1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-08 11:27:32 +03:00
Commit Graph

2159 Commits

Author SHA1 Message Date
Lennart Poettering
a03fe1a5d5 man: remove references to systemadm from systemctl man page
The tool is badly maintained and we shouldn't refence such old cruft.
2015-01-08 23:13:45 +01:00
Lennart Poettering
e45fc5e738 man: bring machinectl man page up-to-date 2015-01-08 23:13:45 +01:00
Lennart Poettering
b619ec8f83 man: bring systemctl man page and --help text into the same order 2015-01-08 23:13:45 +01:00
Lennart Poettering
17cd091332 man: add the same command sections to the man page as the --help text shows 2015-01-08 23:13:45 +01:00
Lennart Poettering
acf97e213e machinectl: given that machinectl invokes a number of polkit enabled methods, start the polkit agent on terminals 2015-01-08 23:13:45 +01:00
Lennart Poettering
8b0cc9a36c machinectl: show most recent log output in "machinectl status", too 2015-01-08 23:13:45 +01:00
Lennart Poettering
3c7560019e loginctl: show the 10 most recent log user/session log lines in "loginctl user-status" and "loginctl session-status" 2015-01-08 23:13:45 +01:00
Andrey Chaser
7376e83528 cryptsetup: support header= option
https://bugs.freedesktop.org/show_bug.cgi?id=66396
2015-01-08 16:33:59 -05:00
Dave Reisner
ee9c4ff4c8 doc: fix stale references to systemd-verify
This was subsumed into systemd-analyze back in 142c4ecaa9.
2015-01-08 15:57:38 -05:00
Peter Mattern
de59d29e8a man: add hostnamed chassis type "embedded" to machine-info(5)
man machine-info lacks hostnamed chassis type "embedded" as introduced in 218. The following lines should fix this.
2015-01-08 15:46:36 -05:00
Zbigniew Jędrzejewski-Szmek
d9215d05f7 man: mention where timesyncd keeps the timestamp 2015-01-08 15:46:36 -05:00
Lennart Poettering
dbda6dce3d man: document nss-mymachines 2015-01-07 17:40:10 +01:00
Lennart Poettering
49aa61a550 man: add an alias to libnss_myhostname.so2 for nss-myhostname
The module appears under the name "libnss_myhostname.so.2" in the file
system, hence let's link it up under that name.
2015-01-07 17:19:46 +01:00
Lennart Poettering
b311d32ff4 man: rework nss-myhostname man page
Remove a number of incorrect links, and explain that "localhost" and
"gateway" are now resolved by it, too.
2015-01-07 17:14:04 +01:00
Chris Atkinson
995084c7b4 man: clarify path escaping and reference systemd-escape
This patch adds more detail to the description of how path escaping
operates and provides a pointer to the systemd-escape program. Either
would serve to answer the question raised in the bug report, so
hopefully this will allow it to be closed.

https://bugs.freedesktop.org/show_bug.cgi?id=87688
2015-01-05 22:49:56 -05:00
Lennart Poettering
a354329f72 core: add new logic for services to store file descriptors in PID 1
With this change it is possible to send file descriptors to PID 1, via
sd_pid_notify_with_fds() which PID 1 will store individually for each
service, and pass via the usual fd passing logic on next invocation.
This is useful for enable daemon reload schemes where daemons serialize
their state to /run, push their fds into PID 1 and terminate, restoring
their state on next start from the data in /run and passed in from PID
1.

The fds are kept by PID 1 as long as no POLLHUP or POLLERR is seen on
them, and the service they belong to are either not dead or failed, or
have a job queued.
2015-01-06 03:16:39 +01:00
Chris Atkinson
a780d4cb1c man: Clarify effect when both calendar day and date are listed in timer
See bug 87859 (https://bugs.freedesktop.org/show_bug.cgi?id=87859). Bug
reporter found the language describing the effect of specifying both a
day and date unclear; hopefully the attached patch will clarify and
allow the bug to be closed.
2015-01-01 09:05:45 -05:00
Veres Lajos
f131770b14 tree-wide: spelling fixes
https://github.com/vlajos/misspell_fixer

b6fdeb618c
Thanks to Torstein Husebo <torstein@huseboe.net>.
2014-12-30 20:07:04 -05:00
Susant Sahani
922d948b9f man: Fix spelling 2014-12-30 22:04:24 +01:00
Lennart Poettering
d7b8eec7dc tmpfiles: add new line type 'v' for creating btrfs subvolumes 2014-12-28 02:08:40 +01:00
Michael Biebl
3715a07180 man: mark hwdb related man pages as conditional
Follow-up fix for commit fe659612e4.
2014-12-26 00:06:52 +01:00
Manuel Mendez
7275929790 man: typo in sd_watchdog_enabled notes
https://bugs.freedesktop.org/show_bug.cgi?id=87642
2014-12-25 11:59:48 -05:00
Zbigniew Jędrzejewski-Szmek
b7a4d8de92 man: add a note why %U,%h,%s are mostly useless
The reasons were already given in the description of %U, but the
are easy to overlook, and it's better to be explicit to avoid
confusion.
2014-12-25 11:13:13 -05:00
Mantas Mikulėnas
321a3f5133 doc: os-release: mention all shell characters that must be escaped
Since the manpage already talks about shell-compatibility, it should be
more accurate about what needs to be escaped and how.
2014-12-25 10:55:42 -05:00
Lennart Poettering
4f44c03eaa busctl: when introspecting objects, optionally limit output by interface name 2014-12-23 22:44:32 +01:00
Lennart Poettering
095dc59660 systemd-run: add --quiet mode to suppress informational message on TTY usage 2014-12-23 03:26:24 +01:00
Lennart Poettering
9b15b7846d run: add a new "-t" mode for invoking a binary on an allocated TTY 2014-12-23 03:26:24 +01:00
Susant Sahani
ce43e48446 networkd: integrate LLDP
This patch integrates LLDP with networkd.

Example conf:
file : lldp.network

[Match]
Name=em1

[Network]
LLDP=yes
2014-12-19 08:02:45 +05:30
Zbigniew Jędrzejewski-Szmek
c853953658 load-fragment: allow quoting in command name and document allowed escapes
The handling of the command name and other arguments is unified. This
simplifies things and should make them more predictable for users.
Incidentally, this makes ExecStart handling match the .desktop file
specification, apart for the requirment for an absolute path.

https://bugs.freedesktop.org/show_bug.cgi?id=86171
2014-12-18 19:26:21 -05:00
Tom Gundersen
65eb4378c3 systemd-hwdb: introduce new tool
This pulls out the hwdb managment from udevadm into an independent tool.

The old code is left in place for backwards compatibility, and easy of
testing, but all documentation is dropped to encourage use of the new
tool instead.
2014-12-18 15:37:27 +01:00
Alin Rauta
b98b483bac networkd: add FDB support 2014-12-18 15:28:16 +01:00
Lennart Poettering
f2cbe59e11 machinectl: add new commands for copying files from/to containers 2014-12-18 01:36:28 +01:00
Lennart Poettering
785890acf6 machinectl: implement "bind" command to create additional bind mounts from host to container during runtime 2014-12-18 01:36:28 +01:00
Lennart Poettering
667993e88e man: fedora 21 has been release, suggest 21 as fedora version in example yum command line 2014-12-12 17:30:25 +01:00
Lennart Poettering
b9ba4dabba nspawn: when booting in ephemeral mode, append random token to machine name
Also, when booting up an ephemeral container of / use the system
hostname as default machine name.

This way specifiyng -M is unnecessary when booting up an ephemeral
container, while allowing any number of ephemeral containers to run from
the same tree.
2014-12-12 17:30:25 +01:00
Lennart Poettering
ec16945ebf nspawn: beef up nspawn with some btrfs magic
This adds --template= to duplicate an OS tree as btrfs snpashot and run
it

This also adds --ephemeral or -x to create a snapshot of an OS tree and
boot that, removing it after exit.
2014-12-12 13:35:32 +01:00
Zbigniew Jędrzejewski-Szmek
2ebcf93670 localectl,man: make it obvious that set-*-keymaps sets both keymaps
https://bugs.freedesktop.org/show_bug.cgi?id=85411
2014-12-11 00:02:54 -05:00
Lennart Poettering
7303ec8f30 networkd: rename section [BridgePort] → [Bridge]
Let's stick to generic sections that describe the general technology,
instead of specific per-object sections, unless we really have a reason
to do that otherwise.
2014-12-10 19:07:48 +01:00
Lennart Poettering
547b25d285 man: improve docs for systemd-modules-load.service 2014-12-10 15:46:22 +01:00
WaLyong Cho
4c213d6cf4 run: introduce timer support option
Support timer options --on-active=, --on-boot=, --on-startup=,
--on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options
corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=,
OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer
respectively. And OnCalendar= and WakeSystem= supported by
--timer-property= option like --property= of systemd-run.

And if --unit= option and timer options are specified the command can
be omitted. In this case, systemd-run assumes the target service is
already loaded. And just try to generate transient timer unit only.
2014-12-09 18:19:40 +01:00
Lennart Poettering
3280236156 sd-bus: get rid of PID starttime concept
As kdbus no longer exports this, remove all traces from sd-bus too
2014-12-09 18:16:54 +01:00
Mantas Mikulėnas
8c12bb073d networkd: update manpage for optional Gateway=
Following commit 59580681f5.
2014-12-08 12:20:11 -05:00
Felipe Sateler
030512b244 man: fix reference to obsolete command "systemctl dump"
https://bugs.freedesktop.org/show_bug.cgi?id=87020
2014-12-05 14:09:39 +01:00
Jan Janssen
baade8cc23 cryptsetup-generator: Add support for naming luks devices on kernel cmdline 2014-12-05 01:29:45 +01:00
Jan Janssen
6cd5b12aa5 cryptsetup-generator: Add support for UUID-specific key files on kernel command line 2014-12-05 01:29:43 +01:00
Jan Janssen
0fa9e53d12 cryptsetup-generator: Split main() into more functions and use hasmaps 2014-12-05 01:27:00 +01:00
Lennart Poettering
deb6120920 man: there's actually no "fail" fstab option, but only "nofail" 2014-12-05 01:09:08 +01:00
Tom Gundersen
c106cc36b9 networkd: add basic [Link] settings to .network files
This allows the default link settings (set in .link files) to be overridden per Network. Only MTU and MACAddress is supported for now.
2014-12-05 00:38:10 +01:00
Maciej Wereski
ebf4e8013b tmpfiles, man: Add xattr support to tmpfiles
This patch makes it possible to set extended attributes on files created
by tmpfiles. This can be especially used to set SMACK security labels on
volatile files and directories.

It is done by adding new line of type "t". Such line should contain
attributes in Argument field, using following format:

name=value

All other fields are ignored.

If value contains spaces, then it must be surrounded by quotation marks.
User can also put quotation mark in value by escaping it with backslash.

Example:
D /var/run/cups - - - -
t /var/run/cups - - - - security.SMACK64=printing
2014-12-04 20:21:45 +01:00
Tom Gundersen
7eb08da4b3 udev: net_setup - allow matching on OriginalName=
This has been requested repeatedly, so let's give it a go. We explicitly do not allow matching
on names that have already been changed (from a previous udev run, or otherwise), and matching
on unpredictable names (ethX) is discouraged (but not currently disallowed).

We also currently allow:

[Match]
Name=veth0

[Link]
Name=my-name0
SomeOtherSetting=true

Which means that the link file will be applied the first time it is invoked, but
not on subsequent invocations, which may be surprising.
2014-12-04 18:53:47 +01:00
Tom Gundersen
9e7e440835 networkd: add support for source routing 2014-12-04 16:02:05 +01:00
Susant Sahani
e1853b00ef networkd: Add bridge port path cost
This patch add support to specify path cost of the
bridge port to be configured via conf file.

Exampe: conf

file: br.netdev

[NetDev]
Name=br-test
Kind=bridge

file: br.network
[Match]
Name=em1

[Network]
Bridge=br-test

[BridgePort]
Cost=332

 bridge link
2: em1 state UP : <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 master
br-test state disabled priority 32 cost 332
2014-12-04 11:13:32 +01:00
Susant Sahani
85a8eeee36 networkd: support vxlan parameters
V3: fix copy paste error
V4: Make manual and config more readable

Add vxlan paramertes to config.
2014-12-04 11:13:32 +01:00
Didier Roche
2a5a41e86b machine-id-commit: add man pages
Add man pages for systemd-machine-id-commit.service and
systemd-machine-id-commit.
2014-12-03 03:41:19 +01:00
Umut Tezduyar Lindskog
f4e9cdbc62 man: BusName= is not optional for Type!=bus
http://lists.freedesktop.org/archives/systemd-devel/2014-November/025492.html
2014-11-30 23:50:19 -05:00
Chris Atkinson
442f7f1553 man: delete ZX as sole compression; "Compress=" as boolean
In man journald.conf, removes reference to XZ as sole form of
compression. See commit d89c8fdf48.

In man coredump.conf, clarifies that "Compression=" controls existence,
not type, of compression.
2014-11-30 23:50:19 -05:00
Zbigniew Jędrzejewski-Szmek
9e37c9544b core: warn and ignore SysVStartPriority=
Option was being parsed but not used for anything.
2014-11-30 19:10:40 -05:00
Ronny Chevalier
6067b34a1f man: document that we set both soft and hard limits for Limit directives
See
http://cgit.freedesktop.org/systemd/systemd/tree/src/core/load-fragment.c#n1100
2014-11-30 20:45:01 +01:00
Ronny Chevalier
536256fc91 man: fix typos 2014-11-30 20:20:59 +01:00
Ronny Chevalier
b8825fff7b man: document equivalence between Limit directives and ulimit
See https://bugs.freedesktop.org/show_bug.cgi?id=80341
2014-11-30 20:17:00 +01:00
Chris Mayo
da80c219d7 man: fix link to systemd-networkd-wait-online.service in systemd-networkd.service(8) 2014-11-30 16:04:27 +01:00
Chris Mayo
18ead1b00d man: add a link to systemd-coredump(8) in Description of coredump.conf(5) 2014-11-30 16:04:27 +01:00
Josh Triplett
be795898c0 timesyncd: Support timesyncd.conf.d directories in the usual search paths 2014-11-29 13:55:32 -05:00
Josh Triplett
f2dacc96b2 resolved: Support resolved.conf.d directories in the usual search paths 2014-11-29 13:55:32 -05:00
Josh Triplett
301af7e485 coredump: Support coredump.conf.d directories in the usual search paths 2014-11-29 13:55:32 -05:00
Josh Triplett
396f9e2b32 bootchart: Support bootchart.conf.d directories in the usual search paths 2014-11-29 13:55:32 -05:00
Josh Triplett
778b6a3f88 systemd-sleep: Support sleep.conf.d directories in the usual search paths 2014-11-29 13:55:31 -05:00
Josh Triplett
a9edaeff84 journald: Support journald.conf.d directories in the usual search paths 2014-11-29 13:55:31 -05:00
Josh Triplett
1b907b5c3b core: Support system.conf.d and user.conf.d directories in the usual search paths 2014-11-29 13:55:31 -05:00
Josh Triplett
d3fae78fe8 man: Factor out a common snippet for .d directories and precedence
Several manpages contain duplicate text describing a standard set of .d
configuration directories, with the usual sorting, precedence,
overrides, and so on.  Factor this common text out using XInclude before
proliferating it even further.
2014-11-29 13:55:31 -05:00
Josh Triplett
02b75c9edd man/logind.conf.xml: Make "man logind.conf.d" work too 2014-11-29 13:55:31 -05:00
Ronny Chevalier
7d4fb3b1c5 systemctl: add edit verb
It helps editing units by either creating a drop-in file, like
/etc/systemd/system/my.service.d/override.conf, or by copying the
original unit from /usr/lib/systemd/ to /etc/systemd/ if the --full
option is specified.

It invokes an editor on temporary files related to the unit files and
if the editor exited successfully, then it renames the temporary files
to their original names (e.g. my.service or override.conf) and
daemon-reload is invoked.

If the temporary file is empty the modification is canceled.

See https://bugzilla.redhat.com/show_bug.cgi?id=906824
2014-11-29 19:28:14 +01:00
Chris Atkinson
507e28d844 man: update description of default extension for isolate 2014-11-29 13:19:46 -05:00
Zbigniew Jędrzejewski-Szmek
f509443af5 man: add systemd-sysv-generator(8)
In principle SysV stuff is only for compatibility, but we are stuck
with it for the forseeable future, so documentation might as well
be provided.

https://bugs.debian.org/771172
2014-11-27 17:22:26 -05:00
Josh Triplett
e846102353 logind: Support logind.conf.d directories in the usual search paths
This makes it possible to drop in logind configuration snippets from a
package or other configuration management mechanism.

Add documentation to the header of /etc/logind.conf pointing the user at
/etc/logind.conf.d/*.conf.

Introduce a new helper, conf_parse_many, to parse configuration files in
a search path.
2014-11-26 19:11:37 -05:00
Zbigniew Jędrzejewski-Szmek
5607d856b8 swap: restore support for nofail
systemd stops adding automatic dependencies on swap.target to swap
units. If a dependency is required, it has to be added by unit
configuration. fstab-generator did that already, except that now it is
modified to create a Requires or Wants type dependency, depending on
whether nofail is specified in /etc/fstab. This makes .swap units
obey the nofail/noauto options more or less the same as .mount units.

Documentation is extended to clarify that, and to make
systemd.mount(5) and system.swap(5) more similar. The gist is not
changed, because current behaviour actually matches existing
documentation.

https://bugs.freedesktop.org/show_bug.cgi?id=86488
2014-11-26 15:17:07 -05:00
Zbigniew Jędrzejewski-Szmek
80877656a5 udevadm trigger: allow matching by device name
This makes udevadm trigger mirror udevadm info, except that multiple
device names can be specified. Instructions in 60-keyboard.hwdb should
now actually work.

udevadm(8) is updated, but it could use a bit more polishing.

https://bugs.freedesktop.org/show_bug.cgi?id=82311
2014-11-25 21:16:47 -05:00
Lennart Poettering
b5dae4c7f7 sd-bus: add suppot for renegotiating message credential attach flags 2014-11-26 02:20:55 +01:00
Lennart Poettering
2e9efd22ce busctl: if no parameter is specified for "busctl status" show credentials of bus owner 2014-11-25 14:28:34 +01:00
Lennart Poettering
40ed1a4574 busctl: add new --augment-creds= switch for controlling whether shown credential data shall be augment with data from /proc 2014-11-25 14:28:34 +01:00
WaLyong Cho
2ca620c4ed smack: introduce new SmackProcessLabel option
In service file, if the file has some of special SMACK label in
ExecStart= and systemd has no permission for the special SMACK label
then permission error will occurred. To resolve this, systemd should
be able to set its SMACK label to something accessible of ExecStart=.
So introduce new SmackProcessLabel. If label is specified with
SmackProcessLabel= then the child systemd will set its label to
that. To successfully execute the ExecStart=, accessible label should
be specified with SmackProcessLabel=.
Additionally, by SMACK policy, if the file in ExecStart= has no
SMACK64EXEC then the executed process will have given label by
SmackProcessLabel=. But if the file has SMACK64EXEC then the
SMACK64EXEC label will be overridden.

[zj: reword man page]
2014-11-24 10:20:53 -05:00
Zbigniew Jędrzejewski-Szmek
f6375e8376 man: reword list-dependencies description
The previous version was a bit too vague. It is better
to simply list all dependency types that are followed.

Previous version also made an emphasis on dependencies introduced by
configuration.  But this command (or systemd) don't care about this
distinction between configured and automatically added dependencies at
all. This distinctionis removed from the main description, and an
explanatory paragraph is added to remind the user that all
dependencies are shown, no matter where they come from.
2014-11-23 11:07:30 -05:00
Chris Atkinson
6e3157c5e6 man/logind.conf.xml: make consistent with default logind.conf
https://bugs.freedesktop.org/show_bug.cgi?id=86263
2014-11-22 19:52:30 -05:00
Lennart Poettering
43dbecd5a3 man: don't mix 2ch and 8ch indentation in busctl.xml 2014-11-21 20:46:01 +01:00
Lennart Poettering
3802a3d3d7 man: add emacs header to get correct indention in nxml-mode for the manpage XML files that use 2ch indenting
In the long run we really should figure out if we want to stick with 8ch
or 2ch indenting, and not continue with half-and-half. For now, just
make emacs aware of the files that use 2ch indenting.
2014-11-21 20:44:48 +01:00
Lennart Poettering
a44b10818a busctl: add --timeout= option to specify method call timeout 2014-11-21 20:31:50 +01:00
Lennart Poettering
3805157836 busctl: add options to control message header flags when invoking methods 2014-11-21 20:13:26 +01:00
Martin Pitt
574edc9006 nspawn: Add try-{host,guest} journal link modes
--link-journal={host,guest} fail if the host does not have persistent
journalling enabled and /var/log/journal/ does not exist. Even worse, as there
is no stdout/err any more, there is no error message to point that out.

Introduce two new modes "try-host" and "try-guest" which don't fail in this
case, and instead just silently skip the guest journal setup.

Change -j to mean "try-guest" instead of "guest", and fix the wrong --help
output for it (it said "host" before).

Change systemd-nspawn@.service.in to use "try-guest" so that this unit works
with both persistent and non-persistent journals on the host without failing.

https://bugs.debian.org/770275
2014-11-21 14:27:26 +01:00
Lennart Poettering
1fc5560911 busctl: show property values in "introspect" output, add "set-property" command, and support both a terse and a verbose output format 2014-11-21 00:32:02 +01:00
Lennart Poettering
0171da06ef busctl: add new "introspect" verb for introspecting objects 2014-11-20 00:01:05 +01:00
Lennart Poettering
d55192add7 busctl: introduce busctl "get-property" command for reading and dumping object properties 2014-11-14 17:52:40 +01:00
Lennart Poettering
86349ffe49 man: various tweaks for busctl(1) man page 2014-11-14 13:18:51 +01:00
Lennart Poettering
781fa93815 busctl: add new "call" command to invoke methods on a service 2014-11-14 13:18:51 +01:00
Lennart Poettering
34b950a8d8 man: hostnamectl understands -M too 2014-11-14 13:18:51 +01:00
Kay Sievers
25e773eeb4 udev: switch to systemd logging functions 2014-11-13 13:12:57 +01:00
Lennart Poettering
174299e35f man: fix typo 2014-11-12 23:46:47 +01:00
Lennart Poettering
39f76ad8d6 man: improve documentation for "indirect" unit file state a bit
Also, correct mentions of "units" instead of "unit files" in the table,
and terminate all sentences with a full stop.
2014-11-10 20:16:16 +01:00
Jan Synacek
aedd4012f4 shared/install: when unit contains only Also=, report 'indirect'
If a unit contains only Also=, with no Alias= or WantedBy=, it shouldn't
be reported as static. New 'indirect' status shall be introduced.

https://bugzilla.redhat.com/show_bug.cgi?id=864298
2014-11-10 19:58:21 +01:00
Lennart Poettering
d9130355ee busctl: add "tree" command to explore object trees 2014-11-10 19:25:29 +01:00
Michal Schmidt
ed80170d83 man: don't refer to undocumented option '--failed' 2014-11-10 14:54:57 +01:00
Lennart Poettering
036359ba8d man: don't document systemctl --failed
This effectively reverts 599b6322f1, which
in turn partially reverted 4dc5b821ae.

The --failed switch is not documented on purpose, since it is redundant
due to --state=failed, which it predates. Due to that it's not
documented in --help either.

We generally try to avoid redundant interfaces, but if we need to keep
them for compatibility we do so, however remove them from documentation
to ensure they are not used in future.

The man page is now changed to include a comment about the fact that
--failed is not documented on purpose. Also, explicitly mention
--state=failed as example for --state.
2014-11-10 14:44:35 +01:00
Zbigniew Jędrzejewski-Szmek
599b6322f1 man: document --failed
https://bugs.debian.org/767267
2014-11-07 21:37:50 -05:00
Zbigniew Jędrzejewski-Szmek
d82ad85cd9 man: update bootup(7) for asynchronous timers.target 2014-11-06 21:40:52 -05:00
Lennart Poettering
81c7dd897c s/command-line/command line/g
A follow-up to:

commit 3f85ef0f05
Author: Harald Hoyer <harald@redhat.com>
Date:   Thu Nov 6 15:33:48 2014 +0100

    s/commandline/command line/g
2014-11-06 20:06:30 +01:00
Harald Hoyer
3f85ef0f05 s/commandline/command line/g 2014-11-06 15:34:18 +01:00
Lennart Poettering
25fa306ed5 hostnamed: introduce new "embedded" chassis type
We really don't want to get lost in adding fridge, car, plane, drone, or
whatever else, hence add a generic term "embedded" cover all the cases
where the computer is just part of something bigger, and not at the
focus of things.
2014-11-06 14:37:12 +01:00
Lennart Poettering
c073a0c4a5 man: document that we don't document .include on purpose
<!-- xml comments are useful! -->
2014-11-06 14:21:11 +01:00
Lennart Poettering
90a2ec10f2 man: don't document ConditionNull=/AssertNull= as the are not particularly useful and simply confusing 2014-11-06 14:21:11 +01:00
Lennart Poettering
59fccdc587 core: introduce the concept of AssertXYZ= similar to ConditionXYZ=, but fatal for a start job if not met 2014-11-06 14:21:11 +01:00
Lennart Poettering
a931ad47a8 core: introduce new Delegate=yes/no property controlling creation of cgroup subhierarchies
For priviliged units this resource control property ensures that the
processes have all controllers systemd manages enabled.

For unpriviliged services (those with User= set) this ensures that
access rights to the service cgroup is granted to the user in question,
to create further subgroups. Note that this only applies to the
name=systemd hierarchy though, as access to other controllers is not
safe for unpriviliged processes.

Delegate=yes should be set for container scopes where a systemd instance
inside the container shall manage the hierarchies below its own cgroup
and have access to all controllers.

Delegate=yes should also be set for user@.service, so that systemd
--user can run, controlling its own cgroup tree.

This commit changes machined, systemd-nspawn@.service and user@.service
to set this boolean, in order to ensure that container management will
just work, and the user systemd instance can run fine.
2014-11-05 18:49:14 +01:00
Jan Synacek
ff8d1aba53 man/tmpfiles.d: fix typo 2014-11-04 20:00:31 +01:00
Lennart Poettering
dbd2a83fbf journalctl: add new --vacuum-size= and --vacuum-time= commands to clean up journal files based on a size/time limit
This is equivalent to the effect of SystemMaxUse= and RetentionSec=,
however can be invoked directly instead of implicitly.
2014-11-03 23:08:33 +01:00
Lennart Poettering
a6e841b454 man: document audit input for journald 2014-11-03 22:02:23 +01:00
Lennart Poettering
cfb1f5df7c core: introduce ConditionSecurity=audit
And conditionalize journald audit support with it
2014-11-03 21:51:28 +01:00
Tom Gundersen
f49481d0ca man: sd_event_add_post - fix typo 2014-11-03 15:58:30 +01:00
Tom Gundersen
aa9c4134ed man: glib-event-glue.c - remove unnecessary includes
This is just an example, so no error-handling is done here anyway.
2014-11-03 14:46:28 +01:00
Umut Tezduyar Lindskog
2a97b03b3b man: explain journalctl --flush correctly 2014-11-01 14:39:48 -04:00
Zbigniew Jędrzejewski-Szmek
e03234a160 man: describe all log levels in udevadm(8)
https://bugs.freedesktop.org/show_bug.cgi?id=85657
2014-11-01 14:39:47 -04:00
Zbigniew Jędrzejewski-Szmek
f47ad59316 Use log "level" instead of "priority"
The term "priority" is misleading because higher levels have lower
priority. "Level" is clearer and shorter.

This commit touches only the textual descriptions, not function and variable
names themselves. "Priority" is used in various command-line switches and
protocol constants, so completly getting rid of "priority" is hard.

I also left "priority" in various places where the clarity suffered
when it was removed.
2014-11-01 14:39:47 -04:00
Lennart Poettering
1f70b0876a busctl: add new "capture" verb to record bus messages in libpcap compatible files, for dissection with wireshark 2014-10-30 01:13:54 +01:00
Umut Tezduyar Lindskog
db2cb23b5b core: send sigabrt on watchdog timeout to get the stacktrace
if sigabrt doesn't do the job, follow regular shutdown
routine, sigterm > sigkill.
2014-10-28 17:37:39 +01:00
Lennart Poettering
1fdfa094dd man: minor corrections on how the overall system states are actually defined 2014-10-28 14:38:47 +01:00
Lennart Poettering
47cb901e38 swap: replace Discard= setting by a more generic Options= setting
For now, it's systemd itself that parses the options string, but as soon
as util-linux' swapon can take the option string directly with -o we
should pass it on unmodified.
2014-10-28 14:31:25 +01:00
Martin Pitt
33488f1979 udev hwdb: Support shipping pre-compiled database in system images
In some cases it is preferable to ship system images with a pre-generated
binary hwdb database, to avoid having to build it at runtime, avoid shipping
the source hwdb files, or avoid storing large binary files in /etc.

So if hwdb.bin does not exist in /etc/udev/, fall back to looking for it in
UDEVLIBEXECDIR. This keeps the possibility to add files to /etc/udev/hwdb.d/
and re-generating the database which trumps the one in /usr/lib.

Add a new --usr flag to "udevadm hwdb --update" which puts the database
into UDEVLIBEXECDIR.

Adjust systemd-udev-hwdb-update.service to not generate the file in /etc if we
already have it in /usr.
2014-10-28 14:28:18 +01:00
Lennart Poettering
d1b6f12e07 man: document that $XDG_SESSION_DESKTOP only takes a single item, not a list, unlike $XDG_CURRENT_DESKTOP 2014-10-28 12:32:25 +01:00
Zbigniew Jędrzejewski-Szmek
2de51fdc52 man: add table of manager states 2014-10-27 22:35:08 -04:00
Lennart Poettering
f189ab18de job: optionally, when a job timeout is hit, also execute a failure action 2014-10-28 02:19:55 +01:00
Lennart Poettering
fa1b91632c core: remove system start timeout logic again
The system start timeout as previously implemented would get confused by
long-running services that are included in the initial system startup
transaction for example by being cron-job-like long-running services
triggered immediately at boot. Such long-running jobs would be subject
to the default 15min timeout, esily triggering it.

Hence, remove this again. In a subsequent commit, introduce per-target
job timeouts instead, that allow us to control these timeouts more
finegrained.
2014-10-28 01:42:13 +01:00
Lennart Poettering
dbfd41e2df calendarspec: parse 'quarterly' and 'semi-annually' as shortcuts 2014-10-27 18:09:26 +01:00
Tom Gundersen
1dfcee5985 man: tmpfiles.d - recommend using b! and c!
We should avoid creating static device nodes at runtime.
2014-10-27 17:40:24 +01:00
Lennart Poettering
e0104622b3 man: document what "minutely" now means 2014-10-27 13:54:19 +01:00
Ivan Shapovalov
281a92f80c man: fix typos in description of SELinuxContextFromNet= 2014-10-27 11:42:33 +01:00
Klaus Purer
820c095831 man: remove another gendered pronoun 2014-10-24 13:32:16 +02:00
Lennart Poettering
5aaeda04a2 man: fix minor typo 2014-10-24 12:30:43 +02:00
Lennart Poettering
4a9dfff9bd man: add a link to the XDG basedir spec from the pam_sytemd man page 2014-10-24 12:07:05 +02:00
Lennart Poettering
c1405e4f31 man: avoid gendered singular pronouns
Using "their" as pronoun in these places is confusing since it is more
associated with plural rather than singular, and the sentence already
contains a plural. The word "her/his" apparently offends some people,
hence let's avoid the problem altogether and just name the noun again.
2014-10-24 12:02:44 +02:00
Lennart Poettering
08cb4bdd70 man: minor addition to coredumpctl example 2014-10-24 02:22:57 +02:00
Lennart Poettering
989fc2c61c man: in pam_systemd, it must be "his" (or "her"), not their 2014-10-24 01:14:38 +02:00
Daniel Mack
af951ff5e9 man: pam_systemd: some typos fixed, some info added
Just some minor nits that I stumbled over when reading the man page.
2014-10-23 19:18:54 +02:00
Zbigniew Jędrzejewski-Szmek
99a1ab10b0 man: add example how to generate certificates with openssl 2014-10-23 00:43:49 -04:00
Zbigniew Jędrzejewski-Szmek
a9becdd65b sd-daemon,man: ignore missing $WATCHDOG_PID
Systemd 209 started setting $WATCHDOG_PID, and sd-daemon watch was
modified to check for this variable. This means that
sd_watchdog_enabled() stopped working with previous versions of
systemd. But sd-event is a public library and API and we must keep it
working even when a program compiled with a newer version of the
libary is used on a system running an older version of the manager.

getenv() and unsetenv() are fairly expensive calls, so optimize
sd_watchdog_enabled() by not calling them when unnecessary.

man: centralize the description of $WATCHDOG_PID and $WATCHDOG_USEC in
the sd_watchdog_enabled manpage. It is better not to repeat the same
stuff in two places.
2014-10-23 00:17:18 -04:00
Zbigniew Jędrzejewski-Szmek
203af57fcd man: make udev.event-timeout more visible
Evidently some people had trouble finding it in the documentation.
2014-10-23 00:12:50 -04:00
Lennart Poettering
74055aa762 journalctl: add new --flush command and make use of it in systemd-journal-flush.service
This new command will ask the journal daemon to flush all log data
stored in /run to /var, and wait for it to complete. This is useful, so
that in case of Storage=persistent we can order systemd-tmpfiles-setup
afterwards, to ensure any possibly newly created directory in /var/log
gets proper access mode and owners.
2014-10-23 00:39:42 +02:00
Daniel Mack
056f95d0a7 sd-bus: rename sd_bus_get_owner_uid(), sd_bus_get_owner_machine_id() and sd_bus_get_peer_creds()
Clean up the function namespace by renaming the following:

  sd_bus_get_owner_uid()        → sd_bus_get_name_creds_uid()
  sd_bus_get_owner_machine_id() → sd_bus_get_name_machine_id()
  sd_bus_get_peer_creds()       → sd_bus_get_owner_creds()
2014-10-22 19:45:07 +02:00
Ronny Chevalier
bb604b2f42 man: add examples for coredumpctl
Add examples to clarify how to use coredumpctl

See https://bugs.freedesktop.org/show_bug.cgi?id=83437
2014-10-21 01:16:17 +02:00
Ronny Chevalier
c45827d6e7 man: fix project reference for archlinux 2014-10-21 01:11:50 +02:00
Ronny Chevalier
d4873485cf man: add missing commas 2014-10-21 01:11:46 +02:00
Lennart Poettering
0b3b83e59b man: move one more nspawn example into a proper <example> section 2014-10-21 01:11:14 +02:00
Ronny Chevalier
1db8c66f2e man: use <example> instead of multiple <refsect1> for examples 2014-10-21 01:09:17 +02:00
Lennart Poettering
388ce34425 man: try to reword explanation of Sockets= a bit 2014-10-20 21:06:14 +02:00
Jan Synacek
cd4c6fb125 man: fix localectl set-x11-keymap syntax description 2014-10-20 19:23:13 +02:00
Lennart Poettering
5c20a8bca1 man: document sd_bus_creds_get_connection_name() 2014-10-20 19:23:13 +02:00
Lennart Poettering
b7ea3f3ed6 man: suffix C functions with () 2014-10-20 19:23:13 +02:00
Lennart Poettering
5c8da64734 man: document sd_machine_get_class() and sd_machine_get_ifindices() 2014-10-20 19:23:13 +02:00
David Strauss
80d3d25d09 man: fix copy/paste error in CPUQuota= section of resource-control 2014-10-15 16:50:44 +02:00
Jan Synacek
97426dcfca man: fix typos 2014-10-15 12:24:33 +02:00
Lukas Nykryn
3e883473a0 man: we don't have 'Wanted' dependency 2014-10-15 09:29:02 +02:00
Zbigniew Jędrzejewski-Szmek
654c2d478f man: join tables in systemd-detect-virt(1)
I think it is more readable and nicer if everything is in
one table.

Also, describe what the return value, since it seems awkward to
describe the change in behaviour with --quiet before describing
what the default is.
2014-10-12 18:28:07 -04:00
Tobias Hunger
9f103625b1 fstab-generator: Honor mount.usr*= on kernel command line
This allows to configure boot loader entries for systems where the
root and usr filesystems are in different subvolumes (or even on
different drives).
2014-10-10 12:57:19 +02:00
Lennart Poettering
e737ef153c man: reference table in systemd-detect-virt(1) from ConditionVirtualization= documentation 2014-10-10 12:37:21 +02:00
Lennart Poettering
26d32dc5ee man: include zVM in systemd-detect-virt list 2014-10-10 12:36:57 +02:00
Lennart Poettering
a9d9ad1fa7 man: rework VM/container identifier list into a table, and include descriptions for all entries
(also remove chroot from the list, we don't detect that anymore)
2014-10-10 12:29:08 +02:00
Rahul Sundaram
b3a2a7ceb7 man: clarify what "microsoft" and "oracle" stand for
https://bugzilla.redhat.com/show_bug.cgi?id=1150477
2014-10-09 23:16:53 -04:00
Lennart Poettering
f280bcfb21 man: document the new "rescue" kernel command line option 2014-10-09 18:27:36 +02:00
Lennart Poettering
2134b5ef6b man: SyslogIdentifier= has an effect on journal logging too 2014-10-09 11:37:01 +02:00
Jan Synacek
751ea8deaf man/systemctl: document enable on masked units 2014-10-08 19:29:13 -04:00
Rahul Sundaram
5a94946cdf note on relative symlink in os-release 2014-10-08 08:30:22 -04:00
Lukas Nykryn
e94937df95 systemctl: add add-wants and add-requires verbs 2014-10-08 12:44:00 +02:00
Zbigniew Jędrzejewski-Szmek
1e98337f26 man: mention docker as type of virtualization 2014-10-07 21:54:22 -04:00
Zbigniew Jędrzejewski-Szmek
1b600437ba /proc/sys prefixes are not necessary for sysctl anymore 2014-10-07 09:19:51 -04:00
Zbigniew Jędrzejewski-Szmek
5d9a2698e7 man: document stripping of quotes 2014-10-07 09:19:41 -04:00
Zbigniew Jędrzejewski-Szmek
30d88d54f6 man: move commandline parsing to a separate section
It is very long already, and obscures the description of
ExecStart, and it is about to get longer.
2014-10-07 09:19:24 -04:00
David Sommerseth
64845bdc82 ask-password: Add --echo to enable echoing the user input
Programs such as OpenVPN may use ask-password for not only retrieving
passwords, but also usernames.  Masking usernames with * seems just silly.

 v2 - Don't mess with termios flags, instead print the input
      instead of an asterix.  Resolves issues with backspace
      and TAB input.

 v3 - Renamed 'do_echo' variables and argument to 'echo'.  Also
      modified the ask_password_{tty,agent,auto} API instead of
      additional wrapper functions.

[zj: undo changes to ask_password_auto, since no callers were using
     the new argument.]
2014-10-05 15:29:41 -04:00
Zbigniew Jędrzejewski-Szmek
e060073a8f man: say that SecureBits= are space separated 2014-10-03 21:06:52 -04:00
Zbigniew Jędrzejewski-Szmek
610158048a man: use more markup in daemon(7) 2014-10-03 20:42:09 -04:00
Tom Gundersen
7889087d6e man: fix sd_event_set_name compilation 2014-10-03 08:43:53 +02:00
Tom Gundersen
c3b128736d glib-event-glue: remove some unnecessary lines
Not needed in an example. Should still shorten the license, but should make sure it is still complete so people can copy-paste without problems.
2014-10-03 08:43:34 +02:00
Zbigniew Jędrzejewski-Szmek
043f62949e man: add sd_event_set_name(3) 2014-10-02 21:14:26 -04:00
Zbigniew Jędrzejewski-Szmek
ba4b35669e man: add sd_event_get_fd(3)
Example from Tom Gundersen is included using xi:include.
The copyright notice stands out a bit. Maybe it should be removed,
and the code placed in public domain.
2014-10-02 20:49:55 -04:00
Zbigniew Jędrzejewski-Szmek
aa08982d62 Fix order and document user unit dirs
Fixup for 718880ba0d 'add a transient user unit directory'.
2014-10-02 11:11:31 -04:00
Jan Synacek
9fd290443f journalctl: add --utc option
Introduce option to display time in UTC.
2014-10-02 14:52:32 +02:00
Torstein Husebø
4cf07da260 Correct a few typos 2014-10-02 11:46:23 +02:00
Jan Synacek
86b23b07c9 swap: introduce Discard property
Process possible "discard" values from /etc/fstab.
2014-09-29 11:08:12 -04:00
Emil Renner Berthing
37161c5148 make utmp/wtmp support configurable
This adds --disable-utmp option to configure. If it is used, all
utmp-related functionality, including querying runlevel support,
is removed.
2014-09-26 07:48:35 -04:00
Zbigniew Jędrzejewski-Szmek
8474b70c3a man: use <constant> markup for errno value
We were inconsistent, but marking them up as constants makes more
sense then as variables.
2014-09-25 18:19:03 -04:00
Zbigniew Jędrzejewski-Szmek
4dfefc1914 man: document sd_event_add_{defer,post,exit} 2014-09-25 18:19:03 -04:00
Zbigniew Jędrzejewski-Szmek
edf2573743 man: add sd_event_add_child(3) 2014-09-25 18:19:03 -04:00
Zbigniew Jędrzejewski-Szmek
3144ebcad3 man: add sd_event_add_signal(3) 2014-09-25 18:19:03 -04:00
Zbigniew Jędrzejewski-Szmek
bfe6c07e1b man/sd_event_new: tweaks 2014-09-25 18:19:03 -04:00
Daniel Buch
d6bc8348d5 readahead: wipe out readahead 2014-09-25 16:39:18 +02:00
Zbigniew Jędrzejewski-Szmek
9c77924c29 man: fix typo and add link 2014-09-22 09:13:38 -04:00
David Herrmann
c72d5456e2 login: add public sd_session_get_desktop() API
The desktop brand is stored as DESKTOP variable for sessions. It can be
set arbitrarily by the session owner and identifies the desktop
environment that is running on that session.
2014-09-22 14:27:02 +02:00
Michal Sekletar
16115b0a7b socket: introduce SELinuxContextFromNet option
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.

Implementation of label_get_child_mls_label derived from xinetd.

Reviewed-by: Paul Moore <pmoore@redhat.com>
2014-09-19 12:32:06 +02:00
Michael Marineau
fb7661a602 man: use the escape for "-" in example instead of space.
This sentence can be misread to mean that "\x20" is the escape code for
"-" which is the only character explicitly mentioned. This lead to at
least one user loosing hair over why a mount unit for "/foo/bar-baz"
didn't work. The example escape is arbitrary so lets prevent hair loss.
2014-09-18 15:38:00 +02:00
Thomas Hindoe Paaboel Andersen
f70ca25ae0 man: sd_bus_error typo fix 2014-09-15 23:17:57 +02:00
David Herrmann
8e3ba3772c udev: allow removing tags via TAG-="foobar"
This extends the udev parser to support OP_REMOVE (-=) and adds support
for TAG-= to remove previously set tags. We don't fail if the tag didn't
exist.

This is pretty handy if we ship default rules for seat-assignments and
users want to exclude specific devices from that. They can easily add
rules that drop any automatically added "seat" tags again.
2014-09-11 15:22:16 +02:00
Angus Gibson
84b5b79a8f networkd: allow specification of DHCP route metric
This lets the routing metric for links to be specified per-network,
still defaulting to DHCP_ROUTE_METRIC (1024) if unspecified. Hopefully
this helps with multiple interfaces configured via DHCP.
2014-09-08 15:09:08 +02:00
Daniel Mack
5019962312 bus: parse BusPolicy directive in service files
Add a new directive called BusPolicy to define custom endpoint policies. If
one such directive is given, an endpoint object in the service's ExecContext is
created and the given policy is added to it.
2014-09-08 14:12:54 +02:00
Michael Biebl
67826132ad man: fix references to systemctl man page which is now in section 1
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760613
2014-09-06 13:45:18 +02:00
Lennart Poettering
a4390b6be8 man: make it more clear that the concepts systemctl(1) manage are introduced in systemd(1)
Based on a suggestion of Ken Coar.
2014-09-04 21:42:52 +02:00
Zbigniew Jędrzejewski-Szmek
7a465961c1 man: fix typo 2014-09-03 22:56:02 -04:00
Lennart Poettering
2915a7bdc5 man: two fixes, reported on irc by 'wget' 2014-09-03 19:31:22 +02:00
Zbigniew Jędrzejewski-Szmek
a7a0912a36 man: fix file extension in udev rules example
https://bugzilla.redhat.com/show_bug.cgi?id=634736
2014-09-02 19:37:04 -04:00
Jan Janssen
4838248766 journalctl: Allow to disable line cap with --lines=all 2014-08-31 09:18:44 -04:00
Ruben Kerkhof
06b643e7f5 Fix a few more typos 2014-08-30 13:46:07 -04:00
Marius Tessmann
c32e70aa8e systemd-firstboot: fix typo in man page 2014-08-28 18:06:02 -04:00
Tom Gundersen
c609cb9898 man: add sample glib/sd-event integration
This should be moved to man pages, but for now the C code is included directly.

Suggested by Zbyszek.
2014-08-27 19:04:29 +02:00
Andrei Borzenkov
bf2e0ece85 Document "...|..." udev match syntax 2014-08-27 01:00:56 -04:00
Zbigniew Jędrzejewski-Szmek
36f5ace2db man: reword sd-hibernate-resume description and add link
"each device" was suggesting that this service might be instantiated
multiple times. "hibernation resume" was too jargon-y.
2014-08-26 21:14:11 -04:00
Ivan Shapovalov
d2c68822c4 hibernate-resume-generator: add a generator for instantiating the resume unit.
hibernate-resume-generator understands resume= kernel command line parameter
and instantiates the systemd-resume@.service accordingly if it is passed.

This enables resume from hibernation using device specified on the kernel
command line, and it may be specified either as "/dev/disk/by-foo/bar"
or "FOO=bar", not only "/dev/sdXY" which is understood by the in-kernel
implementation.

So now resume= is brought on par with root= in terms of possible ways to
specify a device.
2014-08-26 22:19:56 +02:00
Ivan Shapovalov
42483a7474 hibernate-resume: add a tool to write a device node's major:minor to /sys/power/resume.
This can be used to initiate a resume from hibernation by path to a swap
device containing the hibernation image.

The respective templated unit is also added. It is instantiated using
path to the desired resume device.
2014-08-26 22:19:54 +02:00
Ben Wolsieffer
3c56cab441 logind: add HandleLidSwitchDocked= option to logind.conf + documentation
https://bugs.freedesktop.org/show_bug.cgi?id=82485
2014-08-26 22:08:02 +02:00
Lennart Poettering
f07756bfe2 core: introduce "poweroff" as new failure action types
Also, change the default action on a system start-up timeout to powering off.
2014-08-22 18:10:31 +02:00
Lennart Poettering
2928b0a863 core: add support for a configurable system-wide start-up timeout
When this system-wide start-up timeout is hit we execute one of the
failure actions already implemented for services that fail.

This should not only be useful on embedded devices, but also on laptops
which have the power-button reachable when the lid is closed. This
devices, when in a backpack might get powered on by accident due to the
easily reachable power button. We want to make sure that the system
turns itself off if it starts up due this after a while.

When the system manages to fully start-up logind will suspend the
machine by default if the lid is closed. However, in some cases we don't
even get as far as logind, and the boot hangs much earlier, for example
because we ask for a LUKS password that nobody ever enters.

Yeah, this is a real-life problem on my Yoga 13, which has one of those
easily accessible power buttons, even if the device is closed.
2014-08-22 18:10:31 +02:00
Lennart Poettering
96fb8242cc service: allow services of Type=oneshot that specify no ExecStart= commands
This is useful for services that simply want to run something on
shutdown, but not at bootup. They should only set ExecStop= but leave
ExecStart= unset.
2014-08-21 18:50:42 +02:00
Lennart Poettering
308d72dc1e core: allow informing systemd about service status changes with RELOADING=1 and STOPPING=1 sd_notify() messages 2014-08-21 17:24:21 +02:00
Harald Hoyer
730836403a journalctl: add "-t --identifier=STRING" option
This turns journalctl to the counterpart of systemd-cat.
Messages sent with

systemd-cat --identifier foo --prioritiy debug

can now be shown with

journalctl --identifier foo --prioritiy debug

"--identifier" is not merged with "--unit" to make a clear
distinction between syslog and systemd units.
syslog identifiers can be chosen freely by anyone.
2014-08-21 14:16:29 +02:00
Ronny Chevalier
0566ef68b8 man: fix typos 2014-08-20 00:00:16 +02:00
Lennart Poettering
3cd761e4df socket: suffix newly added TCP sockopt time properties with "Sec"
This is what we have done so far for all other time values, and hence we
should do this here. This indicates the default unit of time values
specified here, if they don't contain a unit.
2014-08-19 21:58:48 +02:00
Lennart Poettering
3bb07b7680 Revert "socket: introduce SELinuxLabelViaNet option"
This reverts commit cf8bd44339.

Needs more discussion on the mailing list.
2014-08-19 19:16:08 +02:00
Lennart Poettering
8530dc4467 tmpfiles: add new 'r' line type to add UIDs/GIDs to the pool to allocate UIDs/GIDs from
This way we can guarantee a limited amount of compatibility with
login.defs, by generate an appopriate "r" line out of it, on package
installation.
2014-08-19 19:06:39 +02:00
Michal Sekletar
cf8bd44339 socket: introduce SELinuxLabelViaNet option
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.

Implementation of label_get_child_label derived from xinetd.

Reviewed-by: Paul Moore <pmoore@redhat.com>
2014-08-19 18:57:12 +02:00
Lennart Poettering
7629889c86 sysusers: add another column to sysusers files for the home directory 2014-08-19 16:47:52 +02:00
Lennart Poettering
dfc87cbfe5 sysusers: optionally, read sysuers configuration from standard input 2014-08-19 02:14:32 +02:00
Ronny Chevalier
8257df2767 man: fix typo 2014-08-18 21:02:07 +02:00
Lennart Poettering
a1d4404f9a man: mention that "units" are commonly system services
Also, provide an example for -u.
2014-08-18 19:08:03 +02:00
Ronny Chevalier
c16d01af57 man: fix typo 2014-08-18 18:29:27 +02:00
Tom Gundersen
e0fbf1fcff networkd: warn when ignoring unsupported tuntap options
The interface for creating tuntap devices should be ported to rtnl so it would support the same settings
as other kinds. In the meantime, the best one can do is to drop in a .link file to set the desired options.
2014-08-18 18:11:42 +02:00
Daniel Mack
fac9c0d508 memfd: internalize functions, drop sd_memfd type
Remove the sd_ prefix from internal functions and get rid of the sd_memfd
type. As a memfd is now just a native file descriptor, we can get rid of our
own wrapper type, and also use close() and dup() on them directly.
2014-08-18 13:32:08 +02:00
Tom Gundersen
6192b846ca networkd: add support for Domains= to .network files
This allows the search/routing domanis to be specified per link/network and be passed
on to resolved.
2014-08-15 15:15:24 +02:00
Tom Gundersen
ad0734e890 networkd: rename UseDomainName to UseDomains
This option will also apply to the search domains, so make it plural.
2014-08-15 12:53:34 +02:00
Lennart Poettering
d0a3fb7556 man: drop references to removed and obsolete 'systemctl load' command 2014-08-15 03:10:20 +02:00
Susant Sahani
cc567c9bea socket: Add support for TCP defer accept
TCP_DEFER_ACCEPT Allow a listener to be awakened only when data
arrives on the socket. If TCP_DEFER_ACCEPT set on a server-side
listening socket, the TCP/IP stack will not to wait for the final
ACK packet and not to initiate the process until the first packet
of real data has arrived. After sending the SYN/ACK, the server will
then wait for a data packet from a client. Now, only three packets
will be sent over the network, and the connection establishment delay
will be significantly reduced.
2014-08-14 19:55:44 -04:00
Susant Sahani
209e9dcd7b socket: Add Support for TCP keep alive variables
The tcp keep alive variables now can be configured via conf
parameter. Follwing variables are now supported by this patch.

tcp_keepalive_intvl: The number of seconds between TCP keep-alive probes

tcp_keepalive_probes: The maximum number of TCP keep-alive probes to
send before giving up and killing the connection if no response is
obtained from the other end.

tcp_keepalive_time: The number of seconds a connection needs to be
idle before TCP begins sending out keep-alive probes.
2014-08-14 19:48:57 -04:00
Tom Gundersen
1bd27a45d0 networkd: don't respect domainname from DHCP by default
Most routers will send garbage, so make this opt-in only.
2014-08-15 01:08:46 +02:00
Lennart Poettering
4d8ddba9d7 Revert "socket: add support for TCP fast Open"
This reverts commit 9528592ff8.

Apparently TFO is actually the default at least for the server side now.

Also the setsockopt doesn't actually take a bool, but a qlen integer.
2014-08-14 16:36:32 +02:00
Susant Sahani
9528592ff8 socket: add support for TCP fast Open
TCP Fast Open (TFO) speeds up the opening of successiveTCP)
connections between two endpoints.It works by using a TFO cookie
in the initial SYN packet to authenticate a previously connected
client. It starts sending data to the client before the receipt
of the final ACK packet of the three way handshake is received,
skipping a round trip and lowering the latency in the start of
transmission of data.
2014-08-14 13:14:39 +02:00
Susant Sahani
4427c3f43a socket: add support for tcp nagle
This patch adds support for TCP TCP_NODELAY socket option. This can be
configured via NoDelay conf parameter. TCP Nagle's algorithm works by
combining a number of small outgoing messages, and sending them all at
once.  This controls the TCP_NODELAY socket option.
2014-08-14 03:15:59 +02:00
Tobias Geerinckx-Rice
19f8d03783 timer: order OnCalendar units after timer-sync.target if DefaultDependencies=no
Avoids triggering timers prematurely on systems with significantly inaccurate
clocks, or some embedded platforms that lack one entirely.
2014-08-14 01:49:40 +02:00
Tom Gundersen
ccf1c0299f networkd: disable ipv4ll default routes by default
This causes machines without connectivity to hang where they would otherwise fail. Keep it
opt-in for now, but consider whether we sholud just drop it.
2014-08-12 20:50:13 +02:00
Lennart Poettering
7964ca4347 man: minimal updates to resolved.conf man page 2014-08-12 19:49:15 +02:00
Lennart Poettering
874ff7bf4d timesyncd: beef up NTP server selection logic, and acquire NTP servers from DHCP 2014-08-12 19:48:24 +02:00
Lennart Poettering
ee0e998e1c man: drop any reference to "syslog" as log target 2014-08-11 20:14:27 +02:00
Lennart Poettering
79c1afc67f man: improve documentation for StandardOutput= and StandardInput= 2014-08-11 19:29:25 +02:00
Lennart Poettering
96ddbf819a man: document that we look for both the instance's and the template's .d/ directory when looking for unit file drop-ins. 2014-08-11 16:41:05 +02:00
Lennart Poettering
31a339fd7f man: update resolved man pages a bit 2014-08-11 15:06:22 +02:00
Lennart Poettering
81663503e6 man: extend timesycnd man page a bit 2014-08-11 15:06:22 +02:00
Tom Gundersen
04b67d4925 udev: link_setup - respect kernel name assign policy
Newer kernels export meta-information about the origin of an ifname. Respect this
from the ifname rename logic. We do not rename any interfaces that was originally
named by userspace, nor once which have already been renamed from userspace.

Moreover, we optionally do not (the default) rename interfaces which the kernel
claims to have named in a predictable way.
2014-08-08 13:30:15 +02:00
Zbigniew Jędrzejewski-Szmek
5e34b37c9f man: correct references to DefaultTimeout*Sec
Noticed by thp on #systemd.
2014-08-07 20:46:49 -04:00
Lennart Poettering
252f2b9e85 man: bring resolved.conf up-to-date 2014-08-04 23:08:31 +02:00
Tom Gundersen
bd8f653876 networkd: add and expose per-link LLMNR config option 2014-08-04 16:56:34 +02:00
Ansgar Burchardt
ef392da6c5 Correct references to ProtectSystem and ProtectHome in documentation 2014-08-04 09:27:20 -04:00
Karel Zak
c358d728e7 bootchart: don't parse /proc/uptime, use CLOCK_BOOTTIME
* systemd-bootchart always parses /proc/uptime, although the
  information is unnecessary when --rel specified

* use /proc/uptime is overkill, since Linux 2.6.39 we have
  clock_gettime(CLOCK_BOOTTIME, ...). The backend on kernel side is
  get_monotonic_boottime() in both cases.

* main() uses "if (graph_start <= 0.0)" to detect that /proc is
  available.

  This is fragile solution as graph_start is always smaller than zero
  on all systems after suspend/resume (e.g. laptops), because in this
  case the system uptime includes suspend time and uptime is always
  greater number than monotonic time. For example right now difference
  between uptime and monotonic time is 37 hours on my laptop.

  Note that main() calls log_uptime() (to parse /proc/uptime) for each
  sample when it believes that /proc is not available. So on my laptop
  systemd-boochars spends all live with /proc/uptime parsing +
  nanosleep(), try

    strace  /usr/lib/systemd/systemd-bootchart

  to see the never ending loop.

  This patch uses access("/proc/vmstat", F_OK) to detect procfs.
2014-08-03 01:12:53 -04:00
Zbigniew Jędrzejewski-Szmek
6fc5a40438 man: add udev.conf(5)
We generally have separate man pages for all configuration files.
In this case udev.conf was already described in systemd-udevd.service(8),
but it was hard to find. Docbook makes it hard to add a .so link from
a different section, so describe udev.conf in its own page.
2014-07-31 08:56:03 -04:00
Zbigniew Jędrzejewski-Szmek
2b09983f94 man: add missing comma 2014-07-31 08:56:03 -04:00
Hong Shick Pak
b85595b511 man: fix outdated example in systemd.network
The docs for the DHCP= was updated, but not the example.
2014-07-30 18:35:53 +02:00
Tom Gundersen
ba17915457 networkd: ipv4ll - configure link-local address independently of DHCPv4
This changes the behavior when both DHCPv4 and IPv4LL are enabled. Before,
we would disable IPv4LL when we got a DHCPv4 lease and enable it if the
lease was lost.

Now we just always set up both, if both are enabled, but the DHCPv4
addresses and routes will always take precedence due to their metric
and scope.
2014-07-30 17:45:47 +02:00
Kay Sievers
dd5eddd28a udev: unify event timeout handling 2014-07-29 15:18:27 +02:00
Hannes Reinecke
9719859c07 udevd: add --event-timeout commandline option
Some events take longer than the default 30 seconds. Killing those
events will leave the machine halfway configured.

Add a commandline option '--event-timeout' to handle these cases.
2014-07-29 13:45:07 +02:00
Tom Gundersen
bfa695b5cc networkd: ipv4ll - default to setting up ipv4ll routes
This is necessary for non-ipv4ll hosts to communicate with ipv4ll-only hosts on the same link. Defaults
to being enabled, but can be opted out.

See: <http://avahi.org/wiki/AvahiAutoipd#Routes>
2014-07-25 02:14:23 +02:00
Michael Biebl
36d054aae0 man: fix path for system-sleep hook directory 2014-07-23 23:36:22 +02:00
Karel Zak
cbfaff65cb docs: remove repeating words from man/*xml 2014-07-23 08:47:19 -04:00
Zbigniew Jędrzejewski-Szmek
142c4ecaa9 man: merge systemd-verify with systemd-analyze 2014-07-21 22:33:51 -04:00
Susant Sahani
d9c52fa045 networkd: add support for bond options
The following bond options are supported by this patch.

MIIMonitorSec:
Specifies the frequency in milli-seconds that MII link
monitoring will occur.

UpDelaySec:
Specifies the delay time in milli-seconds to enable a link
after a link up status has been detected.

DownDelaySec:
Specifies the delay time in milli-seconds to disable a link
after a link failure has been detected.

changes:
1. Added gconf variables.
2. man page

conf:

[NetDev]
Name=bond1
Kind=bond

[Bond]
Mode=802.3ad
TransmitHashPolicy=layer2+3
LacpduTransmitRate=fast
MIIMonitorSec=1s
UpDelaySec=2s
DownDelaySec=8s

cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)

Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2+3 (2)
MII Status: up
MII Polling Interval (ms): 1000
Up Delay (ms): 2000
Down Delay (ms): 8000

802.3ad info
LACP rate: fast
Min links: 0
Aggregator selection policy (ad_select): stable
bond bond1 has no active aggregator

[tomegun: rephrased manpage, dropped bond_ prefix from variables]
2014-07-21 20:35:21 +02:00
Susant Sahani
fb1021a26d networkd: bond add support for lacp rate
LacpduTransmitRate
option specifies the rate in which link partner to transmit
LACPDU packets in 802.3ad mode.  Possible values
slow : Request partner to transmit LACPDUs every 30 seconds
fast : Request partner to transmit LACPDUs every 1 second
The default is slow.

chages:
1. Added enum bond_lacp_rate_table
2. gperf LacpduTransmitRate

Test:
conf file:
[NetDev]
Name=bond1
Kind=bond

[Bond]
Mode=802.3ad
LacpduTransmitRate=fast

test:
cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)

Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2+3 (2)
MII Status: up
MII Polling Interval (ms): 0
Up Delay (ms): 0
Down Delay (ms): 0

802.3ad info
LACP rate: fast
Min links: 0
Aggregator selection policy (ad_select): stable
bond bond1 has no active aggregator

[tomegun: renamed from LacpduTransmitRate to LACPTransmitRate, manpage fixes and
dropped bond_ prefix from variables]
2014-07-21 20:35:21 +02:00
Susant Sahani
227cdf2c7c networkd: add support for bond transmit hash policy
This patch adds support  the transmit hash policy to use
for slave selection in balance-xor, 802.3ad, and tlb modes

layer2, layer3+4, layer2+3, encap3+4, encap3+4

Added:
1. BondXmitHashPolicy
2. conf param TransmitHashPolicy

Test conf:
[NetDev]
Name=bond1
Kind=bond

[Bond]
Mode=802.3ad
TransmitHashPolicy=layer2+3

test output:
cat /proc/net/bonding/bond1
Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)

Bonding Mode: IEEE 802.3ad Dynamic link aggregation
Transmit Hash Policy: layer2+3 (2)
MII Status: up
MII Polling Interval (ms): 0
Up Delay (ms): 0
Down Delay (ms): 0

802.3ad info
LACP rate: slow
Min links: 0
Aggregator selection policy (ad_select): stable
bond bond1 has no active aggregator

[tomegun: dropped bond_ prefix from new Bond variable, drop repeated man-page section]
2014-07-21 20:35:21 +02:00
Zbigniew Jędrzejewski-Szmek
0e8415f2e5 man: add systemd-verify(1) 2014-07-20 19:48:16 -04:00
Zbigniew Jędrzejewski-Szmek
cf7d80a5fe path-lookup: make SYSTEMD_UNIT_PATH more flexible
It can now contain more than one directory, and can be used
to only prepend, not totally override, the normal load path.
2014-07-20 19:48:16 -04:00
Zbigniew Jędrzejewski-Szmek
4e60294351 journalctl,man: allow + only between terms
https://bugzilla.redhat.com/show_bug.cgi?id=1110712
2014-07-19 21:13:08 -04:00
Zbigniew Jędrzejewski-Szmek
1651e2c61e man,journal: add note about sd_journal_get_cutoff_monotonic_usec return value
Also modify the function itself to be a bit simpler to read.
2014-07-18 21:44:36 -04:00
Thomas Blume
f41925b4e4 systemd-detect-virt: detect s390 virtualization
A system that is running on a logical partition (LPAR) provided by
PR/SM has access to physical hardware (except CPU). It is true that
PR/SM abstracts the hardware, but only for sharing purposes.

Details are statet at:

http://publib.boulder.ibm.com/infocenter/eserver/v1r2/topic/eicaz/eicazzlpar.htm

-->--
In other words, PR/SM transforms physical resources into virtual resources so
that many logical partitions can share the same physical resources.
--<--

Still, from the OS point of view, the shared virtual resource is real
hardware. ConditionVirtualization must be set to false if the OS runs
directly on PR/SM (e.g. in an LPAR).

[zj: reorder code so that variables are not allocated when #if-def is
false. Add commit message.]
2014-07-18 09:20:13 -04:00
Zbigniew Jędrzejewski-Szmek
8c275eef38 man: document yearly and annually in systemd.time(7)
https://bugs.freedesktop.org/show_bug.cgi?id=81158
2014-07-16 22:18:16 -04:00
Zbigniew Jędrzejewski-Szmek
a8ca47227d man: describe new filename rules for journal-remote 2014-07-15 22:34:42 -04:00
Zbigniew Jędrzejewski-Szmek
330427e271 man: document systemd-journal-upload 2014-07-15 22:34:41 -04:00
Zbigniew Jędrzejewski-Szmek
8201af08fa journal-remote: allow splitting incoming logs by source host
Previously existing scheme where the file name would be based on
the source was just too ugly and unpredicatable. Now there are
only two options:
  1. just one file (until rotation),
  2. one file per source host, using the hostname as filename part.
For the cases where the source is specified by the user, only
option one is allowed, and the full of the file must be specified.
2014-07-15 22:31:41 -04:00
Tom Gundersen
f5de5b0020 sd-dhcp-client: make request broadcasts opt-in
It appears there is no good way to decide whether or not broadcasts should be enabled,
there is hardware that must have broadcast, and there are networks that only allow
unicast. So we give up and make this configurable.

By default, unicast is used, but if the kernel were to inform us abotu certain
interfaces requiring broadcast, we could change this to opt-in by default in
those cases.
2014-07-15 18:55:31 +02:00
Tom Gundersen
7c1cff4ff7 man: systemd.netdev - make it clear that we do not touch preexisting netdevs
We will happily use bridges/bonds as master devices, but we will not change their settings if they were created by
someone else.
2014-07-14 12:25:42 +02:00
Susant Sahani
edb85f0d8d networkd: dhcp add vendor class indentifier option 60
Vendor Class Identifier be used by DHCP clients to identify
their vendor type and configuration. When using this option,
vendors can define their own specific identifier values, such
as to convey a particular hardware or operating system
configuration or other identifying information.

Vendor-specified DHCP options—features that let administrators assign
separate options to clients with similar configuration requirements.
For example, if DHCP-aware clients for example we want to separate
different gateway and option for different set of people
(dev/test/hr/finance) in a org or devices for example web/database
servers or let's say in a embedded device etc and require a different
default gateway or DNS server than the rest of clients.
2014-07-14 11:39:20 +02:00
Susant Sahani
5d8e593dce networkd: make metric of routes configurable
Now route metric can be configuted via conf file:

example conf:

[Match]
Name=em1

[Route]
Gateway=192.168.1.12
Metric=10

Test:
ip route output
default via 192.168.1.12 dev em1 metric 10

[tomegun: squash TODO update and reword man page a bit]
2014-07-14 11:39:20 +02:00
Tanu Kaskinen
91acdc17a5 man: mention XDG_DATA_HOME in systemd.unit 2014-07-13 21:14:07 -04:00
Sjoerd Simons
eb34cba763 man: sysusers.d correct default user shell
For the non-root user sysusers uses nologin as the default shell, not
login. Correct the documentation to match the code.
2014-07-13 21:14:07 -04:00
Zbigniew Jędrzejewski-Szmek
5146e7e8ae man: add systemd-coredump(8) and a bunch of links 2014-07-13 21:11:07 -04:00
Lennart Poettering
ce0f1493c3 hostnamed: introduce new location machin-info field, too 2014-07-11 15:50:32 +02:00
Lennart Poettering
46b131574f journald: turn ForwardToSyslog= off by default
After all, rsyslog and friends nowadays read their data directly from
the journal, hence the forwarding is unnecessary in most cases.
2014-07-11 15:34:40 +02:00
Jóhann B. Guðmundsson
799298d651 Add DEPLOYMENT to hostnamectl
[zj: remove the check against a fixed list of environments.]
2014-07-11 09:22:01 -04:00
Zbigniew Jędrzejewski-Szmek
1ed7749564 shell-completion,man: beef up chassis completions and description
Parameters to hostnamectl command are not optional and should not be marked
as such in the man page.
2014-07-11 09:22:00 -04:00
Zbigniew Jędrzejewski-Szmek
dc5cd2b772 man: document x-systemd.device-timeout for crypttab
https://bugs.freedesktop.org/show_bug.cgi?id=54210
2014-07-10 22:52:23 -04:00
Zbigniew Jędrzejewski-Szmek
8e8ba962c7 man: proper link for dmesg 2014-07-10 22:52:23 -04:00
Zbigniew Jędrzejewski-Szmek
938a560b76 sysusers: allow overrides in /etc and /run
An administrator might want to block a certain sysusers config file from
being executed, e.g. to block the creation of a certain user.

Only a relatively short description is added in the man page, since
overrides should be relatively rare.
2014-07-10 22:51:41 -04:00
Lennart Poettering
932ad62b84 sysusers: don't allow user names longer than UT_NAMESIZE
As pointed out by Miloslav Trmač it might be a good idea to make sure
that usernames stay with in the utmp-defined limits.
2014-07-09 19:22:13 +02:00
Tomasz Torcz
efab8d0b0e hostnamed: update documentation with new "watch" chassis type 2014-07-09 08:36:12 -04:00
Zbigniew Jędrzejewski-Szmek
5aded36978 man: add a mapping for external manpages
It is annoying when we have dead links on fd.o.

Add project='man-pages|die-net|archlinux' to <citerefentry>-ies.

In generated html, add external links to
http://man7.org/linux/man-pages/man, http://linux.die.net/man/,
https://www.archlinux.org/.

By default, pages in sections 2 and 4 go to man7, since Michael
Kerrisk is the autorative source on kernel related stuff.

The rest of links goes to linux.die.net, because they have the
manpages.

Except for the pacman stuff, since it seems to be only available from
archlinux.org.

Poor gummiboot gets no link, because gummitboot(8) ain't to be found
on the net. According to common wisdom, that would mean that it does
not exist. But I have seen Kay using it, so I know it does, and
deserves to be found. Can somebody be nice and put it up somewhere?
2014-07-07 18:36:55 -04:00
Lennart Poettering
9869e75929 man: document systemd-escape(1) 2014-07-07 22:48:25 +02:00
Susant Sahani
fe8ac65b68 networkd: add support for mode
This patch adds supports networkd to configure bond mode
during creation via persistent conf. Mode can be configured
with conf param 'Mode'. A new section Bond is added to the
conf to support bond mode.

These modes can be configured now.

balance-rr
active-backup
balance-xor
broadcast
802.3ad
balance-tlb
balance-alb

Example conf file: test-bond.conf
[NetDev]
Name=bond1
Kind=bond

[Bond]
Mode=balance-xor

Test case:
1. start networkd service:

12: bond1: <BROADCAST,MULTICAST,MASTER,UP,LOWER_UP> mtu 1500 qdisc
noqueue state UNKNOWN mode DEFAULT group default
link/ether 22:89:6c:47:23:d2 brd ff:ff:ff:ff:ff:ff

2. find bond mode:

cat /proc/net/bonding/bond1
    Ethernet Channel Bonding Driver: v3.7.1 (April 27, 2011)
    Bonding Mode: load balancing (xor)
    Transmit Hash Policy: layer2 (0)
    MII Status: up
    MII Polling Interval (ms): 0
    Up Delay (ms): 0
    Down Delay (ms): 0

Changes:
       1. Added file networkd-bond.c
       2. Bond mode enum BondMode
       3. conf section [Bond]

[tomegun: whitespace]
2014-07-07 21:52:01 +02:00
Lennart Poettering
e26807239b firstboot: get rid of firstboot generator again, introduce ConditionFirstBoot= instead
As Zbigniew pointed out a new ConditionFirstBoot= appears like the nicer
way to hook in systemd-firstboot.service on first boots (those with /etc
unpopulated), so let's do this, and get rid of the generator again.
2014-07-07 21:05:09 +02:00
Lennart Poettering
30f10abf42 man: document systemd-firstboot(1) 2014-07-07 18:49:17 +02:00
Lennart Poettering
ed3e4a3fd9 man: drop references to the --priviliged command line option which has been removed a while back 2014-07-07 18:49:17 +02:00
Lennart Poettering
ac8ddf8c96 man: chroot jails are no longer detected by ConditionVirtualization= 2014-07-07 15:25:55 +02:00
Lennart Poettering
f1e4d93f57 man: add missing archs to ConditionArchitecture= description 2014-07-07 15:25:55 +02:00
Tom Gundersen
1a43ddc8b1 man: network - document Peer key 2014-07-07 14:24:07 +02:00
Lennart Poettering
108e8cd11e man: document nspawn's new --volatile switch 2014-07-04 12:56:57 +02:00
Tom Gundersen
54f601debc man: netdev - mention tun and tap
Reported by Moviuro <moviuro@gmail.com>
2014-07-04 01:26:58 +02:00
Zbigniew Jędrzejewski-Szmek
9c5dcb68b0 man: add link to Open Group Base Specifications 2014-07-03 16:41:52 -04:00
Lennart Poettering
db6d9e8640 man: document that systemctl's -H may now be used to connect directly to a container on a remote host 2014-07-03 20:37:10 +02:00
Lennart Poettering
a12b0cc34d sysusers: add new line type "m" to add users as members to groups 2014-07-03 19:54:46 +02:00
Lennart Poettering
ab016c45a9 man: reference RestartForceExitStatus= from the Restart= description 2014-07-03 15:37:46 +02:00
Lennart Poettering
37520c1bec core: introduce new RestartForceExitStatus= service setting
This does the inverse of RestartPreventExitStatus=: it forces a restart
of a service when a certain exit status is returned by a service
process.
2014-07-03 12:51:07 +02:00
Tom Gundersen
ffd488e272 networkd: tuntap - default to no packet information
Susant says:
> ip tuntap turns this off by default.

Let's follow ip(8) here as that should be the least surprising.
2014-07-03 12:19:26 +02:00
Tom Gundersen
72d33d99c5 networkd: tuntap - manpage fixes 2014-07-03 11:37:54 +02:00
Susant Sahani
30ae9dfda3 networkd: Introduce tun/tap device
This patch introduces TUN/TAP device creation support
to networkd.

Example conf to create a tap device:

file: tap.netdev
------------------
[NetDev]
Name=tap-test
Kind=tap

[Tap]
OneQueue=true
MultiQueue=true
PacketInfo=true
User=sus
Group=sus
------------------

Test:
1. output of ip link
tap-test: tap pi one_queue UNKNOWN_FLAGS:900 user 1000 group 1000

id:
uid=1000(sus) gid=10(wheel) groups=10(wheel),1000(sus)
context=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023

Modifications:

Added:
1. file networkd-tuntap.c
3. netdev kind NETDEV_KIND_TUN and NETDEV_KIND_TAP
2. Tun and Tap Sections and config params to parse
   conf and gperf conf parameters

[tomegun: tweak the 'kind' checking for received ifindex]
2014-07-03 11:00:02 +02:00
Lennart Poettering
8f6e22a1ca man: /usr/bin may contain binaries in any compatible arch, not just the primary one 2014-07-03 01:10:01 +02:00
Lennart Poettering
4ee4264c3b man: fix links to systemd-efi-boot-generator(8) 2014-07-03 01:09:35 +02:00
Lennart Poettering
9a00f57a5b path: add new "systemd-path" utility for querying paths described in file-hierarchy(7)
This new tool is based on "sd-path", a new (so far unexported) API for
libsystemd, that can hopefully grow into a workable API covering /opt
and more one day.
2014-07-02 12:23:36 +02:00
Tom Gundersen
9e358851b4 networkd: netdev - add dummy support 2014-07-01 22:10:07 +02:00
Eugene Yakubovich
4cc7a82c94 networkd: send hostname to dhcp server
Send hostname (option 12) in DISCOVER and REQUEST messages so the
DHCP server could use it to register with dynamic DNS and such.

To opt-out of this behaviour set SendHostname to false in [DHCP]
section of .network file

[tomegun: rebased, made sure a failing set_hostname is a noop and moved
          config from DHCPv4 to DHCP]
2014-07-01 22:02:25 +02:00
Tom Gundersen
0a8a0fad01 man: bring systemd.network(5) up-to-date
Based on diff by 'poma'.
2014-07-01 21:49:53 +02:00
Tom Gundersen
b35a290960 man: bring systemd.netdev(5) up-to-date
Based on a diff by the mysterious 'poma'.
2014-07-01 21:49:53 +02:00
Thomas Hindoe Paaboel Andersen
ce1dde29b9 typo fixes 2014-07-01 21:12:05 +02:00
Kay Sievers
eafbd4d7ce man: file-hierarchy - emphasize /usr/lib/$arch-id instead of $libdir 2014-07-01 17:47:38 +02:00
Christian Hesse
02ea24ca2a man/sd_journal_get_data: fix variable naming in example 2014-07-01 16:38:40 +02:00
Christian Hesse
8959ae0d4c man/sd_journal_next: fix argument in example
The example does not compile, it fails with:

error: passing argument 3 of ‘sd_journal_get_data’ from incompatible
pointer type

Cast to (const void **) to avoid this.
2014-07-01 16:38:37 +02:00
Lennart Poettering
959ddb4700 man: document directories in $HOME, too, in file-hierarchy(7) 2014-07-01 13:51:36 +02:00
Lennart Poettering
cdf0c7abf8 man: document ConditionNeedsUpdate= 2014-07-01 01:33:56 +02:00
Lennart Poettering
82a30aae48 man: extend a bit what to expect from the various places apps can store data 2014-07-01 01:14:22 +02:00
Lennart Poettering
c65b503d01 man: add sections about file node types and write access to file-hierarchy(7) 2014-07-01 01:14:22 +02:00
Zbigniew Jędrzejewski-Szmek
ee43f49b78 man: mention x-initrd.mount option in fstab options list 2014-06-30 18:41:17 -04:00
Zbigniew Jędrzejewski-Szmek
63b03c0b28 man: mention that x-systemd.device-timeout is only for fstab
Reformat fstab options description. Now they are easier to read and
show up in systemd.directives(7).

Use a single sublist for both /etc/fstab and /etc/crypttab options.
Many of them can be used in both places. crypttab(5) is updated to use
the same docbook elements, so formatting is uniform.
2014-06-30 18:41:17 -04:00
Zbigniew Jędrzejewski-Szmek
a17f2dc15b man: beef up systemd-fsck description 2014-06-30 18:41:17 -04:00
Lennart Poettering
6e81b5b9dc man: reference $TMPDIR, not $TMP in file-hierarchy(7)
This what environ(7) and POSIX define, so that's what we should
reference.
2014-07-01 00:29:38 +02:00
Lennart Poettering
7caa86ac4d man: document systemd-update-done.service 2014-07-01 00:16:48 +02:00
Tom Gundersen
dc7f577501 man: file-hierarchy - minor fixes
Leave non-specified top-level dirs out of the spec, and minor cleanups.
2014-07-01 00:06:16 +02:00
Lennart Poettering
cd48031bcf man: document how to query $libdir for the primary architecture using pkg-config 2014-06-30 23:30:00 +02:00
Thomas Hindoe Paaboel Andersen
fcba63a846 man: file-hierarchy - typo fixes 2014-06-30 22:54:21 +02:00
Lennart Poettering
2f3d398a05 man: deemphesize Fedora-specific "lib64", only mention the more generic $libdir 2014-06-30 22:49:10 +02:00
Thomas Hindoe Paaboel Andersen
908c32e0f3 man: daemon - typo fix 2014-06-30 22:38:17 +02:00
Lennart Poettering
9fc25924be man: a couple of additions to file-hierarchy(7) 2014-06-30 19:52:44 +02:00
Lennart Poettering
8c63bf4ab0 man: drop references to manual StandardError=syslog from daemon(7), we do this implicitly since ages 2014-06-30 19:06:11 +02:00
Lennart Poettering
9546c6ed67 man: add a minimized, modernized description of the file system hierarchy systemd suggests 2014-06-30 19:05:17 +02:00
Lennart Poettering
21236ab510 man: document the sysusers tool 2014-06-29 22:27:07 +02:00
Eugene Yakubovich
e1ea665eda Add support for DHCP static route options
This adds support for DHCP options 33 and 121: Static Route and
Classless Static Route. To enable this feature, set UseRoutes=true
in .network file. Returned routes are added to the routing table.
2014-06-29 15:18:21 +02:00
Tom Gundersen
ed942a9eb2 networkd: merge DHCPv4 and DHCPv6 config
If there are v4 or v6 specific options we can keep those in separate sections,
but for the common options, we will use only one.

Moreovere only use DHCP=[yes/both|no/none|v4|v6] to enable or disable the clients.
2014-06-29 15:18:21 +02:00
Jan Engelhardt
45df8656eb doc: typographical improvements and choice of words 2014-06-28 00:06:31 -04:00
Jan Engelhardt
8d0e0ddda6 doc: grammatical corrections 2014-06-28 00:06:30 -04:00
Lennart Poettering
102bd40e1e man: split systemd.network(5) and related into various sections for better readability 2014-06-27 20:50:08 +02:00
Lennart Poettering
4bb278e51e man: document automatic networkd IP range allocation 2014-06-27 20:42:06 +02:00
Lennart Poettering
b1317b34f4 man: fix sd_watchdog_enabled() prototype in man page
https://bugs.freedesktop.org/show_bug.cgi?id=80597
2014-06-27 19:51:14 +02:00
Lennart Poettering
8c9571d0ae coredump: replace Compression= setting by simpler Compress= boolean setting
Let's move things closer to journald's configuration settings, which
knows Compress= already, as a boolean. This makes things more uniform,
but also gives us more freedom to possibly swap out the used compression
algorithm one day.
2014-06-27 19:35:57 +02:00
Lennart Poettering
cf677ac1b7 coredump: don't expose the compression level as configuration option
This sounds overly low-level and implementation-detaily. Let's just
use the default level XZ suggests. This gives us more room to possibly
swap out the compression algorithm used, as the compression level range
will not leak into user configuration.
2014-06-27 19:35:57 +02:00
Lennart Poettering
0dc5d23c85 coredump: add simple coredump vacuuming
When disk space taken up by coredumps grows beyond a configured limit
start removing the oldest coredump of the user with the most coredumps,
until we get below the limit again.
2014-06-27 19:35:57 +02:00
Zbigniew Jędrzejewski-Szmek
3cc765d271 man: add coredump.conf(5) 2014-06-26 01:41:04 -04:00
Lennart Poettering
99813a1912 systemctl: add new "is-system-running" command to check whether system is fully up
https://bugs.freedesktop.org/show_bug.cgi?id=66926
2014-06-25 12:31:03 +02:00
Zbigniew Jędrzejewski-Szmek
96e2644150 Revert "Add systemd-coredumpctl as an alias for coredumpctl"
This reverts the documentation part of commit
dfdd0e0730.
2014-06-23 23:14:55 -04:00
Zbigniew Jędrzejewski-Szmek
9fcdf32294 man: fix path in crypttab(5)
https://bugs.freedesktop.org/show_bug.cgi?id=75816
2014-06-23 23:14:54 -04:00
Zbigniew Jędrzejewski-Szmek
dfdd0e0730 Add systemd-coredumpctl as an alias for coredumpctl
Should make the transition easier for exisiting users.
2014-06-22 15:30:19 -04:00
Zbigniew Jędrzejewski-Szmek
c305edb643 man: untabify systemd-resolved.service.xml 2014-06-22 12:26:09 -04:00
Jonathan Boulle
40ef48600f fix systemd-resolved reference in man page
Guess this was missed in the copy-paste :-)
2014-06-22 12:26:09 -04:00
Kay Sievers
2f3b873a49 tmpfiles: copy/link /usr/share/factory/ files when the source argument is omitted 2014-06-20 15:57:43 +02:00
Lennart Poettering
3c5a87a879 debug-generator: add new kernel cmdline option systemd.wants= to add units to the initial transaction 2014-06-20 13:36:28 +02:00
Zbigniew Jędrzejewski-Szmek
7141829512 man: also describe an udev rule for bridge sysctl 2014-06-19 21:14:07 -04:00
Zbigniew Jędrzejewski-Szmek
7284335adb man: document statically loading modules for sysctl settings
https://bugzilla.redhat.com/show_bug.cgi?id=1022977
https://bugzilla.novell.com/show_bug.cgi?id=725412
2014-06-19 20:44:49 -04:00
Lennart Poettering
e156347e04 tmpfiles: make sure "C" doesn't copy anything if the destination already exists
Previously it would recursively copy the entire tree in, and descend
into subdirectories even if the destination already exists. Let's do
what the documentation says and not do that.

If files down the tree shall be copied too, they should get their own
"C" lines.
2014-06-19 19:36:08 +02:00
Lennart Poettering
eca8701ae7 man: document new coredumpctl commands 2014-06-19 17:36:39 +02:00
Lennart Poettering
f685b70279 man: add documentation for systemd-debug-generator 2014-06-19 17:06:35 +02:00
Lennart Poettering
52c611b776 man: add new kernel command line switches to kernel-command-line(7) 2014-06-19 16:54:40 +02:00
Ronny Chevalier
08d555f347 man: fix typo 2014-06-19 08:53:31 -04:00
Lennart Poettering
f4bab1690e coredump: coredumpctl is so useful now, make it a first-class citizen
Drop the "systemd-" prefix, renaming it from "systemd-coredumpctl" to
"coredumpctl".
2014-06-19 13:46:01 +02:00
Lennart Poettering
edc3797f7c journald: make SplitMode=uid the default
Now that we actually can distuingish system and normal users there's no
point in taking session information into account anymore when splitting
up logs.

This has the beenfit with that coredump information will actually end up
in each user's own journal.
2014-06-19 12:38:45 +02:00
Lennart Poettering
9542239eaf cryptsetup: introduce new cryptsetup-pre.traget unit so that services can make sure they are started before and stopped after any LUKS setup
https://bugzilla.redhat.com/show_bug.cgi?id=1097938
2014-06-18 00:09:46 +02:00
Lennart Poettering
1554afae54 tmpfiles: add "+" modifier support to b, c, p lines in addition to L 2014-06-18 00:09:46 +02:00
Zbigniew Jędrzejewski-Szmek
0a498f163a man: fix typo 2014-06-17 17:29:47 -04:00
Lennart Poettering
d54c499369 install: introduce new DefaultInstance= field for [Install] sections
The DefaultInstance= name is used when enabling template units when only
specifying the template name, but no instance.

Add DefaultInstance=tty1 to getty@.service, so that when the template
itself is enabled an instance for tty1 is created.

This is useful so that we "systemctl preset-all" can work properly,
because we can operate on getty@.service after finding it, and the right
instance is created.
2014-06-17 02:43:43 +02:00
Lennart Poettering
d309c1c364 install: beef up preset logic to limit to only enable or only disable, and do all-unit preset operations
The new "systemctl preset-all" command may now be used to put all
installed units back into the enable/disable state the vendor/admin
encoded in preset files.

Also, introduce "systemctl --preset-mode=enable-only" and "systemctl
--preset-mode=disable-only" to only apply the enable or only the disable
operations of a "systemctl preset" or "systemctl preset-all" operation.

"systemctl preset-all" implements this RFE:

https://bugzilla.redhat.com/show_bug.cgi?id=630174
2014-06-17 02:43:17 +02:00
Lennart Poettering
2e78fa79bb tmpfiles: add new "L+" command as stronger version of "L", that removes the destination before creating a symlink
Also, make use of this for mtab as long as mount insists on creating it
even if we invoke it with "-n".
2014-06-16 13:21:07 +02:00
Lennart Poettering
2dbd4a9454 mount: add new SloppyOptions= setting for mount units, mapping to mount(8)'s "-s" switch 2014-06-16 01:02:27 +02:00
Lennart Poettering
5ae4d543cb os-release: define /usr/lib/os-release as fallback for /etc/os-release
The file should have been in /usr/lib/ in the first place, since it
describes the OS container in /usr (and not the configuration in /etc),
hence, let's support os-release files in /usr/lib as fallback if no
version in /etc exists, following the usual override logic.

A prior commit already enabled tmpfiles to create /etc/os-release as a
symlink to /usr/lib/os-release should it be missing, thus providing nice
compatibility with applications only checking in /etc.

While it's probably a good idea if all apps check both locations via a
fallback logic, it is only necessary in the early boot process, as long
as the /etc/os-release symlink has not been restored, in case we boot
with an empty /etc.
2014-06-13 20:11:59 +02:00
Lennart Poettering
a4a878d040 units: introduce network-pre.target as place to hook in firewalls
network-pre.target is a passive target that should be pulled in by
services that want to be executed before any network is configured (for
example: firewall scrips).

network-pre.target should be ordered before all network managemet
services (but not be pulled in by them).

network-pre.target should be order after all services that want to be
executed before any network is configured (and be pulled in by them).
2014-06-11 12:14:55 +02:00
Lennart Poettering
abef3f91ce tmpfiles: add ability to mask access mode by pre-existing access mode on files/directories
This way it makes a lot more sense to specify an access mode for "Z"
lines.
2014-06-11 10:14:07 +02:00
Lennart Poettering
1910cd0e05 tmpfiles: when processing lines, always process prefixes before suffixes
If two lines refer to paths that are suffix and prefix of each other,
then always process the prefix first, the suffix second. In all other
cases strictly process rules in the order they appear in the files.

This makes creating /var/run as symlink to /run a lot more fun, since it
is automatically created first.
2014-06-11 01:37:35 +02:00
Lennart Poettering
06c17c39a8 nspawn: add new --tmpfs= option to mount a tmpfs on specific directories, such as /var 2014-06-11 00:44:30 +02:00
Lennart Poettering
e73a03e059 tmpfiles: get rid of "m" lines, make them redundant by "z"
"m" so far has been a non-globbing version of "z". Since this makes it
quite redundant, let's get rid of it. Remove "m" from the man pages,
beef up "z" docs instead, and make "m" nothing more than a compatibility
alias for "z".
2014-06-10 23:42:16 +02:00
Lennart Poettering
849958d1ba tmpfiles: add new "C" line for copying files or directories 2014-06-10 23:02:40 +02:00
Lennart Poettering
51cb9d734a man: updates to the passive target section 2014-06-10 18:52:28 +02:00
Mark Eichin
299a55075d man: Searching for an explanation of what a "slice unit" was, found this, felt compelled to send in fixes for the obvious typos 2014-06-10 18:05:58 +02:00
David Strauss
9a92e77e43 man: clarify the effect of replace-irreversibly on future conflicting jobs 2014-06-09 15:32:03 -07:00
Mantas Mikulėnas
d275b52969 man: fix references to sd_journal_cutoff_realtime_usec 2014-06-06 15:50:30 +02:00
Lennart Poettering
d6797c920e namespace: beef up read-only bind mount logic
Instead of blindly creating another bind mount for read-only mounts,
check if there's already one we can use, and if so, use it. Also,
recursively mark all submounts read-only too. Also, ignore autofs mounts
when remounting read-only unless they are already triggered.
2014-06-06 14:37:40 +02:00
Lennart Poettering
6cfe2fde1c core: introduce new Restart=on-abnormal setting
Restart=on-abnormal is similar to Restart=on-failure, but avoids
restarts on unclean exit codes (but still doing restarts on all
obviously unclean exits, such as timeouts, signals, coredumps, watchdog
timeouts).

Also see:

https://fedorahosted.org/fpc/ticket/191
2014-06-05 18:42:52 +02:00
Lennart Poettering
5331194c12 core: don't include /boot in effect of ProtectSystem=
This would otherwise unconditionally trigger any /boot autofs mount,
which we probably should avoid.

ProtectSystem= will now only cover /usr and (optionally) /etc, both of
which cannot be autofs anyway.

ProtectHome will continue to cover /run/user and /home. The former
cannot be autofs either. /home could be, however is frequently enough
used (unlikey /boot) so that it isn't too problematic to simply trigger
it unconditionally via ProtectHome=.
2014-06-05 10:03:26 +02:00
Lennart Poettering
3900e5fdff socket: add SocketUser= and SocketGroup= for chown()ing sockets in the file system
This is relatively complex, as we cannot invoke NSS from PID 1, and thus
need to fork a helper process temporarily.
2014-06-05 09:55:53 +02:00
Lennart Poettering
1b8689f949 core: rename ReadOnlySystem= to ProtectSystem= and add a third value for also mounting /etc read-only
Also, rename ProtectedHome= to ProtectHome=, to simplify things a bit.

With this in place we now have two neat options ProtectSystem= and
ProtectHome= for protecting the OS itself (and optionally its
configuration), and for protecting the user's data.
2014-06-04 18:12:55 +02:00
Lennart Poettering
03ee5c38cb journald: move /dev/log socket to /run
This way we can make the socket also available for sandboxed apps that
have their own private /dev. They can now simply symlink the socket from
/dev.
2014-06-04 16:53:58 +02:00
Lennart Poettering
811ba7a0e2 socket: add new Symlinks= option for socket units
With Symlinks= we can manage one or more symlinks to AF_UNIX or FIFO
nodes in the file system, with the same lifecycle as the socket itself.

This has two benefits: first, this allows us to remove /dev/log and
/dev/initctl from /dev, thus leaving only symlinks, device nodes and
directories in the /dev tree. More importantly however, this allows us
to move /dev/log out of /dev, while still making it accessible there, so
that PrivateDevices= can provide /dev/log too.
2014-06-04 16:21:17 +02:00
Lennart Poettering
bd1fe7c79d socket: optionally remove sockets/FIFOs in the file system after use 2014-06-04 13:12:34 +02:00
Lennart Poettering
417116f234 core: add new ReadOnlySystem= and ProtectedHome= settings for service units
ReadOnlySystem= uses fs namespaces to mount /usr and /boot read-only for
a service.

ProtectedHome= uses fs namespaces to mount /home and /run/user
inaccessible or read-only for a service.

This patch also enables these settings for all our long-running services.

Together they should be good building block for a minimal service
sandbox, removing the ability for services to modify the operating
system or access the user's private data.
2014-06-03 23:57:51 +02:00
Tom Gundersen
b686acb27e resolved: move resolv.conf to resolved's runtime dir 2014-06-02 15:14:32 +02:00
Stef Walter
c779a44222 hostnamed: Fix the way that static and transient host names interact
It is almost always incorrect to allow DHCP or other sources of
transient host names to override an explicitly configured static host
name.

This commit changes things so that if a static host name is set, this
will override the transient host name (eg: provided via DHCP). Transient
host names can still be used to provide host names for machines that have
not been explicitly configured with a static host name.

The exception to this rule is if the static host name is set to
"localhost". In those cases we act as if no
static host name has been explicitly set.

As discussed elsewhere, systemd may want to have an fd based ownership
of the transient name. That part is not included in this commit.
2014-05-28 09:34:37 +08:00
Zbigniew Jędrzejewski-Szmek
623538c312 man: describe sd_uid_get_display 2014-05-24 18:50:21 -04:00
Zbigniew Jędrzejewski-Szmek
b9acccb3c9 man: reword StartupCPUShares= description
Now that we have two options described in the same paragraph, we cannot
use singular anymore.
2014-05-24 18:50:21 -04:00
Lennart Poettering
0afedd300c man: update URL refernce in daemon(7)
http://lists.freedesktop.org/archives/systemd-devel/2014-May/019410.html
2014-05-22 16:22:48 +09:00
Lennart Poettering
c4b834a4ad man: drop reference to file locking for PID file creation from daemon(7)
File locking is usually a bad idea, don't suggest using it.
2014-05-22 16:15:56 +09:00