Lennart Poettering
e624676dde
update TODO
2014-12-29 20:18:04 +01:00
Lennart Poettering
c00a4c8f55
Revert "machined: don't force terminate registered machines"
...
This reverts commit 206e7a5f7b
.
We actually want to allow shutting down containers that use
RegisterMachine() rather than CreateMachine() to register their own
unit. It should be safe to do so, since the primary usecase for
RegisterMachine() are container managers that run only a single
container within their own unit, such as systemd-nspawn.
2014-12-29 20:13:58 +01:00
Lennart Poettering
e5f5b5b9c9
machined: ignore spurious error
2014-12-29 19:08:50 +01:00
Lennart Poettering
814a3fdfdc
nspawn: report back to systemd only very late whether we are OK
...
That way, systemd can actually figure out if everything is OK with
nspawn.
2014-12-29 17:54:33 +01:00
Lennart Poettering
f252d3fb2b
preset: enable machines.target by default
2014-12-29 17:36:57 +01:00
Lennart Poettering
8ede9794fd
Update TODO
2014-12-29 17:00:05 +01:00
Lennart Poettering
d8f52ed25a
machinectl: add "enable" and "disable" verbs for enabling/disabling systemd-nspawn for containers
...
This is basically just a shortcut for "systemctl enable
systemd-nspawn@<foobar>.service", but does escaping.
2014-12-29 17:00:05 +01:00
Lennart Poettering
ebd011d95b
machinectl: add new "start" verb to start a container as a service in nspawn
2014-12-29 17:00:05 +01:00
Lennart Poettering
6a140df004
units: rework systemd-nspawn@.service unit
...
- Unescape instance name so that we can take almost anything as instance
name.
- Introduce "machines.target" which consists of all enabled nspawns and
can be used to start/stop them altogether
- Look for container directory using -M instead of harcoding the path in
/var/lib/container
2014-12-29 17:00:05 +01:00
Lennart Poettering
8fa844dccf
units: make graphical.target dependencies more complete and similar to those of multi-user.target
2014-12-29 17:00:05 +01:00
David Herrmann
679bda6a73
bus-proxy: fix sd_bus_reply_*() usage
...
We *must* not use sd_bus_reply_*() as it does not set the sender field
correctly. Use the synthetic_reply_*() helpers instead!
2014-12-29 15:43:57 +01:00
David Herrmann
80b4378314
capability: use /proc/sys/kernel/cap_last_cap
...
This file was introduced with linux-3.2, use it instead of probing for it
via prctl(PR_CAPBSET_READ).
For now, keep the old code for backwards compat. We can drop it once 3.2
is our lowest requirement.
The test-cap-list code is extended to verify cap_last_cap() is the same as
we'd get via prctl probing and /proc.
2014-12-29 14:05:38 +01:00
Tom Gundersen
2f0af4e120
core: loopback - correctly fail the loopback_check if somehow the rtnl calls fail
2014-12-29 13:07:03 +01:00
David Herrmann
315a73d97f
bus: fix typo
...
Drop spurious 'we'.
2014-12-29 12:55:28 +01:00
Tom Gundersen
09773ef446
rtnl: recv_message - don't enforce sender uid
...
All we care about is that the kernel (pid==0) sent the message. Verifying the sender uid
seems to break when using userns.
Reported by Stéphane Graber.
2014-12-29 02:20:04 +01:00
Tom Gundersen
2da780b976
test: loopback - parse logging env var
2014-12-29 01:59:49 +01:00
Tom Gundersen
b551ddd380
sd-rtnl: rtnl_call - don't dispatch wqueue after timeout has passed
...
Only a minor change as the timeout would be hit soon thereafetr at the next loop.
2014-12-29 01:59:49 +01:00
Tom Gundersen
f55dc7c96e
sd-rtnl: rtnl_poll - fix typo
...
This caused rtnl_poll to always return true immediately in sd_rtnl_call().
2014-12-29 01:59:49 +01:00
Tom Gundersen
c7460cce79
sd-rtnl: recv_message - drop message when peeking fails
...
Read the message form the socket or we will loop trying to read the
same message repeatedly.
2014-12-29 01:59:49 +01:00
Tom Gundersen
0b2bbbdf2f
sd-rtnl: recv_message - don't fail on interrupt
...
We should just try again instead.
2014-12-29 01:59:49 +01:00
Tom Gundersen
2263bb9a92
sd-rtnl: recv_message - log when dropping message
...
We drop messages received from the wrong uid/pid, log this at debug level.
2014-12-29 00:19:36 +01:00
Tom Gundersen
e95e909d82
core: loopback - simplify check_loopback()
...
We no longer configure the addresses on the loopback interface, but simply bring it up
and let the kernel do the rest. Also change the check to only check if the interface
is up, rather than checking for the IPv4 loopback address.
2014-12-28 15:58:27 +01:00
Sylvain Plantefève
94b5088c8d
machined: Fix MarkReadOnly method's name on bus
2014-12-28 13:05:08 +01:00
Sylvain Plantefève
1517ab5d18
libsystemd: Fix minor typo in comment
2014-12-28 13:04:46 +01:00
Lennart Poettering
1ddb263d21
machined: don't look for images on each property get, but cache the image object inbetween
2014-12-28 02:44:37 +01:00
Lennart Poettering
3b9c7d955d
update TODO
2014-12-28 02:08:40 +01:00
Lennart Poettering
f02ca52281
util: treat -1 as special size in format_bytes()
2014-12-28 02:08:40 +01:00
Lennart Poettering
b6b1849830
machined: add support for reporting image size via btrfs quota
2014-12-28 02:08:40 +01:00
Lennart Poettering
814f000872
tmpfiles.d: upgrade a couple of directories we create at boot to subvolumes
...
In particular we upgrade /var/lib/container, /var/tmp and /tmp to
subvolumes.
2014-12-28 02:08:40 +01:00
Lennart Poettering
d7b8eec7dc
tmpfiles: add new line type 'v' for creating btrfs subvolumes
2014-12-28 02:08:40 +01:00
Lennart Poettering
ebd93cb684
machinectl/machined: implement "rename", "clone", "read-only" verbs for machine images
2014-12-28 02:08:40 +01:00
Lennart Poettering
086821244b
machined: add "machinectl remove" for removing images
2014-12-28 02:08:40 +01:00
Lennart Poettering
1b9cebf638
nspawn: use the same image discovery logic in nspawn as in machined
2014-12-28 02:08:40 +01:00
Lennart Poettering
003dffde2c
machined: Move image discovery logic into src/shared, so that we can make use of it from nspawn
2014-12-28 02:08:40 +01:00
Stéphane Graber
58a489c2b3
Fix check_loopback()
...
Add missing htonl() so that check_loopback() actually tests for 127.0.0.1
instead of 1.0.0.127 on little-endian machines.
2014-12-27 19:17:39 +01:00
Lennart Poettering
01c51934cb
loginctl: reindent --help text
2014-12-26 20:12:40 +01:00
Lennart Poettering
2520f939ba
loginctl: add more --help sections
2014-12-26 20:12:40 +01:00
Lennart Poettering
fefdc04b38
machinectl: add status commands
2014-12-26 20:12:40 +01:00
Lennart Poettering
27c88c4e23
machined: fix search patch magic for '.host' image
2014-12-26 20:05:11 +01:00
Lennart Poettering
08ff5529df
machined: make image read-only check indepenednt on own privs
2014-12-26 19:36:25 +01:00
Lennart Poettering
8937e7b689
machinectl: mark read-only images when listing in red
2014-12-26 19:33:15 +01:00
Lennart Poettering
679829e4aa
update TODO
2014-12-26 19:33:15 +01:00
Lennart Poettering
087682d103
import: make image root directory configurable, instead of hardcoding /var/lib/container
2014-12-26 19:33:15 +01:00
Lennart Poettering
5fc7f35842
machined: when discovering images, implicitly add ".host" as pseudo image referring to the host's own directory tree
2014-12-26 19:33:15 +01:00
Lennart Poettering
a67a4c8cb7
machined: fix image search path iteration
2014-12-26 19:33:15 +01:00
Lennart Poettering
42c6f2c9b2
machined: let's also check machine directories in /usr and /usr/local
2014-12-26 19:33:15 +01:00
Lennart Poettering
f0be89eee9
import: properly remove pre-existing images if --force is used
2014-12-26 19:33:15 +01:00
Lennart Poettering
8620a9a323
import: beef up gpt importer to optionally make writable copy of read-only vendor image
2014-12-26 19:21:58 +01:00
Lennart Poettering
e9d7333468
import: minor improvements to dkr importer
2014-12-26 19:21:58 +01:00
Lennart Poettering
2c39ea529b
util: always override crtime xattr
2014-12-26 19:21:58 +01:00