1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-05 13:18:06 +03:00
Commit Graph

1103 Commits

Author SHA1 Message Date
Yu Watanabe
a4d1891475 meson: allow to customize the access mode for tty/pts devices
Then, switch the default value to "0600", due to general security
concerns about terminals being written to by other users.

Closing #35599.
2024-12-16 21:36:07 +00:00
Mike Yuan
3ae314afdc Revert "run: disable --expand-environment by default for --scope"
This reverts commit 8167c56bfa.

We've announced the breaking change during v254-v257. Let's actually
apply it for v258.
2024-12-12 06:05:30 +09:00
Luca Boccassi
9df1ca63fb NEWS: add placeholder for v258 2024-12-10 19:31:07 +00:00
Luca Boccassi
70bae7648f Finalize NEWS and meson.version for v257 2024-12-10 19:23:45 +00:00
Luca Boccassi
9e5e1cf6ca NEWS: update list of contributors 2024-12-10 15:18:39 +00:00
Zbigniew Jędrzejewski-Szmek
d5df77b474 NEWS: adjust grammar
Follow-up for 1072618023.
2024-12-02 10:48:59 +01:00
Yu Watanabe
1072618023 NEWS: metion changes for networkd 2024-12-01 23:37:32 +09:00
Luca Boccassi
d08946c19c NEWS: update date 2024-11-27 21:11:33 +00:00
Luca Boccassi
a881ca663f NEWS: update contributors list 2024-11-27 15:17:23 +00:00
Vito Caputo
4f3df8c1bb NEWS: add blurb thanking Nick Owens
Nick's largely responsible for nerd-sniping me into fixing #34516
and did most of the testing.
2024-11-24 16:31:27 +09:00
Luca Boccassi
a66fd4ac9f NEWS: update date 2024-11-15 19:16:47 +00:00
Luca Boccassi
69cd0f4781 NEWS: update contributors list 2024-11-15 17:26:07 +00:00
Luca Boccassi
7751bfb179 NEWS: systemd-keyutil, --certificate-source, --certificate-provider 2024-11-15 17:25:29 +00:00
Zbigniew Jędrzejewski-Szmek
579e905ffe NEWS: add specific versions in key codes entry
This should be easier for folks to consume.

Refs:
https://lists.x.org/archives/xorg-announce/2024-October/003543.html
https://lists.x.org/archives/xorg-announce/2024-October/003544.html
2024-11-07 16:55:53 +01:00
Yu Watanabe
fed7857672 NEWS: fix typo
Follow-up for a6d7cc74d6.
2024-11-07 10:05:32 +09:00
Lennart Poettering
acc8bae0b3 NEWS: various cleanups 2024-11-06 22:18:55 +01:00
Lennart Poettering
a6d7cc74d6 NEWS: various cleanups 2024-11-06 21:50:56 +01:00
Luca Boccassi
f10d1c679e NEWS: finalize 2024-11-06 16:58:14 +00:00
Luca Boccassi
e1c8f3a8d9 NEWS: update list of contributors 2024-11-06 16:53:46 +00:00
Luca Boccassi
859634ea63 NEWS: add note about sd-sbsign 2024-11-06 16:49:42 +00:00
Luca Boccassi
66d044b560 Update NEWS for recent PRs 2024-11-06 15:50:59 +00:00
Michele Dionisio
d865abf9eb networkd: add possibility to specify MulticastIGMPVersion 2024-11-06 15:50:27 +00:00
Luca Boccassi
f72fe2d73c
Grammar and formatting for DeviceTree docs (#35050) 2024-11-06 15:13:18 +00:00
Zbigniew Jędrzejewski-Szmek
265488414c tree-wide: use Device*T*ree spelling
We used both, in fact "Devicetree" was more common. But we have a general rule
that we capitalize all words in names and also we have a DeviceTree=
configuration setting, which we cannot change. If we use two different
spelllings, this will make it harder for people to use the correct one in
config files. So use the "DeviceTree" spelling everywhere.
2024-11-06 15:00:55 +01:00
Zbigniew Jędrzejewski-Szmek
d0ab0e5fa5 pid1: stop refusing to boot with cgroup v1
Since v256 we completely fail to boot if v1 is configured. Fedora 41 was just
released with v256.7 and this is probably the first major exposure of users to
this code. It turns out not work very well. Fedora switched to v2 as default in
F31 (2019) and at that time some people added configuration to use v1 either
because of Docker or for other reasons. But it's been long enough ago that
people don't remember this and are now very unhappy when the system refuses to
boot after an upgrade.

Refusing to boot is also unnecessarilly punishing to users. For machines that
are used remotely, this could mean somebody needs to physically access the
machine. For other users, the machine might be the only way to access the net
and help, and people might not know how to set kernel parameters without some
docs. And because this is in systemd, after an upgrade all boot choices are
affected, and it's not possible to e.g. select an older kernel for boot. And
crashing the machine doesn't really serve our goal either: we were giving a
hint how to continue using v1 and nothing else.

If the new override is configured, warn and immediately boot to v1.
If v1 is configured w/o the override, warn and wait 30 s and boot to v2.
Also give a hint how to switch to v2.

https://bugzilla.redhat.com/show_bug.cgi?id=2323323
https://bugzilla.redhat.com/show_bug.cgi?id=2323345
https://bugzilla.redhat.com/show_bug.cgi?id=2322467
https://www.reddit.com/r/Fedora/comments/1gfcyw9/refusing_to_run_under_cgroup_01_sy_specified_on/

The advice is to set systemd.unified_cgroup_hierarchy=1 (instead of removing
systemd.unified_cgroup_hierarchy=0). I think this is easier to convey. Users
who are understand what is going on can just remove the option instead.

The caching is dropped in cg_is_legacy_wanted(). It turns out that the
order in which those functions are called during early setup is very fragile.
If cg_is_legacy_wanted() is called before we have set up the v2 hierarchy,
we incorrectly cache a true answer. The function is called just a handful
of times at most, so we don't really need to cache the response.
2024-11-06 13:43:25 +00:00
Zbigniew Jędrzejewski-Szmek
2257be13fe tree-wide: time-out → timeout
For justification, see 3f9a0a522f.
2024-11-05 19:32:19 +00:00
Daan De Meyer
406f177501 core: Introduce PrivatePIDs=
This new setting allows unsharing the pid namespace in a unit. Because
you have to fork to get a process into a pid namespace, we fork in
systemd-executor to get into the new pid namespace. The parent then
sends the pid of the child process back to the manager and exits while
the child process continues on with the rest of exec_invoke() and then
executes the actual payload.

Communicating the child pid is done via a new pidref socket pair that is
set up on manager startup.

We unshare the PID namespace right before the mount namespace so we
mount procfs correctly. Note PrivatePIDs=yes always implies MountAPIVFS=yes
to mount procfs.

When running unprivileged in a user session, user namespace is set up first
to allow for PID namespace to be unshared. However, when running in
privileged mode, we unshare the user namespace last to ensure the user
namespace does not own the PID namespace and cannot break out of the sandbox.

Note we disallow Type=forking services from using PrivatePIDs=yes since the
init proess inside the PID namespace must not exit for other processes in
the namespace to exist.

Note Daan De Meyer did the original work for this commit with Ryan Wilson
addressing follow-ups.

Co-authored-by: Daan De Meyer <daan.j.demeyer@gmail.com>
2024-11-05 05:32:02 -08:00
Lennart Poettering
f57efb3d6c update NEWS 2024-11-04 12:42:40 +01:00
Luca Boccassi
e7bbcbb27c Update NEWS 2024-11-01 11:39:26 +00:00
Lennart Poettering
f0a1d44939 update NEWS 2024-11-01 10:12:41 +01:00
Yu Watanabe
5310cf3354 NEWS: fix typo 2024-10-31 10:58:25 +09:00
Zbigniew Jędrzejewski-Szmek
c8b774463e NEWS: remove duplicated entry
The same item is described below.

Also reflow some paragraphs (presumably indented with emacs, which does this
wrong).
2024-10-30 15:09:26 +01:00
Lennart Poettering
dd9a8cb999 update NEWS 2024-10-30 09:13:48 +01:00
Zbigniew Jędrzejewski-Szmek
99996d5f5e
Merge pull request #34245 from bluca/logind_drop_weak_delay_inhibitor
logind: drop new delay-weak inhibitor
2024-10-29 17:13:11 +01:00
Mike Yuan
aa61fe48e5
NEWS: be less misleading since systemd-run does not support ExtraFileDescriptors= yet 2024-10-29 16:35:35 +01:00
Lennart Poettering
2b7a56d286 update NEWS for v257 2024-10-28 23:38:24 +01:00
Zbigniew Jędrzejewski-Szmek
2c23b7054f
Merge pull request #34783 from keszybz/man-nspawn-private-users
Change systemd-nspawn man page to strongly recommend private users
2024-10-18 18:44:05 +02:00
Zbigniew Jędrzejewski-Szmek
487d412327 tree-wise: use "lightweight" spelling
Both spellings were used, but the dictionary says that "lightweight"
is the standard spelling.
2024-10-18 18:43:40 +02:00
Mike Yuan
102efcd312
Bump kernel recommended baseline to v5.4 2024-10-16 18:06:11 +02:00
Mike Yuan
7d3ae178fb
NEWS: rearrange incompatible changes, separate from Future Removals 2024-10-16 18:01:39 +02:00
Lennart Poettering
0aaacc3a10
Merge pull request #34593 from Werkov/deprecate-aux-scopes
core/manager: Deprecate StartAuxiliaryScope() method
2024-10-09 10:25:30 +02:00
Lennart Poettering
e204346953 NEWS: announce the F20/F21/F22/F23 key mangling removal scheduled for v258
As per: https://github.com/systemd/systemd/pull/34325
And: https://github.com/systemd/systemd/issues/34323
2024-10-09 09:04:31 +02:00
Michal Koutný
64f173324e core/manager: Deprecate StartAuxiliaryScope() method
The method was added with migration of resources in mind (e.g. process's
allocated memory will follow it to the new scope), however, such a
resource migration is not in cgroup semantics. The method may thus have
the intended users and others could be guided to StartTransientUnit().

Since this API was advertised in a regular release, start the removal
with a deprecation message to callers.
Eventually, the goal is to remove the method to clean up DBus API and
simplify code (removal of cgroup_context_copy()).

Part of DBus docs is retained to satisfy build checks.
2024-10-08 17:49:13 +02:00
Lennart Poettering
5b80cef69f Revert "Preset user units on first boot as well"
This reverts commit 0a40325573.
2024-10-01 17:33:44 +02:00
Simon Pilkington
bb322e4340 NEWS: Document change to systemd-creds 'cat' verb
See: https://github.com/systemd/systemd/pull/34548
2024-09-25 16:08:01 +02:00
Daan De Meyer
0a40325573 Preset user units on first boot as well
We need to make sure the presets from /usr/lib/systemd/user-preset
are applied as well. Currently only the ones from
/usr/lib/systemd/system-preset are applied.
2024-09-21 13:57:29 +09:00
Jörg Behrmann
81b4d68153 NEWS: fix typos and remove backticks 2024-09-20 20:07:16 +09:00
Yu Watanabe
9671efff78 NEWS: fix typo
Follow-up for dcc359010c.
2024-09-16 11:50:48 +09:00
Lennart Poettering
db15657dfb tmpfiles: introduce an explicit line flag $ for enabling purge logic for a line
Let's make the risk of accidental misuse, and mark lines that shall be
covered by --purge with an explicit new flag "$".

See: #33349
2024-09-15 19:43:09 +02:00
Luca Boccassi
5360db2a90 logind: drop new delay-weak inhibitor
It wasn't actually requested, just a misunderstanding, so drop it.

Fixes https://github.com/systemd/systemd/issues/34091

Follow-up for 804874d26a
2024-09-13 12:32:42 +02:00