1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-31 21:18:09 +03:00
Commit Graph

24850 Commits

Author SHA1 Message Date
Daniel Mack
50f48ad37a cgroup: remove support for NetClass= directive
Support for net_cls.class_id through the NetClass= configuration directive
has been added in v227 in preparation for a per-unit packet filter mechanism.
However, it turns out the kernel people have decided to deprecate the net_cls
and net_prio controllers in v2. Tejun provides a comprehensive justification
for this in his commit, which has landed during the merge window for kernel
v4.5:

  https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=bd1060a1d671

As we're aiming for full support for the v2 cgroup hierarchy, we can no
longer support this feature. Userspace tool such as nftables are moving over
to setting rules that are specific to the full cgroup path of a task, which
obsoletes these controllers anyway.

This commit removes support for tweaking details in the net_cls controller,
but keeps the NetClass= directive around for legacy compatibility reasons.
2016-02-10 16:38:56 +01:00
Lennart Poettering
a7c723c0c0 update NEWS 2016-02-10 16:34:11 +01:00
Lennart Poettering
89beff89ed core: treat JobTimeout=0 as equivalent to JobTimeout=infinity
Corrects an incompatibility introduced with 36c16a7cdd.

Fixes: #2537
2016-02-10 16:09:24 +01:00
Lennart Poettering
aad41f0814 core: simplify how we parse TimeoutSec=, TimeoutStartSec= and TimeoutStopSec=
Let's make things more obvious by placing the parse_usec() invocation directly in config_parse_service_timeout().
2016-02-10 16:09:24 +01:00
Lennart Poettering
2f1a7412b2 update TODO 2016-02-10 16:09:24 +01:00
Lennart Poettering
888e378da2 coredump: dump priviliges when processing system coredumps
Let's add an extra-safety net and change UID/GID to the "systemd-coredump" user when processing coredumps from system
user. For coredumps of normal users we keep the current logic of processing the coredumps from the user id the coredump
was created under.

Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=87354
2016-02-10 16:09:24 +01:00
Lennart Poettering
15a900327a core: set RLIMIT_CORE to unlimited by default
The kernel sets RLIMIT_CORE to 0 by default. Let's bump this to unlimited by
default (for systemd itself and all processes we fork off), so that the
coredump hooks have an effect if they honour it.

Bumping RLIMIT_CORE of course would have the effect that "core" files will end
up on the system at various places, if no coredump hook is used. To avoid this,
make sure PID1 sets the core pattern to the empty string by default, so that
this logic is disabled.

This change in defaults should be useful for all systems where coredump hooks
are used, as it allows useful usage of RLIMIT_CORE from these hooks again. OTOH
systems that expect that coredumps are placed under the name "core" in the
current directory will break with this change. Given how questionnable this
behaviour is, and given that no common distro makes use of this by default it
shouldn't be too much of a loss. Also, the old behaviour may be restored by
explicitly configuring a "core_pattern" of "core", and setting the default
system RLIMIT_CORE to 0 again via system.conf.
2016-02-10 16:09:20 +01:00
Lennart Poettering
bdfd7b2c63 coredump: honour RLIMIT_CORE when saving/processing coredumps
With this change processing/saving of coredumps takes the RLIMIT_CORE resource limit of the crashing process into
account, given the user control whether specific processes shall core dump or not, and how large to make the core dump.

Note that this effectively disables core-dumping for now, as RLIMIT_CORE defaults to 0 (i.e. is disabled) for all
system processes.
2016-02-10 16:08:32 +01:00
Lennart Poettering
3c171f0b1e coredump: rework coredumping logic
This reworks the coredumping logic so that the coredump handler invoked from the kernel only collects runtime data
about the crashed process, and then submits it for processing to a socket-activate coredump service, which extracts a
stacktrace and writes the coredump to disk.

This has a number of benefits: the disk IO and stack trace generation may take a substantial amount of resources, and
hence should better be managed by PID 1, so that resource management applies. This patch uses RuntimeMaxSec=, Nice=, OOMScoreAdjust=
and various sandboxing settings to ensure that the coredump handler doesn't take away unbounded resources from normally
priorized processes.

This logic is also nice since this makes sure the coredump processing and storage is delayed correctly until
/var/systemd/coredump is mounted and writable.

Fixes: #2286
2016-02-10 16:08:32 +01:00
Lennart Poettering
eef0a274e6 activate: add a new switch --inetd to enable inetd-style socket activation
Previously, using --accept would enable inetd-style socket activation in addition to per-connection operation. This is
now split into two switches: --accept only switches between per-connection or single-instance operation. --inetd
switches between inetd-style or new-style fd passing.

This breaks the interface of the tool, but given that it is a debugging tool shipped in /usr/lib/systemd/ it's not
really a public interface.

This change allows testing new-style per-connection daemons.
2016-02-10 14:32:27 +01:00
Lennart Poettering
08719b64e4 activate: minor fixes 2016-02-10 14:32:27 +01:00
Lennart Poettering
d31e430f14 activate: add new --seqpacket switch for testing SOCK_SEQPACKET sockets 2016-02-10 14:32:27 +01:00
Lennart Poettering
e53c6e4a2b resolved: include inttypes.h in resolved-def.h given that we use UINT64_C 2016-02-10 14:32:27 +01:00
Lennart Poettering
f50cd2b2f5 build-sys: move coredump logic into subdir of its own 2016-02-10 14:32:27 +01:00
Martin Pitt
16a798deb3 Merge pull request #2569 from zonque/removals
Remove some old cruft
2016-02-10 14:01:46 +01:00
Daniel Mack
3256faea2d Merge pull request #2571 from martinpitt/master
NEWS: Various clarification and grammar fixes
2016-02-10 13:57:37 +01:00
Martin Pitt
b9e17d31de Merge pull request #2570 from zonque/build
configure.ac: Fix help text of --enable-* options
2016-02-10 13:55:28 +01:00
Daniel Mack
ccbd697b73 configure.ac: Fix help text of --enable-* options
Fixes #2567
2016-02-10 13:51:58 +01:00
Martin Pitt
8968aea0fb NEWS: Various clarification and grammar fixes 2016-02-10 13:51:10 +01:00
Daniel Mack
b26fa1a2fb tree-wide: remove Emacs lines from all files
This should be handled fine now by .dir-locals.el, so need to carry that
stuff in every file.
2016-02-10 13:41:57 +01:00
Daniel Mack
978d665086 Merge pull request #2564 from poettering/fix-2467
Fix for #2467
2016-02-10 13:39:48 +01:00
Daniel Mack
684d3dabef Makefile.am: remove some relicts 2016-02-10 13:27:24 +01:00
Lennart Poettering
04a1d84cef util-lib: make sure usec_sub() doesn't degrade USEC_INFINITY
As suggested in: https://github.com/systemd/systemd/pull/2542#issuecomment-181877820
2016-02-10 13:26:56 +01:00
Lennart Poettering
6bf0f408e4 core: make the StartLimitXYZ= settings generic and apply to any kind of unit, not just services
This moves the StartLimitBurst=, StartLimitInterval=, StartLimitAction=, RebootArgument= from the [Service] section
into the [Unit] section of unit files, and thus support it in all unit types, not just in services.

This way we can enforce the start limit much earlier, in particular before testing the unit conditions, so that
repeated start-up failure due to failed conditions is also considered for the start limit logic.

For compatibility the four options may also be configured in the [Service] section still, but we only document them in
their new section [Unit].

This also renamed the socket unit failure code "service-failed-permanent" into "service-start-limit-hit" to express
more clearly what it is about, after all it's only triggered through the start limit being hit.

Finally, the code in busname_trigger_notify() and socket_trigger_notify() is altered to become more alike.

Fixes: #2467
2016-02-10 13:26:56 +01:00
Daniel Mack
42caedb2aa Merge pull request #2568 from poettering/prepare-229
edit config updates, and a new NEWS file
2016-02-10 13:23:23 +01:00
Lennart Poettering
010f81ea64 Merge pull request #2563 from 0xAX/timespec_load_nsec-static
time-util: make timespec_load_nsec() static
2016-02-10 13:16:38 +01:00
Alexander Kuleshov
aaea9db80c time-util: make timespec_load_nsec() static
The timespec_load_nsec() function has no callers outside of the
time-util.c, so we can make it static.
2016-02-10 17:46:52 +06:00
Lennart Poettering
d5f8b2952a NEWS: start putting together a NEWS file for 229
Totally incomplete, but let's get this started.
2016-02-10 12:29:38 +01:00
Lennart Poettering
2eb169bd02 editors: only extend line width to 119 for C and XML files
For all other files leave the line width at 79 as before. This is a good idea
since we generally don't want text files such as catalog files, unit files or
README/NEWS files to be line-broken at 119 since they are regularly browsed on
text terminals.

While we are at it, also add a couple of comments to the various files.

(Note that .editorconfig doesn't carry line-width information, simply because
the specification doesn't know the concept.)
2016-02-10 12:29:32 +01:00
Zbigniew Jędrzejewski-Szmek
9c6d5a179e Merge pull request #2565 from poettering/fix-2315 2016-02-09 19:13:15 -05:00
Lennart Poettering
b21d2f8117 core: clarify which unit file is masked in error message
After all, the masked unit file error might be returned when enqueuing a unit that is not masked but requires a masked
unit. In this case it should really be clear which unit is meant here.
2016-02-09 20:47:45 +01:00
Lennart Poettering
a0956ed01f man: link resolved bus API documentation from its man page
This is similar how we already do it for logind or machined.
2016-02-09 20:39:43 +01:00
Lennart Poettering
8222cf9145 units: downgrade dependency on /tmp in basic.target to Wants=
Now that requiring of a masked unit results in failure again, downgrade the dependency on /tmp to Wants= again, so that
our suggested way to disable /tmp-on-tmpfs by masking doesn't result in a failing boot.

References: #2315
2016-02-09 20:34:27 +01:00
Lennart Poettering
114400dfb3 core: change internal error code for masked units from EBADR to ESHUTDOWN
This commit changes the mapping of the BUS_ERROR_UNIT_MASKED error to ESHUTDOWN. This error is used whenever the
transaction engine is asked to operate on a masked unit. ESHUTDOWN is what is used for the similar case when the unit
file enable/disable logic hits a masked unit file, hence is a natural candidate to be used here too.

Background: before this patch both "job type not applicable" and "unit masked" where mapped to EBADR, which
transaction_add_job_and_dependencies() then checked for. It actually wanted to check exclusively for the former error
condition, not the latter but due to the same mapping this failed to work.

This patch semi-undoes an accidental change made in caffa4ef70, however restores the
error number to ESHUTDOWN instead of the original ENOSYS (for the reasons indicated above).

To make this easier to grok for the future, I added comments to explaining which error conditions are checked for.

Fixes: #2315
2016-02-09 20:28:58 +01:00
Lennart Poettering
bae687d885 Merge pull request #2561 from msekletar/virtio-blk-by-path
path_id: reintroduce by-path links for virtio block devices
2016-02-09 14:15:03 +01:00
Lennart Poettering
547725df89 Merge pull request #2559 from chaloulo/drop_monotonicity_check_from_journal_file
journal: Drop monotonicity check when appending to journal file
2016-02-09 13:52:28 +01:00
Lennart Poettering
68fd2e5015 Merge pull request #2557 from whot/hwdb-updates
hwdb: add Dell Lattitude E6320 pointing stick speed fix
2016-02-09 13:50:18 +01:00
Michal Sekletar
f073b1b3c0 path_id: reintroduce by-path links for virtio block devices
Enumeration of virtio buses is global and hence
non-deterministic. However, we are guaranteed there is never going to be
more than one virtio bus per parent PCI device. While populating
ID_PATH we simply skip virtio part of the syspath and we extend the path
using the sysname of the parent PCI device.

With this patch udev creates following by-path links for virtio-blk
device /dev/vda which contains two partitions.

ls -l /dev/disk/by-path/
total 0
lrwxrwxrwx 1 root root  9 Feb  9 10:47 virtio-pci-0000:00:05.0 -> ../../vda
lrwxrwxrwx 1 root root 10 Feb  9 10:47 virtio-pci-0000:00:05.0-part1 -> ../../vda1
lrwxrwxrwx 1 root root 10 Feb  9 10:47 virtio-pci-0000:00:05.0-part2 -> ../../vda2

See:
http://lists.linuxfoundation.org/pipermail/virtualization/2015-August/030328.html

Fixes #2501
2016-02-09 12:25:42 +01:00
Klearchos Chaloulos
ecb6105a1b journal: Drop monotonicity check when appending to journal file
Remove the check that triggers rotation of the journal file when the arriving log entry had a monotonic timestamp smaller that the previous log entry. This check causes unnecessary rotations when journal-remote was receiving from multiple senders, therefore monotonicity can not be guaranteed. Also, it does not offer any useful functionality for systemd-journald.
2016-02-09 12:14:54 +02:00
Peter Hutterer
d68c7dea38 hwdb: add Dell Lattitude E6320 pointing stick speed fix
https://bugzilla.redhat.com/show_bug.cgi?id=1200717
2016-02-09 17:42:55 +10:00
Lennart Poettering
70b65964d7 Merge pull request #2542 from 0xAX/get_ts_delta
time-util: cleanups
2016-02-09 00:23:47 +01:00
Lennart Poettering
41c24512cc Merge pull request #2547 from 0xAX/generalize-format-timestamp-internal
time-util: merge format_timestamp_internal() and format_timestamp_int…
2016-02-08 21:26:39 +01:00
Alexander Kuleshov
5d634ca8ce time-util: introduce usec_sub()
The dual_timestamp_from_realtime(), dual_timestamp_from_monotonic()
and dual_timestamp_from_boottime_or_monotonic() shares the same
code for comparison given ts with delta. Let's move it to the
separate inline function to prevent code duplication.
2016-02-09 01:15:17 +06:00
Alexander Kuleshov
0056086af6 time-util: merge format_timestamp_internal() and format_timestamp_internal_us()
The time_util.c provides format_timestamp_internal() and
format_timestamp_internal_us() functions for a timestamp formating. Both
functions are very similar and differ only in formats handling.

We can add additional boolean parameter to the format_timestamp_internal()
function which will represent is a format for us timestamp or not.
This allows us to get rid of format_timestamp_internal_us() that is prevent
code duplication.

We can remove format_timestamp_internal_us() safely, because it is static and
has no users outside of the time_util.c. New fourth parameter will be passed
inside of the format_timestamp(), format_timestamp_us() and etc, functions,
but the public API is not changed.
2016-02-09 00:15:40 +06:00
Lennart Poettering
9e7454e0e2 Merge pull request #2535 from PhillipSz/remove-exit-0
test: remove exit 0 at the end
2016-02-08 17:27:18 +01:00
Lennart Poettering
b89f8b2d44 Merge pull request #2533 from keszybz/read-only-seed
random-seed: provide nicer error message when unable to open file
2016-02-08 16:31:09 +01:00
Lennart Poettering
209b49ddb2 Merge pull request #2549 from rhatdan/journalctl
Journalctl command completion should show machines
2016-02-08 16:27:33 +01:00
Lennart Poettering
ab80ea105a Merge pull request #2550 from evverx/fix-457
tests: fix #457
2016-02-08 16:26:17 +01:00
Dan Walsh
2720e0c0f0 Journalctl command completion should show machines 2016-02-08 07:22:34 -05:00
Lennart Poettering
14f4532026 Merge pull request #2543 from keszybz/build-sys-and-man-fixes
Build sys and man fixes
2016-02-08 12:52:39 +01:00