shaba/systemd
1
0
Fork 0
mirror of https://github.com/systemd/systemd.git synced 2024-11-15 07:24:00 +03:00
Code
9,491 Commits 3 Branches 392 Tags 541 MiB
b80f194eea
Commit Graph

39 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
27407a01c6 nspawn: use automatic cleanup and provide debug info 
The documentation for --link-journal is also reworded.
 2012-10-02 14:56:26 +02:00
Lennart Poettering
963ddb917d log: fix repeated invocation of vsnprintf()/vaprintf() in log_struct() 
https://bugs.freedesktop.org/show_bug.cgi?id=55213
 2012-09-24 23:26:46 +02:00
Lennart Poettering
77e63fafa5 nspawn: document why we don't check resolv.conf mount errors 2012-09-21 16:55:56 +02:00
Lennart Poettering
d40361453b nspawn: we can't overmount /etc/localtime anymore since it's usually a symlink now 
Create the right symlink if possible for /etc/localtime
 2012-09-21 16:54:54 +02:00
Zbigniew Jędrzejewski-Szmek
89154bd4ac nspawn: fix memleak introduced with automatic cleanup 
6b2d0e8 introduced a memleak instead of fixing one.
Fix both.
 2012-09-16 16:33:20 +02:00
Zbigniew Jędrzejewski-Szmek
25ea79fe07 nspawn: use automatic cleanup for umask 2012-09-16 16:20:09 +02:00
Zbigniew Jędrzejewski-Szmek
ed8b7a3ee5 nspawn: _cleanup_free_ more 2012-09-16 16:20:09 +02:00
Zbigniew Jędrzejewski-Szmek
6b2d0e85dc nspawn: use automatic cleanup 
This one actually clears up a (totally harmless) memleak.
 2012-09-16 16:20:09 +02:00
Zbigniew Jędrzejewski-Szmek
ede89845a4 nspawn: mount tmpfs on /dev/shm 
Most things seem to function fine without /dev/shm, but it is expected
to be there (quoting linux/Documentation/filesystems/tmpfs.txt:
glibc 2.2 and above expects tmpfs to be mounted at /dev/shm for POSIX
shared memory (shm_open, shm_unlink)).

Since /tmp/ is already mounted as tmpfs, it would be enough to mkdir
/tmp/shm and chmod it. Mounting it separately has the advantage that
it can be easily remounted to change the quota.
 2012-09-16 16:20:09 +02:00
Lennart Poettering
d87be9b0af nspawn: handle poweroff/reboot nicely in containers 2012-09-05 16:23:41 -07:00
Lennart Poettering
3eabccc46c nspawn: don't provide /dev/rtc0 in the container 
Since RTCs are hardware devices and are very much shared resources we
should avoid to provide them in each container.
 2012-09-05 15:27:07 -07:00
Lennart Poettering
04bc4a3f47 nspawn: generate a new randomized boot ID for each container 2012-09-05 14:39:16 -07:00
Lennart Poettering
9c1c7f712d nspawn: if a file system comes pre-mounted, still do the read-only remounts 2012-09-05 14:16:41 -07:00
Lennart Poettering
014a9c777b nspawn: skip mounts if already mounted 2012-09-04 16:33:13 -07:00
Lennart Poettering
e65aec12ae nspawn: mount a clean instance of sysfs 2012-09-04 16:32:43 -07:00
Dave Reisner
4fc9982cb0 nspawn: add /dev FD symlinks in container setup 
This creates /dev/fd, /dev/stdin, /dev/stdout, /dev/stderr, and
/dev/core as symlinks to /proc on container creation. Except for
/dev/core, these are needed for shells like bash to be fully functional.
 2012-08-21 17:19:38 +02:00
Lennart Poettering
1e41be2015 nspawn,namespaces: make sure we recursively bind mount things in 
We want to make sure that everything from the host is also visible in
the sandbox.
 2012-08-13 16:25:03 +02:00
Lennart Poettering
b4c59701f8 nspawn: unset a few unnecessary params to mount() 2012-08-13 16:23:31 +02:00
Lennart Poettering
6f67a45d8e nspawn: inherit mounts from real root, don't propagate mounts to real root 2012-08-13 15:23:10 +02:00
Shawn Landden
0d0f0c50d3 log.h: new log_oom() -> int -ENOMEM, use it 
also a number of minor fixups and bug fixes: spelling, oom errors
that didn't print errors, not properly forwarding error codes,
few more consistency issues, et cetera
 2012-07-26 11:48:26 +02:00
Shawn Landden
669241a076 use "Out of memory." consistantly (or with "\n") 
glibc/glib both use "out of memory" consistantly so maybe we should
consider that instead of this.

Eliminates one string out of a number of binaries. Also fixes extra newline
in udev/scsi_id
 2012-07-25 11:23:57 +02:00
Lennart Poettering
db7feb7e9c nspawn: generate proper error messages in the child 2012-07-19 02:03:42 +02:00
Lennart Poettering
57fb9fb56d nspawn: introduce new --link-journal= switch to link container journals into host 2012-07-19 02:02:39 +02:00
Lennart Poettering
d05c5031ad unit: introduce %s specifier for the user shell 2012-07-16 12:34:54 +02:00
Lennart Poettering
5076f0ccfd nspawn: introduce new --capabilities= flag and make use of it in the nspawn test case 2012-06-28 14:05:16 +02:00
Kay Sievers
d2e54fae5c mkdir: append _label to all mkdir() calls that explicitly set the selinux context 2012-05-31 12:40:20 +02:00
Lennart Poettering
ec8927ca59 main: add configuration option to alter capability bounding set for PID 1 
This also ensures that caps dropped from the bounding set are also
dropped from the inheritable set, to be extra-secure. Usually that should
change very little though as the inheritable set is empty for all our uses
anyway.
 2012-05-24 04:00:56 +02:00
Kay Sievers
9eb977db5b util: split-out path-util.[ch] 2012-05-08 02:33:10 +02:00
Lennart Poettering
bc2f673ec2 nspawn: add --read-only switch 2012-04-25 15:11:20 +02:00
Lennart Poettering
2547bb414c nspawn: bind mount /etc/resolv.conf from the host by default 2012-04-25 15:08:00 +02:00
Lennart Poettering
144f0fc0c8 nspawn: add --uuid= switch to allow setting the machine id for the container 2012-04-22 14:48:21 +02:00
Lennart Poettering
0f0dbc46cc nspawn: add -b switch to automatically look for an init binary 2012-04-22 14:11:32 +02:00
Lennart Poettering
3a74cea5e4 nspawn: be more careful when initializing the hostname from the directory name 2012-04-22 01:01:22 +02:00
Lennart Poettering
f1e5dfe2c0 nspawn: make /dev/kmsg unavailable in the container, but allow access to /proc/kmsg 2012-04-22 00:32:53 +02:00
Kay Sievers
4d46fec56d remove MS_* which can not be combined with current kernel code 
MS_BIND|MS_MOVE can not be combined:
  do_mount()
    else if (flags & MS_BIND)
      do_loopback(&path, dev_name, flags & MS_REC);
    [...]
    else if (flags & MS_MOVE)
      do_move_mount(&path, dev_name);

MS_REMOUNT|MS_UNBINDABLE can not be combined:
  do_mount()
    if (flags & MS_REMOUNT)
      do_remount(&path, flags & ~MS_REMOUNT, mnt_flags, data_page);
    [...]
    else if (flags & (MS_SHARED | MS_PRIVATE | MS_SLAVE | MS_UNBINDABLE))
      do_change_type(&path, flags);
 2012-04-18 13:37:45 +02:00
Lennart Poettering
b562f5a57d build-sys: add stub makefiles to all subdirs to ease development with emacs 2012-04-13 21:37:59 +02:00
Lennart Poettering
9537eab070 nspawn: add missing include lines 2012-04-13 21:37:59 +02:00
Lennart Poettering
e58a12770c nspawn: fake /dev/kmsg and /proc/kmsg as fifo 2012-04-13 18:52:52 +02:00
Kay Sievers
dce818b390 move all tools to subdirs 2012-04-12 17:54:42 +02:00