1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-30 06:25:37 +03:00
Commit Graph

6762 Commits

Author SHA1 Message Date
Gaël PORTAY
e502940be2 man: update root-hash-signature option with value
This documents two possible values expected by the option
root-hash-signature for veritytab and veritysetup-generator.
2022-03-30 23:45:26 +02:00
Yu Watanabe
8b7378e145 fix typo 2022-03-30 21:10:06 +09:00
Zbigniew Jędrzejewski-Szmek
53877d0385
Merge pull request #22649 from keszybz/symlink-enablement-yet-again-punish-me-harder
Fixups to the unit enablement logic
2022-03-29 21:10:03 +02:00
Zbigniew Jędrzejewski-Szmek
b64f6d841d
Merge pull request #22843 from poettering/bootspec-json
bootctl: bootspec improvements and clean-ups
2022-03-29 18:11:32 +02:00
Zbigniew Jędrzejewski-Szmek
17a2679e99 man: fix invalid description of template handling in WantedBy=
We don't need to talk about Alias=. The approach of using Alias= to enable
units is still supported, but hasn't been advertised as the way to do thing
for many years. Using it as an explanation is just confusing.

Also, the description of templated units did not take DefaultInstance=
into account. It is updated and extended.
2022-03-29 16:17:56 +02:00
Zbigniew Jędrzejewski-Szmek
3a84a3c9df man/os-release: add a note about repeating entries
We didn't actually say that keys should not be repeated. At least the
examples in docs (both python and shell) would do that, and any simple
parser that builds a dictionary would most likely behave the same way.
But let's document this expectation, but also say how to deal with malformed
files.
2022-03-29 16:17:56 +02:00
Zbigniew Jędrzejewski-Szmek
ecd6c000d3 man: clarify the descriptions of aliases and linked unit files
This just describes the rules that are implemented by the manager, and this
pull request does not change any of them.
2022-03-29 16:17:56 +02:00
Yu Watanabe
ec4954d934 network: rename netdev kind virtual-wlan -> wlan
The Kind= setting in [Match] section of .network files takes "wlan".
This makes the same setting in .netdev files matches the one in .network
files.
2022-03-28 23:53:12 +09:00
Lennart Poettering
0d1506d4a8 bootctl: optionally, output entries in JSON format
Replaces: #18387
Fixes: #18094
2022-03-28 16:00:25 +02:00
Lennart Poettering
0924ea2b26 machine-info: rename VENDOR=/MODEL= → HARDWARE_VENDOR=/HARDWARE_MODEL=
Let's be more precise here. Otherwise people might think this describes
the software system or so. We already expose this via hostnamed as
HardwareVendor/HardwareModel hence use the exact same wording.

(Note that the relevant props on the dmi device are just VENDOR/MODEL,
but that's OK given that DMI really is about hardware anyway,
unconditionally, hence no chance of confusion there.)

Follow-up for 4fc7e4f374
2022-03-24 21:29:13 +01:00
Yu Watanabe
2859932bd6 network: do not enable IPv4 ACD for IPv4 link-local address if ACD is disabled explicitly
The commit 1cf4ed142d makes the IPv4 ACD
enabled unconditionally for IPv4 link-local addresses even if users
explicitly disable ACD.

This makes the IPv4 ACD is enabled by default, but honor user setting.

Fixes #22763.
2022-03-23 17:59:38 +01:00
Lennart Poettering
8f39ecf6aa docs: link up new image building docs a bit 2022-03-23 12:25:01 +01:00
Lennart Poettering
5b39139582
Merge pull request #22629 from nishalkulkarni/oomd_service_result
core/oomd: Use oom-kill ServiceResult for oomd
2022-03-23 10:11:45 +01:00
Zbigniew Jędrzejewski-Szmek
77d45f1f83 meson: replace sh+find with an internal glob in the python helper
As suggested in https://github.com/systemd/systemd/pull/22810#discussion_r831708052

This makes the whole thing simpler. A glob is passed to helper which then resolves
it on its own. This way it's trivial to call the helper with a different
set of files for testing.
2022-03-23 11:37:35 +09:00
Yu Watanabe
14acae357b
Merge pull request #22825 from keszybz/assorted-cleanups
Assorted cleanups
2022-03-23 11:34:46 +09:00
Zbigniew Jędrzejewski-Szmek
94f7ee9770 man: clarify that options set the message fields and are not derived from them 2022-03-22 14:07:53 +01:00
Zbigniew Jędrzejewski-Szmek
93efd9cadb
Merge pull request #22778 from poettering/kernel-install-layout-rework
kernel-install/bootctl: layout fixes
2022-03-22 13:57:28 +01:00
Nishal Kulkarni
2e3591a4fd man: Mention systemd-oomd now follows OOMPolicy 2022-03-22 18:04:52 +05:30
Lennart Poettering
c0f6a6a542
Merge pull request #22662 from yuwata/udev-trigger-priority
udevadm trigger: add --prioritized-subsystem option
2022-03-22 12:56:32 +01:00
Danilo Krummrich
678f2b1667 udevadm: trigger: implement --initialized-match/nomatch arguments
systemd-udev-trigger.service by default triggeres all devices regardless
of whether they were already recognized by systemd-udevd.

There are machines (especially in embedded environments) where
systemd-udev-trigger.service is configured to run at a later stage of
the boot sequence, which can lead to quite a lot of devices being
triggered although they were already recognized by systemd-udevd.

Re-triggering a lot of devices is a relatively expensive operation and
therefore should be avoided if unnecessary.

Therefore this patch introduces --initialized-nomatch, which filters out
devices that are already present in the udev database. For consistance
reasons --initialized-match is implemented as well, which filters out devices
that are *not* already present in the udev database.

Replaces #19949.
2022-03-22 15:54:10 +09:00
Yu Watanabe
1baeee5784 udevadm trigger: introduce --type=all option 2022-03-22 15:27:06 +09:00
Yu Watanabe
873cf95c2f udevadm trigger: introduce --prioritized-subsystem option 2022-03-22 15:27:06 +09:00
Lennart Poettering
cafa9d87b4 man: clarify that type #1 entries are also read from the XBOOTLDR partition 2022-03-22 00:23:25 +01:00
Lennart Poettering
838f094ce7 man: also install systemd-stub man page as sd-stub
So, typically systemd-boot is referenced as sd-boot, due to te usual
shorter naming in ESP resources. systemd-stub didnt do that so far,
since it never appears as separate files in the ESP. However it's super
annoying that you can find "man sd-boot", but not the very closely
related "man sd-stub". Let's fix that, and also add an "sd-stub" alias
to the "systemd-stub" man page.
2022-03-22 00:22:07 +01:00
Lennart Poettering
d212b862bf man: clarify where the settings in type #1 entries are documented
So (maybe weirdly) loader.conf(5) documents both loader.conf and type #1
entries (because they share a similar syntax). But it then only lists
the options of loader.conf. Let's add an explicit hint where to find
the documentation of the type #1 entries.
2022-03-22 00:22:07 +01:00
Lennart Poettering
84df0f315a man: clarify the format used by sd-boot config files 2022-03-22 00:22:07 +01:00
Lennart Poettering
354a244177 kernel-install: list fields we honour in /etc/kernel/install.conf 2022-03-21 23:54:33 +01:00
Anita Zhang
a4cc838e8c man: fix sysupdate typos 2022-03-21 20:06:13 +00:00
Zbigniew Jędrzejewski-Szmek
a0aa38389d man: cross-link to BLS in more places, use "Type #1", "Type #2" as appropriate 2022-03-21 12:16:54 +01:00
Lennart Poettering
436aa3b16f man: add sysupdate documentation 2022-03-19 00:13:55 +01:00
Lennart Poettering
f65a33269e Revert "boot: Change boot entry sorting"
This reverts commit 9818ec8ea5.
2022-03-18 11:59:30 +01:00
Zbigniew Jędrzejewski-Szmek
f60b0813ea man/systemd.exec: tweak markup a bit 2022-03-18 10:22:20 +01:00
Luca Boccassi
1219bd4306 Add tests and documentation for all remaining sandboxing in user manager 2022-03-18 10:09:56 +01:00
Lennart Poettering
55c8f9ecb0
Merge pull request #22754 from mrc0mmand/creds_dir_specifier
core: add %d specifier for the $CREDENTIALS_DIRECTORY
2022-03-18 09:23:01 +01:00
David
19c510bec7 Changed wording in systemd-debug-generator manpage 2022-03-17 19:02:10 +01:00
Frantisek Sumsal
43b9b2053c core: add %d specifier for the $CREDENTIALS_DIRECTORY
Resolves: #22549
2022-03-17 17:45:01 +01:00
Lennart Poettering
e127ac90ef
Merge pull request #22761 from poettering/pcr-fix
sd-boot: change kernel cmdline PCR from 8 to 12
2022-03-16 22:32:43 +01:00
Lennart Poettering
deb5c820ca sd-boot: disable bitlocker reboot feature for now
Conceptually the feature is great and should exist, but in its current
form should be worked to be generic (i.e. not specific to
Windows/Bitlocker, but appliable to any boot entry), not be global (but
be a per-entry thing), not require a BootXXXX entry to exist, and not
check for the BitLocker signature (as TPMs are not just used for
BitLocker).

Since we want to get 251 released, mark it in the documentation, in NEWS
and in code as experimental and make clear it will be reworked in a
future release. Also, make it opt-in to make it less likely people come
to rely on it without reading up on it, and understanding that it will
likely change sooner or later.

Follow-up for: #22043
See: #22390
2022-03-16 18:39:57 +01:00
Lennart Poettering
c2c7eea1e9
Merge pull request #22563 from grigorig/cryptenroll-tpm2-pin
sd-cryptenroll TPM2 PIN protected unlock
2022-03-16 18:04:28 +01:00
Lennart Poettering
27818e2ece man: only document new PCR 12 2022-03-16 17:44:46 +01:00
Lennart Poettering
4bb37359f6 docs: s/straight-forward/straightforward/
Inspired by https://github.com/systemd/systemd/pull/20156#discussion_r810878846
2022-03-15 22:46:09 +00:00
Grigori Goronzy
4005d41ef0 cryptsetup: add manual TPM2 PIN configuration
Handle the case where TPM2 metadata is not available and explicitly
provided in crypttab. This adds a new "tpm2-pin" option to crypttab
options for this purpose.
2022-03-15 21:17:00 +01:00
Grigori Goronzy
caeb5604f9 cryptenroll: add TPM2 PIN documentation 2022-03-15 21:17:00 +01:00
Yu Watanabe
c86efe34df man: replace full stop with colon
Fixes #22724.
2022-03-13 18:30:57 +00:00
Lennart Poettering
f337f903df bootctl: update to new kernel-install semantics
This makes a bunch of closely related changes:

1. The "entry-token" concept already introduced in kernel-install is now
   made use of. i.e. specifically there's a new option --entry-token=
   that can be used to explicitly select by which ID to identify boot
   loader entries: the machine ID, or some OS ID (ID= or IMAGE_ID= from
   /etc/os-release, or even some completely different string. The
   selected string is then persisted to /etc/kernel/entry-token, so that
   kernel-install can find it there.

2. The --make-machine-id-directory= switch is renamed to
   --make-entry-directory= since after all it's not necessarily the
   machine ID the dir is named after, but can be any other string as
   selected by the entry token.

3. This drops all code to make automatic changes to /etc/machine-info.
   Specifically, the KERNEL_INSTALL_MACHINE_ID= field is now more
   generically implemented in /etc/kernel/entry-token described above,
   hence no need to place it at two locations. And the
   KERNEL_INSTALL_LAYOUT= field is not configurable by user switch or
   similar anyway in bootctl, but only read from
   /etc/kernel/install.conf, and hence copying it from one configuration
   file to another appears unnecessary, the second copy is fully
   redundant. Note that this just drops writing these fields, they'll
   still be honoured when already set.
2022-03-11 11:39:34 +01:00
Lennart Poettering
fe81e346c8 man: document recent changes
This drops documentation of KERNEL_INSTALL_MACHINE_ID as machine-info
field (though we'll still read it for compat).

This updates the kernel-install man page to always say "ENTRY-TOKEN"
instead of "MACHINE-ID" where appropriate, to clear the confusion up
between the two.

This also tries to fix how we denote env vars (always prefix with $ and
without = suffix), and other vars (without $ but with = suffix)

Other fixes.
2022-03-11 11:39:34 +01:00
Lennart Poettering
15e152acd1
Merge pull request #22618 from yuwata/network-safe-string
network: dhcp-server: refuse unsafe filename
2022-03-11 11:33:07 +01:00
Marcel Hellwig
37035235df fix signature of sd_journal_print_with_location in docs 2022-03-11 11:32:20 +01:00
Yu Watanabe
6278e42878 network: dhcp: rename NextServer= and Filename= settings
And make the settings configures DHCP option 66 and 67.

Follow-ups for #22615.
Fixes #22661.
2022-03-11 10:14:57 +09:00
Luca Boccassi
0d3c36641d
Merge pull request #22701 from poettering/raise-memlock
pid1/nspawn: raise RLIMIT_MEMLOCK to 8M matching kernel 5.16's new default
2022-03-11 01:09:33 +00:00