Commit Graph

2116 Commits

Author SHA1 Message Date
Lennart Poettering
8f7a3c1402 man: document systemd-nspawn 2011-03-15 20:51:59 +01:00
Lennart Poettering
b9a8e638ed cgls: don't strip user processes and kernel threads from default output 2011-03-15 18:43:47 +01:00
Lennart Poettering
f3accc08d3 umount: don't try to remount bind mounts ro during shutdown 2011-03-15 02:42:28 +01:00
Lennart Poettering
2a796654b9 getty: move automatic serial getty logic into generator 2011-03-15 00:45:46 +01:00
Lennart Poettering
2fc9784656 container: skip a few things when we are run in a container such as accessing /proc/cmdline 2011-03-14 23:41:47 +01:00
Lennart Poettering
1f16b4a6c4 cgls: by default start with group of PID 1 2011-03-14 23:40:41 +01:00
Lennart Poettering
1f73f0f163 pam: determine user cgroup tree from cgroup of PID 1 2011-03-14 23:13:57 +01:00
Lennart Poettering
04d391dabc nspawn: move container into its own name=systemd cgroup 2011-03-14 22:33:58 +01:00
Lennart Poettering
e03ae6615a manager: don't show kernel boot-up time for containers 2011-03-14 21:47:41 +01:00
Lennart Poettering
72fe22f930 manager: show who killed us 2011-03-14 21:30:54 +01:00
Lennart Poettering
1063dc3a52 units: add console-shell.service which can be used insted of the gettys to get a shell on /dev/console 2011-03-14 21:00:53 +01:00
Lennart Poettering
a5f9be4579 build-sys: move remaining tools from sbin/ to bin/ since they might eventually be useful for user execution 2011-03-14 18:17:28 +01:00
Lennart Poettering
9bec0b1e8d hostname: don't override the hostname with localhost if it is already set and /etc/hostname unset 2011-03-14 18:05:52 +01:00
Lennart Poettering
391ade8606 audit: give up sending auditing messages when it failed due to EPERM 2011-03-14 17:48:48 +01:00
Lennart Poettering
3bd66c05d5 nspawn: don't require selinux on if it is compiled in 2011-03-14 17:44:03 +01:00
Lennart Poettering
6f79c579ec main: remove AF_UNIX sockets before binding 2011-03-14 16:15:31 +01:00
Lennart Poettering
f41de95966 shutdown: print a nice message when terminating a container 2011-03-14 15:37:09 +01:00
Lennart Poettering
9b634ea5fb nspawn: mount /selinux if needed 2011-03-14 15:37:09 +01:00
Lennart Poettering
40e85d0019 shutdown: just call exit() if we are in a container 2011-03-14 15:37:09 +01:00
Lennart Poettering
c4f8bd1aef umount: assume that a non-existing /dev/loop device means it is already detached 2011-03-14 15:37:09 +01:00
Lennart Poettering
973bcd30bf socket: use 777 as default mode for sockets 2011-03-14 15:37:09 +01:00
Lennart Poettering
64af1b6207 nspawn: we don't want a network namespace 2011-03-14 15:37:09 +01:00
Lennart Poettering
90df7e567f main: log to the console in a container 2011-03-14 15:37:02 +01:00
Lennart Poettering
b770165a4f main: don't parse /proc/cmdline in containers 2011-03-14 04:08:12 +01:00
Lennart Poettering
ef2df9f415 util: add detect_container() 2011-03-14 04:07:52 +01:00
Lennart Poettering
da5b3bad1c nspawn: reset environment and load login shell 2011-03-14 03:28:16 +01:00
Lennart Poettering
124640f177 nspawn: reset umask if needed 2011-03-14 03:28:00 +01:00
Lennart Poettering
94d8298589 nspawn: define MS_MOVE manually if needed 2011-03-14 03:27:28 +01:00
Lennart Poettering
6df6b93910 nspawn: improve exit warning 2011-03-14 03:12:25 +01:00
Lennart Poettering
91b22f21f3 core: move abstract namespace sockets to /dev/.run
Now that we have /dev/.run there's no need to use abstract namespace
sockets. So, let's move things to /dev/.run, to make things more easily
discoverable and improve compat with chroot() and fs namespacing.
2011-03-14 03:12:25 +01:00
Lennart Poettering
8821347618 nspawn: add simple chroot(1) like tool to execute commands in a namespace container 2011-03-14 03:12:25 +01:00
Lennart Poettering
f9b9232be9 util: detect CLONE_NEWPID namespaces, and cache results 2011-03-14 03:12:25 +01:00
Lennart Poettering
224170db0a git: ignore generated policy file 2011-03-14 03:12:25 +01:00
Lennart Poettering
0a27cf3f32 util: return exit status in wait_for_terminate_and_warn() 2011-03-14 03:12:25 +01:00
Lennart Poettering
46824d0e6b util: properly identify pty devices by their major 2011-03-14 03:12:25 +01:00
Kay Sievers
3eb4d9a214 build-sys: add org.freedesktop.systemd1.policy to CLEANFILES
ERROR: files left in build directory after distclean:
./src/org.freedesktop.systemd1.policy
make[1]: *** [distcleancheck] Error 1
2011-03-12 14:31:44 +01:00
Lennart Poettering
25705583af polkit: autogenerate polkit policy with correct paths 2011-03-12 01:15:30 +01:00
Lennart Poettering
a8f11321c2 systemctl: support remote and privileged systemctl access via SSH and pkexec
This adds support for executing systemctl operations remotely or as
privileged user while still running systemctl itself unprivileged and
locally.

This currently requires a D-Bus patch to work properly.

https://bugs.freedesktop.org/show_bug.cgi?id=35230
2011-03-12 01:07:17 +01:00
Kay Sievers
e75c058023 gnome-ask-password-agent.vala: check for VALA_0_12
<juergbi> VALA_0_X is defined up to and including the current version
<juergbi> so VALA_0_10 is defined in 0.10 and 0.11 and 0.12
<juergbi> VALA_0_12 is defined in 0.11 and 0.12 (and later versions)
<juergbi> reverse the branches and use VALA_0_12 as conditional
<kay> juergbi: changing api but keep the defines?
<kay> how do we support vala 0.14 then?
<kay> you keep that model with the old defines?
<juergbi> VALA_0_10 corresponds to valaversion >= 0.10
2011-03-11 15:55:20 +01:00
Kay Sievers
202df05e0f gnome-ask-password-agent: check for vala 0.10 instead of libnotify 2011-03-11 15:41:37 +01:00
Kay Sievers
e8bf3c88e3 gnome-ask-password-agent: restore removed libnotify0.6 support 2011-03-11 14:09:10 +01:00
Lennart Poettering
820fa96485 gnome-ask-password-agent: fix path to watch 2011-03-11 01:51:45 +01:00
Lennart Poettering
7d640cdf66 units: move the last flag files to /dev/.run 2011-03-11 01:06:53 +01:00
Lennart Poettering
720ce21d44 util: close all fds before freezing execution 2011-03-11 00:52:31 +01:00
Lennart Poettering
b997812119 dbus: timeout connection setup 2011-03-11 00:52:31 +01:00
Lennart Poettering
099663ff8c main: properly handle -b boot option 2011-03-11 00:52:31 +01:00
Andrey Borzenkov
90102b22ba pam: do not leak file descriptor if flock fails
If flock fails, fd is not returned to caller so it cannot clean up.
2011-03-10 20:48:58 +01:00
Andrey Borzenkov
756a8d17bb man: trivial typo in systemd(1) 2011-03-10 20:48:12 +01:00
Lennart Poettering
fe783b0341 main: refuse system to be started in a chroot 2011-03-09 23:59:27 +01:00
Lennart Poettering
b0c8757b05 main: don't check if /usr really is a mount point, since it is fine if it is passed pre-mounted to us from the initrd 2011-03-09 23:59:07 +01:00