IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
SECCOMP_CFLAGS must be in the global CFLAGS as <seccomp.h> is
included in core/execute.h. when seccomp.h is not in the standard
path.(i.e openSUSE has it in /usr/include/pkg/libseccomp/, precisely to
catch this kind of bugs) compiling systemd fails.
The kernel still doesn't support audit in containers, so let's make use
of seccomp and simply turn it off entirely. We can get rid of this big
as soon as the kernel is fixed again.
This allows us users of the library to keep copies of old leases. This is
used by networkd to know what addresses to drop (if any) when the lease
expires.
In the future this may be used by DNAv4 and sd-dhcp-server.
Thomas H.P. Andersen <phomes@gmail.com> wrote:
> Does -lresolv belong in libsystemd_la_CFLAGS? I would have thought
> that it should be in LIBADD for the lib and LDADD for the test.
signal(7) provides a list of functions which may be called from a
signal handler. Other functions, which only call those functions and
don't access global memory and are reentrant are also safe.
sd_j_sendv was mostly OK, but would call mkostemp and writev in a
fallback path, which are unsafe.
Being able to call sd_j_sendv in a async-signal-safe way is important
because it allows it be used in signal handlers.
Safety is achieved by replacing mkostemp with open(O_TMPFILE) and an
open-coded writev replacement which uses write. Unfortunately,
O_TMPFILE is only available on kernels >= 3.11. When O_TMPFILE is
unavailable, an open-coded mkostemp is used.
https://bugzilla.gnome.org/show_bug.cgi?id=722889
The cppcheck target was introduced by commit 16f4efb415
"build-sys: add cppcheck target". But it is preferable to use a make phony target
for it, as this patch does.
There are two general reasons to use a phony target: to avoid a
conflict with a file of the same name, and to improve performance. In
this case the first reason is obvious, and the second is that make
skips the implicit rule search for phony targets, since it knows that
phony targets do not name actual files that could be remade from other
files (as described in the "Gnu Make" Manual).
A compatibility libsystemd-login library is created which uses
.symver and ifunc magic proposed by Lennart to make programs linked
to the old library name continue to work seamlessly.
Unfortunately the bfd linker crashes:
https://sourceware.org/bugzilla/show_bug.cgi?id=16467
This will be fixed in binutils 2.25.
As a work-around, gold can be used:
LDFLAGS=-Wl,-fuse-ld=gold
Unfortunately the switch to pick the linker appeared in gcc 4.8.
This also doesn't work with LLVM:
http://llvm.org/bugs/show_bug.cgi?id=11897
This adds support to generate a basic resolv.conf in /run/systemd/network.
This file will not take any effect unless a symlink is created from
/etc/resolv.conf.
Nameservers received over DHCP takes precedence over statically configured ones.
Note: /etc/resolv.conf is severely limited, so in the future we will likely
rather provide a much more powerfull nss plugin (or something to that effect),
but this should allow current users to function without any loss of
functionality.
This adds basic DHCPv4 support. Link-sense is enabled unconditionally,
but the plan is to make that configurable.
I tested this in a VM with lots of NICs and over wifi in the various
coffee shops I found this Christmas, but more testing would definitely
be appreciated.
Various operations done by systemd-tmpfiles may only be safely done at
boot (e.g. removal of X lockfiles in /tmp, creation of /run/nologin).
Other operations may be done at any point in time (e.g. setting the
ownership on /{run,var}/log/journal). This distinction is largely
orthogonal to the type of operation.
A new switch --unsafe is added, and operations which should only be
executed during bootup are marked with an exclamation mark in the
configuration files. systemd-tmpfiles.service is modified to use this
switch, and guards are added so it is hard to re-start it by mistake.
If we install a new version of systemd, we actually want to enforce
some changes to tmpfiles configuration immediately. This should now be
possible to do safely, so distribution packages can be modified to
execute the "safe" subset at package installation time.
/run/nologin creation is split out into a separate service, to make it
easy to override.
https://bugzilla.redhat.com/show_bug.cgi?id=1043212https://bugzilla.redhat.com/show_bug.cgi?id=1045849
Let's try to standardize on a single non-cryptographic hash algorithm,
and for that SipHash appears to be the best answer.
With this change there are two other hash functions left in systemd: an
older version of MurmurHash embedded into libudev for the bloom filters
in udev messages (which is hard to update, given that the we probably
should stay compatible with older versions of the library). And lookup3
in the journal files (which we could replace for new files, but which is
probably not worth the work).
systemd-bus-driverd is a small daemon that connects to kdbus and
implements the org.freedesktop.DBus interface. IOW, it provides the bus
functions traditionally taken care for by dbus-daemon.
Calls are proxied to kdbus, either via libsystemd-bus (were applicable)
or with the open-coded use of ioctl().
Note that the implementation is not yet finished as the functions to
add and remove matches and to start services by name are still missing.
This uses --enable=all mode. Should be taken with a grain of salt
though. While many recommendations make sense we should probably keep
"int r" always on function scope, and many of the portability warnings
really don't matter to us because we only care for Linux/glibc.
Set a fake MAC address and emulate raw packet sending. When the buffer
containing the Discover message is received, check selected IP and
UDP headers and compute IP header and UDP message checksums. Also
send the DHCP message for option parsing and expect a successful
outcome.
Adds a new call sd_event_set_watchdog() that can be used to hook up the
event loop with the watchdog supervision logic of systemd. If enabled
and $WATCHDOG_USEC is set the event loop will ping the invoking systemd
daemon right after coming back from epoll_wait() but not more often than
$WATCHDOG_USEC/4. The epoll_wait() will sleep no longer than
$WATCHDOG_USEC/4*3, to make sure the service manager is called in time.
This means that setting WatchdogSec= in a .service file and calling
sd_event_set_watchdog() in your daemon is enough to hook it up with the
watchdog logic.
The static analyzer scan-build had a few issues with analysing
parts of systemd.
gpt-auto-generator.c:
scan-build could not find blkid.h. Whether it should be blkid.h or
blkid/blkid.h seems to depend on the version used. We already use
blkid/blkid.h in udev-builtin-blkid.c so it seems safe to use that
here too.
Makefile.am:
Moved some -D's from CFLAGS to CPPFLAGS. I also simplified them a
bit and got rid of a left over DBUS_CFLAGS.
test-cgroup-mask.c/test-sched-prio.c
A variable was added to store the replaced TEST_DIR. When wrapped
in an assert_se TEST_DIR was not replaced in the logged error.
While not an issue introduced in this patch we might as well fix
it up while we are here.
We don't do this for .c files either, even they are also influence quite
a bit by makefile settings. Given that XSLT is a lot slower then the
rest of the build let's make our build a bit faster if people end up
touching the Makefile.
This way we can unify handling of credentials that are attached to
messages, or can be queried for bus name owners or connection peers.
This also adds the ability to extend incomplete credential information
with data from /proc,
Also, provide a convenience call that will automatically determine the
most appropriate credential object for an incoming message, by using the
the attached information if possible, the sending name information if
available and otherwise the peer's credentials.
A bridge is specified in a .netdev file with a section [Bridge]
and at least the entry Name=.
A link may be joined to a bridge if the .network applied to it has
a Bridge= entry giving the name of the bridge in its [Network] section.
We eagerly create all bridges on startup, and links are added to
bridges as soon as they both appear.
All calls that set a sd_bus_error structure will now return the same
error converted to a negative errno. This may be used as syntactic sugar
to return from a function and setting a bus_error structure in one go.
Also, translate all Linux Exyz (EIO, EINVAL, EUCLEAN, EPIPE, ...)
automatically into counterparts in the (new) "Posix.Error." namespace.
If we fail to allocate memory for the components of a sd_bus_error
automatically reset it to an OOM error which we always can write.
This patch converts PID 1 to libsystemd-bus and thus drops the
dependency on libdbus. The only remaining code using libdbus is a test
case that validates our bus marshalling against libdbus' marshalling,
and this dependency can be turned off.
This patch also adds a couple of things to libsystem-bus, that are
necessary to make the port work:
- Synthesizing of "Disconnected" messages when bus connections are
severed.
- Support for attaching multiple vtables for the same interface on the
same path.
This patch also fixes the SetDefaultTarget() and GetDefaultTarget() bus
calls which used an inappropriate signature.
As a side effect we will now generate PropertiesChanged messages which
carry property contents, rather than just invalidation information.
I know that this is a pretty big net to catch some small fish,
but we *do* regularly forget to properly export symbols that
were supposed to be exported.
This time sd_bus_get_current and some renamed symbols are caught.
For GNOME (Continuous), we are unlikely to require or want
systemd-networkd in the near term future; all of the tools and code
are targeting NetworkManager.
The long term story is still an open question of course, but for now,
there's no reason for gnome-continuous to build or ship this.
This daemon listens for and configures network devices tagged with
'systemd-networkd'. By default, no devices are tagged so this daemon
can safely run in parallel with existing network daemons/scripts.
Networks are configured in /etc/systemd/network/*.network. The first .network
file that matches a given link is applied. The matching logic is similar to
the one for .link files, but additionally supports matching on interface name.
The mid-term aim is to provide an alternative to ad-hoc scripts currently used
in initrd's and for wired setups that don't change much (e.g., as seen on
servers/and some embedded systems).
Currently, static addresses and a gateway can be configured.
Example .network file:
[Match]
Name=wlp2s0
[Network]
Description=My Network
Gateway=192.168.1.1
Address=192.168.1.23/24
Address=fe80::9aee:94ff:fe3f:c618/64
NOTE: the show-* subcommands do not print some properties:
this are those with types like (so), a(so), (uo),...
we need to fix this, but I'm not sure how
The sd-event APIs should be available only as part of libsystemd-bus so
that the utility calls are not linked into each independently and we can
minimize the number of libraries we have.
To write useful bus code clients need to validate utf8 frequently since
the bus reacts allergic to it. Since glibc does not provide any calls
for this, let's provide it as part of libsystemd-bus.
Old static libsystemd-bus.la becomes libsystemd-bus-internal.la.
memfd functions are also exported in the same library.
(Best viewed with --color-words -U0).
The path_id-builtin provides useful unique aliases for DRM devices. If we
want to configure DRM render-nodes for compositors, we want to avoid
storing the whole sys-path in configuration files. Hence, allow users to
store the short PATH_ID instead.
Load path_id-builtin unconditionally on DRM devices now to always provide
this alias.
This introduces a new key MACAddressPolicy.
The possible policies are 'persistent' and 'random'.
'persistent' will do nothing if the current address is the hardware address,
but if the hardware does not have an address (or another address is set for
whatever reason), we will generate an address which will be random, but
persistent between boots (based on machineid and persistent netif name).
'random' will do nothing if the kernel already set a random address, otherwise
it will generate a random one and use that instead.
This patch sets MACAddressPolicy=persistent in the default .link file.
This introduces a new key NamePolicy, which takes an ordered list of naming
policies. The first successful one is applide. If all fail the value of Name
(if any) is used.
The possible policies are 'onboard', 'slot', 'path' and 'mac'.
This patch introduces a default link file, which replaces the equivalent udev
rule.
This is intentionally as similar to sd-bus as possible. While it
would be simple to export it, the intentions is to keep this
internal (at least for the forseeable future).
Currently only synchronous communication is implemented
This tool applies hardware specific settings to network devices before they
are announced via libudev.
Settings that will probably eventually be supported are MTU, Speed,
DuplexMode, WakeOnLan, MACAddress, MACAddressPolicy (e.g., 'hardware',
'synthetic' or 'random'), Name and NamePolicy (replacing our current
interface naming logic). This patch only introduces support for
Description, as a proof of concept.
Some of these settings may later be overriden by a network management
daemon/script. However, these tools should always listen and wait on libudev
before touching a device (listening on netlink is not enough). This is no
different from how things used to be, as we always supported changing the
network interface name from udev rules, which does not work if someone
has already started using it.
The tool is configured by .link files in /etc/net/links/ (with the usual
overriding logic in /run and /lib). The first (in lexicographical order)
matching .link file is applied to a given device, and all others are ignored.
The .link files contain a [Match] section with (currently) the keys
MACAddress, Driver, Type (see DEVTYPE in udevadm info) and Path (this
matches on the stable device path as exposed as ID_PATH, and not the
unstable DEVPATH). A .link file matches a given device if all of the
specified keys do. Currently the keys are treated as plain strings,
but some limited globbing may later be added to the keys where it
makes sense.
Example:
/etc/net/links/50-wireless.link
[Match]
MACAddress=98:f2:e4:42:c6:92
Path=pci-0000:02:00.0-bcma-0
Type=wlan
[Link]
Description=The wireless link
Always add the default AM_CFLAGS first.
If variables are used in conditionals, the default assignment
of AM variables is disabled, even when the conditional is not
in use; foo_CFLAGS = $(AM_CFLAGS) is needed, even when it looks
like a no-op.
fsck-root is redundant in case an initrd is used, or in case the rootfs
is never remounted 'rw', so the new default is the correct behavior for
most users. For the rest, they should enable it in fstab.
The thing is a daemon, hence needs a "d" prefix. Also, we tend to not
abbreviate names of background components unnecessarily, since they are
not primary commands people type. Then, the fact that this thing does
socket actviation is mostly in implementationd detail for the proxy.
Also, do some minor indenting clean-ups and other code updates.
Among other things this also adds a few things necessary for the change:
- Considerably more powerful error returning APIs in libsystemd-bus
- Adapter for connecting an sd_bus to an sd_event
- As I reworked the PolicyKit logic to the new library I also made it
asynchronous, so that PolicyKit requests of one user cannot block out
another user anymore.
- We always use the macro names for common bus error. That way it is
harder to mistype them since the compiler will notice
rename old versions to ascii_*
Do not take into account zerowidth characters, but do consider double-wide characters.
Import needed utf8 helper code from glib.
v3: rebase ontop of utf8 restructuring work
[zj: tweak the algorithm a bit, move new code to separate file]
So far we tried to use epoll directly wherever we needed an event loop.
However, that has various shortcomings, such as the inability to handle
larger amounts of timers (since each timerfd costs one fd, which is a
very limited resource, usually bounded to 1024), and inability to do
priorisation between multiple queued events.
Let's add a minimal event loop API around epoll that is suitable for
implementation of our own daemons and maybe one day can become public
API for those who desire it.
This loop is part of libsystemd-bus, but may be used independently of
it.
Since on most systems with xattr systemd will compile with Smack
support enabled, we still attempt to mount various fs's with
Smack-only options.
Before mounting any of these Smack-related filesystems with
Smack specific mount options, check if Smack is functionally
active on the running kernel.
If Smack is really enabled in the kernel, all these Smack mounts
are now *fatal*, as they should be.
We no longer mount smackfs if systemd was compiled without
Smack support. This makes it easier to make smackfs mount
failures a critical error when Smack is enabled.
We no longer mount these filesystems with their Smack specific
options inside containers. There these filesystems will be
mounted with there non-mount smack options for now.
This adds a lightweight scheme how to define interfaces in static fixed
arrays which then can be easily registered on a bus connection. This
makes it much easier to write bus services.
This automatically handles implementation of the Properties,
ObjectManager, and Introspection bus interfaces.
Systemd-logind does not pull in cg_create(), if we unconditionally link
this, all users of systemd-logind qill need the label stuff and therefore
link against selinux.
It is probably a build-system issue, or something that need to be sorted
out in a differnt way than linking not needed libs.
This reverts commit ceadabb102.
libsystemd-login.la uses cg_create() that currently seems to be a part
of libsystemd-label.la. However, it doesn't link against that library
and it seems that none of the (unconditional) libraries it uses do. In
the end, people end up getting «undefined reference to `cg_create'»
when trying to build e.g. dbus.
liblogind-core.la was underlinked, missing a few functions
defined in logind.c. They are moved to a new file, logind-core.c,
and this file is linked into liblogind-core.la.
In addition, logind-acl.c is attached to the liblogind-core.la,
instead of systemd-logind directly.
Prefer firmware-provided performance data over loader-exported ones; if
ACPI data is available, always use it, otherwise try to read the loader
data.
The firmware-provided variables start at the time the first EFI image
is executed and end when the operating system exits the boot services;
the (loader) time calculated in systemd-analyze increases.
In the process, rename udev_encode_string which is poorly named for what
it does. It deals specifically with encoding names that udev creates and
has its own rules: utf8 is valid but some ascii is not (e.g. path
separators), and everything else is simply escaped. Rename it to
encode_devnode_name.
A session-device is a device that is bound to a seat and used by a
session-controller to run the session. This currently includes DRM, fbdev
and evdev devices. A session-device can be created via RequestDevice() on
the dbus API of the session. You can drop it via ReleaseDevice() again.
Once the session is destroyed or you drop control of the session, all
session-devices are automatically destroyed.
Session devices follow the session "active" state. A device can be
active/running or inactive/paused. Whenever a session is not the active
session, no session-device of it can be active. That is, if a session is
not in foreground, all session-devices are paused.
Whenever a session becomes active, all devices are resumed/activated by
logind. If it fails, a device may stay paused.
With every session-device you request, you also get a file-descriptor
back. logind keeps a copy of this fd and uses kernel specific calls to
pause/resume the file-descriptors. For example, a DRM fd is muted
by logind as long as a given session is not active. Hence, the fd of the
application is also muted. Once the session gets active, logind unmutes
the fd and the application will get DRM access again.
This, however, requires kernel support. DRM devices provide DRM-Master for
synchronization, evdev devices have EVIOCREVOKE (pending on
linux-input-ML). fbdev devices do not provide such synchronization methods
(and never will).
Note that for evdev devices, we call EVIOCREVOKE once a session gets
inactive. However, this cannot be undone (the fd is still valid but mostly
unusable). So we reopen a new fd once the session is activated and send it
together with the ResumeDevice() signal.
With this infrastructure in place, compositors can now run without
CAP_SYS_ADMIN (that is, without being root). They use RequestControl() to
acquire a session and listen for devices via udev_monitor. For every
device they want to open, they call RequestDevice() on logind. This
returns a fd which they can use now. They no longer have to open the
devices themselves or call any privileged ioctls. This is all done by
logind.
Session-switches are still bound to VTs. Hence, compositors will get
notified via the usual VT mechanisms and can cleanup their state. Once the
VT switch is acknowledged as usual, logind will get notified via sysfs and
pause the old-session's devices and resume the devices of the new session.
To allow using this infrastructure with systems without VTs, we provide
notification signals. logind sends PauseDevice("force") dbus signals to
the current session controller for every device that it pauses. And it
sends ResumeDevice signals for every device that it resumes. For
seats with VTs this is sent _after_ the VT switch is acknowledged. Because
the compositor already acknowledged that it cleaned-up all devices.
However, for seats without VTs, this is used to notify the active
compositor that the session is about to be deactivated. That is, logind
sends PauseDevice("force") for each active device and then performs the
session-switch. The session-switch changes the "Active" property of the
session which can be monitored by the compositor. The new session is
activated and the ResumeDevice events are sent.
For seats without VTs, this is a forced session-switch. As this is not
backwards-compatible (xserver actually crashes, weston drops the related
devices, ..) we also provide an acknowledged session-switch. Note that
this is never used for sessions with VTs. You use the acknowledged
VT-switch on these seats.
An acknowledged session switch sends PauseDevice("pause") instead of
PauseDevice("force") to the active session. It schedules a short timeout
and waits for the session to acknowledge each of them with
PauseDeviceComplete(). Once all are acknowledged, or the session ran out
of time, a PauseDevice("force") is sent for all remaining active devices
and the session switch is performed.
Note that this is only partially implemented, yet, as we don't allow
multi-session without VTs, yet. A follow up commit will hook it up and
implemented the acknowledgements+timeout.
The implementation is quite simple. We use major/minor exclusively to
identify devices on the bus. On RequestDevice() we retrieve the
udev_device from the major/minor and search for an existing "Device"
object. If no exists, we create it. This guarantees us that we are
notified whenever the device changes seats or is removed.
We create a new SessionDevice object and link it to the related Session
and Device. Session->devices is a hashtable to lookup SessionDevice
objects via major/minor. Device->session_devices is a linked list so we
can release all linked session-devices once a device vanishes.
Now we only have to hook this up in seat_set_active() so we correctly
change device states during session-switches. As mentioned earlier, these
are forced state-changes as VTs are currently used exclusively for
multi-session implementations.
Everything else are hooks to release all session-devices once the
controller changes or a session is closed or removed.
There's now some more obvious overlap amongst the two utf8 validation
functions, but no more than there already was previously.
This also adds some menial tests for anyone who wants to do more
merging of these two in the future.
systemd-logind will start user@.service. user@.service unit uses
PAM with service name 'systemd-user' to perform account and session
managment tasks. Previously, the name was 'systemd-shared', it is
now changed to 'systemd-user'.
Most PAM installations use one common setup for different callers.
Based on a quick poll, distributions fall into two camps: those that
have system-auth (Redhat, Fedora, CentOS, Arch, Gentoo, Mageia,
Mandriva), and those that have common-auth (Debian, Ubuntu, OpenSUSE).
Distributions that have system-auth have just one configuration file
that contains auth, password, account, and session blocks, and
distributions that have common-auth also have common-session,
common-password, and common-account. It is thus impossible to use one
configuration file which would work for everybody. systemd-user now
refers to system-auth, because it seems that the approach with one
file is more popular and also easier, so let's follow that.
* Introduce a macro to conditionally execute tests. This avoids
skipping the entire test if some parts require systemd
* Skip the journal tests when no /etc/machine-id is present
* Change test-catalog to load the catalog from the source directory
of systemd.
* /proc/PID/comm got introduced in v2.6.33 but travis is still
using v2.6.32.
* Enable make check and make distcheck on the travis build
* Use -D"CATALOG_DIR=STR($(abs_top_srcdir)/catalog)" as a STRINGIY
would result in the path '/home/ich/source/linux' to be expanded
to '/home/ich/source/1' as linux is defined to 1.
Building for a different version of Python requires removing all
build products for the old version. There's no nice way to do it,
short of doing 'make clean'. The new 'clean-python' target is a
bit hacky, but seems to work:
./configure PYTHON=python2 && make && make install
make clean-python
./configure PYTHON=python3 --disable-gtk-doc --disable-man-pages && make && make install
should install modules for both versions of Python.
Some of the options in systemd can take multiple arguments, such as
systemctl's --type option. Previously, you would only be able to
complete a single type after the -t, but now zsh will continue to
complete the types, separating them by commas.
systemd-inhibit's --what command has colon (:), and that has been taken
into account.
_hosts_or_user_at_host was used by 6 different completions, and
previously was in all 6 of those files. I moved it out to its own file,
_sd_hosts_or_user_at_host. This will be autoloaded for use in other
completion functions. It also allows external completions to use this
function by simply calling _sd_hosts_or_user_at_host as in the systemd
completions.
As many laptops don't save/restore screen brightness across reboots,
let's do this in systemd with a minimal tool, that restores the
brightness as early as possible, and saves it as late as possible. This
will cover consoles and graphical logins, but graphical desktops should
do their own per-user stuff probably.
This only touches firmware brightness controls for now.
This adds a simple generator that is capable of automatically
discovering certain GPT partitions by their type UUID and mount/enable
them. This currently covers swap partitions and /home partitions, but is
expected to grow more features soon.
This currently doesn't handle LUKS encrypted /home.
This enables all swap partitions of type
0657fd6da4ab43c484e50933c84b4f4f, if found.
This mounts the first partition of type 933ac7e12eb44f13b8440e14e2aef915
as /home, if it is found.
In fba1ea0 'build: do not link everything with -lrt (and
therefore -pthread)' librt was removed from the list of
libraries. But libsd-daemon-internal also uses symbols from
librt and librt must thus be added everywhere where
libsd-daemon-interal is used, or otherwise linking might
fail:
/usr/bin/ld: ./.libs/libudev-core.a(sd-daemon.o): undefined reference to symbol 'mq_getattr@@GLIBC_2.3.4'
/usr/bin/ld: note: 'mq_getattr@@GLIBC_2.3.4' is defined in DSO /lib64/librt.so.1 so try adding it to the linker command line
We export the location of a bunch of directories this way,
so it makes sense to add those three. Especially catalogdir
is something that we want people to add things to.
Note on the naming: the first two are tied closely to systemd
itself, so I prefixed them with "systemd". The third one is
rather more generic, so no prefix.
https://bugs.freedesktop.org/show_bug.cgi?id=67635
Moved zsh shell completion to shell-completion/zsh/_systemd for
automake's sake. Also allow users to specify where the files should go
with::
./configure --with-zshcompletiondir=/path/to/some/where
and by default going to `$datadir/zsh/site-functions`
Python 2.7, and 3.2 and higher support querying compilation
flags through pkg-config. This makes python support follow
rules similar to various other optional compilation-time
libraries. New flags are called PYTHON_DEVEL_CFLAGS and
PYTHON_DEVEL_LIBS, because PYTHON (without _DEVEL), is
already used for the python binary name, and things would
be confusing if the same prefix was used for two things.
configure has --disable-python-devel to disable python modules.
One advantage is that CFLAGS for modules gets smaller:
- -I/usr/include/python3.3m -I/usr/include/python3.3m -Wno-unused-result -DDYNAMIC_ANNOTATIONS_ENABLED=1 -DNDEBUG -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -grecord-gcc-switches -m64 -mtune=generic -D_GNU_SOURCE -fPIC -fwrapv
+ -I/usr/include/python3.3m
as does LIBS:
- -lpthread -ldl -lutil -lm -lpython3.3m
+ -lpython3.3m
Support for Python 2.6 is removed, but can be easily
restored by using
PYTHON_DEVEL_CFLAGS="$(python2.6-config --cflags)",
etc., as ./configure parameters.
https://bugs.freedesktop.org/show_bug.cgi?id=57800
Yesterday I added test-suite.log as dependency to the .PRECIOUS
target. Automake is warning about this target being redefined
and from what I see there is no way I can stop the warning but
I can add the %MAKEFILE% as dependency.
automake warning:
Makefile.am:35: warning: user target '.PRECIOUS' defined here ...
/usr/share/automake-1.13/am/configure.am: ... overrides Automake target '.PRECIOUS' defined here
[zj: s/%MAKEFILE%/Makefile/ because %MAKEFILE% wasn't actually substituted properly.]
The addition of .DELETE_ON_ERROR will lead to the removal of the
test-suite.log in case of a test failure. Mark the rule as PRECIOUS
to keep that file around.
Enable coverage with --enable-coverage.
"make coverage" will create the report locally,
"make coverage-sync" will upload the report to
http://www.freedesktop.org/software/systemd/coverage/.
Requires lcov version 1.10 to handle naming in systemd and to
use the --no-external option.
[zj: make the coverage at least generate something with
separate build dir, simplify rules a bit: all errors
are mine. ]
As of kmod v14, it is possible to export the static node information from
/lib/modules/`uname -r`/modules.devname in tmpfiles.d(5) format.
Use this functionality to let systemd-tmpfilesd create the static device nodes
at boot, and drop the functionality from systemd-udevd.
As an effect of this we can move from systemd-udevd to systemd-tmpfiles-setup-dev:
* the conditional CAP_MKNOD (replaced by checking if /sys is mounted rw)
* ordering before local-fs-pre.target (see 89d09e1b5c)
RPM macros are moved from /etc to /usr, in the sprit of moving
in the direction of empty /etc.
RPM gained support for the new directory recently, in v. 4.10.90:
https://bugzilla.redhat.com/show_bug.cgi?id=846679.
Embedded folks don't need the machine registration stuff, hence it's
nice to make this optional. Also, I'd expect that machinectl will grow
additional commands quickly, for example to join existing containers and
suchlike, hence it's better keeping that separate from loginctl.
"Scope" units are very much like service units, however with the
difference that they are created from pre-existing processes, rather
than processes that systemd itself forks off. This means they are
generated programmatically via the bus API as transient units rather
than from static configuration read from disk. Also, they do not provide
execution-time parameters, as at the time systemd adds the processes to
the scope unit they already exist and the parameters cannot be applied
anymore.
The primary benefit of this new unit type is to create arbitrary cgroups
for worker-processes forked off an existing service.
This commit also adds a a new mode to "systemd-run" to run the specified
processes in a scope rather then a transient service.
Fixed build on debian wheezy:
./.libs/libudev.so: undefined reference to `cg_create'
Appears to have no influence on the resulting binaries and
libraries. Cf. b5fafdf63f.
Transient units can be created via the bus API. They are configured via
the method call parameters rather than on-disk files. They are subject
to normal GC. Transient units currently may only be created for
services (however, we will extend this), and currently only ExecStart=
and the cgroup parameters can be configured (also to be extended).
Transient units require a unique name, that previously had no
configuration file on disk.
A tool systemd-run is added that makes use of this functionality to run
arbitrary command lines as transient services:
$ systemd-run /bin/ping www.heise.de
Will cause systemd to create a new transient service and run ping in it.
Replace the very generic cgroup hookup with a much simpler one. With
this change only the high-level cgroup settings remain, the ability to
set arbitrary cgroup attributes is removed, so is support for adding
units to arbitrary cgroup controllers or setting arbitrary paths for
them (especially paths that are different for the various controllers).
This also introduces a new -.slice root slice, that is the parent of
system.slice and friends. This enables easy admin configuration of
root-level cgrouo properties.
This replaces DeviceDeny= by DevicePolicy=, and implicitly adds in
/dev/null, /dev/zero and friends if DeviceAllow= is used (unless this is
turned off by DevicePolicy=).
- This changes all logind cgroup objects to use slice objects rather
than fixed croup locations.
- logind can now collect minimal information about running
VMs/containers. As fixed cgroup locations can no longer be used we
need an entity that keeps track of machine cgroups in whatever slice
they might be located. Since logind already keeps track of users,
sessions and seats this is a trivial addition.
- nspawn will now register with logind and pass various bits of metadata
along. A new option "--slice=" has been added to place the container
in a specific slice.
- loginctl gained commands to list, introspect and terminate machines.
- user.slice and machine.slice will now be pulled in by logind.service,
since only logind.service requires this slice.
In order to prepare for the kernel cgroup rework, let's introduce a new
unit type to systemd, the "slice". Slices can be arranged in a tree and
are useful to partition resources freely and hierarchally by the user.
Each service unit can now be assigned to one of these slices, and later
on login users and machines may too.
Slices translate pretty directly to the cgroup hierarchy, and the
various objects can be assigned to any of the slices in the tree.
quotaon.service is already installed through dist_systemunit_DATA, so it doesn't
need to be added to nodist_systemunit_DATA. Installing the same file twice
results in a race condition where the install process can fail.
https://bugs.freedesktop.org/show_bug.cgi?id=65659
[zj: actually remove quotaon.service from the other list.]
We want to allow clients to process an sd_bus_message on a different
thread than it was received on. Since unreffing a bus message might
readd some of its memfds to the memfd cache add some minimal locking
around the cache.
That way ordering it with MountsRequiredFor= works properly, as this no
longer results in mount units start requests to be added to the shutdown
transaction that conflict with stop requests for the same unit.
This will launch $(PYTHON) with $LD_LIBRARY_PATH and $PYTHONPATH
as ./configure-d and DESTDIR-ed. Use as:
make install DESTDIR=/var/tmp/inst python-shell
Previous commit (20d408766) was broken. The problem is not connected
to DESTDIR being set or not, but to the fact that targets in
$GENERAL_ALIASES have directory components, so mkdir -p wasn't
recursing deep enough.
grawity> ln: failed to create symbolic link
‘/home/grawity/pkg/aur/systemd-git/pkg/systemd//etc/systemd/system/multi-user.target.wants/remote-fs.target’: No such file or directory
