Age | Commit message (Collapse) | Author |
|
|
|
|
|
According to Documentation/security/Smack.txt:
In keeping with the intent of Smack, configuration data is minimal
and not strictly required. The most important configuration step is
mounting the smackfs pseudo filesystem.
This means that checking the mount point should be enough.
|
|
sd_get_uids, sd_get_seats, sd_get_sessions, and sd_get_machine_names.
|
|
|
|
|
|
|
|
static hostname and if the static hostname is set, too
https://bugzilla.redhat.com/show_bug.cgi?id=957814
|
|
Otherwise we might end up with executable files if some default ACL is
set for the journal directory.
|
|
|
|
|
|
Previously we skipped every second entry.
This also cleans up much of the code and removes some dead code.
|
|
|
|
|
|
and the disk is close to being full
Bump the minimal size of the journal so that we can be sure creating the
journal file will always succeed. Previously the minimum size was
smaller than a empty jounral file...
|
|
This patch escapes a unit name which was derived from udev.
Please imagine following udev rule.
ACTION=="online|offline", TAG+="systemd", ENV{SYSTEMD_WANTS}="muneda@%p.service"
ACTION=="online|offline", TAG+="systemd", ENV{SYSTEMD_WANTS}="muneda@%r.service"
ACTION=="online|offline", TAG+="systemd", ENV{SYSTEMD_WANTS}="muneda@%S.service"
When unit name is derived from udev via
udev_device_get_property_value(), the name may contains '/' if
ENV{SYSTEMD_WANTS} has the udev options $devpath(%p), $root(%r), or
$sys(%S). However, '/' is a invalid char for unit name so processing
of this rule fails as Invalid argument with following message.
Apr 22 13:21:37 localhost systemd[1]: Failed to load device unit: Invalid argument
Apr 22 13:21:37 localhost systemd[1]: Failed to process udev device event: Invalid argument
This patch escapes those invalid chars in a unit name.
Tested with 202, and confirmed to apply cleanly on top of commit 195f8e36.
Thanks,
Takahiro
|
|
A new config file /etc/systemd/sleep.conf is added.
It is parsed by systemd-sleep and logind. The strings written
to /sys/power/disk and /sys/power/state can be configured.
This allows people to use different modes of suspend on
systems with broken or special hardware.
Configuration is shared between systemd-sleep and logind
to enable logind to answer the question "can the system be
put to sleep" as correctly as possible without actually
invoking the action. If the user configured systemd-sleep
to only use 'freeze', but current kernel does not support it,
logind will properly report that the system cannot be put
to sleep.
https://bugs.freedesktop.org/show_bug.cgi?id=57793
https://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=7e73c5ae6e7991a6c01f6d096ff8afaef4458c36
http://lists.freedesktop.org/archives/systemd-devel/2013-February/009238.html
SYSTEM_CONFIG_FILE and USER_CONFIG_FILE defines were removed
since they were used in only a few places and with the
addition of /etc/systemd/sleep.conf it becomes easier to just
append the name of each file to the dir name.
|
|
The new function allows one to write to an already
open file.
|
|
|
|
Checking for the apparmor directory in securityfs means the apparmor module is
loaded and enabled, and hence should suffice as a test.
https://bugs.freedesktop.org/show_bug.cgi?id=63312
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=63555
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=64014
|
|
Do the depmod in the kernel-install hooks, so hooks can produce/install
kernel modules and be part of the depmod.
Also move the basic boot loader entry creation and removal to a
plugin script.
If PRETTY_NAME is not defined in /etc/os-release, fallback to
PRETTY_NAME="Linux $KERNEL_VERSION".
Add documentation for everything in the man page.
|
|
|
|
|
|
|
|
|
|
with a dot
|
|
This patch adds more script-friendly output for list-dependencies.
|
|
As some SSDs are still seeing performance degredation when
reaching 85% usage the default value of 5% seems a little low.
Set this to 15% by default.
|
|
|
|
This semi-reverts 8973790ee6f62132b1b57de15c4edaef2c097004.
|
|
|
|
I'm assuming that it's fine if a _const_ or _pure_ function
calls assert. It is assumed that the assert won't trigger,
and even if it does, it can only trigger on the first call
with a given set of parameters, and we don't care if the
compiler moves the order of calls.
|
|
|
|
|
|
|
|
|
|
Instead of storing bootchart sample data in arrays, this patch moves
storage to linked lists so that there is no more limit on samples.
This patch also fixes parsing of /proc/<pid>/smaps in kernels > 3.7.
|
|
|
|
If we get as far as successfully starting the container, nspawn should
inherit the exit status of the child container process as its own.
|
|
hexchar,unhexchar,octchar,unoctchar,decchar,undecchar are
all const functions.
|
|
Add missing property and remove duplicate properties already in
src/core/dbus-kill.h
|
|
cg_get_machine_path is modified to include the escaped machine name
+ ".nspawn" if the machine argument is nonnull.
|
|
|
|
Since it must be NULL terminated.
|
|
|
|
running containers as system services
|
|
|
|
normalized named hierarchies
|