1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-22 17:35:35 +03:00
Commit Graph

1160 Commits

Author SHA1 Message Date
Yu Watanabe
9d8cb69e7f test: rename README.testsuite -> README.md 2024-12-12 12:02:19 +09:00
Daan De Meyer
ead814a0b0 test: Remove old bash test runner
We put a timeline of 257 to remove the old bash test runner so since
we're about to release 257, let's remove the old bash test runner in
favor of the meson + mkosi test runner.
2024-12-06 18:54:10 +00:00
Tristan F.-R.
26dd4d3dd7 docs/MEMORY_PRESSURE: fix typo
corrects "focusses" -> "focuses"
2024-12-05 17:32:58 +00:00
Zbigniew Jędrzejewski-Szmek
156a77ddbc docs/CONTRIBUTING: adjust grammar, info about tests and labels
Unfortunately our CI fails pretty much constantly, so instead of saying that
"tests don't pass", weasel this into "unit tests don't pass". Also fix grammar.

Labels are adjusted automatically now, so remove that sentence.
2024-12-04 14:21:01 +00:00
Zbigniew Jędrzejewski-Szmek
4ebd6d9a10 meson: install README.logs independently of HAVE_SYSV_COMPAT
That file provides compatiblity (or more precisely the explanation for the lack
of compatibility) with syslog daemons. Those are used quite independently of
sysvinit. For example, RHEL uses rsyslog with systemd. We create
/var/log/journal, so it's no biggie to also provide /var/log/README with the
explanation. Let's keep it, since it might help some confused users, even when
compat with sysvinit is gone.
2024-11-29 14:18:15 +01:00
Luca Boccassi
088793239e docs: add reminder to run update-man-rules before tagging a release 2024-11-06 19:21:14 +00:00
Luca Boccassi
94a46c20da docs: remove 'v' prefix from meson.version
It is actually v-less
2024-11-06 19:20:00 +00:00
Zbigniew Jędrzejewski-Szmek
78ed1e973c docs/TPM2_PCR_MEASUREMENTS: drop quotes from around section titles
The section headers used quotes as if the strings were some constants. But
AFAICT, those are just normal plain-text titles. Also lowercase them, because
this is almost like a table and it's easier to read without capitalization.
2024-11-06 15:02:24 +01:00
Zbigniew Jędrzejewski-Szmek
265488414c tree-wide: use Device*T*ree spelling
We used both, in fact "Devicetree" was more common. But we have a general rule
that we capitalize all words in names and also we have a DeviceTree=
configuration setting, which we cannot change. If we use two different
spelllings, this will make it harder for people to use the correct one in
config files. So use the "DeviceTree" spelling everywhere.
2024-11-06 15:00:55 +01:00
Daan De Meyer
36c6c696a7 ask-password: Add $SYSTEMD_ASK_PASSWORD_KEYRING_TYPE
Currently ask_password_auto() will always try to store the password into
the user keyring. Let's make this configurable so that we can configure
ask_password_auto() into the session keyring. This is required when working
with user namespaces, as the user keyring is namespaced by user namespaces
which makes it impossible to share cached keys across user namespaces by using
the user namespace while this is possible with the session keyring.
2024-11-02 23:20:57 +01:00
Daan De Meyer
01d138b990 ask-password: Drop "default" for SYSTEMD_ASK_PASSWORD_KEYRING_TIMEOUT_SEC
Users can simply unset the environment variable to achieve the same effect.
2024-11-02 23:20:57 +01:00
Adrian Vovk
ad03f2d5f0 user-record: Introduce selfModifiable fields
Allows the system administrator to configure what fields the user is
allowed to edit about themself, along with hard-coded defaults.
2024-11-01 10:41:46 +00:00
Daan De Meyer
d9f4dad986 ask-password: Allow configuring the keyring timeout via an environment variable
In mkosi, we want an easy way to set the keyring timeout for every
tool we invoke that might use systemd-ask-password to query for a
password which is then stored in the kernel keyring. Let's make this
possible via a new $SYSTEMD_ASK_PASSWORD_KEYRING_TIMEOUT_SEC environment
variable.

Using an environment variable means we don't have to modify every separate
tool to add a CLI option allowing to specify the timeout. In mkosi specifically,
we'll set up a new session keyring for the mkosi process linked to the user keyring
so that any pins in the user keyring are used if available, and otherwise we'll query
for and store password in mkosi's session keyring with a zero timeout so that they stay
in the keyring until the mkosi process exits at which point they're removed from the
keyring.
2024-10-30 17:43:53 +01:00
Daan De Meyer
7ae96246f6 docs: Update instructions for building distribution packages in HACKING.md
When building distribution packages without building an image, the
distribution packages will only be located in mkosi.builddir/ now and
not in mkosi.output/, so update the documentation to reflect that.

Also add installation instructions for distributions other than CentOS/Fedora
while we're at it.
2024-10-30 11:16:42 +01:00
Daan De Meyer
a33f453702 docs: Align some comments in HACKING.md 2024-10-30 11:16:36 +01:00
Zbigniew Jędrzejewski-Szmek
99996d5f5e
Merge pull request #34245 from bluca/logind_drop_weak_delay_inhibitor
logind: drop new delay-weak inhibitor
2024-10-29 17:13:11 +01:00
Daan De Meyer
c2c75d5ade docs: Mention that a local build might be required to use mkosi
Currently we need ukify with support for --profile and --join-profile
which isn't in an official release yet so mention that a local build
from source might be required.
2024-10-24 05:33:30 +09:00
Lennart Poettering
f4c3bafd10 man: update PASSWORD_AGENTS spec, and introduce unpriv pw queries
Fixes: #1232 #2217
2024-10-21 14:14:13 +02:00
Zbigniew Jędrzejewski-Szmek
2c23b7054f
Merge pull request #34783 from keszybz/man-nspawn-private-users
Change systemd-nspawn man page to strongly recommend private users
2024-10-18 18:44:05 +02:00
Zbigniew Jędrzejewski-Szmek
487d412327 tree-wise: use "lightweight" spelling
Both spellings were used, but the dictionary says that "lightweight"
is the standard spelling.
2024-10-18 18:43:40 +02:00
Ryan Wilson
63d4c4271c cgroup: Add ManagedOOMMemoryPressureDurationSec= override setting for units
This will allow units (scopes/slices/services) to override the default
systemd-oomd setting DefaultMemoryPressureDurationSec=.

The semantics of ManagedOOMMemoryPressureDurationSec= are:
- If >= 1 second, overrides DefaultMemoryPressureDurationSec= from oomd.conf
- If is empty, uses DefaultMemoryPressureDurationSec= from oomd.conf
- Ignored if ManagedOOMMemoryPressure= is not "kill"
- Disallowed if < 1 second

Note the corresponding dbus property is DefaultMemoryPressureDurationUSec
which is in microseconds. This is consistent with other time-based
dbus properties.
2024-10-16 20:12:38 -07:00
Yu Watanabe
23615aca62 doc: fix typo
Follow-up for b3b7cf8b7c.
2024-10-17 00:49:59 +09:00
xujing
cc2030f928 pid1: add env var to override default mount rate limit interval
Similar to 24a4542c. 24a4542c can only be set 1 in 1s at most,
sometimes we may need to set to something else(such as 1 in 2s).
So it's best to let the user decide.

This also allows users to solve #34690.
2024-10-16 16:07:26 +02:00
Gaël PORTAY
8ef5ea2bf6 docs: add a missing : character
This adds the missing colon character to the section systemd-sysusers.
2024-10-14 20:11:44 +01:00
Lennart Poettering
c9b477415a man: document preference for secure_getenv() in coding style 2024-10-14 12:31:37 +01:00
Lennart Poettering
8d24b2f017
Merge pull request #34716 from dvdhrm/pr/derand
Clarify nameing-scheme in DESKTOP_ENVIRONMENT documentation
2024-10-14 11:51:43 +02:00
Arthur Shau
cc0ab8c810 timer: introduce DeferReactivation setting
By default, in instances where timers are running on a realtime schedule,
if a service takes longer to run than the interval of a timer, the
service will immediately start again when the previous invocation finishes.
This is caused by the fact that the next elapse is calculated based on
the last trigger time, which, combined with the fact that the interval
is shorter than the runtime of the service, causes that elapse to be in
the past, which in turn means the timer will trigger as soon as the
service finishes running.

This behavior can be changed by enabling the new DeferReactivation setting,
which will cause the next calendar elapse to be calculated based on when
the trigger unit enters inactivity, rather than the last trigger time.

Thus, if a timer is on an realtime interval, the trigger will always
adhere to that specified interval.
E.g. if you have a timer that runs on a minutely interval, the setting
guarantees that triggers will happen at *:*:00 times, whereas by default
this may skew depending on how long the service runs.

Co-authored-by: Matteo Croce <teknoraver@meta.com>
2024-10-11 22:54:16 +02:00
David Rheinsberg
b3b7cf8b7c docs/DESKTOP_ENVIRONMENTS: clarify name aliases
Add a note to the service-file naming scheme that reminds developers
that those names might be aliases. Hence, when parsing such unit names,
the entire name-array of a unit must be parsed, rather than just the
unit ID.

The service-name of existing applications might be already part of their
API. Hence, not all applications can switch the service ID to this new
naming scheme, but can provide suitable aliases. Document this behavior.
2024-10-11 10:46:05 +02:00
David Rheinsberg
cbaebf811e docs/DESKTOP_ENVIRONMENT: clarify <RANDOM> usage
The <RANDOM> part is optional in the naming scheme of application units.
However, this is only true for service files. Scope units must include
the <RANDOM> part, otherwise it would be impossible to parse:

The schema would be:

    `app[-<launcher>]-<ApplicationID>[-<RANDOM>].scope`

in which case a two-part name would be impossible to parse, since it is
unclear whether the launcher of the random bit where omitted.
2024-10-11 10:42:06 +02:00
David Rheinsberg
5697bce82b docs/DESKTOP_ENVIRONMENTS: fix formatting
The annotation about omittance is meant to be about the `RANDOM` string.
However, the current formatting makes it look like the entire naming
scheme is optional. Fix this.
2024-10-11 10:28:22 +02:00
Lennart Poettering
c28a13b5af docs: don't mention split-usr path anymore
We don't support split /usr/ anymore. Hence fix the paths. This
apparently matters because of PK validating the binary path.

Fixes: #34712
2024-10-11 10:27:53 +02:00
Tobias Fleig
2ea0487c1b stub: Add support for .initrd addon files
Teaches systemd-stub how to load additional initrds from addon files.
This is very similar to the support for .ucode sections in addon files,
but with different ordering. Initrds from addons have a chance to
overwrite files from the base initrd in the UKI.
2024-10-09 14:06:10 +01:00
Nils K
543015a164 Fix reference to FileDescriptorStoreMax= directive 2024-09-25 16:16:29 +02:00
Daan De Meyer
6d862a9dc0 mkosi: Add back support for running clangd within mkosi
This allows hacking on systemd without installing any build
dependencies except mkosi on the host machine.
2024-09-22 15:23:01 +02:00
Yu Watanabe
a65b864835 docs: fix typo in filename: REATLIME -> REALTIME 2024-09-17 10:21:54 +02:00
Arian van Putten
6695ff4c15 CONTROL_GROUP_INTERFACE: fix link to systemd-run code 2024-09-17 15:09:48 +09:00
Zbigniew Jędrzejewski-Szmek
2e1f83d1ab docs/ELF_DLOPEN_METADATA: add detailed example 2024-09-13 14:53:17 +02:00
Zbigniew Jędrzejewski-Szmek
9a2b54d9f7 docs/ELF_PACKAGE_METADATA: add detailed example
When the spec was initially written, we didn't add good documentation of how to
display the notes, also because there was no good way to display the data
except manually extracting the section to a file and running 'jq' on that. But
the tools have improved, so let's show the users how easy it is to use this
data.
2024-09-13 14:51:44 +02:00
Luca Boccassi
5360db2a90 logind: drop new delay-weak inhibitor
It wasn't actually requested, just a misunderstanding, so drop it.

Fixes https://github.com/systemd/systemd/issues/34091

Follow-up for 804874d26a
2024-09-13 12:32:42 +02:00
Skye Chappelle
a67a206379
Change OS X to macOS in BOOT.md (#34358) 2024-09-11 09:15:39 +02:00
Zbigniew Jędrzejewski-Szmek
229607bca8 docs/UIDS-GIDS: drop obsolete comment about Fedora
https://fedoraproject.org/wiki/Changes/RenameNobodyUser, 2018:
> Use "nobody:nobody" as the names for the kernel overflow UID:GID pair, and
> retire the old "nfsnobody" name and the old "nobody:nobody" pair with 99:99
> numbers.
2024-08-31 13:36:09 +02:00
Daan De Meyer
2701c2f67d Add $SYSTEMD_IN_CHROOT to override chroot detection
When running unprivileged, checking /proc/1/root doesn't work because
it requires privileges. Instead, let's add an environment variable so
the process that chroot's can tell (systemd) subprocesses whether
they're running in a chroot or not.
2024-08-16 10:11:29 +02:00
Daan De Meyer
74cc5e2041 docs: Mention the new mount API in the container interface doc
Let's mention that the new mount API may be used to establish new
mounts in a container without needing the /run/host/incoming directory.
2024-08-13 12:20:43 +02:00
Daan De Meyer
5f5b6fa901 docs: Update upgrade commands in HACKING.md
- Add the required options to make the package managers non interactive
- Use apt-get instead of apt
- Remove --reinstall from apt-get command so we only install newer packages
- Add --needed to pacman command so we only install newer packages
2024-08-05 15:00:24 +02:00
Daan De Meyer
7fe0ea2ead
Merge pull request #33857 from DaanDeMeyer/mkosi
Two small improvements
2024-07-29 15:40:48 +02:00
Daan De Meyer
ecfdecfd6a docs: Simplify hacking instructions a bit
We enable RuntimeBuildSources=yes by default so let's drop it from
the documentation.
2024-07-29 13:42:28 +02:00
Luca Boccassi
804874d26a logind: always check for inhibitor locks
Currently inhibitors are bypassed unless an explicit request is made to
check for them, or even in that case when the requestor is root or the
same uid as the holder of the lock.

But in many cases this makes it impractical to rely on inhibitor locks.
For example, in Debian there are several convoluted and archaic
workarounds that divert systemctl/reboot to some hacky custom scripts
to try and enforce blocking accidental reboots, when it's not expected
that the requestor will remember to specify the command line option
to enable checking for active inhibitor locks.

Also in many cases one wants to ensure that locks taken by a user are
respected by actions initiated by that same user.

Change logind so that inhibitors checks are not skipped in these
cases, and systemctl so that locks are checked in order to show a
friendly error message rather than "permission denied".

Add new block-weak and delay-weak modes that keep the previous
behaviour unchanged.
2024-07-25 12:22:36 +01:00
Jeffrey Bosboom
f7fa632682 docs/CONTROL_GROUP_INTERFACE.md: document accounting information available via D-Bus 2024-07-25 11:46:18 +01:00
Daan De Meyer
518ea76ecd docs: Document how to do stable releases 2024-07-19 16:33:36 +02:00
Daan De Meyer
d279ec4a50 mkosi: Streamline running the integration tests without building systemd
Let's document in detail how to build the integration test image and run
the integration tests without building systemd. To streamline the process,
we stop automatically using binaries from build/ when invoking mkosi directly
and don't automatically use a tools tree anymore if systemd on the host is too
old. Instead, we document these options in HACKING.md and change the mkosi meson
target to automatically use the current build directory as an extra binary search
path for mkosi.
2024-07-18 11:39:07 +02:00