1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-07 01:27:11 +03:00
Commit Graph

26616 Commits

Author SHA1 Message Date
Susant Sahani
9d56542764 socket: add support to control no. of connections from one source (#3607)
Introduce MaxConnectionsPerSource= that is number of concurrent
connections allowed per IP.

RFE: 1939
2016-08-02 13:48:23 -04:00
Zbigniew Jędrzejewski-Szmek
87edd2b116 Merge pull request #3858 from jfilak/coredump-containers-v2
Coredump: save information useful for debuging crashes in containers - v2
2016-08-02 13:38:00 -04:00
Jan Synacek
1259186355 test: fix test-execute personality tests on ppc64 and aarch64 (#3825) 2016-08-02 16:22:56 +02:00
Zbigniew Jędrzejewski-Szmek
cce9c80af3 gitignore: libsystemd-journal.pc is no more (#3863)
…since 4de282cf93.
2016-08-02 16:04:39 +02:00
Jakub Filak
7ed03ce69e coredump: save process container parent cmdline
Process container parent is the process used to start processes with a new
user namespace - e.g systemd-nspawn, runc, lxc, etc.

There is not standard way how to find such a process - or I do not know
about it - hence I have decided to find the first process in the parent
process hierarchy with a different mount namespace and different
/proc/self/root's inode.

I have decided for this criteria because in ABRT we take special care
only if the crashed process runs different code than installed on the
host. Other processes with namespaces different than PID 1's namespaces
are just processes running code shipped by the OS vendor and bug
reporting tools can get information about the provider of the code
without the need to deal with changed root and so on.
2016-08-02 16:01:18 +02:00
Ismo Puustinen
96694e998b main: load Smack policy before IMA policy (#3859)
IMA wiki says: "If the IMA policy contains LSM labels, then the LSM
policy must be loaded prior to the IMA policy." Right now, in case of
Smack, the IMA policy is loaded before the Smack policy. Move the order
around to allow Smack labels to be used in IMA policy.
2016-08-02 08:58:30 -04:00
Martin Pitt
98d2d46876 units: add graphical-session-pre.target user unit (#3848)
This complements graphical-session.target for services which set up the
environment (e. g. dbus-update-activation-environment) and need to run before
the actual graphical session.
2016-08-02 08:56:45 -04:00
tblume
7633f8ef37 systemd-ask-password: make sure directory watch is started before cryptsetup (#3850)
The password directory watch should get ordered before cryptsetup to make sure
that the password for unlocking the crypt device gets prompted.
2016-08-02 08:55:25 -04:00
Jakub Filak
d7032b1fcd coredump: save /proc/[pid]/mountinfo
The file contains information one can use to debug processes running
within a container.
2016-08-02 10:00:46 +02:00
0xAX
a912ab0474 machinectl: hide legend in a case when no data (#3839)
For this moment machinectl prints legend and count of machines/images/etc.
But in a case when we have no images,machines,etc., there is no sense to
show legend:

~$ machinectl
MACHINE CLASS SERVICE

0 machines listed.

Let's print only 'No machines', 'No images', 'No transfers' in this case.
2016-08-01 11:39:27 -04:00
Leonardo Brondani Schenkel
aa0c34279e virt: detect bhyve (FreeBSD hypervisor) (#3840)
The CPUID and DMI vendor strings do not seem to be documented.
Values were found experimentally and by inspecting the source code.
2016-08-01 09:04:49 -04:00
0xAX
494294d6f8 main: get rid of ACTION_DONE (#3849)
the ACTION_DONE was introduced in the 4288f61921 (dbus: automatically
generate and install introspection files ) commit and was used in
systemd --introspect command.

Later 'introspect' command was removed in the ca2871d9b (bus: remove
static introspection file export) commit and have no users anymore.

So we can remove it.
2016-08-01 12:38:25 +02:00
Peter Hutterer
ef892eae20 Merge pull request #3817 from dwassenberg/lenovo-trackpoint-speed-fixes
Lenovo trackpoint speed fixes
2016-08-01 13:15:39 +10:00
Zbigniew Jędrzejewski-Szmek
ce5fcc695e Merge pull request 3821 from davide125/fix-tests 2016-07-31 22:06:09 -04:00
Mike Gilbert
6d1e2ddd59 test-path-util: check for /lt-test-path-util or /test-path-util (#3841)
Depending on how binutils was configured and the --enable-fast-install
configure option, the test binary might be called either name.

Fixes: https://github.com/systemd/systemd/issues/3838
2016-07-31 21:50:50 -04:00
Tejun Heo
cb3e441759 logind: 0% and 100% should be valid for UserTasksMax (#3836)
config_parse_user_tasks_max() was incorrectly accepting percentage value
between 1 and 99.  Update it to accept 0% and 100%.  This brings it in line
with TasksMax handling in systemd.
2016-07-31 21:38:47 -04:00
Zbigniew Jędrzejewski-Szmek
0d5299ef5a Merge pull request #3843 from maxime1986/minor-systemd.resource-control 2016-07-31 21:15:17 -04:00
Maxime de Roucy
c23b2c70bf documentation: cgroup-v1 and systemd user instance
Explain in the systemd.resource-control man that systemd user instance can't use resource control on
cgroup-v1.
2016-07-31 15:00:59 +02:00
Maxime de Roucy
65c1cdb282 documentation: add cgroup-v2.txt link
add cgroup-v2.txt link in section "Unified and Legacy Control Group
Hierarchies" of systemd.resource-control man.
2016-07-31 14:38:56 +02:00
Steve Muir
4dd4cb8fe4 tests: don't run private device tests if running in a container
Private devices don't exist when running in a container, so skip the related
tests.
2016-07-29 14:30:46 -07:00
Davide Cavalca
76c19e9f6c tests: skip process 1 tests if systemd not is running
No point running tests against process 1 if systemd is not running as that
process. This is a rework of an unpublished patch by @9muir.
2016-07-29 14:30:46 -07:00
Steve Muir
40a23924ef tests: don't test hostname if it looks like an id128
The condition tests for hostname will fail if hostname looks like an id128.
The test function attempts to convert hostname to an id128, and if that
succeeds compare it to the machine ID (presumably because the 'hostname'
condition test is overloaded to also test machine ID). That will typically
fail, and unfortunately the 'mock' utility generates a random hostname that
happens to have the same format as an id128, thus causing a test failure.
2016-07-29 14:30:39 -07:00
Davide Cavalca
e4d214efc2 tests: skip udev-test if running inside a chroot 2016-07-29 09:20:11 -07:00
Zbigniew Jędrzejewski-Szmek
0fbd465f41 Merge pull request #3742 from msoltyspl/vconfix2
vconsole-setup: updates & fixes V2
2016-07-28 23:59:06 -04:00
Davide Cavalca
4e3382bdd7 build-sys: conditionally disable LTO if requested (#3823)
This adds a --disable-lto option to ./configure, but does not change the
default behavior.
2016-07-28 23:42:45 -04:00
Christian Rebischke
689e4e6a94 systemctl: be sure to be quiet with 'systemctl is-enabled --quiet' (#3819)
Fixes #3813.
2016-07-27 22:40:20 -04:00
Dennis Wassenberg
57b8b16237 hwdb: add Lenovo X260 pointing stick speed fix
Like many other recent thinkpads the factory default pointingstick
sensitivity on these devices is quite low, making the pointingstick
very slow in moving the cursor.

This extends the existing hwdb rules for tweaking the sensitivity to
also apply to the X260 models.
2016-07-27 11:01:27 +02:00
Dennis Wassenberg
4499df99c1 hwdb: add Lenovo T560 pointing stick speed fix
Like many other recent thinkpads the factory default pointingstick
sensitivity on these devices is quite low, making the pointingstick
very slow in moving the cursor.

This extends the existing hwdb rules for tweaking the sensitivity to
also apply to the T560 models.
2016-07-27 11:00:56 +02:00
Dennis Wassenberg
ded495d947 hwdb: add Lenovo T460s pointing stick speed fix
Like many other recent thinkpads the factory default pointingstick
sensitivity on these devices is quite low, making the pointingstick
very slow in moving the cursor.

This extends the existing hwdb rules for tweaking the sensitivity to
also apply to the T460s models.
2016-07-27 11:00:27 +02:00
Dennis Wassenberg
95f6fc608d hwdb: add Lenovo L460 pointing stick speed fix
Like many other recent thinkpads the factory default pointingstick
sensitivity on these devices is quite low, making the pointingstick
very slow in moving the cursor.

This extends the existing hwdb rules for tweaking the sensitivity to
also apply to the L460 models.
2016-07-27 10:59:38 +02:00
Dennis Wassenberg
612ad80482 hwdb: add Lenovo X250 pointing stick speed fix
Like many other recent thinkpads the factory default pointingstick
sensitivity on these devices is quite low, making the pointingstick
very slow in moving the cursor.

This extends the existing hwdb rules for tweaking the sensitivity to
also apply to the X250 models.
2016-07-27 10:56:50 +02:00
Dennis Wassenberg
9e67418c40 hwdb: add Lenovo T450s pointing stick speed fix
Like many other recent thinkpads the factory default pointingstick
sensitivity on these devices is quite low, making the pointingstick
very slow in moving the cursor.

This extends the existing hwdb rules for tweaking the sensitivity to
also apply to the T450s models.
2016-07-27 10:47:20 +02:00
Dennis Wassenberg
f8a0b229d2 hwdb: add Lenovo L450 pointing stick speed fix
Like many other recent thinkpads the factory default pointingstick
sensitivity on these devices is quite low, making the pointingstick
very slow in moving the cursor.

This extends the existing hwdb rules for tweaking the sensitivity to
also apply to the L450 models.
2016-07-27 10:47:16 +02:00
Dennis Wassenberg
d5317f3544 hwdb: add Lenovo T440p pointing stick speed fix
Like many other recent thinkpads the factory default pointingstick
sensitivity on these devices is quite low, making the pointingstick
very slow in moving the cursor.

This extends the existing hwdb rules for tweaking the sensitivity to
also apply to the T440p models.
2016-07-27 10:47:11 +02:00
Michael Biebl
b6b609dbc2 string-util: rework memory_erase() to not use GCC optimize attribute (#3812)
"#pragma GCC optimize" is merely a convenience to decorate multiple
functions with attribute optimize. And the manual has this to say about
this attribute:

  This attribute should be used for debugging purposes only. It
  is not suitable in production code.

Some versions of GCC also seem to have a problem with this pragma in
combination with LTO, resulting in ICEs.

So use a different approach (indirect the memset call via a volatile
function pointer) as implemented in openssl's crypto/mem_clr.c.

Closes: #3811
2016-07-26 23:32:37 -04:00
Michal Soltys
61eca97fce vconsole: update man page
- about namespace
- about udev rules
2016-07-27 00:57:01 +02:00
Michal Soltys
9e303250ac vconsole: correct kernel command line namespace 2016-07-27 00:57:01 +02:00
Michal Soltys
af7a5213f1 vconsole: add copyright line 2016-07-27 00:57:01 +02:00
Michal Soltys
8125e8d38e vconsole: Don't do static installation under sysinit.target
Udev rules cover all the necessary initializations.

As the service now is neither installed, nor installable - we can
remove explicit dependencies and RemainAfterExit=yes option.
2016-07-27 00:57:01 +02:00
Michal Soltys
eb22d84b47 vconsole: use KD_FONT_OP_GET/SET to handle copying
We now use KD_FONT_OP_GET & KD_FONT_OP_SET instead of
problematic KD_FONT_OP_COPY.
2016-07-27 00:57:01 +02:00
Michal Soltys
c9d2b3d0f0 vconsole: updates of keyboard/font loading functions
Change return convention to -errno/==0 and use isempty() instead
of just pointer tests.
2016-07-27 00:57:01 +02:00
Michal Soltys
03044059bf vconsole: Add generic is_*() functions
is_allocated() and is_allocated_byfd():

Checks if the console is allocated by its index (first function) or
its open descriptor (second function).

is_settable():

Checks if the console is in xlate or unicode mode, so we can adjust
is safely without interfering with X.
2016-07-27 00:57:01 +02:00
Michal Soltys
042d7f5065 vconsole: add two new toggle functions, remove old enable/disable ones
Add toggle_utf8() and toggle_utf8_sysfs() and use them in place of old
enable/disable functions. toggle_utf8() also adds iutf8 setting and is
set up to be called per-console (in subsequent patches).

Note, that old disable_utf8() didn't bother checking if it was ok
to change the kbdmode.
2016-07-27 00:57:01 +02:00
Michal Soltys
9fa71843bb vconsole: copy font to 63 consoles instead of 15
We copy only to allocated consoles, so the cost of looping over
all possible ones is minuscule.
2016-07-27 00:57:01 +02:00
Michal Soltys
c2f2c51c53 vconsole: don't do GIO_SCRNMAP / GIO_UNISCRNMAP
GIO_SCRNMAP / GIO_UNISCRNMAP are related to what setfont does with -m
option - namely setting intermediate map from 8bit values into unicode
values. This map is global, so single setfont invocation sets it for
all applicable consoles.

Furthermore calling GIO_SCRNMAP before GIO_UNISCRNMAP causes issues as
the former corrupts values > 255 (UNI alone would be sufficient).

The bug can be easily tested with the following conf:

KEYMAP=pl
FONT=LatArCyrHeb-16
FONT_MAP=8859-2
2016-07-27 00:57:01 +02:00
Christian Brauner
5a8ff0e61d nspawn: add SYSTEMD_NSPAWN_USE_CGNS env variable (#3809)
SYSTEMD_NSPAWN_USE_CGNS allows to disable the use of cgroup namespaces.
2016-07-26 16:49:15 +02:00
Michal Sekletar
1d3c86c06f systemctl: allow disable on the unit file path, but warn about it (#3806)
systemd now returns an error when it is asked to perform disable on the
unit file path. In the past this was allowed, but systemd never really
considered an actual content of the [Install] section of the unit
file. Instead it performed disable on the unit name, i.e. purged all
symlinks pointing to the given unit file (undo of implicit link action
done by systemd when enable is called on the unit file path) and all
symlinks that have the same basename as the given unit file.

However, to notice that [Install] info of the file is not consulted one
must create additional symlinks manually. I argue that in most cases
users do not create such links. Let's be nice to our users and don't
break existing scripts that expect disable to work with the unit file
path.

Fixes #3706.
2016-07-26 08:25:52 -04:00
Zbigniew Jędrzejewski-Szmek
76153ad45f journald: deprecate SplitMode=login (#3805)
In this mode, messages from processes which are not part of the session
land in the main journal file, and only output of processes which are
properly part of the session land in the user's journal. This is
confusing, in particular because systemd-coredump runs outside of the
login session.

"Deprecate" SplitMode=login by removing it from documentation, to
discourage people from using it.
2016-07-26 08:19:33 +02:00
Zbigniew Jędrzejewski-Szmek
dadd6ecfa5 Merge pull request #3728 from poettering/dynamic-users 2016-07-25 16:40:26 -04:00
Zbigniew Jędrzejewski-Szmek
e28973ee18 Merge pull request #3757 from poettering/efi-search 2016-07-25 16:34:18 -04:00