1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

6832 Commits

Author SHA1 Message Date
Kazuo Moriwaka
4da5e566e7
man: mention to Age parameter in C Type 2022-05-11 15:08:34 +09:00
Kazuo Moriwaka
6f310287db
add missing cleanup-age to quickref 2022-05-10 17:41:21 +09:00
Frantisek Sumsal
624f685fe8 core: annotate Reexecute() as NoReply
So we're able to tell from the introspection data that the method
doesn't reply.
2022-05-10 14:16:11 +09:00
Yu Watanabe
3c60643848 man: fix typo 2022-05-07 15:17:56 +09:00
Yu Watanabe
87d3b4ef3b
Merge pull request #23292 from alexhenrie/dhcpv6
network: clarify relationship between RA flags and DHCPv6 modes
2022-05-07 11:42:45 +09:00
Alex Henrie
6e40d0e458 network: clarify the relationship between DHCP= and WithoutRA=
Just setting DHCP=ipv6 is not enough to get DHCPv6 working without RA.
The WithoutRA option must also be changed from its default of "no".
2022-05-06 14:01:53 -06:00
Alex Henrie
0bcc6557fb network: clarify the relationship between RA flags and DHCPv6 modes
In the documentation, using the term "managed" for both the RA flag and
the DHCPv6 mode is confusing because the mode is referred to as
"solicit" both in the official DHCPv6 documentation (see RFC 8415) and
in the WithoutRA option.

Furthermore, calling the other RA flag "other information" or "other
address configuration" is confusing because its official name is simply
"other configuration" (see RFC 4861 and RFC 5175) and it isn't used to
assign IP addresses.

Rewrite the documentation for DHCPv6Client and WithoutRA to make it
clear that getting the "managed" RA flag triggers the same kind of DHCP
request as WithoutRA=solicit, whereas getting the "other configuration"
RA flag triggers the same kind of DHCP request as
WithoutRA=information-request.
2022-05-06 14:01:53 -06:00
Yu Watanabe
af2ff171e0
Merge pull request #23272 from keszybz/logind-man-and-rules
Logind man and rules
2022-05-07 04:23:02 +09:00
Jakob Lell
14736ab6ff Amend documentation for LimitNPROC= 2022-05-05 18:04:54 +02:00
Zbigniew Jędrzejewski-Szmek
14e6e444dd bootctl: add --quiet
It's useful for installation scripts and suchlike.
Raised in https://bugzilla.redhat.com/show_bug.cgi?id=2079784#c9.
2022-05-05 12:30:06 +02:00
Zbigniew Jędrzejewski-Szmek
18eb56c3c0 bootctl: support --graceful in is-installed 2022-05-05 12:30:06 +02:00
Zbigniew Jędrzejewski-Szmek
e4239a34d7 man: deduplicate dbus versioning ref 2022-05-05 11:48:22 +02:00
Zbigniew Jędrzejewski-Szmek
01942823ae man: beef up o.fd.login1 page a bit and recommend busctl too
gdbus is an external program, so it makes sense to recommend busctl.
2022-05-05 11:48:22 +02:00
Jan Janssen
14056a52c6 meson: Use meson test suite feature
This makes it easier to only test a subset of tests without having
to specify them all on the command line:
    meson test -C build --suite headers
2022-05-04 16:11:34 +02:00
Yu Watanabe
c322cfafba man/networkctl: mention initialized state
Closes #23262.
2022-05-04 14:44:13 +01:00
Lennart Poettering
ba4b74cbc7 man: document that systemd-fstab-generator actually cares about roothash=/usrhash= on the kernel cmdline
It doesn't really care about the hash value passed (which is processed
by systemd-veritysetup-generator), but it does care about the fact that
it is set (and mounts the DM nodes /dev/mapper/usr + /dev/mapper/root in
that case).
2022-05-02 20:49:16 +01:00
Lennart Poettering
4791083bce man: correct a major missed opportunity
I don't know why this didn't occur to me earlier, but of course, it
*has* to be this data.

(This replaces some German prose about Berlin, that i guess only very
few people will get. With the new blob I think we have a much broader
chance of delivering smiles.)
2022-05-02 17:58:51 +02:00
Daan De Meyer
ef2c966acc docs: Clarify where options are read from
Let's merge the footnote with the overall explanation of where systemd
parses its options from and reword the section a bit to hopefully make
things a bit more clear.
2022-05-02 17:49:06 +02:00
Lennart Poettering
41be3b099f
Merge pull request #23170 from poettering/creds-copy
import system credentials from sd-stub + qemu fw_cfg + kernel cmdline explicitly in PID 1
2022-05-02 16:32:21 +02:00
Lennart Poettering
cfa7d57ba1
Merge pull request #23217 from keszybz/oomd-docs
More cross-references in bootctl/systemctl man pages
2022-04-28 22:30:50 +02:00
Lennart Poettering
fe672fe539 doc: add new markdown docs for credentials 2022-04-28 18:12:00 +02:00
Lennart Poettering
72267a55a1 man: document the new credentials features 2022-04-28 18:12:00 +02:00
Zbigniew Jędrzejewski-Szmek
6ef00eb846
Merge pull request #23200 from keszybz/oomd-docs
Extend the documentation for oomd a bit
2022-04-28 17:46:03 +02:00
Zbigniew Jędrzejewski-Szmek
76c068b77c man: cross-advertize bootctl and systemctl boot loader support 2022-04-28 16:44:40 +02:00
Zbigniew Jędrzejewski-Szmek
3b18f3017c man: direct users to systemd-oomd if they read about OOMPolicy
OOMPolicy remains valid, but let's push users for the userspace solution.
2022-04-28 15:46:44 +02:00
Zbigniew Jędrzejewski-Szmek
6f83ea60e9 man: beef up the description of systemd-oomd.service
The gist of the description is moved from systemd.resource-control
to systemd-oomd man page. Cross-references to OOMPolicy, memory.oom.group,
oomctl, ManagedOOMSwap and ManagedOOMMemoryPressure are added in all
places.

The descriptions are also more down-to-earth: instead of talking
about "taking action" let's just say "kill". We *might* add configuration
for different actions in the future, but we're not there yet, so let's
just describe what we do now.
2022-04-28 15:46:44 +02:00
Yu Watanabe
8ac6b05b7c tree-wide: Fix typo 2022-04-25 10:06:08 +09:00
MkfsSion
70e723c000 cryptenroll,homectl: Introduce --fido2-credential-algorithm option
* Some authenticators(like Yubikey) support credential algorithm other than ES256
* Introduce a new option so users can make use of it
2022-04-22 20:22:40 +02:00
Lennart Poettering
d43ea6c8ff man: make clear that encrypted credentials are also authenticated
We use authenticated encryption, and that deserves mention. This in
particular relevant as the fact they are authenticated makes the
credentials useful as initrd parameterization items.
2022-04-21 23:23:14 +02:00
Lennart Poettering
231a1caf5e
Merge pull request #23122 from poettering/creds-has-tpm2
tpm2: beef up tpm2 support checks
2022-04-20 23:18:02 +02:00
Lennart Poettering
ebf3ee4105 man: update TPM2 PCR documentation
The assignments were partly simply incorrectly documented, partly changed
with 4d32507f51 and partly missing.
Moreover kernel 5.17 now measures all initrds to PCR 9 on its own
(https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f046fff8bc4c4d8f8a478022e76e40b818f692df)

Let's correct all this and bring it up-to-date.

And while we are at it extend the docs about this in systemd-stub, with
a new table that indicates which OS resource is protected by which PCR.
2022-04-20 21:30:49 +02:00
Lennart Poettering
b6553329c0 creds-util: permit credentials encrypted/signed by fixed zero length keys as fallback for systems lacking TPM2
This is supposed to be useful when generating credentials for immutable
initrd environments, where it is is relevant to support credentials even
on systems lacking a TPM2 chip.

With this, if `systemd-creds encrypt --with-key=auto-initrd` is used a
credential will be encrypted/signed with the TPM2 if it is available and
recognized by the firmware. Otherwise it will be encrypted/signed with
the fixed empty key, thus providing no confidentiality or authenticity.

The idea is that distributions use this mode to generically create
credentials that are as locked down as possible on the specific
platform.
2022-04-20 17:49:17 +02:00
Lennart Poettering
eb81249e8a man: document new has-tpm2 verb 2022-04-20 16:58:18 +02:00
Sonali Srivastava
c52950c292 hostnamed: display firmware version 2022-04-19 13:54:16 +02:00
Yu Watanabe
b0c3d2b76b
Merge pull request #23107 from yuwata/man-network-numeric-prefix
man: recommend that .network or friends should have a numeric prefix
2022-04-18 07:02:10 +09:00
Yu Watanabe
625d71b9ae man: DHCPPrefixDelegation= needs to be enabled on downstream side for assigning delegated prefixes
Closes #23041.
2022-04-18 04:30:56 +09:00
Yu Watanabe
cc9b6bdc96 man: recommend that .network or friends should have a numeric prefix
Closes #23105.
2022-04-18 04:30:49 +09:00
Yu Watanabe
bd4297e761 udevadm: info: also show parent devices by --tree 2022-04-17 21:27:33 +02:00
Lennart Poettering
9117d94b9a udevadm: add new --tree mode to "udevadm info"
sysfs is a tree, hence let's a mode that allows showing it as such.
2022-04-13 14:41:05 +02:00
Lennart Poettering
5b9d199ab4 man: document new generator env vars 2022-04-13 10:44:56 +02:00
Lennart Poettering
a1d0557440 man: rebreak all paragraphs in systemd.generator(7) 2022-04-13 10:07:46 +02:00
Zbigniew Jędrzejewski-Szmek
52e30c6f81 man: add "internal" to "reference counter" 2022-04-12 15:33:05 +02:00
Zbigniew Jędrzejewski-Szmek
2a1a7910f9 man: add page for sd_device_{ref,unref,unrefp}
Gotta start somewhere.
2022-04-12 12:35:44 +02:00
Zbigniew Jędrzejewski-Szmek
69e6a46970 man: say libudev should not be used for new projects 2022-04-12 12:28:24 +02:00
Zbigniew Jędrzejewski-Szmek
fc6f59aedc man: add landing page for sd-device
We got documentation for sd-device for the first time with
b51f4eaf7b, so let's celebrate by adding a
landing page that also explains the relationship with libudev.
2022-04-12 12:28:24 +02:00
Zbigniew Jędrzejewski-Szmek
ff9412c152 Fix man page links
Based on linkchecker as usual.
2022-04-12 11:02:16 +02:00
Zbigniew Jędrzejewski-Szmek
ec7401d015 Add comments about deprecated specifiers
Inspired by 9fe20c3234. When the specifier is undocumented, it is really easy
to add a duplicate definition in  a different place.
2022-04-11 13:51:28 +02:00
Lennart Poettering
d0aba07f1a specifier: use %q for pretty hostname
%R is already used in service manager specifier expansion (cgroup root),
hence use a different char, that was so far not used.

Follow-up for: 6ceb0a4094
2022-04-08 22:18:28 +02:00
Daan De Meyer
cae7c28272 analyze: Fix verify exit status regression
Previously, systemd-analyze verify would return 0 even if warnings
were raised during analysis of the specified units or their
dependencies. With 3cc3dc7, verify was changed to return 1 when
warnings were raised.

This commit changes the default mode to _RECURSIVE_ERRORS_INVALID
so that verify returns zero again by default when warnings are
raised.
2022-04-06 23:16:02 +09:00
Michal Sekletar
66425daf2c udev/net_id: avoid slot based names only for single function devices
If we have two or more devices that share the same slot but they are
also multifunction then it is OK to use the slot information even if it
is the same for all of them. Name conflict will be avoided because we
will append function number and form names like, ens1f1, ens1f2...
2022-04-06 11:51:03 +02:00