1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-08 11:27:32 +03:00
Commit Graph

806 Commits

Author SHA1 Message Date
Lennart Poettering
8fa844dccf units: make graphical.target dependencies more complete and similar to those of multi-user.target 2014-12-29 17:00:05 +01:00
Lennart Poettering
cd61c3bfd7 machined/machinectl: add logic to show list of available images
This adds a new bus call to machined that enumerates /var/lib/container
and returns all trees stored in it, distuingishing three types:

        - GPT disk images, which are files suffixed with ".gpt"
        - directory trees
        - btrfs subvolumes
2014-12-19 19:19:29 +01:00
Tom Gundersen
65eb4378c3 systemd-hwdb: introduce new tool
This pulls out the hwdb managment from udevadm into an independent tool.

The old code is left in place for backwards compatibility, and easy of
testing, but all documentation is dropped to encourage use of the new
tool instead.
2014-12-18 15:37:27 +01:00
Mantas Mikulėnas
cf5a899751 build-sys: remove commented-out m4 from user@.service
Otherwise this actually remains in the generated unit in /usr/lib.

If you want to keep it commented out, a m4-compatible way would be:

    m4_ifdef(`HAVE_SMACK',
    dnl Capabilities=cap_mac_admin=i
    dnl SecureBits=keep-caps
    )
2014-12-14 12:54:16 -05:00
Lennart Poettering
1f3ba2bb4f build-sys: turn off SMACK capabilities stuff for now, since it is incompatible with nspawn 2014-12-10 22:14:19 +01:00
Lennart Poettering
795bc7e791 gitignore: hide some more files 2014-12-10 00:49:35 +01:00
Przemyslaw Kedzierski
dd5ae4c36c bus-proxy: cloning smack label
When dbus client connects to systemd-bus-proxyd through
Unix domain socket proxy takes client's smack label and sets for itself.

It is done before and independent of dropping privileges.

The reason of such soluton is fact that tests of access rights
performed by lsm may take place inside kernel, not only
in userspace of recipient of message.

The bus-proxyd needs CAP_MAC_ADMIN to manipulate its label.

In case of systemd running in system mode, CAP_MAC_ADMIN
should be added to CapabilityBoundingSet in service file of bus-proxyd.

In case of systemd running in user mode ('systemd --user')
it can be achieved by addition
Capabilities=cap_mac_admin=i and SecureBits=keep-caps
to user@.service file
and setting cap_mac_admin+ei on bus-proxyd binary.
2014-12-09 18:23:24 +01:00
Lennart Poettering
68ac53e62f units: make sure container-getty@.service stops restarting when the pts device it is bound to is gone
We only want to restart the getty as long as the pts device is still
around. As soon as it is gone, the service should be removed to.

http://lists.freedesktop.org/archives/systemd-devel/2014-December/026048.html
2014-12-09 02:12:11 +01:00
WaLyong Cho
c18c2a0ea1 gitignore: ignore generated systemd-bootchart.service 2014-12-04 20:43:28 +01:00
Michal Sekletar
fe0b9cd3ba units: skip mounting /dev/hugepages if we don't have CAP_SYS_ADMIN
Preparation for allowing systemd to run gracefully in containers lacking
CAP_SYS_ADMIN.
2014-12-04 02:43:02 +01:00
WaLyong Cho
da64a1fc41 bootchart: add standalone bootchart service 2014-12-04 01:55:01 +01:00
Didier Roche
a1405db67c machine-id-commit: add unit file
The unit file only active the machine-id-commit helper if /etc is mounted
writable and /etc/machine-id is an independant mount point (should be a tmpfs).
2014-12-03 03:41:19 +01:00
Lennart Poettering
92ac127007 rc-local: drop SysVStartPriority= field which is now obsolete 2014-12-02 13:23:04 +01:00
Lennart Poettering
2e43ad9ca6 bus-proxy: automatically detect scope of bus and derive which XML snippets to load from that 2014-11-28 16:18:17 +01:00
Martin Pitt
574edc9006 nspawn: Add try-{host,guest} journal link modes
--link-journal={host,guest} fail if the host does not have persistent
journalling enabled and /var/log/journal/ does not exist. Even worse, as there
is no stdout/err any more, there is no error message to point that out.

Introduce two new modes "try-host" and "try-guest" which don't fail in this
case, and instead just silently skip the guest journal setup.

Change -j to mean "try-guest" instead of "guest", and fix the wrong --help
output for it (it said "host" before).

Change systemd-nspawn@.service.in to use "try-guest" so that this unit works
with both persistent and non-persistent journals on the host without failing.

https://bugs.debian.org/770275
2014-11-21 14:27:26 +01:00
Lennart Poettering
812bd1e6ab units: make sure rfkill service is bount to the actual hardware 2014-11-21 01:20:57 +01:00
Lennart Poettering
eab459bc06 Revert "systemd-logind.service: set Type=notify"
This reverts commit a4962513c5.

logind.service is a D-Bus service, hence we should use the dbus name as
indication that we are up. Type=dbus is implied if BusName= is
specified, as it is in this case.

This removes a warning that is printed because a BusName= is specified
for a Type=notify unit.
2014-11-21 01:17:52 +01:00
Dave Reisner
a4962513c5 systemd-logind.service: set Type=notify
The code already calls sd_notify("READY=1"), so we may as well take
advantage of the startup behavior in the unit. The same was done for
the journal in a87a38c20.
2014-11-19 08:13:34 -05:00
Daniel Mack
63cc4c3138 sd-bus: sync with kdbus upstream (ABI break)
kdbus has seen a larger update than expected lately, most notably with
kdbusfs, a file system to expose the kdbus control files:

 * Each time a file system of this type is mounted, a new kdbus
   domain is created.

 * The layout inside each mount point is the same as before, except
   that domains are not hierarchically nested anymore.

 * Domains are therefore also unnamed now.

 * Unmounting a kdbusfs will automatically also detroy the
   associated domain.

 * Hence, the action of creating a kdbus domain is now as
   privileged as mounting a filesystem.

 * This way, we can get around creating dev nodes for everything,
   which is last but not least something that is not limited by
   20-bit minor numbers.

The kdbus specific bits in nspawn have all been dropped now, as nspawn
can rely on the container OS to set up its own kdbus domain, simply by
mounting a new instance.

A new set of mounts has been added to mount things *after* the kernel
modules have been loaded. For now, only kdbus is in this set, which is
invoked with mount_setup_late().
2014-11-13 20:41:52 +01:00
Zbigniew Jędrzejewski-Szmek
58f2fab16d units: restore job timeouts for poweroff and reboot
It seems that there actually aren't any long running tasks which are
performed at shutdown. If it turns out that there actually are, this
should be revisited.

This reverts most of commit 038193efa6.
2014-11-06 08:17:45 -05:00
Zbigniew Jędrzejewski-Szmek
038193efa6 units: disable job timeouts
For boot, we might kill fsck in the middle, with likely catastrophic
consequences.

On shutdown there might be other jobs, like downloading of updates for
installation, and other custom jobs. It seems better to schedule an
individual timeout on each one separately, when it is known what
timeout is useful.

Disable the timeouts for now, until we have a clearer picture of how
we can deal with long-running jobs.
2014-11-05 20:45:10 -05:00
Lennart Poettering
a931ad47a8 core: introduce new Delegate=yes/no property controlling creation of cgroup subhierarchies
For priviliged units this resource control property ensures that the
processes have all controllers systemd manages enabled.

For unpriviliged services (those with User= set) this ensures that
access rights to the service cgroup is granted to the user in question,
to create further subgroups. Note that this only applies to the
name=systemd hierarchy though, as access to other controllers is not
safe for unpriviliged processes.

Delegate=yes should be set for container scopes where a systemd instance
inside the container shall manage the hierarchies below its own cgroup
and have access to all controllers.

Delegate=yes should also be set for user@.service, so that systemd
--user can run, controlling its own cgroup tree.

This commit changes machined, systemd-nspawn@.service and user@.service
to set this boolean, in order to ensure that container management will
just work, and the user systemd instance can run fine.
2014-11-05 18:49:14 +01:00
Michal Schmidt
a87a38c201 units: make systemd-journald.service Type=notify
It already calls sd_notify(), so it looks like an oversight.

Without it, its ordering to systemd-journal-flush.service is
non-deterministic and the SIGUSR1 from flushing may kill journald before
it has its signal handlers set up.

https://bugs.freedesktop.org/show_bug.cgi?id=85871
https://bugzilla.redhat.com/show_bug.cgi?id=1159641
2014-11-04 20:32:42 +01:00
Lennart Poettering
d5d78543a2 units: make ReceiveBuffer= line more readable by using M suffix 2014-11-03 21:51:28 +01:00
Lennart Poettering
cfb1f5df7c core: introduce ConditionSecurity=audit
And conditionalize journald audit support with it
2014-11-03 21:51:28 +01:00
Lennart Poettering
875c2e220e journald: if available pull audit messages from the kernel into journal logs 2014-11-03 21:51:28 +01:00
Zbigniew Jędrzejewski-Szmek
1f1926aa5e units: order sd-journal-flush after sd-remount-fs
Otherwise we could attempt to flush the journal while /var/log/ was
still ro, and silently skip journal flushing.

The way that errors in flushing are handled should still be changed to
be more transparent and robust.
2014-11-02 21:52:56 -05:00
Zbigniew Jędrzejewski-Szmek
3b02170360 unit: do not order timers.target before basic.target
Since commit 19f8d03783 'timer: order OnCalendar units after
timer-sync.target if DefaultDependencies=no' timers might get a
dependency on time-sync.target, which does not really belong in early
boot. If ntp is enabled, time-sync.target might be delayed until a
network connection is established.

It turns out that majority of timer units found in the wild do not
need to be started in early boot. Out of the timer units available in
Fedora 21, only systemd-readahead-done.timer and mdadm-last-resort@.timer
should be started early, but they both have DefaultDependencies=no,
so are not part of timers.target anyway. All the rest look like they
will be fine with being started a bit later (and the majority even
much later, since they run daily or weekly).

Let timers.target be pulled in by basic.target, but without the
temporal dependency. This means timer units are started on a "best
effort" schedule.

https://bugzilla.redhat.com/show_bug.cgi?id=1158206
2014-11-02 12:33:54 -05:00
Zbigniew Jędrzejewski-Szmek
a65b824577 systemd-journal-flush.service: remove "trigger" from description
This service is now synchronous, so "trigger" is misleading.
2014-11-01 14:39:48 -04:00
Lennart Poettering
919699ec30 units: don't order journal flushing afte remote-fs.target
Instead, only depend on the actual file systems we need.

This should solve dep loops on setups where remote-fs.target is moved
into late boot.
2014-10-31 16:23:39 +01:00
Martin Pitt
33488f1979 udev hwdb: Support shipping pre-compiled database in system images
In some cases it is preferable to ship system images with a pre-generated
binary hwdb database, to avoid having to build it at runtime, avoid shipping
the source hwdb files, or avoid storing large binary files in /etc.

So if hwdb.bin does not exist in /etc/udev/, fall back to looking for it in
UDEVLIBEXECDIR. This keeps the possibility to add files to /etc/udev/hwdb.d/
and re-generating the database which trumps the one in /usr/lib.

Add a new --usr flag to "udevadm hwdb --update" which puts the database
into UDEVLIBEXECDIR.

Adjust systemd-udev-hwdb-update.service to not generate the file in /etc if we
already have it in /usr.
2014-10-28 14:28:18 +01:00
Lennart Poettering
3898b80d40 units: define appropriate job timeout actions when boot or shutdown timeouts are hit
Using the new JobTimeoutAction= setting make sure we power off the
machine after basic.target is queued for longer than 15min but not
executed. Similar, if poweroff.target is queued for longer than 30min
but does not complete, forcibly turn off the system. Similar, if
reboot.target is queued for longer than 30min but does not complete,
forcibly reboot the system.
2014-10-28 02:19:55 +01:00
Tom Gundersen
8c94052ee5 units: tmpfiles-setup-dev - allow unsafe file creation to happen in /dev at boot
This will allow us to mark static device nodes with '!' to indicate that they should only be created at early boot.
2014-10-27 17:40:24 +01:00
Lennart Poettering
b825ab1a99 units: run firstboot before sysusers, so that firstboot can initialize the root password 2014-10-23 01:24:59 +02:00
Lennart Poettering
74055aa762 journalctl: add new --flush command and make use of it in systemd-journal-flush.service
This new command will ask the journal daemon to flush all log data
stored in /run to /var, and wait for it to complete. This is useful, so
that in case of Storage=persistent we can order systemd-tmpfiles-setup
afterwards, to ensure any possibly newly created directory in /var/log
gets proper access mode and owners.
2014-10-23 00:39:42 +02:00
Juho Son
f2a474aea8 journald: add CAP_MAC_OVERRIDE in journald for SMACK issue
systemd-journald check the cgroup id to support rate limit option for
every messages. so journald should be available to access cgroup node in
each process send messages to journald.
In system using SMACK, cgroup node in proc is assigned execute label
as each process's execute label.
so if journald don't want to denied for every process, journald
should have all of access rule for all process's label.
It's too heavy. so we could give special smack label for journald te get
all accesses's permission.
'^' label.
When assign '^' execute smack label to systemd-journald,
systemd-journald need to add  CAP_MAC_OVERRIDE capability to get that smack privilege.

so I want to notice this information and set default capability to
journald whether system use SMACK or not.
because that capability affect to only smack enabled kernel
2014-10-22 19:12:06 +02:00
Ivan Shapovalov
5516ae4419 systemd-hibernate-resume@.service: remove unnecessary ordering
They were left from an early review iteration, when hibernate-resume
functionality was intended to work also outside of initramfs.
Now this is not the case, and these dependencies became redundant
as systemd-fsck-root.service can never be part of initramfs, and
systemd-remount-fs.service makes little sense in it.
2014-10-09 23:53:15 -04:00
Lukasz Skalski
374738d55b logind: mount per-user tmpfs with 'smackfsroot=*' for smack enabled systems 2014-10-09 11:38:59 +02:00
Tom Gundersen
2355af60dc consoled: add a unit file
The unit file is statically enabled, but still requires --enable-terminal
to actually get installed.
2014-10-04 13:19:18 +02:00
Daniel Buch
d6bc8348d5 readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
Tom Gundersen
4bd5ace3e7 units: networkd - order after udev
This way we are sure that /dev/net/tun has been given the right permissions before we try to connect to it.
Ideally, we should create tun/tap devices over netlink, and then this whole issue would go away.
2014-09-08 15:07:51 +02:00
Harald Hoyer
f3b8fbb1da initrd-parse-etc.service: ignore return code of daemon-reload
It seems the return code of systemctl daemon-reload can be !=0 in some
circumstances, which causes a failure of the unit and breaks booting in
the initrd.
2014-09-03 13:28:31 +02:00
Zbigniew Jędrzejewski-Szmek
42377d6bb7 units: update rescue.service and emergency.service
^D works in emergency.service too. One needs to log in when in rescue
mode too.
2014-08-31 00:04:44 -04:00
Zbigniew Jędrzejewski-Szmek
9c0804278b units: m4 is not needed for rescue.service 2014-08-31 00:00:06 -04:00
Zbigniew Jędrzejewski-Szmek
87502e5868 units: make emergency.service conflict with rescue.service
They both use StandardInput=tty-force so they cannot be run
concurrently.

https://bugs.freedesktop.org/show_bug.cgi?id=82778
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=757072
2014-08-30 22:33:40 -04:00
Marius Tessmann
fd5ab841e7 systemd-journal-upload: fix invalid After=
After= belongs into [Unit], not [Install]. Found with systemd-analyze
verify.
2014-08-28 18:06:02 -04:00
Marius Tessmann
47542dc8b6 systemd-firstboot.service: fix man page section
Found with systemd-analyze verify.
2014-08-28 18:06:02 -04:00
Ivan Shapovalov
42483a7474 hibernate-resume: add a tool to write a device node's major:minor to /sys/power/resume.
This can be used to initiate a resume from hibernation by path to a swap
device containing the hibernation image.

The respective templated unit is also added. It is instantiated using
path to the desired resume device.
2014-08-26 22:19:54 +02:00
Ivan Shapovalov
66f311206e units: order systemd-fsck@.service after local-fs-pre.target.
With this change, it becomes possible to order a unit to activate before any
modifications to the file systems. This is especially useful for supporting
resume from hibernation.
2014-08-26 22:19:50 +02:00
Lennart Poettering
c22bf27bee unit: remove spurious newline 2014-08-15 13:19:03 +02:00
Umut Tezduyar Lindskog
12e34d9d58 ldconfig: add configure option to disable 2014-08-14 01:01:43 +02:00
Lennart Poettering
5e8b767df6 journald: also increase the SendBuffer of /dev/log to 8M
http://lists.freedesktop.org/archives/systemd-devel/2014-August/021825.html
2014-08-13 18:53:05 +02:00
Umut Tezduyar Lindskog
e72f054eb5 ldconfig: dont run it if ldconfig is not installed 2014-08-03 00:33:01 -04:00
Zbigniew Jędrzejewski-Szmek
fa8b8030a4 units: fix typo
vrutkovs> zbyszek:
http://cgit.freedesktop.org/systemd/systemd/diff/units/systemd-journal-upload.service.in?id=ad95fd1d2b9c6344864857c2ba7634fd87753f8e - typo in Group name
2014-07-17 08:08:38 -04:00
Michael Olbrich
4bf04322b8 units/serial-getty@.service: use the default RestartSec
For pluggable ttys such as USB serial devices, the getty is restarted
and exits in a loop until the remove event reaches systemd. Under
certain circumstances the restart loop can overload the system in a
way that prevents the remove event from reaching systemd for a long
time (e.g. at least several minutes on a small embedded system).

Use the default RestartSec to prevent the restart loop from
overloading the system. Serial gettys are interactive units, so
waiting an extra 100ms really doesn't make a difference anyways
compared to the time it takes the user to log in.
2014-07-15 23:51:10 -04:00
Zbigniew Jędrzejewski-Szmek
ad95fd1d2b journal-remote: add units and read certs from default locations 2014-07-15 22:23:49 -04:00
Kay Sievers
b7e6c03d3b resolved: add busname unit file 2014-07-16 04:12:03 +02:00
Michal Sekletar
d338151228 units: make ExecStopPost action part of ExecStart
Currently after exiting rescue shell we isolate default target. User
might want to isolate to some other target than default one. However
issuing systemctl isolate command to desired target would bring system
to default target as a consequence of running ExecStopPost action.

Having common ancestor for rescue shell and possible followup systemctl
default command should fix this. If user exits rescue shell we will
proceed with isolating default target, otherwise, on manual isolate,
parent shell process is terminated and we don't isolate default target,
but target chosen by user.

Suggested-by: Michal Schmidt <mschmidt@redhat.com>
2014-07-09 18:21:04 +02:00
Lennart Poettering
e26807239b firstboot: get rid of firstboot generator again, introduce ConditionFirstBoot= instead
As Zbigniew pointed out a new ConditionFirstBoot= appears like the nicer
way to hook in systemd-firstboot.service on first boots (those with /etc
unpopulated), so let's do this, and get rid of the generator again.
2014-07-07 21:05:09 +02:00
Lennart Poettering
418b9be500 firstboot: add new component to query basic system settings on first boot, or when creating OS images offline
A new tool "systemd-firstboot" can be used either interactively on boot,
where it will query basic locale, timezone, hostname, root password
information and set it. Or it can be used non-interactively from the
command line when prepareing disk images for booting. When used
non-inertactively the tool can either copy settings from the host, or
take settings on the command line.

$ systemd-firstboot --root=/path/to/my/new/root --copy-locale --copy-root-password --hostname=waldi

The tool will be automatically invoked (interactively) now on first boot
if /etc is found unpopulated.

This also creates the infrastructure for generators to be notified via
an environment variable whether they are running on the first boot, or
not.
2014-07-07 15:25:55 +02:00
Lennart Poettering
fa229d0928 units: conditionalize configfs and debugfs with CAP_SYS_RAWIO
We really don't want these in containers as they provide a too lowlevel
look on the system.

Conditionalize them with CAP_SYS_RAWIO since that's required to access
/proc/kcore, /dev/kmem and similar, which feel similar in style. Also,
npsawn containers lack that capability.
2014-07-04 03:24:42 +02:00
Lennart Poettering
e0c74691c4 units: conditionalize static device node logic on CAP_SYS_MODULES instead of CAP_MKNOD
npsawn containers generally have CAP_MKNOD, since this is required
to make PrviateDevices= work. Thus, it's not useful anymore to
conditionalize the kmod static device node units.

Use CAP_SYS_MODULES instead which is not available for nspawn
containers. However, the static device node logic is only done for being
able to autoload modules with it, and if we can't do that there's no
point in doing it.
2014-07-04 03:24:41 +02:00
Lennart Poettering
717603e391 machinectl: show /etc/os-release information of container in status output 2014-07-03 17:54:24 +02:00
Lennart Poettering
ce38dbc84b nspawn: when running in a service unit, use systemd for restarts
THis way we can remove cgroup priviliges after setup, but get them back
for the next restart, as we need it.
2014-07-03 12:51:07 +02:00
Lennart Poettering
7caa86ac4d man: document systemd-update-done.service 2014-07-01 00:16:48 +02:00
Lennart Poettering
8ebf02d6f3 units: skip mounting /tmp if it is a symlink
We shouldn't get confused if people have symlinked /tmp somewhere, so
let's simply skip the mount then.
2014-06-30 22:49:10 +02:00
Tom Gundersen
3005a221f1 units: networkd - don't order wait-online.service before network.target
Reported by Michael Olbrich.
2014-06-30 13:06:33 +02:00
Tom Gundersen
1f87d09e98 units: local-fs.target - don't pull in default dependencies
Reported by Gerardo Exequiel Pozzi:

Looks like [commit a4a878d0] also changes a unrelated file
(units/local-fs.target) [partially]reverting the commit
40f862e3 (filesystem targets: disable default dependencies)

The side effect, at least in my case is that the "nofail" option in both
"crypttab" and "fstab" has partial effect does the default timeout
instead of continue normal boot without timeout.
2014-06-29 16:20:33 +02:00
Zbigniew Jędrzejewski-Szmek
0fdeb6e011 units: remove RefuseManualStart from units which are always around
In a normal running system, non-passive targets and units used during
early bootup are always started. So refusing "manual start" for them
doesn't make any difference, because a "start" command doesn't cause
any action.

In early boot however, the administrator might want to start on
of those targets or services by hand. We shouldn't interfere with that.

Note: in case of systemd-tmpfiles-setup.service, really running the
unit after system is up would break the system. So e.g. restarting
should not be allowed. The unit has "RefuseManualStop=yes", which
prevents restart too.
2014-06-28 00:06:30 -04:00
Cristian Rodríguez
0b73eab7a2 units/systemd-sysctl.service.in: run after load-modules
Modules might or will register new sysctl options.

[zj: This mechanism of adding modules just to reliably set sysctl
attributes is not ideal. Nevertheless, sysctl for dynamically created
attributes is simply broken, and this is the easiest workaround.]

https://bugzilla.redhat.com/show_bug.cgi?id=1022977
https://bugzilla.novell.com/show_bug.cgi?id=725412
2014-06-19 20:21:24 -04:00
Lennart Poettering
497d1986c1 units: order systemd-tmpfiles-clean.service after time-sync.target
That way, on systems lacking an RTC we don't false start removing aged
files too early.
2014-06-20 00:15:39 +02:00
Lennart Poettering
a55954297d units: add missing caps so that GetAddresses() can work 2014-06-19 19:53:16 +02:00
Lennart Poettering
9542239eaf cryptsetup: introduce new cryptsetup-pre.traget unit so that services can make sure they are started before and stopped after any LUKS setup
https://bugzilla.redhat.com/show_bug.cgi?id=1097938
2014-06-18 00:09:46 +02:00
Kay Sievers
01b85ba3ad timesyncd: do not start in virtualized environments 2014-06-17 03:34:09 +02:00
Lennart Poettering
689d781b87 units: minor cleanups 2014-06-17 02:43:44 +02:00
Lennart Poettering
324d7a53b9 networkd: don't pull in systemd-networkd-wait-online service from systemd-networkd when enabling
networkd-wait-online should never exist in the default transaction,
unless explicitly enable or pulled in via things like NFS. However, just
enabling networkd shouldn't enable networkd-wait-online, since it's
common to use the former without the latter.
2014-06-17 02:43:44 +02:00
Lennart Poettering
d54c499369 install: introduce new DefaultInstance= field for [Install] sections
The DefaultInstance= name is used when enabling template units when only
specifying the template name, but no instance.

Add DefaultInstance=tty1 to getty@.service, so that when the template
itself is enabled an instance for tty1 is created.

This is useful so that we "systemctl preset-all" can work properly,
because we can operate on getty@.service after finding it, and the right
instance is created.
2014-06-17 02:43:43 +02:00
Lennart Poettering
137243fd13 units: add a service to invoke ldconfig on system updates at boot 2014-06-16 12:33:22 +02:00
Lennart Poettering
b63bb8a724 units: drop RefuseManualStart= from a couple of update services
The only update service we really need to guard like this is
systemd-tmpfiles-setup.service since if invoked manually might create
/var/run/nologin and thus blocking the user from login. The other
services are pretty much idempotent and don't suffer by this problem,
hence let's simplify them.
2014-06-16 12:25:49 +02:00
Lennart Poettering
2db7648aa8 units: bring systemd-tmpfiles-setup-dev.service closer to systemd-tmpfiles-setup.service
Among other things, order both services relative to
systemd-sysusers.service in the same direction.
2014-06-15 23:42:53 +02:00
Kay Sievers
3a0efd7030 sysusers: order before tmpfiles which need the ids 2014-06-14 22:17:15 +02:00
Lennart Poettering
b532bdeae9 rpm: add RPM macros to apply sysusers, sysctl, and binfmt drop-ins
With this in place RPMs can make sure that whatever they drop in is
immeidately applied, and not delayed until next reboot.

This also moves systemd-sysusers back to /usr/bin, since hardcoding the
path to /usr/lib in the macros would mean compatibility breaks in
future, should we turn sysusers into a command that is actually OK for
people to call directly. And given that that is quite likely to happen
(since it is useful to prepare images with its --root= switch), let's
just prepare for it.
2014-06-13 20:11:59 +02:00
Lennart Poettering
ecde7065f7 units: rebuild /etc/passwd, the udev hwdb and the journal catalog files on boot
Only when necessary of course, nicely guarded with the new
ConditionNeedsUpdate= condition we added.
2014-06-13 13:26:32 +02:00
Lennart Poettering
a55654d598 core: add new ConditionNeedsUpdate= unit condition
This new condition allows checking whether /etc or /var are out-of-date
relative to /usr. This is the counterpart for the update flag managed by
systemd-update-done.service. Services that want to be started once after
/usr got updated should use:

        [Unit]
        ConditionNeedsUpdate=/etc
        Before=systemd-update-done.service

This makes sure that they are only run if /etc is out-of-date relative
to /usr. And that it will be executed after systemd-update-done.service
which is responsible for marking /etc up-to-date relative to the current
/usr.

ConditionNeedsUpdate= will also checks whether /etc is actually
writable, and not trigger if it isn't, since no update is possible then.
2014-06-13 13:26:32 +02:00
Lennart Poettering
8ea48dfcd3 update-done: add minimal tool to manage system updates for /etc and /var, if /usr has changed
In order to support offline updates to /usr, we need to be able to run
certain tasks on next boot-up to bring /etc and /var in line with the
updated /usr. Hence, let's devise a mechanism how we can detect whether
/etc or /var are not up-to-date with /usr anymore: we keep "touch
files" in /etc/.updated and /var/.updated that are mtime-compared with
/usr. This means:

Whenever the vendor OS tree in /usr is updated, and any services that
shall be executed at next boot shall be triggered, it is sufficient to
update the mtime of /usr itself. At next boot, if /etc/.updated and/or
/var/.updated is older than than /usr (or missing), we know we have to
run the update tools once. After that is completed we need to update the
mtime of these files to the one of /usr, to keep track that we made the
necessary updates, and won't repeat them on next reboot.

A subsequent commit adds a new ConditionNeedsUpdate= condition that
allows checking on boot whether /etc or /var are outdated and need
updating.

This is an early step to allow booting up with an empty /etc, with
automatic rebuilding of the necessary cache files or user databases
therein, as well as supporting later updates of /usr that then propagate
to /etc and /var again.
2014-06-13 13:26:32 +02:00
Lennart Poettering
d4c049bfcd units: don't conditionalize sysctl service
We install two sysctl snippets ourselves, hence the condition will
always trigger, so no point in tryng to optimize things with this, it
just will make things slower, if anything.
2014-06-13 13:26:32 +02:00
Lennart Poettering
db62b5b37e units: remove conditions from systemd-tmpfiles-setup
There's no point in conditionalizing systemd-tmpfiles at boot, since we
ship tmpfiles snippets ourselves, hence they will always trigger anyway.

Also, there's no reason to pull in local-fs.target from the service,
hence drop that.
2014-06-13 13:26:32 +02:00
Kay Sievers
0138a2dcc5 debug-shell: add condition for tty device to run on 2014-06-12 22:26:43 +02:00
Lennart Poettering
58e027023b units: order network-online.target after network.target
There might be implementations around where the network-online logic
might not talk to any network configuration service (and thus not have
to wait for it), hence let's explicitly order network-online.target
after network.target to avoid any ambiguities.
2014-06-11 15:00:45 +02:00
Lennart Poettering
96bf4ee252 units: time-sync.target probably makes sense, is not just sysv compat 2014-06-11 12:14:55 +02:00
Lennart Poettering
a4a878d040 units: introduce network-pre.target as place to hook in firewalls
network-pre.target is a passive target that should be pulled in by
services that want to be executed before any network is configured (for
example: firewall scrips).

network-pre.target should be ordered before all network managemet
services (but not be pulled in by them).

network-pre.target should be order after all services that want to be
executed before any network is configured (and be pulled in by them).
2014-06-11 12:14:55 +02:00
Mantas Mikulėnas
62be1c9aab bus-proxy: fix misplaced s/system/session/ 2014-06-10 19:34:34 +02:00
Lennart Poettering
2e2b36084a bus-proxy: read the right policy when running in user mode 2014-06-10 17:56:51 +02:00
Lennart Poettering
55152b6ede units: pull in time-sync.target from systemd-timedated.service
After all, that's what we document for time-sync.target in
systemd.special(5), hence let's follow our own suggestion.
2014-06-06 16:20:33 +02:00
Lennart Poettering
3c52ad9237 units: fix minor typo 2014-06-06 14:38:04 +02:00
Lennart Poettering
1b8689f949 core: rename ReadOnlySystem= to ProtectSystem= and add a third value for also mounting /etc read-only
Also, rename ProtectedHome= to ProtectHome=, to simplify things a bit.

With this in place we now have two neat options ProtectSystem= and
ProtectHome= for protecting the OS itself (and optionally its
configuration), and for protecting the user's data.
2014-06-04 18:12:55 +02:00
Lennart Poettering
7e9f159ca7 initctl: move /dev/initctl fifo into /run, replace it by symlink
With this change we have no fifos/sockets remaining in /dev.
2014-06-04 16:53:58 +02:00
Lennart Poettering
03ee5c38cb journald: move /dev/log socket to /run
This way we can make the socket also available for sandboxed apps that
have their own private /dev. They can now simply symlink the socket from
/dev.
2014-06-04 16:53:58 +02:00
Lennart Poettering
6a010ac9e5 bus-proxy: drop priviliges if we can
Either become uid/gid of the client we have been forked for, or become
the "systemd-bus-proxy" user if the client was root. We retain
CAP_IPC_OWNER so that we can tell kdbus we are actually our own client.
2014-06-04 11:13:08 +02:00
Kay Sievers
72543b361d remove ReadOnlySystem and ProtectedHome from udevd and logind
logind needs access to /run/user/, udevd fails during early boot
with these settings
2014-06-04 01:41:15 +02:00