1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-25 23:21:33 +03:00
Commit Graph

6413 Commits

Author SHA1 Message Date
Lennart Poettering
c970388b22 sd-id128: add compound literal love to sd_id128_to_string() + id128_to_uuid_string() 2021-08-20 11:09:48 +02:00
Lennart Poettering
f3ce631bbc man: reference getrandom(2) instead of urandom from sd_id128_randomize() page
It's 2021, /dev/urandom is mostly a thing of the past now.
2021-08-20 11:09:48 +02:00
Lennart Poettering
7f3c90ed79 man: document SD_ID128_ALLF 2021-08-20 11:09:47 +02:00
Lennart Poettering
f47234b6e6 man: re-run ninja -C update-man-rules 2021-08-20 11:09:47 +02:00
Daan De Meyer
8f821d90bf link: Add support for rx-gro-hw nic feature 2021-08-20 09:15:02 +01:00
Daan De Meyer
f20710c74c link: Stop prefixing features with "the" 2021-08-20 09:14:14 +01:00
Yu Watanabe
7d93b92f31 network: add UseMTU= in [IPv6AcceptRA]
Note that kernel has similar knob in sysctl: accept_ra_mtu.

Closes #18868.
2021-08-20 17:14:08 +09:00
Lennart Poettering
dc131951b5
Merge pull request #18385 from kinvolk/mauricio/restrict-network-interfaces
Add RestrictNetworkInterfaces=
2021-08-20 03:41:11 +02:00
Daan De Meyer
6c35ea5ef0 udev: Add support for configuring nic coalescing settings
These are configured via the corresponding ethtool ioctl.
2021-08-20 00:32:28 +01:00
Mauricio Vásquez
795ccb03e0 man: add RestrictNetworkInterfaces= documentation
Signed-off-by: Mauricio Vásquez <mauricio@kinvolk.io>
2021-08-18 15:55:54 -05:00
Mauricio Vásquez
57585d5999 Document RestrictNetworkInterfaces dbus properties
Signed-off-by: Mauricio Vásquez <mauricio@kinvolk.io>
2021-08-18 15:55:53 -05:00
Yu Watanabe
0d341eccef udev: make RxChannels= or friends also accept "max"
Follow-up for 406041b7de.

Also, this makes
- the settings accept an empty string,
- if the specified value is too large, also use the advertised maximum
  value.
- mention the range of the value in the man page.
2021-08-18 16:55:03 +02:00
Yu Watanabe
bdbb61f69f tree-wide: fix typo 2021-08-18 13:36:14 +02:00
Vladimir Panteleev
ecfcf0244a Fix typo in dbus property name ("OnSuccesJobMode") 2021-08-18 16:00:05 +09:00
Yu Watanabe
21ee8eda50
Merge pull request #20460 from yuwata/udevadm-test-builtin-introduce-action
udevadm: introduce --action option for test-builtin
2021-08-18 15:59:40 +09:00
Daan De Meyer
406041b7de
udev: Support "max" string for BufferSize options (#20458)
"max" indicates the hardware advertised maximum queue buffer size
should be used.

The max sizes can be checked by running `ethtool -g <dev>` (Preset maximums).
Since the buffer sizes can't be set to 0 by users, internally we use 0 to
indicate that the hardware advertised maximum should be used.
2021-08-18 15:59:13 +09:00
Yu Watanabe
91546abf9e
Merge pull request #20456 from tomty89/man
Adding a few notes in the systemd.network man page
2021-08-18 15:58:06 +09:00
Yu Watanabe
c4f7a34756 network: do not assume the highest priority when Priority= is unspecified
Previously, when Priority= is unspecified, networkd configured the rule with
the highest (=0) priority. This commit makes networkd distinguish the case
the setting is unspecified and one explicitly specified as Priority=0.

Note.
1) If the priority is unspecified on configure, then kernel dynamically picks
   a priority for the rule.
2) The new behavior is consistent with 'ip rule' command.

Replaces #15606.
2021-08-18 15:57:45 +09:00
Yu Watanabe
7ce05a8d66 udevadm: introduce -a|--action option for test-builtin command
As net_setup_link builtin requires that a device action is set for the
sd_device object.
2021-08-18 00:08:08 +09:00
Tom Yan
5cf9069f08 man: network: mention that RouteMetric= in [DHCPv4] is also applied to the prefix route 2021-08-17 22:53:49 +08:00
Tom Yan
5ea859ef01 man: network: mention that Promiscuous= can be used to set nopromisc for passthru MACV{LAN,TAP} 2021-08-17 22:53:29 +08:00
Lennart Poettering
f6e40037a0
Merge pull request #20448 from medhefgo/boot
sd-boot: UI improvements
2021-08-17 16:26:25 +02:00
Luca Boccassi
9c8b6eaa46 man: further document extension-release 2021-08-17 13:15:13 +01:00
Jan Janssen
8a8e5666ce sd-boot: Improve key bindings
Making keys case insensitive should help if caps lock is on.
We are not advertising them at runtime or in the manual to
reduce the noise.

This also hides the quit and version commands from the help
string. They are mostly for devs and otherwise have little
to no use to normal users. The latter overlaps with print
status which is still advertised.
2021-08-17 13:57:21 +02:00
Yu Watanabe
7c58ee5f8c
Merge pull request #20443 from yuwata/network-conf-parser-cleanups
network: conf parser cleanups
2021-08-17 02:42:27 +09:00
Yu Watanabe
aa10fa8d3a
Merge pull request #20442 from yuwata/network-can-introduce-many-settings
network: introduce several CAN interface related settings
2021-08-17 02:40:32 +09:00
Maxime de Roucy
d419ef0243 network: add address label on dhcpv4
Fixes: #13967
2021-08-17 02:40:18 +09:00
Yu Watanabe
80e41a68d6 man: address label can be set only for IPv4 addresses 2021-08-16 22:56:30 +09:00
Jan Janssen
64bb56e58b sd-boot: Allow automatic entries to be default 2021-08-16 15:52:15 +02:00
Yu Watanabe
b164b570b4 network: can: allow to specify bit-timing with TimeQuantaNSec= and friends
Closes #19424 and #20435.
2021-08-16 22:30:38 +09:00
Yu Watanabe
817561cc60 network: SamplePoint= should be specified only when BitRate= is specified
See can_get_bittiming() in drivers/net/can/dev/bittiming.c of kernel.
2021-08-16 18:54:01 +09:00
Yu Watanabe
239f91f71c network: can: make Termination= optionally take a raw resistor value
Note that this slightly breaks backward compatibility when
Termination=1. Previously, this is handled as boolean true, then 120 ohm
was used. But now with this commit, it is handled as 1 ohm.
2021-08-16 18:52:24 +09:00
Yu Watanabe
6dd84c9e86 network: can: add missing control modes 2021-08-16 18:42:48 +09:00
Lennart Poettering
d8151fb949
Merge pull request #20233 from maanyagoenka/log-error
systemd-analyze: add option to return an error value when unit verification fails
2021-08-13 09:22:48 +02:00
Lennart Poettering
2c3735d6ba
Merge pull request #20350 from medhefgo/boot
Grab bag of sd-boot improvements
2021-08-13 09:22:12 +02:00
Maanya Goenka
3cc3dc7736 systemd-analyze: option to exit with an error when 'verify' fails
The commit introduces a callback invoked from log_syntax_internal.
Use it from systemd-analyze to gather a list of units that contain
syntax warnings. A new command line option is added to make use of this.

The new option --recursive-errors takes in three possible modes:

1. yes - which is the default. systemd-analyze exits with an error when syntax warnings arise during verification of the
	 specified units or any of their dependencies.
3. no - systemd-analyze exits with an error when syntax warnings arise during verification of only the selected unit.
	Analyzing and loading any dependencies will be skipped.
4. one - systemd-analyze exits with an error when syntax warnings arise during verification
	 of only the selected units and their direct dependencies.

Below are two service unit files that I created for the purposes of testing:

1. First, we run the commands on a unit that does not have dependencies but has a non-existing key-value setting (i.e. foo = bar).

> cat <<EOF>testcase.service

[Unit]
foo = bar

[Service]
ExecStart = echo hello
EOF

OUTPUT:

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify testcase.service
/home/maanya-goenka/systemd/testcase.service:2: Unknown key name 'foo' in section 'Unit', ignoring.
/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating /var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether.
maanya-goenka@debian:~/systemd (log-error)$ echo $?
1

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify --recursive-errors=yes testcase.service
/home/maanya-goenka/systemd/testcase.service:2: Unknown key name 'foo' in section 'Unit', ignoring.
/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating /var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether.
maanya-goenka@debian:~/systemd (log-error)$ echo $?
1

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify --recursive-errors=no testcase.service
/home/maanya-goenka/systemd/testcase.service:2: Unknown key name 'foo' in section 'Unit', ignoring.
maanya-goenka@debian:~/systemd (log-error)$ echo $?
1

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify --recursive-errors=one testcase.service
/home/maanya-goenka/systemd/testcase.service:2: Unknown key name 'foo' in section 'Unit', ignoring.
/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating /var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether.
maanya-goenka@debian:~/systemd (log-error)$ echo $?
1

2. Next, we run the commands on a unit that is syntactically valid but has a non-existing dependency (i.e. foo2.service)

> cat <<EOF>foobar.service

[Unit]
Requires = foo2.service

[Service]
ExecStart = echo hello
EOF

OUTPUT:

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify foobar.service
/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating /var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether.
foobar.service: Failed to create foobar.service/start: Unit foo2.service not found.
maanya-goenka@debian:~/systemd (log-error)$ echo $?
1

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify --recursive-errors=yes foobar.service
/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating /var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether.
foobar.service: Failed to create foobar.service/start: Unit foo2.service not found.
maanya-goenka@debian:~/systemd (log-error)$ echo $?
1

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify --recursive-errors=no foobar.service
maanya-goenka@debian:~/systemd (log-error)$ echo $?
0

maanya-goenka@debian:~/systemd (log-error)$ sudo build/systemd-analyze verify --recursive-errors=one foobar.service
/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'. Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating /var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your unit file, and consider removing the setting altogether.
foobar.service: Failed to create foobar.service/start: Unit foo2.service not found.
maanya-goenka@debian:~/systemd (log-error)$ echo $?
1
2021-08-12 07:22:15 -07:00
Jan Janssen
dba0c9832b sd-boot: Allow on/off and t/f for booleans too 2021-08-12 16:10:06 +02:00
Lennart Poettering
a0c5a3f0c0
Merge pull request #20419 from keszybz/setenv-no-value
Allow --setenv=FOO in various programs
2021-08-11 17:47:45 +02:00
Zbigniew Jędrzejewski-Szmek
89bf86e015 machinectl: allow --setenv=FOO 2021-08-11 09:34:45 +02:00
Zbigniew Jędrzejewski-Szmek
0337b3d51c run: allow --setenv=FOO 2021-08-11 09:34:45 +02:00
Zbigniew Jędrzejewski-Szmek
4bbafcc359 homectl: allow --setenv=FOO 2021-08-11 09:34:45 +02:00
Zbigniew Jędrzejewski-Szmek
0d2a017986 nspawn: allow --setenv=FOO as equivalent to --setenv=FOO=$FOO
systemd-socket-activate has supported such a mode since
5e65c93a43. '--setenv=FOO=$FOO' is a fairly
common use in scripts, and it's nicer to do this automatically without worrying
about quoting and whatnot.

https://github.com/systemd/mkosi/pull/765 added the same to 'mkosi --environment='.
2021-08-11 09:34:45 +02:00
Maanya Goenka
e5ea5c3a17 systemd-analyze: support discrete images for 'verify' verb
Adding --image parameter for verify verb using the dissect image functionality

-----------------------------------------------------------------------------------
Example Run:

I created a unit service file testrun.service with an invalid key-value pairing
(foo = bar) and a squashfs image run.raw to test the code.

maanya-goenka@debian:~/systemd (img-support)$ cat <<EOF>img/usr/lib/systemd/system/testrun.service
> [Unit]
> foo = bar
>
> [Service]
> ExecStart = /opt/script0.sh
> EOF

maanya-goenka@debian:~/systemd (img-support)$ mksquashfs img/ run.raw
Parallel mksquashfs: Using 4 processors
Creating 4.0 filesystem on run.raw, block size 131072.
[==============================================================================================================================|] 6/6 100%

Exportable Squashfs 4.0 filesystem, gzip compressed, data block size 131072
        compressed data, compressed metadata, compressed fragments, compressed xattrs
        duplicates are removed
Filesystem size 0.60 Kbytes (0.00 Mbytes)
        52.32% of uncompressed filesystem size (1.14 Kbytes)
Inode table size 166 bytes (0.16 Kbytes)
        43.01% of uncompressed inode table size (386 bytes)
Directory table size 153 bytes (0.15 Kbytes)
        58.40% of uncompressed directory table size (262 bytes)
Number of duplicate files found 1
Number of inodes 12
Number of files 6
Number of fragments 1
Number of symbolic links  0
Number of device nodes 0
Number of fifo nodes 0
Number of socket nodes 0
Number of directories 6
Number of ids (unique uids + gids) 1
Number of uids 1
        maanya-goenka (1000)
Number of gids 1
        maanya-goenka (1000)
maanya-goenka@debian:~/systemd (img-support)$ sudo build/systemd-analyze verify --image=run.raw testrun.service
/tmp/.#systemd-analyzec71c7297a936b91c/usr/lib/systemd/system/testrun.service:2: Unknown key name 'foo' in section 'Unit', ignoring.
testrun.service: Failed to create testrun.service/start: Unit sysinit.target not found.

The 'Unit sysinit.target not found' error that we see here is due to recursive dependency searching during
unit loading and has been addressed in a different PR:
systemd-analyze: add option to return an error value when unit verification fails #20233
2021-08-10 02:41:12 -07:00
Maanya Goenka
2a7cf953e1 systemd-analyze: add --root option for 'verify' verb and allow path parsing
-------------------------------------------------------------------------------
Example Run:

foobar.service created below is a service unit file that has a non-existing key-value
pairing (foo = bar) and is thus, syntactically invalid.

maanya-goenka@debian:~/systemd (img-support)$ cat <<EOF>img/usr/lib/systemd/system/foobar.service
> [Unit]
> foo = bar
>
> [Service]
> ExecStart = /opt/script0.sh
> EOF

The failure to create foobar.service because of the recursive dependency searching and verification has been addressed
in a different PR: systemd-analyze: add option to return an error value when unit verification fails #20233

maanya-goenka@debian:~/systemd (img-support)$ sudo build/systemd-analyze verify --root=img/ foobar.service
/home/maanya-goenka/systemd/img/usr/lib/systemd/system/foobar.service:2: Unknown key name 'foo' in section 'Unit', ignoring.
foobar.service: Failed to create foobar.service/start: Unit sysinit.target not found.
2021-08-10 02:41:12 -07:00
Yegor Alexeyev
836fb00f21 units: added factory-reset.target 2021-08-10 17:08:00 +02:00
Dimitry Ishenko
33e82f3ef3 timesync: add option to periodically save time 2021-08-09 21:06:28 +02:00
GnunuX
c5f62204ee man systemd-sysusers: fix password to passwd 2021-08-09 10:17:05 +02:00
Yu Watanabe
63295b42ae network: introduce UplinkInterface= in [IPv6SendRA] 2021-08-04 22:20:56 +09:00
Yu Watanabe
2b24292692 network: update comment and man page 2021-08-04 22:19:14 +09:00
Zbigniew Jędrzejewski-Szmek
d53285d551 man: describe veritysetup command syntax
It makes it easier to diagnose what the generated units actually do.
2021-08-03 16:02:55 +02:00
Lennart Poettering
e5a8b4b593 bootctl: tweak "bootctl update" to be a NOP when boot loader is already current and --graceful is given
Previously, the "bootctl update" logic would refrain from downrgading a
boot loader, but if the boot loader that is installed already matched
the version we could install we'd install it anyway, under the
assumption this was effectively without effect. This behaviour was handy
while developing boot loaders, since installing a modified boot loader
didn't require a version bump.

However, outside of the systems of boot loader developers I don't think
this behaviour makes much sense: we should always emphasize doing
minimal changes to the ESP, hence when an update is supposedly not
necessary, then don't do it. Only update if it really makes sense, to
minimize writes to the ESP. Updating the boot loader is a good thing
after all, but doing so redundantly is not.

Also, downgrade the message about this to LOG_NOTICE, given this
shouldn't be a reason to log.

Finally, exit cleanly in this cases (or if another boot loader is
detected)
2021-07-30 16:48:24 +02:00
Franck Bui
463aef23a7 manager: reexecute on SIGRTMIN+25, user instances only
Before this patch, there was no way to request all running user instances for
reexecuting. However this can be useful especially during package updates
otherwise user instances are never updated and keep running a potentially very
old version of the binaries.

Now assuming that we have enough priviledge, it's possible to request
reexecution of all user instances:

  systemctl kill --signal=SIGRTMIN+25 "user@*.service"

Note that this request is obviously asynchronous as it relies on a
signal. Keeping "systemctl kill" as the only interface should be good enough to
make this obvious and that's the reason why another interface, such as
"systemctl --global daemon-reexec" has not been considered.

PID1 already uses SIGTERM for reexecuting hence sending it SIGRTMIN+25 is a
nop.
2021-07-28 18:50:30 +02:00
Luca Boccassi
a8d1a8e96d
Merge pull request #20326 from keszybz/meson-0.53.2
Use some more new meson features
2021-07-28 13:30:37 +01:00
Zbigniew Jędrzejewski-Szmek
e04eae5e1c man/systemctl: rework descriptions of bind and mount-image
The text used "unit's view" to mean mount namespace. But we talk about
mount namespaces in the later part of the paragraph anyway, so trying to
use an "approachable term" only makes the whole thing harder to understand.
Let's use the precise term.

Some paragraph-breaking and re-indentation is done too.
2021-07-28 10:21:21 +02:00
Zbigniew Jędrzejewski-Szmek
f12c5d36a9 meson: use alias_target for doc update commands
This undoes part of 4c890ad3cc: the
implementations of update-dbus-docs and update-man-rules are moved back to
man/meson.build, and alias_target() is used to keep the visible target names
unchanged.

The rules for man pages are reworked so that it's possible to invoke the
targets even if xstlproc is not available. After all, xsltproc is only needed
for the final formatted output, and not other processing.
2021-07-27 20:34:40 +02:00
Zbigniew Jędrzejewski-Szmek
fce9abb227 meson: use a/b instead of join_paths(a,b)
It is nicer and shorter.
2021-07-27 19:32:35 +02:00
Zbigniew Jędrzejewski-Szmek
dab1fe1a8e man/tmpfiles.d: rewrite the description of age-by 2021-07-27 09:43:29 +02:00
Zbigniew Jędrzejewski-Szmek
d6029680df man: use title of docs/ pages when referring to them
There is some inconsistency, partially caused by the awkward naming
of the docs/ pages. But let's be consistent and use the "official" title.
If we ever change plural↔singular, we should use the same form everywhere.
2021-07-27 09:43:29 +02:00
Zbigniew Jędrzejewski-Szmek
be0d27ee0c man: fix assorted issues reported by the manpage-l10n project
Fixes #20297.
2021-07-27 09:43:29 +02:00
ratijas
d2e84b6018 man: Fix incorrect EFI vendor UUID (last missing nibble) 2021-07-23 14:20:29 +02:00
Zbigniew Jędrzejewski-Szmek
becbc6dfa8
Merge pull request #20103 from flokli/nsswitch-nss-myhostname
man: stop recommending putting myhostname after dns
2021-07-23 09:44:26 +02:00
Florian Klink
946f7ce32c man: document nss-{resolve,myhostname} resolving in the other direction, too 2021-07-23 01:56:07 +02:00
Florian Klink
ce266330fc man: stop recommending putting myhostname after dns
nss-resolve also looks in /etc/hosts, and has the same local hostname
resolving logic as nss-myhostname. We shouldn't recommend another order
than nss-resolve uses internally.

When nss-resolve is used, there's no possibility to override
nss-myhostname hosts via DNS *anyway*.

On top of that, it's not a good idea to allow DNS to override local
hostnames as all - at least not something we should advertise in the
docs.

Followup of f918c67d38ba6ccd4eb0dc657f3f3155e5010cae /
https://github.com/systemd/systemd/pull/16754.
2021-07-23 01:53:07 +02:00
hikigaya58
d844b033a4 Typo correction on systemd.unit man page 2021-07-22 19:05:30 +02:00
WANG Xuerui
4e76715489
gpt: support LoongArch 64-bit 2021-07-20 17:32:59 +08:00
rene
b838bc1126
Minor typo (#20254)
Correct resoulution with resolution.
2021-07-20 14:45:04 +09:00
Raul Tambre
534b5abce1 man/systemd.network: Fix duplicate Xfrm description
It's already listed along with others (Tunnel, VLAN, etc.) and its description matches those. The duplication was introduced by commit c3006a485c.
2021-07-14 21:48:48 +09:00
Luca BRUNO
c68c87d023 man/dnssec-trust-anchors: fix an XML syntax typo
This fixes an XML syntax typo in the 'dnssec-trust-anchors'
documentation.
2021-07-12 12:09:20 +01:00
Carl Lei
9de0c7f4ae man: fix RFC number
#19947 didn't fix both.
2021-07-12 14:10:32 +09:00
Ben Stockett
4226dfafba Updated manpage for sd_bus_set_property
Updated manpage for sd_bus_set_property and sd_bus_set_propertyv. In the old manpage, these functions included the parameter sd_bus_message **reply when the actual function had no such argument.
2021-07-10 13:19:50 +01:00
nassir90
a814eae728
Fixed typo (#20187)
* Fixed typo

Before, the file claimed that some systemd units are created "from other
configuration". It should have read "from other configuration files".

Co-authored-by: Nozz <nozolo90@gmail.com>
2021-07-09 21:16:02 +01:00
nl6720
250db1bf02 docs: improve wording when mentioning the acronym "ESP"
"ESP" is "EFI system partition", so "ESP partition" is redundant.
2021-07-09 13:41:00 +02:00
Yegor Alexeyev
a520bb6654 logind: allow binding different operation to reboot key long presses 2021-07-08 13:08:20 +02:00
Lennart Poettering
c860665ef3
Merge pull request #20163 from poettering/repart-root-fix
repart: drop duplicate handling of /sysroot/ prefix
2021-07-08 13:06:41 +02:00
Lennart Poettering
e2e13bddcf repart: drop spurious whitespace 2021-07-08 10:10:39 +02:00
Lennart Poettering
8a6a781b58 man: document the new (Load|Set)CredentialEncrypted= settings 2021-07-08 09:31:43 +02:00
Lennart Poettering
c1017f6b7b man: add man page for "systemd-creds" 2021-07-08 09:31:18 +02:00
Lennart Poettering
43144be4a1 pid1: add support for encrypted credentials 2021-07-08 09:30:56 +02:00
Zbigniew Jędrzejewski-Szmek
682047f834
Merge pull request #20145 from bluca/prep
Preparations for v249
2021-07-07 15:28:15 +02:00
Lennart Poettering
fc20b9b598 Revert "Add systemd-resolve backwards compatibility section to resolvectl docs"
This reverts commit 9fcfc0470d.
2021-07-07 15:27:28 +02:00
Luca Boccassi
67828e0856 man: fix systemd-sleep.conf.xml whitespace
Follow-up for 33f899bd47
2021-07-07 10:36:04 +01:00
Hamish Moffatt
33f899bd47 Clarify the behaviour of suspend-then-sleep mode in the manual pages.
Fixes #20125.
2021-07-07 11:08:21 +02:00
Luca Boccassi
48e5ef14af man: correct return value of sd_bus_open_with_description
Since f4b2933ee7
if a description is not set, sd_bus_open_with_description returns -ENXIO, but the
documnetation stated that it returned successfully with a NULL string.
2021-07-06 15:18:35 +02:00
Michal Sekletar
49590d67c9 selinux: support infering SELinux label also from socket not connected to stdin
Fixes #19918
2021-07-02 09:26:22 +02:00
Zbigniew Jędrzejewski-Szmek
cc03890a9d
Merge pull request #20058 from keszybz/status-format
Implement StatusUnitFormat=combined and prettify Descriptions
2021-07-01 08:58:14 +02:00
Zbigniew Jędrzejewski-Szmek
dc9880d475
Merge pull request #20020 from anitazha/oomd_with_mem
oomd: check that memory use also exceeds threshold before doing a swap kill
2021-06-30 21:59:34 +02:00
Zbigniew Jędrzejewski-Szmek
abaf5edd08 Revert "Introduce ExitType"
This reverts commit cb0e818f7c.

After this was merged, some design and implementation issues were discovered,
see the discussion in #18782 and #19385. They certainly can be fixed, but so
far nobody has stepped up, and we're nearing a release. Hopefully, this feature
can be merged again after a rework.

Fixes #19345.
2021-06-30 21:56:47 +02:00
Zbigniew Jędrzejewski-Szmek
58551e6ebc
Merge pull request #20074 from yuwata/fix-typo
tree-wide: fix typo
2021-06-30 17:26:51 +02:00
Yu Watanabe
387f695526 tree-wide: "a" -> "an" 2021-06-30 23:33:00 +09:00
Yu Watanabe
3d62af7d23 tree-wide: fix "the the" and "a a" 2021-06-30 23:32:43 +09:00
Yu Watanabe
857f0e0ae3 man: fix typo 2021-06-30 20:47:57 +09:00
Zbigniew Jędrzejewski-Szmek
04d232d807 core: rework unit printing and implement 'combined' format
The code to print unit status formats had a long history, and became a
hard-to-manage mess of duplicate code parts. We would use sprintf() to
format a string, and then call sprintf() again… The code is reworked
to avoid repeated formattings and to streamline printing to the log
and the console.

The approach used in this patch is a bit more complex then in patches by Colin
Walter and Paweł Marciniak, because an allocation is only done if "combined"
format is used. In other cases we return the existing ->id or ->description
strings. The caller can also control whether a shorter or longer status string
should be used. This way the caller can use a shorter format where it makes
sense, for example in the cylon eye output, where we don't have enough
horizontal space.

Patch is based on Colin Walters' https://github.com/systemd/systemd/pull/15957,
and Paweł Marciniak's patch posted on fedora-devel.

Note: for some reason, the functions for printing of start and stop messages
were sepearated by some unrelated functions. They are moved to be consecutive,
but this makes the much more verbose than it would be otherwise. I found it
useful to view in gitk's "new" mode.

Co-authored-by: Colin Walters <walters@verbum.org>
Co-authored-by: Paweł Marciniak <sunwire+git@gmail.com>

Output from a Fedora Rawhide container boot (w/ some follow-up patches to
tweak Descriptions):

Welcome to Fedora 35 (Rawhide Prerelease)!

Queued start job for default target graphical.target.
[  OK  ] Created slice system-getty.slice - Slice /system/getty.
[  OK  ] Created slice system-modprobe.slice - Slice /system/modprobe.
[  OK  ] Created slice system-sshd\x2dkeygen.slice - Slice /system/sshd-keygen.
[  OK  ] Created slice user.slice - User and Session Slice.
[  OK  ] Started systemd-ask-password-console.path - Dispatch Password Requests to Console Directory Watch.
[  OK  ] Started systemd-ask-password-wall.path - Forward Password Requests to Wall Directory Watch.
[  OK  ] Reached target cryptsetup.target - Local Encrypted Volumes.
[  OK  ] Reached target paths.target - Path Units.
[  OK  ] Reached target remote-cryptsetup.target - Remote Encrypted Volumes.
[  OK  ] Reached target remote-fs.target - Remote File Systems.
[  OK  ] Reached target slices.target - Slice Units.
[  OK  ] Reached target swap.target - Swaps.
[  OK  ] Reached target veritysetup.target - Local Verity Integrity Protected Volumes.
[  OK  ] Listening on systemd-coredump.socket - Process Core Dump Socket.
[  OK  ] Listening on systemd-initctl.socket - initctl Compatibility Named Pipe.
[  OK  ] Listening on systemd-journald-dev-log.socket - Journal Socket (/dev/log).
[  OK  ] Listening on systemd-journald.socket - Journal Socket.
[  OK  ] Listening on systemd-networkd.socket - Network Service Netlink Socket.
[  OK  ] Listening on systemd-userdbd.socket - User Database Manager Socket.
         Mounting dev-hugepages.mount - Huge Pages File System...
         Starting systemd-journald.service - Journal Service...
         Starting systemd-remount-fs.service - Remount Root and Kernel File Systems...
         Starting systemd-sysctl.service - Apply Kernel Variables...
[  OK  ] Mounted dev-hugepages.mount - Huge Pages File System.
[  OK  ] Finished systemd-remount-fs.service - Remount Root and Kernel File Systems.
         Starting systemd-hwdb-update.service - Rebuild Hardware Database...
         Starting systemd-sysusers.service - Create System Users...
[  OK  ] Finished systemd-sysctl.service - Apply Kernel Variables.
[  OK  ] Started systemd-journald.service - Journal Service.
         Starting systemd-journal-flush.service - Flush Journal to Persistent Storage...
[  OK  ] Finished systemd-sysusers.service - Create System Users.
         Starting systemd-tmpfiles-setup-dev.service - Create Static Device Nodes in /dev...
[  OK  ] Finished systemd-tmpfiles-setup-dev.service - Create Static Device Nodes in /dev.
[  OK  ] Reached target local-fs-pre.target - Preparation for Local File Systems.
[  OK  ] Reached target local-fs.target - Local File Systems.
[  OK  ] Reached target machines.target - Containers.
         Starting dracut-shutdown.service - Restore /run/initramfs on shutdown...
         Starting ldconfig.service - Rebuild Dynamic Linker Cache...
[  OK  ] Finished dracut-shutdown.service - Restore /run/initramfs on shutdown.
[  OK  ] Finished ldconfig.service - Rebuild Dynamic Linker Cache.
[  OK  ] Finished systemd-journal-flush.service - Flush Journal to Persistent Storage.
         Starting systemd-tmpfiles-setup.service - Create Volatile Files and Directories...
[  OK  ] Finished systemd-tmpfiles-setup.service - Create Volatile Files and Directories.
         Starting systemd-journal-catalog-update.service - Rebuild Journal Catalog...
         Starting systemd-oomd.service - Userspace Out-Of-Memory (OOM) Killer...
         Starting systemd-update-utmp.service - Update UTMP about System Boot/Shutdown...
         Starting systemd-userdbd.service - User Database Manager...
[  OK  ] Finished systemd-update-utmp.service - Update UTMP about System Boot/Shutdown.
[  OK  ] Finished systemd-journal-catalog-update.service - Rebuild Journal Catalog.
[  OK  ] Started systemd-userdbd.service - User Database Manager.
[  OK  ] Started systemd-oomd.service - Userspace Out-Of-Memory (OOM) Killer.
[  OK  ] Finished systemd-hwdb-update.service - Rebuild Hardware Database.
         Starting systemd-networkd.service - Network Configuration...
         Starting systemd-update-done.service - Update is Completed...
[  OK  ] Finished systemd-update-done.service - Update is Completed.
[  OK  ] Reached target sysinit.target - System Initialization.
[  OK  ] Started dnf-makecache.timer - dnf makecache --timer.
[  OK  ] Started logrotate.timer - Daily rotation of log files.
[  OK  ] Started systemd-tmpfiles-clean.timer - Daily Cleanup of Temporary Directories.
[  OK  ] Reached target timers.target - Timer Units.
[  OK  ] Listening on dbus.socket - D-Bus System Message Bus Socket.
[  OK  ] Reached target sockets.target - Socket Units.
[  OK  ] Reached target basic.target - Basic System.
[  OK  ] Reached target sshd-keygen.target.
         Starting sysstat.service - Resets System Activity Logs...
         Starting systemd-homed.service - Home Area Manager...
         Starting systemd-logind.service - User Login Management...
         Starting dbus-broker.service - D-Bus System Message Bus...
[FAILED] Failed to start sysstat.service - Resets System Activity Logs.
See 'systemctl status sysstat.service' for details.
[  OK  ] Started dbus-broker.service - D-Bus System Message Bus.
[  OK  ] Started systemd-homed.service - Home Area Manager.
[  OK  ] Finished systemd-homed-activate.service - Home Area Activation.
[  OK  ] Started systemd-logind.service - User Login Management.
[  OK  ] Started systemd-networkd.service - Network Configuration.
         Starting systemd-networkd-wait-online.service - Wait for Network to be Configured...
         Starting systemd-resolved.service - Network Name Resolution...
[  OK  ] Started systemd-resolved.service - Network Name Resolution.
[  OK  ] Reached target network.target - Network.
[  OK  ] Reached target nss-lookup.target - Host and Network Name Lookups.
         Starting sshd.service - OpenSSH server daemon...
         Starting systemd-user-sessions.service - Permit User Sessions...
[  OK  ] Finished systemd-user-sessions.service - Permit User Sessions.
[  OK  ] Started console-getty.service - Console Getty.
[  OK  ] Reached target getty.target - Login Prompts.
[  OK  ] Started sshd.service - OpenSSH server daemon.
[  OK  ] Reached target multi-user.target - Multi-User System.
[  OK  ] Reached target graphical.target - Graphical Interface.
         Starting systemd-update-utmp-runlevel.service - Update UTMP about System Runlevel Changes...
[  OK  ] Finished systemd-update-utmp-runlevel.service - Update UTMP about System Runlevel Changes.

Fedora 35 (Rawhide Prerelease)
Kernel 5.12.12-300.fc34.x86_64 on an x86_64 (console)

rawhide login: [  OK  ] Stopped session-24.scope - Session 24 of User zbyszek.
[  OK  ] Removed slice system-getty.slice - Slice /system/getty.
[  OK  ] Removed slice system-modprobe.slice - Slice /system/modprobe.
[  OK  ] Removed slice system-sshd\x2dkeygen.slice - Slice /system/sshd-keygen.
[  OK  ] Stopped target graphical.target - Graphical Interface.
[  OK  ] Stopped target multi-user.target - Multi-User System.
[  OK  ] Stopped target getty.target - Login Prompts.
[  OK  ] Stopped target machines.target - Containers.
[  OK  ] Stopped target nss-lookup.target - Host and Network Name Lookups.
[  OK  ] Stopped target remote-cryptsetup.target - Remote Encrypted Volumes.
[  OK  ] Stopped target timers.target - Timer Units.
[  OK  ] Stopped dnf-makecache.timer - dnf makecache --timer.
[  OK  ] Stopped logrotate.timer - Daily rotation of log files.
[  OK  ] Stopped systemd-tmpfiles-clean.timer - Daily Cleanup of Temporary Directories.
[  OK  ] Closed systemd-coredump.socket - Process Core Dump Socket.
         Stopping console-getty.service - Console Getty...
         Stopping dracut-shutdown.service - Restore /run/initramfs on shutdown...
         Stopping sshd.service - OpenSSH server daemon...
         Stopping systemd-logind.service - User Login Management...
         Stopping systemd-oomd.service - Userspace Out-Of-Memory (OOM) Killer...
         Stopping user@1000.service - User Manager for UID 1000...
[  OK  ] Stopped systemd-oomd.service - Userspace Out-Of-Memory (OOM) Killer.
[  OK  ] Stopped systemd-networkd-wait-online.service - Wait for Network to be Configured.
[  OK  ] Stopped sshd.service - OpenSSH server daemon.
[  OK  ] Stopped console-getty.service - Console Getty.
[  OK  ] Stopped dracut-shutdown.service - Restore /run/initramfs on shutdown.
[  OK  ] Stopped target sshd-keygen.target.
[  OK  ] Stopped systemd-logind.service - User Login Management.
[  OK  ] Stopped user@1000.service - User Manager for UID 1000.
         Stopping user-runtime-dir@1000.service - User Runtime Directory /run/user/1000...
[  OK  ] Unmounted run-user-1000.mount - /run/user/1000.
[  OK  ] Stopped user-runtime-dir@1000.service - User Runtime Directory /run/user/1000.
[  OK  ] Removed slice user-1000.slice - User Slice of UID 1000.
         Stopping systemd-user-sessions.service - Permit User Sessions...
[  OK  ] Stopped systemd-user-sessions.service - Permit User Sessions.
[  OK  ] Stopped target network.target - Network.
[  OK  ] Stopped target remote-fs.target - Remote File Systems.
         Stopping systemd-homed-activate.service - Home Area Activation...
         Stopping systemd-resolved.service - Network Name Resolution...
[  OK  ] Stopped systemd-resolved.service - Network Name Resolution.
         Stopping systemd-networkd.service - Network Configuration...
[  OK  ] Stopped systemd-homed-activate.service - Home Area Activation.
         Stopping systemd-homed.service - Home Area Manager...
[  OK  ] Stopped systemd-homed.service - Home Area Manager.
[  OK  ] Stopped target basic.target - Basic System.
[  OK  ] Stopped target paths.target - Path Units.
[  OK  ] Stopped target slices.target - Slice Units.
[  OK  ] Removed slice user.slice - User and Session Slice.
[  OK  ] Stopped target sockets.target - Socket Units.
         Stopping dbus-broker.service - D-Bus System Message Bus...
[  OK  ] Stopped dbus-broker.service - D-Bus System Message Bus.
[  OK  ] Closed dbus.socket - D-Bus System Message Bus Socket.
[  OK  ] Stopped target sysinit.target - System Initialization.
[  OK  ] Stopped target cryptsetup.target - Local Encrypted Volumes.
[  OK  ] Stopped systemd-ask-password-console.path - Dispatch Password Requests to Console Directory Watch.
[  OK  ] Stopped systemd-ask-password-wall.path - Forward Password Requests to Wall Directory Watch.
[  OK  ] Stopped target veritysetup.target - Local Verity Integrity Protected Volumes.
[  OK  ] Stopped systemd-update-done.service - Update is Completed.
[  OK  ] Stopped ldconfig.service - Rebuild Dynamic Linker Cache.
[  OK  ] Stopped systemd-hwdb-update.service - Rebuild Hardware Database.
[  OK  ] Stopped systemd-journal-catalog-update.service - Rebuild Journal Catalog.
         Stopping systemd-update-utmp.service - Update UTMP about System Boot/Shutdown...
[  OK  ] Stopped systemd-networkd.service - Network Configuration.
[  OK  ] Closed systemd-networkd.socket - Network Service Netlink Socket.
[  OK  ] Stopped systemd-sysctl.service - Apply Kernel Variables.
[  OK  ] Stopped systemd-update-utmp.service - Update UTMP about System Boot/Shutdown.
[  OK  ] Stopped systemd-tmpfiles-setup.service - Create Volatile Files and Directories.
[  OK  ] Stopped target local-fs.target - Local File Systems.
         Unmounting home.mount - /home...
         Unmounting run-credentials-systemd\x2dsysusers.se…e.mount - /run/credentials/systemd-sysusers.service...
         Unmounting tmp.mount - Temporary Directory /tmp...
[  OK  ] Unmounted home.mount - /home.
[  OK  ] Unmounted tmp.mount - Temporary Directory /tmp.
[  OK  ] Unmounted run-credentials-systemd\x2dsysusers.service.mount - /run/credentials/systemd-sysusers.service.
[  OK  ] Stopped target local-fs-pre.target - Preparation for Local File Systems.
[  OK  ] Stopped target swap.target - Swaps.
[  OK  ] Reached target umount.target - Unmount All Filesystems.
[  OK  ] Stopped systemd-tmpfiles-setup-dev.service - Create Static Device Nodes in /dev.
[  OK  ] Stopped systemd-sysusers.service - Create System Users.
[  OK  ] Stopped systemd-remount-fs.service - Remount Root and Kernel File Systems.
[  OK  ] Reached target shutdown.target - System Shutdown.
[  OK  ] Reached target final.target - Late Boot Services.
[  OK  ] Finished systemd-poweroff.service - System Power Off.
[  OK  ] Reached target poweroff.target - System Power Off.
Sending SIGTERM to remaining processes...
Sending SIGKILL to remaining processes...
All filesystems, swaps, loop devices, MD devices and DM devices detached.
Powering off.
2021-06-30 13:23:55 +02:00
Anita Zhang
cb5ce676d9 oomd: check mem free and swap free before doing a swap-based kill
https://bugzilla.redhat.com/show_bug.cgi?id=1974763
2021-06-30 03:51:05 -07:00
Julia Kartseva
120338ae33 man: document ip proto in SocketBind{Allow|Deny}= 2021-06-30 00:36:33 -07:00
Dan Streetman
9fcfc0470d Add systemd-resolve backwards compatibility section to resolvectl docs 2021-06-30 06:15:11 +09:00
Luca Boccassi
d46be5a6ac
Merge pull request #20047 from keszybz/doc-fix
Update dnssec-trust-anchors comment syntax description and put rrs in index
2021-06-29 12:52:38 +01:00
Raul Tambre
12c0bb31a7 resolved: Fix link to resolv.conf manpage
Seems to typically located in volume 5 these days on Linux systems that systemd targets.
2021-06-29 12:50:53 +01:00
Zbigniew Jędrzejewski-Szmek
d080734dcb man: add "DNS resource record types" section 2021-06-29 10:44:18 +02:00
Zbigniew Jędrzejewski-Szmek
9a024bf18d man: add markup to dns resource record labels 2021-06-29 10:44:18 +02:00
Paweł Marciniak
580e198a50 core: add combined status unit format
[zjs: actual implementation is stripped out and will be added in subsequent
commits.]
2021-06-28 20:11:52 +02:00
Raul Tambre
d3a047b9d1 man: Don't link to a manpage that's within our documentation
For example on systemd.network this results in the link taking one to another site with the manpage instead of the document that's on the same site.
2021-06-28 18:49:27 +09:00
Zbigniew Jędrzejewski-Szmek
0b497bc46f man/dnssec-trust-anchors: update comment syntax description
Let's just use the same phrase as in systemd.syntax(7).
Fixes #20045.
2021-06-27 15:50:04 +02:00
dgcampea
e8f4bf33d8 man: fix incorrect description regarding DynamicUser= and StateDirectory= 2021-06-27 14:08:05 +01:00
Yu Watanabe
c8de9b0ec5 man: document about NAMING_REPLACE_STRICTLY network interface naming policy
Follow-up for b4d885f0e8 and
068b0f7728.
2021-06-25 14:51:24 +01:00
Zbigniew Jędrzejewski-Szmek
a768492a33
Merge pull request #20023 from yuwata/re-enable-nosuid-mount-flag
core: reenable nosuid mount flag when NoNewPrivileges=yes
2021-06-25 14:21:05 +02:00
Zbigniew Jędrzejewski-Szmek
157306439e
Merge pull request #19312 from yuwata/udev-escape-slash-nvme
udev: make OPTIONS="string_escape=replace" take effect on ENV{key}= assiginment
2021-06-25 10:11:04 +02:00
Zbigniew Jędrzejewski-Szmek
07b1d28a16
Merge pull request #19883 from ddstreet/activation-policy-down-required-for-online-no
Activation policy down required for online no
2021-06-25 09:26:25 +02:00
Zbigniew Jędrzejewski-Szmek
a2e2917162
Merge pull request #19941 from bluca/condition_os_release
core: add ConditionOSRelease= directive
2021-06-25 09:22:50 +02:00
Yu Watanabe
5181630f26 core: do not set nosuid mount option when SELinux is enabled
The mount option has special meaning when SELinux is enabled. To make
NoNewPrivileges=yes not break SELinux enabled systems, let's not set the
mount flag on such systems.
2021-06-25 15:37:35 +09:00
Yu Watanabe
6720e356c1 Revert "Revert "Mount all fs nosuid when NoNewPrivileges=yes""
This reverts commit 1753d30215.

Let's re-enable that feature now. As reported when the original commit
was merged, this causes some trouble on SELinux enabled systems. So,
in the subsequent commit, the feature will be disabled when SELinux is enabled.
But, anyway, this commit just re-enable that feature unconditionally.
2021-06-25 15:16:34 +09:00
Lennart Poettering
86e24d608a
Merge pull request #20001 from keszybz/test-path-simplify-less
Do not call path_simplify() when not needed
2021-06-24 15:33:09 +02:00
Luca Boccassi
1e26f8a60b core: add ConditionOSRelease= directive 2021-06-24 13:57:48 +01:00
Dan Streetman
7c644a6966 network: default RequiredForOnline=false if ActivactionPolicy= not set to up
If ActivationPolicy= is set to down, always-down, or manual, then any
matching link will delay boot (due to delaying network-online.target).

If RequiredForOnline= wasn't explicitly set, then default it to false
if ActivationPolicy= is down or manual. If ActivationPolicy=always-down,
then force RequiredForOnline=no.
2021-06-24 08:32:21 -04:00
Lennart Poettering
b80ef40caf ask-password: add "-n" switch for disabling trailing newline
This is similar to the "-n" switch of the "echo" command.
2021-06-24 13:25:39 +02:00
Zbigniew Jędrzejewski-Szmek
aa45911b79 man/50-xdg-data-dirs: add quotes as suggested by shellcheck 2021-06-23 18:11:49 +02:00
Yu Watanabe
91c27ac686 man: update description of "string_escape=" udev option 2021-06-23 17:11:23 +09:00
Lennart Poettering
ff0771bfc8 repart: make No-Auto GPT partition flag configurable too
This is useful for provisioning initially empty secondary A/B root file
systems. We don't want those to ever be considered for automatic
mounting, for example in "systemd-nspawn --image=", hence we should
create them with the No-Auto flag turned on. Once a file system image is
dropped into the partition the flag may be turned off by the updater
tool, so that it is considered from then on.

Thew new option for this is called NoAuto. I dislike negated options
like this, but this is taken from the naming in the spec, which in turn
inherited the name from the same flag for Microsoft Data Partitions. To
minimize confusion, let's stick to the name hence.
2021-06-18 14:34:01 +09:00
plattrap
e83580bfc6 Update systemd-resolved.service.8 help
Text currently refers to `/etc/nsswitch.conf` where it should refer to `/etc/resolv.conf`.
This is in the context of defining a nameserver IP and search domains.
2021-06-18 13:43:13 +09:00
Yu Watanabe
f4c48492fe man: fix RFC number and its title 2021-06-16 10:32:28 +09:00
Lennart Poettering
ad64e3e8d6
Merge pull request #19942 from wat-ze-hex/socket-bind-ip-proto-2021-06-10
dbus: extend SocktBind{Allow|Deny}= with ip proto
2021-06-16 00:24:54 +02:00
Julia Kartseva
a5f19be8b1 dbus: update SocketBind{Allow|Deny}= doc 2021-06-15 13:51:33 -07:00
Zbigniew Jędrzejewski-Szmek
7c7683f36c sd-id128: add SD_ID128_MAKE_UUID_STR
It's like SD_ID128_MAKE_STR, but with hyphens.
2021-06-15 22:01:39 +02:00
Lennart Poettering
39d02a175f sd-id128: document everywhere that we treat all UUIDs as Variant 1
So in theory UUID Variant 2 (i.e. microsoft GUIDs) are supposed to be
displayed in native endian. That is of course a bad idea, and Linux
userspace generally didn't implement that, i.e. uuidd and similar.
Hence, let's not bother either, but let's document that we treat
everything the same as Variant 1, even if it declares something else.
2021-06-15 20:58:56 +02:00
Matt Johnston
e65357b658 man: fix sd_bus_add_node_enumerator() ret_nodes
ret_nodes is NULL terminated, the return value isn't a count.
2021-06-15 11:29:44 +01:00
Yu Watanabe
21d03e6c63 man: add an example to configure default route on device with table
Prompted by #19911.
2021-06-15 11:29:20 +01:00
Yu Watanabe
a3f5f4a5c0 fix typo 2021-06-15 14:19:30 +09:00
Topi Miettinen
1753d30215 Revert "Mount all fs nosuid when NoNewPrivileges=yes"
This reverts commit d8e3c31bd8.

A poorly documented fact is that SELinux unfortunately uses nosuid mount flag
to specify that also a fundamental feature of SELinux, domain transitions, must
not be allowed either. While this could be mitigated case by case by changing
the SELinux policy to use `nosuid_transition`, such mitigations would probably
have to be added everywhere if systemd used automatic nosuid mount flags when
`NoNewPrivileges=yes` would be implied. This isn't very desirable from SELinux
policy point of view since also untrusted mounts in service's mount namespaces
could start triggering domain transitions.

Alternatively there could be directives to override this behavior globally or
for each service (for example, new directives `SUIDPaths=`/`NoSUIDPaths=` or
more generic mount flag applicators), but since there's little value of the
commit by itself (setting NNP already disables most setuid functionality), it's
simpler to revert the commit. Such new directives could be used to implement
the original goal.
2021-06-15 00:33:22 +09:00
Jayanth Ananthapadmanaban
279082ed49 Add a network timeout option to journal-upload 2021-06-14 11:16:38 +02:00
Zbigniew Jędrzejewski-Szmek
dbb3b26f1b man: clarify that global search domains apply to global servers, not all interfaces
Fixes #19257.
2021-06-11 10:32:42 +01:00
Anita Zhang
c48bc311a5 man: add note about operation without swap in systemd-oomd 2021-06-10 07:24:18 +02:00
Zbigniew Jędrzejewski-Szmek
998571a7f4
Merge pull request #19871 from yuwata/man-network-missing-settings
man: add missing settings
2021-06-09 22:15:38 +02:00
Yu Watanabe
c3006a485c man: add missing settings
Fixes #19869.
2021-06-10 04:47:13 +09:00
Yu Watanabe
85bc4c080d man: merge several settings about netdev 2021-06-10 04:46:40 +09:00
Peter Morrow
dbb8b5bcf7 man: fix missing markdown & minor errors
In #19771 there were a few missing markdown tags a few style issue.

Signed-off-by: Peter Morrow <pemorrow@linux.microsoft.com>
2021-06-09 19:18:11 +01:00
Yu Watanabe
9e1432d5cc network: introduce IPv6StableSecretAddress= setting
Previously, IPv6LinkLocalAddressGenerationMode= is not set, then we
define the address generation mode based on the result of reading
stable_secret sysctl value. This makes the mode is determined by whether
a secret address is specified in the new setting.

Closes #19622.
2021-06-09 04:56:48 +09:00
Srinidhi Kaushik
7f7a50dd15 tmpfiles: extend "Age" to accept an "age-by" argument
For "systemd-tmpfiles --cleanup", when the "Age" parameter
is specified, the criteria for deletion is determined from
the path's last modification timestamp ("mtime"), its last
access timestamp ("atime") and its last status change
timestamp ("ctime").

For instance, if one of those paths to be cleaned up are
opened, it results in the modification of "atime", which
results file system entry to not be removed because the
default aging algorithm would skip the entry.

Add an optional "age-by" argument by extending the "Age"
parameter to restrict the clean-up for a particular type
of file timestamp, which can be specified in "tmpfiles.d"
as follows:

  [age-by:]cleanup-age, where age-by is "[abcmACBM]+"

For example:

  d /foo/bar - - - abM:1m -

Would clean-up any files that were not accessed and created,
or directories that were not modified less than a minute ago
in "/foo/bar".

Fixes: #17002
2021-06-08 18:24:58 +02:00
Lennart Poettering
66973219c0
Merge pull request #19166 from bluca/coredump_compress_on_the_fly
coredump: compress on the fly
2021-06-08 18:24:34 +02:00
Yu Watanabe
c50404aecc udev: make WakeOnLan= take multiple features
WAKE_XXX are flag, not enum.
2021-06-08 18:24:11 +02:00
Allen Webb
c46c323385 tmpfiles: add '=' action modifier.
Add the '=' action modifier that instructs tmpfiles.d to check the file
type of a path and remove objects that do not match before trying to
open or create the path.

BUG=chromium:1186405
TEST=./test/test-systemd-tmpfiles.py "$(which systemd-tmpfiles)"

Change-Id: If807dc0db427393e9e0047aba640d0d114897c26
2021-06-08 17:23:26 +02:00
Peter Morrow
90a404f5d4 man: add details on overriding top level drop-ins
When using top level drop-ins it isn't immediately obvious that one can
make use of symlinking to disable a top-level drop in for a specific
unit.

Signed-off-by: Peter Morrow <pemorrow@linux.microsoft.com>
2021-06-08 17:03:03 +02:00
Luca Boccassi
587f2a5e56 coredump: check cgroups memory limit if storing on tmpfs
When /var/lib/systemd/coredump/ is backed by a tmpfs, all disk usage
will be accounted under the systemd-coredump process cgroup memory
limit.
If MemoryMax is set, this might cause systemd-coredump to be terminated
by the kernel oom handler when writing large uncompressed core files,
even if the compressed core would fit within the limits.

Detect if a tmpfs is used, and if so check MemoryMax from the process
and slice cgroups, and do not write uncompressed core files that are
greater than half the available memory. If the limit is breached,
stop writing and compress the written chunk immediately, then delete
the uncompressed chunk to free more memory, and resume compressing
directly from STDIN.

Example debug log when this situation happens:

systemd-coredump[737455]: Setting max_size to limit writes to 51344896 bytes.
systemd-coredump[737455]: ZSTD compression finished (51344896 -> 3260 bytes, 0.0%)
systemd-coredump[737455]: ZSTD compression finished (1022786048 -> 47245 bytes, 0.0%)
systemd-coredump[737455]: Process 737445 (a.out) of user 1000 dumped core.
2021-06-08 14:05:56 +01:00
Luca Boccassi
93ff34e44a core: add MemoryAvailable unit property
Try to infer the unused memory that a unit can claim before the
memory.max limit is reached, including any limit set on any parent
slice above the unit itself.
2021-06-08 14:05:56 +01:00
Zbigniew Jędrzejewski-Szmek
f75420a43a man: explain ConditionNeedsUpdate a bit more
We were effectively doing all post-upgrade scripts twice in Fedora. We got this
wrong, so it's likely other people will get it wrong too. So let's explain
what is actually needed to make this work, but also when it's not useful.
2021-06-08 10:47:11 +02:00
alexlzhu
9f40351f77
man: update docs on systemd-system.conf logging (LogTime=) (#19846)
Updating documentation for systemd to reflect that logging is done in the console.
2021-06-08 15:54:07 +09:00
Yu Watanabe
165d7c5c42 network: introduce UplinkInterface= setting for DHCP server 2021-06-08 06:33:27 +09:00
Lennart Poettering
d27e6aee50 udevadm: fix --tag-match help + description 2021-06-08 01:47:01 +09:00
Sebastian Blunt
2cbca51a71 Rename crypttab opt silent to password-echo
Use the option name 'password-echo' instead of the generic term
'silent'.

Make the option take an argument for better control over echoing
behavior.

Related discussion in https://github.com/systemd/systemd/pull/19619
2021-06-07 10:35:28 +02:00
adrian5
d0fd114929 man: fix typo 2021-06-03 22:10:36 +02:00
Lennart Poettering
49365d1c6d ask-password: make password echo fully configurable
This adds --visible=yes|no|asterisk which allow controlling the echo of
the password prompt in detail. The existing --echo switch is then made
an alias for --visible=yes (and a shortcut -e added for it too).
2021-06-03 11:16:48 +02:00
Lennart Poettering
17e7561a97 homectl: store FIDO2 up/uv/clientPin fields in user records too
This catches up homed's FIDO2 support with cryptsetup's: we'll now store
the uv/up/clientPin configuration at enrollment in the user record JSON
data, and use it when authenticating with it.

This also adds explicit "uv" support: we'll only allow it to happen when
the client explicity said it's OK. This is then used by clients to print
a nice message suggesting "uv" has to take place before retrying
allowing it this time. This is modelled after the existing handling for
"up".
2021-06-01 13:31:53 +02:00