Due to the brokeness of much of the userspace audit code we cannot
really start too many systems without the audit caps set. To make nspawn
easier to use just add the audit caps by default.
To boot up containers successfully the kernel's auditing needs to be
turned off still (use "audit=0" on the kernel command line), but at
least no manual caps have to be passed anymore.
In the long run auditing will be fixed for containers and ve virtualized
properly at which time it should be safe to enable these caps anyway.
Variable definitions can be written on more than one line - if each ends
with a backslash, then is concatenated with a previous one. Only
backslash and unix end of line (\n) are treated as a continuation.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=58083
[zj: squashed two patches together; cleaned up grammar; removed
comment about ignoring trailing backslash -- it is not ignored.]
Document continuation support in systemd.exec
systemctl list-dependencies lists all unit's dependecies and
recursively expands all subsidiary target units into a tree.
Primary purpose for this command is to show all units which are
enabled in specified target.
We no longer allow early-boot init scripts, however in late boot the
syslog socket and local mounts are established anyway, so let's simplify
our dep graph a bit.
If $syslog doesn't resolve to syslog.target anymore there's no reason to
keep syslog.target around anymore. Let's remove it.
Note that many 3rd party service unit files order themselves after
syslog.target. These will be dangling dependencies now, which should be
unproblematic, however.
New file output.h with output flags and modes.
--full parameter also for cgls and loginctl.
Include 'all' parameter in flags (show_cgroup_by_path, show_cgroup,
show_cgroup_and_extra, show_cgroup_and_extra_by_spec).
get_process_cmdline with max_length == 0 will not ellipsize output.
Replace LINE_MAX with 0 in some calls of get_process_cmdline.
[zj: Default to --full when under pager for clgs.
Drop '-f' since it wasn't documented and didn't actually work.
Reindent a bit.
]
Systemd should not introduce any new facilities. Distributions which still
need to support their non-standard/legacy facilities should add them as
patches to their packaging.
The following facilities are no longer recognized:
$x-display-manager
$mail-transfer-agent
$mail-transport-agent
$mail-transfer-agent
$smtp
$null
This target is no longer available:
mail-transfer-agent.target
This way we also get a man page. The output is not as polished.
I hope that it doesn't matter too much.
index.html is not generated now, the page is called
systemd.index.html. If necessary, an install hook should be added.
For all unit files foobar.service we will now read
foobar.service.d/*.conf, too. This may be used to override certain unit
settings without having to edit unit files directly.
This makes it really easy to change specific settings for services
without having to edit any unit file:
mkdir /etc/systemd/system/avahi-daemon.service.d/
echo -e '[Service]\nNice=99' > /etc/systemd/system/avahi-daemon.service.d/nice.conf
systemctl daemon-reload
Bootchart is renamed to 'systemd-bootchart' and installed as
/usr/lib/systemd/systemd-bootchart. The configuration file
will reside in /etc/systemd/bootchart.conf.
Adds is-failed to join is-active and is-enabled.
I grabbed this one from the todo list. Most of the functionality was
already there for is-active. I just needed to make check_one_unit take
the states to check for as an argument instead of the hardcoded
"active" and "reloading".
is-failed will return 1 if none of the units given are failed. This is
different from is-active which will return 3 if none of the units
given are active. It returns 3 with this comment:
/* According to LSB: "program is not running" */
As that does not make sense when looking for failed units I simply
chose 1 instead.
For many usecases it is useful to store the chassis type somewhere, and
/etc/machine-info sounds like a good place. Ideally we could always
detect the chassis type from firmware, but frequently that's not
available and in many embedded devices probably entirely unrealistic.
This patch adds a configurable setting CHASSIS= to /etc/machine-info and
exposes this via hostnamectl/hostnamed. hostnamed will guess the chassis
type from DMI if nothing is set explicitly. I also added support for
detecting it from ACPI, which should be more useful as ACPI 5.0 actually
knows a "tablet" chassis type, which neither DMI nor previous ACPI
versions knew.
This also enables DMI-based and ACPI-based detection for non-x86 systems
as ACPI is apparently coming to ARM platforms soon.
I tried to minimize the vocabulary of chassis types understood and
added: desktop, laptop, server, tablet, handset. This is much less than
either APCI or DMI know. If we need more types later on we can easily
add them.
This saves test output to individual .log files.
The driver is only used in /Makefile.am, not in
/docs/*udev/Makefile.am because the latter don't seem to work with
this driver. They don't produce much output anyway.
.gitignore is alphabetized, and .log files are added to it.
Generated files from /build-aux are removed from the list.