1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-23 17:34:00 +03:00
Commit Graph

609 Commits

Author SHA1 Message Date
Lennart Poettering
8bbabc447b update TODO 2012-05-24 17:04:04 +02:00
Lennart Poettering
680705351d test: add touch to test machine 2012-05-24 15:21:43 +02:00
Lennart Poettering
ec8927ca59 main: add configuration option to alter capability bounding set for PID 1
This also ensures that caps dropped from the bounding set are also
dropped from the inheritable set, to be extra-secure. Usually that should
change very little though as the inheritable set is empty for all our uses
anyway.
2012-05-24 04:00:56 +02:00
Lennart Poettering
d5c446c95a update TODO 2012-05-23 12:52:39 +02:00
Lennart Poettering
1afd5be42f journal: don't complain if SELinux userspace is available but the kernel lacks it 2012-05-23 12:49:41 +02:00
Lennart Poettering
7b63bde1ed update TODO 2012-05-23 03:51:55 +02:00
Lennart Poettering
7c4c5f68a5 update TODO 2012-05-22 23:11:21 +02:00
Lennart Poettering
6b1dc2bd3c mount: replace PID1 internal fstab parser with generator
Bit by bit we should remove non-unit parsing from PID 1 and move into
generators, to clean up our code base a bit and clearly separate
parsers.
2012-05-22 19:25:17 +02:00
Lennart Poettering
8f33b5b8b3 util: rework in_initrd() logic
Checking the device major/minor is not a good idea. Let's replace this
with an explicit flag file, which we model after /etc/os-release and
call /etc/initrd-release.
2012-05-21 20:00:58 +02:00
Lennart Poettering
06e2968ea6 update TODO 2012-05-21 18:18:15 +02:00
Lennart Poettering
5b40d33761 update TODO 2012-05-21 17:55:54 +02:00
Lennart Poettering
f7f21d33db cryptsetup: a few simplifications 2012-05-21 17:22:40 +02:00
Lennart Poettering
97f25a02ee update TODO 2012-05-21 15:34:33 +02:00
Lennart Poettering
b86fa936ce update TODO 2012-05-21 15:28:07 +02:00
Lennart Poettering
1ab27db890 update TODO 2012-05-21 02:02:19 +02:00
Lennart Poettering
27b5482cc0 delta: add systemd-delta tool to find overriden configuration and unit files 2012-05-16 03:24:50 +02:00
Kay Sievers
20bbd54f60 udev: libudev - bump soname, remove deprecated functions, introduce symbol versions 2012-05-15 23:06:26 +02:00
Lennart Poettering
c1d70f7ca5 namespace: make PrivateTmp= apply to both /tmp and /var/tmp 2012-05-14 22:41:30 +02:00
Lennart Poettering
1c334d993a update TODO 2012-05-14 22:41:30 +02:00
Lennart Poettering
07f74a7ebd update TODO 2012-05-09 01:26:30 +02:00
Lennart Poettering
d889a2069a logind: implement suspend/hibernate calls with inhibition logic 2012-05-08 19:02:25 +02:00
Lennart Poettering
6edd7d0a09 sleep: implement suspend/hibernate as first class targets 2012-05-08 13:54:23 +02:00
Lennart Poettering
4943c1c94b logind: use "sleep" as generic term for "suspend", "hibernate", and later on "hybrid suspend" 2012-05-08 13:54:23 +02:00
Lennart Poettering
14038c2e83 update TODO 2012-05-07 22:20:56 +02:00
Lennart Poettering
465349c06d Update TODO 2012-05-07 22:20:55 +02:00
Lennart Poettering
eecd1362f7 logind: implement delay inhibitor locks in addition to block inhibitor locks
This is useful to allow applications to synchronously save data before
the system is suspended or shut down.
2012-05-05 00:36:08 +02:00
Kay Sievers
a26336da87 update TODO 2012-05-04 19:06:07 +02:00
Lennart Poettering
8703d59bee update TODO 2012-05-04 00:43:36 +02:00
Lennart Poettering
189455ab08 readahead: store inode numbers in pack file
If the inode nr for each file is available in the pack file we can
easily detect replaced files (like they result from package upgrades)
which we can then skip to readahead.
2012-05-04 00:34:12 +02:00
Lennart Poettering
37099707e2 cgroup: fix alloca() misuse in cg_shorten_controllers() 2012-05-03 23:23:38 +02:00
Lennart Poettering
06dab8e18a dbus: include unit name in JobNew/JobRemoved signals
This breaks D-Bus interface slightly, but since the D-Bus API isn't
covered by the interface stability promise this should be OK.
2012-05-03 22:53:25 +02:00
Lennart Poettering
7e2668c6fd service: warn if a dbus name is specified but the service type is not dbus 2012-05-03 14:42:49 +02:00
Lennart Poettering
e85647f73e update TODO 2012-05-03 02:25:49 +02:00
Lennart Poettering
c3276d2791 TODO 2012-04-30 10:52:07 +02:00
Lennart Poettering
896c3c783c update TODO 2012-04-30 10:52:07 +02:00
Kay Sievers
4ee7178202 update TODO 2012-04-30 00:46:38 +02:00
Kay Sievers
e01a15b71e update TODO 2012-04-26 02:03:31 +02:00
Lennart Poettering
a888b352eb update TODO 2012-04-24 14:59:54 +02:00
Lennart Poettering
3b2d5b02ae readahead: rather than checking for virtualization in the C code, use ConditionVirtualization= in the unit 2012-04-24 13:14:40 +02:00
Lennart Poettering
144f0fc0c8 nspawn: add --uuid= switch to allow setting the machine id for the container 2012-04-22 14:48:21 +02:00
Lennart Poettering
0f0dbc46cc nspawn: add -b switch to automatically look for an init binary 2012-04-22 14:11:32 +02:00
Lennart Poettering
3d9a412243 util: fix tty_is_vc_resolve() in a container where /sys/class/tty/console/active is misleading 2012-04-22 01:59:11 +02:00
Lennart Poettering
9efaf380a7 update TODO 2012-04-22 00:33:24 +02:00
Lennart Poettering
a0a3844815 main: log to the journal in container mode, by default 2012-04-20 12:40:01 +02:00
Kay Sievers
80037e4d17 docs: rebase html documentation for online and local use 2012-04-19 19:00:35 +02:00
Kay Sievers
ebcd5d3acd update TODO 2012-04-18 20:31:16 +02:00
Kay Sievers
88f642c00b build-sys: move dev-setup to label.la 2012-04-18 16:13:37 +02:00
Kay Sievers
5ba2dc259f udev: unify /dev static symlink setup 2012-04-17 22:31:38 +02:00
Kay Sievers
20ffc4c4a9 update TODO 2012-04-17 18:47:49 +02:00
Kay Sievers
512dabcdc6 update TODO 2012-04-17 16:54:45 +02:00
Lennart Poettering
25016cb67f update TODO 2012-04-17 15:36:03 +02:00
Kay Sievers
7c66aeba0f update TODO 2012-04-17 02:55:39 +02:00
Kay Sievers
9e13dbae50 udev: replace util_create_path() with mkdir_parents() 2012-04-17 01:09:39 +02:00
Kay Sievers
6ada823a9a udev: remove configuration options for /dev, /sys, /run directories 2012-04-16 19:20:57 +02:00
Lennart Poettering
b59e246565 logind: remove redundant entries from logind's default controller lists too 2012-04-16 19:15:00 +02:00
Lennart Poettering
b69d29ce04 systemctl: show main and control PID explicitly in cgroup-show
In some cases the main/control PID of a service can be outside of the
services cgroups (for example, if logind readjusts the processes'
cgroup). In order to clarify this for the user show the main/control PID
in the cgroup tree nonetheless, but mark them specially.
2012-04-16 18:59:40 +02:00
Lennart Poettering
c3175a7f40 cgls: don't show empty cgroups by default 2012-04-16 18:59:08 +02:00
Lennart Poettering
f8e2fb7b14 logind: add shutdown/suspend/idle inhibition framework 2012-04-16 18:59:08 +02:00
Kay Sievers
80172751b7 udev: udev_monitor_new_from_socket() - log error and remove from public header 2012-04-15 18:52:42 +02:00
Kay Sievers
194bbe3338 udev: cleanup the udev cgroup when the daemon enters the idle state 2012-04-15 03:11:08 +02:00
Kay Sievers
b45f770f00 udev: clarify man page regarding starting dameons 2012-04-14 21:53:26 +02:00
Lennart Poettering
ecedd90fcd service: place control command in subcgroup control/
Previously, we were brutally and onconditionally killing all processes
in a service's cgroup before starting the service anew, in order to
ensure that StartPre lines cannot be misused to spawn long-running
processes.

On logind-less systems this has the effect that restarting sshd
necessarily calls all active ssh sessions, which is usually not
desirable.

With this patch control processes for a service are placed in a
sub-cgroup called "control/". When starting a service anew we simply
kill this cgroup, but not the main cgroup, in order to avoid killing any
long-running non-control processes from previous runs.

https://bugzilla.redhat.com/show_bug.cgi?id=805942
2012-04-13 23:29:59 +02:00
Lennart Poettering
8aec53fb90 polkit: spawn agent in --fallback mode 2012-04-13 21:52:42 +02:00
Léo Gillot-Lamure
40c32a4ad4 One can specify in which cgroup hierarchies a systemd-nspawn container will appear 2012-04-12 00:46:09 +02:00
Lennart Poettering
23e0573cea update TODO 2012-04-11 23:56:58 +02:00
Lennart Poettering
4771148bb9 units: exclude gettys from isolate requests
gettys are nowadays mostly autospawned and hence usually subject to
being shut down on isolate requests, since they are no dependency of any
other unit. This is a bad idea if the user isolates between
multi-user.graphical and graphical.target, hence exclude them from the
isolation.

This has the effect that gettys no longer cleaned up when
emergency.target is isolated, which might actualy be considered a
feature, even though it is a change from previous behaviour...

Note that the one getty that really matters (the one on tty1) is still
removed when isolating to emergency.target since it conflicts with
emergency.service.
2012-04-11 22:37:48 +02:00
Lennart Poettering
f25626edf4 main: disarm watchdog when preparing for reexecution 2012-04-11 18:40:22 +02:00
Lennart Poettering
71ecc858fa main: drop container/initrd env vars from inherited set
Leave the env vars used in the container/initrd logic set for PID1, but
don't inherit them to any children.
2012-04-11 13:20:34 +02:00
Kay Sievers
d50f0b1c9f update TODO 2012-04-10 22:47:48 +02:00
Kay Sievers
b8b5e648ca update TODO 2012-04-09 22:07:18 +02:00
Kay Sievers
2d13da8821 udev: remove RUN+="socket:.." and udev_monitor_new_from_netlink() 2012-04-09 21:18:30 +02:00
Kay Sievers
1c0f62e37b udev: fix test-udev binary 2012-04-08 17:03:17 +02:00
Kay Sievers
07cd4fc168 udev: remove support for /lib/udev/devices/; tmpfiles should be used 2012-04-08 16:50:16 +02:00
Kay Sievers
baa30fbc2c udev: switch to systemd logging functions 2012-04-08 16:06:20 +02:00
Lennart Poettering
e96d6be763 systemd: add hardware watchdog support
This adds minimal hardware watchdog support to PID 1. The idea is that
PID 1 supervises and watchdogs system services, while the hardware
watchdog is used to supervise PID 1.

This adds two hardware watchdog configuration options, for the runtime
watchdog and for a shutdown watchdog. The former is active during normal
operation, the latter only at reboots to ensure that if a clean reboot
times out we reboot nonetheless.

If the runtime watchdog is enabled PID 1 will automatically wake up at
half the configured interval and write to the watchdog daemon.

By default we enable the shutdown watchdog, but leave the runtime
watchdog disabled in order not to break independent hardware watchdog
daemons people might be using.

This is only the most basic hookup. If necessary we can later on hook
up the watchdog ping more closely with services deemed crucial.
2012-04-05 22:15:29 +02:00
Kay Sievers
b8217b7bd5 update TODO 2012-04-04 14:57:36 +02:00
Kay Sievers
3e2147858f move imported udev into place 2012-04-04 05:05:07 +02:00
Lennart Poettering
3eff4208ff logind: log with AUTH facility 2012-04-03 19:26:02 +02:00
Lennart Poettering
568b679f2a systemctl: make -f short for both --follow and --force 2012-04-03 14:43:48 +02:00
Lennart Poettering
08f23fd29c update TODO 2012-04-03 14:27:13 +02:00
Lennart Poettering
3cc588803d update TODO 2012-04-02 20:54:15 +02:00
Lennart Poettering
b070e7f3c9 journal: implicitly add code location to all messages logged with the native interface
This logic can be turned off by defining SD_JOURNAL_SUPPRESS_LOCATION
before including sd-journal.h.

This also saves/restores errno in all logging functions, in order to be
useful as logging calls without side-effects.

This also adds a couple of __unlikely__ around the early checks in the
logging calls, in order to minimize the runtime impact.
2012-04-02 19:29:48 +02:00
Lennart Poettering
1fa80181ae journal: decrease default mmap window size to allow a bigger number of journals to be traversed in parallel 2012-04-02 19:29:47 +02:00
Kay Sievers
18b754d345 rename /etc/systemd/systemd-{login,journal}d.conf to {login,journal}d.conf 2012-03-30 23:36:44 +02:00
Lennart Poettering
231931ffba units: don't mount tmpfs on /media anymore
udisks2 doesn't use /media anymore, instead mounts removable media in a
user-private directory beneath /run. /media is hence mostly obsolete and
hence it makes little sense to continue to mount a tmpfs to it.

Distributions should consider dropping the mount point entirely since
nothing uses it anymore.
2012-03-27 17:04:22 +02:00
Lennart Poettering
2bd3c38a44 journalctl: add --local switch 2012-03-27 00:14:29 +02:00
Lennart Poettering
169c4f6513 journalctl,loginctl: drop systemd- prefix in binary names
Let's make things a bit easier to type, drop the systemd- prefix for
journalctl and loginctl, but provide the old names for compat.

All systemd binaries are hence now prefixed with "systemd-" with the
exception of the three primary user interface binaries:

systemctl
loginctl
journalctl

For those three we do provide systemd-xyz names as well, via symlinks:

systemd-systemctl → systemctl
systemd-loginctl → loginctl
systemd-journalctl → journalctl

We do this only for the *primary* user tools, in order to avoid
unnecessary namespace problems. That means tools like systemd-notify
stay the way they are.
2012-03-26 20:58:47 +02:00
Lennart Poettering
6ba383fa49 update TODO 2012-03-22 01:42:34 +01:00
Lennart Poettering
bd08f24224 man: fix parameter name for sd_uid_xxx() 2012-03-20 15:28:35 +01:00
Lennart Poettering
38cacf5acd man: make sure we ship HTML versions of the man pages in the tarball 2012-03-16 01:25:32 +01:00
Lennart Poettering
5c3246b1a6 man: document journal features of systemctl(1) 2012-03-16 01:00:23 +01:00
Kay Sievers
d3c7d7dd77 update TODO 2012-03-15 12:43:53 +01:00
Lennart Poettering
71100051c5 journald: increase max file size to 128MB 2012-03-15 02:57:39 +01:00
Lennart Poettering
fb0864e7b9 virt: the pidns controller does not exist anymore 2012-03-15 00:43:47 +01:00
Lennart Poettering
18da49531e update TODO 2012-03-14 19:10:29 +01:00
Lennart Poettering
8af0fcdb90 update TODO 2012-03-14 17:23:43 +01:00
Lennart Poettering
0d1575814b update TODO 2012-03-14 14:37:49 +01:00
Lennart Poettering
9586cdfab6 socket: if we fail to create an instantiated service for a socket, don't put the socket in failure mode
An incoming connection that is immediately terminated might result in
getpeername() or a similar call failing. Hence it is quite possible that
while we are setting up an instantiated service for a socket we might
get an error and we shouldn't take this as hint to take the listening
socket down.

https://bugs.freedesktop.org/show_bug.cgi?id=45297
https://bugzilla.novell.com/show_bug.cgi?id=741590
2012-03-14 03:01:27 +01:00
Lennart Poettering
6b80b9b8ee update TODO 2012-03-13 13:44:47 +01:00
Lennart Poettering
54ecda32c6 socket: add option for SO_PASSEC
https://bugzilla.redhat.com/show_bug.cgi?id=798760

(Note that this work is not complete yet, as the kernel seems to send us
useless data with SCM_SECURITY enabled)
2012-03-13 00:00:27 +01:00
Lennart Poettering
7f110ff9b8 conf: enforce UTF8 validty everywhere
we need to make sure that configuration data we expose via the bus ends
up in using getting an assert(). Even though configuration data is only
parsed from trusted sources we should be more careful with what we read.
2012-03-12 22:22:21 +01:00
Lennart Poettering
8d2831af71 update TODO 2012-03-12 14:01:27 +01:00
Lennart Poettering
93e487fc8f update TODO 2012-03-06 12:55:57 +01:00
Lennart Poettering
0716c60e37 update TODO 2012-03-06 01:36:58 +01:00
Lennart Poettering
4007e72e05 update TODO 2012-03-06 01:30:00 +01:00
Lennart Poettering
9cacf56451 umount: don't try to umount /usr, if we are running from it 2012-03-06 01:28:32 +01:00
Lennart Poettering
7d900eb6f5 update TODO 2012-03-05 22:55:49 +01:00
Lennart Poettering
101f077676 update TODO 2012-03-05 14:09:27 +01:00
Lennart Poettering
d0e5a33374 update TODO 2012-02-20 19:56:14 +01:00
Lennart Poettering
f7f964eb36 update TODO 2012-02-20 15:54:28 +01:00
Lennart Poettering
e606bb61d0 systemctl: introduce systemctl reboot -ff 2012-02-15 20:05:49 +01:00
Lennart Poettering
068665b6fd update TODO 2012-02-15 02:39:52 +01:00
Lennart Poettering
51f58f083a login: add new sd_session_get_type() and sd_session_get_class API calls 2012-02-14 21:54:00 +01:00
Kay Sievers
6edd7ca162 update TODO 2012-02-14 19:24:39 +01:00
Lennart Poettering
15e9fbd851 TODO 2012-02-13 17:01:08 +01:00
Lennart Poettering
53ed2eeb2e TODO 2012-02-11 01:18:03 +01:00
Lennart Poettering
05d02d8db0 main: fix reexecution of systemd, use right path to binary 2012-02-09 23:25:57 +01:00
Lennart Poettering
353e12c2f4 service: ignore SIGPIPE by default 2012-02-09 03:18:04 +01:00
Lennart Poettering
12ac304714 update TODO 2012-02-09 02:13:36 +01:00
Tom Gundersen
83684a3553 modules-load: use libkmod rather than modprobe 2012-02-09 00:47:09 +01:00
Tom Gundersen
728beb28a7 kmod-setup: use libkmod rather than modprobe 2012-02-09 00:43:05 +01:00
Lennart Poettering
2496985585 update TODO 2012-02-08 21:59:28 +01:00
Lennart Poettering
20908246d6 update TODO 2012-02-07 14:39:26 +01:00
Lennart Poettering
acb14d318b cgroup: when getting cgroup empty notifications, always search up the tree 2012-02-03 05:25:31 +01:00
Lennart Poettering
680a1dbc35 update TODO 2012-02-03 05:06:03 +01:00
Lennart Poettering
803a3464ce coredump: avoid coredump loops, divert coredump if journald itself is crashing 2012-02-02 01:22:49 +01:00
Lennart Poettering
c4aa65e714 logind: add GetSessionByPID() bus call 2012-02-01 19:04:54 +01:00
Lennart Poettering
7e64c73a93 update TODO 2012-01-31 23:13:25 +01:00
Lennart Poettering
b3e0604274 update TODO 2012-01-31 18:23:52 +01:00
Lennart Poettering
36e43bddd0 update TODO 2012-01-23 22:03:32 +01:00
Lennart Poettering
b61c90514e update TODO 2012-01-23 22:02:43 +01:00
Lennart Poettering
a558d00381 journal: move journal TODO into main TODO 2012-01-23 22:01:29 +01:00
Lennart Poettering
7c69716810 util: use /dev/rtc symlink if possible before we go searching for a suitable device 2012-01-23 21:56:55 +01:00
Lennart Poettering
51122dc9e3 util: open the first RTC that has hctosys=1 set 2012-01-21 03:15:54 +01:00
Lennart Poettering
05aa9edde0 readahead: don't monopolize IO when replaying 2012-01-21 02:51:13 +01:00
Kay Sievers
c7eb4b85c3 update TODO 2012-01-21 01:19:57 +01:00
Lennart Poettering
31ed59c511 tmpfiles: support writing short strings to files, in order to support /sys manipulations at boot time, a la sysctl 2012-01-18 16:39:04 +01:00
Lennart Poettering
8d53b4534a exec: introduce ControlGroupPersistant= to make cgroups persistant 2012-01-18 15:40:21 +01:00
Lennart Poettering
62f21ec91a journalctl: properly honour -n when -f is passed, too 2012-01-18 13:56:02 +01:00
Lennart Poettering
87a8baa35d update TODO 2012-01-18 13:56:02 +01:00
Lennart Poettering
5ba081b0fb log: make internal log api log directly to the journal 2012-01-12 04:34:31 +01:00
Lennart Poettering
dddd8168d2 Update TODO 2012-01-11 02:58:14 +01:00
Lennart Poettering
b3fa47e081 update TODO 2012-01-11 02:52:01 +01:00
Lennart Poettering
aaf53376aa journald: remove inner loop debug message 2012-01-07 04:10:21 +01:00
Lennart Poettering
bda061759c logind: send out Lock signal when locking 2012-01-03 23:08:15 +01:00
Kay Sievers
bb765041af gnome-ask-password-agent: require libnotify >= 0.7.0 2011-12-31 18:15:27 +01:00
Lennart Poettering
dc1ecd78e9 Merge branch 'journal' 2011-12-31 00:59:37 +01:00
Kay Sievers
69b1c67463 update TODO 2011-12-29 14:09:04 +01:00
Lennart Poettering
6e409ce10d journald: implement sophisticated rate limiting 2011-12-27 22:51:46 +01:00
Lennart Poettering
807e17f05e journal: add inline compression support with XZ 2011-12-21 02:40:59 +01:00