1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 14:55:37 +03:00
Commit Graph

6573 Commits

Author SHA1 Message Date
Yu Watanabe
6706ce2fd2 network: make IgnoreCarrierLoss= also take timespan
Fixes #18738 and #20887.

Replaces #18746.
2021-11-16 02:04:59 +09:00
Slava Bacherikov
af493fb742 network: Add SuppressInterfaceGroup= into routing policy
This adds SuppressInterfaceGroup= option in the [RoutingPolicyRule] section
which has the same semantics as suppress_ifgroup in `ip rule` command.
2021-11-16 01:54:07 +09:00
Slava Bacherikov
10af8bb24b network: change link group type to int32
Both linux kernel kernel and iproute2 uses int32 type for a link group
attribute and -1 has a special meaning, so setting it to 4294967295
would make it -1 in the linux kernel (and ip link cmd).
2021-11-16 01:53:46 +09:00
Yu Watanabe
f2a3a133ec network: make Token=prefixstable optionally take secret key
Closes #21345.
2021-11-14 13:29:40 +09:00
Yu Watanabe
c463ae74ae man: fix indentation
Also use variablelist tag for listing Token= options.
2021-11-14 10:30:33 +09:00
Lennart Poettering
5dd57a00d5 doc: document the new luksExtraMountOptions concept 2021-11-12 22:22:06 +01:00
Lennart Poettering
423de19223 man: run ninja -C build update-man-rules 2021-11-12 22:21:22 +01:00
Topi Miettinen
006d1864fb execute: always log a warning when setting SELinux context fails
Update also manual page to explain how the transition can still fail.
2021-11-12 17:17:21 +01:00
Emily Gonyer
be7148ebed
Change gendered terms to be gender-neutral (#21325)
Some typos are also fixed.
2021-11-12 16:09:56 +01:00
Michal Sekletar
fd69f22475 sd-event: introduce callback invoked when event source ratelimit expires 2021-11-11 17:02:56 +01:00
ml
84b10e536c man: remove unintentionally repetitive words 2021-11-11 14:36:50 +01:00
Lennart Poettering
01f6c450b6 man: document new --chain switch to userdbctl
And while we are at it, make 'ssh-authorized-keys' verb properly
documented. Given that OpenSSH documents the interface in its man page
it's fine to just document our implementation of it too.
2021-11-11 10:06:39 +01:00
Scott Lamb
4b499063ac fsck: no emergency.target on nofail mounts
Also describe failure behavior more precisely in the manpage.
Fixes #20237.
2021-11-10 11:58:12 +01:00
Yu Watanabe
8c66ab20f6 man: use include directive for [Match] section 2021-11-10 10:59:21 +09:00
Yu Watanabe
33132db903 man: add missing Firmware= setting 2021-11-10 10:56:42 +09:00
Paulo Neves
c809e38732 docs: Clarify systemctl show manual
The manual incorrectly asserted that the properties in systemctl show
matched the the options in systemd-system.conf, which is not always true.

Add clarification on the equivalence of the properties in systemctl show
and systemd-system.conf

Fixed #21230
2021-11-09 18:31:54 +01:00
Lennart Poettering
e67d738a87 sd-event: add sd_event_add_inotify_fd() call
sd_event_add_inotify_fd() is like sd_event_add_inotify(), but takes an
fd to an inode instead of a path, and is hence a ton nicer.
2021-11-09 13:02:13 +01:00
Yu Watanabe
e5a7570188
Merge pull request #21226 from yuwata/network-tc-cake
network: add several CAKE settings
2021-11-09 14:18:41 +09:00
Yu Watanabe
2c7b14fa19
Merge pull request #21268 from yuwata/network-ndisc-use-gateway
network: ndisc: introduce UseGateway= and UseRoutePrefix=
2021-11-09 11:33:21 +09:00
Yu Watanabe
1c7a81e626 network: tc/cake: introduce UseRawPacketSize= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
35896db489 network: tc/cake: introduce SplitGSO= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
d05dce95d8 network: tc/cake: introduce Wash= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
049b66ccdd network: tc/cake: introduce FirewallMark= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
fe8e156e7a network: tc/cake: introduce PriorityQueueingProfile= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
863542e1ce network: tc/cake: introduce MPUBytes= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
4bff808648 network: tc/cake: introduce NAT= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
a049cf166c network: tc/cake: introduce FlowIsolationMode= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
b6eccfda1a network: tc/cake: introduce CompensationMode= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
025cd94e1c network: tc/cake: introduce AutoRateIngress= setting 2021-11-09 10:58:44 +09:00
Yu Watanabe
69978eb910 man: use "…" for specifying ranges 2021-11-09 10:58:44 +09:00
Yu Watanabe
ca2c3e921f man: move Bandwidth= setting at the beginning of the [CAKE] section
For consistency with tc-cake(8).
2021-11-09 10:58:44 +09:00
Yu Watanabe
610c0db126 network: ndisc: introduce UseGateway= and UseRoutePrefix= settings
Closes #21263.
2021-11-09 08:12:36 +09:00
Lennart Poettering
43f4b5101c man: document new --json= mode 2021-11-08 21:42:53 +01:00
Lennart Poettering
9897989ef3 man: document new --multipler= switch 2021-11-08 21:42:53 +01:00
Lennart Poettering
5c12ee3656 man: extend os-release docs a bit regarding quotes
Fixes: #21194
2021-11-08 18:21:00 +00:00
Zbigniew Jędrzejewski-Szmek
e2de2d28f4
Merge pull request #20813 from unusual-thoughts/exittype_v2
Reintroduce ExitType
2021-11-08 15:06:37 +01:00
Albert Brox
da845dabf5 implement aliasing for systemd-analyze verify 2021-11-08 12:08:23 +00:00
Christian Brauner
a6d1760024 build: preserve correct mode when generating files via jinja2
When using "capture : true" in custom_target()s the mode of the source
file is not preserved when the generated file is not installed and so
needs to be tweaked manually. Switch from output capture to creating the
target file and copy the permissions from the input file.

Signed-off-by: Christian Brauner <christian.brauner@ubuntu.com>
2021-11-08 12:06:48 +00:00
Henri Chain
596e447076 Reintroduce ExitType
This introduces `ExitType=main|cgroup` for services.
Similar to how `Type` specifies the launch of a service, `ExitType` is
concerned with how systemd determines that a service exited.

- If set to `main` (the current behavior), the service manager will consider
  the unit stopped when the main process exits.

- The `cgroup` exit type is meant for applications whose forking model is not
  known ahead of time and which might not have a specific main process.
  The service will stay running as long as at least one process in the cgroup
  is running. This is intended for transient or automatically generated
  services, such as graphical applications inside of a desktop environment.

Motivation for this is #16805. The original PR (#18782) was reverted (#20073)
after realizing that the exit status of "the last process in the cgroup" can't
reliably be known (#19385)

This version instead uses the main process exit status if there is one and just
listens to the cgroup empty event otherwise.

The advantages of a service with `ExitType=cgroup` over scopes are:
- Integrated logging / stdout redirection
- Avoids the race / synchronisation issue between launch and scope creation
- More extensive use of drop-ins and thus distro-level configuration:
  by moving from scopes to services we can have drop ins that will affect
  properties that can only be set during service creation,
  like `OOMPolicy` and security-related properties
- It makes systemd-xdg-autostart-generator usable by fixing [1], as obviously
  only services can be used in the generator, not scopes.

[1] https://bugs.kde.org/show_bug.cgi?id=433299
2021-11-08 10:15:23 +01:00
Luca Boccassi
5df64f148d
Merge pull request #21237 from bluca/analyze_skip
analyze: allow a custom policy to skip a check
2021-11-06 11:19:40 +00:00
Luca Boccassi
82100ef486 analyze: allow a custom policy to skip a check with weight=0
In some cases an offline analysis should ignore some fields, for example
a portable service in an image will never list RootImage/RootDirectory, as
they are added at runtime, and thus can be skipped.
2021-11-05 22:37:34 +00:00
Daan De Meyer
51462135fb exec: Add TTYRows and TTYColumns properties to set TTY dimensions 2021-11-05 21:32:14 +00:00
Luca Boccassi
03e93377dc analyze: explain how the weight/range policy fields are used 2021-11-05 21:09:43 +00:00
Lennart Poettering
3663f754f1
Merge pull request #21070 from medhefgo/boot-save
sd-boot: Add support to boot last select entry
2021-11-04 17:37:12 +01:00
Yu Watanabe
ab7b261663
Merge pull request #21210 from yuwata/network-dhcp-server-introduce-router-setting
network: dhcp-server: introduce Router= setting to specify router address
2021-11-03 12:41:34 +09:00
Yu Watanabe
59aa622013 network: dhcp-server: introduce Router= setting to specify router address
Closes #21202.
2021-11-03 03:15:00 +09:00
Lennart Poettering
0bada3f8b7 man: document cryptenroll limitations
Let's document this for now. We should be able to lift these limitations
sooner or later, at which point we can drop this documentation again.

These two limitations are a pitfall that people should be aware of,
before going FIDO2-only.

See: #20230 #19208
2021-11-02 15:03:11 +00:00
Jan Janssen
ee4fd9cbd4 sd-boot: Add support to boot last selected entry
Fixes: #18994
2021-10-29 13:57:24 +02:00
Jan Janssen
0c674ce5f2 sd-boot: Allow glob patterns for default and oneshot EFI vars too 2021-10-29 13:57:24 +02:00
Lennart Poettering
ff8b7bd6a0
Merge pull request #20321 from bluca/state_dir_symlink
core: add [State|Runtime|Cache|Logs]DirectorySymlink
2021-10-28 20:52:56 +02:00
Lennart Poettering
16d41892c3
Merge pull request #20609 from DaanDeMeyer/recursive-template
core: Try to prevent infinite recursive template instantiation
2021-10-28 19:23:17 +02:00
Andreas Valder
c0c8f71800 nspawn: add filesystem id mapping support to --bind and --bind-ro 2021-10-28 19:19:22 +02:00
Benjamin Herrenschmidt
d6eda677b3 udev: net_id: introduce predictable names for xen-netfront
Those devices show up as /sys/devices/vif-N, let's use that number
to name them enXN.

Without this, all schemes fail and they keep the kernel names, which can
be racy.

Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
2021-10-28 13:09:00 +02:00
Daan De Meyer
88022148c4 core: Try to prevent infinite recursive template instantiation
To prevent situations like in #17602 from happening, let's drop
direct recursive template dependencies. These will almost certainly
lead to infinite recursion so let's drop them immediately to avoid
instantiating potentially thousands of irrelevant units.

Example of a template that would lead to infinite recursion which
is caught by this check:

notify@.service:

```
[Unit]
Wants=notify@%n.service
```
2021-10-28 11:42:21 +01:00
Luca Boccassi
211a3d87fb core: add [State|Runtime|Cache|Logs]Directory symlink as second parameter
When combined with a tmpfs on /run or /var/lib, allows to create
arbitrary and ephemeral symlinks for StateDirectory or RuntimeDirectory.
This is especially useful when sharing these directories between
different services, to make the same state/runtime directory 'backend'
appear as different names to each service, so that they can be added/removed
to a sharing agreement transparently, without code changes.

An example (simplified, but real) use case:

foo.service:
StateDirectory=foo

bar.service:
StateDirectory=bar

foo.service.d/shared.conf:
StateDirectory=
StateDirectory=shared:foo

bar.service.d/shared.conf:
StateDirectory=
StateDirectory=shared:bar

foo and bar use respectively /var/lib/foo and /var/lib/bar. Then
the orchestration layer decides to stop this sharing, the drop-in
can be removed. The services won't need any update and will keep
working and being able to store state, transparently.

To keep backward compatibility, new DBUS messages are added.
2021-10-28 10:47:46 +01:00
Lennart Poettering
c896eb7ad6 man: document that daemons can close fds they receive via sd_listen_fds() if they like
Fixes: #18872
2021-10-28 11:05:22 +02:00
Lennart Poettering
1d69754988 man: document how nss-resolve and systemd-resolved communicate
Fixes: #20925
2021-10-28 10:53:55 +02:00
Lennart Poettering
7ea5e82f6a man: clarify the situation of unit templates regarding "systemctl list-units" + "systemctl list-unit-files"
Fixes: #21075
2021-10-28 10:45:02 +02:00
Lennart Poettering
4c2ee5c7f2 homework: allow specifying explicit additional mount options when using CIFS backend
This is useful since certain shares can only be mounted with additional
mount flags. For example the SMB share in modern AVM Fritz!Boxes
requires "noserverino" to be set to work from Linux.
2021-10-27 22:46:46 +02:00
Lennart Poettering
bf15879b39 homework: allow specifying a dir component in CIFS services
Allow specifying CIFS services in the format //host/service/subdir/… to
allow multiple homedirs on the same share, and not in the main dir of
the share.

All other backends allow placing the data store at arbitrary places,
let's allow this too for the CIFS backend. This is particularly useful
for testing.
2021-10-27 22:37:56 +02:00
Yu Watanabe
c9e2c2dae3 network: radv: shorten default lifetime of prefix, route prefix, DNS, and domains
See draft-ietf-6man-slaac-renum-02 section 4.1.1.
2021-10-27 23:58:35 +09:00
Yu Watanabe
4f1ac4a38d network: radv: refuse invalid router lifetime in conf parser 2021-10-27 19:29:05 +09:00
Yu Watanabe
149cda85bf man: adjust the explanations related to the DHCPv6 client starting mode 2021-10-27 00:33:44 +09:00
Yu Watanabe
483566e5ba network: deprecate ForceDHCPv6PDOtherInformation= setting
The setting is completely meaningless, as WithoutRA= and UseDelegatedPrefix=
in [DHCPv6] section, and DHCPv6Client= in [IPv6AcceptRA] section control
the behavior.
2021-10-27 00:33:44 +09:00
Yu Watanabe
dc5cae6c9d network: dhcp6: introduce UplinkInterface= for DHCP6 prefix delegation 2021-10-26 20:43:10 +09:00
Yu Watanabe
0f5ef9b62a network: dhcp6: introduce UseDelegatedPrefix= setting and enable by default
Previously, the prefix delegation is enabled when at least one
downstream interfaces request it. But, when the DHCPv6 client on the
upstream interface is configured, some downstream interfaces may not
exist yet, nor have .network file assigned.

Also, if a system has thousands of interfaces, then the previous logic
introduce O(n^2) search.

This makes the prefix delegation is always enabled, except when it is
explicitly disabled. Hopefully, that should not break anything, as the
DHCPv6 server should ignore the prefix delegation request if the server
do not have any prefix to delegate.
2021-10-26 20:29:08 +09:00
Jan Janssen
e6cab77eca sd-boot: Add keys to reboot into firmware interface
This is useful if the auto-firmware setting has been disabled. The
keys used here are based on what the majority of firmware employ in
the wild.
This also ensures there's a chance for the user to discover this in
case they were too slow during POST or simply used the wrong ones.
2021-10-22 19:12:55 +02:00
Yu Watanabe
241167e68a
Merge pull request #21051 from poettering/nspawn-no-sync
nspawn: add --suppress-sync=yes mode for turning sync() and friends i…
2021-10-20 22:42:43 +09:00
Luca Boccassi
b78524f48d
Merge pull request #21055 from yuwata/network-dhcp6-pd-route-lifetime-metric
network: dhcp6pd: set lifetime and route metric
2021-10-20 14:38:03 +01:00
Dimitri Papadopoulos
ba669952b2 Typos found by codespell 2021-10-20 22:20:18 +09:00
Lennart Poettering
4a4654e024 nspawn: add --suppress-sync=yes mode for turning sync() and friends into NOPs via seccomp
This is supposed to be used by package/image builders such as mkosi to
speed up building, since it allows us to suppress sync() inside a
container.

This does what Debian's eatmydata tool does, but for a container, and
via seccomp (instead of LD_PRELOAD).
2021-10-20 11:35:15 +02:00
Yu Watanabe
d0619f2c2b network: dhcp6pd: set default metric 256 for delegated prefix
When Assign= in [DHCPv6PrefixDelegation] is enabled, then the kernel
will create the prefix route for the assigned address with metric 256.
When Assign= is disabled, then the kernel will create the route with
metric 1024.

For the default value, we should choose a smaller value (higher priority)
than 1024, as the unreachable routes for delegated prefix will be
configured with 1024.
2021-10-20 02:36:20 +09:00
Lennart Poettering
59bcac0b1a watchdog: always prefer /dev/watchdog0 over /dev/watchdog 2021-10-18 11:27:39 +02:00
Lennart Poettering
e00324d092
Merge pull request #21013 from mxre/feature/stub-dtb
[sd-stub] add support for embedding devicetree
2021-10-17 11:27:03 +02:00
Max Resch
111c9ba6c2 [st-stub] documenting the .dtb section 2021-10-16 13:26:21 +02:00
Tony Asleson
1f1a2243c0 Add stand-alone dm-integrity support
This adds support for dm integrity targets and an associated
/etc/integritytab file which is required as the dm integrity device
super block doesn't include all of the required metadata to bring up
the device correctly.  See integritytab man page for details.
2021-10-15 10:19:54 -05:00
Tony Asleson
9a2a6ec4e3 dm-verity: Remove usage of integrity
There is a difference between dm-verity and dm-integrity.  Remove
usage of integrity from verity documentation in man pages and
target files.
2021-10-14 12:17:02 -05:00
Lennart Poettering
9c5ea4b143 man: document new systemd.watchdog_sec= kernel cmdline option
Follow-up for: b3aa73e4de
2021-10-13 13:10:34 +02:00
Lennart Poettering
5254d15896 man: document new "off" setting for systemd-system.conf watchdog settings 2021-10-13 13:10:34 +02:00
Lennart Poettering
b6e44cd934
Merge pull request #20787 from fbuihuu/watchdog-more-rework
Watchdog more rework
2021-10-13 12:56:44 +02:00
Franck Bui
8a85c5b616 watchdog: rename special string "infinity" taken by the watchdog timeout options to "default" 2021-10-13 08:58:36 +02:00
Franck Bui
807938e7ec watchdog: update the documentation
While at it, split the watchdog section into a few paragraphs to make it easier
to read as it becomes lengthy.
2021-10-13 08:58:36 +02:00
Zbigniew Jędrzejewski-Szmek
df618f259a
Merge pull request #20987 from yuwata/sd-dhcp6-enum-cleanups
sd-dhcp6-client: enum cleanups
2021-10-13 08:25:37 +02:00
Yu Watanabe
308d01f3c4 network: do not request RAPID_COMMIT option
The option must not be included in OPTION_REQUEST option.
See the "Client ORO" field in
https://www.iana.org/assignments/dhcpv6-parameters/dhcpv6-parameters.xhtml#dhcpv6-parameters-2

This deprecates RapidCommit= setting. Note that sd-dhcp6-client always
sets the RAPID_COMMIT option in the solicit message.
2021-10-13 02:46:24 +09:00
наб
7d449b5618 systemd-machine-id-setup(1): "machine[d] ID" typo 2021-10-13 02:21:44 +09:00
Zbigniew Jędrzejewski-Szmek
78ae9d3100
Merge pull request #20853 from yuwata/network-radv-set-default-timeouts
network: RADV: set default timeouts
2021-10-12 10:49:03 +02:00
Lennart Poettering
de3ef2524e
Merge pull request #20968 from poettering/homed-pin
homed: pin+lock homes while logged in + keep trying to unmount on logging out + optionally drop caches on logging out
2021-10-11 23:11:03 +02:00
Lennart Poettering
5c791053e3
Merge pull request #20776 from medhefgo/boot-timeout
sd-boot: Allow disabling timeout
2021-10-11 23:05:37 +02:00
Yu Watanabe
9fa25e0791 network: radv: set non-zero lifetime for DNS servers and domains by default
Closes #20850.
2021-10-12 03:10:30 +09:00
Lennart Poettering
86019efa44 homed: optionally, drop caches on logout
Fixes: #20857
2021-10-11 16:00:34 +02:00
Lennart Poettering
2c7ec8203e man: document new token-timeout= setting 2021-10-11 11:12:29 +02:00
Jan Janssen
39ddc32a86 bootctl: Add set-timeout verb
Fixes: #18766
2021-10-08 15:32:50 +02:00
Jan Janssen
52b6b35643 sd-boot: Allow disabling timeout 2021-10-08 15:26:55 +02:00
Daan De Meyer
d888ef68d1 coredump: Add --all option
This option has coredumpctl look at all journals instead of only the
local ones. This allows coredumpctl to show information about remote
coredumps if the coredumps are made available in /var/lib/systemd/coredump
and the corresponding journals are made available in /var/log/journal.

This is already possible using the --directory option but --all makes it
more user friendly since users don't have to enter the journal directory
anymore as long as it's available under /var/log/journal.
2021-10-07 22:13:12 +02:00
Yu Watanabe
6830c3a553
Merge pull request #20778 from yuwata/network-ipv6-token
network: rework IPv6 address generation mode
2021-10-07 23:24:00 +09:00
Lennart Poettering
bd3bfc8856 man: document the two new switches for systemd-cgls 2021-10-07 11:50:52 +02:00
Luca Boccassi
0cf250022c
Merge pull request #20926 from yuwata/udev-net-wol-sopass
udev/net: introduce WakeOnLanPassword=
2021-10-06 23:36:05 +01:00
Yu Watanabe
d3867133f0 udev/net: introduce WakeOnLanPassword=
Closes #20913.
2021-10-07 01:50:37 +09:00
Yu Watanabe
e609cd0694 network: introduce Token= setting in [IPv6Prefix]
Closes #20149.
2021-10-07 01:24:50 +09:00
Yu Watanabe
f5960e0ab5 network: extend Token= setting in [DHCPv6PrefixDelegation]
Now the setting supports the same syntax as the one in the [IPv6AcceptRA]
section.
2021-10-07 01:24:12 +09:00
Yu Watanabe
140bf8dacc network: introduce Token=eui64
So, now user can explicitly request EUI-64 algorithm to generate addresses.
2021-10-07 01:16:36 +09:00
Yu Watanabe
a73628e647 network: rename IPv6Token= in [Network] -> Token= in [IPv6AcceptRA]
The token is only used by received prefixes through RA.
2021-10-07 01:16:36 +09:00
Lennart Poettering
9a1ddc8dee
Merge pull request #18145 from kinvolk/iaguis/lsm-bpf
Add RestrictFileSystems= property using LSM BPF
2021-10-06 16:23:27 +02:00
Zbigniew Jędrzejewski-Szmek
e5f093bf99 man: add discussion of read-only filesystem support in daemons
This is inspired by https://bugzilla.redhat.com/show_bug.cgi?id=1853293.  Let's
mention that applications should be prepared for /var being read-only.
2021-10-06 09:54:17 +01:00
Iago López Galeiras
20080622de man: document systemd-analyze filesystems 2021-10-06 10:52:15 +02:00
Iago López Galeiras
d6d6f55d8e man: document EXIT_BPF status 2021-10-06 10:52:14 +02:00
Iago López Galeiras
a6826f6b8e man: add RestrictFileSystems= documentation 2021-10-06 10:52:14 +02:00
Iago López Galeiras
cc86a278de core: add dbus RestrictFileSystems= properties 2021-10-06 10:52:14 +02:00
Lennart Poettering
643006f62b man: document the new DefaultOOMScoreAdjust= setting 2021-10-04 16:27:11 +02:00
Lennart Poettering
d4a402e4f6 core: add a new setting DefaultOOMScoreAdjust= and set it to 100 above service manager's by default
Let's make our service managers slightly less likely to be killed by the
OOM killer by adjusting our services' OOM score adjustment to 100 above
ours. Do this conservatively, i.e. only for regular user sessions.
2021-10-04 16:27:10 +02:00
Luca Boccassi
9d0ad242b8 man/glib-event-glue example: relicense to CC0-1.0
All other examples were relicensed to CC0-1.0 since they are intended
to be copied and pasted anywhere without any restrictions.
Relicense the last one too.
2021-10-04 11:05:22 +02:00
Luca Boccassi
f4d74c6105 man: add licenses to all files that lack one
Documentation is licensed under LGPL-2.1-or-later.
Scripts are MIT to facilitate reuse.
Examples are relicensed to CC0-1.0 to maximise copy-and-paste
for users, with permission from authors.
2021-10-01 17:27:34 +01:00
Zbigniew Jędrzejewski-Szmek
8f5bcd615b licensing: add forgotten spdx headers
Those are all "our" files, but we forgot to add the headers,
most likely because of non-standard file extensions.
2021-10-01 14:45:00 +02:00
alexlzhu
fab79a85af docs: Fixing typo in systemd.device man page and README.
systemd-udevd.service listens to kernel uevents and is needed for device
units to be available.

systemd-udevd.service is misspelled as systemd-udev.service in a couple places.

Fixing typo.
2021-09-29 22:18:38 +01:00
Yu Watanabe
bfcc0fedd0
Merge pull request #20871 from mrc0mmand/udevadm-property-value
udev: teach udevadm --property=NAME and --value options
2021-09-30 00:05:02 +09:00
Marcel Menzel
3e90ded70c
doc: network: Move "Independent=" flag to the VXLAN section (#20881) 2021-09-29 23:19:20 +09:00
Lennart Poettering
e30a3ba16a core: drop "const" from NeedsDaemonReload unit dbus property
It's not "const", it can change any time if people change the fs, and we
don#t send out notifications for it. Hence don't claim it was const.
(Otherwise clients might cache it, but they should not)

Prompted-by: #20792
2021-09-29 14:37:07 +02:00
Frantisek Sumsal
6c1482b28d udev: teach udevadm --property=NAME and --value options
which allows limiting the properties listed by the `--query=property` option
(and optionally listing only the respective values).
2021-09-29 13:32:25 +02:00
Albert Brox
5918a93355 core: implement RuntimeMaxDeltaSec directive 2021-09-28 16:46:20 +02:00
alexlzhu
8c35c10d20 core: Add ExecSearchPath parameter to specify the directory relative to which binaries executed by Exec*= should be found
Currently there does not exist a way to specify a path relative to which
all binaries executed by Exec should be found. The only way is to
specify the absolute path.

This change implements the functionality to specify a path relative to which
binaries executed by Exec*= can be found.

Closes #6308
2021-09-28 14:52:27 +01:00
Lennart Poettering
49e9218ae3
Merge pull request #20768 from pdmorrow/shutdown_cgroup_ctrl
cgroups: apply StartupAllowedCPUs= and StartupAllowedMemoryNodes= during shutdown
2021-09-27 13:44:54 +02:00
Zbigniew Jędrzejewski-Szmek
66a0e22293
Merge pull request #20849 from keszybz/man-page-tags-and-links
Add license tags to doc pages, fixups and more internal links in man pages
2021-09-27 12:09:48 +02:00
Zbigniew Jędrzejewski-Szmek
d8e1613ed2 man: mention pages with more settings at end of each option list
For some unit types we have hundreds of options, and the reader may easily miss
that more options are described in other pages. We already mentioned this in
the introduction and then at the top of the option list, but it can't hurt to
repeat the information.

Also, add an (almost empty) Options section for the unit types which don't have
any custom options. It is nicer to have the same page structure in all cases,
so people can jump between pages for different types more easily.
2021-09-27 09:19:02 +02:00
Zbigniew Jędrzejewski-Szmek
18c7a1eb6c man: refresh description of sysvinit compat for services
The existing text must have been written before systemd-sysv-generator was
created. We don't create the wrappers dynamically since a long time.

Also add more links and make the description conditional on "if compat
is enabled".
2021-09-27 09:19:02 +02:00
Zbigniew Jędrzejewski-Szmek
880e1e0729 man: minor grammar fixups in systemd-cryptenroll 2021-09-27 09:19:02 +02:00
Zbigniew Jędrzejewski-Szmek
a14e028e86 man: cross-reference DeviceAllow= and PrivateDevices=
They are somewhat similar, but not easy to discover, esp. considering that
they are described in different pages.

For PrivateDevices=, split out the first paragraph that gives the high-level
overview. (The giant second paragraph could also use some heavy editing to break
it up into more digestible chunks, alas.)
2021-09-27 09:19:02 +02:00
Anssi Hannula
9376b2aab3 man: fix a reference in timedatectl man page
timedatectl(1) says the synchronization service list generation is
described "below", but in reality it is documented in
systemd-timedated.service(8).

Fix the sentence to reference the correct man page.
2021-09-24 18:35:42 +01:00
Peter Morrow
058a2d8f13 man: Startup* updates for systemd.resource-control
All Startup*= directives now also apply to the shutdown phase as well as
boot phase.
2021-09-24 15:09:54 +01:00
Anita Zhang
2b33e41aaf link: connect 5 more properties to ethtool features
Sets up the follow properties and their corresponding ethtool feature:
- ReceiveVLANCTAGHardwareAcceleration == rx-vlan-hw-parse (or rxvlan)
- TransmitVLANCTAGHardwareAcceleration == tx-vlan-hw-insert (or txvlan)
- ReceiveVLANCTAGFilter == rx-vlan-filter
- TransmitVLANSTAGHardwareAcceleration == tx-vlan-stag-hw-insert
- NTupleFilter == rx-ntuple-filter (or ntuple)
2021-09-24 20:40:23 +09:00
Lennart Poettering
99d51ed939 man: document the new systemd-boot drop-in driver dir logic 2021-09-23 17:24:28 +02:00
Lennart Poettering
b8cdb66279 man: the sd-boot menu is probably more "textual" then "graphical", hence don't lie
(also, most communication happens between boot loader and OS, only
seldom stuff goes the other way, hence mention that the boot loader
first)
2021-09-23 17:24:28 +02:00
Lennart Poettering
3f9a615dcf man: add man page for the systemd UEFI stub
Fixes: #17215
2021-09-23 17:24:28 +02:00
Yu Watanabe
3346eb1800
Merge pull request #20652 from OnkelUlla/fix_systemd.netdev_manpage
Some Fixes for SYSTEMD.NETDEV(5)
2021-09-22 15:34:21 +09:00
Zbigniew Jędrzejewski-Szmek
a7052c6e5c meson: fix creation of man pages indices
Fixes #20795. Bug introduced in f12c5d36a9.
2021-09-21 15:36:46 +01:00
Lennart Poettering
28078aa5cc
Merge pull request #20483 from medhefgo/boot
sd-boot: Add support for changing console mode at runtime
2021-09-16 00:03:41 +02:00
Jan Janssen
1b965abc66 sd-boot: Add support for changing console mode at runtime 2021-09-15 16:32:18 +02:00
Peter Morrow
c93a7d4ad3 docs: update docs with StartupAllowedCPUs and StartupAllowedMemoryNodes details
Signed-off-by: Peter Morrow <pemorrow@linux.microsoft.com>
2021-09-15 09:52:12 +01:00
Lennart Poettering
9a89ab26d6 man: extend documentation about TPM2 PCRs
This is an effort to compile a somewhat complete list how PCRs are
actually used on Linux systems these days. It contains data from: the
UEFI PC spec, the shim, the IMA, grub documentation.

I validated these PCRs to some level in the sources.

The grub specific stuff I only added in comments, since I was too lazy
too validate it (also, meh, grub).

It also gives people a hint on which PCR to bind to (and maybe kind of
an explanation of our default choice).
2021-09-14 17:37:06 +02:00
Yu Watanabe
e47bcb7d0b network: do not use RouteTable= in [DHCPv4] section for DHCPv6 routes
We forgot to add RouteTable= in [DHCPv6] section when we split [DHCP]
into two.
2021-09-14 17:51:19 +09:00
Lennart Poettering
215e19eb27 id128: clarify that the "well-known" IDs are about GPT partition types
At least for now they are all GPT partition types, and we should mention
that.
2021-09-10 13:39:16 +02:00
Ulrich Ölmann
489f01f806 man/systemd.netdev: adjust documentation of MAC addresses for bridges
In the past bridge devices used to be created with a generated MAC address
thwarting the inheritance of the first slave's MAC address. This has been
changed by commit [1] some time ago. Reflect that behavioral change in the
documentation.

[1] deb2cfa4c6 ("networkd: do not generate MAC for bridge device.")
2021-09-06 22:10:30 +02:00
Ulrich Ölmann
5c3e7c4a3b man/systemd.netdev: fix typos
Signed-off-by: Ulrich Ölmann <u.oelmann@pengutronix.de>
2021-09-06 22:08:12 +02:00
Maanya Goenka
4b4a8ef741 systemd-analyze: add new option to generate JSON output of security analysis table
The new option --json= works with the 'security' verb and takes in one of three format flags.
These are off which is the default, pretty and short which use JSON format flags for output.
When set to true, it generates a JSON formatted output of the security analysis table. The
format is a JSON array with objects containing the following fields: set which indicates if
the id has been set or not, name which is what is used to refer to the id, json_field
which is the equivalent JSON formatted id name only used for JSON outputs, description which
is an outline of the id state, and exposure which is an unsigned integer in the range 0.0..10.0,
where a higher value corresponds to a higher security threat. The JSON version of the table is
printed on the standard output file.

Example Run:

The unit file testfile.service was created to test the --json= option

maanya-goenka@debian:~/systemd (json-security)$ cat <<EOF >testfile.service

> [Service]
> ExecStart = echo hello
> PrivateNetwork = yes
> PrivateMounts = yes
> PrivateDevices = yes
> EOF

Both the JSON output and the security analysis table below have been truncated to increase readability.
1. Testing for when --json=off

maanya-goenka@debian:~/systemd (json-security)$ sudo build/systemd-analyze security --json=off --root= --offline=true
testfile.service --no-pager

/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's
process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'.
Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating
/var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your
unit file, and consider removing the setting altogether.
/home/maanya-goenka/systemd/foo.service:2: Unknown key name 'foo' in section 'Unit', ignoring.

    NAME                                                      DESCRIPTION                                                       EXPOSURE
✓   PrivateNetwork=                                           Service has no access to the host's network
✗   User=/DynamicUser=                                        Service runs as root user                                              0.4
✗   CapabilityBoundingSet=~CAP_SET(UID|GID|PCAP)              Service may change UID/GID identities/capabilities                     0.3
✗   CapabilityBoundingSet=~CAP_NET_ADMIN                      Service has administrator privileges                                   0.3

→ Overall exposure level for testfile.service: 8.3 EXPOSED 🙁

2. Testing for when --json=pretty

maanya-goenka@debian:~/systemd (json-security)$ sudo build/systemd-analyze security --json=pretty --root= --offline=true
testfile.service

/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's
process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'.
Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating
/var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your
unit file, and consider removing the setting altogether.
/home/maanya-goenka/systemd/foo.service:2: Unknown key name 'foo' in section 'Unit', ignoring.

[
        {
                "set" : true,
                "name" : "PrivateNetwork=",
		"json-field" : "PrivateNetwork",
                "description" : "Service has no access to the host's network",
                "exposure" : null
        },
        {
                "set" : false,
                "name" : "User=/DynamicUser=",
		"json-field" : "UserOrDynamicUser",
                "decsription" : "Service runs as root user",
                "exposure" : "0.4"
        },
        {
                "set" : false,
                "name" : "CapabilityBoundingSet=~CAP_SET(UID|GID|PCAP)",
		"json_field" : "CapabilityBoundingSet_CAP_SET_UID_GID_PCAP",
                "description" : "Service may change UID/GID identities/capabilities",
                "exposure" : "0.3"
        },
        {
                "set" : false,
                "name" : "CapabilityBoundingSet=~CAP_NET_ADMIN",
		"json_field" : "CapabilityBoundingSet_CAP_NET_ADMIN",
                "description" : "Service has administrator privileges",
                "exposure" : "0.3"
        },
        ...
]

3. Testing for when --json=short

maanya-goenka@debian:~/systemd (json-security)$ sudo build/systemd-analyze security --json=short --root= --offline=true
testfile.service

/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's
process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'.
Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating
/var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your
unit file, and consider removing the setting altogether.
/home/maanya-goenka/systemd/foo.service:2: Unknown key name 'foo' in section 'Unit', ignoring.

[{"set":true,"name":"PrivateNetwork=", "json_field":"PrivateNetwork", "description":"Service has no access to the host's network","exposure":null}, ...]
2021-09-06 19:55:27 +01:00
Kyle Laker
c1e6f21556
systemd-analyze: use config value in RestrictNamespaces id (#20645)
For most fields, the text shown by `.id` is the value that should be set
in the unit file; however, for RestrictNamespaces, it is not. Changing
this to show the actual text makes it more clear to a user what the
actual change that needs to be made to the unit file is.
2021-09-06 17:33:16 +02:00
Yu Watanabe
57aef9d737 network: introduce KeepMaster= setting
Closes #20624.
2021-09-04 00:23:20 +09:00
Yu Watanabe
a94ed9bd62 man: drop unnecessary white space 2021-09-04 00:20:36 +09:00
Daan De Meyer
8de7929de5 mkosi: Add zsh to Arch packages
Useful for testing zsh completion changes.
2021-09-01 10:01:18 +02:00
Maanya Goenka
ecfd082b71 systemd-analyze: add new 'security' option to allow user to choose custom requirements
A new option --security-policy= is added to work with the 'security' verb in order to enable
users to create and pass in a JSON file consisting of user defined requirements
against which to compare the specified unit file(s). These requirements then serve
as the measure of security threats for the file instead of the initial hard coded set of
requirements that the 'security' verb of systemd-analyze relied on.

Example Run:

A snapshot of the user defined testfile.json file is shown below instead of the complete file
for readability purposes.

{
"PrivateDevices":
    {"description_good": "Service has no access to hardware devices",
    "description_bad": "Service potentially has access to hardware devices",
    "weight": 1000,
    "range": 1
    },
"PrivateMounts":
    {"description_good": "Service cannot install system mounts",
    "description_bad": "Service may install system mounts",
    "weight": 1000,
    "range": 1
    },
"PrivateNetwork":
    {"description_good": "Service has no access to the host's network",
    "description_bad": "Service has access to the host's network",
    "weight": 2500,
    "range": 1
    },
"PrivateTmp":
    {"description_good": "Service has no access to other software's temporary files",
    "description_bad": "Service has access to other software's temporary files",
    "weight": 1000,
    "range": 1
    },
"PrivateUsers":
    {"description_good": "Service does not have access to other users",
    "description_bad": "Service has access to other users",
    "weight": 1000,
    "range": 1
    }
}

1. I created the jsontest.service file in order to test the --security-policy= option as follows:

maanya-goenka@debian:~/systemd (custom-security)$ cat<<EOF>jsontest.service
> [Service]
> ExecStart = echo hello
> PrivateNetwork = yes
> PrivateDevices = yes
> PrivateMounts = yes
> EOF

The security analysis table outputted below has been truncated to include only the first few lines for readability.

maanya-goenka@debian:~/systemd (custom-security)$ sudo build/systemd-analyze security --root= --offline=true
--security-policy=src/analyze/testfile.json jsontest.service
/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's
process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'.
Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your
unit file, and consider removing the setting altogether.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating
/var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.

  NAME                                                         DESCRIPTION
✓ PrivateNetwork                                               Service has no access to the host's network
✗ UserOrDynamicUser                                            Service runs as root user
✗ CapabilityBoundingSet_CAP_SET_UID_GID_PCAP                   Service may change UID/GID identities/capabilities
✓ PrivateMounts                                                Service cannot install system mounts
✓ PrivateDevices                                               Service has no access to hardware devices

→ Overall exposure level for jsontest.service: 8.3 EXPOSED 🙁

maanya-goenka@debian:~/systemd (custom-security)$ echo $? 0

2. In order to ensure that the JSON data was actually being correctly parsed, I made some changes to the JSON
file, specifically to the id "PrivateNetwork" as follows:

Before:
--------

"PrivateNetwork":
    {"description_good": "Service has no access to the host's network",
    "description_bad": "Service has access to the host's network",
    "weight": 2500,
    "range": 1
    }

After:
--------

"PrivateNetwork":
    {"description_good": "Service runs without access to host network",
    "description_bad": "Service has access to the host's network",
    "weight": 6000,
    "range": 1
    }

As expected, the new description for the description_good field of the Private Network id was updated in
the analysis table outputted below and the overall exposure level of the unit file decreased because
the weight assigned to 'Private Network' (which is set to yes) increased from 2500 to 6000.

maanya-goenka@debian:~/systemd (custom-security)$ sudo build/systemd-analyze security --root= --offline=true
--security-policy=src/analyze/testfile.json jsontest.service

/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's
process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'.
Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your
unit file, and consider removing the setting altogether.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating
/var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.

  NAME                                                         DESCRIPTION
✓ PrivateNetwork                                               Service runs without access to the host's network
✗ UserOrDynamicUser                                            Service runs as root user
✗ CapabilityBoundingSet_CAP_SET_UID_GID_PCAP                   Service may change UID/GID identities/capabilities
✓ PrivateMounts                                                Service cannot install system mounts
✓ PrivateDevices                                               Service has no access to hardware devices

→ Overall exposure level for jsontest.service: 7.8 EXPOSED 🙁

maanya-goenka@debian:~/systemd (custom-security)$ echo $? 0

3. When paired with security's --threshold= option, systemd-analyze exits with a non-zero error status indicating
that the overall exposure level for the unit file (=78) is greater than the set threshold (=70). The same
jsontest.service file is used for the demo run below:

maanya-goenka@debian:~/systemd (custom-security)$ sudo build/systemd-analyze security --root= --offline=true
--security-policy=src/analyze/testfile.json --threshold=70 jsontest.service

/usr/lib/systemd/system/plymouth-start.service:15: Unit configured to use KillMode=none. This is unsafe, as it disables systemd's
process lifecycle management for the service. Please update your service to use a safer KillMode=, such as 'mixed' or 'control-group'.
Support for KillMode=none is deprecated and will eventually be removed.
/usr/lib/systemd/system/gdm.service:30: Standard output type syslog is obsolete, automatically updating to journal. Please update your
unit file, and consider removing the setting altogether.
/usr/lib/systemd/system/dbus.socket:5: ListenStream= references a path below legacy directory /var/run/, updating
/var/run/dbus/system_bus_socket → /run/dbus/system_bus_socket; please update the unit file accordingly.

  NAME                                                         DESCRIPTION
✓ PrivateNetwork                                               Service runs without access to host network
✗ UserOrDynamicUser                                            Service runs as root user
✗ CapabilityBoundingSet_CAP_SET_UID_GID_PCAP                   Service may change UID/GID identities/capabilities
✓ PrivateMounts                                                Service cannot install system mounts
✓ PrivateDevices                                               Service has no access to hardware devices

→ Overall exposure level for jsontest.service: 7.8 EXPOSED 🙁

maanya-goenka@debian:~/systemd (custom-security)$ echo $? 1

new option
2021-08-31 08:02:08 -07:00
Kristian Klausen
b00651cf43 gpt-auto-generator: Use volatile-root by default and automatic logic as fallback
Previously volatile-root was only checked if "/" wasn't backed by a
block device, but the block device isn't necessarily original root block
device (ex: if the rootfs is copied to a ext4 fs backed by zram in the
initramfs), so we always want volatile-root checked.

So shuffle the code around so volatile-root is checked first and
fallback to the automatic logic.

Fix #20557
2021-08-31 13:52:52 +09:00
Thomas Mühlbacher
fee1863c83 man: Don't leak memory in path-documents example
The `sd_path_lookup(3)` man page states that the returned string shall be
`free(3)`'d but then doesn't do so in the example code.

Also add basic error handling as well.
2021-08-31 13:44:49 +09:00