mirror of
https://github.com/systemd/systemd-stable.git
synced 2025-02-12 21:57:27 +03:00
Merge pull request #4476 from poettering/systemctl-free
two minor systemctl memleak fixes
This commit is contained in:
Martin Pitt
GitHub
commit
803467c46d
86
NEWS
86
NEWS
@ -6,7 +6,8 @@ CHANGES WITH 232 in spe
|
||||
the user or group of a service when that service exits.
|
||||
|
||||
* The new ProtectKernelModules= option can be used to disable explicit
|
||||
load and unload operations of kernel modules by a service.
|
||||
load and unload operations of kernel modules by a service. In
|
||||
addition access to /usr/lib/modules is removed if this option is set.
|
||||
|
||||
* ProtectSystem= option gained a new value "strict", which causes the
|
||||
whole file system tree with the exception of /dev, /proc, and /sys,
|
||||
@ -229,6 +230,87 @@ CHANGES WITH 232 in spe
|
||||
running services in a race-free manner, and in particular collect
|
||||
information about exit statuses and results.
|
||||
|
||||
* The nss-resolve module has been changed to strictly return UNAVAIL
|
||||
when communication via D-Bus with resolved failed, and NOTFOUND when
|
||||
a lookup completed but was negative. This means it is now possible to
|
||||
neatly configure fallbacks using nsswitch.conf result checking
|
||||
expressions. Taking benefit of this, the new recommended
|
||||
configuration line for the "hosts" entry in /etc/nsswitch.conf is:
|
||||
|
||||
hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname
|
||||
|
||||
* A new setting CtrlAltDelBurstAction= has been added to
|
||||
/etc/systemd/system.conf which may be used to configure the precise
|
||||
behaviour if the user on the console presses Ctrl-Alt-Del more often
|
||||
than 7 times in 2s. Previously this would unconditionally result in
|
||||
an expedited, immediate reboot. With this new setting the precise
|
||||
operation may be configured in more detail, and also turned off
|
||||
entirely.
|
||||
|
||||
* In .netdev files two new settings RemoteChecksumTx= and
|
||||
RemoteChecksumRx= are now understood that permit configuring the
|
||||
remote checksumming logic for VXLAN networks.
|
||||
|
||||
* The service manager learnt a new "invocation ID" concept for invoked
|
||||
services. Each runtime cycle of a service will get a new invocation
|
||||
ID (a 128bit random UUID) assigned that identifies the current
|
||||
run of the service uniquely and globally. A new invocation ID
|
||||
is generated each time a service starts up. The journal will store
|
||||
the invocation ID of a service along with any logged messages, thus
|
||||
making the invocation ID useful for matching the online runtime of a
|
||||
service with the offline log data it generated in a safe way without
|
||||
relying on synchronized timestamps. In many ways this new service
|
||||
invocation ID concept is similar to the kernel's boot ID concept that
|
||||
uniquely and globally identifies the runtime of each boot. The
|
||||
invocation ID of a service is passed to the service itself via an
|
||||
environment variable ($INVOCATION_ID). A new bus call
|
||||
GetUnitByInvocationID() has been added that is similar to GetUnit()
|
||||
but instead of retrieving the bus path for a unit by its name
|
||||
retrieves it by its invocation ID. The returned path is valid only as
|
||||
long as the passed invocation ID is current.
|
||||
|
||||
* systemd-resolved gained a new "DNSStubListener" setting in
|
||||
resolved.conf. It either takes a boolean value or the special values
|
||||
"udp" and "tcp", and configures whether to enable the stub DNS
|
||||
listener on 127.0.0.53:53.
|
||||
|
||||
* IP addresses configured via networkd may now carry additional
|
||||
configuration settings supported by the kernel. New options include:
|
||||
HomeAddress=, DuplicateAddressDetection=, ManageTemporaryAddress=,
|
||||
PrefixRoute=, AutoJoin=.
|
||||
|
||||
* The PAM configuration fragment file for "user@.service" shipped with
|
||||
systemd (i.e. the --user instance of systemd) has been stripped to
|
||||
the minimum necessary to make the system boot. Previously, it
|
||||
contained Fedora-specific stanzas that did not apply to other
|
||||
distributions. It is expected that downstream distributions add
|
||||
additional configuration lines, matching their needs to this file,
|
||||
using it only as rough template of what systemd itself needs. Note
|
||||
that this reduced fragment does not even include an invocation of
|
||||
pam_limits which most distributions probably want to add, even though
|
||||
systemd itself does not need it. (There's also the new build time
|
||||
option --with-pamconfdir=no to disable installation of the PAM
|
||||
fragment entirely.)
|
||||
|
||||
* If PrivateDevices=yes is set for a service the CAP_SYS_RAWIO
|
||||
capability is now also dropped from its set (in addition to
|
||||
CAP_SYS_MKNOD as before).
|
||||
|
||||
* In service unit files it is now possible to connect a specific named
|
||||
file descriptor with stdin/stdout/stdout of an executed service. The
|
||||
name may be specified in matching .socket units using the
|
||||
FileDescriptorName= setting.
|
||||
|
||||
* A number of journal settings may now be configured on the kernel
|
||||
command line. Specifically, the following options are now understood:
|
||||
systemd.journald.max_level_console=,
|
||||
systemd.journald.max_level_store=,
|
||||
systemd.journald.max_level_syslog=, systemd.journald.max_level_kmsg=,
|
||||
systemd.journald.max_level_wall=.
|
||||
|
||||
* "systemctl is-enabled --full" will now show by which symlinks a unit
|
||||
file is enabled in the unit dependency tree.
|
||||
|
||||
CHANGES WITH 231:
|
||||
|
||||
* In service units the various ExecXYZ= settings have been extended
|
||||
@ -2106,7 +2188,7 @@ CHANGES WITH 219:
|
||||
files.
|
||||
|
||||
* systemd now provides a way to store file descriptors
|
||||
per-service in PID 1.This is useful for daemons to ensure
|
||||
per-service in PID 1. This is useful for daemons to ensure
|
||||
that fds they require are not lost during a daemon
|
||||
restart. The fds are passed to the daemon on the next
|
||||
invocation in the same way socket activation fds are
|
||||
|
||||
@ -2721,7 +2721,7 @@ typedef struct {
|
||||
static void wait_context_free(WaitContext *c) {
|
||||
c->match = sd_bus_slot_unref(c->match);
|
||||
c->event = sd_event_unref(c->event);
|
||||
c->unit_paths = set_free(c->unit_paths);
|
||||
c->unit_paths = set_free_free(c->unit_paths);
|
||||
}
|
||||
|
||||
static int on_properties_changed(sd_bus_message *m, void *userdata, sd_bus_error *error) {
|
||||
@ -2738,31 +2738,37 @@ static int on_properties_changed(sd_bus_message *m, void *userdata, sd_bus_error
|
||||
r = sd_bus_message_skip(m, "s");
|
||||
if (r < 0)
|
||||
return bus_log_parse_error(r);
|
||||
|
||||
r = sd_bus_message_enter_container(m, SD_BUS_TYPE_ARRAY, "{sv}");
|
||||
if (r < 0)
|
||||
return bus_log_parse_error(r);
|
||||
|
||||
while ((r = sd_bus_message_enter_container(m, SD_BUS_TYPE_DICT_ENTRY, "sv")) > 0) {
|
||||
const char *s;
|
||||
bool is_failed;
|
||||
|
||||
r = sd_bus_message_read(m, "s", &s);
|
||||
if (r < 0)
|
||||
return bus_log_parse_error(r);
|
||||
|
||||
if (streq(s, "ActiveState")) {
|
||||
bool is_failed;
|
||||
|
||||
r = sd_bus_message_enter_container(m, SD_BUS_TYPE_VARIANT, "s");
|
||||
if (r < 0)
|
||||
return bus_log_parse_error(r);
|
||||
|
||||
r = sd_bus_message_read(m, "s", &s);
|
||||
if (r < 0)
|
||||
return bus_log_parse_error(r);
|
||||
|
||||
is_failed = streq(s, "failed");
|
||||
if (streq(s, "inactive") || is_failed) {
|
||||
log_debug("%s became %s, dropping from --wait tracking", path, s);
|
||||
set_remove(c->unit_paths, path);
|
||||
c->any_failed |= is_failed;
|
||||
free(set_remove(c->unit_paths, path));
|
||||
c->any_failed = c->any_failed || is_failed;
|
||||
} else
|
||||
log_debug("ActiveState on %s changed to %s", path, s);
|
||||
|
||||
break; /* no need to dissect the rest of the message */
|
||||
} else {
|
||||
/* other property */
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user