IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
NOTE: the show-* subcommands do not print some properties:
this are those with types like (so), a(so), (uo),...
we need to fix this, but I'm not sure how
The sd-event APIs should be available only as part of libsystemd-bus so
that the utility calls are not linked into each independently and we can
minimize the number of libraries we have.
To write useful bus code clients need to validate utf8 frequently since
the bus reacts allergic to it. Since glibc does not provide any calls
for this, let's provide it as part of libsystemd-bus.
Old static libsystemd-bus.la becomes libsystemd-bus-internal.la.
memfd functions are also exported in the same library.
(Best viewed with --color-words -U0).
The path_id-builtin provides useful unique aliases for DRM devices. If we
want to configure DRM render-nodes for compositors, we want to avoid
storing the whole sys-path in configuration files. Hence, allow users to
store the short PATH_ID instead.
Load path_id-builtin unconditionally on DRM devices now to always provide
this alias.
This introduces a new key MACAddressPolicy.
The possible policies are 'persistent' and 'random'.
'persistent' will do nothing if the current address is the hardware address,
but if the hardware does not have an address (or another address is set for
whatever reason), we will generate an address which will be random, but
persistent between boots (based on machineid and persistent netif name).
'random' will do nothing if the kernel already set a random address, otherwise
it will generate a random one and use that instead.
This patch sets MACAddressPolicy=persistent in the default .link file.
This introduces a new key NamePolicy, which takes an ordered list of naming
policies. The first successful one is applide. If all fail the value of Name
(if any) is used.
The possible policies are 'onboard', 'slot', 'path' and 'mac'.
This patch introduces a default link file, which replaces the equivalent udev
rule.
This is intentionally as similar to sd-bus as possible. While it
would be simple to export it, the intentions is to keep this
internal (at least for the forseeable future).
Currently only synchronous communication is implemented
This tool applies hardware specific settings to network devices before they
are announced via libudev.
Settings that will probably eventually be supported are MTU, Speed,
DuplexMode, WakeOnLan, MACAddress, MACAddressPolicy (e.g., 'hardware',
'synthetic' or 'random'), Name and NamePolicy (replacing our current
interface naming logic). This patch only introduces support for
Description, as a proof of concept.
Some of these settings may later be overriden by a network management
daemon/script. However, these tools should always listen and wait on libudev
before touching a device (listening on netlink is not enough). This is no
different from how things used to be, as we always supported changing the
network interface name from udev rules, which does not work if someone
has already started using it.
The tool is configured by .link files in /etc/net/links/ (with the usual
overriding logic in /run and /lib). The first (in lexicographical order)
matching .link file is applied to a given device, and all others are ignored.
The .link files contain a [Match] section with (currently) the keys
MACAddress, Driver, Type (see DEVTYPE in udevadm info) and Path (this
matches on the stable device path as exposed as ID_PATH, and not the
unstable DEVPATH). A .link file matches a given device if all of the
specified keys do. Currently the keys are treated as plain strings,
but some limited globbing may later be added to the keys where it
makes sense.
Example:
/etc/net/links/50-wireless.link
[Match]
MACAddress=98:f2:e4:42:c6:92
Path=pci-0000:02:00.0-bcma-0
Type=wlan
[Link]
Description=The wireless link
Always add the default AM_CFLAGS first.
If variables are used in conditionals, the default assignment
of AM variables is disabled, even when the conditional is not
in use; foo_CFLAGS = $(AM_CFLAGS) is needed, even when it looks
like a no-op.
fsck-root is redundant in case an initrd is used, or in case the rootfs
is never remounted 'rw', so the new default is the correct behavior for
most users. For the rest, they should enable it in fstab.
The thing is a daemon, hence needs a "d" prefix. Also, we tend to not
abbreviate names of background components unnecessarily, since they are
not primary commands people type. Then, the fact that this thing does
socket actviation is mostly in implementationd detail for the proxy.
Also, do some minor indenting clean-ups and other code updates.
Among other things this also adds a few things necessary for the change:
- Considerably more powerful error returning APIs in libsystemd-bus
- Adapter for connecting an sd_bus to an sd_event
- As I reworked the PolicyKit logic to the new library I also made it
asynchronous, so that PolicyKit requests of one user cannot block out
another user anymore.
- We always use the macro names for common bus error. That way it is
harder to mistype them since the compiler will notice
rename old versions to ascii_*
Do not take into account zerowidth characters, but do consider double-wide characters.
Import needed utf8 helper code from glib.
v3: rebase ontop of utf8 restructuring work
[zj: tweak the algorithm a bit, move new code to separate file]
So far we tried to use epoll directly wherever we needed an event loop.
However, that has various shortcomings, such as the inability to handle
larger amounts of timers (since each timerfd costs one fd, which is a
very limited resource, usually bounded to 1024), and inability to do
priorisation between multiple queued events.
Let's add a minimal event loop API around epoll that is suitable for
implementation of our own daemons and maybe one day can become public
API for those who desire it.
This loop is part of libsystemd-bus, but may be used independently of
it.
Since on most systems with xattr systemd will compile with Smack
support enabled, we still attempt to mount various fs's with
Smack-only options.
Before mounting any of these Smack-related filesystems with
Smack specific mount options, check if Smack is functionally
active on the running kernel.
If Smack is really enabled in the kernel, all these Smack mounts
are now *fatal*, as they should be.
We no longer mount smackfs if systemd was compiled without
Smack support. This makes it easier to make smackfs mount
failures a critical error when Smack is enabled.
We no longer mount these filesystems with their Smack specific
options inside containers. There these filesystems will be
mounted with there non-mount smack options for now.
This adds a lightweight scheme how to define interfaces in static fixed
arrays which then can be easily registered on a bus connection. This
makes it much easier to write bus services.
This automatically handles implementation of the Properties,
ObjectManager, and Introspection bus interfaces.
Systemd-logind does not pull in cg_create(), if we unconditionally link
this, all users of systemd-logind qill need the label stuff and therefore
link against selinux.
It is probably a build-system issue, or something that need to be sorted
out in a differnt way than linking not needed libs.
This reverts commit ceadabb102.
libsystemd-login.la uses cg_create() that currently seems to be a part
of libsystemd-label.la. However, it doesn't link against that library
and it seems that none of the (unconditional) libraries it uses do. In
the end, people end up getting «undefined reference to `cg_create'»
when trying to build e.g. dbus.
liblogind-core.la was underlinked, missing a few functions
defined in logind.c. They are moved to a new file, logind-core.c,
and this file is linked into liblogind-core.la.
In addition, logind-acl.c is attached to the liblogind-core.la,
instead of systemd-logind directly.
Prefer firmware-provided performance data over loader-exported ones; if
ACPI data is available, always use it, otherwise try to read the loader
data.
The firmware-provided variables start at the time the first EFI image
is executed and end when the operating system exits the boot services;
the (loader) time calculated in systemd-analyze increases.
In the process, rename udev_encode_string which is poorly named for what
it does. It deals specifically with encoding names that udev creates and
has its own rules: utf8 is valid but some ascii is not (e.g. path
separators), and everything else is simply escaped. Rename it to
encode_devnode_name.
A session-device is a device that is bound to a seat and used by a
session-controller to run the session. This currently includes DRM, fbdev
and evdev devices. A session-device can be created via RequestDevice() on
the dbus API of the session. You can drop it via ReleaseDevice() again.
Once the session is destroyed or you drop control of the session, all
session-devices are automatically destroyed.
Session devices follow the session "active" state. A device can be
active/running or inactive/paused. Whenever a session is not the active
session, no session-device of it can be active. That is, if a session is
not in foreground, all session-devices are paused.
Whenever a session becomes active, all devices are resumed/activated by
logind. If it fails, a device may stay paused.
With every session-device you request, you also get a file-descriptor
back. logind keeps a copy of this fd and uses kernel specific calls to
pause/resume the file-descriptors. For example, a DRM fd is muted
by logind as long as a given session is not active. Hence, the fd of the
application is also muted. Once the session gets active, logind unmutes
the fd and the application will get DRM access again.
This, however, requires kernel support. DRM devices provide DRM-Master for
synchronization, evdev devices have EVIOCREVOKE (pending on
linux-input-ML). fbdev devices do not provide such synchronization methods
(and never will).
Note that for evdev devices, we call EVIOCREVOKE once a session gets
inactive. However, this cannot be undone (the fd is still valid but mostly
unusable). So we reopen a new fd once the session is activated and send it
together with the ResumeDevice() signal.
With this infrastructure in place, compositors can now run without
CAP_SYS_ADMIN (that is, without being root). They use RequestControl() to
acquire a session and listen for devices via udev_monitor. For every
device they want to open, they call RequestDevice() on logind. This
returns a fd which they can use now. They no longer have to open the
devices themselves or call any privileged ioctls. This is all done by
logind.
Session-switches are still bound to VTs. Hence, compositors will get
notified via the usual VT mechanisms and can cleanup their state. Once the
VT switch is acknowledged as usual, logind will get notified via sysfs and
pause the old-session's devices and resume the devices of the new session.
To allow using this infrastructure with systems without VTs, we provide
notification signals. logind sends PauseDevice("force") dbus signals to
the current session controller for every device that it pauses. And it
sends ResumeDevice signals for every device that it resumes. For
seats with VTs this is sent _after_ the VT switch is acknowledged. Because
the compositor already acknowledged that it cleaned-up all devices.
However, for seats without VTs, this is used to notify the active
compositor that the session is about to be deactivated. That is, logind
sends PauseDevice("force") for each active device and then performs the
session-switch. The session-switch changes the "Active" property of the
session which can be monitored by the compositor. The new session is
activated and the ResumeDevice events are sent.
For seats without VTs, this is a forced session-switch. As this is not
backwards-compatible (xserver actually crashes, weston drops the related
devices, ..) we also provide an acknowledged session-switch. Note that
this is never used for sessions with VTs. You use the acknowledged
VT-switch on these seats.
An acknowledged session switch sends PauseDevice("pause") instead of
PauseDevice("force") to the active session. It schedules a short timeout
and waits for the session to acknowledge each of them with
PauseDeviceComplete(). Once all are acknowledged, or the session ran out
of time, a PauseDevice("force") is sent for all remaining active devices
and the session switch is performed.
Note that this is only partially implemented, yet, as we don't allow
multi-session without VTs, yet. A follow up commit will hook it up and
implemented the acknowledgements+timeout.
The implementation is quite simple. We use major/minor exclusively to
identify devices on the bus. On RequestDevice() we retrieve the
udev_device from the major/minor and search for an existing "Device"
object. If no exists, we create it. This guarantees us that we are
notified whenever the device changes seats or is removed.
We create a new SessionDevice object and link it to the related Session
and Device. Session->devices is a hashtable to lookup SessionDevice
objects via major/minor. Device->session_devices is a linked list so we
can release all linked session-devices once a device vanishes.
Now we only have to hook this up in seat_set_active() so we correctly
change device states during session-switches. As mentioned earlier, these
are forced state-changes as VTs are currently used exclusively for
multi-session implementations.
Everything else are hooks to release all session-devices once the
controller changes or a session is closed or removed.
There's now some more obvious overlap amongst the two utf8 validation
functions, but no more than there already was previously.
This also adds some menial tests for anyone who wants to do more
merging of these two in the future.
systemd-logind will start user@.service. user@.service unit uses
PAM with service name 'systemd-user' to perform account and session
managment tasks. Previously, the name was 'systemd-shared', it is
now changed to 'systemd-user'.
Most PAM installations use one common setup for different callers.
Based on a quick poll, distributions fall into two camps: those that
have system-auth (Redhat, Fedora, CentOS, Arch, Gentoo, Mageia,
Mandriva), and those that have common-auth (Debian, Ubuntu, OpenSUSE).
Distributions that have system-auth have just one configuration file
that contains auth, password, account, and session blocks, and
distributions that have common-auth also have common-session,
common-password, and common-account. It is thus impossible to use one
configuration file which would work for everybody. systemd-user now
refers to system-auth, because it seems that the approach with one
file is more popular and also easier, so let's follow that.
* Introduce a macro to conditionally execute tests. This avoids
skipping the entire test if some parts require systemd
* Skip the journal tests when no /etc/machine-id is present
* Change test-catalog to load the catalog from the source directory
of systemd.
* /proc/PID/comm got introduced in v2.6.33 but travis is still
using v2.6.32.
* Enable make check and make distcheck on the travis build
* Use -D"CATALOG_DIR=STR($(abs_top_srcdir)/catalog)" as a STRINGIY
would result in the path '/home/ich/source/linux' to be expanded
to '/home/ich/source/1' as linux is defined to 1.
Building for a different version of Python requires removing all
build products for the old version. There's no nice way to do it,
short of doing 'make clean'. The new 'clean-python' target is a
bit hacky, but seems to work:
./configure PYTHON=python2 && make && make install
make clean-python
./configure PYTHON=python3 --disable-gtk-doc --disable-man-pages && make && make install
should install modules for both versions of Python.
Some of the options in systemd can take multiple arguments, such as
systemctl's --type option. Previously, you would only be able to
complete a single type after the -t, but now zsh will continue to
complete the types, separating them by commas.
systemd-inhibit's --what command has colon (:), and that has been taken
into account.
_hosts_or_user_at_host was used by 6 different completions, and
previously was in all 6 of those files. I moved it out to its own file,
_sd_hosts_or_user_at_host. This will be autoloaded for use in other
completion functions. It also allows external completions to use this
function by simply calling _sd_hosts_or_user_at_host as in the systemd
completions.
As many laptops don't save/restore screen brightness across reboots,
let's do this in systemd with a minimal tool, that restores the
brightness as early as possible, and saves it as late as possible. This
will cover consoles and graphical logins, but graphical desktops should
do their own per-user stuff probably.
This only touches firmware brightness controls for now.
This adds a simple generator that is capable of automatically
discovering certain GPT partitions by their type UUID and mount/enable
them. This currently covers swap partitions and /home partitions, but is
expected to grow more features soon.
This currently doesn't handle LUKS encrypted /home.
This enables all swap partitions of type
0657fd6da4ab43c484e50933c84b4f4f, if found.
This mounts the first partition of type 933ac7e12eb44f13b8440e14e2aef915
as /home, if it is found.
In fba1ea0 'build: do not link everything with -lrt (and
therefore -pthread)' librt was removed from the list of
libraries. But libsd-daemon-internal also uses symbols from
librt and librt must thus be added everywhere where
libsd-daemon-interal is used, or otherwise linking might
fail:
/usr/bin/ld: ./.libs/libudev-core.a(sd-daemon.o): undefined reference to symbol 'mq_getattr@@GLIBC_2.3.4'
/usr/bin/ld: note: 'mq_getattr@@GLIBC_2.3.4' is defined in DSO /lib64/librt.so.1 so try adding it to the linker command line
We export the location of a bunch of directories this way,
so it makes sense to add those three. Especially catalogdir
is something that we want people to add things to.
Note on the naming: the first two are tied closely to systemd
itself, so I prefixed them with "systemd". The third one is
rather more generic, so no prefix.
https://bugs.freedesktop.org/show_bug.cgi?id=67635
Moved zsh shell completion to shell-completion/zsh/_systemd for
automake's sake. Also allow users to specify where the files should go
with::
./configure --with-zshcompletiondir=/path/to/some/where
and by default going to `$datadir/zsh/site-functions`
Python 2.7, and 3.2 and higher support querying compilation
flags through pkg-config. This makes python support follow
rules similar to various other optional compilation-time
libraries. New flags are called PYTHON_DEVEL_CFLAGS and
PYTHON_DEVEL_LIBS, because PYTHON (without _DEVEL), is
already used for the python binary name, and things would
be confusing if the same prefix was used for two things.
configure has --disable-python-devel to disable python modules.
One advantage is that CFLAGS for modules gets smaller:
- -I/usr/include/python3.3m -I/usr/include/python3.3m -Wno-unused-result -DDYNAMIC_ANNOTATIONS_ENABLED=1 -DNDEBUG -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -D_GNU_SOURCE -fPIC -fwrapv
+ -I/usr/include/python3.3m
as does LIBS:
- -lpthread -ldl -lutil -lm -lpython3.3m
+ -lpython3.3m
Support for Python 2.6 is removed, but can be easily
restored by using
PYTHON_DEVEL_CFLAGS="$(python2.6-config --cflags)",
etc., as ./configure parameters.
https://bugs.freedesktop.org/show_bug.cgi?id=57800
Yesterday I added test-suite.log as dependency to the .PRECIOUS
target. Automake is warning about this target being redefined
and from what I see there is no way I can stop the warning but
I can add the %MAKEFILE% as dependency.
automake warning:
Makefile.am:35: warning: user target '.PRECIOUS' defined here ...
/usr/share/automake-1.13/am/configure.am: ... overrides Automake target '.PRECIOUS' defined here
[zj: s/%MAKEFILE%/Makefile/ because %MAKEFILE% wasn't actually substituted properly.]
The addition of .DELETE_ON_ERROR will lead to the removal of the
test-suite.log in case of a test failure. Mark the rule as PRECIOUS
to keep that file around.
Enable coverage with --enable-coverage.
"make coverage" will create the report locally,
"make coverage-sync" will upload the report to
http://www.freedesktop.org/software/systemd/coverage/.
Requires lcov version 1.10 to handle naming in systemd and to
use the --no-external option.
[zj: make the coverage at least generate something with
separate build dir, simplify rules a bit: all errors
are mine. ]
As of kmod v14, it is possible to export the static node information from
/lib/modules/`uname -r`/modules.devname in tmpfiles.d(5) format.
Use this functionality to let systemd-tmpfilesd create the static device nodes
at boot, and drop the functionality from systemd-udevd.
As an effect of this we can move from systemd-udevd to systemd-tmpfiles-setup-dev:
* the conditional CAP_MKNOD (replaced by checking if /sys is mounted rw)
* ordering before local-fs-pre.target (see 89d09e1b5c)
RPM macros are moved from /etc to /usr, in the sprit of moving
in the direction of empty /etc.
RPM gained support for the new directory recently, in v. 4.10.90:
https://bugzilla.redhat.com/show_bug.cgi?id=846679.
Embedded folks don't need the machine registration stuff, hence it's
nice to make this optional. Also, I'd expect that machinectl will grow
additional commands quickly, for example to join existing containers and
suchlike, hence it's better keeping that separate from loginctl.
"Scope" units are very much like service units, however with the
difference that they are created from pre-existing processes, rather
than processes that systemd itself forks off. This means they are
generated programmatically via the bus API as transient units rather
than from static configuration read from disk. Also, they do not provide
execution-time parameters, as at the time systemd adds the processes to
the scope unit they already exist and the parameters cannot be applied
anymore.
The primary benefit of this new unit type is to create arbitrary cgroups
for worker-processes forked off an existing service.
This commit also adds a a new mode to "systemd-run" to run the specified
processes in a scope rather then a transient service.
Fixed build on debian wheezy:
./.libs/libudev.so: undefined reference to `cg_create'
Appears to have no influence on the resulting binaries and
libraries. Cf. b5fafdf63f.
Transient units can be created via the bus API. They are configured via
the method call parameters rather than on-disk files. They are subject
to normal GC. Transient units currently may only be created for
services (however, we will extend this), and currently only ExecStart=
and the cgroup parameters can be configured (also to be extended).
Transient units require a unique name, that previously had no
configuration file on disk.
A tool systemd-run is added that makes use of this functionality to run
arbitrary command lines as transient services:
$ systemd-run /bin/ping www.heise.de
Will cause systemd to create a new transient service and run ping in it.
Replace the very generic cgroup hookup with a much simpler one. With
this change only the high-level cgroup settings remain, the ability to
set arbitrary cgroup attributes is removed, so is support for adding
units to arbitrary cgroup controllers or setting arbitrary paths for
them (especially paths that are different for the various controllers).
This also introduces a new -.slice root slice, that is the parent of
system.slice and friends. This enables easy admin configuration of
root-level cgrouo properties.
This replaces DeviceDeny= by DevicePolicy=, and implicitly adds in
/dev/null, /dev/zero and friends if DeviceAllow= is used (unless this is
turned off by DevicePolicy=).
- This changes all logind cgroup objects to use slice objects rather
than fixed croup locations.
- logind can now collect minimal information about running
VMs/containers. As fixed cgroup locations can no longer be used we
need an entity that keeps track of machine cgroups in whatever slice
they might be located. Since logind already keeps track of users,
sessions and seats this is a trivial addition.
- nspawn will now register with logind and pass various bits of metadata
along. A new option "--slice=" has been added to place the container
in a specific slice.
- loginctl gained commands to list, introspect and terminate machines.
- user.slice and machine.slice will now be pulled in by logind.service,
since only logind.service requires this slice.
In order to prepare for the kernel cgroup rework, let's introduce a new
unit type to systemd, the "slice". Slices can be arranged in a tree and
are useful to partition resources freely and hierarchally by the user.
Each service unit can now be assigned to one of these slices, and later
on login users and machines may too.
Slices translate pretty directly to the cgroup hierarchy, and the
various objects can be assigned to any of the slices in the tree.
quotaon.service is already installed through dist_systemunit_DATA, so it doesn't
need to be added to nodist_systemunit_DATA. Installing the same file twice
results in a race condition where the install process can fail.
https://bugs.freedesktop.org/show_bug.cgi?id=65659
[zj: actually remove quotaon.service from the other list.]
We want to allow clients to process an sd_bus_message on a different
thread than it was received on. Since unreffing a bus message might
readd some of its memfds to the memfd cache add some minimal locking
around the cache.
That way ordering it with MountsRequiredFor= works properly, as this no
longer results in mount units start requests to be added to the shutdown
transaction that conflict with stop requests for the same unit.
This will launch $(PYTHON) with $LD_LIBRARY_PATH and $PYTHONPATH
as ./configure-d and DESTDIR-ed. Use as:
make install DESTDIR=/var/tmp/inst python-shell
Previous commit (20d408766) was broken. The problem is not connected
to DESTDIR being set or not, but to the fact that targets in
$GENERAL_ALIASES have directory components, so mkdir -p wasn't
recursing deep enough.
grawity> ln: failed to create symbolic link
‘/home/grawity/pkg/aur/systemd-git/pkg/systemd//etc/systemd/system/multi-user.target.wants/remote-fs.target’: No such file or directory
A new config file /etc/systemd/sleep.conf is added.
It is parsed by systemd-sleep and logind. The strings written
to /sys/power/disk and /sys/power/state can be configured.
This allows people to use different modes of suspend on
systems with broken or special hardware.
Configuration is shared between systemd-sleep and logind
to enable logind to answer the question "can the system be
put to sleep" as correctly as possible without actually
invoking the action. If the user configured systemd-sleep
to only use 'freeze', but current kernel does not support it,
logind will properly report that the system cannot be put
to sleep.
https://bugs.freedesktop.org/show_bug.cgi?id=57793https://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=7e73c5ae6e7991a6c01f6d096ff8afaef4458c36http://lists.freedesktop.org/archives/systemd-devel/2013-February/009238.html
SYSTEM_CONFIG_FILE and USER_CONFIG_FILE defines were removed
since they were used in only a few places and with the
addition of /etc/systemd/sleep.conf it becomes easier to just
append the name of each file to the dir name.
Do the depmod in the kernel-install hooks, so hooks can produce/install
kernel modules and be part of the depmod.
Also move the basic boot loader entry creation and removal to a
plugin script.
If PRETTY_NAME is not defined in /etc/os-release, fallback to
PRETTY_NAME="Linux $KERNEL_VERSION".
Add documentation for everything in the man page.
When rsyncing to fd.o, rsync would fail on symlinks in man/.
We don't care about the times too much anyway. rsync will
set times to "now", which is fine, since modification times
don't matter much outside of each uploader's machine anyway.
The point is to complete all steps of the transfer, so Python
documentation is properly updated.
The same old story as d3b9e0ff: those two use libsystemd-shared, and
in turn, some functions in libsystemd-shared use libsystemd-daemon.
The fact that *those* functions are used neither by the python modules
in question nor pam_systemd isn't always enough. Currently, I'm seeing
linking failures with -flto. The result of adding
libsystemd-daemon-internal to the list of linked libraries should be
harmless, with no change in size or final link requirements.
libsystemd-audit needs functions from libsystemd-shared, so
libsystemd-audit needs to appear first. Otherwise:
CCLD systemd-logind
./.libs/libsystemd-audit.a(audit.o): In function `audit_session_from_pid':
/home/josh/src/systemd/src/shared/audit.c:50: undefined reference to `detect_container'
This patch adds --disable-tests to configure. It is based on a patch
posted by Thierry Reding in 2010. The motivation for adding it is that
some tests fail link-time when cross-compiling.
The patch adds a new Makefile variable -- manual_tests -- and uses
that instead of noinst_PROGRAMS. However, if ENABLE_TESTS is true,
the former is added to the latter. It also renames noinst_tests to
simply tests.
This bit of code is mostly stolen from coredump.c. We construct
a simple journal message and append the bootchart file in the
journal automatically.
You can extract the latest bootchart from the current boot with
something like:
$ journalctl -b MESSAGE_ID=9f26aa562cf440c2b16c773d0479b518 --field=BOOTCHART
which prints it to stdout.
None of the other logic is touched. The journal entry is created
even if bootchart was run manually, which is probably wrong.
Since v183, the contents of /usr/lib/udev/devices is no longer copied to /dev
on boot, rather systemd-tmpfiles should be used instead. However, as
systemd-tmpfiles --create is only ran long after udevd has been started, it is
no longer possible to use udev rules to assign permissions to the static nodes.
This calls systemd-tmpfiles --create early, before udev is started, and
restricts the call to /dev, which is known to be mounted already.
In the future, this could also take over the creation of static device nodes
from systemd-udevd.
georgem> libsystemd-id128.so: undefined reference to `sd_listen_fds'
In some toolchains (--as-needed not used or not working), the
toolchain doesn't drop this dependency. It is introduced because
sd-id128.so is linked against sd-shared.la, and some functions therein
use libsystemd-daemon, but libsd-id128 doesn't use any of those
functions.
This results in no change in libsystemd-id128.so when the unused
symbols are properly stripped.
Implement this with a proper state machine, so that newlines and
escaped chars can appear in string assignments. This should bring the
parser much closer to shell.
Since journal-gatewayd is now running unprivileged, and detecting
virtalization requires privileges, query PID1 via D-Bus for the used
virtualization.
This is also the first time we use libsystemd-bus for more than just
testing.
https://bugs.freedesktop.org/show_bug.cgi?id=62173
This makes it easier to add substitutions to man pages,
avoiding the separate transformation step.
mkdir -p's are removed from the rule, because xsltproc will
will create directories on it's own.
All in all, two or three forks per man page are avoided,
which should make things marginally faster.
Unfortunately python parsers must too be tweaked to handle
entities. This isn't particularly easy: with lxml a custom
Resolver can be used, but the stdlib etree doesn't support
external entities *at all*. So when running without lxml,
the entities are just removed. Right now it doesn't matter,
since the entities are not indexed anyway. But I intend to
add indexing of filenames in the near future, and then the
index generated without lxml might be missing a few lines.
Oh well.
In order to write tests for the catalog functions, they
are made non-static and start taking a 'database' parameter,
which is the name of a file with the preprocessed catalog
entries.
This makes it possible to make test-catalog part of the
normal test suite, since it now only operates on files
in /tmp.
Some more tests are added.
Readahead has all sorts of bad side effects depending on your
storage media. On rotating disks, it may be degrading startup
performance if enough requests are queued spanning linearly
over all blocks early at boot, and mount, blkid and friends
want to insert reads to the start of these block devices after.
The end result is that on spinning disks with ext3/4 that udev
and mounts take a very long time, and nothing really happens until
readahead is completely finished.
This has the net effect that the CPU is almost entirely idle
for the entire period that readahead is working. We could have
finished starting up quite a lot of services in this time if
we were smarter at how we do readahead.
This patch sorts all requests into 2 second "chunks" and sub-sorts
each chunk by block. This adds a single cross-drive seek per "chunk"
but has the benefit that we will have a lot of the blocks we need
early on in the boot sequence loaded into memory faster.
For a comparison of how before/after bootcharts look (ext4 on a
mobile 5400rpm 250GB drive) please look at:
http://foo-projects.org/~sofar/blocked-tests/
There are bootcharts in the "before" and "after" folders where you
should be able to see that many low-level services finish 5-7
seconds earlier with the patch applied (after).
With the conversion from pci-db + usb-db to hwdb, the property
got accitentially renamed.
Move the name back to the long established identifier *MODEL*
instead of *PRODUCT*.
$ git grep -l ID_MODEL_FROM_DATABASE
hwdb/20-pci-vendor-model.hwdb
hwdb/20-usb-vendor-model.hwdb
hwdb/ids-update.pl
man/systemd.device.xml
rules/78-sound-card.rules
src/core/device.c
src/cryptsetup/cryptsetup.c
Please see the documentation (e.g. pydoc3 systemd.daemon) for full
description. As usual, systemd._daemon wraps the raw interface, while
systemd.daemon provides the more pythonic API. sd_listen_fds,
sd_booted, sd_is_fifo, sd_is_socket, sd_is_socket_unix,
sd_is_socket_inet, sd_is_mq, and SD_LISTEN_FDS_START are currently
wrapped.
First, rename root-fs.target to initrd-root-fs.target to clarify its usage.
Mount units with "x-initrd-rootfs.mount" are now ordered before
initrd-root-fs.target. As we sometimes construct /sysroot mounts in
/etc/fstab in the initrd, we want these to be mounted before the
initrd-root-fs.target is active.
initrd.target can be the default target in the initrd.
(normal startup)
:
:
v
basic.target
|
______________________/|
/ |
| sysroot.mount
| |
| v
| initrd-root-fs.target
| |
| v
| initrd-parse-etc.service
(custom initrd services) |
| v
| (sysroot-usr.mount and
| various mounts marked
| with fstab option
| x-initrd.mount)
| |
| v
| initrd-fs.target
| |
\______________________ |
\|
v
initrd.target
|
v
initrd-cleanup.service
isolates to
initrd-switch-root.target
|
v
______________________/|
/ |
| initrd-udevadm-cleanup-db.service
| |
(custom initrd services) |
| |
\______________________ |
\|
v
initrd-switch-root.target
|
v
initrd-switch-root.service
|
v
switch-root
https://bugs.freedesktop.org/show_bug.cgi?id=62085
/usr/lib/gcc/x86_64-pc-linux-gnu/4.6.3/../../../../lib64/libsystemd-login.so:
undefined reference to `sd_listen_fds'
In ee465038ce 'build-sys: break dependency loop between
libsystemd-id128.la and -shared.la', a partial fix was applied, and
the use of functions from libsystemd-id128 was removed from
libsystemd-shared. Nevertheless, fdset.c was still using sd_listen_fds,
so libsystemd-login should be linked against libysystemd-daemon
or libsystemd-daemon-internal.
Tested-by: Elias Probst <mail@eliasprobst.eu>
Instead of using local-fs*.target in the initrd, use root-fs.target for
sysroot.mount and initrd-fs.target for /sysroot/usr and friends.
Using local-fs.target would mean to carry over the activated
local-fs.target to the isolated initrd-switch-root.target and thus in
the real root. Having local-fs.target already active after
deserialization causes ordering problems with the real root services and
targets.
We better isolate to targets for initrd-switch-root.target, which are
only available in the initrd.
This should help readers of the man or HTML pages know if the documentation
is out of date. An alternative to use a date generated from 'git log' was
considered, but since we try to keep user visible documentation up to date,
showing the project version should be enough.
Let's update bootchar to share the coding style a bit more with the rest
of the package.
- Some tabs/spaces fixes
- add #pragma to header
- split up header so that we have a 1:1 relation between .c and .h files
like everywhere else
- Prefix user command line arguments/configuration settings with "arg_".
- other coding style fixes
SMACK is the Simple Mandatory Access Control Kernel, a minimal
approach to Access Control implemented as a kernel LSM.
The kernel exposes the smackfs filesystem API through which access
rules can be loaded. At boot time, we want to load the access rules
as early as possible to ensure all early boot steps are checked by Smack.
This patch mounts smackfs at the new location at /sys/fs/smackfs for
kernels 3.8 and above. The /smack mountpoint is not supported.
After mounting smackfs, rules are loaded from the usual location.
For more information about Smack see:
http://www.kernel.org/doc/Documentation/security/Smack.txt
Since sd_journal_reliable_fd wasn't exported before, it is as if
it was added now. Library "current" number must be bumped.
michich> Someone links with the fixed version and produces a RPM with
his program. The RPM will happily install on a system with an
old systemd version (the deps will appear fine), but the
program will fail to run.
Previously all journal files were owned by "adm". In order to allow
specific users to read the journal files without granting it access to
the full "adm" powers, introduce a new specific group for this.
"systemd-journal" has to be created by the packaging scripts manually at
installation time. It's a good idea to assign a static UID/GID to this
group, since /var/log/journal might be shared across machines via NFS.
This commit also grants read access to the journal files by default to
members of the "wheel" and "adm" groups via file system ACLs, since
these "almost-root" groups should be able to see what's going on on the
system. These ACLs are created by "make install". Packagers probably
need to duplicate this logic in their postinst scripts.
This also adds documentation how to grant access to the journal to
additional users or groups via fs ACLs.
Split the large bash completion script into separate, smaller files each
named after the binary it is used for and move the files to
/usr/share/bash-completion/completions. This way the completions can be
loaded on demand and we only install the completions for the tools we
actually build. The old path /etc/bash_completion.d/ is deprecated and
will disappear in the future.
This will:
* mount all configured filesystems (typically the rootfs on /sysroot)
* reload the configuration to pick up anything from the mounted fs (typically
/sysroot/etc/fstab)
* mount any newly configured filesystems (typically /usr on /sysroot/usr, if
applicable)
* shut-down and clean-up any daemons running in the initramfs (typically udevd)
* switch-root to /sysroot and start the real init
For an example of what files should be included in an initramfs based on this
see
<https://mailman.archlinux.org/pipermail/arch-projects/2013-February/003628.html>.
Cc: Harald Hoyer <harald.hoyer@gmail.com>
Cc: Dave Reisner <d@falconindy.com>
* python-systemd-reader:
python-systemd: rename Journal to Reader
build-sys: upload python documentation to freedesktop.org
systemd-python: add Journal class for reading journal
python: build html docs using sphinx
journalct: also print Python code in --new-id
python: utilize uuid.UUID in logging
python: add systemd.id128 module
... and 34 other commits
In short: python module systemd.id128 is added, and existing
systemd.journal gains a new class systemd.journal.Reader, which can be
used to iterate over journal entries. Documentation is provided, and
accessible under e.g.
pydoc3 systemd.journal.Reader
or
firefox http://www.freedesktop.org/software/systemd/man/python-systemd/
__REALTIME_TIMESTAMP and __MONOTONIC_TIMESTAMP return ints.
It doesn't make sense to convert to string, just to convert
back to a number later on.
Also try to follow systemd rules for indentation.
This introduces a new static list of known attributes and their special
semantics. This means that cgroup attribute values can now be
automatically translated from user to kernel notation for command line
set settings, too.
This also adds proper support for multi-line attributes.
This doesn't need to be passed, as it's handled by libtool. Since the
default for autoconf is --disable-static, this change is effectively a
noop. It only matters if you pass --enable-static, in which case the
static libs for systemd libraries will actually be built.
Nitpicky, but this only affects systemd libs. The override for the
other libs remains since these libs are always loaded dynamically and
never compiled staticly.
Written by Peeters Simon <peeters.simon@gmail.com>.
Makefile stuff and cleaned up a bit by Auke Kok <auke-jan.h.kok@intel.com>.
Some code inspired by Marc-Antoine Perennou <Marc-Antoine@Perennou.com>.
Now, actually check if the environment variable names and values used
are valid, before accepting them. With this in place are at some places
more rigid than POSIX, and less rigid at others. For example, this code
allows lower-case environment variables (which POSIX suggests not to
use), but it will not allow non-UTF8 variable values.
All in all this should be a good middle ground of what to allow and what
not to allow as environment variables.
(This also splits out all environment related calls into env-util.[ch])
After d848b9cbfa 'Move generic specifier functions to shared' libudev
depends (through) libsystemd-shared.la on libsystemd-id128.so. The
problem only appears when the linker does not support --gc-sections
and manifests itself as the inability to resolve sd_id128_get_machine
and other libsystemd-id128 functions, which aren't really used.
In other cases where multiple directories are searched for unit files,
the list of directories is described in the man page describing the
format. I think this makes sense too in case of systemd directories,
since the systemd(1) manpage already has an overview of many different
topics.
man rules were repeating the same information in too many places,
which was error prone. Those rules can be easily generated from .xml
files. For efficiency and because python is not a required dependency,
Makefile-man.am is only regenerated when requested with
make update-man-list
If no metadata in man/*.xml changed, this file should not change. So
only when a new man page or a new alias is added, this file should
show up in 'git diff'. The change should then be committed.
If the support for building from git without python was dropped, we
could drop Makefile-man.am from version control. This would also
increase the partial build time (since more stuff would be rebuild
whenever sources in man/*.xml would be modified), so it would probably
wouldn't be worth it.
adds test of:
strv_find
strv_find_prefix
strv_overlap
strv_sort
streq_ptr
first_word
Splits tests of util.c into own file to avoid clutter as we add more.
Removed a few prints and uses _cleanup_free_ to make the tests more focused.
Sometimes it is useful to look at them, and they don't take
up any significant amount of space. Keeping them also avoids
the message about files being removed at the end of make
run.
This allows one templated unit to refer to another templated unit
at installation time.
Examples:
> grep WantedBy ~/.config/systemd/user/mpop@.timer
WantedBy=services@%i.target
> srv disable mpop@iit.timer
rm '/home/alxchk/.config/systemd/user/services@iit.target.wants/mpop@iit.timer'
> srv enable mpop@iit.timer
ln -s '/home/alxchk/.config/systemd/user/mpop@.timer' '/home/alxchk/.config/systemd/user/services@iit.target.wants/mpop@iit.timer'
Based-on-patch-by: Oleksii Shevchuk <alxchk@gmail.com>
New sections are added: PAM options, crypttab options, commandline
options, miscellaneous. The last category will be used for all
untagged <varname> elements.
Commandline options sections is meant to be a developer tool: when
adding an option it is sometimes useful to be able to check if
similarly named options exist elsewhere.
Based-on-patch-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
cppcheck reported:
[src/bootchart/svg.c:791]: (error) Mismatching allocation and deallocation: f
The idea is to make Makefile.am more declarative and avoid
repetitions. Redeclaring unit links as variables also makes
it easier to conditionally install only some of them.
In the x32 ABI, syscall numbers start at 0x40000000. Mask that bit on
x32 for lookups in the syscall_names array and syscall_filter and ensure
that syscall.h is parsed correctly.
[zj: added SYSCALL_TO_INDEX, INDEX_TO_SYSCALL macros.]
This allows us to print simple performance data of all parts of the boot now:
- firmware
- boot loader
- kernel
- initrd
- userspace
This only works for bootloaders which support passing TSC data via EFI
variables. As of now that's only gummiboot.
We no longer allow early-boot init scripts, however in late boot the
syslog socket and local mounts are established anyway, so let's simplify
our dep graph a bit.
If $syslog doesn't resolve to syslog.target anymore there's no reason to
keep syslog.target around anymore. Let's remove it.
Note that many 3rd party service unit files order themselves after
syslog.target. These will be dangling dependencies now, which should be
unproblematic, however.
New file output.h with output flags and modes.
--full parameter also for cgls and loginctl.
Include 'all' parameter in flags (show_cgroup_by_path, show_cgroup,
show_cgroup_and_extra, show_cgroup_and_extra_by_spec).
get_process_cmdline with max_length == 0 will not ellipsize output.
Replace LINE_MAX with 0 in some calls of get_process_cmdline.
[zj: Default to --full when under pager for clgs.
Drop '-f' since it wasn't documented and didn't actually work.
Reindent a bit.
]
Systemd should not introduce any new facilities. Distributions which still
need to support their non-standard/legacy facilities should add them as
patches to their packaging.
The following facilities are no longer recognized:
$x-display-manager
$mail-transfer-agent
$mail-transport-agent
$mail-transfer-agent
$smtp
$null
This target is no longer available:
mail-transfer-agent.target
This way we also get a man page. The output is not as polished.
I hope that it doesn't matter too much.
index.html is not generated now, the page is called
systemd.index.html. If necessary, an install hook should be added.
Bootchart is renamed to 'systemd-bootchart' and installed as
/usr/lib/systemd/systemd-bootchart. The configuration file
will reside in /etc/systemd/bootchart.conf.
