summaryrefslogtreecommitdiff
path: root/units
AgeCommit message (Collapse)Author
2014-07-03machinectl: show /etc/os-release information of container in status outputLennart Poettering
2014-07-03nspawn: when running in a service unit, use systemd for restartsLennart Poettering
THis way we can remove cgroup priviliges after setup, but get them back for the next restart, as we need it.
2014-07-01man: document systemd-update-done.serviceLennart Poettering
2014-06-30units: skip mounting /tmp if it is a symlinkLennart Poettering
We shouldn't get confused if people have symlinked /tmp somewhere, so let's simply skip the mount then.
2014-06-30units: networkd - don't order wait-online.service before network.targetTom Gundersen
Reported by Michael Olbrich.
2014-06-29units: local-fs.target - don't pull in default dependenciesTom Gundersen
Reported by Gerardo Exequiel Pozzi: Looks like [commit a4a878d0] also changes a unrelated file (units/local-fs.target) [partially]reverting the commit 40f862e3 (filesystem targets: disable default dependencies) The side effect, at least in my case is that the "nofail" option in both "crypttab" and "fstab" has partial effect does the default timeout instead of continue normal boot without timeout.
2014-06-28units: remove RefuseManualStart from units which are always aroundZbigniew Jędrzejewski-Szmek
In a normal running system, non-passive targets and units used during early bootup are always started. So refusing "manual start" for them doesn't make any difference, because a "start" command doesn't cause any action. In early boot however, the administrator might want to start on of those targets or services by hand. We shouldn't interfere with that. Note: in case of systemd-tmpfiles-setup.service, really running the unit after system is up would break the system. So e.g. restarting should not be allowed. The unit has "RefuseManualStop=yes", which prevents restart too.
2014-06-19units/systemd-sysctl.service.in: run after load-modulesCristian Rodríguez
Modules might or will register new sysctl options. [zj: This mechanism of adding modules just to reliably set sysctl attributes is not ideal. Nevertheless, sysctl for dynamically created attributes is simply broken, and this is the easiest workaround.] https://bugzilla.redhat.com/show_bug.cgi?id=1022977 https://bugzilla.novell.com/show_bug.cgi?id=725412
2014-06-20units: order systemd-tmpfiles-clean.service after time-sync.targetLennart Poettering
That way, on systems lacking an RTC we don't false start removing aged files too early.
2014-06-19units: add missing caps so that GetAddresses() can workLennart Poettering
2014-06-18cryptsetup: introduce new cryptsetup-pre.traget unit so that services can ↵Lennart Poettering
make sure they are started before and stopped after any LUKS setup https://bugzilla.redhat.com/show_bug.cgi?id=1097938
2014-06-17timesyncd: do not start in virtualized environmentsKay Sievers
2014-06-17units: minor cleanupsLennart Poettering
2014-06-17networkd: don't pull in systemd-networkd-wait-online service from ↵Lennart Poettering
systemd-networkd when enabling networkd-wait-online should never exist in the default transaction, unless explicitly enable or pulled in via things like NFS. However, just enabling networkd shouldn't enable networkd-wait-online, since it's common to use the former without the latter.
2014-06-17install: introduce new DefaultInstance= field for [Install] sectionsLennart Poettering
The DefaultInstance= name is used when enabling template units when only specifying the template name, but no instance. Add DefaultInstance=tty1 to getty@.service, so that when the template itself is enabled an instance for tty1 is created. This is useful so that we "systemctl preset-all" can work properly, because we can operate on getty@.service after finding it, and the right instance is created.
2014-06-16units: add a service to invoke ldconfig on system updates at bootLennart Poettering
2014-06-16units: drop RefuseManualStart= from a couple of update servicesLennart Poettering
The only update service we really need to guard like this is systemd-tmpfiles-setup.service since if invoked manually might create /var/run/nologin and thus blocking the user from login. The other services are pretty much idempotent and don't suffer by this problem, hence let's simplify them.
2014-06-15units: bring systemd-tmpfiles-setup-dev.service closer to ↵Lennart Poettering
systemd-tmpfiles-setup.service Among other things, order both services relative to systemd-sysusers.service in the same direction.
2014-06-14sysusers: order before tmpfiles which need the idsKay Sievers
2014-06-13rpm: add RPM macros to apply sysusers, sysctl, and binfmt drop-insLennart Poettering
With this in place RPMs can make sure that whatever they drop in is immeidately applied, and not delayed until next reboot. This also moves systemd-sysusers back to /usr/bin, since hardcoding the path to /usr/lib in the macros would mean compatibility breaks in future, should we turn sysusers into a command that is actually OK for people to call directly. And given that that is quite likely to happen (since it is useful to prepare images with its --root= switch), let's just prepare for it.
2014-06-13units: rebuild /etc/passwd, the udev hwdb and the journal catalog files on bootLennart Poettering
Only when necessary of course, nicely guarded with the new ConditionNeedsUpdate= condition we added.
2014-06-13core: add new ConditionNeedsUpdate= unit conditionLennart Poettering
This new condition allows checking whether /etc or /var are out-of-date relative to /usr. This is the counterpart for the update flag managed by systemd-update-done.service. Services that want to be started once after /usr got updated should use: [Unit] ConditionNeedsUpdate=/etc Before=systemd-update-done.service This makes sure that they are only run if /etc is out-of-date relative to /usr. And that it will be executed after systemd-update-done.service which is responsible for marking /etc up-to-date relative to the current /usr. ConditionNeedsUpdate= will also checks whether /etc is actually writable, and not trigger if it isn't, since no update is possible then.
2014-06-13update-done: add minimal tool to manage system updates for /etc and /var, if ↵Lennart Poettering
/usr has changed In order to support offline updates to /usr, we need to be able to run certain tasks on next boot-up to bring /etc and /var in line with the updated /usr. Hence, let's devise a mechanism how we can detect whether /etc or /var are not up-to-date with /usr anymore: we keep "touch files" in /etc/.updated and /var/.updated that are mtime-compared with /usr. This means: Whenever the vendor OS tree in /usr is updated, and any services that shall be executed at next boot shall be triggered, it is sufficient to update the mtime of /usr itself. At next boot, if /etc/.updated and/or /var/.updated is older than than /usr (or missing), we know we have to run the update tools once. After that is completed we need to update the mtime of these files to the one of /usr, to keep track that we made the necessary updates, and won't repeat them on next reboot. A subsequent commit adds a new ConditionNeedsUpdate= condition that allows checking on boot whether /etc or /var are outdated and need updating. This is an early step to allow booting up with an empty /etc, with automatic rebuilding of the necessary cache files or user databases therein, as well as supporting later updates of /usr that then propagate to /etc and /var again.
2014-06-13units: don't conditionalize sysctl serviceLennart Poettering
We install two sysctl snippets ourselves, hence the condition will always trigger, so no point in tryng to optimize things with this, it just will make things slower, if anything.
2014-06-13units: remove conditions from systemd-tmpfiles-setupLennart Poettering
There's no point in conditionalizing systemd-tmpfiles at boot, since we ship tmpfiles snippets ourselves, hence they will always trigger anyway. Also, there's no reason to pull in local-fs.target from the service, hence drop that.
2014-06-12debug-shell: add condition for tty device to run onKay Sievers
2014-06-11units: order network-online.target after network.targetLennart Poettering
There might be implementations around where the network-online logic might not talk to any network configuration service (and thus not have to wait for it), hence let's explicitly order network-online.target after network.target to avoid any ambiguities.
2014-06-11units: time-sync.target probably makes sense, is not just sysv compatLennart Poettering
2014-06-11units: introduce network-pre.target as place to hook in firewallsLennart Poettering
network-pre.target is a passive target that should be pulled in by services that want to be executed before any network is configured (for example: firewall scrips). network-pre.target should be ordered before all network managemet services (but not be pulled in by them). network-pre.target should be order after all services that want to be executed before any network is configured (and be pulled in by them).
2014-06-10bus-proxy: fix misplaced s/system/session/Mantas Mikulėnas
2014-06-10bus-proxy: read the right policy when running in user modeLennart Poettering
2014-06-06units: pull in time-sync.target from systemd-timedated.serviceLennart Poettering
After all, that's what we document for time-sync.target in systemd.special(5), hence let's follow our own suggestion.
2014-06-06units: fix minor typoLennart Poettering
2014-06-04core: rename ReadOnlySystem= to ProtectSystem= and add a third value for ↵Lennart Poettering
also mounting /etc read-only Also, rename ProtectedHome= to ProtectHome=, to simplify things a bit. With this in place we now have two neat options ProtectSystem= and ProtectHome= for protecting the OS itself (and optionally its configuration), and for protecting the user's data.
2014-06-04initctl: move /dev/initctl fifo into /run, replace it by symlinkLennart Poettering
With this change we have no fifos/sockets remaining in /dev.
2014-06-04journald: move /dev/log socket to /runLennart Poettering
This way we can make the socket also available for sandboxed apps that have their own private /dev. They can now simply symlink the socket from /dev.
2014-06-04bus-proxy: drop priviliges if we canLennart Poettering
Either become uid/gid of the client we have been forked for, or become the "systemd-bus-proxy" user if the client was root. We retain CAP_IPC_OWNER so that we can tell kdbus we are actually our own client.
2014-06-04remove ReadOnlySystem and ProtectedHome from udevd and logindKay Sievers
logind needs access to /run/user/, udevd fails during early boot with these settings
2014-06-03core: add new ReadOnlySystem= and ProtectedHome= settings for service unitsLennart Poettering
ReadOnlySystem= uses fs namespaces to mount /usr and /boot read-only for a service. ProtectedHome= uses fs namespaces to mount /home and /run/user inaccessible or read-only for a service. This patch also enables these settings for all our long-running services. Together they should be good building block for a minimal service sandbox, removing the ability for services to modify the operating system or access the user's private data.
2014-06-03resolved: run as unpriviliged "systemd-resolve" userTom Gundersen
This service is not yet network facing, but let's prepare nonetheless. Currently all caps are dropped, but some may need to be kept in the future.
2014-06-03networkd: drop CAP_SYS_MODULETom Gundersen
Rely on modules being built-in or autoloaded on-demand. As networkd is a network facing service, we want to limits its capabilities, as much as possible. Also, we may not have CAP_SYS_MODULE in a container, and we want networkd to work the same there. Module autoloading does not always work, but should be fixed by the kernel patch f98f89a0104454f35a: 'net: tunnels - enable module autoloading', which is currently in net-next and which people may consider backporting if they want tunneling support without compiling in the modules. Early adopters may also use a module-load.d snippet and order systemd-modules-load.service before networkd to force the module loading of tunneling modules. This sholud fix the various build issues people have reported.
2014-06-01networkd: run as unpriviliged "systemd-network" userLennart Poettering
This allows us to run networkd mostly unpriviliged with the exception of CAP_NET_* and CAP_SYS_MODULE. I'd really like to get rid of the latter though...
2014-06-01units: remove CAP_SYS_PTRACE capability from hostnamed/networkdLennart Poettering
The ptrace capability was only necessary to detect virtualizations environments. Since we changed the logic to determine this to not require priviliges, there's no need to carry the CAP_SYS_PTRACE capability anymore.
2014-05-30units: use KillMode=mixed for systemd-nspawn@.serviceJonathan Liu
This causes the container to shut down cleanly when the service is stopped.
2014-05-24timesyncd: only update stamp file when we are synchronizedKay Sievers
Create initial stamp file with compiled-in time to prevent bootups with clocks in the future from storing invalid timestamps. At shutdown, only update the timestamp if we got an authoritative time to store.
2014-05-22timesyncd: order after tmpfiles to get a working network monitorKay Sievers
2014-05-21timesyncd: save clock to disk everytime we get an NTP fix, and bump clock at ↵Lennart Poettering
boot using this This is useful to make sure the system clock stays monotonic even on systems that lack an RTC. Also, why we are at it, also use the systemd release time for bumping the clock, since it's a slightly less bad than starting with jan 1st, 1970. This also moves timesyncd into the early bootphase, in order to make sure this initial bump is guaranteed to have finished by the time we start real daemons which might write to the file systemd and thus shouldn't leave 1970's timestamps all over the place...
2014-05-19resolved: add daemon to manage resolv.confTom Gundersen
Also remove the equivalent functionality from networkd.
2014-05-18timesyncd: enable watchdog supportLennart Poettering
2014-05-18timesyncd: run timesyncd as unpriviliged user "systemd-timesync" (but still ↵Lennart Poettering
with CAP_SYS_TIME)