1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

3769 Commits

Author SHA1 Message Date
Susant Sahani
866e6b7a12 networkd: enable to set IFF_ALLMULTI to network device (#9146)
networkd: allow setting set IFF_ALLMULTI flag on network devices
2018-06-01 16:22:12 +02:00
Lennart Poettering
89544ae658
Merge pull request #9014 from keszybz/fuzz-journal-remote
A fuzzer for journal-remote
2018-05-31 15:33:44 +02:00
Zbigniew Jędrzejewski-Szmek
8d96289711
Merge pull request #9145 from poettering/itsy-bitsy-fixes
trivial fixes
2018-05-31 13:38:53 +02:00
Lennart Poettering
aafcd2523b man: say more explicitly what to do in the SD_JOURNAL_INVALIDATE event
This rewords the section, explicitly distuingishing the cases of clients
that only want a continious log stream (which can simply treat
SD_JOURNAL_INVALIDATE the same way as SD_JOURNAL_APPEND) and those which
want to represent on screen the full state of the log data on disk.

This is an alternative to a part of PR #9060, but keeps an explanation
of the destinction of handling depending on the type of client.

Fixes: #8963
2018-05-31 13:24:37 +02:00
Zbigniew Jędrzejewski-Szmek
ea03f6ba0d sd-id128: return -ENOMEDIUM on null id
We currently return -ENOMEDIUM when /etc/machine-id is empty, and -EINVAL when
it is all zeros. But -EINVAL is also used for invalid args. The distinction
between empty and all-zero is not very important, let's use the same return
code.

Also document -ENOENT and -ENOMEDIUM since they can be a bit surprising.
2018-05-31 13:04:18 +02:00
Lennart Poettering
9554591d45 tree-wide: drop some double newlines 2018-05-31 12:19:34 +02:00
Lennart Poettering
642b59ff40
Merge pull request #9115 from yuwata/rfe-8491
locale: re-read configuration files if necessary
2018-05-31 11:54:01 +02:00
Lennart Poettering
309ee4c26c
Merge pull request #9144 from yuwata/sysusers-spec
sysusers: support specifier expansion for GECOS and home directory
2018-05-31 11:41:29 +02:00
Yu Watanabe
4156e767f6 locale: assume locale is for LANG= when variable name is not specified
Closes #6070.
2018-05-31 17:57:41 +09:00
Yu Watanabe
33ab22fcb9 man: mention that systemd-sysusers understand the specifier. 2018-05-31 17:37:57 +09:00
Yu Watanabe
617d253afa load-fragment: make IOScheduling{Class,Priority}= accept the empty string 2018-05-31 11:09:41 +09:00
Lennart Poettering
1004b2c7bc man: document the new sd_bus_slot_set_floating() call
Also extend the memory management description of sd-bus highlighting the
effect of "floating" slot objects a bit.
2018-05-30 17:34:34 +02:00
Lennart Poettering
d7828e117a man: fix minor typo 2018-05-30 17:13:51 +02:00
Susant Sahani
e6ebebbe6a networkd: Add ability to set MULTICAST flag on interface
Closes #9113

fix ARP toggling flag
2018-05-30 12:59:24 +02:00
Zbigniew Jędrzejewski-Szmek
706a3df4be man: recommend After= with Requisite=
Fixes #8309.
2018-05-29 18:52:45 +02:00
Lennart Poettering
052c59c3d0 man: don't refer to "service manager" in tmpfiles.d(5)
system-tmpfiles is not a "service manager" hence say "command" instead.
2018-05-29 11:39:15 +02:00
Lennart Poettering
b294e5943f core: introduce specifiers for /tmp and /var/tmp
This corresponds nicely with the specifiers we already pass for
/var/lib, /var/cache, /run and so on.

This is particular useful to update the test-path service files to
operate without guessable files, thus allowing multiple parallel
test-path invocations to pass without issues (the idea is to set $TMPDIR
early on in the test to some private directory, and then only use the
new %T or %V specifier to refer to it).
2018-05-29 11:39:15 +02:00
Lennart Poettering
709f4c472c man: sort specifier list in systemd.unit(5) alphabetically
Usually, we order our settings in our unit files in a logical order,
grouping related settings together, and putting more relevant stuff
first, instead of following a strictly alphabetical order.

For specifiers I think it makes sense to follow an alphabetical order
however, since they literally are just characters, and hence I think the
concept of alphabetical ordering is much more commanding for them. Also,
since specifiers are usually not used in combination, but mostly used
indepdently of each other I think it's not that important to group
similar ones together.

No other changes except the reordering.
2018-05-29 11:39:15 +02:00
Yu Watanabe
c2b67dc673 man: use IMAGE for portable service image name 2018-05-28 18:16:32 +09:00
Yu Watanabe
bbc1acaba0 core: add --dump-bus-properties option to systemd
If systemd is invoked with this option, this dumps all bus properties.
This may be useful for shell completion for `systemctl --property`.
2018-05-28 18:13:19 +09:00
Luca Boccassi
49805b3d81 journalctl: add with-unit mode
When dealing with a large number of template instances, for example
when launching daemons per VRF, it is hard for operators to correlate
log lines to arguments.
Add a new with-unit mode which, if available, prefixes unit and user
unit names when displaying its log messages instead of the syslog
identifier. It will also use the full timestamp with timezones, like
the short-full mode.
2018-05-25 14:45:34 +02:00
Lennart Poettering
a8c42bb8f3 man: add man pages for the portable service stuff 2018-05-24 17:01:57 +02:00
Lennart Poettering
cdc0f9be92
Merge pull request #8817 from yuwata/cleanup-nsflags
core: allow to specify RestrictNamespaces= multiple times
2018-05-24 16:49:13 +02:00
Susant Sahani
cea79e6643 networkd: Support the ability to set MTU in [Route] sections
Add support to set the route MTU.

Closes #9047
2018-05-24 16:42:40 +02:00
Zbigniew Jędrzejewski-Szmek
17c1b9a93f
Merge pull request #9024 from poettering/nspawn-attrs-more
make even more nspawn concepts configurable
2018-05-24 16:27:27 +02:00
Will Thompson
da6c7806fd tmpfiles: fix documented constant for exit code 73
sysexits.h has:

    #define EX_CANTCREAT	73	/* can't create (user) output file */

EX_DATAERR is a copy-paste error from the previous sentence, which is
correct.
2018-05-22 18:35:34 +02:00
Lennart Poettering
1688841f46 nspawn: similar to the previous patches, also make /etc/localtime handling more configurable
Fixes: #9009
2018-05-22 16:21:26 +02:00
Lennart Poettering
4e1d6aa983 nspawn: make --link-journal= configurable through .nspawn files, too 2018-05-22 16:20:08 +02:00
Lennart Poettering
09d423e921 nspawn: add greater control over how /etc/resolv.conf is handled
Fixes: #8014 #1781
2018-05-22 16:19:26 +02:00
Lennart Poettering
a5201ed6ce tree-wide: fix a couple of TABs 2018-05-22 16:13:45 +02:00
Lennart Poettering
398246292e detect-virt: add new --list command for showing all currently known VM/container envs 2018-05-22 13:14:18 +02:00
Zbigniew Jędrzejewski-Szmek
930362ab26 man: fix typo in man page citation
Fixes #9045.
2018-05-21 11:06:32 +09:00
Lucas Werkmeister
90bc77af29 man: fix typo 2018-05-19 15:01:52 +09:00
Zbigniew Jędrzejewski-Szmek
7fbb5dd5e2
Merge pull request #8940 from poettering/nspawn-attrs
nspawn: make a couple of additional container parameters configurable
2018-05-18 10:33:10 +02:00
David Tardon
f3c9133c50 inhibit: use pager for systemd-inhibit --list 2018-05-18 08:33:45 +02:00
Lennart Poettering
d107bb7d63 nspawn: add a new --cpu-affinity= switch
Similar as the other options added before, this is primarily useful to
provide comprehensive OCI runtime compatbility, but might be useful
otherwise, too.
2018-05-17 20:48:54 +02:00
Lennart Poettering
81f345dfed nspawn: add a new --oom-score-adjust= command line switch
This is primarily useful in order to provide comprehensive OCI runtime
compatibility with nspawn, but might have uses outside of it.
2018-05-17 20:48:12 +02:00
Lennart Poettering
66edd96310 nspawn: add a new --no-new-privileges= cmdline option to nspawn
This simply controls the PR_SET_NO_NEW_PRIVS flag for the container.
This too is primarily relevant to provide OCI runtime compaitiblity, but
might have other uses too, in particular as it nicely complements the
existing --capability= and --drop-capability= flags.
2018-05-17 20:47:20 +02:00
Lennart Poettering
3a9530e5f1 nspawn: make the hostname of the container explicitly configurable with a new --hostname= switch
Previously, the container's hostname was exclusively initialized from
the machine name configured with --machine=, i.e. the internal name and
the external name used for and by the container was synchronized. This
adds a new option --hostname= that optionally allows the internal name
to deviate from the external name.

This new option is mainly useful to ultimately implement the OCI runtime
spec directly in nspawn, but it might be useful on its own for some
other usecases too.
2018-05-17 20:46:45 +02:00
Lennart Poettering
bf428efb07 nspawn: add new --rlimit= switch, and always set resource limits explicitly for our container payloads
This ensures we set the various resource limits of our container
explicitly on each invocation so that we inherit less from our callers
into the payload.

By default resource limits are now set to the same values Linux
generally passes to the host PID 1, thus minimizing needless differences
between host and container environments.

The limits are now also configurable using a new --rlimit= switch. This
is preparation for teaching nspawn native OCI runtime support as OCI
permits setting resource limits for container payloads, and it hence
probably makes sense if we do too.
2018-05-17 20:45:54 +02:00
Lennart Poettering
1752d69a8b man: document what happens if --kill-signal= is not used in nspawn and --boot neither 2018-05-17 20:40:04 +02:00
Lennart Poettering
c7fc3c4cfe man: don't claim systemd-analyze was documented as part of the man-pages project
It's our own command, we document it in our own set of man pages.
2018-05-17 20:40:04 +02:00
Zbigniew Jędrzejewski-Szmek
c8e053fbe4 man: fix ProcessSizeMax= description, describe how to disable coredumps
What the man page said was different than what the code did.
save_external_coredump() will store the core temporarily for backtrace
generation, and will delete if afterwards if it is too large. So to disable
processing, it's necessary to both set
Storage=none/Storage=journal+JournalSizeMax=0/Storage=external+ExternalSizeMax=0
and ProcessSizeMax=0. This updates the man page to reflect the code.

The man pages are extended to describe that Storage=none + ProcessSizeMax=0 is
the simplest way to disable coredump processing. All the storage and processing
options make this quite complicated, so let's add a copy-and-pasteable example
of how to disable coredump. Doing it through coredump.conf has the advantage
that we still log, and the effect is immediate, unlike masking the sysconf
file.

Fixes #8788.
2018-05-17 17:15:03 +02:00
Alan Jenkins
4330dc03a0 service: FileDescriptorStoreMax should also imply NotifyAccess
Commenting out "WatchdogTimeout=3min" in systemd-logind.service causes
NotifyAccess to go from "main" to "none", breaking support for logind
restart.  Let's fix that.
2018-05-15 12:33:56 +02:00
Lucas Werkmeister
8d29bef6b5 man: fix reference in StandardOutput=
Since StandardOutput=file:path is more similar to StandardInput= than
StandardInputText=, and only StandardInput= is actually documented above
StandardOutput= whereas StandardInputText= is documented below it, I
assume the intention was to refer to the former.
2018-05-14 08:11:37 +02:00
Yu Watanabe
b5340a296c man: drop a trailing space 2018-05-13 18:44:25 +02:00
Philip Withnall
7456fa0267 man: Fix a minor typo in systemctl(1)
Signed-off-by: Philip Withnall <withnall@endlessm.com>
2018-05-11 07:24:05 -07:00
Mikhail Kasimov
32f511ec2b
Update systemd-journal-upload.service.xml
Security note on 2048 bits is added.
2018-05-11 02:43:00 +03:00
Mikhail Kasimov
562b65ca38
man: systemd-journal-upload: rsa 2048
rsa:2048 is currently in use as minimal recommended key length on cert/key generating. Specifying rsa:1024 is not recommended for security reasons.
2018-05-11 02:17:27 +03:00
Lennart Poettering
81321f51cf
Merge pull request #8824 from keszybz/analyze-show-config
systemd-analyze show-config
2018-05-10 11:14:23 -07:00