1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-07 01:27:11 +03:00
Commit Graph

1358 Commits

Author SHA1 Message Date
Lennart Poettering
c2c13f2df4 unit: turn off mount propagation for udevd
Keep mounts done by udev rules private to udevd. Also, document how
MountFlags= may be used for this.
2014-03-20 04:16:39 +01:00
Lennart Poettering
907afa0682 man: improve documentation of fs namespace related settings 2014-03-19 22:26:08 +01:00
Lennart Poettering
ce236b57be man: dcument sd_bus_negotiate_fds() and friends 2014-03-18 21:05:16 +01:00
Lennart Poettering
f1660f96f5 core: drop CAP_MKNOD when PrivateDevices= is set 2014-03-18 17:58:19 +01:00
Lennart Poettering
1dba654b27 machinectl: reimplement machinectl's "reboot" verb on top of "kill", and add new verb "poweroff"
There's really no point to send the reboot SIGINT from machinectl
directly, if machined can do that anyway. This saves code, and
makes machinectl network transparent for these verbs. And while we are
at it we can easily add a "poweroff" verb in addition to "reboot". Yay!
2014-03-18 04:48:26 +01:00
poma
f47c5c47d1 man: networkd - additional examples related to bridging 2014-03-17 21:35:28 +01:00
Lennart Poettering
bf34ab149f sd-login: add calls that retrieve credentials of peers connected to AF_UNIX peers
This is supposed to be an extension of SO_PEERCRED and SO_PEERSEC,
except for cgroup information.
2014-03-17 18:15:57 +01:00
Jason St. John
9029f64298 man: improve wording of systemctl's --after/--before
Commit 4a77ca7 was an attempt at fixing the wording of --after and --before,
but the new wording was unclear.

Split the combined --after/--before section into a separate section for
each, explicitly state what each option does, and add information about
how these lists are generated.

Reported-by: Andrey Borzenkov <arvidjaar@gmail.com>
Reported-by: Lennart Poettering <lennart@poettering.net>
2014-03-17 01:57:37 -04:00
Zbigniew Jędrzejewski-Szmek
8a8d55f2c1 journal-remote: implement inheriting http(s) sockets
Now --listen-http=-3 --listen-https=-4 can be used to spawn a µhttpd
server on those two ports, in http and https modes respectively.
As before, --listen-http=3 --listen-https=4 will launch µhttpd servers
on ports 3 and 4.
2014-03-17 01:55:48 -04:00
Zbigniew Jędrzejewski-Szmek
cc64d0175a journal-remote: HTTP(s) support
The whole tool is made dependent on µhttpd availability. It should be
easy to make the µhttpd parts conditional, but since transfer over
HTTP seems to be the primary use case, currently this is not done.

Current implementation uses nested epoll loops: sd-event is used for
the external event loop, and µhttpd uses epoll in its own
loop. Unfortunately µhttpd does not expose enough information to add
the descriptors it uses to the external event loop. This means that
starvation of other events is possible, if one of the inner µhttpd
loops is constantly busy. This means that µhttpd servers should not
be mixed with other sources.

The TLS authentication parts haven't been really tested properly, and
should not be take too seriously.
2014-03-17 01:55:48 -04:00
Zbigniew Jędrzejewski-Szmek
fdfccdbc98 journal-remote: tool to receive messages over the network 2014-03-17 01:55:48 -04:00
Lennart Poettering
1238ee09b7 systemctl: introduce -r switch to show units running in local containers in addition to the host 2014-03-17 04:00:44 +01:00
Sebastian Thorarensen
40b71e89ba journald: add support for wall forwarding
This will let journald forward logs as messages sent to all logged in
users (like wall).

Two options are added:
 * ForwardToWall (default yes)
 * MaxLevelWall (default emerg)
'ForwardToWall' is overridable by kernel command line option
'systemd.journald.forward_to_wall'.

This is used to emulate the traditional syslogd behaviour of sending
emergency messages to all logged in users.
2014-03-14 22:05:25 +01:00
Michael Marineau
cf9a4abdc2 tmpfiles: add --root option to operate on an alternate fs tree
This makes it possible to initialize or cleanup an arbitrary filesystem
hierarchy in the same way that it would be during system boot.
2014-03-14 09:31:34 -04:00
Zbigniew Jędrzejewski-Szmek
fe970a8a30 machine-id-setup: use path_kill_slashes and modernizations 2014-03-14 09:31:34 -04:00
Tom Gundersen
cb44f25c12 man: network - clarify which options may be specified more than once. 2014-03-14 13:04:57 +01:00
Greg KH
92f2f92edc machine-id: add --root option to operate on an alternate fs tree
This makes it possible to initialize the /etc/machine-id file on an
arbitrary filesystem hierarchy.  This helps systems that wish to run
this at image creation time in a subdirectory, or from initramfs before
pivot-root is called.

[tomegun: converted to using _cleanup_free_ macros]
2014-03-14 12:44:17 +01:00
Tom Gundersen
06f021a804 networkd: allow more than one static DNS server 2014-03-14 12:44:17 +01:00
Lennart Poettering
66cdd0f2d0 logind: automatically remove SysV + POSIX IPC objects when the users owning them fully log out 2014-03-14 01:49:44 +01:00
Lennart Poettering
8fcf784dff systemctl: when "systemctl status" is called without arguments show a short overall system state
Previously "systemctl status" without argument would print the status of
all loaded units. This has now been moved to "systemctl status -a".
2014-03-12 23:33:46 +01:00
Lennart Poettering
0d292f5e75 systemctl: add new "list-machines" command
"systemctl list-machines" shows one line per local container which
includes the current system state of the container, the number of failed
units as well as the number of currently queued jobs.
2014-03-12 21:16:45 +01:00
Lennart Poettering
1810e3dc62 man: improve nspawn's --user= documentation 2014-03-11 20:20:54 +01:00
Lennart Poettering
a6278b8830 bus: replace sd_bus_label_{escape,unescape}() by new sd_bus_path_{encode,decode}()
The new calls work similarly, but enforce a that a common, fixed bus
path prefix is used.

This follows discussions with Simon McVittie on IRC that it should be a
good idea to make sure that people don't use the escaping applied here
too wildly as anything other than the last label of a bus path.
2014-03-11 19:03:50 +01:00
Lennart Poettering
e41969e3d1 core: support globbing matches in DeviceAllow= when checking for device groups 2014-03-11 17:43:41 +01:00
Andrey Borzenkov
4a77ca700d man: fix description of systemctl --after/--before
It was backward - --after fetches After property, so units shown really
come *before* unit given as argument. Same for --before.
2014-03-11 05:29:43 +01:00
Lennart Poettering
252094eb05 man: multiple sleep modes are to be separated by whitespace, not commas
As pointed out by Jason A. Donenfeld.
2014-03-11 05:24:22 +01:00
Lennart Poettering
1b9e5b1263 nspawn: add --image= switch to boot GPT disk images that follow the Discoverable Partitions Specification 2014-03-10 20:35:52 +01:00
Lennart Poettering
79fbcd8869 man: fix formatting of uuids 2014-03-10 17:21:16 +01:00
poma
7abaad1ab0 man: fix example in systemd.link
'man/systemd.link.xml' recovery from:

commit eac684ef1c
Author: Tom Gundersen <teg@jklm.no>
Date:   Tue Feb 25 19:30:40 2014 +0100

    man: split out systemd.net{work,dev}(5) from systemd-networkd(8)
2014-03-09 18:22:18 +01:00
Lennart Poettering
fb255b31c5 man: reference the Discoverable Partitions Spec from the gpt-auto-generator man page 2014-03-07 18:50:43 +01:00
Zbigniew Jędrzejewski-Szmek
7d06ef0a5c man: add missing comma
marcosf0> missing comma in udevadm "see also" section
2014-03-07 00:17:18 -05:00
Zbigniew Jędrzejewski-Szmek
d86dd07d46 build-sys: update intructions for Makefile-man.am regeneration 2014-03-06 23:24:30 -05:00
Zbigniew Jędrzejewski-Szmek
effbc8e4f7 man: describe functions for appending to messages 2014-03-06 23:24:20 -05:00
Lennart Poettering
73b80ec2d9 gpt-auto-generator: automatically find the root disk of the system
When run in an initrd and no root= argument is set (or is set to
root=gpt-auto) we will automatically look for the root partition on the
same disk the EFI ESP is located on.

Since we look for swap, /home and /srv on the disk the root partition is
located on, we hence have a fully discoverable chain:

    Firmware discovers the EFI ESP partition → the initrd discovers the
    root partition → the host OS discovers swap, /home, and /srv.

Note that this requires an EFI boot loader that sets the
LoaderDevicePartUUID EFI variable, such as Gummiboot.
2014-03-07 04:31:26 +01:00
Zachary Cook
82ed60080d man: systemd-bootchart - fix spacing in command
Use the same formatting as the systemd-analyze man page, so that man shows a space.
2014-03-06 12:41:50 -08:00
Zbigniew Jędrzejewski-Szmek
27d14fb331 man: update link to LSB
https://bugzilla.redhat.com/show_bug.cgi?id=1073402
2014-03-06 08:11:14 -05:00
Lennart Poettering
9788205f45 man: bring gpt-auto-generator up to date 2014-03-06 05:04:51 +01:00
Umut Tezduyar Lindskog
848e3e24b0 man: ipv4 link-local 2014-03-05 21:46:31 +01:00
Lennart Poettering
4de33e7f32 systemd-run: make sure --nice=, --uid=, --gid=, --setenv= also work in --scope mode 2014-03-05 19:03:10 +01:00
Lennart Poettering
981ee55194 man: document missing options of systemd-run 2014-03-05 03:37:48 +01:00
Lennart Poettering
df31a6c0fe systemd-run: add new --property= switch that can set arbitrary properties for the unit that is created
The code for parsing these properties is shared with "systemctl
set-property", which means all the resource control settings are
immediately available.
2014-03-05 03:36:22 +01:00
Lennart Poettering
1c231f5648 logind: make $XDG_RUNTIME_DIR a per-user tmpfs
This way each user allocates from his own pool, with its own size limit.

This puts the size limit by default to 10% of the physical RAM size but
makes it configurable in logind.conf.
2014-03-04 20:02:50 +01:00
Umut Tezduyar Lindskog
2149158578 man: networkd - fix typo 2014-03-04 10:51:42 +01:00
Lennart Poettering
6a79c58603 logind: ignore lid switch if more than 1 display is connected
Previously we expected the desktop environment to take an inhibitor
lock, but this opened a race on boot-up where logind might already be
running but no DE is active.

Hence, let's move checking for additional displays into logind. This
also opens up this logic for other DEs, given that only GNOME
implemented the inhibitor logic so far.
2014-03-03 19:32:43 +01:00
Tom Gundersen
ae833394d6 man: networkd - mention resolv.conf symlink 2014-03-03 18:25:55 +01:00
Lennart Poettering
e66cf1a3f9 core: introduce new RuntimeDirectory= and RuntimeDirectoryMode= unit settings
As discussed on the ML these are useful to manage runtime directories
below /run for services.
2014-03-03 17:55:32 +01:00
Zbigniew Jędrzejewski-Szmek
1ae383a8a3 Use /var/run/dbus/system_bus_socket for the D-Bus socket 2014-02-25 21:26:42 -05:00
Lennart Poettering
df1e020461 Revert back to /var/run at a couple of problems
This partially reverts 41a55c46ab

Some specifications we want to stay compatibility actually document
/var/run, not /run, and we should stay compatible with that. In order to
make sure our D-Bus implementation works on any system, regardless if
running systemd or not, we should always use /var/run which is the
only path mandated by the D-Bus spec.

Similar, glibc hardcodes the utmp location to /var/run, and this is
exposed in _UTMP_PATH in limits.h, hence let's stay in sync with this
public API, too.

We simply do not support systems where /var/run is not a symlink → /run.
Hence both are equivalent. Staying compatible with upstream
specifications hence weighs more than cleaning up superficial
appearance.
2014-02-26 02:47:43 +01:00
Zbigniew Jędrzejewski-Szmek
41a55c46ab Replace /var/run with /run in remaining places
/run was already used almost everywhere, fix the remaining places
for consistency.
2014-02-25 20:41:24 -05:00
Lennart Poettering
f513e420c8 exec: imply NoNewPriviliges= only when seccomp filters are used in user mode 2014-02-26 02:28:52 +01:00