IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
The symbolic links to private directories specified by StateDirectory=
or its friends are created on the host. So, when DynamicUser= and
RootDirectory=/RootImage= are set, then the executed process cannot
access private directory.
This makes the private directories are mounted on the non-private place
when both DynamicUser= and RootDirectory=/RootImage= are set.
Fixes#8965.
Externally it's an uint64_t anyway, and internally we most just
initialize it to physical_memory() which returns uint64_t, hence there's
exactly zero value in using it as size_t internally. Hence, let's fix
that, and use uint64_t everywhere.
Otherwise querying the preset status of a unit to the user instance gives
incorrect results since in this case the scope used by the manager is
UNIT_FILE_USER.
sysexits.h has:
#define EX_CANTCREAT 73 /* can't create (user) output file */
EX_DATAERR is a copy-paste error from the previous sentence, which is
correct.
If we log to the pty that is configured as stdin/stdout/stderr of the
container too early we risk filling it up in full before we start
processing the pty from the parent process, resulting in deadlocks.
Let's hence keep a copy of the original tty we were started on before
setting up stdin/stdout/stderr, so that we can log to it, and keep using
it as long as we can.
Since the kernel's pty internal buffer is pretty small this actually
triggered deadlocks when we debug logged at lot from nspawn's child
processes, see: https://github.com/systemd/systemd/pull/9024#issuecomment-390403674
With this change we won't use the pty at all, only the actual payload we
start will, and hence we won't deadlock on it, ever.
Let's make use of log_set_open_when_needed() in nspawn too, i.e. at the
point where we close logging because we are about to rearrange fds,
let's automatically reopen the logging fds when we need them, the same
way as we do that in the service manager. This makes things simpler and
more robust.
It is not const, because a) systemd can bump it on its own if
errors occur, and b) the user can change it using signals.
Also it's not boolean.
$ busctl get-property org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager ShowStatus
b true
$ sudo kill -SIGRTMIN+21 1
$ busctl get-property org.freedesktop.systemd1 /org/freedesktop/systemd1 org.freedesktop.systemd1.Manager ShowStatus
b false
Fixes#4503.
When DynamicUser= is set, then RuntimeDirectory= should be always
chowned, as the service unit may enable RuntimeDirectoryPreserve=,
and the uid or gid may changed from the last run.
This also makes easier to migrate the service to use DynamicUser=.
This makes most header files easier to look at. Also Emacs gets really
slow when browsing through large sections of overly long prototypes,
which is much improved by this macro.
We should probably not do something similar with too many other cases,
as macros like this might help readability for some, but make it worse
for others. But I think given the complexity of this specific prototype
and how often we use it, it's worth doing.
This builds on the previous GENERIC_PARSER_ARGS macro work. I think in
general it is a better idea to declare macros that generate full C
statements instead of just parts of them, hence, let's introduce
CONFIG_PARSER_PROTOTYPE() which defines a full C function prototype,
instead of the pre-existing way of defining the C function prototype
manually, but then using GENERIC_PARSER_ARGS to define its arguments.
This doesn't drop GENERIC_PARSER_ARGS though, but renames it to
CONFIG_PARSER_ARGUMENTS, and changes the ConfigParserCallback function
type to use it. The new name follows more closely how the other symbols
in the header are named.
