1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-22 13:33:56 +03:00
Commit Graph

395 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
5486a31d28 nss-resolve: drop the internal fallback to libnss_dns (#5945)
If we could not communicate with systemd-resolved, we would call into
libnss_dns. libnss_dns would return NOTFOUND for stuff like "localhost" and
other names resolved by nss-myhostname, which we would fall under the !UNAVAIL=
condition and cause resolution to fail. So the following recommended
configuration in nsswitch.conf would not work:

   hosts: resolve [!UNAVAIL=return] dns myhostname

Remove the internal fallback code completely so that the fallback logic
can be configured in nsswitch.conf.

Tested with
   hosts: resolve [!UNAVAIL=return] myhostname
and
   hosts: resolve [!UNAVAIL=return] dns myhostname

Fixes #5742.
2017-05-12 14:31:46 +02:00
Philip Withnall
46ae28d8c3 man: Fix reference to timer-sync.target instead of time-sync.target (#5764)
Also fix an erroneous reference to it in the NEWS file, for posterity.

Signed-off-by: Philip Withnall <withnall@endlessm.com>
2017-04-20 12:34:26 +02:00
Lennart Poettering
4f5e972279 README: document that gperf 3.1 is required for building now 2017-03-30 11:54:23 +02:00
Lucas Werkmeister
c1ec34d1db NEWS: fix word (#5514) 2017-03-01 19:08:32 -05:00
Lennart Poettering
d60c527009 NEWS: 'systemd' is always spelt with a lowercase 's' 2017-03-01 22:43:06 +01:00
Zbigniew Jędrzejewski-Szmek
4dfe64f856 NEWS: add note about 'make install-tests' (#5512) 2017-03-01 22:29:38 +01:00
Zbigniew Jędrzejewski-Szmek
23eb30b33e NEWS: reorder entries by subject, fix some typos and descriptions (#5511)
This doesn't add anything major, but moves some stuff around.
In particular changes which might require updates to the build
environment (new kernel requirements, cgroup stuff, dbus, etc)
are moved to the top, where it's most likely that people will
read them. In particular cgroup hierarchy changes are moved to the
top because they're most likely to be problematic.

Various items are grouped by subject where it's easy.

The description of list-jobs --after/--before was reversed.
2017-03-01 22:14:12 +01:00
Lennart Poettering
a2b53448e4 update NEWS for v233 (#5503) 2017-03-01 11:21:29 -05:00
Thomas H. P. Andersen
3b31c46634 NEWS: fix typo (#5453) 2017-02-25 09:19:26 -05:00
Lennart Poettering
05f426d2b8 NEWS: add a comment about udev's MemoryDenyWriteExecute= setting (#5414)
Apparently if people are adventurous enought to run Go programs in udev
rules they might run into problems with MemoryDenyWriteExecute=.

I am pretty sure the best way out is for the toolchain generating
programs incompatible with W^X to be fixed, but this still deserves
documentation.

This was forgotten for the 232 release, hence add it now, retroactively.

See: #5400
2017-02-21 19:36:12 -05:00
Lennart Poettering
85266f9bba NEWS: document ExecStartPost change in NEWS (#5415)
Follow up for #4843.

Taking @joukewitteveen's suggestion into account:
https://github.com/systemd/systemd/pull/4843#issuecomment-280306811
2017-02-21 15:00:09 -05:00
AsciiWolf
c6749ba52c NEWS, README: use www prefix in freedesktop.org URLs 2017-02-21 18:26:23 +01:00
Zbigniew Jędrzejewski-Szmek
2e98288b15 Merge pull request #5410 from AsciiWolf/https-urls
Use https:// in URLs when possible.
2017-02-21 11:27:10 -05:00
AsciiWolf
56cadcb6e3 NEWS: use https:// in URLs 2017-02-21 16:03:04 +01:00
Martin Pitt
baf327864a NEWS: fix typos, grammar, and small errors (#5407) 2017-02-21 09:41:44 -05:00
Lennart Poettering
d08ee7cbea start putting together a NEWS entry for 233 2017-02-21 13:59:23 +01:00
Lennart Poettering
631b676bb7 core: explicitly verify that BindsTo= deps are in order before dispatch start operation of a unit
Let's make sure we verify that all BindsTo= are in order before we actually go
and dispatch a start operation to a unit. Normally the job queue should already
have made sure all deps are in order, but this might not have been sufficient
in two cases: a) when the user changes deps during runtime and reloads the
daemon, and b) when the user placed BindsTo= dependencies without matching
After= dependencies, so that we don't actually wait for the bound to unit to be
up before upping also the binding unit.

See: #4725
2017-02-14 13:38:24 +01:00
Dmitry Rozhkov
fa8b449994 resolve: mention added mDNS support in NEWS
Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
2017-01-19 11:51:21 +02:00
Zbigniew Jędrzejewski-Szmek
6b3d378331 Merge pull request #4879 from poettering/systemd 2017-01-14 21:29:27 -05:00
Mike Gilbert
fb7c4eff7b NEWS: describe DBus policy move (#4999)
Text as provided by zbyszek in 52b2f6b3.
2016-12-30 14:52:36 +01:00
Lennart Poettering
5cfc0a8461 build-sys: don't mke use of "sushell" automatically
"sushell" is a Fedora-specific concept, shipped as part of
"initscripts". We shouldn't actively search for it if we can avoid it.
Hence, lets now default to /bin/sh as debug shell on all systems, and
permit Fedora to override that for their RPMs via --with-debug-shell= at
configure time.
2016-12-20 20:23:40 +01:00
Jouke Witteveen
8e458bfe4e NEWS: mention more aggressive failing of notify services 2016-11-29 23:20:04 +01:00
Franck Bui
b0eb29449e core: add 'c' in confirmation_spawn to resume the boot process 2016-11-17 18:16:50 +01:00
Franck Bui
56fde33af1 core: add 'j' in confirmation_spawn to list the jobs that are in progress 2016-11-17 18:16:50 +01:00
Franck Bui
dd6f9ac0d0 core: add 'D' in confirmat spawn to show a full dump of the unit to spawn 2016-11-17 18:16:50 +01:00
Franck Bui
eedf223a30 core: add 'i' in confirm spawn to give a short summary of the unit to spawn 2016-11-17 18:16:50 +01:00
Franck Bui
d172b175f6 core: rework the confirmation spawn prompt
Previously it was "[Yes, Fail, Skip]" which is pretty misleading because it
suggests that the whole word needs to be entered instead of a single char.

Also this won't fit well when we'll extend the number of choices.

This patch addresses this by changing the choice hint with "[y, f, s – h for help]"
so it's now clear that a single letter has to be entered.

It also introduces a new choice 'h' which describes all possible choices since
a single letter can be not descriptive enough for new users.

It also allow to stick with the same hint string regardless of how
many choices we will support.
2016-11-17 18:16:50 +01:00
Franck Bui
2bcc330942 core: in confirm_spawn, the meaning of 'n' and 's' choices are confusing
Before this patch we had:

 - "no" which gives "failing execution" but the command is actually assumed as
   succeed.

 - "skip" which gives "skipping", but the command is assumed to have failed,
   which ends up with "Failed to start ..." on the console.

Now we have:

 - "fail" which gives "failing execution" and the command is indeed assumed as
   failed.

 - "skip" which gives "skipping execution" and the command is assumed as
   succeed.
2016-11-17 18:16:49 +01:00
Lennart Poettering
54b24597b8 final NEWS update for 232 (#4558)
let's get this out today!
2016-11-03 08:56:26 -06:00
Lennart Poettering
b4eed568b9 add two additional entries to NEWS 2016-11-02 16:02:12 -06:00
Lennart Poettering
07393b6ea9 NEWS: add contributor list to news file
Unfortunately, github drops the original commiter when a PR is "squashed" (even
if it is only a single commit) and replaces it with some rubbish
github-specific user id. Thus, to make the contributors list somewhat useful,
update the .mailmap file and undo all the weirdness github applied there.
2016-11-02 15:52:57 -06:00
Lennart Poettering
4c37970d77 update NEWS file a bit more 2016-10-25 12:19:13 +02:00
Lennart Poettering
171ae2cd86 Various additions to NEWS 2016-10-24 17:41:52 +02:00
Jakub Wilk
ce830873f0 NEWS: fix typos 2016-10-22 13:18:17 +02:00
Djalal Harouni
e49e2c25f3 NEWS: option is ProtectKernelTunables not ProtectedKernelTunables (#4451) 2016-10-21 18:43:36 -04:00
Djalal Harouni
6fa441140e NEWS: update NEWS about ProtectKernelModules= option (#4445) 2016-10-21 13:25:23 +02:00
Zbigniew Jędrzejewski-Szmek
24597ee0e6 nspawn, NEWS: add missing "s" in --private-users-chown (#4438) 2016-10-21 06:03:26 +03:00
Yu Watanabe
94f42fe3a6 units: systemd-udevd: add AF_INET and AF_INET6 to RestrictAddressFamilies= (#4296)
The udev builtin command `net_setup_link` requires AF_INET and AF_INET6.

Fixes #4293.
2016-10-06 15:40:53 +02:00
Thomas H. P. Andersen
d4c08299f2 NEWS: typo fixes (#4285) 2016-10-04 20:41:46 +02:00
Lucas Werkmeister
1f4f4cf76c Typo (mathesmatches) (#4283) 2016-10-04 15:53:16 +02:00
Martin Pitt
bbe4743ba7 Merge pull request #4273 from keszybz/docs
Routing-domains-manpage tweak and NEWS update
2016-10-04 15:34:08 +02:00
Elias Probst
05ecf467ee Typo (virtiualizationvirtualization) (#4281) 2016-10-04 14:37:28 +02:00
Zbigniew Jędrzejewski-Szmek
4a77c53d64 NEWS: add another batch of entries 2016-10-03 07:36:59 -04:00
Lennart Poettering
1ecdba149b NEWS: update news about systemd-udevd.service 2016-09-25 10:52:57 +02:00
Zbigniew Jędrzejewski-Szmek
4ffe24797c NEWS: add a bunch of stuff for the 232 release (#4132)
This does not include the description of the mixed v1/v2 mode, but
everything important apart from that should be covered.
2016-09-14 07:40:02 +02:00
Zbigniew Jędrzejewski-Szmek
76153ad45f journald: deprecate SplitMode=login (#3805)
In this mode, messages from processes which are not part of the session
land in the main journal file, and only output of processes which are
properly part of the session land in the user's journal. This is
confusing, in particular because systemd-coredump runs outside of the
login session.

"Deprecate" SplitMode=login by removing it from documentation, to
discourage people from using it.
2016-07-26 08:19:33 +02:00
Lennart Poettering
38b383d9fe build-sys: metadata updates for v231 (#3803) 2016-07-25 15:49:47 -04:00
Lennart Poettering
26598be814 Merge pull request #3798 from keszybz/news-and-man-tweaks
News and man tweaks
2016-07-25 17:24:35 +02:00
Lennart Poettering
43eb109aa9 core: change ExecStart=! syntax to ExecStart=+ (#3797)
As suggested by @mbiebl we already use the "!" special char in unit file
assignments for negation, hence we should not use it in a different context for
privileged execution. Let's use "+" instead.
2016-07-25 16:53:33 +02:00
Zbigniew Jędrzejewski-Szmek
1ecbf32ff8 NEWS: reword the text about libshared
"strict versioned dependency" suggests that version "231" of the library
is stable. But the ABI or API might be changed in any patch, so reword
the text to avoid using "version".
2016-07-25 10:47:37 -04:00
Lennart Poettering
0f1da52b5e NEWS: document the new shared library for internal code 2016-07-25 15:27:10 +02:00
Lennart Poettering
fec46f48b6 NEWS: update mailmap to bring NEWS and "make git-contrib" in line
Let's make sure that "make git-contrib" prints a useful contributors list
directly useful for NEWS and fixes up contributors's IDs a bit.
2016-07-25 15:03:46 +02:00
Zbigniew Jędrzejewski-Szmek
43a569a18b NEWS: more stuff for v231 (#3786) 2016-07-23 10:11:30 +02:00
Zbigniew Jędrzejewski-Szmek
771de3f506 NEWS: remove duplicate names and fix a few typos 2016-07-22 21:40:46 -04:00
Lennart Poettering
fcd30826d4 Populate NEWS a bit, in preparation for v231
(Note complete yet.)
2016-07-22 20:18:34 +02:00
Michael Biebl
595bfe7df2 Various fixes for typos found by lintian (#3705) 2016-07-12 12:52:11 +02:00
Torstein Husebø
61233823aa treewide: fix typos and remove accidental repetition of words 2016-07-11 16:18:43 +02:00
Torstein Husebø
6dd6a9c493 treewide: fix typos 2016-07-04 17:10:23 +02:00
Martin Pitt
ceeddf79b8 resolved: add option to disable caching (#3592)
In some cases, caching DNS results locally is not desirable, a it makes DNS
cache poisoning attacks a tad easier and also allows users on the system to
determine whether or not a particular domain got visited by another user. Thus
provide a new "Cache" resolved.conf option to disable it.
2016-06-24 07:54:28 +02:00
Martin Pitt
5cd118bab0 NEWS: start section for 231, with tmpfs.mount option changes (#3576)
This documents the "add nosuid and nodev options to tmp.mount" change from
commit 2f9df7c96a.
2016-06-22 13:22:47 +02:00
Evgeny Vereshchagin
856ca72b29 tests: introduce UNIFIED_CGROUP_HIERARCHY (#3419)
There are many cgroups-related changes (thanks, @htejun!)
This commit will simplify testing a bit.

Use:
make run UNIFIED_CGROUP_HIERARCHY=yes to enable cgroup-v2
make run UNIFIED_CGROUP_HIERARCHY=no to enable cgroup-v1
2016-06-03 11:17:00 +02:00
Zbigniew Jędrzejewski-Szmek
0053598f36 Typo fix: s/advertisment/advertisement/ 2016-05-28 11:50:37 -04:00
Ansgar Burchardt
e81f253967 Typo: systemd-nspaw -> systemd-nspawn (#3354) 2016-05-26 10:44:35 +02:00
Dave Reisner
4f9020fa10 Mention initrd-root-device.target in NEWS (#3325) 2016-05-23 10:31:47 +02:00
Zbigniew Jędrzejewski-Szmek
46e40fab2b NEWS: final updates for v230 2016-05-21 18:31:29 -04:00
Thomas H. P. Andersen
188d308203 NEWS: typo fix and american english (#3301) 2016-05-20 15:04:01 +02:00
Zbigniew Jędrzejewski-Szmek
e75690c389 NEWS: mention SessionsMax, InhibitorsMax, MulticastSnooping...
... logind SIGHUP support, sd_journal_open_{directory,files}_fd,
specifiers in DeviceAllow, "generated" and "trasnient" unit types.

Move removed features to the end and cluster features by type.
2016-05-19 00:20:41 -04:00
Clemens Gruber
77ff6022fa networkd: Add EmitRouter= option for DHCP Server (#3251)
Add an option to disable appending DHCP option 3 (Router) to the DHCP
OFFER and ACK packets.
This commit adds the boolean option EmitRouter= for the [DHCPServer]
section in .network files.

Rationale: On embedded devices, it is very useful to have a DHCP server
running on an USB OTG ethernet gadget interface to avoid manual setup on
the client PCs, but it should only serve IP addresses, no route(r)s.
Otherwise, Windows clients experience network connectivity issues, due
to them using the address set in DHCP option 3 as default gateway.

Signed-off-by: Clemens Gruber <clemens.gruber@pqgruber.com>
2016-05-17 19:34:25 -04:00
Lennart Poettering
999a43f80a update NEWS 2016-05-16 23:07:08 +02:00
Lennart Poettering
25b0e6cb99 update TODO 2016-05-16 22:18:39 +02:00
Thomas H. P. Andersen
977f2beaf2 NEWS: typo fix and american english (#3219) 2016-05-07 17:52:31 -04:00
Zbigniew Jędrzejewski-Szmek
8951eaec50 NEWS: machinectl and loginctl also support --value 2016-05-07 11:43:39 -04:00
Daniele Medri
030bd8397a NEWS: minor fixes 2016-05-07 05:00:12 +02:00
Lennart Poettering
e40a326cef NEWS: bring NEWS a bit up-to-date 2016-05-06 16:55:44 +02:00
Zbigniew Jędrzejewski-Szmek
ccddd104fc tree-wide: use mdash instead of a two minuses 2016-04-21 23:00:13 -04:00
Lennart Poettering
52b9b66b7d Merge pull request #3005 from keszybz/kill-user-proceses
Kill user session scope by default
2016-04-21 12:29:36 +02:00
Zbigniew Jędrzejewski-Szmek
152199f2d7 logind: allow any user to request lingering
We enable lingering for anyone who wants this. It is still disabled by
default to avoid keeping long-running processes accidentally.
Admins might want to customize this policy on multi-user sites.
2016-04-21 00:21:33 -04:00
Zbigniew Jędrzejewski-Szmek
95365a576f build-sys: add --without-kill-user-processes configure option 2016-04-21 00:21:32 -04:00
Zbigniew Jędrzejewski-Szmek
97e5530cf2 logind: flip KillUserProcesses to on by default
This ensures that users sessions are properly cleaned up after.
The admin can still enable or disable linger for specific users to allow
them to run processes after they log out. Doing that through the user
session is much cleaner and provides better control.

dbus daemon can now be run in the user session (with --enable-user-session,
added in 1.10.2), and most distributions opted to pick this configuration.
In the normal case it makes a lot of sense to kill remaining processes.
The exception is stuff like screen and tmux. But it's easy enough to
work around, a simple example was added to the man page in previous
commit. In the long run those services should integrate with the systemd
users session on their own.

https://bugs.freedesktop.org/show_bug.cgi?id=94508
https://github.com/systemd/systemd/issues/2900
2016-04-21 00:21:32 -04:00
Lennart Poettering
d5bd92bbbe README: document that we only support util-linux built with --enable-libmount-force-mountinfo
Fixes: #2978
2016-04-12 13:43:33 +02:00
Zbigniew Jędrzejewski-Szmek
96515dbf44 NEWS: add some more items
DUID support is mentioned without details since those are still
being worked out.
2016-04-03 13:16:17 -04:00
Elias Probst
f59dba2654 Reference correct machinectl command in 219 NEWS
NEWS for `219` references `machinectl list-images` to describe the introduced clone feature - this looks like a copy'n'paste problem.
Use `machinectl clone` instead.
2016-03-16 09:23:31 +01:00
Torstein Husebø
96d4901149 treewide: fix typos and then/that use 2016-02-24 11:56:11 +01:00
Lennart Poettering
61ecb465b1 resolved: turn on DNSSEC by default, unless configured otherwise
Let's make sure DNSSEC gets more testing, by defaulting DNSSEC to
"allow-downgrade" mode. Since distros should probably not ship DNSSEC enabled
by default add a configure switch to disable this again.

DNSSEC in "allow-downgrade" mode should mostly work without affecting user
experience. There's one exception: some captive portal systems rewrite DNS in
order to redirect HTTP traffic to the captive portal. If these systems
implement DNS servers that are otherwise DNSSEC-capable (which in fact is
pretty unlikely, but still...), then this will result in the captive portal
being inaccessible. To fix this support in NetworkManager (or any other network
management solution that does captive portal detection) is required, which
simply turns off DNSSEC during the captive portal detection, and resets it back
to the default (i.e. on) after captive portal authentication is complete.
2016-02-16 15:22:05 +01:00
Zbigniew Jędrzejewski-Szmek
7f6e804332 Promote systemd-activate to /usr/bin/systemd-socket-activate
It has fairly wide functionality now and the interface has been
stable for a while. It it a useful testing tool.

The name is changed to better indicate what it does.
2016-02-14 20:33:32 -05:00
Zbigniew Jędrzejewski-Szmek
ed5f884090 NEWS: journal device support is limited to current boot, grammar
Reword some sentences for better flow.
2016-02-11 21:50:42 -05:00
Lennart Poettering
3545ab3501 fill in contributors list in NEWS 2016-02-11 13:02:35 +01:00
Lennart Poettering
926db6521b Merge pull request #2574 from zonque/netclass-remove
cgroup: remove support for NetClass= directive
2016-02-10 17:03:00 +01:00
Daniel Mack
50f48ad37a cgroup: remove support for NetClass= directive
Support for net_cls.class_id through the NetClass= configuration directive
has been added in v227 in preparation for a per-unit packet filter mechanism.
However, it turns out the kernel people have decided to deprecate the net_cls
and net_prio controllers in v2. Tejun provides a comprehensive justification
for this in his commit, which has landed during the merge window for kernel
v4.5:

  https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bd1060a1d671

As we're aiming for full support for the v2 cgroup hierarchy, we can no
longer support this feature. Userspace tool such as nftables are moving over
to setting rules that are specific to the full cgroup path of a task, which
obsoletes these controllers anyway.

This commit removes support for tweaking details in the net_cls controller,
but keeps the NetClass= directive around for legacy compatibility reasons.
2016-02-10 16:38:56 +01:00
Lennart Poettering
a7c723c0c0 update NEWS 2016-02-10 16:34:11 +01:00
Martin Pitt
8968aea0fb NEWS: Various clarification and grammar fixes 2016-02-10 13:51:10 +01:00
Lennart Poettering
d5f8b2952a NEWS: start putting together a NEWS file for 229
Totally incomplete, but let's get this started.
2016-02-10 12:29:38 +01:00
Martin Pitt
61f32bff61 tmpfiles: drop /run/lock/lockdev
Hardly any software uses that any more, and better locking mechanisms like
flock() have been available for many years.

Also drop the corresponding "lock" group from sysusers.d/basic.conf.in, as
nothing else is using this.
2016-02-01 12:16:24 +01:00
Lennart Poettering
ddb4b0d3eb NEWS: add in missing NEWS entry for 228 feature RemainAfterElapse= 2015-11-18 17:04:04 +01:00
David Herrmann
dd050decb6 build: bump version numbers
Prepare for v228 release and bump version numbers.
2015-11-18 08:59:06 +01:00
Lennart Poettering
f1f8a5a5e1 Some additions to NEWS 2015-11-17 01:31:42 +01:00
Thomas Hindoe Paaboel Andersen
815bb5bd56 NEWS: typo fixes 2015-11-15 17:30:33 +01:00
Lennart Poettering
b9e2f7eb00 NEWS: document two more changes in behaviour 2015-11-13 14:59:25 +01:00
Lennart Poettering
28c85daf0a NEWS: add more stuff, and reorder things a bit 2015-11-13 13:59:50 +01:00
Lennart Poettering
a11c7ea52c NEWS: begin putting together a NEWS section for the next release 2015-11-12 13:40:25 +01:00