1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-08 11:27:32 +03:00
Commit Graph

2161 Commits

Author SHA1 Message Date
Lennart Poettering
4a9b1dd4ad machine-id-commit: merge machine-id-commit functionality into machine-id-setup
And remove machine-id-commit as separate binary.

There's really no point in keeping this separate, as the sources are
pretty much identical, and have pretty identical interfaces. Let's unify
this in one binary.

Given that machine-id-commit was a private binary of systemd (shipped in
/usr/lib/) removing the tool is not an API break.

While we are at it, improve the documentation of the command substantially.
2015-09-29 21:55:51 +02:00
Lennart Poettering
94f099d813 systemctl: make "systemctl is-system-running" return "offline" if we are not booted with systemd
This sounds like the better place to expose this than in "systemd-notify
--booted".

Also document the so far undocumented "unknown" state the command might
return. And rearrange the table of states documented to be more like the
one for "is-running".

Also, don't document the precise exit code of this function, just say
errors are reported != 0 or > 0...
2015-09-29 21:55:51 +02:00
Lennart Poettering
8e82b3a271 Merge pull request #1392 from dvdhrm/bus-format2
sd-bus: add sd_bus_path_{encode,decode}_many() (v2)
2015-09-27 15:04:12 +02:00
David Herrmann
dfb815c36d sd-bus: add sd_bus_path_{encode,decode}_many()
This introduces two new helpers alongside sd_bus_path_{encode,decode}(),
which work similarly to their counterparts, but accept a format-string as
input. This allows encoding and decoding multiple labels of a format
string at the same time.
2015-09-26 16:57:23 +02:00
Evgeny Vereshchagin
b6f011c10d man: systemd.slice: add link to cgroups api docs
systemd.scope and systemd.resource-control contain that link.
systemd.slice should contain it too.
2015-09-24 14:37:17 +00:00
Evgeny Vereshchagin
de6fae8a6e man: systemd-run: run bash with --send-sighup
When bash is interactive it ignores SIGTERM.
SIGHUP indicates to bash that the connection has been
severed. `systemctl stop` doesn't wait TimeoutStopSec secs.
2015-09-23 13:52:29 +00:00
Daniel Mack
d11885c814 Merge pull request #1335 from poettering/some-fixes
A variety of mostly unrelated fixes
2015-09-22 17:04:38 +02:00
Lennart Poettering
f98f4ace4d Merge pull request #1336 from pszewczyk/functionfs_sockets_v3
core: add support for usb functionfs v3
2015-09-22 16:55:08 +02:00
Lennart Poettering
7757cfbecb man: drop reference to yum from man pages
Apparently, yum is obsolete, and dnf is the new yum. Mention only dnf
hence, and don't mention yum anymore.
2015-09-22 16:36:49 +02:00
Pawel Szewczyk
8c7c98398b man: Add documentation for functionfs socket activation 2015-09-22 16:32:16 +02:00
Alban Crequy
287419c119 containers: systemd exits with non-zero code
When a systemd service running in a container exits with a non-zero
code, it can be useful to terminate the container immediately and get
the exit code back to the host, when systemd-nspawn returns. This was
not possible to do. This patch adds the following to make it possible:

- Add a read-only "ExitCode" property on PID 1's "Manager" bus object.
  By default, it is 0 so the behaviour stays the same as previously.
- Add a method "SetExitCode" on the same object. The method fails when
  called on baremetal: it is only allowed in containers or in user
  session.
- Add support in systemctl to call "systemctl exit 42". It reuses the
  existing code for user session.
- Add exit.target and systemd-exit.service to the system instance.
- Change main() to actually call systemd-shutdown to exit() with the
  correct value.
- Add verb 'exit' in systemd-shutdown with parameter --exit-code
- Update systemctl manpage.

I used the following to test it:

| $ sudo rkt --debug --insecure-skip-verify run \
|            --mds-register=false --local docker://busybox \
|            --exec=/bin/chroot -- /proc/1/root \
|            systemctl --force exit 42
| ...
| Container rkt-895a0cba-5c66-4fa5-831c-e3f8ddc5810d failed with error code 42.
| $ echo $?
| 42

Fixes https://github.com/systemd/systemd/issues/1290
2015-09-21 17:32:45 +02:00
Lennart Poettering
26ce779618 Merge pull request #1311 from jsynacek/kill-errors-v2
core: extend KillUnit() to return error when no unit was killed
2015-09-21 15:04:23 +02:00
Evgeny Vereshchagin
96a6426f30 cgtop: add -M/--machine 2015-09-21 12:04:45 +00:00
Jan Synacek
ac5e3a505e core: extend KillUnit() to return error when no unit was killed 2015-09-21 10:05:49 +02:00
Lennart Poettering
16a012b1d0 Merge pull request #1241 from ssahani/net
networkd: add support for accept ra
2015-09-18 13:04:50 +02:00
Daniel Mack
32ee7d3309 cgroup: add support for net_cls controllers
Add a new config directive called NetClass= to CGroup enabled units.
Allowed values are positive numbers for fix assignments and "auto" for
picking a free value automatically, for which we need to keep track of
dynamically assigned net class IDs of units. Introduce a hash table for
this, and also record the last ID that was given out, so the allocator
can start its search for the next 'hole' from there. This could
eventually be optimized with something like an irb.

The class IDs up to 65536 are considered reserved and won't be
assigned automatically by systemd. This barrier can be made a config
directive in the future.

Values set in unit files are stored in the CGroupContext of the
unit and considered read-only. The actually assigned number (which
may have been chosen dynamically) is stored in the unit itself and
is guaranteed to remain stable as long as the unit is active.

In the CGroup controller, set the configured CGroup net class to
net_cls.classid. Multiple unit may share the same net class ID,
and those which do are linked together.
2015-09-16 00:21:55 +02:00
Susant Sahani
941d0aa8f4 man: add support for accept ra man 2015-09-12 08:18:36 +05:30
Lennart Poettering
d53d94743c core: refactor cpu shares/blockio weight cgroup logic
Let's stop using the "unsigned long" type for weights/shares, and let's
just use uint64_t for this, as that's what we expose on the bus.

Unify parsers, and always validate the range for these fields.

Correct the default blockio weight to 500, since that's what the kernel
actually uses.

When parsing the weight/shares settings from unit files accept the empty
string as a way to reset the weight/shares value. When getting it via
the bus, uniformly map (uint64_t) -1 to unset.

Open up StartupCPUShares= and StartupBlockIOWeight= to transient units.
2015-09-11 18:31:49 +02:00
Lennart Poettering
03a7b521e3 core: add support for the "pids" cgroup controller
This adds support for the new "pids" cgroup controller of 4.3 kernels.
It allows accounting the number of tasks in a cgroup and enforcing
limits on it.

This adds two new setting TasksAccounting= and TasksMax= to each unit,
as well as a gloabl option DefaultTasksAccounting=.

This also updated "cgtop" to optionally make use of the new
kernel-provided accounting.

systemctl has been updated to show the number of tasks for each service
if it is available.

This patch also adds correct support for undoing memory limits for units
using a MemoryLimit=infinity syntax. We do the same for TasksMax= now
and hence keep things in sync here.
2015-09-10 18:41:06 +02:00
Torstein Husebø
dc61b7e45d treewide: fix typos 2015-09-08 12:55:50 +02:00
Evgeny Vereshchagin
fb30c438f3 systemctl: add ConsistsOf as the inverse of PartOf 2015-09-08 03:02:49 +03:00
Thomas Hindoe Paaboel Andersen
4f76ef0423 man: typo fixes 2015-09-07 20:06:58 +02:00
David Herrmann
74c1d3e74e man: clarify wording of os-release.CPE_NAME
We expect the CPE_NAME to be formatted in URI binding syntax. Make that
clear in the documentation. Furthermore, the CPE-spec has been taken over
by NIST, so adjust the links as well.

Reported by: Ben Harris <bjh21@cam.ac.uk>
2015-09-07 10:57:50 +02:00
Lennart Poettering
f757855e81 nspawn: add new .nspawn files for container settings
.nspawn fiels are simple settings files that may accompany container
images and directories and contain settings otherwise passed on the
nspawn command line. This provides an efficient way to attach execution
data directly to containers.
2015-09-06 01:49:06 +02:00
Lennart Poettering
f5aaf57562 sd-login: add new sd_pid_get_cgroup() API
This adds a new sd_pid_get_cgroup() call to sd-login which may be used
to query the control path of a process. This is useful for programs when
making use of delegation units, in order to figure out which subtree has
been delegated.

In light of the unified control group hierarchy this is finally safe to
do, hence let's add a proper API for it, to make it easier to use this.
2015-09-05 14:56:23 +02:00
Lennart Poettering
707b66c663 sd-login: rework error handling
Makre sure we always return sensible errors for the various, following
the same rules, and document them in a comment in sd-login.c. Also,
update all relevant man pages accordingly.
2015-09-04 09:07:31 +02:00
Lennart Poettering
a8ba86ce6a man: always use the same example in nss module documentation
Show the same recommended example file in all three man pages, just
highlight the different, relevant parts.

This should be less confusing for users, and clarify what we actually
recommend how /etc/nsswitch.conf is set up.
2015-09-04 09:07:30 +02:00
Lennart Poettering
28bc259c01 Merge pull request #1118 from jsynacek/man-dot-d-v2
man: *.d conf directories: add note about initrd regeneration
2015-09-02 11:30:08 +02:00
Jan Synacek
2ef555d69a man: *.d conf directories: add note about initrd regeneration 2015-09-02 10:01:34 +02:00
Evgeny Vereshchagin
d84248ebec virt: detect parallels virtualization
inspired by http://people.redhat.com/~rjones/virt-what/

see:
* http://git.annexia.org/?p=virt-what.git;a=blob;f=virt-what.in;h=a5ed33ef3e4bfa3281c9589eccac4d92dff1babe;hb=HEAD#l200
* http://git.annexia.org/?p=virt-what.git;a=blob;f=virt-what.in;h=a5ed33ef3e4bfa3281c9589eccac4d92dff1babe;hb=HEAD#l253
2015-09-02 01:49:47 +00:00
Lennart Poettering
d6d8075a86 Merge pull request #1109 from phomes/man-typos
man: fix typos in systemd-path.xml
2015-09-01 19:08:55 +02:00
Evgeny Vereshchagin
8c7db2fb21 run: enable interactive authorization 2015-09-01 16:43:08 +00:00
Thomas Hindoe Paaboel Andersen
5575c4e603 man: fix typos in systemd-path.xml 2015-09-01 18:31:04 +02:00
Lennart Poettering
3f010fe095 Merge pull request #1066 from ssahani/tunnel
networkd: add support for tunnel encap limit
2015-09-01 12:02:10 +02:00
Tom Gundersen
9b3a67c55b networkd: dhcp-server - allow configuration of the pool
The constraints we place on the pool is that it is a contiguous
sequence of addresses in the same subnet as the server address, not
including the subnet nor broadcast addresses, but possibly including
the server address itself. If the server address is included in the
pool it is (obviously) reserved and not handed out to clients.
2015-08-31 21:42:33 +02:00
Lennart Poettering
6d3eefd28e man: document relationship between keys and switches of cgtop 2015-08-31 13:20:44 +02:00
Lennart Poettering
7fcfb7ee2f cgtop: allow toggling of --recursive= and -k at runtime 2015-08-31 13:20:44 +02:00
Lennart Poettering
3cb5beea0c cgtop: recursively count cgroup member tasks
When showing the number of tasks in a cgroup, recursively count tasks in
child cgroups and include them in the number. This ensures that the
number of tasks is cummulative the same way as memory, cpu and IO
resources are.

Old behaviour can be restored by passing the new --recursive=no switch.
2015-08-31 13:20:44 +02:00
Lennart Poettering
41ba8b6e69 cgtop: ignore kernel threads when counting tasks
However, allow them to be counted in by specifying -k
2015-08-31 13:20:44 +02:00
Susant Sahani
dae398a8c2 man: add man for tunnel encap limit 2015-08-31 13:22:15 +05:30
Eugene Yakubovich
5e5bfa6e1c nspawn: add (no)rbind option to --bind and --bind-ro
--bind and --bind-ro perform the bind mount
non-recursively. It is sometimes (often?) desirable
to do a recursive mount. This patch adds an optional
set of bind mount options in the form of:
	--bind=src-path:dst-path:options
options are comma separated and currently only
"rbind" and "norbind" are allowed.
Default value is "rbind".
2015-08-28 18:06:05 -07:00
Evgeny Vereshchagin
400f73d9ed man: networkctl understands --no-legend too 2015-08-28 16:19:07 +00:00
Tom Gundersen
84d449b552 Merge pull request #1063 from poettering/dbus-interface-from-type
cgls/cgtop: a variety of modernizations
2015-08-28 12:01:46 +02:00
Daniel Mack
04b0752fb2 Merge pull request #1060 from poettering/resolved-man-2
man: Document that resolved requires nss-resolve to work with libc
2015-08-28 08:54:19 +02:00
Lennart Poettering
45d7a8bb6c cgtop: major modernizations
In preparation of the unified cgroup support, let's clean up cgtop:

a) rework time code to be based on "nsec_t" rather than "struct timespec"

b) Introduce long option --order= for selecting ordering

c) count number of processes only in the main hierarchy, don't bother
   with the controller hierarchies. We don't allow orthogonal
   hierarchies in systemd anymore, hence there's no point to check the
   other hierarchies.

d) Deal with non-monotonic cpuacct values (see #749)

e) When sorting groups, don't do prefix compare when ordering by number
   of tasks, since this is not accumulative for all children.

f) Actually make --cpu without parameter work

g) Don't output control characters when we get them as input.

Fixes #749.
2015-08-28 02:27:29 +02:00
Lennart Poettering
437293cf80 man: Document that resolved requires nss-resolve to work with libc
Closes #884.
2015-08-28 02:04:57 +02:00
Lennart Poettering
ad9437836f man: document the new DHCP settings added in the past commits 2015-08-27 17:34:44 +02:00
Lennart Poettering
762a5766dc man: minor extension to the machinectl man page
s/an/any/, as reported by Vito Caputo.

Also mention explicitly that the security properties (i.e. SELinux) are
also isolated when "machinectl shell" is used.
2015-08-26 11:02:28 +02:00
Lennart Poettering
0d6868f9ae man: document nss-resolve 2015-08-26 11:00:09 +02:00
Lennart Poettering
2dc6b11d29 man: document resolved's RR synthesizing and query routing 2015-08-26 10:30:06 +02:00