Age | Commit message (Collapse) | Author |
|
Since v3.11/7dc5dbc ("sysfs: Restrict mounting sysfs"), the kernel
doesn't allow mounting sysfs if you don't have CAP_SYS_ADMIN rights over
the network namespace.
So the mounting /sys as a tmpfs code introduced in
d8fc6a000fe21b0c1ba27fbfed8b42d00b349a4b doesn't work with user
namespaces if we don't use private-net. The reason is that we mount
sysfs inside the container and we're in the network namespace of the host
but we don't have CAP_SYS_ADMIN over that namespace.
To fix that, we mount /sys as a sysfs (instead of tmpfs) if we don't use
private network and ignore the /sys-as-a-tmpfs code if we find that /sys
is already mounted as sysfs.
Fixes #1555
|
|
Hook more properties for transient units
|
|
systemd-run can now launch units with EnvironmentFile set.
|
|
|
|
systemd-run can launch units with OOMScoreAdjust
|
|
bus proxy fixes, and more
|
|
|
|
|
|
Let's use strjoina() rather than strjoin() for construct dbus match
strings.
Also, while we are at it, fix parameter ordering, so that our functions
always put the object first, like it is customary for OO-like
programming.
|
|
pthread APIs (unlike the rest of libc) return their errors as positive
error codes directly from the functions, rather than using errno. Let's
make sure we always handle things that way.
|
|
Clear up how we pass fd owner ship to proxy and bus objects. Document
that ownership is passed of the fds in question even in case of failing
constructors, and that callers should forget about fds pass into the
proxy object.
The alternative would be to duplicate the fds, but given that fds are a
relatively scarce and heavy resource let's better avoid that.
Fixes #1591.
|
|
core: dump RuntimeDirectories and RuntimeDirectoryMode too
|
|
|
|
Track the number of matches installed for a given multicast group, and leave the
group once no matches depend on it.
In order to handle passed-in sockets that are already members of multicast groups
we initialize the refcount based on the membership once we take over the socket.
This way we will leave the socket in the state we found it once we finish with
it.
On kernels that do not fully support reading out the multicast group membership
we fall back to never leaving any groups (as before).
|
|
btrfs doesn't do that automatically, hence let's do that explicitly each
time.
|
|
core: expose manager's TimerSlackNSec as propery on dbus
|
|
|
|
Using lz4 frame api for coredump files
|
|
Date parse additions
|
|
|
|
Logging for compression and decompression is assymetrical on purpose:
if compiled without some type of compression, those compression code
paths should never be invoked. OTOH, it is possible to encounter
unsupported format on decompression, so leave those log_debug statements
in, to make it easier to diagnose stuff.
|
|
|
|
Just add " UTC" to the end of the event expression. Works for the
special expressions.
|
|
|
|
|
|
to time-util.h. They take an extra argument `bool utc`.
|
|
When the Suspend method is called, the only log message we write
(unless debugging is enabled) is "Operation finished.". This is
not very helpful when trying to figure out what is going on, so
add what operation we are talking about to the message:
"Operation 'sleep' finished.".
Hat tip to Daniel Aleksandersen for pointing this out.
|
|
systemd-run can launch units with SyslogLevel and SyslogFacility
|
|
|
|
|
|
|
|
|
|
calling tty
For example, due to perm issues.
THis simply downgrades the message about it, since this is purely
cosmetical anyway.
Fixes #1543.
|
|
Normally this shouldn't happen unless the daemon is reloaded.
A similar check is already in place in socket.c for the socket
activation case.
This hopefully makes #1526 non-fatal, though it will not fix this, and
there's something else to fix.
|
|
|
|
networkd/libsystemd-network: collection of trivial patches v2
|
|
core: expose `SyslogFacility` and `SyslogLevel` as properties on dbus
|
|
|
|
bus-util: change `Default`-chopping to `Limit`-searching
|
|
Fix keymap aliases and add support for Lenovo Thinkpad Yoga S1
|
|
We don't use that anywhere any more. With the introduction of alias names it
also is not a proper mapping any more as several keys (e. g. KEY_COFFEE and
KEY_SCREENLOCK) have the same numerical mapping.
|
|
|
|
See https://github.com/systemd/systemd/pull/1534#commitcomment-13744013
Actually, thinking about this, maybe it would be nicer to actually look
for "Limit" in the string rather than chopping off a "Default"....
Sounds more generic...
|
|
Fix journalctl --dump-catalog, journalctl --list-catalog
|
|
Expose `DefaultLimit*` as properties on dbus
|
|
Make journald audit socket maskable
|
|
man: describe IPv6AcceptRouterAdvertisements= better
|
|
Fixes #1514.
|
|
`journalctl --dump-catalog ID1 ID2 ...` works fine.
|
|
|