1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-25 06:03:40 +03:00

6623 Commits

Author SHA1 Message Date
Yu Watanabe
8f2f6a94d8 network: enable KeepConfiguration= when running on network filesystem
Also, set KeepConfiguration=dhcp-on-stop by default when running in
initrd.

Fixes #21967.

(cherry picked from commit ea853de57dd84a2173cd60e2ecec1b8c978e04f3)
2022-04-28 18:35:20 +02:00
Luca Boccassi
5b7c7ed357 core: do not return 'skipped' when Condition*= fail with StartUnitWithFlags()
Backward incompatible change to avoid returning 'skipped' if a condition causes
a job activation to be skipped when using StartUnitWithFlags().
Job results are broadcasted, so it is theoretically possible that existing
software could get confused if they see this result.

Replaces https://github.com/systemd/systemd/pull/22369

(cherry picked from commit ee3ae55e7537c716530b293c91f3fb9ae22a8049)
2022-03-10 20:40:50 +00:00
Zbigniew Jędrzejewski-Szmek
00b5aa8d74 portable: add return parameter to GetImageMetadataWithExtensions
The complaint was that the output array was used for two kinds of data, and the
input flag decided whether this extra data should be included. The flag is
removed, and instead the old method is changed to include the data always as
a separate parameter.

This breaks backward compatibility, but  the old method is effectively broken
and does not appear to be used yet, at least in open source code, by
searching on codesearch.debian.net and github.com.

Fixes #22404.

Co-authored-by: Luca Boccassi <bluca@debian.org>
(cherry picked from commit 087a799f64560bb0379b8a99ebbd9ca84804e4c3)
2022-03-09 21:20:15 +00:00
Luca Boccassi
a87fdd2af2 portable: add flag to return extension-releases in GetImageMetadataWithExtensions
Return the name of each extension and the associated extension-release
file, and pretty-print them in 'portablectl inspect', if a new flag
is passed.

$ portablectl inspect --extension app2 --extension app0  minimal app0 app1
(Matching unit files with prefixes 'app0', 'app1'.)
Image:
        /run/portables/minimal.raw
Portable Service:
        n/a
Operating System:
        Debian GNU/Linux 10 (buster)
Extension:
        /run/portables/app2.raw
        Extension Scope:
                n/a
        Extension Compatibility Level:
                n/a
        Portable Service:
                n/a
        Portable Prefixes:
                n/a
        Operating System:
                n/a (debian 10)
Extension:
        /run/portables/app0.raw
        Extension Scope:
                n/a
        Extension Compatibility Level:
                n/a
        Portable Service:
                n/a
        Portable Prefixes:
                n/a
        Operating System:
                n/a (debian 10)
Unit files:
        app0.service

(cherry picked from commit e3f7ed944ae750a40685c52349f3cc850db0876e)
2022-03-09 21:20:15 +00:00
Zbigniew Jędrzejewski-Szmek
7302937a08 journalctl: advertise --header a bit more
Fixes #2738.

(cherry picked from commit 367a5e8a67bbc2b5e03ca1a3e5a601ef49b5bd2a)
2022-03-05 21:03:32 +00:00
Zbigniew Jędrzejewski-Szmek
f1928ef819 man: describe UNIT=/USER_UNIT=
Fixes 17538.

(cherry picked from commit c1d1742a7f6a65f60dce1a4f22a22d443493757c)
2022-03-05 21:03:32 +00:00
Zbigniew Jędrzejewski-Szmek
6802c4dc8a man: tweak description of auto/noauto
I think the current behaviour is stupid: 'x-systemd.automount,noauto' should
mean that we create the units, but don't add .mount or .automount to any targets.
Instead, we completely ignore 'noauto'. But let's at least describe the
implementation.

Text suggested by dpartrid in the bug.

Fixes #21040.

(cherry picked from commit 55fabe92e2efb1a907d4c3c93dc63b96ff5b6860)
2022-03-05 21:03:32 +00:00
Zbigniew Jędrzejewski-Szmek
dd5ddebef5 man: describe capability checks on the bus
A description of SD_BUS_VTABLE_CAPABILITY is added, and the discussion
on SD_BUS_VTABLE_UNPRIVILEGED in expanded. I think it would be nice
to add longer description of how access is checked (maybe in sd-bus(3)),
but I'm leaving that for later. I think the text that was added here
describes everything, even if tersely.

Fixes #21882.

(cherry picked from commit b4e7d7555e6266ff566a17eb5f616b365771028f)
2022-03-05 21:03:32 +00:00
Zbigniew Jędrzejewski-Szmek
8e4c221585 man: fix formatting of macros in sd_bus_add_object
docbook would convert the newline to a space before the first argument:
  SD_BUS_METHOD_WITH_ARGS( member, args, result, handler)

And we need each item in a separate <para>, otherwise they'll all be in
one line.

(cherry picked from commit 3c080282e928a7edfcdb74feb2139ef1ac6f2ad0)
2022-03-05 21:03:32 +00:00
Zbigniew Jędrzejewski-Szmek
61c143b08c man: say that we ignore ignored options
Fixes #22057.

(cherry picked from commit 382586894b9c09974aa734a1f77d3f6f69126d76)
2022-03-05 21:03:32 +00:00
Zbigniew Jędrzejewski-Szmek
b634a0a615 man: drop outdated info about polkit in pid1
Fixes #22648.

(cherry picked from commit 46d362f406e1a75fc8f924b9b16d5d352be6d081)
2022-03-05 21:03:32 +00:00
Josh Triplett
3dc6881d87 file-hierarchy: Document /sys/fs/cgroup
file-hierarchy does not mention anything about the expected mountpoint
for cgroups. This may lead some software to believe it will need to
search for it (e.g. by scanning mountinfo) rather than just looking in
the canonical location.

Document the canonical mountpoint as /sys/fs/cgroup. Also provide
information on the non-default configurations, but
make it clear that in such configurations if cgroup2 is mounted (hybrid
mode) it won't have resource controllers attached. This will help
software know if it should fall back to /sys/fs/cgroup/unified or just
ignore that case.

(cherry picked from commit c8aeb9d672fac7ac2d1e350431b7b4e734b90a5d)
2022-03-05 21:03:32 +00:00
Zbigniew Jędrzejewski-Szmek
d4dd289f82 man: recommend built-in platform.freedesktop_os_release() in our page
Python gained support for reading os-release, let's advertise it a bit more.
Our open-coded example is still useful, but let's not suggest it as the
default implementation.

I added quotes around the printed string because it looks a bit better
this way.

(cherry picked from commit ee6fd6a50922d2b27c97084e1c3f9872d495c273)
2022-03-05 21:03:32 +00:00
Zbigniew Jędrzejewski-Szmek
ea65b10aab man: various issues reported in #22432
Fixes #22432.

(cherry picked from commit fe003f02dd19b9ae88af0384e5cf4f5934d1e9db)
2022-03-05 21:03:32 +00:00
Zbigniew Jędrzejewski-Szmek
b568be2aec man/systemd-analyze: split out example to a separate section
It turns out we can't have an Example nested in a list, and every
combination of nesting I tried looked bad either in troff or in html.
The whole example is moved to a separate section.

(cherry picked from commit e6ce19516315138d983ed4b7776d9ebd2fb296d8)
2022-03-05 21:03:32 +00:00
Zbigniew Jędrzejewski-Szmek
c1cdb13193 man: adjust command for Fedora installations
glibc now has Suggests:glibc-minimal-langpack, so we don't
need to mention it ourselves.

--repo=… is a nicer alternative to --disablerepo=* --enablerepo=….
It also avoids the issue with quoting.

Let's exclude weak deps, but install systemd-networkd, so the container
can configure networking if necessary.

(cherry picked from commit 8c4db5629c877425b2f46e414a94a8f24280a9d3)
2022-03-05 21:03:32 +00:00
Yu Watanabe
1ef56ad928 network: xfrm: refuse zero interface ID
Since kernel 5.17-rc1, 5.16.3, and 5.15.17 (more specifically,
8dce439195)
the kernel refuses to create an xfrm interface with zero ID.

(cherry picked from commit fd11005951920a0cee96f0c56f36d9ff8bc66a41)
2022-02-14 21:58:16 +00:00
Zbigniew Jędrzejewski-Szmek
8c4badc445 man: enhance the description of systemd-stdio-bridge
I hope that this fixes the comment
https://github.com/systemd/systemd/pull/22141#issuecomment-1013960371
> As someone who doesn't know what this prog does

The listing in the man page is sorted according to logical
use: all the options setting the address are now together.

(cherry picked from commit b7bb58ef70b0c876941a1c31ed4e2f5f1dc5ed0e)
2022-01-18 12:19:38 +01:00
Luca Boccassi
33aba4c50a systemd-stdio-bridge: add manpage
(cherry picked from commit cf18de1b265d06b8f72646a11a469e1191826030)
2022-01-18 12:19:30 +01:00
Luca Boccassi
5cc70d1759 man: change 'allow[s] to' -> 'allow[s] one to'
Lintian is opinionated about this and we get nagged

(cherry picked from commit 6eed65d455e9e76b020acbd858c20eafa43cebf8)
2022-01-18 12:19:20 +01:00
Yu Watanabe
44198d7ddb core: add missing dependency DBus properties
Follow-up for 0bc488c99ab2ed3464237607e381f4d72cd321d5.

Also sort dependency properties to make them match the definition of
`enum UnitDependency` in basic/unit-def.h.

Fixes #22133.

(cherry picked from commit adc1b76c30940da2f3fb11275f5b0e54ebbcd7f1)
2022-01-18 12:19:16 +01:00
Yu Watanabe
0874eaefa3 network: wireguard: also accept negative boolean values to disable adding routes
RouteTable=off was introduced to provide consistency with wg-quick
command. This makes the RouteTable= settings accepts other negative
boolean values.

(cherry picked from commit e135559d805e749a0a1f8d1396cf71f6edd94831)
2022-01-18 12:18:02 +01:00
Yu Watanabe
417622f42b network: wireguard: do not add routes to AllowedIPs= by default
As setting such routes may break existing setups.

Closes #21964.

(cherry picked from commit cfe1237f3859c0cb19b98a47870f49942d5537d9)
2022-01-18 12:17:57 +01:00
Benjamin Berg
6a6182c3f4 man: Add more details about desktop file processing
In particular, mention the contract the generator has with external
ExecCondition= binaries that may be provided by desktop environments.

But, also mention all the other relevant keys. In particular
X-systemd-skip= is important to be documented.

(cherry picked from commit 048d46999995847095e3b7a513ba0627e0179dec)
2022-01-18 12:16:31 +01:00
Zbigniew Jędrzejewski-Szmek
704d859eeb man+docs: adjust links to the new page
(cherry picked from commit 717e92ceb96471251f8242ad4f4c45cc2c68ecc9)
2022-01-12 22:11:10 +01:00
Zbigniew Jędrzejewski-Szmek
e7ed0ba895 docs: use https:// for fd.o links
(cherry picked from commit 931bc1957b13817fcb0ffe69958dd562202c8e4c)
2022-01-12 22:10:51 +01:00
lincoln auster
9a109a9a11 sd-bus/man: document EBUSY error in bus_message_read (#21954)
* sd-bus/man: document EBUSY error in bus_message_read

The EBUSY error can be returned from sd_bus_exit_container(), and, if
that happens, it will be propogated upwards towards bus_message_read. In
terms of documentation, this means that bus_message_read's man page
can't just include the error text for sd_bus_message_read_basic, as
reading basic types exclusively doesn't have the potential for this
error.

sd_bus_message_read_basic's error documentation isn't incorrect when
applied to sd_bus_message_read, it's just incomplete.  While EBUSY is
documented in sd_bus_message_open_container.xml,
it's explanation is unique to the sd_bus_message_exit_container function
and makes for poor documentation of the general read API.

(cherry picked from commit a1a03fa54bfb45315eefaa49ceb38a21aceafde8)
2022-01-11 20:30:50 +01:00
Zbigniew Jędrzejewski-Szmek
d1612a7163 man: add missing example title in systemd.network(5)
Also rename the file to match the example being extended.

(cherry picked from commit 55ac274ef4c1661f3053ae3a709202c918365f3b)
2022-01-09 21:25:17 +01:00
Noel Kuntze
19bb2b8443 network: complete example for xfrm setup
(cherry picked from commit 0d03e672a97c6ee85f563648e1ff40c88ce81d85)
2022-01-04 16:21:56 +01:00
Yu Watanabe
34b5684846 man: also add anotations for methods
Fixes #21882.
2021-12-24 10:18:11 +00:00
Yu Watanabe
add469f5a9 man: reindent and rebreak systemd.network
Also fixes the following:
- IPServiceType= is moved to [DHCPv4] section,
- drop an incorrect sentence in RouteMTUBytes= in [DHCPv4] section.
- drop unnecessary word 'unsigned'.
2021-12-23 11:26:18 +01:00
Zbigniew Jędrzejewski-Szmek
8ef114c692 nss-resolve: expose various source-disablement settings as variables
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=2006761:
> systemd-resolved always (reverse)-resolves the host's IP addresses and FQDN.
> This can be harmful when an application (for instance, a DNS zone manager) is
> installed on the same server instance.  That application would expect
> NXDOMAIN to be returned if the current server's IP does not belong in an
> already managed reverse zone.

This allows clients of nss-resolve to use the same config options that are
available through the dbus api and as command-line options to resolvectl.

The man page text is is mostly copied directly from
c6f20515ab600098b5c2871bae2e9ecab3b41555.
2021-12-21 02:28:52 +09:00
Zbigniew Jędrzejewski-Szmek
e803cf2139 man: correctly document default for DNSSEC= and DNSoverTLS=
https://bugzilla.redhat.com/show_bug.cgi?id=1926323
2021-12-20 10:56:14 +01:00
Zbigniew Jędrzejewski-Szmek
c6f20515ab man: describe flags for record resolving 2021-12-20 10:56:14 +01:00
Zbigniew Jędrzejewski-Szmek
1c4539afc0 man: describe $SYSTEMD_NSS_RESOLVE_VALIDATE
This variable has a pretty important effect, but we didn't mention it
anywhere in the docs. It was added in aee9d18c8d909eb7aca2838e4bce5da018b6a112.
2021-12-20 10:51:51 +01:00
Daan De Meyer
3e6357de9d
Merge pull request #21807 from keszybz/bootcls-no-autodetect
Use KERNEL_INSTALL_MACHINE_ID and KERNEL_INSTALL_LAYOUT with bootctl install
2021-12-20 10:43:18 +01:00
Luca Boccassi
47dba9fb09 path unit: add TriggerLimitBurst= and TriggerLimitIntervalSec=
Given there's now a default for these settings, also allow users to configure
them, matching socket units
2021-12-18 23:17:53 +00:00
Luca Boccassi
ef1aa10692 man: fix typo in systemd.socket.5 2021-12-18 17:23:53 +00:00
Frantisek Sumsal
b5c946d3b8 man: fix machine-id(5) man page reference
Spotted whilst debugging:
```
[763/2094] Generating man/machine-info.html with a custom command
Element cite in namespace '' encountered in para, but no template matches.
[765/2094] Generating man/machine-info.5 with a custom command
Element cite in namespace '' encountered in para, but no template matches.
```

Follow-up to 357376d0bb5.
2021-12-18 08:35:24 +09:00
Yu Watanabe
a00fd2a553
Merge pull request #21800 from keszybz/net-id-debugging
Add more debugging info to udev builtin net_id
2021-12-18 08:35:08 +09:00
Zbigniew Jędrzejewski-Szmek
1ff493d5c1 bootctl: deprecate --make-machine-id-directory=auto
Now that kernel-install creates the machine-id directory, we don't need to do
this is 'bootctl install', and in fact it's better not to do this since it
might never be necessary. So let's change the default behaviour to 'no'.

I kept support for 'auto' to maintain backwards compatibility, even though the
default was changed. Previous behaviour can be requested by specifying
--make-machine-id-directory=auto.
2021-12-17 18:48:08 +01:00
наб
641e2124de kernel-install: replace 00-entry-directory with K_I_LAYOUT in k-i
341890de866f2ee34919a47ce3fc6c8cd3c1924c made "bootctl install" create
ESP\MID, in preparation of cf73f650890b56a59bfb713c4c82b4e29daa7316 that
followed it and created 00-entry-directory.install to make ESP\MID\KVER
if ESP\MID existed ‒ this meant that "bootctl install" followed by
"kernel-install $(uname -r) /boot/vml*$(uname -r) /boot/ini*$(uname -r)"
actually installed the kernel correctly.

Later, 31e57550b552e113bd3d44355b237c41e42beb58 reverted the first
commit, meaning, that now running those two commands first installs
sd-boot, but then does nothing. Everything appears to work right,
nothing errors out, but no changes are actually done. To the untrained
eye (all of them), even running with -v appears to work:
all the hooks are run, as is depmod, but, again, nothing happens.

This is horrible. Nothing in either manpage suggests what to do
(nor should it, really), but the user is left with a bootloader that
appears fully funxional, since nothing suggests a failure in the output,
but with an unbootable machine, /no way to boot it/, even if they drop
to an EFI shell, since the boot bundle isn't present on the ESP,
and no real recourse even if they boot into a recovery system,
apart from installing like GRUB or whatever.

00- is purely instrumentation for 90-,
and separating one from the other has led to downstream dissatisfaxion
(indeed, the last mentioned commit cited cited exactly that as the
 reversion reason), while creating $ENTRY_DIR_ABS is only required
for bootloaders using the BLS, and shouldn't itself toggle anything.

To that end, introduce an /{e,l}/k/install.conf file that allows
overriding the detected layout, and detect it as "bls" if
$BOOT_ROOT/$MACHINE_ID ($ENTRY_DIR_ABS/..) exists, otherwise "other" ‒
if a user wishes to select a different bootloader,
like GRUB, they (or, indeed, the postinst script) can specify
layout=grub. This disables 90- and $ENTRY_DIR_ABS manipulation.
2021-12-17 14:57:56 +01:00
Zbigniew Jędrzejewski-Szmek
a2968e8366 man: use unicode superscripts to indicate the exponent 2021-12-17 11:45:55 +01:00
Zbigniew Jędrzejewski-Szmek
56f9ce31b9 man: fix two typos 2021-12-17 11:45:55 +01:00
Luca Boccassi
c6837e4e86
Merge pull request #21790 from keszybz/network-generator-always
Enable systemd-network-generator by default
2021-12-16 15:50:39 +00:00
Zbigniew Jędrzejewski-Szmek
0c0bb433db
Merge pull request #21757 from DaanDeMeyer/boot-id
kernel-install: Introduce KERNEL_INSTALL_MACHINE_ID in /etc/machine-info
2021-12-16 13:47:17 +01:00
Daan De Meyer
357376d0bb kernel-install: Introduce KERNEL_INSTALL_MACHINE_ID in /etc/machine-info
If KERNEL_INSTALL_MACHINE_ID is defined in /etc/machine-info, prefer it
over the machine ID from /etc/machine-id. If a machine ID is defined in
neither /etc/machine-info nor in /etc/machine-id, generate a new UUID
and try to write it to /etc/machine-info as KERNEL_INSTALL_MACHINE_ID
and use it as the machine ID if writing it to /etc/machine-info succeeds.

In practice, this means we have a more robust fallback if there's no
machine ID in /etc/machine-id than just using "Default" and allows
image builders to force kernel-install to use KERNEL_INSTALL_MACHINE_ID
by simply writing it to /etc/machine-info themselves.
2021-12-16 12:24:42 +01:00
Zbigniew Jędrzejewski-Szmek
66aaca688f man: split out a paragraph and shorten the text about sd-network-generator
The ordering of the service wrt. to udevd is enforced by unit configuration,
so no need to tell the user about this. From users' POV, the only thing that
counts is that the unit is enabled and then the right thing happens.
2021-12-16 09:56:13 +01:00
Yu Watanabe
a4c9bf2e51 network-generator: support to set NamePolicy= through kernel command line argument
Closes #16296.
2021-12-16 01:55:37 +09:00
Yu Watanabe
987dd89c77 meson: build network-generator unconditionally
The service also generates .link files for udevd.
2021-12-16 01:55:20 +09:00