of the expression the macro is implemented as. The assert_message_se macro was added in the previous commit as an internal helper, but it can also be used for customizing assertion failure messages like in this case. Example: char buf[10]; xsprintf(buf, "This is a %s message.\n", "long"); Before: Assertion '(size_t) snprintf(buf, ELEMENTSOF(buf), "This is a %s message.\n", "long") < ELEMENTSOF(buf)' failed at foo.c:6, function main(). Aborting. After: Assertion 'xsprintf: buf[] must be big enough' failed at foo.c:6, function main(). Aborting.
2015-09-16basic: nicer assert messagesMichal Schmidt
Make sure the assert expression is not macro-expanded before stringification. This makes several assertion failure messages more readable. As an example: assert(streq("foo", "bar")); I'd rather see this: Assertion 'streq("foo", "bar")' failed at foo.c:5, function main(). Aborting. ...than this, though awesome, incomprehensible truncated mess: Assertion '(__extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p (( "foo")) && __builtin_constant_p (("bar")) && (__s1_len = strlen (("foo")), __s2_ len = strlen (("bar")), (!((size_t)(const void *)((("foo")) + 1) - (size_t)(cons t void *)(("foo")) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((("bar") ) + 1) - (size_t)(const void *)(("bar")) == 1) || __s2_len >= 4)) ? __builtin_st rcmp (("foo"), ("bar")) : (__builtin_constant_p (("foo")) && ((size_t)(const voi d *)((("foo")) + 1) - (size_t)(const void *)(("foo")) == 1) && (__s1_len = strle n (("foo")), __s1_len < 4) ? (__builtin_constant_p (("bar")) && ((size_t)(const void *)((("bar")) + 1) - (size_t)(const void *)(("bar")) == 1) ? __builtin_strcm p (("foo"), ("bar")) : (__extension__ ({ const unsigned char *__s2 = (const unsi gned char *) (const char *) (("bar")); int __result = (((const unsigned char *) (const char *) (("foo")))[0] - __s2[0]); if (__s1_len > 0 && __result == 0) { __ result = (((const unsigned char *) (const char *) (("foo")))[1] - __s2[1]); if ( __s1_len > 1 && __result == 0) { __result = (((const unsigned char *) (const cha r *) (("foo")))[2] - __s2[2]); if (__s1_len > 2 && __result == 0) __result = ((( const unsigned char *) (const char *) (("foo")))[3] - __s2[3]); } } __result; }) )) : (__builtin_constant_p (("bar")) && ((size_t)(const void *)((("bar")) + 1) - (size_t)(const void *)(("bar")) == 1) && (__s2_len = strlen (("bar")), __s2_len < 4) ? (__builtin_constant_p (("foo")) && ((size_t)(const void *)((("foo")) + 1 ) - (size_t)(const void *)(("foo")) == 1) ? __builtin_strcmp (("foo"), ("bar")) : (- (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (cons t char *) (("foo")); int __result = (((const unsigned char *) (const char *) ((" bar")))[0] - __s2[0]); if (__s2_len > 0 && __result == 0) { __result = (((const unsigned char *) (const char *) (("bar")))[1] - __s2[1]); if (__s2_len > 1 && __ result == 0) { __result = (((const unsigned char *) (const char *) (("bar")))[2] - __s2[2]); if (__s2_len > 2 && __result == 0)
2015-09-16basic: make sure argument of ELEMENTSOF is an arrayMichal Schmidt
Using ELEMENTSOF on a pointer will result in a compilation error.
2015-09-16cgroup: add support for net_cls controllersDaniel Mack
Add a new config directive called NetClass= to CGroup enabled units. Allowed values are positive numbers for fix assignments and "auto" for picking a free value automatically, for which we need to keep track of dynamically assigned net class IDs of units. Introduce a hash table for this, and also record the last ID that was given out, so the allocator can start its search for the next 'hole' from there. This could eventually be optimized with something like an irb. The class IDs up to 65536 are considered reserved and won't be assigned automatically by systemd. This barrier can be made a config directive in the future. Values set in unit files are stored in the CGroupContext of the unit and considered read-only. The actually assigned number (which may have been chosen dynamically) is stored in the unit itself and is guaranteed to remain stable as long as the unit is active. In the CGroup controller, set the configured CGroup net class to net_cls.classid. Multiple unit may share the same net class ID, and those which do are linked together.
2015-09-14Merge pull request #1250 from g2p/masterLennart Poettering
Hook more properties for transient units
2015-09-12networkd:add support to configure ipv6 acceprt raSusant Sahani
This patch support to configure the ipv6 acceprt ra option. for more information see http://www.tldp.org/HOWTO/Linux+IPv6-HOWTO/proc-sys-net-ipv6..html
2015-09-11cgroup: unify how we invalidate cgroup controller settingsLennart Poettering
Let's make sure that we follow the same codepaths when adjusting a cgroup property via the dbus SetProperty() call, and when we execute the StartupCPUShares= effect.
2015-09-11transaction: clarify via void-casting that we ignore the pipe2() return ↵Lennart Poettering
value for a reason
2015-09-11core: invalidate idle pipe event source in manager_close_idle_pipe()Lennart Poettering
In all occasions when this function is called we do so anyway, so let's move this inside, to make things easier.
2015-09-11execute: fix return type from write()Lennart Poettering
2015-09-11execute: invalidate idle pipe after useLennart Poettering
Not strictly necessary, but makes clear the fds are invalidated. Make sure we do the same here as in most other cases.
2015-09-11core: allocate sets of startup and failed units on-demandLennart Poettering
There's a good chance we never needs these sets, hence allocate them only when needed.
2015-09-11timesyncd: fix how we print a PIDLennart Poettering
2015-09-11core: refactor cpu shares/blockio weight cgroup logicLennart Poettering
Let's stop using the "unsigned long" type for weights/shares, and let's just use uint64_t for this, as that's what we expose on the bus. Unify parsers, and always validate the range for these fields. Correct the default blockio weight to 500, since that's what the kernel actually uses. When parsing the weight/shares settings from unit files accept the empty string as a way to reset the weight/shares value. When getting it via the bus, uniformly map (uint64_t) -1 to unset. Open up StartupCPUShares= and StartupBlockIOWeight= to transient units.
2015-09-11util: remove ring.[ch] + pty.[ch] and testsLennart Poettering
This was used by consoled, which was removed, let's remove this too now.
2015-09-11Hook more properties for transient unitsGabriel de Perthuis
systemd-run can now launch units with PrivateTmp, PrivateDevices, PrivateNetwork, NoNewPrivileges set.
2015-09-11Merge pull request #1248 from lnykryn/loginctl-show-v2Lennart Poettering
loginctl: print nontrivial properties in logictl show-*
2015-09-11loginctl: print nontrivial properties in logictl show-*Lukas Nykryn
2015-09-11core: kill processes started due to the ExecReload= on timeoutEvgeny Vereshchagin
2015-09-10Merge pull request #1227 from intelfx/systemctl-legacy-tools-polkitLennart Poettering
systemctl: fix various aspects of polkit authorization in legacy tools.
2015-09-10Merge pull request #1222 from poettering/image-ops-settingsDaniel Mack
machine: when removing, renaming, cloning images also care for .nspaw…
2015-09-10Merge pull request #1239 from poettering/cgroup-pidsDaniel Mack
core: add support for the "pids" cgroup controller