1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-05 06:52:22 +03:00
Commit Graph

24801 Commits

Author SHA1 Message Date
Lennart Poettering
34172476c8 Merge pull request #2508 from fishilico/selinux-logind
Load SELinux labelling systemd in systemd-logind
2016-02-03 21:13:30 +01:00
Lennart Poettering
d58669f08a Merge pull request #2512 from 0xAX/mount-setup
mount-setup: introduce mount_points_setup
2016-02-03 21:12:06 +01:00
Lennart Poettering
37723f806e Merge pull request #2522 from 0xAX/check-early-mount
manager: print fatal error if early mount failed
2016-02-03 21:10:56 +01:00
Lennart Poettering
a92ff4003f Merge pull request #2519 from msekletar/journalctl-device-log-current-boot-v2
journalctl: add match for the current boot when called with devpath (v2)
2016-02-03 16:26:21 +01:00
Tom Gundersen
5508e4f218 Merge pull request #2453 from poettering/journalctl-f
journalctl --fields logic
2016-02-03 15:36:06 +01:00
Michal Sekletar
3cea8e06e4 man: clarify what happens when journalctl is called with devpath 2016-02-03 13:54:32 +01:00
Michal Sekletar
485fd9a7b9 journalctl: add match for the current boot when called with devpath 2016-02-03 13:54:24 +01:00
Lennart Poettering
264a58110e Merge pull request #2507 from evverx/fix-q-on-tmpfs
tmpfiles: don't skip path_set_perms on error
2016-02-03 13:14:06 +01:00
Lennart Poettering
3938e1657d Merge pull request #2518 from msekletar/udev-manpage-fix
man: document that udev_device_new_* functions set errno on error
2016-02-03 12:29:05 +01:00
Michal Sekletar
f471010353 man: document that udev_device_new_* functions set errno on error 2016-02-03 12:14:32 +01:00
Alexander Kuleshov
d723cd6554 manager: print fatal error if early mount failed
The mount_setup_early() can fail and if it will occur, there is
no sense to make selinux setup and etc.
2016-02-03 01:45:41 +06:00
Nicolas Iooss
4b51966cf6 logind: load SELinux labelling system
systemd-logind uses mkdir_label and label_fix functions without calling
first mac_selinux_init.  This makes /run/user/$UID/ directories not
labelled correctly on an Arch Linux system using SELinux.

Fix this by calling mac_selinux_init("/run") early in systemd-logind.
This makes files created in /etc/udev/rules.d and /var/lib/systemd to be
labelled through transitions in the SELinux policy instead of using
setfscreatecon (with mac_selinux_create_file_prepare).
2016-02-02 20:07:46 +01:00
Alexander Kuleshov
400fac0609 mount-setup: introduce mount_points_setup
The mount_setup_early() and mount_setup() contain almost the same
pieces of code which calls mount_one() for a certain mount point
from the mount_table. This patch introduces mount_points_setup()
helper to prevent code duplication.
2016-02-03 01:03:12 +06:00
Lennart Poettering
c5c41f1e57 Merge pull request #2510 from msekletar/journalctl-dev-sda-v4
journalctl: make "journalctl /dev/sda" work
2016-02-02 19:34:39 +01:00
Lennart Poettering
1cb1ee5dd1 Merge pull request #2511 from nnz1024/update_russian_translation
Update russian translation
2016-02-02 19:32:36 +01:00
nnz1024
5e65027bdb catalog: updated Russian translation 2016-02-02 21:15:44 +03:00
nnz1024
a2a8c9247a po: updated Russian translation 2016-02-02 21:15:12 +03:00
Daniel Mack
14ddf4207f Merge pull request #2506 from poettering/resolved-and-more
pid 1 fixes, resolved fixes, and more
2016-02-02 17:32:31 +01:00
Michal Sekletar
795ab08f78 journalctl: make "journalctl /dev/sda" work
Currently when journalctl is called with path to block device node we
add following match _KERNEL_DEVICE=b$MAJOR:$MINOR.

That is not sufficient to actually obtain logs about the disk because
dev_printk() kernel helper puts to /dev/kmsg information about the
device in following format, +$SUBSYSTEM:$ADDRESS,
e.g. "+pci:pci:0000:00:14.0".

Now we will walk upward the syspath and add match for every device in
format produced by dev_printk() as well as match for its device node if
it exists.
2016-02-02 16:46:28 +01:00
Beniamino Galvani
1d1a3e0afb dhcp: delay restarts after NAKs
The server might answer to a DHCPREQUEST with a NAK and currently the
client restarts the configuration process immediately.  It was
observed that this can easily generate loops in which the network is
flooded with DISCOVER,OFFER,REQUEST,NAK sequences.

RFC 2131 only states that "if the client receives a DHCPNAK message,
the client restarts the configuration process" without further
details.

Add a delay with exponential backoff between retries after NAKs to
limit the number of requests and cap the delay to 30 minutes.
2016-02-02 15:23:34 +01:00
Lennart Poettering
9a07f779bb sd-journal: properly export has_{persistent|runtime}_files()
This was missing in 39fd5b08a7.
2016-02-01 23:15:54 +01:00
Lennart Poettering
ed71f95662 sd-journal: minor optimization
No need to store the object and offset data if we don't actually need it ever.
2016-02-01 22:42:33 +01:00
Lennart Poettering
69e714f3d8 journalctl: add new --fields switch to dump all currently used field names
Fixes #2176
2016-02-01 22:42:33 +01:00
Lennart Poettering
eb86030ec0 sd-journal: add an API to enumerate known field names of the journal
This adds two new calls to get the list of all journal fields names currently in use.

This is the low-level support to implement the feature requested in #2176 in a more optimized way.
2016-02-01 22:42:33 +01:00
Lennart Poettering
2c29d3324d man: document the new RuntimeMaxSec= setting 2016-02-01 22:37:58 +01:00
Lennart Poettering
d6c16624bf sd-netlink: since whe acquire the netlink socket's sockaddr anyway, let's actually verify it 2016-02-01 22:18:16 +01:00
Lennart Poettering
5c60db874d sd-netlink: don't take possesion of netlink fd from caller on failure
Fixes: #2338
2016-02-01 22:18:16 +01:00
Lennart Poettering
fabab19068 core: no need to use unlink_noerrno() 2016-02-01 22:18:16 +01:00
Lennart Poettering
36c16a7cdd core: rework unit timeout handling, and add new setting RuntimeMaxSec=
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").

This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.

This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.

Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.

This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.

Fixes: #2249
2016-02-01 22:18:16 +01:00
Lennart Poettering
c5962fcff0 update TODO 2016-02-01 22:18:16 +01:00
Lennart Poettering
cab2aca3e7 core: fix support for transient resource limit properties
Make sure we can properly process resource limit properties. Specifically, allow transient configuration of both the
soft and hard limit, the same way from the unit files. Previously, only the the hard rlimits could be configured but
they'd implicitly spill into the soft hard rlimits.

This also updates the client-side code to be able to parse hard/soft resource limit specifications. Since we need to
serialize two properties in bus_append_unit_property_assignment() now, the marshalling of the container around it is
now moved into the function itself. This has the benefit of shortening the calling code.

As a side effect this now beefs up the rlimit parser of "systemctl set-property" to understand time and disk sizes
where that's appropriate.
2016-02-01 22:18:16 +01:00
Lennart Poettering
fb8a9fc9b5 resolve: work around clang limitation
clang is apparently not smart enough to detect when a switch statement contains case statements for all possible values
of the used type. Work around that.

(And while we are at it, normalize indentation a bit)

Fixes: #2504
2016-02-01 22:18:16 +01:00
Lennart Poettering
1e5b6b4f28 shared: simplify parsing of bus properties a bit
Let's write the property name and value in one call, when that's possible, shorthing our code a bit.
2016-02-01 22:18:16 +01:00
Lennart Poettering
5c1f0be1ef core: when saving timer unit time values, store them in raw µs
Let's simplify things a bit, and make sure we don't lose accuracy.
2016-02-01 22:18:16 +01:00
Lennart Poettering
b93ea5d368 core: fix handling of AccuracyUSec and RandomDelayUSec bus properties
Clear up some confusion regarding the USec and Sec suffixes we use. In configuration files we usually use the Sec
suffix, to indicate the implied time unit if none is specified. The respective bus properties however use the USec
property, since they expose 64bit unsigned integers containing time in µs.

Before this patch timer units exposed a bus property AccuracyUSec (which hence is the correct name) but when parsing
transient property data would look for AccuracySec instead (which is incorrect). This patch ensures we look for
AccuracySec correctly, but keeps the code for AccuracyUSec in place for compatibility, but adds a warning to ensure
that apps are updated to use the right property.
2016-02-01 22:18:16 +01:00
Lennart Poettering
99d4f5e5c0 basic: add new rlimit_format() call
This formats a struct rlimit the way rlimit_parse() expects it.
2016-02-01 22:18:16 +01:00
Lennart Poettering
cb9712492f gpt-auto: don't log an EIO error if blkid finds something which is not a partition table
Fixes: #2483
2016-02-01 22:18:16 +01:00
Lennart Poettering
d0a7c5f692 core: move parsing of rlimits into rlimit-util.[ch]
This way we can reuse it for parsing rlimit settings in "systemctl set-property" and related commands.
2016-02-01 22:18:16 +01:00
Lennart Poettering
a483fb59a8 core: store for each unit when the last low-level unit state change took place
This adds a new timestamp field to the Unit struct, storing when the last low-level state change took place, and make
sure this is restored after a daemon reload. This new field is useful to allow restarting of per-state timers exactly
where they originally started.
2016-02-01 22:18:16 +01:00
Lennart Poettering
393003e1de sd-event: permit a USEC_INFINITY timeout as an alternative to a disabling an event source
This should simplify handling of time events in clients and is in-line with the USEC_INFINITY macro we already have.
This way setting a timeout to 0 indicates "elapse immediately", and a timeout of USEC_INFINITY "elapse never".
2016-02-01 22:18:15 +01:00
Lennart Poettering
1bce0ffa66 sd-event: when determining the last allowed time a time event may elapse, deal with overflows 2016-02-01 22:18:15 +01:00
Lennart Poettering
53f555b6f6 util: add usec_add() which adds two usec_t values with overflow handling 2016-02-01 22:18:15 +01:00
Lennart Poettering
011696f762 resolved: rework what ResolveHostname() with family == AF_UNSPEC means
Previously, if a hostanem is resolved with AF_UNSPEC specified, this would be used as indication to resolve both an
AF_INET and an AF_INET6 address. With this change this logic is altered: an AF_INET address is only resolved if there's
actually a routable IPv4 address on the specific interface, and similar an AF_INET6 address is only resolved if there's
a routable IPv6 address. With this in place, it's ensured that the returned data is actually connectable by
applications. This logic mimics glibc's resolver behaviour.

Note that if the client asks explicitly for AF_INET or AF_INET6 it will get what it asked for.

This also simplifies the logic how it is determined whether a specific lookup shall take place on a scope.
Specifically, the checks with dns_scope_good_key() are now moved out of the transaction code and into the query code,
so that we don't even create a transaction object on a specific scope if we cannot execute the resolution on it anyway.
2016-02-01 22:18:15 +01:00
Lennart Poettering
2afcd6902b journal-cat: don't allocate memory for the syslog identifier
Fixes: #2490
2016-02-01 22:18:15 +01:00
Lennart Poettering
7e0cdf8f1f activate: reorder --help text
Make sure the --help and --version options are mentioned first, like in all our other tools.
2016-02-01 22:18:15 +01:00
Lennart Poettering
fa994f917d activate: fix memory allocation for execv() parameters
Make sure we construct the full environment block on the heap, so that we can clean things up properly if execv()
fails.
2016-02-01 22:18:15 +01:00
Lennart Poettering
b72190e90f Merge pull request #2505 from torstehu/fix-typo4
Fix typos and a small build fix
2016-02-01 22:09:54 +01:00
Torstein Husebø
fa9e9f72b9 resolve: Silence build warning, when systemd is built without libidn
HAVE_IDN is not defined when systemd is build without it
2016-02-01 21:10:03 +01:00
Torstein Husebø
e94968ba72 resolve: fix typos 2016-02-01 21:08:00 +01:00
Lennart Poettering
fd04bba0e8 Merge pull request #2491 from martinpitt/master
tmpfiles: drop /run/lock/lockdev
2016-02-01 18:27:51 +01:00