1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-31 16:21:26 +03:00
Commit Graph

3480 Commits

Author SHA1 Message Date
Lennart Poettering
7785da68e6
Merge pull request #7695 from yuwata/transient-socket
DBus-API: implement transient socket unit
2017-12-23 19:20:29 +01:00
Susant Sahani
d384826f69 networkd: Add support for ipvlan L3s and flags (#7726)
This works supports to configure L3S mode and flags
such as bridge, private and vepa
2017-12-23 18:55:03 +01:00
Lennart Poettering
186d5f2e79
Merge pull request #7620 from keszybz/two-docs
Two docs
2017-12-23 12:40:48 +01:00
Lucas Werkmeister
053114090b man: mention StateDirectory in file-hierarchy(7) 2017-12-23 12:30:05 +01:00
Yu Watanabe
624dd00973 man: add explanation about transient path or socket units in systemd-run 2017-12-23 18:48:31 +09:00
Dmitry Rozhkov
5526ac50fe man: fix example config to conform the content of the man page
The config example contains wrong specificator for hostname.
It should be %H instead of %h as documented in the man page.

Use correct specificator for hostname.
2017-12-22 15:35:17 +01:00
Alan Jenkins
5e0aff564c man: User=, Group= *never* work for mount units (#7602)
Old text:

> Note that the User= and
> Group= options are not particularly useful for mount units specifying a
> "Type=" option or using configuration not specified in /etc/fstab;
> mount(8) will refuse options that are not listed in /etc/fstab if it is
> not run as UID 0.

However I recently learnt the following:

> The mount program does not read the /etc/fstab file if both device
> and dir are specified.

Therefore, if both device and dir are specified, the `user` or `users`
options in `fstab` will not have any effect.  Run as a normal user,
you will always see

    mount: only root can do that

Fix the explanation in the man page.

Also make sure to markup User= and Group= with <varname>.
2017-12-19 21:22:05 +01:00
Yu Watanabe
5af1644314 man: note that systemctl show does not overridden value
Fixes #7694.
2017-12-19 16:07:04 +09:00
Yu Watanabe
69b528832a man: LockPersonality= implies NoNewPrivileges= 2017-12-19 12:48:54 +09:00
Chris Down
e16647c39d condition: Create AssertControlGroupController (#7630)
Up until now, the behaviour in systemd has (mostly) been to silently
ignore failures to action unit directives that refer to an unavailble
controller. The addition of AssertControlGroupController and its
conditional counterpart allow explicit specification of the desired
behaviour when such a situation occurs.

As for how this can happen, it is possible that a particular controller
is not available in the cgroup hierarchy. One possible reason for this
is that, in the running kernel, the controller simply doesn't exist --
for example, the CPU controller in cgroup v2 has only recently been
merged and was out of tree until then. Another possibility is that the
controller exists, but has been forcibly disabled by `cgroup_disable=`
on the kernel command line.

In future this will also support whatever comes out of issue #7624,
`DefaultXAccounting=never`, or similar.
2017-12-18 08:53:29 +01:00
Alan Jenkins
3f2d136505 man: generalize "binary" to "program" (#7668)
Systemd services are permitted to be scripts, as well as binary
executables.

The same also applies to the underlying /sbin/mount and /sbin/swapon.
It is not necessary for the user to consider what type of program file
these are.  Nor is it necessary with systemd-nspawn, to distinguish between
init as a "binary" v.s. a user-specified "program".

Also fix a couple of grammar nits in the modified sentences.
2017-12-16 11:48:12 +01:00
Lennart Poettering
8769525f57
Merge pull request #7661 from keszybz/slice-cleanups
Slice cleanups and systemd-mount --owner
2017-12-15 20:55:39 +01:00
Zbigniew Jędrzejewski-Szmek
e09fc88440 mount: add option to specify uid= and gid=
The kernel needs two numbers, but for the user it's most convenient to provide the
user name and have that resolved to uid and gid.

Right now the primary group of the specified user is always used. That's the most
common case anyway. In the future we can extend the --owner option to allow a group
after a colon.

[I added this before realizing that this will not be enough to be used for user
runtime directory. But this seems useful on its own, so I'm keeping this commit.]
2017-12-15 14:57:07 +01:00
Ken (Bitsko) MacLeod
bd2538b50b man: Clarify when OnFailure= activates after restarts (#7646) 2017-12-15 11:10:41 +01:00
Zbigniew Jędrzejewski-Szmek
bdd2bbc445
Merge pull request #7469 from kinvolk/dongsu/nspawn-netns
nspawn: introduce an option for specifying network namespace path
2017-12-14 22:47:57 +01:00
Zbigniew Jędrzejewski-Szmek
2e772f3085 man: tone down the note that reboot/halt/poweroff are legacy
They may be old (or rather compatible implementations of old commands), but
they certainly are not going away. Apart from privilege escalation through
polkit, they are mostly equivalent.
2017-12-14 22:41:29 +01:00
Lennart Poettering
14965b94f2
resolve: extend systemd-resolve so that it can push per-interface DNS configuration into systemd-resolved (#7576)
This is useful to debug things, but also to hook up external post-up
scripts with resolved.

Eventually this code might be useful to implement a
resolvconf(8)-compatible interface for compatibility purposes. Since the
semantics don't map entirely cleanly as first step we add a native
interface for pushing DNS configuration into resolved, that exposes the
correct semantics, before adding any compatibility interface.

See: #7202
2017-12-14 20:13:14 +01:00
Daniel Black
a327431bd1 core: add EXTEND_TIMEOUT_USEC={usec} - prevent timeouts in startup/runtime/shutdown (#7214)
With Type=notify services, EXTEND_TIMEOUT_USEC= messages will delay any startup/
runtime/shutdown timeouts.

A service that hasn't timed out, i.e, start time < TimeStartSec,
runtime < RuntimeMaxSec and stop time < TimeoutStopSec, may by sending
EXTEND_TIMEOUT_USEC=, allow the service to continue beyond the limit for
the execution phase (i.e TimeStartSec, RunTimeMaxSec and TimeoutStopSec).

EXTEND_TIMEOUT_USEC= must continue to be sent (in the same way as
WATCHDOG=1) within the time interval specified to continue to reprevent
the timeout from occuring.

Watchdog timeouts are also extended if a EXTEND_TIMEOUT_USEC is greater
than the remaining time on the watchdog counter.

Fixes #5868.
2017-12-14 12:17:43 +01:00
Daniel Black
afbc75e686 man: systemd.unit: move note about clearing lists (#7621)
This is mainly for drop-in files.
2017-12-14 13:51:23 +09:00
Lennart Poettering
f95b0be742 man: "systemd" is to be written in all lower-case, even at beginnings of sentences
This very important commit is very important.
2017-12-13 17:42:04 +01:00
Dongsu Park
d7bea6b629 nspawn: introduce an option for specifying network namespace path
Add a new option `--network-namespace-path` to systemd-nspawn to allow
users to specify an arbitrary network namespace, e.g. `/run/netns/foo`.
Then systemd-nspawn will open the netns file, pass the fd to
outer_child, and enter the namespace represented by the fd before
running inner_child.

```
$ sudo ip netns add foo
$ mount | grep /run/netns/foo
nsfs on /run/netns/foo type nsfs (rw)
...
$ sudo systemd-nspawn -D /srv/fc27 --network-namespace-path=/run/netns/foo \
  /bin/readlink -f /proc/self/ns/net
/proc/1/ns/net:[4026532009]
```

Note that the option `--network-namespace-path=` cannot be used together
with other network-related options such as `--private-network` so that
the options do not conflict with each other.

Fixes https://github.com/systemd/systemd/issues/7361
2017-12-13 10:21:06 +00:00
Yu Watanabe
74dc882153
Merge pull request #7569 from keszybz/doc-reverse-settings
Document reverse settings
2017-12-13 13:42:19 +09:00
Zbigniew Jędrzejewski-Szmek
5d0e48519b man: explain noauto/nofail more carefully in crypttab
https://bugzilla.redhat.com/show_bug.cgi?id=1524759
2017-12-12 20:51:24 +01:00
Lennart Poettering
f7757a4993
Merge pull request #7352 from eddiejames/master
Add path configuration for hardware watchdog device
2017-12-08 22:22:02 +01:00
Edward A. James
c75396c30b documentation: add description for watchdog device path
Document the command line parameter and the system configuration file
setting.
2017-12-08 11:27:01 -06:00
Zbigniew Jędrzejewski-Szmek
5a15caf4b5 man: normalize indentation in systemd.unit.xml 2017-12-08 15:36:15 +01:00
Zbigniew Jędrzejewski-Szmek
2bf9250617 man: add a table of setting inverses
It would be nicer to use <footnote> to place the notes directly in the table,
but docbook renders this improperly.

v2:
- also add "RequiredBy=" to the notes section
- remove duplicated paragraph
v3:
- clarify the description
- drop References/ReferenceBy which are only shown in systemd-analyze dump
2017-12-08 15:36:15 +01:00
Dmitry Rozhkov
400f54fb36 resolved: support multiple TXT RRs per DNS-SD service
Section 6.8 of RFC 6763 allows having service instances with
multiple TXT resource records.
2017-12-08 14:29:27 +02:00
Dmitry Rozhkov
6e73d91ec8 resolved: add man page for systemd.dnssd 2017-12-08 14:29:27 +02:00
Clinton Roy
164147c336 man: missing whitespace (#7579) 2017-12-08 11:44:20 +09:00
Zbigniew Jędrzejewski-Szmek
b292066890 man: mention BoundsBy=, ConsistsOf=, RequisiteOf=
Fixes #7043.
2017-12-07 09:47:03 +01:00
Lennart Poettering
c7a54cd67b
Merge pull request #7419 from keszybz/tmpfiles-fixes
Tmpfiles --user mode and various fixes
2017-12-06 19:50:26 +01:00
Zbigniew Jędrzejewski-Szmek
0deb073a66 man: improve formatting in systemd.unit.xml 2017-12-06 10:30:26 +01:00
Zbigniew Jędrzejewski-Szmek
5a8575ef01 tmpfiles: also add %t/%S/%C/%L specifiers
sd_path_home() returns ENXIO when a variable (such as $XDG_RUNTIME_DIR) is not
defined. Previously we used ENOKEY for unresolvable specifiers. To avoid having
two codes, or translating ENXIO to ENOKEY, I replaced ENOKEY use with ENXIO.

v2:
- use sd_path_home and change to ENXIO everywhere
2017-12-06 10:30:26 +01:00
Zbigniew Jędrzejewski-Szmek
cfdda37c9f Hook up systemd-tmpfiles as user units
An explicit --user switch is necessary because for the user@0.service instance
systemd-tmpfiles is running as root, and we need to distinguish that from
systemd-tmpfiles running in systemd-tmpfiles*.service.

Fixes #2208.

v2:
- restore "systemd-" prefix
- add systemd-tmpfiles-clean.{service,timer}, systemd-setup.service to
  systemd-tmpfiles(8)
2017-12-06 10:19:35 +01:00
Zbigniew Jędrzejewski-Szmek
f2b5ca0e4e tmpfiles: add --user switch 2017-12-06 10:19:29 +01:00
ayekat
ca23eeb54c tmpfiles: Add specifiers to allow running as user instance
This commit adds specifiers %U, %u and %h for the user UID, name and
home directory, respectively.

[zj: drop untrue copy-pasted comments and move the next text
     to the new "Specifiers" section.
     Now that #7444 has been merged, also drop the specifier functions.]
2017-12-06 10:19:22 +01:00
Zbigniew Jędrzejewski-Szmek
751223fecf Fail on unknown (alphanumerical) specifiers
The code intentionally ignored unknown specifiers, treating them as text. This
needs to change because otherwise we can never add a new specifier in a backwards
compatible way. So just treat an unknown (potential) specifier as an error.

In principle this is a break of backwards compatibility, but the previous
behaviour was pretty much useless, since the expanded value could change every
time we add new specifiers, which we do all the time.

As a compromise for backwards compatibility, only fail on alphanumerical
characters. This should cover the most cases where an unescaped percent
character is used, like size=5% and such, which behave the same as before with
this patch. OTOH, this means that we will not be able to use non-alphanumerical
specifiers without breaking backwards compatibility again. I think that's an
acceptable compromise.

v2:
- add NEWS entry

v3:
- only fail on alphanumerical
2017-12-06 10:17:37 +01:00
Lennart Poettering
b57b372a05 man: fix binary path in systemd(1) (#7550)
Otherwise people might assume that systemd was installed in the $PATH,
but it is not. Do the same as for systemd-vconsole-setup.service and
friends: let's include the full path in the man page.
2017-12-05 21:46:58 +01:00
Yu Watanabe
3db93b3fc8 man: journal-remote: add missing options
This adds documents about supported, mainly SSL related,  options
in jurnal-remote, journal-upload, and journal-gatewayd.
2017-12-05 23:30:50 +09:00
Yu Watanabe
bf2d3d7cae man: fix typo 2017-12-05 23:30:47 +09:00
Yu Watanabe
e7ff71281d man: include standard-options.xml in systemd-hwdb(8) 2017-12-05 23:30:44 +09:00
Yu Watanabe
c94c581c7b man: add missing options to and use standard-options.xml in udevadm(8) 2017-12-05 23:30:41 +09:00
Yu Watanabe
a135d27105 man: lists short options in systemd-udevd.service(8)
Follow-up for 2d19c17e8e.
2017-12-04 21:05:38 +09:00
Yu Watanabe
db9b9fb99d man: convert info to information or informational 2017-12-04 21:05:18 +09:00
Yu Watanabe
af8cbf4741 man: add missing options 2017-12-04 21:02:09 +09:00
Zbigniew Jędrzejewski-Szmek
2df36d096d man: specifiers are allow for argument field in tmpfiles 2017-12-01 18:58:54 +01:00
Zbigniew Jędrzejewski-Szmek
d9daae55d5 tmpfiles: add a special return code for syntax failures
In this way, individual errors in files can be treated differently than a
failure of the whole service.

A test is added to check that the expected value is returned.
Some parts are commented out, because it is not. This will be fixed in
a subsequent commit.
2017-12-01 18:58:54 +01:00
Lennart Poettering
1a2d4d7084
Merge pull request #7237 from keszybz/growfs
Create and grow filesystems
2017-12-01 17:58:58 +01:00
Zbigniew Jędrzejewski-Szmek
58e0ac3349 man: add docs for systemd-growfs and systemd-makefs 2017-11-30 20:46:30 +01:00