1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

7441 Commits

Author SHA1 Message Date
Mike Yuan
f1710073c7
Merge pull request #26214 from YHNdnzj/sd-notify-change-notifyaccess
core: support overriding NOTIFYACCESS= through sd-notify during runtime
2023-03-24 00:11:29 +08:00
Mike Yuan
19dff6914d
core: support overriding NOTIFYACCESS= through sd-notify during runtime
Closes #25963
2023-03-22 06:33:12 +08:00
Daan De Meyer
4d62ee559d execute: Add kernel cmdline arguments for tty term, rows and columns
Let's allow configuring tty term and size using kernel cmdline arguments
so that when running in a VM we can communicate the terminal TERM and size
from the host via SMBIOS extra kernel cmdline arguments.
2023-03-21 20:50:17 +01:00
Antonio Alvarez Feijoo
9baeb58fcd man/network-generator: replace dracut.kernel reference with dracut.cmdline
`dracut.kernel.7` is just a symlink to `dracut.cmdline.7`, so the web reference
points to a non-existent URL
(https://man7.org/linux/man-pages/man7/dracut.kernel.7.html).
2023-03-21 19:00:00 +09:00
Yu Watanabe
f5c0edd166 man: explicitly list three command syntax at the beginning 2023-03-18 20:22:08 +08:00
Mike Yuan
f05b4bb9a7 sleep: fix default values unmatched with manual 2023-03-18 02:28:22 +08:00
Addison Snelling
0c868e3fad
man: fix misspelled executable name (#26858) 2023-03-17 11:36:32 +09:00
Mike Yuan
1ed35a0d93
machinectl: add verb edit and cat to operate on .nspawn files
This allows operating on .nspawn files using machinectl.

Closes #26246
2023-03-15 19:56:19 +08:00
Lennart Poettering
264c267686
Merge pull request #26794 from bluca/log_extra_fields
core: append LogExtraFields= values to log_unit* messages
2023-03-15 09:27:47 +01:00
Luca Boccassi
544471bf83
Merge pull request #26815 from keszybz/cgls-no-xattrs-by-default
Do not show xattrs and cgroup ids in cgls by default
2023-03-15 00:24:02 +00:00
Luca Boccassi
a247e95c28
Merge pull request #26808 from keszybz/no-controllers-followup
Docs and dump output follow-up for the case of delegation with no controllers
2023-03-15 00:23:05 +00:00
Zbigniew Jędrzejewski-Szmek
ec38ec55ee cgls: add -x and -c options
-x is short for --xattrs=yes and
-c is short for --cgroup-id=yes.
2023-03-14 18:03:32 +01:00
Zbigniew Jędrzejewski-Szmek
5346bb499f cgls: stop showing cgroup ids and xattrs by default
Those are rather specialized bits of information, useful mostly for debugging.
I use cgls quite often but never had the need to use either of those…
But they take up a significant amount of screen real estate, esp. when
executed as root:

-.slice
├─user.slice (#1683)
│ → user.invocation_id: 74b0bd1258c5485eb969016384e0d06a
│ → trusted.invocation_id: 74b0bd1258c5485eb969016384e0d06a
│ └─user-1000.slice (#6488)
│   → user.invocation_id: b0261a14fe74490d9a9d5266c52cceb6
│   → trusted.invocation_id: b0261a14fe74490d9a9d5266c52cceb6
│   ├─user@1000.service … (#6590)
│   │ → user.invocation_id: 9e1fb54ad07940d8b92c33c81d169f11
│   │ → user.delegate: 1
│   │ → trusted.invocation_id: 9e1fb54ad07940d8b92c33c81d169f11
│   │ → trusted.delegate: 1
│   │ ├─session.slice (#6874)
...

Let's not show them by default, so we can show more cgroups.

(Also, on a terminal, we already highlight delegate units via underlining and
an ellipsis, so 'user.delegate:1' is redundant.)
2023-03-14 18:02:42 +01:00
Luca Boccassi
1092e82bb7 core: append LogExtraFields= values to log_unit* messages
This ensure messages from PID1 regarding a unit also contain those
fields. For example, portable services have PORTABLE=<image> as
extra fields, which is useful to identify which version of a portable
image produced a log message like an error or an oomd kill.
2023-03-14 16:38:23 +00:00
Zbigniew Jędrzejewski-Szmek
449172f943 man: document "Delegate=" a bit more
This case is a bit surprising, even if logical if one understands how the
parser works. Let's be more explicit.

Follow-up for 7b3693e4e4.
2023-03-14 12:27:51 +01:00
Mike Yuan
1433e1f998
systemctl: add option --when for scheduled shutdown
Pass an empty string or "cancel" will cancel the action.
Pass "show" will show the scheduled actions.

Replaces #17258
2023-03-14 19:21:11 +08:00
Yu Watanabe
a6ca54ed94 man: add missing tags in udevadm(8) 2023-03-13 19:29:58 +00:00
Topi Miettinen
7a114ed4b3 execute: use prctl(PR_SET_MDWE) for MemoryDenyWriteExecute=yes
On some ARM platforms, the dynamic linker could use PROT_BTI memory protection
flag with `mprotect(..., PROT_BTI | PROT_EXEC)` to enable additional memory
protection for executable pages. But `MemoryDenyWriteExecute=yes` blocks this
with seccomp filter denying all `mprotect(..., x | PROT_EXEC)`.

Newly preferred method is to use prctl(PR_SET_MDWE) on supported kernels. Then
in-kernel implementation can allow PROT_BTI as necessary, without weakening
MDWE. In-kernel version may also be extended to more sophisticated protections
in the future.
2023-03-13 18:44:36 +00:00
Daan De Meyer
80c7d4b8fa man: Fix user generator output paths
These are all under $XDG_RUNTIME_DIR/systemd instead of directly
under $XDG_RUNTIME_DIR.
2023-03-13 13:51:48 +00:00
Yu Watanabe
c9501b03cd
Merge pull request #26641 from medhefgo/boot-elf2efi
boot: Drop gnu-efi / Add elf2efi.py
2023-03-11 17:15:01 +09:00
Yu Watanabe
5b23987eaf
Merge pull request #26739 from ldv-alt/udevadm-verify
udevadm verify: introduce --root option
2023-03-11 17:12:57 +09:00
Morten Linderud
9e60dc0daf
man: Fix pcrphase.service manvolnum from 1 to 8 2023-03-10 20:29:56 +01:00
Dmitry V. Levin
0a7eda348c udevadm verify: introduce --root option
When udevadm verify is invoked without positional arguments and loads
all rules files from the system like the udev daemon does, this option
can be used to operate on files underneath the specified root path.
2023-03-10 17:10:41 +00:00
Dmitry V. Levin
e8c53080c4 udevadm verify: load all rules from the system if no rules were given
When udevadm verify is invoked without positional arguments, that is,
when no udev rules files are specified, load all rules files from the system
like the udev daemon does, and verify them.
2023-03-10 17:10:41 +00:00
Jan Janssen
dfca5587cf tree-wide: Drop gnu-efi
This drops all mentions of gnu-efi and its manual build machinery. A
future commit will bring bootloader builds back. A new bootloader meson
option is now used to control whether to build sd-boot and its userspace
tooling.
2023-03-10 11:41:03 +01:00
Lennart Poettering
862481ece0
Merge pull request #26693 from poettering/udev-loop-links
udev: add /dev/loop/by-inode/… + /dev/loop/by-ref/… loopback block device symlinks
2023-03-10 09:34:31 +01:00
Ronan Pigott
0b40688d18 load-fragment: add user credential specifiers to user.conf
This enables the ManagerEnvironment= settings in the user's user.conf to
reference some user data like $HOME for the purpose of setting
environment variables derived from these values.
2023-03-10 00:05:37 +00:00
Lennart Poettering
a617007417 mempress: change default PSI window duration to 2s
This changes the PSI window duration we default to for watching memory
pressure events from 1s to 2s. This is because apparently the kernel
will soon disallow window durations other than 2s for unprivileged
processes.

Hence, we'll bump the threshold from 100m to 200ms, and the window from
1s to 2s.
2023-03-09 22:31:20 +01:00
Lennart Poettering
236d1fa210 dissect: allow setting "lo_file_name" field of loopback block devices
When attaching a loopback file this allows us to set an explicit name
for it. This is useful since it allows a caller to pre-select a string
that is directly attached to the loopback file. Via udev rules we'l
later make the device accessible through this name.

Note that "lo_file_name" is supposed to carry a file name of the backing
file, but the kernel actually does not care or enforce any of that, it
just stores the filename and returns it later. This makes it so useful,
as userspace has total control of that field.

"lo_file_name" should not be confused with the sysattr
"loop/backing_file" which is actually maintained by the kernel itself,
and always shows the file to the backing inode without userspace having
direct control over the returned string. Because the sysattr is
generated by the kernel it is subject to file system namespacing and
everything, while "lo_file_name" is not, it's really just a string
passed through the kernel.
2023-03-09 16:41:23 +01:00
Lennart Poettering
07d6072e0e dissect: add commands for attaching/detaching loopback devices
Sometimes it is useful attaching DDIs without mounting them. We could
use "losetup" for that, but doing this in systemd-dissect has various
benefits:

1. we superficially validate the DDI first
2. we set the sector size depending on what we determine
3. we synchronously create the per-partition block devices
2023-03-09 16:40:55 +01:00
Jeidnx
2208d96623 man: fix typo in ukify page 2023-03-09 14:49:37 +01:00
Zbigniew Jędrzejewski-Szmek
ba0e70673c
Merge pull request #26038 from lilyinstarlight/fix/fstab-generator-sysroot-without-cmdline
fstab-generator: use correct targets when /sysroot is specificied in fstab only
2023-03-09 08:51:31 +01:00
Yu Watanabe
00aba43fe6
Merge pull request #26698 from ldv-alt/udevadm-verify
Implement a udev rules syntax checker in the form of
`udevadm verify [OPTIONS] FILE...` command that is based on
`udev_rules_parse_file` interface and would apply further checks
on top of it in the future.

Resolves: #26606
2023-03-09 13:05:57 +09:00
Luca Boccassi
25a45b0dd1
Merge pull request #26119 from kraxel/uki.install
kernel-install: improve uki handling
2023-03-08 21:25:25 +00:00
Luca Boccassi
79fb1d4e7e
Merge pull request #26711 from keszybz/man-page-stuff
Man page tweaks
2023-03-08 20:29:18 +00:00
Dmitry V. Levin
acdba85e0e udevadm: introduce new 'verify' command
We seem to have no tool to verify udev rule files.  There is a simple
udev rules syntax checker in the tree, test/rule-syntax-check.py, but
it is too simple to detect less trivial issues not detected by udev,
e.g. redundant comparisons (#26593) or labels without references.

Such a tool would be beneficial not only for maintaining udev rules
distributed along with udev, but also and even more so for maintaining
third party udev rules that are more likely to have issues with syntax
and semantic correctness.

Implement a udev rules syntax and semantics checker in the form of
'udevadm verify [OPTIONS] FILE...' command that is based on
udev_rules_parse_file() interface and would apply further checks
on top of it in subsequent commits.

Resolves: #26606
2023-03-08 18:55:40 +00:00
Yu Watanabe
0744ed0f26
Merge pull request #26713 from keszybz/man-getenv
Add note to docs that setenv() cannot be called in parallel with getenv()
2023-03-09 00:16:30 +09:00
Zbigniew Jędrzejewski-Szmek
d329bae3e6 man: use more references 2023-03-08 15:32:59 +01:00
Zbigniew Jędrzejewski-Szmek
8c51e1520b man: add mention that libsystemd uses getenv()
See #26688: getenv() is not thread-safe, and could a possible source of
problems when a multi-threaded program calls setenv()/putenv()/unsetenv() in
parallel. It is not possible to avoid getenv() calls in general, since $PATH,
$LANG, $SHELL, $USER, $HOME, $TZ may need to be accessed at any time.
Add a warning to our docs so that people are aware of the issue.

Closes #26688. (Real fixes will need to be in glibc and gnome-shell or other
programs.)

The text is added to threads-aware.xml to be included in various places. By
including it in libsystemd-pkgconfig.xml, it is automatically added to all sd-*
pages. The text is also included explicitly in pages for a few other functions
which are call getenv().
2023-03-08 15:32:59 +01:00
Zbigniew Jędrzejewski-Szmek
81707069fc
Merge pull request #26685 from yuwata/man-missing-services
man: mention two missing services
2023-03-08 09:35:03 +01:00
Luca Boccassi
e079120505
Merge pull request #26706 from jengelh/master
doc: various orthographic fixes
2023-03-07 21:34:03 +00:00
Zbigniew Jędrzejewski-Szmek
695e39dd63 man: adjust description of CPUAccounting=
For any user on a semi-recent kernel, effectively this setting is pointless.
We should deprecate it once not needed anymore for the v1 hierarchy. For
now, adjust the description.
2023-03-07 16:22:13 +01:00
Zbigniew Jędrzejewski-Szmek
dca031d229 man: add a note about session autogrouping
When cpu controller is disabled, thing would often still behave as if
it was. And since the cpu controller can be enabled "magically" e.g. by
starting user@1000, add a note for users to be careful. Autogrouping
is described well in the man page, incl. how to enable or disable it,
so it should be enough to refer to that.
2023-03-07 16:22:13 +01:00
Zbigniew Jędrzejewski-Szmek
396d298d6b man: tweak details in descriptions of pids and cpu configuration
For CPUWeight=: there is an important distinction between our default of
[not set], and the kernel default of "100". Let's not say that our default
is "100" because then 'systemctl show' output is hard to explain.

For task accounting, it's the kernel that does the accounting, not systemd.
2023-03-07 16:22:13 +01:00
Zbigniew Jędrzejewski-Szmek
253d0d591b man: describe how cgroup controllers are turned on
For a user, information which cgroup controllers are enabled based on
the unit configuration is rather important. Not only because it determines
what resource control is peformed by the kernel, but also because controllers
have a non-negligible cost, especially for deep nesting, and users may want
to *not* have controllers enabled.

Our documentation did its best to avoid the topic so far. This was partially
caused by the support for cgroup v1, which meant that any discussion of
controllers had to be conditional and messy. But v1 is deprecated on its way
out, so it should be fine to just describe what happens with v2.

The text is extended with a discussion of how controllers are enabled and
disabled, and an example, and for various settings that enable controllers
the relevant controller is now mentioned.
2023-03-07 16:22:13 +01:00
Zbigniew Jędrzejewski-Szmek
87291a26f5 man: explain route-only domains a bit more
The details discussion of how search and route-only domains work is in
systemd-resolved.service(8). But users are more likely to look at
resolved.conf(5), because that's where Domains= is described. So let's add a
reference to the other man page there, and also strengthen the text a bit. In
particular, in systemd-resolved.service(8) we say "route-only", which makes
the distinction with search domains clearer. Let's use the same in the other
man page too.

This is based on feedback from Lukáš Nykrýn that the man page is not clear
enough.
2023-03-07 16:22:13 +01:00
Jan Engelhardt
18fe76eba5 doc: correct wrong use "'s" contractions 2023-03-07 13:39:31 +01:00
Gerd Hoffmann
3d5f0bfe4e kernel-install: handle uki installs automatically
Detect image type using "bootctl kernel-identify $kernel",
store result in KERNEL_INSTALL_IMAGE_TYPE.

Extend layout autodetection to check the kernel image type
and pick layout=uki for UKIs.

Resolves: #25822
2023-03-07 08:14:46 +01:00
Gerd Hoffmann
642617f431 kernel-install: remove math slang from man page 2023-03-07 08:14:46 +01:00
Lennart Poettering
92828ba603 man: document /sbin/mount.ddi 2023-03-06 23:00:52 +01:00