summaryrefslogtreecommitdiff
path: root/units
AgeCommit message (Collapse)Author
2014-12-09bus-proxy: cloning smack labelPrzemyslaw Kedzierski
When dbus client connects to systemd-bus-proxyd through Unix domain socket proxy takes client's smack label and sets for itself. It is done before and independent of dropping privileges. The reason of such soluton is fact that tests of access rights performed by lsm may take place inside kernel, not only in userspace of recipient of message. The bus-proxyd needs CAP_MAC_ADMIN to manipulate its label. In case of systemd running in system mode, CAP_MAC_ADMIN should be added to CapabilityBoundingSet in service file of bus-proxyd. In case of systemd running in user mode ('systemd --user') it can be achieved by addition Capabilities=cap_mac_admin=i and SecureBits=keep-caps to user@.service file and setting cap_mac_admin+ei on bus-proxyd binary.
2014-12-09units: make sure container-getty@.service stops restarting when the pts ↵Lennart Poettering
device it is bound to is gone We only want to restart the getty as long as the pts device is still around. As soon as it is gone, the service should be removed to. http://lists.freedesktop.org/archives/systemd-devel/2014-December/026048.html
2014-12-04gitignore: ignore generated systemd-bootchart.serviceWaLyong Cho
2014-12-04units: skip mounting /dev/hugepages if we don't have CAP_SYS_ADMINMichal Sekletar
Preparation for allowing systemd to run gracefully in containers lacking CAP_SYS_ADMIN.
2014-12-04bootchart: add standalone bootchart serviceWaLyong Cho
2014-12-03machine-id-commit: add unit fileDidier Roche
The unit file only active the machine-id-commit helper if /etc is mounted writable and /etc/machine-id is an independant mount point (should be a tmpfs).
2014-12-02rc-local: drop SysVStartPriority= field which is now obsoleteLennart Poettering
2014-11-28bus-proxy: automatically detect scope of bus and derive which XML snippets ↵Lennart Poettering
to load from that
2014-11-21nspawn: Add try-{host,guest} journal link modesMartin Pitt
--link-journal={host,guest} fail if the host does not have persistent journalling enabled and /var/log/journal/ does not exist. Even worse, as there is no stdout/err any more, there is no error message to point that out. Introduce two new modes "try-host" and "try-guest" which don't fail in this case, and instead just silently skip the guest journal setup. Change -j to mean "try-guest" instead of "guest", and fix the wrong --help output for it (it said "host" before). Change systemd-nspawn@.service.in to use "try-guest" so that this unit works with both persistent and non-persistent journals on the host without failing. https://bugs.debian.org/770275
2014-11-21units: make sure rfkill service is bount to the actual hardwareLennart Poettering
2014-11-21Revert "systemd-logind.service: set Type=notify"Lennart Poettering
This reverts commit a4962513c555fe3ac4b5bebf97a71701361a45b0. logind.service is a D-Bus service, hence we should use the dbus name as indication that we are up. Type=dbus is implied if BusName= is specified, as it is in this case. This removes a warning that is printed because a BusName= is specified for a Type=notify unit.
2014-11-19systemd-logind.service: set Type=notifyDave Reisner
The code already calls sd_notify("READY=1"), so we may as well take advantage of the startup behavior in the unit. The same was done for the journal in a87a38c20.
2014-11-13sd-bus: sync with kdbus upstream (ABI break)Daniel Mack
kdbus has seen a larger update than expected lately, most notably with kdbusfs, a file system to expose the kdbus control files: * Each time a file system of this type is mounted, a new kdbus domain is created. * The layout inside each mount point is the same as before, except that domains are not hierarchically nested anymore. * Domains are therefore also unnamed now. * Unmounting a kdbusfs will automatically also detroy the associated domain. * Hence, the action of creating a kdbus domain is now as privileged as mounting a filesystem. * This way, we can get around creating dev nodes for everything, which is last but not least something that is not limited by 20-bit minor numbers. The kdbus specific bits in nspawn have all been dropped now, as nspawn can rely on the container OS to set up its own kdbus domain, simply by mounting a new instance. A new set of mounts has been added to mount things *after* the kernel modules have been loaded. For now, only kdbus is in this set, which is invoked with mount_setup_late().
2014-11-06units: restore job timeouts for poweroff and rebootZbigniew Jędrzejewski-Szmek
It seems that there actually aren't any long running tasks which are performed at shutdown. If it turns out that there actually are, this should be revisited. This reverts most of commit 038193efa6.
2014-11-05units: disable job timeoutsZbigniew Jędrzejewski-Szmek
For boot, we might kill fsck in the middle, with likely catastrophic consequences. On shutdown there might be other jobs, like downloading of updates for installation, and other custom jobs. It seems better to schedule an individual timeout on each one separately, when it is known what timeout is useful. Disable the timeouts for now, until we have a clearer picture of how we can deal with long-running jobs.
2014-11-05core: introduce new Delegate=yes/no property controlling creation of cgroup ↵Lennart Poettering
subhierarchies For priviliged units this resource control property ensures that the processes have all controllers systemd manages enabled. For unpriviliged services (those with User= set) this ensures that access rights to the service cgroup is granted to the user in question, to create further subgroups. Note that this only applies to the name=systemd hierarchy though, as access to other controllers is not safe for unpriviliged processes. Delegate=yes should be set for container scopes where a systemd instance inside the container shall manage the hierarchies below its own cgroup and have access to all controllers. Delegate=yes should also be set for user@.service, so that systemd --user can run, controlling its own cgroup tree. This commit changes machined, systemd-nspawn@.service and user@.service to set this boolean, in order to ensure that container management will just work, and the user systemd instance can run fine.
2014-11-04units: make systemd-journald.service Type=notifyMichal Schmidt
It already calls sd_notify(), so it looks like an oversight. Without it, its ordering to systemd-journal-flush.service is non-deterministic and the SIGUSR1 from flushing may kill journald before it has its signal handlers set up. https://bugs.freedesktop.org/show_bug.cgi?id=85871 https://bugzilla.redhat.com/show_bug.cgi?id=1159641
2014-11-03units: make ReceiveBuffer= line more readable by using M suffixLennart Poettering
2014-11-03core: introduce ConditionSecurity=auditLennart Poettering
And conditionalize journald audit support with it
2014-11-03journald: if available pull audit messages from the kernel into journal logsLennart Poettering
2014-11-02units: order sd-journal-flush after sd-remount-fsZbigniew Jędrzejewski-Szmek
Otherwise we could attempt to flush the journal while /var/log/ was still ro, and silently skip journal flushing. The way that errors in flushing are handled should still be changed to be more transparent and robust.
2014-11-02unit: do not order timers.target before basic.targetZbigniew Jędrzejewski-Szmek
Since commit 19f8d037833f2 'timer: order OnCalendar units after timer-sync.target if DefaultDependencies=no' timers might get a dependency on time-sync.target, which does not really belong in early boot. If ntp is enabled, time-sync.target might be delayed until a network connection is established. It turns out that majority of timer units found in the wild do not need to be started in early boot. Out of the timer units available in Fedora 21, only systemd-readahead-done.timer and mdadm-last-resort@.timer should be started early, but they both have DefaultDependencies=no, so are not part of timers.target anyway. All the rest look like they will be fine with being started a bit later (and the majority even much later, since they run daily or weekly). Let timers.target be pulled in by basic.target, but without the temporal dependency. This means timer units are started on a "best effort" schedule. https://bugzilla.redhat.com/show_bug.cgi?id=1158206
2014-11-01systemd-journal-flush.service: remove "trigger" from descriptionZbigniew Jędrzejewski-Szmek
This service is now synchronous, so "trigger" is misleading.
2014-10-31units: don't order journal flushing afte remote-fs.targetLennart Poettering
Instead, only depend on the actual file systems we need. This should solve dep loops on setups where remote-fs.target is moved into late boot.
2014-10-28udev hwdb: Support shipping pre-compiled database in system imagesMartin Pitt
In some cases it is preferable to ship system images with a pre-generated binary hwdb database, to avoid having to build it at runtime, avoid shipping the source hwdb files, or avoid storing large binary files in /etc. So if hwdb.bin does not exist in /etc/udev/, fall back to looking for it in UDEVLIBEXECDIR. This keeps the possibility to add files to /etc/udev/hwdb.d/ and re-generating the database which trumps the one in /usr/lib. Add a new --usr flag to "udevadm hwdb --update" which puts the database into UDEVLIBEXECDIR. Adjust systemd-udev-hwdb-update.service to not generate the file in /etc if we already have it in /usr.
2014-10-28units: define appropriate job timeout actions when boot or shutdown timeouts ↵Lennart Poettering
are hit Using the new JobTimeoutAction= setting make sure we power off the machine after basic.target is queued for longer than 15min but not executed. Similar, if poweroff.target is queued for longer than 30min but does not complete, forcibly turn off the system. Similar, if reboot.target is queued for longer than 30min but does not complete, forcibly reboot the system.
2014-10-27units: tmpfiles-setup-dev - allow unsafe file creation to happen in /dev at bootTom Gundersen
This will allow us to mark static device nodes with '!' to indicate that they should only be created at early boot.
2014-10-23units: run firstboot before sysusers, so that firstboot can initialize the ↵Lennart Poettering
root password
2014-10-23journalctl: add new --flush command and make use of it in ↵Lennart Poettering
systemd-journal-flush.service This new command will ask the journal daemon to flush all log data stored in /run to /var, and wait for it to complete. This is useful, so that in case of Storage=persistent we can order systemd-tmpfiles-setup afterwards, to ensure any possibly newly created directory in /var/log gets proper access mode and owners.
2014-10-22journald: add CAP_MAC_OVERRIDE in journald for SMACK issueJuho Son
systemd-journald check the cgroup id to support rate limit option for every messages. so journald should be available to access cgroup node in each process send messages to journald. In system using SMACK, cgroup node in proc is assigned execute label as each process's execute label. so if journald don't want to denied for every process, journald should have all of access rule for all process's label. It's too heavy. so we could give special smack label for journald te get all accesses's permission. '^' label. When assign '^' execute smack label to systemd-journald, systemd-journald need to add CAP_MAC_OVERRIDE capability to get that smack privilege. so I want to notice this information and set default capability to journald whether system use SMACK or not. because that capability affect to only smack enabled kernel
2014-10-09systemd-hibernate-resume@.service: remove unnecessary orderingIvan Shapovalov
They were left from an early review iteration, when hibernate-resume functionality was intended to work also outside of initramfs. Now this is not the case, and these dependencies became redundant as systemd-fsck-root.service can never be part of initramfs, and systemd-remount-fs.service makes little sense in it.
2014-10-09logind: mount per-user tmpfs with 'smackfsroot=*' for smack enabled systemsLukasz Skalski
2014-10-04consoled: add a unit fileTom Gundersen
The unit file is statically enabled, but still requires --enable-terminal to actually get installed.
2014-09-25readahead: wipe out readaheadDaniel Buch
2014-09-08units: networkd - order after udevTom Gundersen
This way we are sure that /dev/net/tun has been given the right permissions before we try to connect to it. Ideally, we should create tun/tap devices over netlink, and then this whole issue would go away.
2014-09-03initrd-parse-etc.service: ignore return code of daemon-reloadHarald Hoyer
It seems the return code of systemctl daemon-reload can be !=0 in some circumstances, which causes a failure of the unit and breaks booting in the initrd.
2014-08-31units: update rescue.service and emergency.serviceZbigniew Jędrzejewski-Szmek
^D works in emergency.service too. One needs to log in when in rescue mode too.
2014-08-31units: m4 is not needed for rescue.serviceZbigniew Jędrzejewski-Szmek
2014-08-30units: make emergency.service conflict with rescue.serviceZbigniew Jędrzejewski-Szmek
They both use StandardInput=tty-force so they cannot be run concurrently. https://bugs.freedesktop.org/show_bug.cgi?id=82778 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757072
2014-08-28systemd-journal-upload: fix invalid After=Marius Tessmann
After= belongs into [Unit], not [Install]. Found with systemd-analyze verify.
2014-08-28systemd-firstboot.service: fix man page sectionMarius Tessmann
Found with systemd-analyze verify.
2014-08-26hibernate-resume: add a tool to write a device node's major:minor to ↵Ivan Shapovalov
/sys/power/resume. This can be used to initiate a resume from hibernation by path to a swap device containing the hibernation image. The respective templated unit is also added. It is instantiated using path to the desired resume device.
2014-08-26units: order systemd-fsck@.service after local-fs-pre.target.Ivan Shapovalov
With this change, it becomes possible to order a unit to activate before any modifications to the file systems. This is especially useful for supporting resume from hibernation.
2014-08-15unit: remove spurious newlineLennart Poettering
2014-08-14ldconfig: add configure option to disableUmut Tezduyar Lindskog
2014-08-13journald: also increase the SendBuffer of /dev/log to 8MLennart Poettering
http://lists.freedesktop.org/archives/systemd-devel/2014-August/021825.html
2014-08-03ldconfig: dont run it if ldconfig is not installedUmut Tezduyar Lindskog
2014-07-17units: fix typoZbigniew Jędrzejewski-Szmek
vrutkovs> zbyszek: http://cgit.freedesktop.org/systemd/systemd/diff/units/systemd-journal-upload.service.in?id=ad95fd1d2b9c6344864857c2ba7634fd87753f8e - typo in Group name
2014-07-15units/serial-getty@.service: use the default RestartSecMichael Olbrich
For pluggable ttys such as USB serial devices, the getty is restarted and exits in a loop until the remove event reaches systemd. Under certain circumstances the restart loop can overload the system in a way that prevents the remove event from reaching systemd for a long time (e.g. at least several minutes on a small embedded system). Use the default RestartSec to prevent the restart loop from overloading the system. Serial gettys are interactive units, so waiting an extra 100ms really doesn't make a difference anyways compared to the time it takes the user to log in.
2014-07-15journal-remote: add units and read certs from default locationsZbigniew Jędrzejewski-Szmek