1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-25 23:21:33 +03:00
Commit Graph

142 Commits

Author SHA1 Message Date
Michael Biebl
aff804febc tmpfiles: create /var/log/lastlog if it does not exist
Create /var/log/lastlog the same way we create utmp and wtmp.
This is useful for stateless systems where /var is volatile and a
missing /var/log/lastlog otherwise creates error messages like

Jun 27 20:00:00 huron sshd[1234]: lastlog_openseek: Couldn't stat /var/log/lastlog: No such file or directory

Fixes #6234
2017-06-29 08:01:37 +02:00
Yu Watanabe
525e9db3b3 meson: do not use path separator for target name (#6177)
Fixes #6158.
2017-06-22 21:27:07 -04:00
Franck Bui
f47183183c build: *really* install tmpfiles.d/systemd-remote.conf when necessary (#6061)
This fixes commit 5e354b2252 which was an attempt to avoid installation
of tmpfiles.d/systemd-remote.conf when it was not needed (ie HAVE_REMOTE=false).

Before this fix and with the autotool build, systemd-remote.conf was
distributed and also installed (although it was empty) even though
HAVE_REMOTE=false.

That's what happens when doing last second changes without retesting...

While at it, update tmpfiles.d/.gitignore (var.conf was missing as well
since commit a083537e5d).
2017-05-31 09:44:08 -04:00
Franck Bui
5e354b2252 build: only install tmpfiles.d/systemd-remote.conf when necessary (#6051)
Also only include the relevant parts for systemd-journal-remote and
systemd-journal-upload when needed.
2017-05-30 13:27:26 -04:00
codekipper
a083537e5d tmpfiles: Remove unnecessary utmp file creation (#6006)
If utmp is disabled (--disable-utmp) then there is no need to create
the wtmp and btmp files.
2017-05-24 11:10:59 +02:00
Zbigniew Jędrzejewski-Szmek
2c201c2140 meson: use booleans for conf.set and drop unecessary conditionals
Using conf.set() with a boolean argument does the right thing:
either #ifdef or #undef. This means that conf.set can be used unconditionally.

Previously I used '1' as the placeholder value, and that needs to be changed to
'true' for consistency (under meson 1 cannot be used in boolean context). All
checks need to be adjusted.
2017-05-02 16:29:11 -04:00
Zbigniew Jędrzejewski-Szmek
37efbbd821 meson: reindent all files with 8 spaces
The indentation for emacs'es meson-mode is added .dir-locals.

All files are reindented automatically, using the lasest meson-mode from git.
Indentation should now be fairly consistent.
2017-04-23 21:47:29 -04:00
Michael Biebl
e17e5ba9bf meson: use join_paths consistently
With -Dsplit-usr=true, we set rootprefix to /. This leads to //lib/systemd or
//lib/udev for various dir variables. Using join_paths() avoids this.
2017-04-23 21:47:28 -04:00
Zbigniew Jędrzejewski-Szmek
94e75a5409 meson: create dirs and touch /usr
This is the equivalent of $(INSTALL_DIRS) and install-touch-usr-hook.
I did not bother to create the directories into which we install files,
since they will be created anyway.

v2:
- remove bashism
2017-04-23 21:47:27 -04:00
Zbigniew Jędrzejewski-Szmek
5c23128dab meson: build systemd using meson
It's crucial that we can build systemd using VS2010!

... er, wait, no, that's not the official reason. We need to shed old systems
by requring python 3! Oh, no, it's something else. Maybe we need to throw out
345 years of knowlege accumulated in autotools? Whatever, this new thing is
cool and shiny, let's use it.

This is not complete, I'm throwing it out here for your amusement and critique.

- rules for sd-boot are missing. Those might be quite complicated.

- rules for tests are missing too. Those are probably quite simple and
  repetitive, but there's lots of them.

- it's likely that I didn't get all the conditions right, I only tested "full"
  compilation where most deps are provided and nothing is disabled.

- busname.target and all .busname units are skipped on purpose.

  Otherwise, installation into $DESTDIR has the same list of files and the
  autoconf install, except for .la files.

It'd be great if people had a careful look at all the library linking options.
I added stuff until things compiled, and in the end there's much less linking
then in the old system. But it seems that there's still a lot of unnecessary
deps.

meson has a `shared_module` statement, which sounds like something appropriate
for our nss and pam modules. Unfortunately, I couldn't get it to work. For the
nss modules, we need an .so version of '2', but `shared_module` disallows the
version argument. For the pam module, it also didn't work, I forgot the reason.

The handling of .m4 and .in and .m4.in files is rather awkward. It's likely
that this could be simplified. If make support is ever dropped, I think it'd
make sense to switch to a different templating system so that two different
languages and not required, which would make everything simpler yet.

v2:
- use get_pkgconfig_variable
- use sh not bash
- use add_project_arguments

v3:
- drop required:true and fix progs/prog typo

v4:
- use find_library('bz2')
- add TTY_GID definition
- define __SANE_USERSPACE_TYPES__
- use join_paths(prefix, ...) is used on all paths to make them all absolute

v5:
- replace all declare_dependency's with []
- add more conf.get guards around optional components

v6:
- drop -pipe, -Wall which are the default in meson
- use compiler.has_function() and compiler.has_header_symbol instead of the
  hand-rolled checks.
- fix duplication in 'liblibsystemd' library name
- use the right .sym file for pam_systemd
- rename 'compiler' to 'cc': shorter, and more idiomatic.

v7:
- use ENABLE_ENVIRONMENT_D not HAVE_ENVIRONMENT_D
- rename prefix to prefixdir, rootprefix to rootprefixdir
  ("prefix" is too common of a name and too easy to overwrite by mistake)
- wrap more stuff with conf.get('ENABLE...') == 1
- use rootprefix=='/' and rootbindir as install_dir, to fix paths under
  split-usr==true.

v8:
- use .split() also for src/coredump. Now everything is consistent ;)
- add rootlibdir option and use it on the libraries that require it

v9:
- indentation

v10:
- fix check for qrencode and libaudit

v11:
- unify handling of executable paths, provide options for all progs

  This makes the meson build behave slightly differently than the
  autoconf-based one, because we always first try to find the executable in the
  filesystem, and fall back to the default. I think different handling of
  loadkeys, setfont, and telinit was just a historical accident.

  In addition to checking in $PATH, also check /usr/sbin/, /sbin for programs.
  In Fedora $PATH includes /usr/sbin, (and /sbin is is a symlink to /usr/sbin),
  but in Debian, those directories are not included in the path.

  C.f. https://github.com/mesonbuild/meson/issues/1576.

- call all the options 'xxx-path' for clarity.
- sort man/rules/meson.build properly so it's stable
2017-04-23 21:47:26 -04:00
lewo
15fcdc98cf tmpfiles.d: set primary group rights to r-w (#5265)
If the /var/log/journal directory is created with rigths 700, the application
of an ACL rules without any primary group right sets it to 0. A chmod 755 on
this file will then only set the ACL mask and let the ACL primary group right
to 0. The directory is then unreadable for the primary group.

This patch explicitly sets the primary group to avoid this problem.

Fixes #5264.
2017-02-07 18:56:55 -05:00
Lennart Poettering
dc7621a571 tmpfiles: automatically remove old private tmp dirs after reboot
Let's automatically destory per-unit private temporary directories, as
they are created by PrivateTmp=yes on each boot, if we notice them to be
around, in case they are left-overs from the last boot.

Fixes: #4401
2016-12-27 23:54:02 +01:00
Torstein Husebø
61233823aa treewide: fix typos and remove accidental repetition of words 2016-07-11 16:18:43 +02:00
Lennart Poettering
b30bf55d5c resolved: respond to local resolver requests on 127.0.0.53:53
In order to improve compatibility with local clients that speak DNS directly
(and do not use NSS or our bus API) listen locally on 127.0.0.53:53 and process
any queries made that way.

Note that resolved does not implement a full DNS server on this port, but
simply enough to allow normal, local clients to resolve RRs through resolved.
Specifically it does not implement queries without the RD bit set (these are
requests where recursive lookups are explicitly disabled), and neither queries
with DNSSEC DO set in combination with DNSSEC CD (i.e. DNSSEC lookups with
validation turned off). It also refuses zone transfers and obsolete RR types.
All lookups done this way will be rejected with a clean error code, so that the
client side can repeat the query with a reduced feature set.

The code will set the DNSSEC AD flag however, depending on whether the data
resolved has been validated (or comes from a local, trusted source).

Lookups made via this mechanisms are propagated to LLMNR and mDNS as necessary,
but this is only partially useful as DNS packets cannot carry IP scope data
(i.e. the ifindex), and hence link-local addresses returned cannot be used
properly (and given that LLMNR/mDNS are mostly about link-local communication
this is quite a limitation). Also, given that DNS tends to use IDNA for
non-ASCII names, while LLMNR/mDNS uses UTF-8 lookups cannot be mapped 1:1.

In general this should improve compatibility with clients bypassing NSS but
it is highly recommended for clients to instead use NSS or our native bus API.

This patch also beefs up the DnsStream logic, as it reuses the code for local
TCP listening. DnsStream now provides proper reference counting for its
objects.

In order to avoid feedback loops resolved will no silently ignore 127.0.0.53
specified as DNS server when reading configuration.

resolved listens on 127.0.0.53:53 instead of 127.0.0.1:53 in order to leave
the latter free for local, external DNS servers or forwarders.

This also changes the "etc.conf" tmpfiles snippet to create a symlink from
/etc/resolv.conf to /usr/lib/systemd/resolv.conf by default, thus making this
stub the default mode of operation if /etc is not populated.
2016-06-21 14:15:23 +02:00
Franck Bui
d428dd6ac9 tmpfiles: don't set the x bit for volatile system journal when ACL support is enabled (#3079)
When ACL support is enabled, systemd-tmpfiles-setup service sets the following
ACL entries to the volatile system journal:

   $ getfacl /run/log/journal/*/system.journal
   getfacl: Removing leading '/' from absolute path names
   # file: run/log/journal/xxx/system.journal
   # owner: root
   # group: systemd-journal
   user::rwx
   group::r--
   group🛞r-x
   group:adm:r-x
   mask::r-x
   other::---

This patch makes sure that the exec bit is not set anymore for the volatile
system journals.
2016-05-03 19:29:11 -04:00
Franck Bui
7178cd76f2 build-sys: allow references to adm group to be omitted (#3150) 2016-05-01 00:02:17 -04:00
Zbigniew Jędrzejewski-Szmek
2a998ffa1e build-sys: allow references to wheel group to be omitted
https://github.com/systemd/systemd/issues/2492
2016-02-17 23:47:23 -05:00
Martin Pitt
61f32bff61 tmpfiles: drop /run/lock/lockdev
Hardly any software uses that any more, and better locking mechanisms like
flock() have been available for many years.

Also drop the corresponding "lock" group from sysusers.d/basic.conf.in, as
nothing else is using this.
2016-02-01 12:16:24 +01:00
Yu Watanabe
dcdd441140 journal-remote: change owner of /var/log/journal/remote and create /var/lib/systemd/journal-upload 2016-01-15 15:19:52 +09:00
Zbigniew Jędrzejewski-Szmek
afae249efa tmpfiles: set acls on system.journal explicitly
https://github.com/systemd/systemd/issues/1397
2015-11-29 23:38:09 -05:00
Zbigniew Jędrzejewski-Szmek
57d5b3130c tmpfiles: also set acls on /var/log/journal
This way, directories created later for containers or for
journald-remote, will be readable by adm & wheel groups by default,
similarly to /var/log/journal/%m itself.

https://github.com/systemd/systemd/issues/1971
2015-11-29 18:37:01 -05:00
Lennart Poettering
822cd60135 tmpfiles.d: change all subvolumes to use quota
Let's make sure the subvolumes we create fit into a sensible definition
of a quota tree.
2015-10-22 01:59:25 +02:00
Sangjung Woo
1fab0cbafc smack: label /etc/mtab as "_" when '--with-smack-run-label' is enabled.
/etc/mtab should be labeled as "_", even though systemd has its own
smack label using '--with-smack-run-label' configuration. This is mainly
because all processes could read that file and the origin of this file
(i.e. /proc/mounts) is labeled as "_". This labels /etc/mtab as "_" when
'--with-smack-run-label' is enabled.
2015-09-10 21:52:39 +09:00
Lennart Poettering
8b258a645a tmpfiles: don't recursively descend into journal directories in /var
Do so only in /run. We shouldn't alter ACLs for existing files in /var,
but only for new files. If the admin made changes to the ACLs they
shouls stay in place.

We should still do recursive ACL changes for files in /run, since those
are not persistent, and will hence lack ACLs on every boot.

Also, /var/log/journal might be quit large, /run/log/journal is usually
not, hence we should avoid the recursive descending on /var, but not on
/run.

Fixes #534
2015-07-09 18:46:01 -03:00
Lennart Poettering
770b5ce4fc tmpfiles: automatically remove old machine snapshots at boot
Remove old temporary snapshots, but only at boot. Ideally we'd have
"self-destroying" btrfs snapshots that go away if the last last
reference to it does. To mimic a scheme like this at least remove the
old snapshots on fresh boots, where we know they cannot be referenced
anymore. Note that we actually remove all temporary files in
/var/lib/machines/ at boot, which should be safe since the directory has
defined semantics. In the root directory (where systemd-nspawn
--ephemeral places snapshots) we are more strict, to avoid removing
unrelated temporary files.

This also splits out nspawn/container related tmpfiles bits into a new
tmpfiles snippet to systemd-nspawn.conf
2015-06-15 19:28:55 +02:00
Colin Guthrie
bb243d471b tmpfiles: Fix comment typo 2015-06-01 09:27:47 +01:00
Zbigniew Jędrzejewski-Szmek
6921bf11fa tmpfiles: create /etc/resolv.conf symlink only on boot
We will create the symlink on boot as a fallback to provide name
resolution. But if the symlink was removed afterwards, it most likely
should not be recreated. Creating it only on boot also solves the
issue where it would be created prematurely during installation,
before the system was actually booted.

https://bugzilla.redhat.com/show_bug.cgi?id=1197204
2015-05-21 14:23:09 -04:00
Lennart Poettering
fed2b07ebc tmpfiles: make /home and /var btrfs subvolumes by default when booted up with them missing
This way the root subvolume can be left read-only easily, and variable
and user data writable with explicit quota set.
2015-04-21 17:43:55 +02:00
Lennart Poettering
451d691ae1 tmpfiles: there's no systemd-forbid-user-logins.service service 2015-04-21 17:43:55 +02:00
Goffredo Baroncelli
3a92e4ba47 tmpfiles: Add +C attrib to the journal files directories
Add the +C file attribute (NOCOW) to the journal directories, so that
the flag is inherited automatically for new journal files created in
them. The journal write pattern is problematic on btrfs file systems as
it results in badly fragmented files when copy-on-write (COW) is used:
the performances decreases substantially over time.

To avoid this issue, this tmpfile.d snippet sets the NOCOW attribute to
the journal files directories, so newly created journal files inherit
the NCOOW attribute that disables copy-on-write.

Be aware that the NOCOW file attribute also disables btrfs checksumming
for these files, and thus prevents btrfs from rebuilding corrupted files
on a RAID filesystem.

In a single disk filesystems (or filesystems without redundancy) it is
safe to use the NOCOW flags without drawbacks, since the journal files
contain their own checksumming.
2015-04-13 16:37:52 +02:00
Ross Burton
3b33b54273 tmpfiles.d: only copy /etc/pam.d if PAM is present
If HAVE_PAM isn't set then don't attempt to copy /etc/pam.d from the
factory, as it doesn't get installed.
2015-03-03 12:55:34 -05:00
Sangjung Woo
d109a95f3d tmpfiles: Remove unnecessary blank line when configured with "--disable-resolved"
This patch removes unnecessary blank line in
/usr/lib/tmpfiles.d/etc.conf when configured with "--disable-resolved".
(i.e. ENABLE_RESOLVED is not defined)
2015-02-02 16:46:00 +01:00
Zbigniew Jędrzejewski-Szmek
a48a62a1af tmpfiles: use ACL magic on journal directories 2015-01-22 01:14:53 -05:00
Lennart Poettering
5f129649b9 nspawn,machined: change default container image location from /var/lib/container to /var/lib/machines
Given that this is also the place to store raw disk images which are
very much bootable with qemu/kvm it sounds like a misnomer to call the
directory "container". Hence, let's change this sooner rather than
later, and use the generic name, in particular since we otherwise try to
use the generic "machine" preferably over the more specific "container"
or "vm".
2015-01-15 01:47:21 +01:00
Lennart Poettering
814f000872 tmpfiles.d: upgrade a couple of directories we create at boot to subvolumes
In particular we upgrade /var/lib/container, /var/tmp and /tmp to
subvolumes.
2014-12-28 02:08:40 +01:00
Łukasz Stelmach
5a16bc264c build-sys: configure the list of system users, files and directories
Choose which system users defined in sysusers.d/systemd.conf and files
or directories in tmpfiles.d/systemd.conf, should be provided depending
on comile-time configuration.
2014-11-30 23:50:19 -05:00
Martin Pitt
f148ae1489 tmpfiles.d: Fix directory name
The .service uses "/var/lib/container", not "containers".
2014-11-25 11:39:30 +01:00
Martin Pitt
797e7a51cd tmpfiles.d: Create /var/lib/containers
Create /var/lib/containers so that it exists with an appropriate mode. We want
0700 by default so that users on the host aren't able to call suid root
binaries in the container. This becomes a security issue if a user can enter a
container as root, create a suid root binary, and call that from the host.
(This assumes that containers are caged by mandatory access control or are
started as user).
2014-11-21 00:34:26 +01:00
Tom Gundersen
aeb50ff0bd tmpfiles: make resolv.conf entry conditional on resolved support 2014-08-27 18:17:16 +02:00
Kay Sievers
94a15ffa14 factory: install minimal PAM and nsswitch config 2014-07-29 16:58:18 +02:00
Zbigniew Jędrzejewski-Szmek
ad95fd1d2b journal-remote: add units and read certs from default locations 2014-07-15 22:23:49 -04:00
Lennart Poettering
13ba92e046 tmpfiles: explicitly set mode for /run/log 2014-06-30 19:53:10 +02:00
Lennart Poettering
6fc2766795 tmpfiles: don't do automatic cleanup in $XDG_RUNTIME_DIR
Now that logind will clean up all IPC resources of a user we should
really consider $XDG_RUNTIME_DIR as just another kind of IPC with the
same life-cycle logic as the other IPC resources. This should be safe
now to do since every user gets his own $XDG_RUNTIME_DIR tmpfs instance
with a fixed size limit, so that flooding of it will more effectively be
averted.
2014-06-30 19:06:18 +02:00
Lennart Poettering
a45e6ef38f tmpfiles: automatically clean up /var/lib/systemd/coredump after 3d 2014-06-19 00:00:24 +02:00
Lennart Poettering
7613d0aec9 tmpfiles: remove line for automatic clean-ups for /var/cache/man/
Management of /var/cache/man should move to the distribution package
owning the directory (for example, man-db). As man pages are a
non-essential part of the system and unnecessary for minimal setups,
there's no point in having systemd ship these lines.

Distribution packages should make sure the appropriate package for their
distribution adopts this line. Ideally, the line is adopted by the
upstream package.

For Fedora I have filed this bug:

https://bugzilla.redhat.com/show_bug.cgi?id=1110274
2014-06-17 13:00:39 +02:00
Lennart Poettering
2e78fa79bb tmpfiles: add new "L+" command as stronger version of "L", that removes the destination before creating a symlink
Also, make use of this for mtab as long as mount insists on creating it
even if we invoke it with "-n".
2014-06-16 13:21:07 +02:00
Lennart Poettering
d4c6d50a2a tmpfiles: create /etc/resolv.conf as link to networkd's version, if it doesn't exist
If /etc/resolv.conf doesn't exist it's better than nothing to make it
point to networkd's version.
2014-06-15 23:39:49 +02:00
Lennart Poettering
6d1d50f081 tmpfiles: always use relative symlinks from tmpfiles snippets 2014-06-13 20:11:59 +02:00
Lennart Poettering
55745f2054 tmpfiles: add minimal tmpfiles snippet to rebuild the most essential stuff from /etc 2014-06-13 13:29:25 +02:00
Lennart Poettering
176f2acf8d tmpfiles: don't allow read access to journal files to users not in systemd-journal
Also, don't apply access mode recursively to /var/log/journal/*/, since
that might be quite large, and should be correct anyway.
2014-06-11 10:29:01 +02:00
Lennart Poettering
1b77b581eb tmpfiles: don't apply sgid and executable bit to journal files, only the directories they are contained in 2014-06-11 10:15:07 +02:00
Lennart Poettering
1ebab2103d tmpfiles: if /var is mounted from tmpfs, we should adjust its access mode 2014-06-11 09:20:17 +02:00
Lennart Poettering
9339db7187 tmpfiles: always recreate the most basic directory structure in /var
Let's allow booting up with /var empty. Only create the most basic
directories to get to a working directory structure and symlink set in
/var.
2014-06-11 00:12:21 +02:00
Lennart Poettering
e73a03e059 tmpfiles: get rid of "m" lines, make them redundant by "z"
"m" so far has been a non-globbing version of "z". Since this makes it
quite redundant, let's get rid of it. Remove "m" from the man pages,
beef up "z" docs instead, and make "m" nothing more than a compatibility
alias for "z".
2014-06-10 23:42:16 +02:00
Tom Gundersen
85b5673b33 networkd: split runtime config dir from state dir
Configuration will be in

root:root /run/systemd/network

and state will be in

systemd-network:systemd-network /run/systemd/netif

This matches what we do for logind's seat/session state.
2014-06-03 18:58:00 +02:00
Tom Gundersen
01501939d5 tmpfiles: systemd.conf - fix ownership of network directories 2014-06-02 15:06:32 +02:00
Kay Sievers
52ffb444cb timesyncd: order after tmpfiles to get a working network monitor 2014-05-22 07:57:33 +09:00
Lennart Poettering
c5abff7304 network: always create /run/systemd/network/links
This ways the networkd client library should work even if networkd is
not running.

http://lists.freedesktop.org/archives/systemd-devel/2014-May/019242.html
2014-05-16 15:58:06 +02:00
Greg KH
a606871da5 tmpfiles: fix permissions on new journal files
When starting up journald on a new system, set the proper permissions on
the system.journal files, not only on the journal directory.
2014-04-17 23:58:12 -04:00
Zbigniew Jędrzejewski-Szmek
c4708f1323 tmpfiles: introduce the concept of unsafe operations
Various operations done by systemd-tmpfiles may only be safely done at
boot (e.g. removal of X lockfiles in /tmp, creation of /run/nologin).
Other operations may be done at any point in time (e.g. setting the
ownership on /{run,var}/log/journal). This distinction is largely
orthogonal to the type of operation.

A new switch --unsafe is added, and operations which should only be
executed during bootup are marked with an exclamation mark in the
configuration files. systemd-tmpfiles.service is modified to use this
switch, and guards are added so it is hard to re-start it by mistake.

If we install a new version of systemd, we actually want to enforce
some changes to tmpfiles configuration immediately. This should now be
possible to do safely, so distribution packages can be modified to
execute the "safe" subset at package installation time.

/run/nologin creation is split out into a separate service, to make it
easy to override.

https://bugzilla.redhat.com/show_bug.cgi?id=1043212
https://bugzilla.redhat.com/show_bug.cgi?id=1045849
2013-12-24 15:48:06 -05:00
Lennart Poettering
6b46ea73e3 namespace: include boot id in private tmp directories
This way it is easy to only exclude directories from the current boot
from automatic clean up in /var/tmp.

Also, pick a longer name for the directories so that are globs in
tmp.conf can be simpler yet equally accurate.
2013-12-13 04:06:43 +01:00
Zbigniew Jędrzejewski-Szmek
87267de89d tmpfiles: adjust excludes for the new per-service private dirs
In d8c9d3a (systemd: use unit name in PrivateTmp directories)
I forgot to update the tmpfiles config.
2013-11-16 17:30:58 -05:00
Dave Reisner
7074fecf67 tmpfiles.d: include setgid perms for /run/log/journal
4608af4333 set permissions for journal storage on persistent disk
but not the volatile storage.

ref: https://bugs.archlinux.org/task/37170
2013-10-02 15:35:16 -04:00
Michael Scherer
edcfd89ad0 Add a bit more explicit message, to help confused users
Seeing http://www.happyassassin.net/2013/09/27/further-sysadmin-adventures-wheres-my-freeipa-badge/
it seems that the default message is a bit confusing for people
who never encountered it before, so adding a link to the manpage could
help them.
2013-09-27 15:59:42 +02:00
Lennart Poettering
4608af4333 journald: avoid NSS in journald
In order to avoid a deadlock between journald looking up the
"systemd-journal" group name, and nscd (or anyother NSS backing daemon)
logging something back to the journal avoid all NSS in journald the same
way as we avoid it from PID 1.

With this change we rely on the kernel file system logic to adjust the
group of created journal files via the SETGID bit on the journal
directory. To ensure that it is always set, even after the user created
it with a simply "mkdir" on the shell we fix it up via tmpfiles on boot.
2013-09-17 16:55:37 -05:00
Lennart Poettering
1ee306e124 machined: split out machine registration stuff from logind
Embedded folks don't need the machine registration stuff, hence it's
nice to make this optional. Also, I'd expect that machinectl will grow
additional commands quickly, for example to join existing containers and
suchlike, hence it's better keeping that separate from loginctl.
2013-07-02 03:47:23 +02:00
Zbigniew Jędrzejewski-Szmek
d34cd37490 Make PrivateTmp dirs also inaccessible from the outside
Currently, PrivateTmp=yes means that the service cannot see the /tmp
shared by rest of the system and is isolated from other services using
PrivateTmp, but users can access and modify /tmp as seen by the
service.

Move the private /tmp and /var/tmp directories into a 0077-mode
directory. This way unpriviledged users on the system cannot see (or
modify) /tmp as seen by the service.
2013-03-20 14:08:41 -04:00
Zbigniew Jędrzejewski-Szmek
b08131ec17 tmpfiles: exclude /var/tmp/systemd-private-* too 2013-01-26 10:52:32 -05:00
Zbigniew Jędrzejewski-Szmek
e4ac004c12 tmpfiles: exclude /tmp/systemd-private-* from cleanup
See http://thread.gmane.org/gmane.comp.sysutils.systemd.devel/6874/focus=6891
Should fix https://bugzilla.redhat.com/show_bug.cgi?id=866693
2013-01-25 11:46:58 -05:00
Michał Bartoszkiewicz
610d99284f tmpfiles: do not make /run/nologin executable 2013-01-19 02:11:41 +01:00
Tom Gundersen
9261bb7c50 tmpfiles: move legacy flag-files handling to legacy.conf 2013-01-07 15:21:36 +01:00
Lennart Poettering
61beaf818b tmpfiles: write /run/nologin during early boot to disallow too early user logins
systemd-user-sessoins.service will later on remove the flag file, thus
permitting user logins when the time has come.
2012-06-25 17:35:13 +02:00
Lennart Poettering
24f3a374b9 tmpfiles: exclude the first level directories in /run/user from automatic clean up
It's logind's job to maintain those user dirs, so avoid automatic clean
up for them. However, we do cover everything within them.
2012-06-20 09:05:50 +02:00
Lennart Poettering
5430f7f2bc relicense to LGPLv2.1 (with exceptions)
We finally got the OK from all contributors with non-trivial commits to
relicense systemd from GPL2+ to LGPL2.1+.

Some udev bits continue to be GPL2+ for now, but we are looking into
relicensing them too, to allow free copy/paste of all code within
systemd.

The bits that used to be MIT continue to be MIT.

The big benefit of the relicensing is that closed source code may now
link against libsystemd-login.so and friends.
2012-04-12 00:24:39 +02:00
Lennart Poettering
04ebb59567 shutdownd: rework interface, allow subscribing to scheduled shutdowns
This extends the shutdownd interface to expose schedule shutdown
information in /run/systemd/shutdown/schedule.

This also cleans up the shutdownd protocol and documents it in a header
file sd-shutdown.h.

This is supposed to be used by client code that wants to control and
monitor scheduled shutdown.
2012-04-11 02:04:46 +02:00
Lennart Poettering
87d2c1ff6a journal: add preliminary incomplete implementation 2011-10-07 22:02:05 +02:00
Josh Triplett
f08fce8820 tmpfiles: Move /tmp and /var/tmp to a separate tmpfiles.d file to ease overrides via /etc
Many people prefer to avoid clearing /tmp and /var/tmp, and
distributions often have explicit settings for how often to clear them
if at all.  Overriding those with systemd currently requires overriding
all of /usr/lib/tmpfiles.d/systemd.conf via
/etc/tmpfiles.d/systemd.conf, copying across all the other entries, and
updating that override when systemd.conf changes.

Move the /tmp and /var/tmp entries from systemd.conf to a separate
tmp.conf, making them easier to override without affecting the rest of
systemd.conf.
2011-08-24 20:39:33 +02:00
Josh Triplett
3b09f343fe tmpfiles: Remove X11 lock files for displays :10 and higher too 2011-08-24 02:35:02 +02:00
Lennart Poettering
034a2a52ac sd-login: beef up login api, to add monitoring and enumerating 2011-07-22 21:01:15 +02:00
Lennart Poettering
0e456f9781 path: optionally, create watched directories in .path units 2011-04-10 01:30:14 +02:00
Kay Sievers
5b75435328 move /var/lock to HAVE_SYSV_COMPAT 2011-04-03 22:09:25 +02:00
Lennart Poettering
cca4aeeead tmpfiles: split off rules for legacy systems into legacy.conf 2011-04-02 01:08:31 +02:00
Lennart Poettering
e1ab991283 tmpfiles: enforce new /var/lock semantics
http://lists.freedesktop.org/archives/systemd-devel/2011-March/001823.html
2011-04-01 00:43:28 +02:00
Kay Sievers
6f4ed5203a tmpfiles fix /run/lock permissions
<mbiebl> kay: just wondering: d /run/lock 0755 root lock -
<mbiebl> shouldn't that rather be 0775?
<mbiebl> otherwise it doesn't make sense
2011-03-29 00:15:14 +02:00
Kay Sievers
2b583ce657 use /run instead of /dev/.run
Instead of the /dev/.run trick we have currently implemented, we decided
to move the early-boot runtime dir to /run.

An existing /var/run directory is bind-mounted to /run. If /var/run is
already a symlink, no action is taken.

An existing /var/lock directory is bind-mounted to /run/lock.
If /var/lock is already a symlink, no action is taken.

To implement the directory vs. symlink logic, we have a:
  ConditionPathIsDirectory=
now, which is used in the mount units.

Skipped mount unit in case of symlink:
  $ systemctl status var-run.mount
  var-run.mount - Runtime Directory
    Loaded: loaded (/lib/systemd/system/var-run.mount)
    Active: inactive (dead)
            start condition failed at Fri, 25 Mar 2011 04:51:41 +0100; 6min ago
     Where: /var/run
      What: /run
    CGroup: name=systemd:/system/var-run.mount

The systemd rpm needs to make sure to add something like:
  %pre
  mkdir -p -m0755 /run >/dev/null 2>&1 || :
or it needs to be added to filesystem.rpm.

Udev -git already uses /run if that exists, and is writable at bootup.
Otherwise it falls back to the current /dev/.udev.

Dracut and plymouth need to be adopted to switch from /dev/.run to run
too.

Cheers,
Kay
2011-03-28 23:00:00 +02:00
Lennart Poettering
a49728dc8c tmpfiles: simplify default tmpfiles configuration by using globs 2011-02-13 15:11:28 +01:00
Lennart Poettering
b0734b235f tmpfiles: include reference to man page in tmpfiles files 2010-11-10 23:58:01 +01:00
Bill Nottingham
4d91b19eb6 tmpfiles: Don't clean /var/lock/subsys; it is not aged content
It will get 'cleaned' on boot due to being tmpfs anyway.
2010-10-25 23:25:51 +02:00
Bill Nottingham
f448d9e7c4 tmpfiles: Make wtmp match utmp perms, and add btmp. 2010-10-25 22:21:56 +02:00
Lennart Poettering
e10fe9ffea tmpfiles: remove forcefsck/fastboot flag files after boot 2010-10-19 19:35:04 +02:00
Lennart Poettering
3b63d2d31d tmpfiles: integrate kay's directory cleanup code and otherwise beef up tmpfiles quite a bit 2010-10-18 22:38:41 +02:00
Lennart Poettering
34c8deaae1 tmpfiles: install default tmpfiles configuration 2010-09-28 22:32:53 +02:00