1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-01 17:51:22 +03:00
Commit Graph

3191 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
ef3116b5d4 man: add more commas for clarify and reword a few sentences 2017-02-08 22:53:16 -05:00
Zbigniew Jędrzejewski-Szmek
88e328fd33 man: revert documentation about RequiresMountsFor= honoring noauto
This effectively reverts commit 5d2abc04fc:
Author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date:   Wed Apr 16 22:15:42 2014 -0400

    man: document relationship between RequiresMountsFor and noauto

    https://bugzilla.redhat.com/show_bug.cgi?id=1088057

Fixes #5249.
2017-02-08 20:23:12 -05:00
Zbigniew Jędrzejewski-Szmek
3797fd0a22 man: break long lines and update Fedora versions
We should try to keep the unbreakable lines below 80 columns.
It's not always possible of course.

Also, use the dl.fp.o alias instead of a specific mirror.
2017-02-08 20:22:50 -05:00
Evgeny Vereshchagin
52a4aafb4d Merge pull request #5270 from poettering/seccomp-namespace-fix
swap seccomp filter params on s390
2017-02-09 03:31:22 +03:00
David Glasser
2026e39b2d man: fix docs for swap's DefaultDependencies= (#5278)
There was a missing dependency and one with the wrong type. Additionally, refer
to DefaultDependencies= once instead of twice, without a vague reference in the
first one that doesn't mention that the value matters.

Fixes #5226.
2017-02-09 00:12:36 +01:00
Lennart Poettering
ae9d60ce4e seccomp: on s390 the clone() parameters are reversed
Add a bit of code that tries to get the right parameter order in place
for some of the better known architectures, and skips
restrict_namespaces for other archs.

This also bypasses the test on archs where we don't know the right
order.

In this case I didn't bother with testing the case where no filter is
applied, since that is hopefully just an issue for now, as there's
nothing stopping us from supporting more archs, we just need to know
which order is right.

Fixes: #5241
2017-02-08 22:21:27 +01:00
Lennart Poettering
19d0833bea fstab-generator: also convert % → %% for What=
Same reasons as the previous patch.
2017-02-08 17:20:35 +01:00
Lennart Poettering
d5cc4be28f fstab-generator: Options= applies specifier expansion
Let's document that this is the case, and properly escape % when we
generate Options= in the generator.

Fixes: #5086
2017-02-08 17:20:35 +01:00
Philip Withnall
b53ede699c nspawn: Add support for sysroot pivoting (#5258)
Add a new --pivot-root argument to systemd-nspawn, which specifies a
directory to pivot to / inside the container; while the original / is
pivoted to another specified directory (if provided). This adds
support for booting container images which may contain several bootable
sysroots, as is common with OSTree disk images. When these disk images
are booted on real hardware, ostree-prepare-root is run in conjunction
with sysroot.mount in the initramfs to achieve the same results.
2017-02-08 16:54:31 +01:00
Lennart Poettering
8a50cf6957 seccomp: MemoryDenyWriteExecute= should affect both mmap() and mmap2() (#5254)
On i386 we block the old mmap() call entirely, since we cannot properly
filter it. Thankfully it hasn't been used by glibc since quite some
time.

Fixes: #5240
2017-02-08 15:14:02 +01:00
Lennart Poettering
cec2a20dab man: s/--unmount/--umount/g (#5243)
The --help text currently uses the "--umount" spelling, hence to the
same in the man page too.

And let's settle on "umount" instead of "unmount" here, since most folks
probably expect that when typing in a command, as util-linux' tool is
called "umount" after all, and so is the symlink "systemd-umount" we
install.
2017-02-07 19:54:37 -05:00
Lucas Werkmeister
8331eaabc7 man: document *.d/ drop-in file order (#5262) 2017-02-07 18:58:02 -05:00
Lucas Werkmeister
c04becfa72 man: document that systemd-run --on-* cannot be used with --pty 2017-02-07 16:26:02 +01:00
Lucas Werkmeister
ee3c52ebbe man: use systemctl enable --now 2017-02-07 16:20:25 +01:00
Lucas Werkmeister
aa9f9e587d man: add cross-reference
The third paragraph of the Description already linked to
systemd.resource-control(5), but it was missing from the list of
additional options for the [Service] section.
2017-02-07 16:20:25 +01:00
Lennart Poettering
41488e1f7a dissect: try to read roothash value off user.verity.roothash xattr of image file
This slightly extends the roothash loading logic to first check for a
user.verity.roothash extended attribute on the image file. If it exists,
it is used as Verity root hash and the ".roothash" file is not used.

This should improve the chance that the roothash is retained when the
file is moved around, as the data snippet is attached directly to the
image file. The field is still detached from the file payload however,
in order to make sure it may be trusted independently.

This does not replace the ".roothash" file loading, it simply adds a
second way to retrieve the data.

Extended attributes are often a poor choice for storing metadata like
this as it is usually difficult to discover for admins and users, and
hard to fix if it ever gets out of sync.  However, in this case I think
it's safe as verity implies read-only access, and thus there's little
chance of it to get out of sync.
2017-02-07 12:21:29 +01:00
Lennart Poettering
915e6d1676 core: add RootImage= setting for using a specific image file as root directory for a service
This is similar to RootDirectory= but mounts the root file system from a
block device or loopback file instead of another directory.

This reuses the image dissector code now used by nspawn and
gpt-auto-discovery.
2017-02-07 12:19:42 +01:00
Lennart Poettering
5d997827e2 core: add a per-unit setting MountAPIVFS= for mounting /dev, /proc, /sys in conjunction with RootDirectory=
This adds a boolean unit file setting MountAPIVFS=. If set, the three
main API VFS mounts will be mounted for the service. This only has an
effect on RootDirectory=, which it makes a ton times more useful.

(This is basically the /dev + /proc + /sys mounting code posted in the
original #4727, but rebased on current git, and with the automatic logic
replaced by explicit logic controlled by a unit file setting)
2017-02-07 11:22:05 +01:00
Evgeny Vereshchagin
d52fbaa58c Merge pull request #5225 from poettering/seccomp-socket
make RestrictAddressFamilies= officially a NOP on i386
2017-02-07 05:06:54 +03:00
Lennart Poettering
aa20394579 notify: document that we fake the PID when sending sd_notify() 2017-02-06 20:01:24 +01:00
Lennart Poettering
b3bb64767a man: document that sd_notify() is racy in some cases 2017-02-06 18:21:27 +01:00
Lennart Poettering
142bd808a1 man: Document that RestrictAddressFamilies= doesn't work on s390/s390x/...
We already say that it doesn't work on i386, but there are more archs
like that apparently.
2017-02-06 14:17:12 +01:00
Martin Pitt
d2697a95fe Merge pull request #5223 from keszybz/root-workdir
Fix WorkDir=~ with empty User=
2017-02-05 22:31:02 +01:00
Zbigniew Jędrzejewski-Szmek
d20a328f97 build-sys,man: describe systemd-umount and hook it up to installation (#5227) 2017-02-05 22:27:38 +01:00
Martin Pitt
63927b9f4c man: clarify interface for suspend/resume integration (#5220)
Fixes #4916.
2017-02-03 12:11:37 -05:00
Zbigniew Jędrzejewski-Szmek
8b89628a10 core/execute: set HOME, USER also for root users
This changes the environment for services running as root from:

LANG=C.utf8
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
INVOCATION_ID=ffbdec203c69499a9b83199333e31555
JOURNAL_STREAM=8:1614518

to

LANG=C.utf8
PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin
HOME=/root
LOGNAME=root
USER=root
SHELL=/bin/sh
INVOCATION_ID=15a077963d7b4ca0b82c91dc6519f87c
JOURNAL_STREAM=8:1616718

Making the environment special for the root user complicates things
unnecessarily. This change simplifies both our logic (by making the setting
of the variables unconditional), and should also simplify the logic in
services (particularly scripts).

Fixes #5124.
2017-02-03 11:49:22 -05:00
Lennart Poettering
b415174d8e Merge pull request #5202 from keszybz/cgls-units
systemd-cgls --unit --user-unit
2017-02-02 11:45:51 +01:00
Zbigniew Jędrzejewski-Szmek
e7aa3f5014 cgls: add --user-unit to show user units 2017-02-01 22:31:41 -05:00
Zbigniew Jędrzejewski-Szmek
d9855d87eb cgls: add --unit to show units
$ systemd-cgls -u systemd-journald.service machine.slice

I opted for a "global" switch, instead of modifying the behaviour of just one
argument. It seem to be a more useful setting, since usually one will want to
query one or more units, and not mix unit names with paths.

Closes #5156.
2017-02-01 22:30:03 -05:00
Brandon Philips
9806301614 man: fix spelling error parth -> path 2017-02-02 00:54:42 +01:00
Zbigniew Jędrzejewski-Szmek
bef19548a2 systemctl: restore --failed (#5198)
'systemctl --failed' is an extremely common operation and it's nice to have
a shortcut for it.

Revert "man: don't document systemctl --failed" and add the option back to
systemctl's help and shell completion scripts.

This reverts commit 036359ba8d.
2017-02-02 00:23:46 +01:00
Zbigniew Jędrzejewski-Szmek
c954f33233 man: mention ConditionFirstBoot= in systemd-firstboot(1) (#5186) 2017-01-31 08:25:19 +01:00
Rike-Benjamin Schuppner
b03ec00960 man: fix flag in systemd-run (#5107) 2017-01-20 03:10:30 +03:00
Jakub Wilk
301a21a880 man: fix typos (#5109) 2017-01-19 16:54:22 +01:00
Dmitry Rozhkov
062aabb924 resolve: Add support for mDNS to systemd-resolve utility
Signed-off-by: Dmitry Rozhkov <dmitry.rozhkov@linux.intel.com>
2017-01-19 11:51:21 +02:00
Zbigniew Jędrzejewski-Szmek
5b3637b44a Merge pull request #4991 from poettering/seccomp-fix 2017-01-17 23:10:46 -05:00
AsciiWolf
542ca7c9d2 man: fix typo (#5093) 2017-01-17 12:09:38 +01:00
Zbigniew Jędrzejewski-Szmek
6b3d378331 Merge pull request #4879 from poettering/systemd 2017-01-14 21:29:27 -05:00
Mark Stosberg
ab8864ebc3 man: provide a basic guide to the systemctl status output (#4950)
- Show example of all `systemctl status` output and documents what possible
   "Loaded:", "Active" and "Enabled" values mean.

 - Documents what different colors of the dot mean.

 - Documents "gotcha" with load-on-demand behavior which will report units as
   "loaded" even if they are only loaded to show their status.
   (From @poettering: https://github.com/systemd/systemd/issues/5063#issuecomment-272115024 )
2017-01-14 17:43:32 -05:00
Lennart Poettering
e843b04ee9 Merge pull request #5069 from keszybz/fixlets
Small fixes and enhancements to docs and code
2017-01-12 10:19:30 +01:00
Zbigniew Jędrzejewski-Szmek
9a4bf1e8d3 man: link to sd-j-{remote,upload} from journalctl(1) 2017-01-11 16:37:35 -05:00
Zbigniew Jędrzejewski-Szmek
374e692252 Merge pull request #5009 from ian-kelling/ian-mnt-namespace-doc 2017-01-11 15:23:00 -05:00
micah
6539dd7c42 Document how restart actions work (#5052)
When a user is trying to understand what is going on with a restart action, it is useful to explicitly describe how the action is run. It may seem obvious, but it is helpful to be explicit so one knows there isn't a special ExecRestart= or similar option that they could be looking at.
2017-01-11 15:07:35 -05:00
Zbigniew Jędrzejewski-Szmek
c65aafbb33 man: add more links to systemd-ask-password and systemd-tty-ask-password-agent
Loosely inspired by https://bugzilla.redhat.com/show_bug.cgi?id=1411134.
2017-01-11 12:11:42 -05:00
Lennart Poettering
84e6712f94 Merge pull request #5046 from stefanha/vsock
Add AF_VSOCK socket activation support
2017-01-11 10:53:59 +01:00
Stefan Hajnoczi
359a5bcf78 core: add AF_VSOCK support to socket units
Accept AF_VSOCK listen addresses in socket unit files.  Both guest and
host can now take advantage of socket activation.

The QEMU guest agent has recently been modified to support socket
activation and can run over AF_VSOCK with this patch.
2017-01-10 15:29:04 +00:00
(GalaxyMaster)
23d0fff78d socket-proxyd: fix --connections-max help message and docs (#5044) 2017-01-10 08:55:50 +01:00
Ian Kelling
fa2a396620 doc: MountFlags= don't reference container which may not exist (#5011) 2017-01-03 21:32:31 +01:00
Ian Kelling
7141028d30 doc: correct "or" to "and" in MountFlags= description (#5010) 2017-01-03 21:31:20 +01:00
Ian Kelling
4b957756b8 man: document mount deletion between commands 2017-01-03 02:17:50 -08:00
Martin Pitt
56a9366d7d Merge pull request #4994 from poettering/private-tmp-tmpfiles
automatically clean up PrivateTmp= left-overs in /var/tmp on next boot
2016-12-29 11:18:38 +01:00
Lennart Poettering
9eb484fa40 man: add brief documentation for the (sd-pam) processes created due to PAMName= (#4967)
A follow-up for #4942, adding a brief but more correct explanation of
the processes.
2016-12-29 10:55:27 +01:00
Lennart Poettering
d71f050599 core: implicitly order units with PrivateTmp= after systemd-tmpfiles-setup.service
Preparation for fixing #4401.
2016-12-27 23:25:24 +01:00
Lennart Poettering
7f129a1f7c man: document that "systemd-run -M" propagates exit codes, and "machinectl shell" does not
This adds a brief explanation, suggesting the use of "systemd-run -M" to
acquire exit status/code information for the invoked process.

My original plan was to propagate the exit code/status in "machinectl
shell" too, but this would mean we'd have to actively watch the shell's
runtime status, and thus would need full, highly privileged and
continious access to the container's system manager, the way
"systemd-run" does it. This would be quite a departure from the
simplistic, low-priviliged OpenShell() bus call implementation of the
current code, that really just acquires a PTY device with a shell
connected.

Moreover it would blur the lines between the two commands even further,
which I think is not desirable. Hence, from now on:

    "machinectl shell" is the full-session, interactive shell for human
    users

    "systemd-run -M …" is the low-level tool, that supports
    on-interactive mode, and is more configurable and suitable for
    streaming.

Fixes: #4215
2016-12-27 18:32:45 +01:00
Lennart Poettering
bd2ab3f4f6 seccomp: add two new filter sets: @reboot and @swap
These groupe reboot()/kexec() and swapon()/swapoff() respectively
2016-12-27 18:09:37 +01:00
Lucas Werkmeister
2dcf2a1724 man: minor improvements (#4981) 2016-12-25 12:14:00 +01:00
Felipe Sateler
99479986ea man: Align ExecStop= documentation with actual kill behavior (#4974)
The manpage claimed that ExecStop would be followed immediately by
SIGKILL, whereas the actual behavior is to go through KillMode= and
KillSignal= first.

Fixes #4490
2016-12-24 11:34:26 +01:00
Susant Sahani
42125eda21 networkd: Add example to create MACVTAP and attach it to a link (#4946)
Fixes: #4914
2016-12-23 18:09:29 +01:00
Susant Sahani
8f9a206b6c networkd: Rename ProxyARP to IPv4ProxyARP (#4947)
Rename the arp proxy option to IPv4ProxyARP= in order to clarify
its relationship to IPv4, and map to the various IPv6 options we have.

Fixes: #4768
2016-12-22 10:23:29 +01:00
Martin Pitt
4050e04b2c resolved: correctly handle non-address RR types with /etc/hosts lookups (#4808)
Fix wrong condition test in manager_etc_hosts_lookup(), which caused it to
return an IPv4 answer when an IPv6 question was asked, and vice versa.
Also only return success if we actually found any A or AAAA record.

In systemd-resolved.service(8), point out that /etc/hosts mappings only
affect address-type lookups, not other types.

The test case currently disables DNSSEC in resolved, as there is a bug
where "-t MX" fails due to "DNSSEC validation failed" even after
"downgrading to non-DNSSEC mode". This should be dropped once that bug
gets fixed.

Fixes #4801
2016-12-22 07:58:02 +01:00
Susant Sahani
eb64b435eb networkd: bond support primary slave and active slave (#4873)
active_slave:

Specifies the new active slave for modes that support it
(active-backup, balance-alb and balance-tlb).

primary slave:
systemd-networks currently lacks the capability to set the primary slave
in an
active-backup bonding. This is necessary if you prefer one interface
over the
other. A common example is a eth0-wlan0 bonding on a laptop where you'd
want to
switch to the wired connection whenever it's available.

Fixes: #2837
2016-12-21 19:10:36 +01:00
Lennart Poettering
e4b45b32e5 man: document that services need at least one of ExecStart= or ExecStop=
Fixes: #4521
2016-12-21 19:09:32 +01:00
Lennart Poettering
33fc1800d6 man: improve ShowStatus=/systemd.show_status=/--show-status= documentation
Fixes: #4928
2016-12-21 19:09:32 +01:00
Lennart Poettering
c0cee5f1e8 man: drop superfluous 'this' in man page 2016-12-21 19:09:31 +01:00
Lennart Poettering
2f3dfc6fb4 verity: add support for setting up verity-protected root disks in the initrd
This adds a generator and a small service that will look for "roothash="
on the kernel command line and use it for setting up a very partition
for the root device.

This provides similar functionality to nspawn's existing --roothash=
switch.
2016-12-21 19:09:30 +01:00
Lennart Poettering
91214a37ef fstab-generator: add support for volatile boots
This adds support for a new kernel command line option "systemd.volatile=" that
provides the same functionality that systemd-nspawn's --volatile= switch
provides, but for host systems (i.e. systems booting with a kernel).

It takes the same parameter and has the same effect.

In order to implement systemd.volatile=yes a new service
systemd-volatile-root.service is introduced that only runs in the initrd and
rearranges the root directory as needed to become a tmpfs instance. Note that
systemd.volatile=state is implemented different: it simply generates a
var.mount unit file that is part of the normal boot and has no effect on the
initrd execution.

The way this is implemented ensures that other explicit configuration for /var
can always override the effect of these options.  Specifically, the var.mount
unit is generated in the "late" generator directory, so that it only is in
effect if nothing else overrides it.
2016-12-21 19:09:29 +01:00
Lennart Poettering
1d84ad9445 util-lib: various improvements to kernel command line parsing
This improves kernel command line parsing in a number of ways:

a) An kernel option "foo_bar=xyz" is now considered equivalent to
   "foo-bar-xyz", i.e. when comparing kernel command line option names "-" and
   "_" are now considered equivalent (this only applies to the option names
   though, not the option values!). Most of our kernel options used "-" as word
   separator in kernel command line options so far, but some used "_". With
   this change, which was a source of confusion for users (well, at least of
   one user: myself, I just couldn't remember that it's systemd.debug-shell,
   not systemd.debug_shell). Considering both as equivalent is inspired how
   modern kernel module loading normalizes all kernel module names to use
   underscores now too.

b) All options previously using a dash for separating words in kernel command
   line options now use an underscore instead, in all documentation and in
   code. Since a) has been implemented this should not create any compatibility
   problems, but normalizes our documentation and our code.

c) All kernel command line options which take booleans (or are boolean-like)
   have been reworked so that "foobar" (without argument) is now equivalent to
   "foobar=1" (but not "foobar=0"), thus normalizing the handling of our
   boolean arguments. Specifically this means systemd.debug-shell and
   systemd_debug_shell=1 are now entirely equivalent.

d) All kernel command line options which take an argument, and where no
   argument is specified will now result in a log message. e.g. passing just
   "systemd.unit" will no result in a complain that it needs an argument. This
   is implemented in the proc_cmdline_missing_value() function.

e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key()
   that parses booleans (following the logic explained in c).

f) The proc_cmdline_parse() call's boolean argument has been replaced by a new
   flags argument that takes a common set of bits with proc_cmdline_get_key().

g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix.

h) There are now tests for much of this. Yay!
2016-12-21 19:09:08 +01:00
Susant Sahani
7dd6974c46 networkd: vxlan rename ARPProxy to ReduceARPProxy (#4891)
Fixes: #4768
2016-12-21 18:59:15 +01:00
Lennart Poettering
f582cbca00 firstboot: add kernel cmdline option to disable firstboot wizard
If booting with systemd.firstboot=0 the wizard will be skipped.
2016-12-20 20:00:09 +01:00
Baruch Siach
72d17ce680 man/journalctl: mention systemd-journal-remote(8) (#4929)
Make it easier to figure out how to use the journalctl export format.
2016-12-20 14:59:26 +01:00
Lennart Poettering
ce5cbd8679 Merge pull request #4904 from dobyrch/calendar-range-step
calendarspec: allow repetition values with ranges
2016-12-20 11:14:59 +01:00
Zbigniew Jędrzejewski-Szmek
117d5a27a3 Merge pull request #4845 from poettering/various-smaller-fixes
Various smaller fixes
2016-12-17 13:36:00 -05:00
Douglas Christman
a2eb5ea79c calendarspec: allow repetition values with ranges
"Every other hour from 9 until 5" can be written as
`9..17/2:00` instead of `9,11,13,15,17:00`
2016-12-16 19:27:33 -05:00
Franck Bui
ebc8968bc0 core: make mount units from /proc/self/mountinfo possibly bind to a device (#4515)
Since commit 9d06297, mount units from mountinfo are not bound to their devices
anymore (they use the "Requires" dependency instead).

This has the following drawback: if a media is mounted and the eject button is
pressed then the media is unconditionally ejected leaving some inconsistent
states.

Since udev is the component that is reacting (no matter if the device is used
or not) to the eject button, users expect that udev at least try to unmount the
media properly.

This patch introduces a new property "SYSTEMD_MOUNT_DEVICE_BOUND". When set on
a block device, all units that requires this device will see their "Requires"
dependency upgraded to a "BindTo" one. This is currently only used by cdrom
devices.

This patch also gives the possibility to the user to restore the previous
behavior that is bind a mount unit to a device. This is achieved by passing the
"x-systemd.device-bound" option to mount(8). Please note that currently this is
not working because libmount treats the x-* options has comments therefore
they're not available in utab for later application retrievals.
2016-12-16 17:13:58 +01:00
Lennart Poettering
33d2308c1f man: document that "systemctl show" shows low-level properties
Fixes: #4654
2016-12-14 18:29:30 +01:00
Lennart Poettering
951aba625e man: minor fixes for sd_journal_print(3)
When sd_journal_perror() was added some footers weren't updated accordingly.
Let's do so.

Fixes: #4755
2016-12-14 18:29:30 +01:00
Zbigniew Jędrzejewski-Szmek
f6f372d2f4 Add sd_is_socket_sockaddr (#4885)
Fixes #1188.
2016-12-14 11:51:26 +01:00
Lennart Poettering
d2d6c096f6 core: add ability to define arbitrary bind mounts for services
This adds two new settings BindPaths= and BindReadOnlyPaths=. They allow
defining arbitrary bind mounts specific to particular services. This is
particularly useful for services with RootDirectory= set as this permits making
specific bits of the host directory available to chrooted services.

The two new settings follow the concepts nspawn already possess in --bind= and
--bind-ro=, as well as the .nspawn settings Bind= and BindReadOnly= (and these
latter options should probably be renamed to BindPaths= and BindReadOnlyPaths=
too).

Fixes: #3439
2016-12-14 00:54:10 +01:00
Martin Pitt
142a1afbb9 Merge pull request #4771 from keszybz/udev-property-ordering
Udev property ordering
2016-12-12 16:03:52 +01:00
Zbigniew Jędrzejewski-Szmek
2a03116da2 man: two trivial formatting fixes 2016-12-11 17:17:17 -05:00
Zbigniew Jędrzejewski-Szmek
1eecafb8c1 man: use unicode ellipsis in more places
As requested in
https://github.com/systemd/systemd/pull/4864#pullrequestreview-12372557.

docbook will substitute triple dots for the ellipsis in man output, so this has
no effect on the troff output, only on HTML, making it infinitesimally nicer.

In some places we show output from programs, which use dots, and those places
should not be changed. In some tables, the alignment would change if dots were
changed to the ellipsis which is only one character. Since docbook replaces the
ellipsis automatically, we should leave those be. This patch changes all other
places.
2016-12-11 17:13:19 -05:00
Lennart Poettering
15ffcc3456 Merge pull request #4859 from keszybz/networkd
Networkd man page update and fixes for the fallout
2016-12-11 20:38:15 +01:00
Zbigniew Jędrzejewski-Szmek
330785f5ca basic/extract-word,man: clarify "correction" of invalid escapes
Our warning message was misleading, because we wouldn't "correct" anything,
we'd just ignore unkown escapes. Update the message.

Also, print just the extracted word (which contains the offending sequences) in
the message, instead of the whole line.

Fixes #4697.
2016-12-11 00:21:36 -05:00
Zbigniew Jędrzejewski-Szmek
1ac7a93574 Merge pull request #4835 from poettering/unit-name-printf
Various specifier resolution fixes.
2016-12-10 01:29:52 -05:00
Zbigniew Jędrzejewski-Szmek
4a5567d5d6 Merge pull request #4795 from poettering/dissect
Generalize image dissection logic of nspawn, and make it useful for other tools.
2016-12-10 01:08:13 -05:00
Zbigniew Jędrzejewski-Szmek
9e35b3de42 man: make the examples in systemd.network(5) more useful
We shouldn't just have snippets of configuration, but instead
examples which show all the parts necessary to build a certain kind
of setup, with short explanations.
2016-12-09 13:55:14 -05:00
Zbigniew Jędrzejewski-Szmek
9258a1cae3 Merge pull request #4686 from poettering/machine-id-app-specific
Add new "khash" API and add new sd_id128_get_machine_app_specific() function
2016-12-08 23:24:28 -05:00
Lennart Poettering
e332833f07 Merge pull request #4843 from joukewitteveen/protocol
Go through stop_post on failure (#4770)
2016-12-07 21:35:07 +01:00
David Michael
618b196e9d network: support negation in matching patterns (#4809) 2016-12-07 19:12:10 +01:00
Lennart Poettering
1b89b0c499 core: deprecate %c, %r, %R specifiers
%c and %r rely on settings made in the unit files themselves and hence resolve
to different values depending on whether they are used before or after Slice=.
Let's simply deprecate them and drop them from the documentation, as that's not
really possible to fix. Moreover they are actually redundant, as the same
information may always be queried from /proc/self/cgroup and /proc/1/cgroup.

(Accurately speaking, %R is actually not broken like this as it is constant.
However, let's remove all cgroup-related specifiers at once, as it is also
redundant, and doesn't really make much sense alone.)
2016-12-07 18:58:09 +01:00
Lennart Poettering
13e40f5a4c man: drop reference to %U being useless
This paragraph was a missed left-over from
79413b673b. Drop it now.
2016-12-07 18:47:32 +01:00
Lennart Poettering
58abb66f4b man: update the nspawn man page, and document what kind of dissection features we now support 2016-12-07 18:38:41 +01:00
Jouke Witteveen
a4e26faf33 man: fix $SERVICE_RESULT/$EXIT_CODE/$EXIT_STATUS documentation
Note that any exit code is available through $EXIT_STATUS and not through
$EXIT_CODE. This mimics siginfo.
2016-12-06 13:37:14 +01:00
Martin Ejdestig
95977da98c man: Document return value of event source prepare callback (#4834) 2016-12-05 23:42:41 +01:00
Torstein Husebø
06bf09af67 treewide: fix typos (#4802) 2016-12-02 09:20:26 -05:00
Zbigniew Jędrzejewski-Szmek
169f11d5da Merge pull request #4228 from dm0-/coreos-1554
networkd: support marking links unmanaged
2016-12-02 09:14:27 -05:00
Susant Sahani
7e3f4e7f3d networkd: VXLAN add better explanation for ARPProxy (#4781)
This closes #4768
2016-12-02 00:05:10 +01:00
David Michael
a09dc5467a networkd: support marking links unmanaged 2016-12-01 14:41:51 -08:00
Lennart Poettering
c7a4890ce4 nspawn: optionally, automatically allocated --bind=/--overlay source from /var/tmp
This extends the --bind= and --overlay= syntax so that an empty string as source/upper
directory is taken as request to automatically allocate a temporary directory
below /var/tmp, whose lifetime is bound to the nspawn runtime. In combination
with the "+" path extension this permits a switch "--overlay=+/var::/var" in
order to use the container's shipped /var, combine it with a writable temporary
directory and mount it to the runtime /var of the container.
2016-12-01 12:41:18 +01:00
Lennart Poettering
86c0dd4a71 nspawn: permit prefixing of source paths in --bind= and --overlay= with "+"
If a source path is prefixed with "+" it is taken relative to the container's
root directory instead of the host. This permits easily establishing bind and
overlay mounts based on data from the container rather than the host.

This also reworks custom_mounts_prepare(), and turns it into two functions: one
custom_mount_check_all() that remains in nspawn.c but purely verifies the
validity of the custom mounts configured. And one called
custom_mount_prepare_all() that actually does the preparation step, sorts the
custom mounts, resolves relative paths, and allocates temporary directories as
necessary.
2016-12-01 12:41:18 +01:00
Lennart Poettering
7b4318b6a5 nspawn: add ability to configure overlay mounts to .nspawn files
Fixes: #4634
2016-12-01 12:41:17 +01:00
Zbigniew Jędrzejewski-Szmek
dc17ee3d6e man: describe overriding of entries in hwdb files 2016-11-30 15:51:13 -05:00
Evgeny Vereshchagin
97506e85e2 Merge pull request #4745 from joukewitteveen/notify
Improvements for notify services (including #4212)
2016-11-30 03:22:07 +03:00
Jouke Witteveen
6375bd2007 service: new NotifyAccess= value for control processes (#4212)
Setting NotifyAccess=exec allows notifications coming directly from any
control process.
2016-11-29 23:20:04 +01:00
Jouke Witteveen
7ed0a4c537 bus-util: add protocol error type explanation 2016-11-29 23:19:52 +01:00
Lennart Poettering
70fc4f5790 sd-id128: add new sd_id128_get_machine_app_specific() API
This adds an API for retrieving an app-specific machine ID to sd-id128.
Internally it calculates HMAC-SHA256 with an 128bit app-specific ID as payload
and the machine ID as key.

(An alternative would have been to use siphash for this, which is also
cryptographically strong. However, as it only generates 64bit hashes it's not
an obvious choice for generating 128bit IDs.)

Fixes: #4667
2016-11-29 15:13:00 +01:00
Zbigniew Jędrzejewski-Szmek
953bf4604f units: add system-update-cleanup.service to guard against offline-update loops
Note: the name is "system-update-cleanup.service" rather than
"system-update-done.service", because it should not run normally, and also
because there's already "systemd-update-done.service", and having them named
so similarly would be confusing.

In https://bugzilla.redhat.com/show_bug.cgi?id=1395686 the system repeatedly
entered system-update.target on boot. Because of a packaging issue, the tool
that created the /system-update symlink could be installed without the service
unit that was supposed to perform the upgrade (and remove the symlink). In
fact, if there are no units in system-update.target, and /system-update symlink
is created, systemd always "hangs" in system-update.target. This is confusing
for users, because there's no feedback what is happening, and fixing this
requires starting an emergency shell somehow, and also knowing that the symlink
must be removed. We should be more resilient in this case, and remove the
symlink automatically ourselves, if there are no upgrade service to handle it.

This adds a service which is started after system-update.target is reached and
the symlink still exists. It nukes the symlink and reboots the machine. It
should subsequently boot into the default default.target.

This is a more general fix for
https://bugzilla.redhat.com/show_bug.cgi?id=1395686 (the packaging issue was
already fixed).
2016-11-29 01:40:34 -05:00
Zbigniew Jędrzejewski-Szmek
2b656050b6 man: update the description of offline updates
- use "service" instead of "script", because various offline updaters that we have
  aren't really scripts, e.g. dnf-plugin-system-upgrade, packagekit-offline-update,
 fwupd-offline-update.
- strongly recommend After=sysinit.target, Wants=sysinit.target
- clarify a bit what should happen when multiple update services are started
- replace links to the wiki with refs to the man page that replaced it.
2016-11-29 01:40:34 -05:00
(GalaxyMaster)
dc3b8afb93 socket-proxyd: Introduced dynamic connection limit via an option. (#4749) 2016-11-28 18:25:11 +01:00
Douglas Christman
9904dc00e7 calendarspec: make specifications with ranges reversible
"*-*-01..03" is now formatted as "*-*-01..03" instead of "*-*-01,02,03"
2016-11-24 18:40:14 -05:00
Jouke Witteveen
e0c7d5f7be man: document protocol error type for service failures (#4724) 2016-11-23 22:51:33 +01:00
Douglas Christman
8ea803516e calendarspec: add support for scheduling timers at the end of the month
"*-*~1"       => The last day of every month
"*-02~3..5"   => The third, fourth, and fifth last days in February
"Mon 05~07/1" => The last Monday in May

Resolves #3861
2016-11-23 12:37:43 -05:00
Zbigniew Jędrzejewski-Szmek
ee43050b40 Merge pull request #4692 from poettering/networkd-dhcp
Various networkd/DHCP fixes.
2016-11-22 23:22:04 -05:00
Janne Heß
6d9e45e97f Document an edge-case with resume and mounting (#4581)
When trying to read keyfiles from an encrypted partition to unlock the swap,
a cyclic dependency is generated because systemd can not mount the
filesystem before it has checked if there is a swap to resume from.

Closes #3940
2016-11-22 23:19:56 -05:00
Lennart Poettering
17cbb288fa nspawn: add fallback top normal copy/reflink when we cannot btrfs snapshot
Given that other file systems (notably: xfs) support reflinks these days, let's
extend the file system snapshotting logic to fall back to plan copies or
reflinks when full btrfs subvolume snapshots are not available.

This essentially makes "systemd-nspawn --ephemeral" and "systemd-nspawn
--template=" available on non-btrfs subvolumes. Of course, both operations will
still be slower on non-btrfs than on btrfs (simply because reflinking each file
individually in a directory tree is still slower than doing this in one step
for a whole subvolume), but it's probably good enough for many cases, and we
should provide the users with the tools, they have to figure out what's good
for them.

Note that "machinectl clone" already had a fallback like this in place, this
patch generalizes this, and adds similar support to our other cases.
2016-11-22 13:35:09 +01:00
Lennart Poettering
0f3be6ca4d nspawn: support ephemeral boots from images
Previously --ephemeral was only supported with container trees in btrfs
subvolumes (i.e. in combination with --directory=). This adds support for
--ephemeral in conjunction with disk images (i.e. --image=) too.

As side effect this fixes that --ephemeral was accepted but ignored when using
-M on a container that turned out to be an image.

Fixes: #4664
2016-11-22 13:35:09 +01:00
Lennart Poettering
1a1b13c957 seccomp: add @filesystem syscall group (#4537)
@filesystem groups various file system operations, such as opening files and
directories for read/write and stat()ing them, plus renaming, deleting,
symlinking, hardlinking.
2016-11-21 19:29:12 -05:00
Lennart Poettering
640be8806e man: make /etc/nsswitch.conf documentation for nss-resolve match example
Fixes: #4683
2016-11-21 22:58:27 +01:00
Lennart Poettering
2e6dbc0fcd Merge pull request #4538 from fbuihuu/confirm-spawn-fixes
Confirm spawn fixes/enhancements
2016-11-18 11:08:06 +01:00
Franck Bui
7d5ceb6416 core: allow to redirect confirmation messages to a different console
It's rather hard to parse the confirmation messages (enabled with
systemd.confirm_spawn=true) amongst the status messages and the kernel
ones (if enabled).

This patch gives the possibility to the user to redirect the confirmation
message to a different virtual console, either by giving its name or its path,
so those messages are separated from the other ones and easier to read.
2016-11-17 18:16:16 +01:00
Lennart Poettering
5327c910d2 namespace: simplify, optimize and extend handling of mounts for namespace
This changes a couple of things in the namespace handling:

It merges the BindMount and TargetMount structures. They are mostly the same,
hence let's just use the same structue, and rely on C's implicit zero
initialization of partially initialized structures for the unneeded fields.

This reworks memory management of each entry a bit. It now contains one "const"
and one "malloc" path. We use the former whenever we can, but use the latter
when we have to, which is the case when we have to chase symlinks or prefix a
root directory. This means in the common case we don't actually need to
allocate any dynamic memory. To make this easy to use we add an accessor
function bind_mount_path() which retrieves the right path string from a
BindMount structure.

While we are at it, also permit "+" as prefix for dirs configured with
ReadOnlyPaths= and friends: if specified the root directory of the unit is
implicited prefixed.

This also drops set_bind_mount() and uses C99 structure initialization instead,
which I think is more readable and clarifies what is being done.

This drops append_protect_kernel_tunables() and
append_protect_kernel_modules() as append_static_mounts() is now simple enough
to be called directly.

Prefixing with the root dir is now done in an explicit step in
prefix_where_needed(). It will prepend the root directory on each entry that
doesn't have it prefixed yet. The latter is determined depending on an extra
bit in the BindMount structure.
2016-11-17 18:08:32 +01:00
Lennart Poettering
82948f6c8e systemctl: show waiting jobs when "systemctl list-jobs --after/--before" is called
Let's expose the new bus functions we added in the previous commit in
systemctl.
2016-11-16 17:01:46 +01:00
Djalal Harouni
8526555680 doc: move ProtectKernelModules= documentation near ProtectKernelTunalbes= 2016-11-15 15:04:41 +01:00
Djalal Harouni
a7db8614f3 doc: note when no new privileges is implied 2016-11-15 15:04:35 +01:00
Lucas Werkmeister
b793ddfa6c man: add Itanium root GUID to table (#4656)
This GUID was added in #2263, but the manpage was not updated.
2016-11-11 22:25:32 -05:00
Christian Hesse
110773f6c9 fstab-generator: add x-systemd.mount-timeout (#4603)
This adds a new systemd fstab option x-systemd.mount-timeout. The option
adds a timeout value that specifies how long systemd waits for the mount
command to finish. It allows to mount huge btrfs volumes without issues.

This is equivalent to adding option TimeoutSec= to [Mount] section in a
mount unit file.

fixes #4055
2016-11-11 09:08:57 -05:00
Zbigniew Jędrzejewski-Szmek
d48bb46b5a man: update machine-id(5) with a note about privacy (#4645) 2016-11-11 13:31:52 +01:00
Susant Sahani
9faed222fc networkd: support setting dhcp client listen port (#4631)
Allow setting custom port for the DHCP client to listen on in networkd.

[DHCP]
ListenPort=6677
2016-11-10 18:34:19 -05:00
Lucas Werkmeister
6d24947638 man: mention start rate limiting in Restart= doc (#4637) 2016-11-10 18:20:44 -05:00
Susant Sahani
a39f92d391 Link: port to new ethtool ETHTOOL_xLINKSETTINGS
Link: port to new ethtool ETHTOOL_xLINKSETTINGS
This patch defines a new ETHTOOL_GLINKSETTINGS/SLINKSETTINGS API,
handled by the new get_link_ksettings/set_link_ksettings .

This is a WIP version based on this [kernel
patch](https://patchwork.kernel.org/patch/8411401/).

commit 0527f1c

3f1ac7a700ommit
35afb33
2016-11-10 15:12:56 +05:30
Jonathan Boulle
fa000db391 man/sd_watchdog_enabled: correct minor typos (#4632) 2016-11-09 17:30:10 +01:00
Zbigniew Jędrzejewski-Szmek
d85a0f8028 Merge pull request #4536 from poettering/seccomp-namespaces
core: add new RestrictNamespaces= unit file setting

Merging, not rebasing, because this touches many files and there were tree-wide cleanups in the mean time.
2016-11-08 19:54:21 -05:00
Yu Watanabe
b719b26cb3 man: fix typo (#4615) 2016-11-08 10:51:35 +01:00
Zbigniew Jędrzejewski-Szmek
ed7fd549d0 man: add an example how to unconditionally empty a directory (#4570)
It was logical, but not entirely obvious, that 'e' with no arguments does
nothing. Expand the explanation a bit and add an example.

Fixes #4564.
2016-11-08 09:39:10 +01:00
Lennart Poettering
add005357d core: add new RestrictNamespaces= unit file setting
This new setting permits restricting whether namespaces may be created and
managed by processes started by a unit. It installs a seccomp filter blocking
certain invocations of unshare(), clone() and setns().

RestrictNamespaces=no is the default, and does not restrict namespaces in any
way. RestrictNamespaces=yes takes away the ability to create or manage any kind
of namspace. "RestrictNamespaces=mnt ipc" restricts the creation of namespaces
so that only mount and IPC namespaces may be created/managed, but no other
kind of namespaces.

This setting should be improve security quite a bit as in particular user
namespacing was a major source of CVEs in the kernel in the past, and is
accessible to unprivileged processes. With this setting the entire attack
surface may be removed for system services that do not make use of namespaces.
2016-11-04 07:40:13 -06:00
Zbigniew Jędrzejewski-Szmek
c4c50112ec man: update kernel-install(8) to match reality (#4563) 2016-11-04 06:40:58 -06:00
Zbigniew Jędrzejewski-Szmek
cf88547034 Merge pull request #4548 from keszybz/seccomp-help
systemd-analyze syscall-filter
2016-11-03 20:27:45 -04:00
Kees Cook
d974f949f1 doc: clarify NoNewPrivileges (#4562)
Setting no_new_privs does not stop UID changes, but rather blocks
gaining privileges through execve(). Also fixes a small typo.
2016-11-03 20:26:59 -04:00
Zbigniew Jędrzejewski-Szmek
d5efc18b60 seccomp-util, analyze: export comments as a help string
Just to make the whole thing easier for users.
2016-11-03 09:35:36 -04:00
Zbigniew Jędrzejewski-Szmek
869feb3388 analyze: add syscall-filter verb
This should make it easier for users to understand what each filter
means as the list of syscalls is updated in subsequent systemd versions.
2016-11-03 09:35:35 -04:00
Lucas Werkmeister
0cc6064c3c man: fix two typos (is → are) (#4544) 2016-11-02 18:10:29 -06:00
Lennart Poettering
31887c73b9 Merge pull request #4456 from keszybz/stored-fds
Preserve stored fds over service restart
2016-11-02 16:29:04 -06:00
Lennart Poettering
2ca8dc15f9 man: document that too strict system call filters may affect the service manager
If execve() or socket() is filtered the service manager might get into trouble
executing the service binary, or handling any failures when this fails. Mention
this in the documentation.

The other option would be to implicitly whitelist all system calls that are
required for these codepaths. However, that appears less than desirable as this
would mean socket() and many related calls have to be whitelisted
unconditionally. As writing system call filters requires a certain level of
expertise anyway it sounds like the better option to simply document these
issues and suggest that the user disables system call filters in the service
temporarily in order to debug any such failures.

See: #3993.
2016-11-02 08:55:24 -06:00
Lennart Poettering
133ddbbeae seccomp: add two new syscall groups
@resources contains various syscalls that alter resource limits and memory and
scheduling parameters of processes. As such they are good candidates to block
for most services.

@basic-io contains a number of basic syscalls for I/O, similar to the list
seccomp v1 permitted but slightly more complete. It should be useful for
building basic whitelisting for minimal sandboxes
2016-11-02 08:50:00 -06:00
Lennart Poettering
aa6b9cec88 man: two minor fixes 2016-11-02 08:50:00 -06:00
Lennart Poettering
cd5bfd7e60 seccomp: include pipes and memfd in @ipc
These system calls clearly fall in the @ipc category, hence should be listed
there, simply to avoid confusion and surprise by the user.
2016-11-02 08:50:00 -06:00
Lennart Poettering
a8c157ff30 seccomp: drop execve() from @process list
The system call is already part in @default hence implicitly allowed anyway.
Also, if it is actually blocked then systemd couldn't execute the service in
question anymore, since the application of seccomp is immediately followed by
it.
2016-11-02 08:49:59 -06:00
Lennart Poettering
c79aff9a82 seccomp: add clock query and sleeping syscalls to "@default" group
Timing and sleep are so basic operations, it makes very little sense to ever
block them, hence don't.
2016-11-02 08:49:59 -06:00
Zbigniew Jędrzejewski-Szmek
aa34055ffb seccomp: allow specifying arm64, mips, ppc (#4491)
"Secondary arch" table for mips is entirely speculative…
2016-11-01 09:33:18 -06:00
Jakub Wilk
b17649ee5e man: fix typos (#4527) 2016-10-31 08:08:08 -04:00
George Hilliard
52028838a1 Implement VeraCrypt volume handling in crypttab (#4501)
This introduces a new option, `tcrypt-veracrypt`, that sets the
corresponding VeraCrypt flag in the flags passed to cryptsetup.
2016-10-30 10:25:31 -04:00
Lucas Werkmeister
8bb36a1122 man: make systemd-escape examples more consistent
The first example wasn't phrased with "To ..." as the other three are,
and the last example was lacking the colon.
2016-10-30 02:44:07 +02:00
Lucas Werkmeister
918737f365 man: add missing period 2016-10-30 02:43:17 +02:00
Lucas Werkmeister
c7a7f78bb0 man: improve systemd-escape --path description
The option does more than the documentation gave it credit for.
2016-10-30 02:42:22 +02:00
Zbigniew Jędrzejewski-Szmek
99bdcdc7fc man: add a note that FDSTORE=1 requires epoll-compatible fds
Let's say that this was not obvious from our man page.
2016-10-28 22:45:05 -04:00
Djalal Harouni
fa1f250d6f Merge pull request #4495 from topimiettinen/block-shmat-exec
seccomp: also block shmat(..., SHM_EXEC) for MemoryDenyWriteExecute
2016-10-28 15:41:07 +02:00
Martin Pitt
1740c5a807 Merge pull request #4458 from keszybz/man-nonewprivileges
Document NoNewPrivileges default value
2016-10-28 15:35:29 +02:00
Michal Sekletar
4f985bd802 udev: allow substitutions for SECLABEL key (#4505) 2016-10-28 12:09:14 +02:00
Evgeny Vereshchagin
492466c1b5 Merge pull request #4442 from keszybz/detect-virt-userns
detect-virt: add --private-users switch to check if a userns is active; add Condition=private-users
2016-10-27 13:16:16 +03:00
Zbigniew Jędrzejewski-Szmek
299a34c11a detect-virt: add --private-users switch to check if a userns is active
Various things don't work when we're running in a user namespace, but it's
pretty hard to reliably detect if that is true.

A function is added which looks at /proc/self/uid_map and returns false
if the default "0 0 UINT32_MAX" is found, and true if it finds anything else.
This misses the case where an 1:1 mapping with the full range was used, but
I don't know how to distinguish this case.

'systemd-detect-virt --private-users' is very similar to
'systemd-detect-virt --chroot', but we check for a user namespace instead.
2016-10-26 20:12:51 -04:00
Michal Soltys
808b95ef82 vconsole: manual update (#4021)
To more correctly reflect current behaviour as well as to provide
a few more details.
2016-10-26 19:21:02 -04:00
Topi Miettinen
d2ffa389b8 seccomp: also block shmat(..., SHM_EXEC) for MemoryDenyWriteExecute
shmat(..., SHM_EXEC) can be used to create writable and executable
memory, so let's block it when MemoryDenyWriteExecute is set.
2016-10-26 18:59:14 +03:00
Lucas Werkmeister
d4a48671bc man: document that systemctl cat shows file content (#4488)
... and that that content might be outdated.
2016-10-25 20:40:21 -04:00
Martin Pitt
f70ebf1ce3 Merge pull request #4474 from poettering/nsswitch
various nss module/resolved fixes
2016-10-25 08:13:07 +02:00
Zbigniew Jędrzejewski-Szmek
74388c2d11 man: document the default value of NoNewPrivileges=
Fixes #4329.
2016-10-24 23:45:57 -04:00
Martin Ejdestig
f2e5f466cb man: Fix event source priority enum names in synopsis (#4478) 2016-10-25 00:30:26 +02:00
Lennart Poettering
75555c2824 man: sync up the suggested nsswitch.conf configuration for our four NSS modules
This unifies the suggested nsswitch.conf configuration for our four NSS modules to this:

    hosts: files mymachines resolve [!UNAVAIL=return] dns myhostname

Note that this restores "myhostname" to the suggested configuration of
nss-resolve for the time being, undoing 4484e1792b.

"myhostname" should probably be dropped eventually, but when we do this we
should do it in full, and not only drop it from the suggested nsswitch.conf
for one of the modules, but also drop it in source and stop referring to it
altogether.

Note that nss-resolve doesn't replace nss-myhostname in full: the former only
works if D-Bus/resolved is available for resolving the local hostname, the
latter works in all cases even if D-Bus or resolved are not in operation, hence
there's some value in keeping the line as it is right now. Note that neither
dns nor myhostname are considered at all with the above configuration unless
the resolve module actually returns UNAVAIL. Thus, even though handling of
local hostname resolving is implemented twice this way it is only executed once
for each lookup.
2016-10-24 19:04:43 +02:00
Lennart Poettering
229ba9fd57 Merge pull request #4459 from keszybz/commandline-parsing
Commandline parsing simplification and udev fix
2016-10-24 17:20:37 +02:00
Jan Synacek
3b3557c410 shared, systemctl: teach is-enabled to show installation targets
It may be desired by users to know what targets a particular service is
installed into. Improve user friendliness by teaching the is-enabled
command to show such information when used with --full.

This patch makes use of the newly added UnitFileFlags and adds
UNIT_FILE_DRY_RUN flag into it. Since the API had already been modified,
it's now easy to add the new dry-run feature for other commands as
well. As a next step, --dry-run could be added to systemctl, which in
turn might pave the way for a long requested dry-run feature when
running systemctl start.
2016-10-24 10:19:08 +02:00
Zbigniew Jędrzejewski-Szmek
7d78f7cea8 Merge pull request #4428 from lnykryn/ctrl_v2
rename failure-action to emergency-action and use it for ctrl+alt+del burst
2016-10-22 23:16:11 -04:00
Zbigniew Jędrzejewski-Szmek
5707ecf300 journald: convert journald to use parse_proc_cmdline
This makes journald use the common option parsing functionality.
One behavioural change is implemented:
"systemd.journald.forward_to_syslog" is now equivalent to
"systemd.journald.forward_to_syslog=1".
I think it's nicer to use this way.
2016-10-22 14:38:10 -04:00
Umut Tezduyar Lindskog
863a5610c7 journald: systemd.journald.max_level_* kernel command line options (#4427)
The log forward levels can be configured through kernel command line.
2016-10-21 19:40:55 -04:00
Lukas Nykryn
ae8c7939df core: use emergency_action for ctr+alt+del burst
Fixes #4306
2016-10-21 15:13:50 +02:00
Lennart Poettering
47da760efd man: document default for User=
Replaces: #4375
2016-10-20 13:21:25 +02:00
Lennart Poettering
e9c880dd2c man: one more cgroup wording fix 2016-10-20 13:12:53 +02:00
Lennart Poettering
332c0d48a9 Merge pull request #4417 from keszybz/man-and-rlimit
Two unrelated patches: man page tweaks and rlimit log levels
2016-10-20 13:10:37 +02:00
Lucas Werkmeister
4cf13011fe man: document dependencies implied by Sockets= (#4412)
Fixes #4410. Also includes two minor improvements to the previous
sentence.
2016-10-19 23:21:26 +02:00
Lennart Poettering
e6fa8681dc Merge pull request #4390 from keszybz/install-specifiers
Various install-related tweaks
2016-10-19 21:33:32 +02:00
Luca Bruno
52c239d770 core/exec: add a named-descriptor option ("fd") for streams (#4179)
This commit adds a `fd` option to `StandardInput=`,
`StandardOutput=` and `StandardError=` properties in order to
connect standard streams to externally named descriptors provided
by some socket units.

This option looks for a file descriptor named as the corresponding
stream. Custom names can be specified, separated by a colon.
If multiple name-matches exist, the first matching fd will be used.
2016-10-17 20:05:49 -04:00
Zbigniew Jędrzejewski-Szmek
caf15ff01e man: add a note that NULL "s" arg for sd_bus_message_append 2016-10-17 12:22:44 -04:00
Lennart Poettering
c7458f9399 man: avoid abbreviated "cgroups" terminology (#4396)
Let's avoid the overly abbreviated "cgroups" terminology. Let's instead write:

"Linux Control Groups (cgroups)" is the long form wherever the term is
introduced in prose. Use "control groups" in the short form wherever the term
is used within brief explanations.

Follow-up to: #4381
2016-10-17 09:50:26 -04:00
Zbigniew Jędrzejewski-Szmek
9b914a9d6b man: mention that systemctl --root=/ operates on the fs directly 2016-10-17 02:26:42 -04:00
Martin Pitt
9e7727521f Merge pull request #4381 from keszybz/man-pages 2016-10-17 06:56:22 +02:00
Martin Ejdestig
6d6e4ddd3d man: document sd_event_get_tid() return value (#4385) 2016-10-16 10:25:34 -04:00
Zbigniew Jędrzejewski-Szmek
d0d5f0f778 man: drop discouragment of runtime and vendor drop-ins
In certain situations drop-ins in /usr/lib/ are useful, for example when one package
wants to modify the behaviour of another package, or the vendor wants to tweak some
upstream unit without patching.

Drop-ins in /run are useful for testing, and may also be created by systemd itself.

Follow-up for the discussion in #2103.
2016-10-15 18:45:18 -04:00
Zbigniew Jędrzejewski-Szmek
50e666288b man: add journal-upload.conf(5)
Fixes #3370.
2016-10-15 18:45:18 -04:00
Zbigniew Jędrzejewski-Szmek
a8d46a1663 man: add notes about thread safety of sd_journal_* functions
Fixes #4056.
2016-10-15 18:38:20 -04:00
Zbigniew Jędrzejewski-Szmek
74b47bbd5d man: add crosslink between systemd.resource-control(5) and systemd.exec(5)
Fixes #4379.
2016-10-15 18:38:20 -04:00
Tejun Heo
7d862ab8c2 core: make settings for unified cgroup hierarchy supersede the ones for legacy hierarchy (#4269)
There are overlapping control group resource settings for the unified and
legacy hierarchies.  To help transition, the settings are translated back and
forth.  When both versions of a given setting are present, the one matching the
cgroup hierarchy type in use is used.  Unfortunately, this is more confusing to
use and document than necessary because there is no clear static precedence.

Update the translation logic so that the settings for the unified hierarchy are
always preferred.  systemd.resource-control man page is updated to reflect the
change and reorganized so that the deprecated settings are at the end in its
own section.
2016-10-14 21:07:16 -04:00
Lennart Poettering
8bfdf29b24 Merge pull request #4243 from endocode/djalal/sandbox-first-protection-kernelmodules-v1
core:sandbox: Add ProtectKernelModules= and some fixes
2016-10-13 18:36:29 +02:00
Thomas Hindoe Paaboel Andersen
2dd678171e man: typo fixes
A mix of fixes for typos and UK english
2016-10-12 23:02:44 +02:00
Djalal Harouni
c575770b75 core:sandbox: lets make /lib/modules/ inaccessible on ProtectKernelModules=
Lets go further and make /lib/modules/ inaccessible for services that do
not have business with modules, this is a minor improvment but it may
help on setups with custom modules and they are limited... in regard of
kernel auto-load feature.

This change introduce NameSpaceInfo struct which we may embed later
inside ExecContext but for now lets just reduce the argument number to
setup_namespace() and merge ProtectKernelModules feature.
2016-10-12 14:11:16 +02:00
Djalal Harouni
ac246d9868 doc: minor hint about InaccessiblePaths= in regard of ProtectKernelTunables= 2016-10-12 13:52:40 +02:00
Djalal Harouni
2cd0a73547 core:sandbox: remove CAP_SYS_RAWIO on PrivateDevices=yes
The rawio system calls were filtered, but CAP_SYS_RAWIO allows to access raw
data through /proc, ioctl and some other exotic system calls...
2016-10-12 13:39:49 +02:00
Djalal Harouni
502d704e5e core:sandbox: Add ProtectKernelModules= option
This is useful to turn off explicit module load and unload operations on modular
kernels. This option removes CAP_SYS_MODULE from the capability bounding set for
the unit, and installs a system call filter to block module system calls.

This option will not prevent the kernel from loading modules using the module
auto-load feature which is a system wide operation.
2016-10-12 13:31:21 +02:00
Zbigniew Jędrzejewski-Szmek
56b4c80b42 Merge pull request #4348 from poettering/docfixes
Various smaller documentation fixes.
2016-10-11 13:49:15 -04:00
Zbigniew Jędrzejewski-Szmek
b744e8937c Merge pull request #4067 from poettering/invocation-id
Add an "invocation ID" concept to the service manager
2016-10-11 13:40:50 -04:00
Lennart Poettering
f4c9356d13 man: beef up documentation on per-unit resource limits a bit
Let's clarify that for user services some OS-defined limits bound the settings
in the unit files.

Fixes: #4232
2016-10-11 18:42:22 +02:00
Lennart Poettering
6dcda09cbf man: document that Type=idle is subject to a 5s time-out
Fixes: #4116
2016-10-11 18:01:54 +02:00
Lennart Poettering
2cdbbc9a34 man: avoid using the term "loaded" for units currently in memory, since we also have a unit state of that name
Fixes: #3971
2016-10-11 17:55:04 +02:00
Lennart Poettering
6e16066e8e man: expand the documentation of $SYSTEMD_PAGER and related environment variables
Document the default pagers used, as well as $SYSTEMD_LESSCHARSET.

Fixes: #4143
2016-10-11 17:45:49 +02:00
Lucas Werkmeister
19f0cf65c9 man: update unit type count (#4339)
It seems that this count was not updated when snapshot units were
removed in #1841.
2016-10-10 20:27:09 -04:00
Dan Dedrick
6f157e4e4f journal-remote: fix up misleading man page
The --no-seal and --no-compress options were dropped and replaced with
boolean functionality. This syncs the man page with the code.
2016-10-10 15:11:01 -04:00
Susant Sahani
53c06862c1 networkd: rename Rename CheckSum → Checksum (#4312) 2016-10-10 19:52:12 +02:00
Zbigniew Jędrzejewski-Szmek
ae209204d8 nspawn,man: fix parsing of numeric args for --private-users, accept any boolean
This is like the previous reverted commit, but any boolean is still accepted,
not just "yes" and "no". Man page is adjusted to match the code.
2016-10-10 11:55:06 -04:00
Zbigniew Jędrzejewski-Szmek
6265bde205 man: describe how to reverse systemd-nspawn -U
Now that systemd-nspawn@.service includes -U, more users might be interested
in this tidbit ;)
2016-10-09 18:24:56 -04:00
Susant Sahani
e63be0847c networkd: address add support to configure flags (#4201)
This patch enables to configure

IFA_F_HOMEADDRESS
IFA_F_NODAD
IFA_F_MANAGETEMPADDR
IFA_F_NOPREFIXROUTE
IFA_F_MCAUTOJOIN
2016-10-08 13:05:41 +02:00
Lennart Poettering
3157b2d9d2 Merge pull request #4061 from dm0-/coreos-1545
resolved: add an option to disable the stub resolver
2016-10-07 23:38:03 +02:00
David Michael
1ae4329575 resolved: add an option to control the DNS stub listener 2016-10-07 12:14:38 -07:00
Lennart Poettering
3dbea941d2 man: update sd-id128(3) a bit
Let's add documentation about SD_ID128_NULL and sd_id128_is_null().

Let's also indent our examples by 8chs, as is generally our coding style.
2016-10-07 20:14:38 +02:00
Lennart Poettering
4b58153dd2 core: add "invocation ID" concept to service manager
This adds a new invocation ID concept to the service manager. The invocation ID
identifies each runtime cycle of a unit uniquely. A new randomized 128bit ID is
generated each time a unit moves from and inactive to an activating or active
state.

The primary usecase for this concept is to connect the runtime data PID 1
maintains about a service with the offline data the journal stores about it.
Previously we'd use the unit name plus start/stop times, which however is
highly racy since the journal will generally process log data after the service
already ended.

The "invocation ID" kinda matches the "boot ID" concept of the Linux kernel,
except that it applies to an individual unit instead of the whole system.

The invocation ID is passed to the activated processes as environment variable.
It is additionally stored as extended attribute on the cgroup of the unit. The
latter is used by journald to automatically retrieve it for each log logged
message and attach it to the log entry. The environment variable is very easily
accessible, even for unprivileged services. OTOH the extended attribute is only
accessible to privileged processes (this is because cgroupfs only supports the
"trusted." xattr namespace, not "user."). The environment variable may be
altered by services, the extended attribute may not be, hence is the better
choice for the journal.

Note that reading the invocation ID off the extended attribute from journald is
racy, similar to the way reading the unit name for a logging process is.

This patch adds APIs to read the invocation ID to sd-id128:
sd_id128_get_invocation() may be used in a similar fashion to
sd_id128_get_boot().

PID1's own logging is updated to always include the invocation ID when it logs
information about a unit.

A new bus call GetUnitByInvocationID() is added that allows retrieving a bus
path to a unit by its invocation ID. The bus path is built using the invocation
ID, thus providing a path for referring to a unit that is valid only for the
current runtime cycleof it.

Outlook for the future: should the kernel eventually allow passing of cgroup
information along AF_UNIX/SOCK_DGRAM messages via a unique cgroup id, then we
can alter the invocation ID to be generated as hash from that rather than
entirely randomly. This way we can derive the invocation race-freely from the
messages.
2016-10-07 20:14:38 +02:00
Susant Sahani
1644102735 networkd: remote checksum offload for vxlan (#4110)
This patch adds support to remote checksum checksum offload to VXLAN.
This patch adds RemoteCheckSumTx and RemoteCheckSumRx vxlan configuration
to enable remote checksum offload for transmit and receive on the VXLAN tunnel.
2016-10-07 09:46:18 -04:00
Lukáš Nykrýn
24dd31c19e core: add possibility to set action for ctrl-alt-del burst (#4105)
For some certification, it should not be possible to reboot the machine through ctrl-alt-delete. Currently we suggest our customers to mask the ctrl-alt-delete target, but that is obviously not enough.

Patching the keymaps to disable that is really not a way to go for them, because the settings need to be easily checked by some SCAP tools.
2016-10-06 21:08:21 -04:00
hbrueckner
6abfd30372 seccomp: add support for the s390 architecture (#4287)
Add seccomp support for the s390 architecture (31-bit and 64-bit)
to systemd.

This requires libseccomp >= 2.3.1.
2016-10-05 13:58:55 +02:00
Martin Pitt
bbe4743ba7 Merge pull request #4273 from keszybz/docs
Routing-domains-manpage tweak and NEWS update
2016-10-04 15:34:08 +02:00
Stefan Schweter
cfaf4b75e0 man: remove consecutive duplicate words (#4268)
This PR removes consecutive duplicate words from the man pages of:

* `resolved.conf.xml`
* `systemd.exec.xml`
* `systemd.socket.xml`
2016-10-03 17:09:54 +02:00
Zbigniew Jędrzejewski-Szmek
2df225294f man: rework the explanation of Domains=
Put more emphasis on the routing part. This is the more interesting
thing, and also more complicated and novel.

Explain "search domains" as the special case. Also explain the effect of
~. in more detail.
2016-10-03 07:36:59 -04:00
Zbigniew Jędrzejewski-Szmek
ba9fa3bc48 man: fix indentation in table
<entry>-ies must be a single line of text. Otherwise docbook does strange
things to the indentation.
2016-10-03 07:36:59 -04:00
Zbigniew Jędrzejewski-Szmek
d941ea22e3 analyze-verify: honour $SYSTEMD_UNIT_PATH, allow system paths to be ignored
SYSTEMD_UNIT_PATH=foobar: systemd-analyze verify barbar/unit.service
will load units from barbar/, foobar/, /etc/systemd/system/, etc.

SYSTEMD_UNIT_PATH= systemd-analyze verify barbar/unit.service
will load units only from barbar/, which is useful e.g. when testing
systemd's own units on a system with an older version of systemd installed.
2016-10-01 22:53:17 +02:00
Martin Pitt
93a0884126 systemctl: Add --wait option to wait until started units terminate again
Fixes #3830
2016-10-01 17:58:59 +02:00
Stefan Schweter
c49b50113e man: update mx record example (#4257) 2016-10-01 17:11:38 +02:00
Martin Pitt
d7247512a9 nss-resolve: return NOTFOUND instead of UNAVAIL on resolution errors
It needs to be possible to tell apart "the nss-resolve module does not exist"
(which can happen when running foreign-architecture programs) from "the queried
DNS name failed DNSSEC validation" or other errors. So return NOTFOUND for these
cases too, and only keep UNAVAIL for the cases where we cannot handle the given
address family.

This makes it possible to configure a fallback to "dns" without breaking
DNSSEC, with "resolve [!UNAVAIL=return] dns". Add this to the manpage.

This does not change behaviour if resolved is not running, as that already
falls back to the "dns" glibc module.

Fixes #4157
2016-10-01 16:59:06 +02:00
Martin Pitt
4484e1792b man: drop myhostname from recommended nsswitch host configuration
resolve includes myhostname functionality, so there is no need to add it again.
2016-10-01 16:54:45 +02:00
Martin Pitt
6740ec4a65 Merge pull request #4225 from keszybz/coredump
coredump: remove Storage=both support, various fixes for sd-coredump and coredumpctl
2016-09-30 11:16:51 +02:00
Martin Pitt
b9fe94cad9 resolved: don't query domain-limited DNS servers for other domains (#3621)
DNS servers which have route-only domains should only be used for
the specified domains. Routing queries about other domains there is a privacy
violation, prone to fail (as that DNS server was not meant to be used for other
domains), and puts unnecessary load onto that server.

Introduce a new helper function dns_server_limited_domains() that checks if the
DNS server should only be used for some selected domains, i. e. has some
route-only domains without "~.". Use that when determining whether to query it
in the scope, and when writing resolv.conf.

Extend the test_route_only_dns() case to ensure that the DNS server limited to
~company does not appear in resolv.conf. Add test_route_only_dns_all_domains()
to ensure that a server that also has ~. does appear in resolv.conf as global
name server. These reproduce #3420.

Add a new test_resolved_domain_restricted_dns() test case that verifies that
domain-limited DNS servers are only being used for those domains. This
reproduces #3421.

Clarify what a "routing domain" is in the manpage.

Fixes #3420
Fixes #3421
2016-09-30 09:30:08 +02:00
Zbigniew Jędrzejewski-Szmek
fc6cec8613 coredump: remove Storage=both option
Back when external storage was initially added in 34c10968cb, this mode of
storage was added. This could have made some sense back when XZ compression was
used, and an uncompressed core on disk could be used as short-lived cache file
which does require costly decompression. But now fast LZ4 compression is used
(by default) both internally and externally, so we have duplicated storage,
using the same compression and same default maximum core size in both cases,
but with different expiration lifetimes. Even the uncompressed-external,
compressed-internal mode is not very useful: for small files, decompression
with LZ4 is fast enough not to matter, and for large files, decompression is
still relatively fast, but the disk-usage penalty is very big.

An additional problem with the two modes of storage is that it complicates
the code and makes it much harder to return a useful error message to the user
if we cannot find the core file, since if we cannot find the file we have to
check the internal storage first.

This patch drops "both" storage mode. Effectively this means that if somebody
configured coredump this way, they will get a warning about an unsupported
value for Storage, and the default of "external" will be used.
I'm pretty sure that this mode is very rarely used anyway.
2016-09-28 23:49:01 +02:00
Alfie John
831d3dc8d7 man: remove duplicate "the" for systemctl --plain (#4230) 2016-09-28 11:10:26 +02:00
Evgeny Vereshchagin
cc238590e4 Merge pull request #4185 from endocode/djalal-sandbox-first-protection-v1
core:sandbox: Add new ProtectKernelTunables=, ProtectControlGroups=, ProtectSystem=strict and fixes
2016-09-28 04:50:30 +03:00
Paweł Szewczyk
00bb64ecfa core: Fix USB functionfs activation and clarify its documentation (#4188)
There was no certainty about how the path in service file should look
like for usb functionfs activation. Because of this it was treated
differently in different places, which made this feature unusable.

This patch fixes the path to be the *mount directory* of functionfs, not
ep0 file path and clarifies in the documentation that ListenUSBFunction should be
the location of functionfs mount point, not ep0 file itself.
2016-09-26 18:45:47 +02:00
Zbigniew Jędrzejewski-Szmek
bc3bb330b8 machinectl: prefer user@ to --uid=user for shell (#4006)
It seems to me that the explicit positional argument should have higher
priority than "an option".
2016-09-26 11:45:31 -04:00
Torstein Husebø
d23a0044a3 treewide: fix typos (#4217) 2016-09-26 11:32:47 +02:00
Djalal Harouni
8f81a5f61b core: Use @raw-io syscall group to filter I/O syscalls when PrivateDevices= is set
Instead of having a local syscall list, use the @raw-io group which
contains the same set of syscalls to filter.
2016-09-25 12:52:27 +02:00
Djalal Harouni
49accde7bd core:sandbox: add more /proc/* entries to ProtectKernelTunables=
Make ALSA entries, latency interface, mtrr, apm/acpi, suspend interface,
filesystems configuration and IRQ tuning readonly.

Most of these interfaces now days should be in /sys but they are still
available through /proc, so just protect them. This patch does not touch
/proc/net/...
2016-09-25 11:30:11 +02:00
Djalal Harouni
9221aec8d0 doc: explicitly document that /dev/mem and /dev/port are blocked by PrivateDevices=true 2016-09-25 11:25:44 +02:00
Djalal Harouni
e778185bb5 doc: documentation fixes for ReadWritePaths= and ProtectKernelTunables=
Documentation fixes for ReadWritePaths= and ProtectKernelTunables=
as reported by Evgeny Vereshchagin.
2016-09-25 11:25:31 +02:00
Lennart Poettering
6757c06a1a man: shorten the exit status table a bit
Let's merge a couple of columns, to make the table a bit shorter. This
effectively just drops whitespace, not contents, but makes the currently
humungous table much much more compact.
2016-09-25 10:52:57 +02:00
Lennart Poettering
81c8aceed4 man: the exit code/signal is stored in $EXIT_CODE, not $EXIT_STATUS 2016-09-25 10:52:57 +02:00
Lennart Poettering
effbd6d2ea man: rework documentation for ReadOnlyPaths= and related settings
This reworks the documentation for ReadOnlyPaths=, ReadWritePaths=,
InaccessiblePaths=. It no longer claims that we'd follow symlinks relative to
the host file system. (Which wasn't true actually, as we didn't follow symlinks
at all in the most recent releases, and we know do follow them, but relative to
RootDirectory=).

This also replaces all references to the fact that all fs namespacing options
can be undone with enough privileges and disable propagation by a single one in
the documentation of ReadOnlyPaths= and friends, and then directs the read to
this in all other places.

Moreover a hint is added to the documentation of SystemCallFilter=, suggesting
usage of ~@mount in case any of the fs namespacing related options are used.
2016-09-25 10:42:18 +02:00
Lennart Poettering
b2656f1b1c man: in user-facing documentaiton don't reference C function names
Let's drop the reference to the cap_from_name() function in the documentation
for the capabilities setting, as it is hardly helpful. Our readers are not
necessarily C hackers knowing the semantics of cap_from_name(). Moreover, the
strings we accept are just the plain capability names as listed in
capabilities(7) hence there's really no point in confusing the user with
anything else.
2016-09-25 10:42:18 +02:00
Lennart Poettering
63bb64a056 core: imply ProtectHome=read-only and ProtectSystem=strict if DynamicUser=1
Let's make sure that services that use DynamicUser=1 cannot leave files in the
file system should the system accidentally have a world-writable directory
somewhere.

This effectively ensures that directories need to be whitelisted rather than
blacklisted for access when DynamicUser=1 is set.
2016-09-25 10:42:18 +02:00
Lennart Poettering
3f815163ff core: introduce ProtectSystem=strict
Let's tighten our sandbox a bit more: with this change ProtectSystem= gains a
new setting "strict". If set, the entire directory tree of the system is
mounted read-only, but the API file systems /proc, /dev, /sys are excluded
(they may be managed with PrivateDevices= and ProtectKernelTunables=). Also,
/home and /root are excluded as those are left for ProtectHome= to manage.

In this mode, all "real" file systems (i.e. non-API file systems) are mounted
read-only, and specific directories may only be excluded via
ReadWriteDirectories=, thus implementing an effective whitelist instead of
blacklist of writable directories.

While we are at, also add /efi to the list of paths always affected by
ProtectSystem=. This is a follow-up for
b52a109ad3 which added /efi as alternative for
/boot. Our namespacing logic should respect that too.
2016-09-25 10:42:18 +02:00
Lennart Poettering
59eeb84ba6 core: add two new service settings ProtectKernelTunables= and ProtectControlGroups=
If enabled, these will block write access to /sys, /proc/sys and
/proc/sys/fs/cgroup.
2016-09-25 10:18:48 +02:00
Zbigniew Jędrzejewski-Szmek
d11e656ace Merge pull request #4182 from jkoelker/routetable 2016-09-24 11:05:06 -04:00
Zbigniew Jędrzejewski-Szmek
eb93312810 kernel-install: allow plugins to terminate the procedure (#4174)
Replaces #4103.
2016-09-24 09:03:54 -04:00
Jason Kölker
2ba31d29a5 networkd: Allow specifying RouteTable for RAs 2016-09-19 03:27:46 +00:00
Jason Kölker
f594276b86 networkd: Allow specifying RouteTable for DHCP 2016-09-19 03:27:42 +00:00
Martin Pitt
6ac288a990 Merge pull request #4123 from keszybz/network-file-dropins
Network file dropins
2016-09-17 10:00:19 +02:00
Zbigniew Jędrzejewski-Szmek
bac150e9d1 man: mention that netdev,network files support dropins
Also update the description of drop-ins in systemd.unit(5) to say that .d
directories, not .conf files, are in /etc/system/system, /run/systemd/system,
etc.
2016-09-16 10:32:03 -04:00
Stefan Schweter
96ee6ce3c9 man: Update example for downloading a Fedora image (#4166) 2016-09-16 08:22:12 -04:00
Stefan
734530b7b5 man: update url to openpgpkey rfc (#4156) 2016-09-15 22:55:22 -04:00