1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-11 05:17:44 +03:00
Commit Graph

1072 Commits

Author SHA1 Message Date
Lennart Poettering
042e33ae3a rpm: add RPM macro for creating tmpfiles entries after package installation 2013-07-16 18:54:03 +02:00
Zbigniew Jędrzejewski-Szmek
a65f06bb27 journal: return -ECHILD after a fork
A few asserts are replaced with 'return -EINVAL'. I think that
assert should not be used to check argument in public functions.

Fields in struct sd_journal are rearranged to make it less
swiss-cheesy.
2013-07-16 12:09:48 -04:00
Jan Janssen
a331b5e6d4 journalctl: Add support for showing messages from a previous boot
Hi,

I redid the boot ID look up to use enumerate_unique.

This is quite fast if the cache is warm but painfully slow if
it isn't. It has a slight chance of returning the wrong order if
realtime clock jumps around.

This one has to do n searches for every boot ID there is plus
a sort, so it depends heavily on cache hotness. This is in contrast
to the other way of look-up through filtering by a MESSAGE_ID,
which only needs about 1 seek + whatever amount of relative IDs
you want to walk.

I also have a linked-list + (in-place) mergesort version of this
patch, which has pretty much the same runtime. But since this one
is using libc sorting and armortized allocation, I prefer this
one.

To summarize: The MESSAGE_ID way is a *lot* faster but can be
incomplete due to rotation, while the enumerate+sort will find
every boot ID out there but will be painfully slow for large
journals and cold caches.

You choose :P

Jan
2013-07-16 17:38:12 +02:00
Lennart Poettering
18d4e7c26e update TODO 2013-07-16 17:37:49 +02:00
Lennart Poettering
36c0868b67 Update TODO 2013-07-16 14:27:32 +02:00
Shawn Landden
3a83211689 journal: add logging of effective capabilities _CAP_EFFECTIVE
I think this is the most important of the capabilities bitmasks to log.
2013-07-16 04:27:04 +02:00
Lennart Poettering
fa7deadb07 update TODO 2013-07-16 04:27:04 +02:00
Zbigniew Jędrzejewski-Szmek
77a9e8de65 man: add note about paging and colors to journalctl(1) 2013-07-15 21:34:57 -04:00
Lennart Poettering
d907c20867 update TODO 2013-07-15 23:55:27 +02:00
Lennart Poettering
248aa28ff2 update TODO 2013-07-15 23:55:27 +02:00
Lennart Poettering
47a1454f70 update TODO 2013-07-12 01:18:09 +02:00
Lennart Poettering
1e1ddecf40 update TODO 2013-07-11 21:30:19 +02:00
Lennart Poettering
c14901bdeb update TODO 2013-07-11 19:16:11 +02:00
Lennart Poettering
05b23cae8e update TODO 2013-07-11 18:49:53 +02:00
Lennart Poettering
049b4474b3 update TODO 2013-07-11 01:56:45 +02:00
Lennart Poettering
bafb15bab9 update TODO 2013-07-11 00:32:32 +02:00
Lennart Poettering
49998ede04 update TODO 2013-07-10 23:46:30 +02:00
Lennart Poettering
bdeeb6b543 update TODO 2013-07-10 23:41:03 +02:00
Tom Gundersen
edeb68c53f static-nodes: move creation of static nodes from udevd to tmpfiles
As of kmod v14, it is possible to export the static node information from
/lib/modules/`uname -r`/modules.devname in tmpfiles.d(5) format.

Use this functionality to let systemd-tmpfilesd create the static device nodes
at boot, and drop the functionality from systemd-udevd.

As an effect of this we can move from systemd-udevd to systemd-tmpfiles-setup-dev:

 * the conditional CAP_MKNOD (replaced by checking if /sys is mounted rw)
 * ordering before local-fs-pre.target (see 89d09e1b5c)
2013-07-08 21:26:24 +02:00
Kay Sievers
26306aed13 update TODO 2013-07-05 14:59:52 +02:00
Lennart Poettering
b0adb5468c update TODO 2013-07-04 01:09:04 +02:00
Lennart Poettering
174da5c5ca update TODO 2013-07-03 17:43:13 +02:00
Lennart Poettering
51da82a781 machined: fix bus path unescaping 2013-07-02 03:58:28 +02:00
Lennart Poettering
374ec6abf3 libsystemd-logind: fix detection of session/user/machine of a PID 2013-07-02 02:34:15 +02:00
Lennart Poettering
fb6becb443 logind: port over to use scopes+slices for all cgroup stuff
In order to prepare things for the single-writer cgroup scheme, let's
make logind use systemd's own primitives for cgroup management.

Every login user now gets his own private slice unit, in which his sessions
live in a scope unit each. Also, add user@$UID.service to the same
slice, and implicitly start it on first login.
2013-07-02 01:48:55 +02:00
Lennart Poettering
d28e9236e7 core: parse Slice= from the unit type specific unit file section
Since not all unit types know Slice= it belongs in the unit type
specific unit file section.
2013-07-01 02:52:17 +02:00
Lennart Poettering
6c12b52e19 core: add new "scope" unit type for making a unit of pre-existing processes
"Scope" units are very much like service units, however with the
difference that they are created from pre-existing processes, rather
than processes that systemd itself forks off. This means they are
generated programmatically via the bus API as transient units rather
than from static configuration read from disk. Also, they do not provide
execution-time parameters, as at the time systemd adds the processes to
the scope unit they already exist and the parameters cannot be applied
anymore.

The primary benefit of this new unit type is to create arbitrary cgroups
for worker-processes forked off an existing service.

This commit also adds a a new mode to "systemd-run" to run the specified
processes in a scope rather then a transient service.
2013-07-01 00:18:00 +02:00
Lennart Poettering
11ddb6f48e main: fix loading of default target 2013-06-28 18:37:15 +02:00
Lennart Poettering
c2756a6840 core: add transient units
Transient units can be created via the bus API. They are configured via
the method call parameters rather than on-disk files. They are subject
to normal GC. Transient units currently may only be created for
services (however, we will extend this), and currently only ExecStart=
and the cgroup parameters can be configured (also to be extended).

Transient units require a unique name, that previously had no
configuration file on disk.

A tool systemd-run is added that makes use of this functionality to run
arbitrary command lines as transient services:

$ systemd-run /bin/ping www.heise.de

Will cause systemd to create a new transient service and run ping in it.
2013-06-28 04:12:58 +02:00
Lennart Poettering
241da3287d unit: make sure the dropins we write are high-priority 2013-06-28 00:41:24 +02:00
Lennart Poettering
7041efe960 dbus: make DeviceAllow=/DevicePolicy= writable 2013-06-27 23:13:17 +02:00
Lennart Poettering
b42defe3b8 dbus: make more cgroup attributes runtime settable 2013-06-27 21:50:35 +02:00
Lennart Poettering
8e2af47840 dbus: add infrastructure for changing multiple properties at once on units and hook some cgroup attributes up to it
This introduces two bus calls to make runtime changes to selected bus
properties, optionally with persistence.

This currently hooks this up only for three cgroup atributes, but this
brings the infrastructure to add more changable attributes.

This allows setting multiple attributes at once, and takes an array
rather than a dictionary of properties, in order to implement simple
resetting of lists using the same approach as when they are sourced from
unit files. This means, that list properties are appended to by this
call, unless they are first reset via assigning the empty list.
2013-06-27 21:14:56 +02:00
Lennart Poettering
4ad490007b core: general cgroup rework
Replace the very generic cgroup hookup with a much simpler one. With
this change only the high-level cgroup settings remain, the ability to
set arbitrary cgroup attributes is removed, so is support for adding
units to arbitrary cgroup controllers or setting arbitrary paths for
them (especially paths that are different for the various controllers).

This also introduces a new -.slice root slice, that is the parent of
system.slice and friends. This enables easy admin configuration of
root-level cgrouo properties.

This replaces DeviceDeny= by DevicePolicy=, and implicitly adds in
/dev/null, /dev/zero and friends if DeviceAllow= is used (unless this is
turned off by DevicePolicy=).
2013-06-27 04:17:34 +02:00
Lennart Poettering
f123dba8b1 update TODO 2013-06-21 15:57:57 +02:00
Lennart Poettering
3d3ee759e6 update TODO 2013-06-20 23:32:13 +02:00
Lennart Poettering
ba73ed858f sd-login: update machine enumeration/notifications APIs for new /run/systemd/machines/ 2013-06-20 04:03:38 +02:00
Lennart Poettering
9444b1f20e logind: add infrastructure to keep track of machines, and move to slices
- This changes all logind cgroup objects to use slice objects rather
  than fixed croup locations.

- logind can now collect minimal information about running
  VMs/containers. As fixed cgroup locations can no longer be used we
  need an entity that keeps track of machine cgroups in whatever slice
  they might be located. Since logind already keeps track of users,
  sessions and seats this is a trivial addition.

- nspawn will now register with logind and pass various bits of metadata
  along. A new option "--slice=" has been added to place the container
  in a specific slice.

- loginctl gained commands to list, introspect and terminate machines.

- user.slice and machine.slice will now be pulled in by logind.service,
  since only logind.service requires this slice.
2013-06-20 03:49:59 +02:00
Lennart Poettering
55d32caf94 update TODO 2013-06-18 16:06:36 +02:00
Zbigniew Jędrzejewski-Szmek
718fe4b1d5 journalctl: properly print headers of empty journals 2013-06-18 08:50:08 -04:00
Lennart Poettering
a016b9228f core: add new .slice unit type for partitioning systems
In order to prepare for the kernel cgroup rework, let's introduce a new
unit type to systemd, the "slice". Slices can be arranged in a tree and
are useful to partition resources freely and hierarchally by the user.

Each service unit can now be assigned to one of these slices, and later
on login users and machines may too.

Slices translate pretty directly to the cgroup hierarchy, and the
various objects can be assigned to any of the slices in the tree.
2013-06-17 21:36:51 +02:00
Lennart Poettering
1f263d4dc2 update TODO 2013-06-11 08:55:42 +02:00
Zbigniew Jędrzejewski-Szmek
87011c25d9 journal: remember last direction of search and keep offset cache
The fields in JournalFile are moved around to avoid wasting
7 bytes because of alignment.
2013-06-10 10:10:07 -04:00
Zbigniew Jędrzejewski-Szmek
6eb7a9a001 tests: add test for empty journal files
The headers are currently not printed properly: some "(null)"s appear.
2013-06-10 10:10:07 -04:00
Lennart Poettering
4e09014daf update TODO 2013-06-06 16:25:58 +02:00
Zbigniew Jędrzejewski-Szmek
5ec7641776 systemctl: limit logs in status to current boot
Also reworded a few debug messages for brevity, and added a log
statement which prints out the filter at debug level:

Journal filter: (((UNIT=sys-module-configfs.device AND _PID=1) OR (COREDUMP_UNIT=sys-module-configfs.device AND MESSAGE_ID=fc2e22bc6ee647b6b90729ab34a250b1) OR _SYSTEMD_UNIT=sys-module-configfs.device) AND _BOOT_ID=4e3c518ab0474c12ac8de7896fe6b154)
2013-06-04 09:59:06 -04:00
Václav Pavlín
76d5a71de9 systemctl: add command set-log-level
Command changes current log level
2013-05-30 20:44:41 -04:00
Lukas Nykryn
9749cd77bc core: read "debug" from kernel commandline and set log level 2013-05-30 00:43:39 -04:00
Lennart Poettering
86312ab8de bus: add a more comprehensive test for the bloom filter logic 2013-05-20 10:13:38 +02:00
Lennart Poettering
c78196699d bus: calculate bloom filter for match
Yay! Filtering using kernel bloom filter matches works now! Yippieh!
2013-05-20 10:13:38 +02:00
Lennart Poettering
264ad849a4 bus: add APIs for negotiating what is attached to messages 2013-05-17 04:26:27 +02:00
Lennart Poettering
45fbe937d7 bus: add minimal locking around the memfd cache
We want to allow clients to process an sd_bus_message on a different
thread than it was received on. Since unreffing a bus message might
readd some of its memfds to the memfd cache add some minimal locking
around the cache.
2013-05-17 04:26:27 +02:00
Lennart Poettering
d5a2b9a6f4 bus: return ECHILD as soon as people try to reuse a bus connection across a fork() 2013-05-17 04:26:27 +02:00
Lukas Nykryn
0000ce05ed systemd-delta: add support for drop-in snippets 2013-05-16 17:23:28 -04:00
Lennart Poettering
e4ee6e5cc3 bus: make bus ref counting atomic
This is preparation to allow sd_bus_message obejcts to be processed in a
different thread from their originating sd_bus object.
2013-05-16 21:58:34 +02:00
Lennart Poettering
eb01ba5de1 bus: synthesize timeout message errors instead of returning error codes 2013-05-16 21:14:56 +02:00
Lennart Poettering
154ff088d3 update TODO 2013-05-15 22:40:36 +02:00
Zbigniew Jędrzejewski-Szmek
9927180417 journalctl: add -k/--dmesg 2013-05-14 23:08:00 -04:00
Lennart Poettering
7e853a9b9a update TODO 2013-05-14 14:01:20 +02:00
Kay Sievers
32821c76d5 TODO: add "debug" kernel cmdline switch 2013-05-13 22:21:54 +02:00
Auke Kok
9d995d54b5 Add support for ConditionSecurity=ima
Just as with SMACK, we don't really know if a policy has been
loaded or not, as the policy interface is write-only. Assume
therefore that if ima is present in securityfs that it is
enabled.

Update the man page to reflect that "ima" is a valid option
now as well.
2013-05-11 13:42:55 -07:00
Lennart Poettering
a7c54c8c1f bus: extend memfd test 2013-05-10 17:34:14 +02:00
Lennart Poettering
cdf173349c update TODO 2013-05-07 20:56:41 +02:00
Lennart Poettering
815ac0f1db update TODO 2013-05-07 02:42:15 +02:00
Zbigniew Jędrzejewski-Szmek
19adb8a320 systemd-sleep: add support for freeze and standby
A new config file /etc/systemd/sleep.conf is added.
It is parsed by systemd-sleep and logind. The strings written
to /sys/power/disk and /sys/power/state can be configured.
This allows people to use different modes of suspend on
systems with broken or special hardware.

Configuration is shared between systemd-sleep and logind
to enable logind to answer the question "can the system be
put to sleep" as correctly as possible without actually
invoking the action. If the user configured systemd-sleep
to only use 'freeze', but current kernel does not support it,
logind will properly report that the system cannot be put
to sleep.

https://bugs.freedesktop.org/show_bug.cgi?id=57793
https://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=7e73c5ae6e7991a6c01f6d096ff8afaef4458c36
http://lists.freedesktop.org/archives/systemd-devel/2013-February/009238.html

SYSTEM_CONFIG_FILE and USER_CONFIG_FILE defines were removed
since they were used in only a few places and with the
addition of /etc/systemd/sleep.conf it becomes easier to just
append the name of each file to the dir name.
2013-05-06 22:51:57 +02:00
Lennart Poettering
d686f034c3 update TODO 2013-05-06 22:28:56 +02:00
Kay Sievers
b4763d9d4c TODO: update 2013-05-06 17:38:27 +02:00
Ville Skyttä
d2bbca6855 Spelling fixes 2013-05-03 22:45:09 -04:00
Lennart Poettering
4641a16b15 update TODO 2013-05-03 18:58:44 +02:00
Lennart Poettering
19aa7c4fef update TODO 2013-05-03 14:19:19 +02:00
Zbigniew Jędrzejewski-Szmek
7d617113ee man: link to socket activation blog entries 2013-05-02 23:35:45 -04:00
Nathaniel Chen
8368868452 Add help option to bootchart man page
Bootchart has a help option. For the sake of consistency, this patch
adds it to the man page.

Also, the TODO is updated. Bootcharts were added to the journal in
commit c4d58b0.
2013-05-02 09:21:23 -07:00
Lennart Poettering
675aae254e update TODO 2013-04-30 08:36:02 -03:00
Lennart Poettering
8af8afd6b3 cgroup: make cg_pid_get_path() work properly for co-mounted controllers and normalized named hierarchies 2013-04-30 08:36:01 -03:00
Lennart Poettering
5f1dac6bf6 cryptsetup: warn if keyfiles are world-readable 2013-04-30 08:36:01 -03:00
Lennart Poettering
8973790ee6 cryptsetup: warn if /etc/crypttab is world-readable 2013-04-30 08:36:01 -03:00
Lennart Poettering
5954c07433 cgroup: do not allow manipulating the cgroup path of units within the systemd:/system subtree 2013-04-30 08:36:01 -03:00
Lennart Poettering
aa96c6cb44 id128: when taking user input for a 128bit ID, validate syntax
Also, always accept both our simple hexdump syntax and UUID syntax.
2013-04-30 08:36:01 -03:00
Lennart Poettering
d6dd604b55 util: rework safe_atod() to be locale-independent
This adds some syntactic sugar with a macro RUN_WITH_LOCALE() that reset
the thread-specific locale temporarily.
2013-04-25 00:05:14 -03:00
Lennart Poettering
db5c012285 conf-parser: restrict .include usage
Disallow recursive .include, and make it unavailable in anything but
unit files.
2013-04-25 00:05:14 -03:00
Lennart Poettering
78edb35ab4 cgroup: always validate cgroup controller names
Let's better be safe than sorry.
2013-04-24 19:02:13 -03:00
Lennart Poettering
e8a7a31539 nss-myhostname: resolve 'localhost' so that /etc/hosts becomes optional
This makes sure nss-myhostname not only resolves the local host name to
127.0.0.2/::1 but also the host name 'localhost: to 127.0.0.1/::1. This
makes installation of /etc/passwd optional, as it usually only includes
a mapping for 'localhost'.

This change also resolves ::1 to the local hostname (as before), but
also lists 'localhost' as an alias. This means look-ups are now fully
reversible, even though they are 1:n mappings.

Finally, the module will no longer erroneously claim that local IP
addresses which aren't on the loopback device were.
2013-04-24 19:02:13 -03:00
Lennart Poettering
2b77f67e78 fileio: unify how we chop off whitespace from key and value in parse_env_file_internal() 2013-04-24 19:02:13 -03:00
Zbigniew Jędrzejewski-Szmek
fff87a35d9 test: make it easier to override kernel version 2013-04-24 00:25:04 -04:00
Lennart Poettering
e41e194340 timer: make sure we restart timers even if units are still running or if one of their conditions fails 2013-04-23 17:42:31 -03:00
Lennart Poettering
0e99f1d6f8 update TODO 2013-04-23 16:00:32 -03:00
Lennart Poettering
ae018d9bc9 cgroup: make sure all our cgroup objects have a suffix and are properly escaped
Session objects will now get the .session suffix, user objects the .user
suffix, nspawn containers the .nspawn suffix.

This also changes the user cgroups to be named after the numeric UID
rather than the username, since this allows us the parse these paths
standalone without requiring access to the cgroup file system.

This also changes the mapping of instanced units to cgroups. Instead of
mapping foo@bar.service to the cgroup path /user/foo@.service/bar we
will now map it to /user/foo@.service/foo@bar.service, in order to
ensure that all our objects are properly suffixed in the tree.
2013-04-22 23:14:12 -03:00
Lennart Poettering
8fc66914c0 update TODO 2013-04-22 23:14:11 -03:00
Zbigniew Jędrzejewski-Szmek
a383724e42 systemd,nspawn: use extended attributes to store metadata
All attributes are stored as text, since root_directory is already
text, and it seems easier to have all of them in text format.

Attributes are written in the trusted. namespace, because the kernel
currently does not allow user. attributes on cgroups. This is a PITA,
and CAP_SYS_ADMIN is required to *read* the attributes. Alas.

A second pipe is opened for the child to signal the parent that the
cgroup hierarchy has been set up.
2013-04-21 21:43:43 -04:00
Kay Sievers
fcdfc15924 TODO: remove dbus items which we will not touch anymore 2013-04-20 19:26:28 +02:00
Josh Triplett
601d9d6fb3 TODO: journal enhancements 2013-04-20 19:24:33 +02:00
Lennart Poettering
ef3b524687 build-sys: prepare release 202 2013-04-19 00:41:24 +02:00
Marius Vollmer
a3e6f050de journal: when iterating through a file we might lose messages when changing direction.
https://bugs.freedesktop.org/show_bug.cgi?id=63672
2013-04-18 22:34:36 +02:00
Lennart Poettering
461bd8e47c update TODO 2013-04-18 22:19:33 +02:00
Lennart Poettering
248f077586 update TODO 2013-04-18 02:54:58 +02:00
Lennart Poettering
ab8e074ce2 update TODO 2013-04-17 22:24:07 +02:00
Lennart Poettering
b454b11220 update TODO 2013-04-17 18:48:32 +02:00
Lennart Poettering
4a449ed73d update TODO 2013-04-17 16:19:05 +02:00
Harald Hoyer
755123030a TODO: add s.th. like "systemctl set-log-level debug" 2013-04-17 15:41:18 +02:00
Harald Hoyer
aa21e2bf21 TODO: remove fixed systemctl property bug 2013-04-17 08:48:07 +02:00