1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 06:25:37 +03:00
Commit Graph

6956 Commits

Author SHA1 Message Date
Benjamin Franzke
b47013fd77 man/nspawn: fix boot-option related wording 2022-05-30 20:21:27 +02:00
Javkhlanbayar Khongorzul
01ae74c8c7 man: Fix minor typo 2022-05-28 18:38:47 +09:00
Nick Rosbrook
60f0ba7556 sd-hwdb: add sd_hwdb_new_from_path
The existing sd_hwdb_new function always initializes the hwdb from the
first successful hwdb.bin it finds from hwdb_bin_paths. This means there
is currently no way to initialize a hwdb from an explicit path, which
would be useful for systemd-hwdb query.

Add sd_hwdb_new_from_path to allow a sd_hwdb to be initialized from a
custom path outside of hwdb_bin_paths.
2022-05-27 09:40:54 -04:00
Luca Boccassi
d20110b459
Merge pull request #23521 from keszybz/some-docs
Some docs
2022-05-27 11:42:01 +01:00
Eduard Tolosa
815068d3a3 loader.conf: Clarify the default value of timeout. 2022-05-27 06:48:18 +09:00
Zbigniew Jędrzejewski-Szmek
b72308d344 man/homectl: adjust man page to match code
Fixes #22966. Since there are competing conventions, let's not
change our code, but make the docs match what is implemented.
2022-05-26 14:29:50 +02:00
Zbigniew Jędrzejewski-Szmek
8f24777156 man/sd-bus: discuss negative-return values and add example
Fixes #22816.
2022-05-26 14:29:50 +02:00
Zbigniew Jędrzejewski-Szmek
5ee38adea4 man/shutdown: explain -h more
Fixes #23401
2022-05-26 14:29:50 +02:00
Zbigniew Jędrzejewski-Szmek
223a359f21 man/automount: say that automounts should not be nested
Fixes #21832.
2022-05-26 14:29:50 +02:00
Zbigniew Jędrzejewski-Szmek
93dbc22a95 man/systemd.automount: move the main description up and clarify deps 2022-05-26 14:29:50 +02:00
Zbigniew Jędrzejewski-Szmek
19cb82799e man: do not say "additional symlinks" for mount/automount aliases
"additional" implies that the unit itself is a symlink, which it is not.
Also "link to the mount unit", not "link to the mount".
2022-05-26 14:23:47 +02:00
Zbigniew Jędrzejewski-Szmek
a6e334649d systemctl: make show/status honour --state and --type
This makes the interface more flexible, by allowing the same filtering
for show and status as is done for list-units.

Fixes #23207.
2022-05-26 10:37:35 +09:00
Rahil Bhimjiani
97e7d4945d [sd-boot] improve documentation of beep 2022-05-25 14:20:14 +02:00
Zbigniew Jędrzejewski-Szmek
2f9b7186e3
Merge pull request #23414 from keszybz/analyze-vercmp
systemd-analyze compare-versions
2022-05-23 09:14:51 +02:00
Luca Boccassi
ebd4571e31
Merge pull request #22550 from medhefgo/boot-mixed
boot: EFI mixed mode support
2022-05-21 22:38:56 +01:00
Jan Janssen
6e9165397f bootctl: Add EFI arch detection support 2022-05-21 15:11:13 +01:00
Benjamin Franzke
a8c03388f8 tree-wide: Update homepage to systemd.io 2022-05-21 14:33:24 +02:00
Benjamin Franzke
92897d768d tree-wide: replace obsolete wiki links with systemd.io/manpages
All wiki pages that contain a deprecation banner
pointing to systemd.io or manpages are updated to
point to their replacements directly.

Helpful command for identification of available links:
git grep freedesktop.org/wiki | \
    sed "s#.*\(https://www.freedesktop.org/wiki[^ $<'\\\")]*\)\(.*\)#\\1#" | \
    sort | uniq
2022-05-21 14:29:14 +02:00
Benjamin Franzke
a25d9395ad tree-wide: streamline wiki links
* Avoid traling slash as most links are defined without.
* Always use https:// protocol and www. subdomain

Allows for easier tree-wide linkvalidation
for our migration to systemd.io.
2022-05-21 14:28:03 +02:00
Zbigniew Jędrzejewski-Szmek
bc012a3e91 analyze: add compare-versions
The interface, output, and exit status convention are all taken directly from
rpmdev-vercmp and dpkg --compare-versions. The implementation is different
though. See test-string-util for a list of known cases where we compare
strings incompatibly.

The idea is that this string comparison function will be declared as "the"
method to use for boot entry ordering in the specification and similar
uses. Thus it's nice to allow users to compare strings.
2022-05-19 09:07:34 +02:00
Zbigniew Jędrzejewski-Szmek
f2f40edcb9 man: fix typo 2022-05-16 14:54:43 +02:00
Zbigniew Jędrzejewski-Szmek
7353de27b7 man,mkosi: fedora 36 has been released 2022-05-13 02:34:07 +09:00
Luca Boccassi
0cfb00d9da man: improve VtableExample
The methods published by the example have a reply in the signature, but
the code was not sending any, so the client gets stuck waiting for a
response that doesn't arrive. Echo back the input string.

Update the object path to follow what would be the canonical format.

Request a service name on the bus, so that the code can be dropped in a
service and it can be dbus-activatable. It also makes it easier to see
on busctl list.
2022-05-11 19:12:24 +01:00
Kazuo Moriwaka
4da5e566e7
man: mention to Age parameter in C Type 2022-05-11 15:08:34 +09:00
Kazuo Moriwaka
6f310287db
add missing cleanup-age to quickref 2022-05-10 17:41:21 +09:00
Frantisek Sumsal
624f685fe8 core: annotate Reexecute() as NoReply
So we're able to tell from the introspection data that the method
doesn't reply.
2022-05-10 14:16:11 +09:00
Yu Watanabe
3c60643848 man: fix typo 2022-05-07 15:17:56 +09:00
Yu Watanabe
87d3b4ef3b
Merge pull request #23292 from alexhenrie/dhcpv6
network: clarify relationship between RA flags and DHCPv6 modes
2022-05-07 11:42:45 +09:00
Alex Henrie
6e40d0e458 network: clarify the relationship between DHCP= and WithoutRA=
Just setting DHCP=ipv6 is not enough to get DHCPv6 working without RA.
The WithoutRA option must also be changed from its default of "no".
2022-05-06 14:01:53 -06:00
Alex Henrie
0bcc6557fb network: clarify the relationship between RA flags and DHCPv6 modes
In the documentation, using the term "managed" for both the RA flag and
the DHCPv6 mode is confusing because the mode is referred to as
"solicit" both in the official DHCPv6 documentation (see RFC 8415) and
in the WithoutRA option.

Furthermore, calling the other RA flag "other information" or "other
address configuration" is confusing because its official name is simply
"other configuration" (see RFC 4861 and RFC 5175) and it isn't used to
assign IP addresses.

Rewrite the documentation for DHCPv6Client and WithoutRA to make it
clear that getting the "managed" RA flag triggers the same kind of DHCP
request as WithoutRA=solicit, whereas getting the "other configuration"
RA flag triggers the same kind of DHCP request as
WithoutRA=information-request.
2022-05-06 14:01:53 -06:00
Yu Watanabe
af2ff171e0
Merge pull request #23272 from keszybz/logind-man-and-rules
Logind man and rules
2022-05-07 04:23:02 +09:00
Jakob Lell
14736ab6ff Amend documentation for LimitNPROC= 2022-05-05 18:04:54 +02:00
Zbigniew Jędrzejewski-Szmek
14e6e444dd bootctl: add --quiet
It's useful for installation scripts and suchlike.
Raised in https://bugzilla.redhat.com/show_bug.cgi?id=2079784#c9.
2022-05-05 12:30:06 +02:00
Zbigniew Jędrzejewski-Szmek
18eb56c3c0 bootctl: support --graceful in is-installed 2022-05-05 12:30:06 +02:00
Zbigniew Jędrzejewski-Szmek
e4239a34d7 man: deduplicate dbus versioning ref 2022-05-05 11:48:22 +02:00
Zbigniew Jędrzejewski-Szmek
01942823ae man: beef up o.fd.login1 page a bit and recommend busctl too
gdbus is an external program, so it makes sense to recommend busctl.
2022-05-05 11:48:22 +02:00
Jan Janssen
14056a52c6 meson: Use meson test suite feature
This makes it easier to only test a subset of tests without having
to specify them all on the command line:
    meson test -C build --suite headers
2022-05-04 16:11:34 +02:00
Yu Watanabe
c322cfafba man/networkctl: mention initialized state
Closes #23262.
2022-05-04 14:44:13 +01:00
Zbigniew Jędrzejewski-Szmek
c1e0dc9c88 systemctl: stop saying "vendor preset"
We have vendor presets, and local admin presets, and runtime presets
(under /usr/lib, /usr/local/lib and /etc, /run, respectively). When we
display preset state, it can be configured in any of those places, so
we shouldn't say anything about the origin.

(Another nice advantage is that it improves alignment:

[root@f36 ~]# systemctl list-unit-files multipathd.service
UNIT FILE          STATE   VENDOR PRESET
multipathd.service enabled enabled

^ this looks we have a "PRESET" column that is empty.)
2022-05-04 09:10:50 +02:00
Lennart Poettering
ba4b74cbc7 man: document that systemd-fstab-generator actually cares about roothash=/usrhash= on the kernel cmdline
It doesn't really care about the hash value passed (which is processed
by systemd-veritysetup-generator), but it does care about the fact that
it is set (and mounts the DM nodes /dev/mapper/usr + /dev/mapper/root in
that case).
2022-05-02 20:49:16 +01:00
Lennart Poettering
4791083bce man: correct a major missed opportunity
I don't know why this didn't occur to me earlier, but of course, it
*has* to be this data.

(This replaces some German prose about Berlin, that i guess only very
few people will get. With the new blob I think we have a much broader
chance of delivering smiles.)
2022-05-02 17:58:51 +02:00
Daan De Meyer
ef2c966acc docs: Clarify where options are read from
Let's merge the footnote with the overall explanation of where systemd
parses its options from and reword the section a bit to hopefully make
things a bit more clear.
2022-05-02 17:49:06 +02:00
Lennart Poettering
41be3b099f
Merge pull request #23170 from poettering/creds-copy
import system credentials from sd-stub + qemu fw_cfg + kernel cmdline explicitly in PID 1
2022-05-02 16:32:21 +02:00
Lennart Poettering
cfa7d57ba1
Merge pull request #23217 from keszybz/oomd-docs
More cross-references in bootctl/systemctl man pages
2022-04-28 22:30:50 +02:00
Lennart Poettering
fe672fe539 doc: add new markdown docs for credentials 2022-04-28 18:12:00 +02:00
Lennart Poettering
72267a55a1 man: document the new credentials features 2022-04-28 18:12:00 +02:00
Zbigniew Jędrzejewski-Szmek
6ef00eb846
Merge pull request #23200 from keszybz/oomd-docs
Extend the documentation for oomd a bit
2022-04-28 17:46:03 +02:00
Zbigniew Jędrzejewski-Szmek
76c068b77c man: cross-advertize bootctl and systemctl boot loader support 2022-04-28 16:44:40 +02:00
Zbigniew Jędrzejewski-Szmek
3b18f3017c man: direct users to systemd-oomd if they read about OOMPolicy
OOMPolicy remains valid, but let's push users for the userspace solution.
2022-04-28 15:46:44 +02:00
Zbigniew Jędrzejewski-Szmek
6f83ea60e9 man: beef up the description of systemd-oomd.service
The gist of the description is moved from systemd.resource-control
to systemd-oomd man page. Cross-references to OOMPolicy, memory.oom.group,
oomctl, ManagedOOMSwap and ManagedOOMMemoryPressure are added in all
places.

The descriptions are also more down-to-earth: instead of talking
about "taking action" let's just say "kill". We *might* add configuration
for different actions in the future, but we're not there yet, so let's
just describe what we do now.
2022-04-28 15:46:44 +02:00
Yu Watanabe
8ac6b05b7c tree-wide: Fix typo 2022-04-25 10:06:08 +09:00
MkfsSion
70e723c000 cryptenroll,homectl: Introduce --fido2-credential-algorithm option
* Some authenticators(like Yubikey) support credential algorithm other than ES256
* Introduce a new option so users can make use of it
2022-04-22 20:22:40 +02:00
Lennart Poettering
d43ea6c8ff man: make clear that encrypted credentials are also authenticated
We use authenticated encryption, and that deserves mention. This in
particular relevant as the fact they are authenticated makes the
credentials useful as initrd parameterization items.
2022-04-21 23:23:14 +02:00
Lennart Poettering
231a1caf5e
Merge pull request #23122 from poettering/creds-has-tpm2
tpm2: beef up tpm2 support checks
2022-04-20 23:18:02 +02:00
Lennart Poettering
ebf3ee4105 man: update TPM2 PCR documentation
The assignments were partly simply incorrectly documented, partly changed
with 4d32507f51 and partly missing.
Moreover kernel 5.17 now measures all initrds to PCR 9 on its own
(https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f046fff8bc4c4d8f8a478022e76e40b818f692df)

Let's correct all this and bring it up-to-date.

And while we are at it extend the docs about this in systemd-stub, with
a new table that indicates which OS resource is protected by which PCR.
2022-04-20 21:30:49 +02:00
Lennart Poettering
b6553329c0 creds-util: permit credentials encrypted/signed by fixed zero length keys as fallback for systems lacking TPM2
This is supposed to be useful when generating credentials for immutable
initrd environments, where it is is relevant to support credentials even
on systems lacking a TPM2 chip.

With this, if `systemd-creds encrypt --with-key=auto-initrd` is used a
credential will be encrypted/signed with the TPM2 if it is available and
recognized by the firmware. Otherwise it will be encrypted/signed with
the fixed empty key, thus providing no confidentiality or authenticity.

The idea is that distributions use this mode to generically create
credentials that are as locked down as possible on the specific
platform.
2022-04-20 17:49:17 +02:00
Lennart Poettering
eb81249e8a man: document new has-tpm2 verb 2022-04-20 16:58:18 +02:00
Sonali Srivastava
c52950c292 hostnamed: display firmware version 2022-04-19 13:54:16 +02:00
Yu Watanabe
b0c3d2b76b
Merge pull request #23107 from yuwata/man-network-numeric-prefix
man: recommend that .network or friends should have a numeric prefix
2022-04-18 07:02:10 +09:00
Yu Watanabe
625d71b9ae man: DHCPPrefixDelegation= needs to be enabled on downstream side for assigning delegated prefixes
Closes #23041.
2022-04-18 04:30:56 +09:00
Yu Watanabe
cc9b6bdc96 man: recommend that .network or friends should have a numeric prefix
Closes #23105.
2022-04-18 04:30:49 +09:00
Yu Watanabe
bd4297e761 udevadm: info: also show parent devices by --tree 2022-04-17 21:27:33 +02:00
Lennart Poettering
9117d94b9a udevadm: add new --tree mode to "udevadm info"
sysfs is a tree, hence let's a mode that allows showing it as such.
2022-04-13 14:41:05 +02:00
Lennart Poettering
5b9d199ab4 man: document new generator env vars 2022-04-13 10:44:56 +02:00
Lennart Poettering
a1d0557440 man: rebreak all paragraphs in systemd.generator(7) 2022-04-13 10:07:46 +02:00
Zbigniew Jędrzejewski-Szmek
52e30c6f81 man: add "internal" to "reference counter" 2022-04-12 15:33:05 +02:00
Zbigniew Jędrzejewski-Szmek
2a1a7910f9 man: add page for sd_device_{ref,unref,unrefp}
Gotta start somewhere.
2022-04-12 12:35:44 +02:00
Zbigniew Jędrzejewski-Szmek
69e6a46970 man: say libudev should not be used for new projects 2022-04-12 12:28:24 +02:00
Zbigniew Jędrzejewski-Szmek
fc6f59aedc man: add landing page for sd-device
We got documentation for sd-device for the first time with
b51f4eaf7b, so let's celebrate by adding a
landing page that also explains the relationship with libudev.
2022-04-12 12:28:24 +02:00
Zbigniew Jędrzejewski-Szmek
ff9412c152 Fix man page links
Based on linkchecker as usual.
2022-04-12 11:02:16 +02:00
Zbigniew Jędrzejewski-Szmek
ec7401d015 Add comments about deprecated specifiers
Inspired by 9fe20c3234. When the specifier is undocumented, it is really easy
to add a duplicate definition in  a different place.
2022-04-11 13:51:28 +02:00
Lennart Poettering
d0aba07f1a specifier: use %q for pretty hostname
%R is already used in service manager specifier expansion (cgroup root),
hence use a different char, that was so far not used.

Follow-up for: 6ceb0a4094
2022-04-08 22:18:28 +02:00
Daan De Meyer
cae7c28272 analyze: Fix verify exit status regression
Previously, systemd-analyze verify would return 0 even if warnings
were raised during analysis of the specified units or their
dependencies. With 3cc3dc7, verify was changed to return 1 when
warnings were raised.

This commit changes the default mode to _RECURSIVE_ERRORS_INVALID
so that verify returns zero again by default when warnings are
raised.
2022-04-06 23:16:02 +09:00
Michal Sekletar
66425daf2c udev/net_id: avoid slot based names only for single function devices
If we have two or more devices that share the same slot but they are
also multifunction then it is OK to use the slot information even if it
is the same for all of them. Name conflict will be avoided because we
will append function number and form names like, ens1f1, ens1f2...
2022-04-06 11:51:03 +02:00
Yu Watanabe
bab34bc12e
Merge pull request #22980 from keszybz/test-help-and-version-output
Test --help and --version output in more cases
2022-04-06 13:42:12 +09:00
Zbigniew Jędrzejewski-Szmek
99d8cbceff meson: make kernel-install a template file, add --version, add to tests
In --help output, change "$0" → "kernel-install". We generally don't include
the full path in --help output, and let's not do this here either.

kernel-install is now in build/ directly, not in the subdirectory.
2022-04-05 22:18:31 +02:00
Zbigniew Jędrzejewski-Szmek
8f04a1ca2b meson: also allow setting GIT_VERSION via templates
GIT_VERSION is not available as a config.h variable, because it's rendered
into version.h during builds. Let's rework jinja2 rendering to also
parse version.h. No functional change, the new variable is so far unused.

I guess this will make partial rebuilds a bit slower, but it's useful
to be able to use the full version string.
2022-04-05 22:18:31 +02:00
Lennart Poettering
30e0343b1c man: split an overly long paragraph in two 2022-04-05 16:10:26 +02:00
Lennart Poettering
c4db78fce6 logind: expose long press actions on D-Bus
The settings and internal varables were added, but this was never
exposed on the bus. Add that.

Follow-up-for: a520bb6654
Follow-up-for: #19917
2022-04-05 16:09:52 +02:00
Yu Watanabe
20742f92c1
Merge pull request #22951 from keszybz/fix-entry-selection-bootctl-status
Fix entry selection in bootctl status
2022-04-05 13:42:43 +09:00
Yu Watanabe
e7e25c21c6 fix typo 2022-04-05 04:36:20 +09:00
Zbigniew Jędrzejewski-Szmek
e12335ba60 man: add annotated example for bootctl status & list
This is based on the output on my laptop, with various manual adjustments.
If people have other types of entries, it'd be useful to add them here. In
particular, some dual-boot entries would be nice.
2022-04-04 21:19:20 +02:00
Zbigniew Jędrzejewski-Szmek
db9eabd675 man: fix tag syntax
Strangely enough, having <varlistenetry>s outside of <variablelist> wasn't
causing visual problems. But having two <listitem>s in one <varlistentry>
resulted in the paragraphs running together in the rendered man page.
2022-04-04 21:19:20 +02:00
Yu Watanabe
f379362157
Merge pull request #22963 from poettering/udevadm-diskseq-fix
sd-device diskseq fix + udevadm info improvements
2022-04-05 03:57:24 +09:00
Yu Watanabe
cf708d803e
Merge pull request #22867 from poettering/lockdev-util
add small "udevadm lock" tool for locking a block device
2022-04-05 03:04:23 +09:00
Lennart Poettering
b51f4eaf7b man: document various sd_device_get_xyz() functions 2022-04-04 18:25:18 +02:00
Lennart Poettering
a0e902598c udevadm: show more fields of sd_device objects in "udevadm info"
Let's make things easier to debug, and show a more comprehensive set of
fields, extending on the existing output syntax that starts with one
marker character followed by a colon and a space.
2022-04-04 18:24:14 +02:00
Lennart Poettering
9858e6d2e7 man: properly conditionalize kernel-install man page
Change f887eab1da conditionalized the
building of ther kenel-install man page in the generated meson output,
instead of the source in the XML markup. Thus, whenever the rules file
is updated the conditionalization is lost. Correct that.

Follow-up for: f887eab1da
2022-04-05 01:20:35 +09:00
Lennart Poettering
ae61c53c3b man: document new udevadm lock tool 2022-04-04 17:19:51 +02:00
Yu Watanabe
b17a681be5 tree-wide: fix typo 2022-04-02 00:34:39 +09:00
Yu Watanabe
aa2b0d8d29 udevadm: introduce new 'wait' command
Prompted by https://github.com/systemd/systemd/pull/22717#issuecomment-1067348496.

The new command 'udevadm wait' waits for device or device symlink being
created. This may be useful to wait for a device is processed by udevd
after e.g. formatting or partitioning the device.
2022-04-01 15:13:18 +09:00
Franck Bui
f887eab1da meson: build kernel-install man page when necessary 2022-03-31 21:12:05 +09:00
Sebastian Pucilowski
f81ac115dc Fix "link-local" language inconsistencies
"Link-local" and "link local" are used throughout man pages and program
output, with the former used far more than the latter. This commit makes
it consistent throughout the project.
2022-03-31 12:08:29 +02:00
Yu Watanabe
b732606950 network: automatically determine timeout of waiting for carrier regain
The commit 6706ce2fd2 made
IgnoreCarrierLoss= setting also take timespan, to make users handle
issues like #18738 or #20887. But still users needed to explicitly set
a timespan.

This makes networkd automatically determine the timeout when the
situations #18738 or #19832 is detected. Unfortunately, still users have
issue #20887 need to specify a value.

Closes #19832.
2022-03-31 09:29:42 +09:00
Gaël PORTAY
e502940be2 man: update root-hash-signature option with value
This documents two possible values expected by the option
root-hash-signature for veritytab and veritysetup-generator.
2022-03-30 23:45:26 +02:00
Yu Watanabe
8b7378e145 fix typo 2022-03-30 21:10:06 +09:00
Zbigniew Jędrzejewski-Szmek
53877d0385
Merge pull request #22649 from keszybz/symlink-enablement-yet-again-punish-me-harder
Fixups to the unit enablement logic
2022-03-29 21:10:03 +02:00
Zbigniew Jędrzejewski-Szmek
b64f6d841d
Merge pull request #22843 from poettering/bootspec-json
bootctl: bootspec improvements and clean-ups
2022-03-29 18:11:32 +02:00
Zbigniew Jędrzejewski-Szmek
17a2679e99 man: fix invalid description of template handling in WantedBy=
We don't need to talk about Alias=. The approach of using Alias= to enable
units is still supported, but hasn't been advertised as the way to do thing
for many years. Using it as an explanation is just confusing.

Also, the description of templated units did not take DefaultInstance=
into account. It is updated and extended.
2022-03-29 16:17:56 +02:00
Zbigniew Jędrzejewski-Szmek
3a84a3c9df man/os-release: add a note about repeating entries
We didn't actually say that keys should not be repeated. At least the
examples in docs (both python and shell) would do that, and any simple
parser that builds a dictionary would most likely behave the same way.
But let's document this expectation, but also say how to deal with malformed
files.
2022-03-29 16:17:56 +02:00
Zbigniew Jędrzejewski-Szmek
ecd6c000d3 man: clarify the descriptions of aliases and linked unit files
This just describes the rules that are implemented by the manager, and this
pull request does not change any of them.
2022-03-29 16:17:56 +02:00
Yu Watanabe
ec4954d934 network: rename netdev kind virtual-wlan -> wlan
The Kind= setting in [Match] section of .network files takes "wlan".
This makes the same setting in .netdev files matches the one in .network
files.
2022-03-28 23:53:12 +09:00
Lennart Poettering
0d1506d4a8 bootctl: optionally, output entries in JSON format
Replaces: #18387
Fixes: #18094
2022-03-28 16:00:25 +02:00
Lennart Poettering
0924ea2b26 machine-info: rename VENDOR=/MODEL= → HARDWARE_VENDOR=/HARDWARE_MODEL=
Let's be more precise here. Otherwise people might think this describes
the software system or so. We already expose this via hostnamed as
HardwareVendor/HardwareModel hence use the exact same wording.

(Note that the relevant props on the dmi device are just VENDOR/MODEL,
but that's OK given that DMI really is about hardware anyway,
unconditionally, hence no chance of confusion there.)

Follow-up for 4fc7e4f374
2022-03-24 21:29:13 +01:00
Yu Watanabe
2859932bd6 network: do not enable IPv4 ACD for IPv4 link-local address if ACD is disabled explicitly
The commit 1cf4ed142d makes the IPv4 ACD
enabled unconditionally for IPv4 link-local addresses even if users
explicitly disable ACD.

This makes the IPv4 ACD is enabled by default, but honor user setting.

Fixes #22763.
2022-03-23 17:59:38 +01:00
Lennart Poettering
8f39ecf6aa docs: link up new image building docs a bit 2022-03-23 12:25:01 +01:00
Lennart Poettering
5b39139582
Merge pull request #22629 from nishalkulkarni/oomd_service_result
core/oomd: Use oom-kill ServiceResult for oomd
2022-03-23 10:11:45 +01:00
Zbigniew Jędrzejewski-Szmek
77d45f1f83 meson: replace sh+find with an internal glob in the python helper
As suggested in https://github.com/systemd/systemd/pull/22810#discussion_r831708052

This makes the whole thing simpler. A glob is passed to helper which then resolves
it on its own. This way it's trivial to call the helper with a different
set of files for testing.
2022-03-23 11:37:35 +09:00
Yu Watanabe
14acae357b
Merge pull request #22825 from keszybz/assorted-cleanups
Assorted cleanups
2022-03-23 11:34:46 +09:00
Zbigniew Jędrzejewski-Szmek
94f7ee9770 man: clarify that options set the message fields and are not derived from them 2022-03-22 14:07:53 +01:00
Zbigniew Jędrzejewski-Szmek
93efd9cadb
Merge pull request #22778 from poettering/kernel-install-layout-rework
kernel-install/bootctl: layout fixes
2022-03-22 13:57:28 +01:00
Nishal Kulkarni
2e3591a4fd man: Mention systemd-oomd now follows OOMPolicy 2022-03-22 18:04:52 +05:30
Lennart Poettering
c0f6a6a542
Merge pull request #22662 from yuwata/udev-trigger-priority
udevadm trigger: add --prioritized-subsystem option
2022-03-22 12:56:32 +01:00
Danilo Krummrich
678f2b1667 udevadm: trigger: implement --initialized-match/nomatch arguments
systemd-udev-trigger.service by default triggeres all devices regardless
of whether they were already recognized by systemd-udevd.

There are machines (especially in embedded environments) where
systemd-udev-trigger.service is configured to run at a later stage of
the boot sequence, which can lead to quite a lot of devices being
triggered although they were already recognized by systemd-udevd.

Re-triggering a lot of devices is a relatively expensive operation and
therefore should be avoided if unnecessary.

Therefore this patch introduces --initialized-nomatch, which filters out
devices that are already present in the udev database. For consistance
reasons --initialized-match is implemented as well, which filters out devices
that are *not* already present in the udev database.

Replaces #19949.
2022-03-22 15:54:10 +09:00
Yu Watanabe
1baeee5784 udevadm trigger: introduce --type=all option 2022-03-22 15:27:06 +09:00
Yu Watanabe
873cf95c2f udevadm trigger: introduce --prioritized-subsystem option 2022-03-22 15:27:06 +09:00
Lennart Poettering
cafa9d87b4 man: clarify that type #1 entries are also read from the XBOOTLDR partition 2022-03-22 00:23:25 +01:00
Lennart Poettering
838f094ce7 man: also install systemd-stub man page as sd-stub
So, typically systemd-boot is referenced as sd-boot, due to te usual
shorter naming in ESP resources. systemd-stub didnt do that so far,
since it never appears as separate files in the ESP. However it's super
annoying that you can find "man sd-boot", but not the very closely
related "man sd-stub". Let's fix that, and also add an "sd-stub" alias
to the "systemd-stub" man page.
2022-03-22 00:22:07 +01:00
Lennart Poettering
d212b862bf man: clarify where the settings in type #1 entries are documented
So (maybe weirdly) loader.conf(5) documents both loader.conf and type #1
entries (because they share a similar syntax). But it then only lists
the options of loader.conf. Let's add an explicit hint where to find
the documentation of the type #1 entries.
2022-03-22 00:22:07 +01:00
Lennart Poettering
84df0f315a man: clarify the format used by sd-boot config files 2022-03-22 00:22:07 +01:00
Lennart Poettering
354a244177 kernel-install: list fields we honour in /etc/kernel/install.conf 2022-03-21 23:54:33 +01:00
Anita Zhang
a4cc838e8c man: fix sysupdate typos 2022-03-21 20:06:13 +00:00
Zbigniew Jędrzejewski-Szmek
a0aa38389d man: cross-link to BLS in more places, use "Type #1", "Type #2" as appropriate 2022-03-21 12:16:54 +01:00
Lennart Poettering
436aa3b16f man: add sysupdate documentation 2022-03-19 00:13:55 +01:00
Lennart Poettering
f65a33269e Revert "boot: Change boot entry sorting"
This reverts commit 9818ec8ea5.
2022-03-18 11:59:30 +01:00
Zbigniew Jędrzejewski-Szmek
f60b0813ea man/systemd.exec: tweak markup a bit 2022-03-18 10:22:20 +01:00
Luca Boccassi
1219bd4306 Add tests and documentation for all remaining sandboxing in user manager 2022-03-18 10:09:56 +01:00
Lennart Poettering
55c8f9ecb0
Merge pull request #22754 from mrc0mmand/creds_dir_specifier
core: add %d specifier for the $CREDENTIALS_DIRECTORY
2022-03-18 09:23:01 +01:00
David
19c510bec7 Changed wording in systemd-debug-generator manpage 2022-03-17 19:02:10 +01:00
Frantisek Sumsal
43b9b2053c core: add %d specifier for the $CREDENTIALS_DIRECTORY
Resolves: #22549
2022-03-17 17:45:01 +01:00
Lennart Poettering
e127ac90ef
Merge pull request #22761 from poettering/pcr-fix
sd-boot: change kernel cmdline PCR from 8 to 12
2022-03-16 22:32:43 +01:00
Lennart Poettering
deb5c820ca sd-boot: disable bitlocker reboot feature for now
Conceptually the feature is great and should exist, but in its current
form should be worked to be generic (i.e. not specific to
Windows/Bitlocker, but appliable to any boot entry), not be global (but
be a per-entry thing), not require a BootXXXX entry to exist, and not
check for the BitLocker signature (as TPMs are not just used for
BitLocker).

Since we want to get 251 released, mark it in the documentation, in NEWS
and in code as experimental and make clear it will be reworked in a
future release. Also, make it opt-in to make it less likely people come
to rely on it without reading up on it, and understanding that it will
likely change sooner or later.

Follow-up for: #22043
See: #22390
2022-03-16 18:39:57 +01:00
Lennart Poettering
c2c7eea1e9
Merge pull request #22563 from grigorig/cryptenroll-tpm2-pin
sd-cryptenroll TPM2 PIN protected unlock
2022-03-16 18:04:28 +01:00
Lennart Poettering
27818e2ece man: only document new PCR 12 2022-03-16 17:44:46 +01:00
Lennart Poettering
4bb37359f6 docs: s/straight-forward/straightforward/
Inspired by https://github.com/systemd/systemd/pull/20156#discussion_r810878846
2022-03-15 22:46:09 +00:00
Grigori Goronzy
4005d41ef0 cryptsetup: add manual TPM2 PIN configuration
Handle the case where TPM2 metadata is not available and explicitly
provided in crypttab. This adds a new "tpm2-pin" option to crypttab
options for this purpose.
2022-03-15 21:17:00 +01:00
Grigori Goronzy
caeb5604f9 cryptenroll: add TPM2 PIN documentation 2022-03-15 21:17:00 +01:00
Yu Watanabe
c86efe34df man: replace full stop with colon
Fixes #22724.
2022-03-13 18:30:57 +00:00
Lennart Poettering
f337f903df bootctl: update to new kernel-install semantics
This makes a bunch of closely related changes:

1. The "entry-token" concept already introduced in kernel-install is now
   made use of. i.e. specifically there's a new option --entry-token=
   that can be used to explicitly select by which ID to identify boot
   loader entries: the machine ID, or some OS ID (ID= or IMAGE_ID= from
   /etc/os-release, or even some completely different string. The
   selected string is then persisted to /etc/kernel/entry-token, so that
   kernel-install can find it there.

2. The --make-machine-id-directory= switch is renamed to
   --make-entry-directory= since after all it's not necessarily the
   machine ID the dir is named after, but can be any other string as
   selected by the entry token.

3. This drops all code to make automatic changes to /etc/machine-info.
   Specifically, the KERNEL_INSTALL_MACHINE_ID= field is now more
   generically implemented in /etc/kernel/entry-token described above,
   hence no need to place it at two locations. And the
   KERNEL_INSTALL_LAYOUT= field is not configurable by user switch or
   similar anyway in bootctl, but only read from
   /etc/kernel/install.conf, and hence copying it from one configuration
   file to another appears unnecessary, the second copy is fully
   redundant. Note that this just drops writing these fields, they'll
   still be honoured when already set.
2022-03-11 11:39:34 +01:00
Lennart Poettering
fe81e346c8 man: document recent changes
This drops documentation of KERNEL_INSTALL_MACHINE_ID as machine-info
field (though we'll still read it for compat).

This updates the kernel-install man page to always say "ENTRY-TOKEN"
instead of "MACHINE-ID" where appropriate, to clear the confusion up
between the two.

This also tries to fix how we denote env vars (always prefix with $ and
without = suffix), and other vars (without $ but with = suffix)

Other fixes.
2022-03-11 11:39:34 +01:00
Lennart Poettering
15e152acd1
Merge pull request #22618 from yuwata/network-safe-string
network: dhcp-server: refuse unsafe filename
2022-03-11 11:33:07 +01:00
Marcel Hellwig
37035235df fix signature of sd_journal_print_with_location in docs 2022-03-11 11:32:20 +01:00
Yu Watanabe
6278e42878 network: dhcp: rename NextServer= and Filename= settings
And make the settings configures DHCP option 66 and 67.

Follow-ups for #22615.
Fixes #22661.
2022-03-11 10:14:57 +09:00
Luca Boccassi
0d3c36641d
Merge pull request #22701 from poettering/raise-memlock
pid1/nspawn: raise RLIMIT_MEMLOCK to 8M matching kernel 5.16's new default
2022-03-11 01:09:33 +00:00
Luca Boccassi
bed1f67874
Merge pull request #22705 from mrc0mmand/pretty_hostname_specifier
core: introduce %R specifier for pretty hostname
2022-03-10 21:45:34 +00:00
Luca Boccassi
24759d8f08 core: support ExtensionDirectories in user manager
Unprivileged overlayfs is supported since Linux 5.11. The only
change needed to get ExtensionDirectories to work is to avoid
hard-coding the staging directory to the system manager runtime
directory, everything else just works (TM).
2022-03-10 20:38:10 +00:00
Frantisek Sumsal
6ceb0a4094 core: introduce %R specifier for pretty hostname
Resolves: #20054
2022-03-10 19:03:22 +01:00
Lennart Poettering
69a21030b1
Merge pull request #22460 from bluca/monitor_refactor
core: split $MONITOR_METADATA and return it only if a single unit triggers OnFailure/OnSuccess
2022-03-10 18:34:20 +01:00
Lennart Poettering
852b62507b pid1,nspawn: raise default RLIMIT_MEMLOCK to 8M
This mirrors a similar check in Linux kernel 5.16
(9dcc38e2813e0cd3b195940c98b181ce6ede8f20) that raised the
RLIMIT_MEMLOCK to 8M.

This change does two things: raise the default limit for nspawn
containers (where we try to mimic closely what the kernel does), and
bump it when running on old kernels which still have the lower setting.

Fixes: #16300
See: https://lwn.net/Articles/876288/
2022-03-10 18:30:24 +01:00
Luca Boccassi
95c81c55b2 core: split $MONITOR_METADATA and return it only if a single unit triggers OnFailure/OnSuccess
Remove the list logic, and simply skip passing metadata if more than one
unit triggered an OnFailure/OnSuccess handler.
Instead of a single env var to loop over, provide each separate item
as its own variable.

Fixes https://github.com/systemd/systemd/issues/22370
2022-03-10 14:43:14 +00:00