Commit Graph

892 Commits

Author SHA1 Message Date
Lennart Poettering
a07fdfa376 main: don't try to mout cpuset with cpu+cpuacct anymore
Turns out cpuset needs explicit initialization before we could make use
of it. Thus mounting cpuset with cpu/cpuacct would make it impossible to
just create a group in "cpu" and start it.
2012-09-24 11:35:51 +02:00
Lennart Poettering
f801968466 journal: completely rework the mmap cache as I too dumb to actually understand it
Instead of doing hand optimized fd bisect arrays just use plain old
hashmaps. Now I can understand my own code again. Yay!

As a side effect this should fix some bad memory accesses caused by
accesses after mmap(), introduced in 189.
2012-09-21 20:52:23 +02:00
Lennart Poettering
409133be63 logind: allow users to override their own suspend/sleep inhibitors 2012-09-21 11:57:48 +02:00
Lennart Poettering
68e9f6e6be update TODO 2012-09-20 23:00:44 +02:00
Lennart Poettering
9e5f3dbb1c update TODO 2012-09-20 20:52:19 +02:00
Lennart Poettering
040f18ea8a util: overflow hardening 2012-09-20 11:08:27 +02:00
Lennart Poettering
06957305d7 update TODO 2012-09-19 15:46:43 +02:00
Zbigniew Jędrzejewski-Szmek
49111a708e systemctl: warn about triggering units only at the end
Instead of checking each unit separately, check once at the end. This
should avoid spurious warnings about a service being triggerable by
other stuff.
2012-09-19 08:27:34 +02:00
Zbigniew Jędrzejewski-Szmek
67445f4e22 core: move ManagerRunningAs to shared
Note: I did s/MANAGER/SYSTEMD/ everywhere, even though it makes the
patch quite verbose. Nevertheless, keeping MANAGER prefix in some
places, and SYSTEMD prefix in others would just lead to confusion down
the road. Better to rip off the band-aid now.
2012-09-18 19:53:34 +02:00
Lennart Poettering
2b4957a99e update TODO 2012-09-18 12:15:19 +02:00
Lennart Poettering
c481f78be7 mount: don't mount securityfs in a container 2012-09-18 12:13:02 +02:00
Lennart Poettering
6569cae18e unit-printf: add specifiers for the host name, machine id, boot id 2012-09-18 11:53:47 +02:00
Lennart Poettering
41f9172f42 unit: split unit_printf() and friends into its own .c file 2012-09-18 11:27:56 +02:00
Lennart Poettering
b7848021c3 execute: apply PAM logic only to main process if PermissionsStartOnly is set
https://bugs.freedesktop.org/show_bug.cgi?id=54176
2012-09-18 10:54:23 +02:00
Lennart Poettering
c309067483 selinux: use existing library calls for audit data 2012-09-18 01:55:49 +02:00
Lennart Poettering
e9ace802cf Update TODO 2012-09-18 01:17:03 +02:00
Lennart Poettering
b14eda963c logind: split up inhibit acquire policy 2012-09-18 01:16:23 +02:00
Lennart Poettering
178cc7700c journald: log when we fail to forward messages to syslog
https://bugzilla.redhat.com/show_bug.cgi?id=847207
2012-09-17 23:59:26 +02:00
Lennart Poettering
a866073d35 main: when transitioning from initrd to the main system log to kmsg
When the new PID is invoked the journal socket from the initrd might
still be around. Due to the default log target being journal we'd log to
that initially when the new main systemd initializes even if the kernel
command line included a directive to redirect systemd's logging
elsewhere.

With this fix we initially always log to kmsg now, if we are PID1, and
only after parsing the kernel cmdline try to open the journal if that's
desired.

(The effective benefit of this is that SELinux performance data is now
logged again to kmsg like it used to be.)
2012-09-17 17:47:47 +02:00
Lennart Poettering
bfba3256a0 service: don't hit an assert if a service unit changes type and we get a spurious event from before 2012-09-17 14:56:44 +02:00
Lennart Poettering
de34a42bca update TODO 2012-09-17 14:56:44 +02:00
Lennart Poettering
98a77df5fe logind: make sure there's always a getty available on TTY6
Previously, if X allocated all 6 TTYs (for multi-session for example) no
getty would be available anymore to guarantee console-based logins.

With the new ReserveVT= switch in logind.conf we can now choose one VT
(6 by default) that will always be subject to autovt-style activation,
i.e. we'll always have a getty on TTY6, and X will never take possession
of it.
2012-09-17 12:39:16 +02:00
Zbigniew Jędrzejewski-Szmek
4db17f291c build-sys: __secure_getenv lost dunder in libc 2.17 2012-09-17 00:21:25 +02:00
Lennart Poettering
49cb1ecf2d update TODO 2012-09-15 07:38:38 +02:00
Lennart Poettering
4ce849853c TODO: isolate items to fix before F18 2012-09-15 06:57:15 +02:00
Lennart Poettering
dcf76484ec update TODO 2012-09-14 20:50:24 +02:00
Lennart Poettering
050a99bd7b man: update localtime(5) a bit 2012-09-14 20:45:37 +02:00
Lennart Poettering
424a19f8a2 timedate: assorted improvements
- Make writing/reading of /etc/timezone dependendent of HAVE_SYSV_COMPAT

- Introduce symlink_atomic() after all, and use it

- Use relative symlink for /etc/localtime
2012-09-14 20:02:52 +02:00
Lennart Poettering
67f3c40265 systemctl: show unit name when a job fails
https://bugzilla.redhat.com/show_bug.cgi?id=845028
https://bugzilla.redhat.com/show_bug.cgi?id=846483
2012-09-14 15:11:07 +02:00
Lennart Poettering
a1cccad1fe update TODO 2012-09-13 17:11:10 +02:00
Lennart Poettering
a8b10efaec readahead: use 20K instead of 16K as temporary request nr bump 2012-09-13 00:10:35 +02:00
Kay Sievers
9f26fa2217 update TODO 2012-09-12 21:28:52 +02:00
Kay Sievers
6db01ccb78 update TODO 2012-09-12 21:07:26 +02:00
Lennart Poettering
8556879e0d unit-name: rework unit_name_replace_instance function()
https://bugzilla.redhat.com/show_bug.cgi?id=855863
2012-09-12 04:46:38 +02:00
Lennart Poettering
4a30847b9d update TODO 2012-09-11 01:45:27 +02:00
Lennart Poettering
b5b46d5995 when determining unit file list, include invalid unit names in an "invalid" state 2012-09-11 01:14:25 +02:00
Lennart Poettering
802840582c update TODO 2012-09-11 00:23:05 +02:00
Lennart Poettering
5e8b28838e update TODO 2012-09-10 22:45:20 +02:00
Lennart Poettering
a1a03e3075 journal: add call to determine current journal file disk usage 2012-09-07 23:20:28 +02:00
Lennart Poettering
2b43f939a4 journald: avoid logging to kmsg in the normal paths 2012-09-06 00:32:51 -07:00
Lennart Poettering
f687b27382 localed: system-setup-keyboard is no more on fedora 2012-09-05 23:54:09 -07:00
Lennart Poettering
a29271926a man: document that ExecStart= doesn't understand shell command lines 2012-09-05 23:51:19 -07:00
Lennart Poettering
cb7ed9dfca tmpfiles: don't attempt creation of device nodes when we run in a container 2012-09-05 23:42:05 -07:00
Lennart Poettering
d87be9b0af nspawn: handle poweroff/reboot nicely in containers 2012-09-05 16:23:41 -07:00
Lennart Poettering
a6e87e90ed journalctl: rework JSON output mode
This splits the JSON output mode into different modes: json and
json-pretty. The former printing one entry per line, the latter showing
JSON objects nicely indented and in multiple lines to make it easier to
read for humans.
2012-09-05 15:25:32 -07:00
Lennart Poettering
04bc4a3f47 nspawn: generate a new randomized boot ID for each container 2012-09-05 14:39:16 -07:00
Lennart Poettering
438bacd18e update TODO 2012-09-04 13:39:18 -07:00
Lennart Poettering
88f89a9b6d update TODO -- hackfest edition 2012-09-03 18:59:05 -07:00
Lennart Poettering
1946b0bd55 journalctl: include logs from PID 1 about services in systemctl status 2012-09-03 18:59:05 -07:00
Lennart Poettering
cde9cb343a util: make path_is_mount_point() recognize bind mounts, too 2012-09-03 18:59:05 -07:00
Lennart Poettering
7e75c5ac2d unit: make sure structured logging is available before we enter the main boot phase 2012-09-03 18:59:05 -07:00
Lennart Poettering
877d54e9b0 journal: generate structured journal messages for a number of events 2012-09-03 18:59:04 -07:00
Lennart Poettering
88fae6e044 shared: in code that might get called from suid programs use __secure_getenv() rather than getenv()
It's better to be safe than sorry.
2012-09-03 18:59:04 -07:00
Lennart Poettering
38a60d7112 build-sys: prepare release 189 2012-08-23 02:46:22 +02:00
Lennart Poettering
8d1b002a2e service: introduce a proper service result if the start limit is hit 2012-08-22 05:02:33 +02:00
Lennart Poettering
99add6fd0b journalctl: complain if unprivileged users attempt to access the journal and persistant logging is off 2012-08-22 04:45:17 +02:00
Lennart Poettering
c0d6e764d1 unit: add new ConditionHost= condition type 2012-08-22 01:51:53 +02:00
Lennart Poettering
c0ca7aeec9 journalctl: be more friendly when informing about seal verification 2012-08-21 23:03:20 +02:00
Lennart Poettering
d8b78264a5 update TODO 2012-08-21 17:38:29 +02:00
Lennart Poettering
50b3e64e27 update TODO 2012-08-21 17:19:32 +02:00
Lennart Poettering
feb12d3ed2 journal: make libgcrypt dependency optional 2012-08-20 16:51:46 +02:00
Lennart Poettering
f982e6f761 journal: set secure deletion flags for FSS file 2012-08-17 22:10:11 +02:00
Lennart Poettering
abdf799316 man: extend documentation for RestartPreventExitStatus= and SuccessExitStatus= a bit 2012-08-14 18:37:45 +02:00
Lennart Poettering
7560fffcd2 journald: initial version of FSPRG hookup
This adds forward-secure authentication of journal files. This patch
includes key generation as well as tagging of journal files,
Verification of journal files will be added in a later patch.
2012-08-13 20:31:10 +02:00
Lennart Poettering
5a7e959984 update TODO 2012-08-13 16:27:17 +02:00
Lennart Poettering
68f160039e update TODO 2012-08-13 15:39:25 +02:00
Lennart Poettering
f7357f59c3 update TODO 2012-08-09 17:25:22 +02:00
Lennart Poettering
0790b9fed4 update mailmap 2012-08-09 12:52:49 +02:00
Lennart Poettering
df1c8f6ac8 update TODO 2012-08-09 02:10:44 +02:00
Lennart Poettering
d7535514c3 update TODO 2012-08-08 21:44:40 +02:00
Lennart Poettering
5aea932fd5 update TODO 2012-08-08 19:19:45 +02:00
Lennart Poettering
918943c75f update TODO 2012-08-08 19:09:59 +02:00
Lennart Poettering
fd4d89b2c0 update TODO 2012-08-08 18:43:56 +02:00
Kay Sievers
d086fe4e08 TODO: misleading socket warning 2012-08-08 12:09:33 +02:00
Lennart Poettering
773ba90946 update TODO 2012-08-07 01:01:33 +02:00
Lennart Poettering
de2c390731 journalctl: include corrupted files in output
If a journal file was rotated away because it was corrupted or dirty we
should still show its contents via "journalctl".
2012-08-07 00:51:17 +02:00
Lennart Poettering
b3ac5f8cb9 mount-setup: change system mount propagation to shared by default
In order to make containers work nicely out of the box it is highly
desirable to have the mount propagation mode for the root fs is set as
"shared" by default so that containers receive system mounts by default.
(See mount --make-shared for more information).

As it is unlikely that the kernel will change the default to "shared"
for this, do this early at boot-up from PID 1. Setups which prefer the
default of "private" should undo this change via invoking "mount
--make-private /" or a similar command after boot.

In the long run /etc/fstab should take the propagation mode as a mount
option like any other, so that this may be used to change the default
mode. However, if fstab is not around or doesn't list / we still should
default to shared as propagation mode, hence this change now.
2012-08-06 18:35:01 +02:00
Shawn Landden
1421211924 continue work with error messages, log_oom()
Adds messages for formally silent errors: new "Failed on cmdline argument %s: %s".

Removes some specific error messages for -ENOMEM in mount-setup.c. A few specific
ones have been left in other binaries.
2012-08-06 16:37:01 +02:00
Lennart Poettering
8230e26dc9 update TODO 2012-08-06 16:36:13 +02:00
Kay Sievers
9cb48731b2 TODO: /etc/timezone 2012-08-06 15:09:46 +02:00
Lennart Poettering
dcfc4b2e5c update TODO 2012-08-03 21:49:06 +02:00
Zbigniew Jędrzejewski-Szmek
871b876ecc man: document three new cgtop options 2012-08-03 18:12:07 +02:00
Lennart Poettering
3bea51c59d update TODO 2012-08-01 19:53:24 +02:00
Lennart Poettering
4d9909c93e update TODO 2012-08-01 19:53:23 +02:00
Kay Sievers
73fcda2737 update TODO 2012-07-30 20:03:00 +02:00
Lennart Poettering
7212a8a99e logind: add new loginctl lock-sessions command 2012-07-29 17:08:47 +02:00
Lennart Poettering
56d4fbf92e systemctl: append .service to unit names lacking suffix
https://bugs.freedesktop.org/show_bug.cgi?id=39386
2012-07-28 13:20:35 +02:00
Lennart Poettering
47ae7201b1 update TODO 2012-07-27 12:21:39 +02:00
Lennart Poettering
941e990db1 journalctl: add --priority= switch for filtering by priority 2012-07-27 10:32:37 +02:00
Lennart Poettering
c51742d029 journald: log driver messages at LOG_INFO 2012-07-26 16:56:22 +02:00
Lennart Poettering
decab96090 update README 2012-07-26 15:56:56 +02:00
Kay Sievers
e146e4516b update TODO 2012-07-26 10:21:10 +02:00
Lennart Poettering
919a7f39e6 update TODO 2012-07-25 18:13:32 +02:00
Kay Sievers
88a6c5894c update TODO 2012-07-25 11:40:14 +02:00
Lennart Poettering
6a7353684b update TODO 2012-07-20 16:57:13 +02:00
Lennart Poettering
c4f1b86299 build-sys: prepare 187 2012-07-20 00:38:02 +02:00
Lennart Poettering
9f8d29834b journald: don't choke on journal files with no cutoff date 2012-07-19 02:03:22 +02:00
Lennart Poettering
bbd16ba573 update TODO 2012-07-18 13:13:15 +02:00
Lennart Poettering
a8bb2e6503 service: make start jobs wait, not fail, when an automatic restart is queued
When an automatic restart is already queued, then make subsequent start
jobs wait until the restart can be handled (i.e. after the holdhoff
time), instead of simply fail.
2012-07-18 02:28:08 +02:00
Lennart Poettering
6b78f9b435 unit: don't serialize job state, only unit state across switch-root 2012-07-18 01:46:52 +02:00
Lennart Poettering
cee530bb23 switch-root: don't wait for processes
When we transition from the initrd to the main system, don't reap
processes, so that they can be handled normally after deserialization.
2012-07-17 17:44:26 +02:00
Lennart Poettering
02b89260ce update TODO 2012-07-17 16:33:35 +02:00
Lennart Poettering
8351ceaea9 execute: support syscall filtering using seccomp filters 2012-07-17 04:17:53 +02:00
Lennart Poettering
a6c9b1c492 man: actually generate h2 headers for letters in index as we meant to 2012-07-16 19:26:08 +02:00
Ville Skyttä
49f43d5f91 Spelling fixes. 2012-07-16 12:16:29 +02:00
Kay Sievers
4cb72937d3 udev: get rid of TEST_PREFIX and use unshare() to fake /sys, /dev, /run 2012-07-15 22:10:46 +02:00
Kay Sievers
17ec33d69e update TODO 2012-07-15 15:55:47 +02:00
Lennart Poettering
7f2cddae09 unit: rename BindTo= to BindsTo=
all other dependencies are in 3rd person. Change BindTo= accordingly to
BindsTo=.

Of course, the dependency is widely used, hence we parse the old name
too for compatibility.
2012-07-13 23:34:40 +02:00
Lennart Poettering
9a1d541663 build-sys: don't install sd-readahead.h as include file, but as documentation
sd-readahead.h is supposed to be a drop-in API, nothing people should
ever link to or could make use without also adding sd-readahead.c to
their sources. Hence, don't install this header file into INCLUDES, but
instead install it as DOCS.
2012-07-13 22:47:46 +02:00
Lennart Poettering
b59866aefa man: document sd_journal_get_cutoff_realtime_usec() 2012-07-13 20:17:37 +02:00
Lennart Poettering
b7def68494 util: rename join() to strjoin()
This is to match strappend() and the other string related functions.
2012-07-13 13:41:01 +02:00
Zbigniew Jędrzejewski-Szmek
ba961854dd journalctl: show any printable Unicode character
This makes sure we are OK in outputting all valid, non-control UTF-8
characters, instead of just printable 7bit ASCII.
2012-07-13 01:07:41 +02:00
Lennart Poettering
3a419b9848 update TODO 2012-07-13 00:32:33 +02:00
Kay Sievers
347e1b6df0 update TODO 2012-07-11 03:32:28 +02:00
Lennart Poettering
d957be9bae update TODO 2012-07-11 02:45:00 +02:00
Lennart Poettering
14a65d65a0 journalctl: add a marker to log output for reboots
With this we'll print a marker "----- Reboot -----" between two
subsequent lines with different boot IDs.
2012-07-11 01:36:55 +02:00
Lennart Poettering
a963990ff4 journal: rework directory enumeration/watch logic
There's now sd_journal_new_directory() for watching specific journal
directories. This is exposed in journalctl -D.

sd_journal_wait() and sd_journal_process() now return whether changes in
the journal are invalidating or just appending.

We now create inotify kernel watches only when we actually need them
2012-07-11 01:08:38 +02:00
Lennart Poettering
166503dada update TODO 2012-07-10 19:44:19 +02:00
Lennart Poettering
205c4d1d6a journald: use "persistent", not "permanent" as storage option
"permanent" is simply the wrong term and we use "persistant" in most
other contexts to correct this.
2012-07-10 19:39:27 +02:00
Lennart Poettering
805623aaa4 update TODO 2012-07-10 19:36:29 +02:00
Lennart Poettering
3131f6c362 update TODO 2012-07-10 19:20:30 +02:00
Lennart Poettering
94163dd543 update TODO 2012-07-10 19:06:59 +02:00
Lennart Poettering
825c6fe5eb util: add extra safety check to in_initrd()
initrds can only be on tmpfs or ramfs, so check for that
2012-07-10 18:46:26 +02:00
Lennart Poettering
a9f55579e8 update TODO 2012-07-10 18:06:06 +02:00
Lennart Poettering
0bf07cb5e4 update TODO 2012-07-10 17:07:32 +02:00
Lennart Poettering
c66d36e5b5 update TODO 2012-07-10 16:46:15 +02:00
Lennart Poettering
d246fbb054 update TODO 2012-07-10 00:33:13 +02:00
Lennart Poettering
be0aa78406 update TODO 2012-07-10 00:32:22 +02:00
Lennart Poettering
c61a4f22c1 update TODO 2012-07-10 00:03:14 +02:00
Lennart Poettering
461b182232 paranoia: refuse rm_rf("/") 2012-07-09 17:30:22 +02:00
Lennart Poettering
1235509582 man: document libsystemd-id128 2012-07-06 21:29:31 +02:00
Lennart Poettering
f1c8f75b38 man: explain StartLimitRate= in conjunction with Restart= a bit better 2012-07-04 00:07:33 +02:00
Lennart Poettering
9946996cda load-fragment: a few modernizations 2012-07-03 16:10:04 +02:00
Lennart Poettering
f4bad2bd2a journal: default ImportKernel=no until we make use of structured logging 2012-07-03 14:07:10 +02:00
Lennart Poettering
e590af2666 journal: fix iteration through journal if one file is corrupt 2012-07-03 11:58:16 +02:00
Lennart Poettering
d197064541 update TODO 2012-07-03 02:02:13 +02:00
Colin Guthrie
51dfddc2cc units: Rename systemd-udev.service to systemd-udevd.service
This naming convention is more inline with other systemd daemon
unit names (systemd-logind.service, systemd-localed.service etc)

The companion .socket units have also been renamed, however the
-trigger and -settle units keep their current name as these are
not directly related to daemon process itself.
2012-07-02 23:21:51 +02:00
Lennart Poettering
b5b4c94a67 NEWS: Prepare NEWS file for next release 2012-07-02 11:38:03 +02:00
Lennart Poettering
e156d769c3 journald: add Storage= setting to control where the journal is stored 2012-07-02 10:43:57 +02:00
Lennart Poettering
29252e9e5b manager: turn notify socket into abstract namespace socket again
sd_notify() should work for daemons that chroot() as part of their
initilization, hence it's a good idea to use an abstract namespace
socket which is not affected by chroot.
2012-07-02 10:43:57 +02:00
Lennart Poettering
59cea26a34 journalctl: add new switch -b to show data from current boot only 2012-07-02 10:43:56 +02:00
Lennart Poettering
33c5fae939 manager: serialize/deserialize job counters across reexec/reload 2012-06-29 19:47:38 +02:00
Lennart Poettering
5e4a79da3a logind: add PreparingForShutdown/PreparingForSleep properties 2012-06-29 19:38:35 +02:00
Lennart Poettering
9d074e618d update TODO 2012-06-29 19:15:12 +02:00
Lennart Poettering
b4efdf9720 remount-fs: also remount /usr according to fstab 2012-06-29 16:14:43 +02:00
Lennart Poettering
5b6a2c5aab man: add references to the new inhibitor lock documentation 2012-06-29 16:14:43 +02:00
Lennart Poettering
d9ef1eafa0 update TODO 2012-06-28 13:20:28 +02:00
Lennart Poettering
3471bedc00 update TODO 2012-06-27 22:38:35 +02:00
Lennart Poettering
5231084b47 units: add explicit dependency on display-manager.service to graphical.target
This replaces the symlink based dependency by an explicit one in the
unit file so that we avoid the dangling symlink when no display manager
is installed.
2012-06-27 22:23:16 +02:00
Lennart Poettering
eeb875144e update TODO 2012-06-27 15:35:15 +02:00
Lennart Poettering
a32f224aaf man: document systemd-fsck 2012-06-27 00:37:36 +02:00
Lennart Poettering
af6da548aa core: make systemd.confirm_spawn=1 actually work
This adds a timeout if the TTY cannot be acquired and makes sure we
always output the question to the console, never to the TTY of the
respective service.
2012-06-26 12:21:43 +02:00
Lennart Poettering
35eb6b124e cryptsetup: fix escaping when generating cryptsetup units 2012-06-25 20:16:15 +02:00
Lennart Poettering
8ff290af3b unit: drop the Names= option
Names= is a source of errors, simply because alias names specified like
this only become relevant after a unit has been loaded but cannot be
used to load a unit.

Let's get rid of the confusion and drop this field. To establish alias
names peope should use symlinks, which have the the benefit of being
useful as key to load a unit, even though they are not taken into
account if unit names are listed but they haven't been explicitly
referenced before.
2012-06-22 16:24:57 +02:00
Lennart Poettering
a3a3e5b6ae dbus: don't expose SysVInitPath and SysVRcndPath on the bus
People should use systemd.pc if anything at all to determine these
directories, and people should not assume that the bus fields are part
of the supported API, so let's just drop this.
2012-06-22 16:18:51 +02:00
Lennart Poettering
b0193f1c1f systemctl: automatically turn paths and unescaped unit names into proper unit names
This makes sure that

  systemctl status /home

is implicitly translated to:

  systemctl status /home.mount

Similar, /dev/foobar becomes dev-foobar.device.

Also, all characters that cannot be part of a unit name are implicitly
escaped.
2012-06-22 13:08:48 +02:00
Lennart Poettering
9473414219 fstab-generator: support fstab=/rd.fstab= kernel cmdline
This generalizes functionality already available in dracut.
2012-06-22 10:27:05 +02:00
Lennart Poettering
c66e7bc7a1 man: document all kernel command line options we understand 2012-06-22 01:35:52 +02:00
Lennart Poettering
87ce22cc0d readahead: merge three binaries into one
since the binaries share much of the same code and we better load only
one binary instead of two from disk at early boot let's merge the three
readahead binaries into one. This also allows us to drop a lot of
duplicated code.
2012-06-21 23:53:20 +02:00
Lennart Poettering
590f18a27c rpm: include RPM macro definition for .spec snippets
Let's try to standardize a bit the RPM macros used for
installing/uninstalling services.

This only covers the non-SysV compat bits, since that tends to vary
widely between the various distros.

Usage:

Add %{?systemd_requires} to the header of the spec file. And then:

%post
%systemd_post foobar.service

%preun
%systemd_preun foobar.service

%postun
%systemd_postun foobar.service

And, instead of the latter, in case the service shall be restarted on updates:

%postun
%systemd_postun_restart foobar.service
2012-06-21 22:14:17 +02:00
Lennart Poettering
0604381b9d logind: introduce a state for session, being one of online, active, closing
online = logged in
active = logged in and session is in the fg
closing = nominally logged out but some left-over processes still around

Related to:

https://bugzilla.gnome.org/show_bug.cgi?id=677556
2012-06-21 16:14:53 +02:00
Lennart Poettering
f1a8e221ec logind: expose CanGraphical and CanTTY properties on seat objects
Since we boot so fast now that gdm might get started before the
graphics drivers are properly loaded and probed we might end up
announcing seat0 to gdm before it has graphics capabilities. Which will
cause gdm/X11 cause to fail later on.

To fix this race, let's expose CanGraphical and CanTTY fields on all
seats, which clarify whether a seat is suitable for gdm resp, suitable
for text logins. gdm then needs to watch CanGraphical and spawn X11 on
it only if it is true.

This way:

USB graphics seats will expose CanGraphical=yes, CanTTY=no

Machines with no graphics drivers at all, but a text console:
CanGraphical=no, CanTTY=yes

Machines with CONFIG_VT turned off: CanGraphical=yes, CanTTY=no

And the most important case: seat0 where the graphics driver has not
been probed yet boot up with CanGraphical=no, CanTTY=yes first, which
then changes to CanGraphical=yes as soon as the probing is complete.
2012-06-21 13:48:01 +02:00
Lennart Poettering
cd8e457c58 update TODO 2012-06-20 16:03:57 +02:00
Lennart Poettering
d139b24a80 update TODO 2012-06-20 14:31:00 +02:00
Lennart Poettering
24f3a374b9 tmpfiles: exclude the first level directories in /run/user from automatic clean up
It's logind's job to maintain those user dirs, so avoid automatic clean
up for them. However, we do cover everything within them.
2012-06-20 09:05:50 +02:00
Lennart Poettering
ba6b303953 journal: rotate on SIGUSR2 2012-06-17 00:03:12 +02:00
Kay Sievers
98cfcde5f4 update TODO 2012-06-04 16:40:08 +02:00
Lennart Poettering
0d9243f022 journal: support changing the console tty to forward to 2012-06-01 17:27:16 +02:00
Kay Sievers
871206d340 update TODO 2012-05-31 22:18:13 +02:00
Lennart Poettering
88f8ffbd63 units: add Documentation= field to console-getty.service 2012-05-31 14:51:17 +02:00
Lennart Poettering
256425cc10 systemctl: introduce "systemctl man" to show man page for unit
For now this only reads man: URLs, but later on we might want to support
info: too. http/https is probably out of focus.
2012-05-31 04:11:57 +02:00
Lennart Poettering
d7e1c95e0a login: properly detect MIMO USB displays
MIMO USB displays use a generic VID/PID for the hub component. With a
bit of trickery we can detect them by the VID/PID of the graphics
component.
2012-05-31 01:20:37 +02:00
Lennart Poettering
e05137989b update TODO 2012-05-30 23:39:15 +02:00
Shawn Landden
509407003d journalctl: support /usr/bin/nginx, etc 2012-05-30 22:34:20 +02:00
Lennart Poettering
ba1261bc02 build-sys: fix built with --disable-logind 2012-05-30 22:25:01 +02:00
Lennart Poettering
6c3569e11a journald: ignore messages read from /proc/kmsg that we generated via /dev/kmsg
Avoid a busy loop.
2012-05-30 15:42:35 +02:00
Lennart Poettering
eb26728931 sleep: print nice messages right before and right after system hibernate/sleep 2012-05-30 15:04:39 +02:00
Lennart Poettering
069cfc85f8 logind: optionally handle power, sleep and lid switch events
This takes handling of chassis power and sleep keys as well as the lid
switch over from acpid.

This logic is enabled by default for power and sleep keys, but not for
the lid switch.

If a graphical session is in the foreground no action is taken under the
assumption that the graphical session does this.
2012-05-30 15:01:51 +02:00
Lennart Poettering
939b8f14dc capabilities: when dropping capabilities system-wide also drop them from usermode helpers
This hooks things up with /proc/sys/kernel/usermodehelper/bset and
/proc/sys/kernel/usermodehelper/inheritable.
2012-05-29 23:35:17 +02:00
Kay Sievers
9246319f1f update TODO 2012-05-29 23:15:34 +02:00
Lennart Poettering
6b17d77e3e TODO 2012-05-29 19:46:58 +02:00
Kay Sievers
762f91fa60 update TODO 2012-05-29 12:19:40 +02:00
Kay Sievers
78cd73fcf6 update TODO 2012-05-29 02:10:16 +02:00
Lennart Poettering
8bbabc447b update TODO 2012-05-24 17:04:04 +02:00
Lennart Poettering
680705351d test: add touch to test machine 2012-05-24 15:21:43 +02:00
Lennart Poettering
ec8927ca59 main: add configuration option to alter capability bounding set for PID 1
This also ensures that caps dropped from the bounding set are also
dropped from the inheritable set, to be extra-secure. Usually that should
change very little though as the inheritable set is empty for all our uses
anyway.
2012-05-24 04:00:56 +02:00
Lennart Poettering
d5c446c95a update TODO 2012-05-23 12:52:39 +02:00
Lennart Poettering
1afd5be42f journal: don't complain if SELinux userspace is available but the kernel lacks it 2012-05-23 12:49:41 +02:00
Lennart Poettering
7b63bde1ed update TODO 2012-05-23 03:51:55 +02:00
Lennart Poettering
7c4c5f68a5 update TODO 2012-05-22 23:11:21 +02:00
Lennart Poettering
6b1dc2bd3c mount: replace PID1 internal fstab parser with generator
Bit by bit we should remove non-unit parsing from PID 1 and move into
generators, to clean up our code base a bit and clearly separate
parsers.
2012-05-22 19:25:17 +02:00
Lennart Poettering
8f33b5b8b3 util: rework in_initrd() logic
Checking the device major/minor is not a good idea. Let's replace this
with an explicit flag file, which we model after /etc/os-release and
call /etc/initrd-release.
2012-05-21 20:00:58 +02:00
Lennart Poettering
06e2968ea6 update TODO 2012-05-21 18:18:15 +02:00
Lennart Poettering
5b40d33761 update TODO 2012-05-21 17:55:54 +02:00
Lennart Poettering
f7f21d33db cryptsetup: a few simplifications 2012-05-21 17:22:40 +02:00
Lennart Poettering
97f25a02ee update TODO 2012-05-21 15:34:33 +02:00
Lennart Poettering
b86fa936ce update TODO 2012-05-21 15:28:07 +02:00
Lennart Poettering
1ab27db890 update TODO 2012-05-21 02:02:19 +02:00
Lennart Poettering
27b5482cc0 delta: add systemd-delta tool to find overriden configuration and unit files 2012-05-16 03:24:50 +02:00
Kay Sievers
20bbd54f60 udev: libudev - bump soname, remove deprecated functions, introduce symbol versions 2012-05-15 23:06:26 +02:00
Lennart Poettering
c1d70f7ca5 namespace: make PrivateTmp= apply to both /tmp and /var/tmp 2012-05-14 22:41:30 +02:00
Lennart Poettering
1c334d993a update TODO 2012-05-14 22:41:30 +02:00
Lennart Poettering
07f74a7ebd update TODO 2012-05-09 01:26:30 +02:00
Lennart Poettering
d889a2069a logind: implement suspend/hibernate calls with inhibition logic 2012-05-08 19:02:25 +02:00
Lennart Poettering
6edd7d0a09 sleep: implement suspend/hibernate as first class targets 2012-05-08 13:54:23 +02:00
Lennart Poettering
4943c1c94b logind: use "sleep" as generic term for "suspend", "hibernate", and later on "hybrid suspend" 2012-05-08 13:54:23 +02:00
Lennart Poettering
14038c2e83 update TODO 2012-05-07 22:20:56 +02:00
Lennart Poettering
465349c06d Update TODO 2012-05-07 22:20:55 +02:00
Lennart Poettering
eecd1362f7 logind: implement delay inhibitor locks in addition to block inhibitor locks
This is useful to allow applications to synchronously save data before
the system is suspended or shut down.
2012-05-05 00:36:08 +02:00
Kay Sievers
a26336da87 update TODO 2012-05-04 19:06:07 +02:00
Lennart Poettering
8703d59bee update TODO 2012-05-04 00:43:36 +02:00
Lennart Poettering
189455ab08 readahead: store inode numbers in pack file
If the inode nr for each file is available in the pack file we can
easily detect replaced files (like they result from package upgrades)
which we can then skip to readahead.
2012-05-04 00:34:12 +02:00
Lennart Poettering
37099707e2 cgroup: fix alloca() misuse in cg_shorten_controllers() 2012-05-03 23:23:38 +02:00
Lennart Poettering
06dab8e18a dbus: include unit name in JobNew/JobRemoved signals
This breaks D-Bus interface slightly, but since the D-Bus API isn't
covered by the interface stability promise this should be OK.
2012-05-03 22:53:25 +02:00
Lennart Poettering
7e2668c6fd service: warn if a dbus name is specified but the service type is not dbus 2012-05-03 14:42:49 +02:00
Lennart Poettering
e85647f73e update TODO 2012-05-03 02:25:49 +02:00
Lennart Poettering
c3276d2791 TODO 2012-04-30 10:52:07 +02:00
Lennart Poettering
896c3c783c update TODO 2012-04-30 10:52:07 +02:00
Kay Sievers
4ee7178202 update TODO 2012-04-30 00:46:38 +02:00
Kay Sievers
e01a15b71e update TODO 2012-04-26 02:03:31 +02:00
Lennart Poettering
a888b352eb update TODO 2012-04-24 14:59:54 +02:00
Lennart Poettering
3b2d5b02ae readahead: rather than checking for virtualization in the C code, use ConditionVirtualization= in the unit 2012-04-24 13:14:40 +02:00
Lennart Poettering
144f0fc0c8 nspawn: add --uuid= switch to allow setting the machine id for the container 2012-04-22 14:48:21 +02:00
Lennart Poettering
0f0dbc46cc nspawn: add -b switch to automatically look for an init binary 2012-04-22 14:11:32 +02:00
Lennart Poettering
3d9a412243 util: fix tty_is_vc_resolve() in a container where /sys/class/tty/console/active is misleading 2012-04-22 01:59:11 +02:00
Lennart Poettering
9efaf380a7 update TODO 2012-04-22 00:33:24 +02:00
Lennart Poettering
a0a3844815 main: log to the journal in container mode, by default 2012-04-20 12:40:01 +02:00
Kay Sievers
80037e4d17 docs: rebase html documentation for online and local use 2012-04-19 19:00:35 +02:00
Kay Sievers
ebcd5d3acd update TODO 2012-04-18 20:31:16 +02:00
Kay Sievers
88f642c00b build-sys: move dev-setup to label.la 2012-04-18 16:13:37 +02:00
Kay Sievers
5ba2dc259f udev: unify /dev static symlink setup 2012-04-17 22:31:38 +02:00
Kay Sievers
20ffc4c4a9 update TODO 2012-04-17 18:47:49 +02:00
Kay Sievers
512dabcdc6 update TODO 2012-04-17 16:54:45 +02:00
Lennart Poettering
25016cb67f update TODO 2012-04-17 15:36:03 +02:00
Kay Sievers
7c66aeba0f update TODO 2012-04-17 02:55:39 +02:00
Kay Sievers
9e13dbae50 udev: replace util_create_path() with mkdir_parents() 2012-04-17 01:09:39 +02:00
Kay Sievers
6ada823a9a udev: remove configuration options for /dev, /sys, /run directories 2012-04-16 19:20:57 +02:00
Lennart Poettering
b59e246565 logind: remove redundant entries from logind's default controller lists too 2012-04-16 19:15:00 +02:00
Lennart Poettering
b69d29ce04 systemctl: show main and control PID explicitly in cgroup-show
In some cases the main/control PID of a service can be outside of the
services cgroups (for example, if logind readjusts the processes'
cgroup). In order to clarify this for the user show the main/control PID
in the cgroup tree nonetheless, but mark them specially.
2012-04-16 18:59:40 +02:00
Lennart Poettering
c3175a7f40 cgls: don't show empty cgroups by default 2012-04-16 18:59:08 +02:00
Lennart Poettering
f8e2fb7b14 logind: add shutdown/suspend/idle inhibition framework 2012-04-16 18:59:08 +02:00
Kay Sievers
80172751b7 udev: udev_monitor_new_from_socket() - log error and remove from public header 2012-04-15 18:52:42 +02:00
Kay Sievers
194bbe3338 udev: cleanup the udev cgroup when the daemon enters the idle state 2012-04-15 03:11:08 +02:00
Kay Sievers
b45f770f00 udev: clarify man page regarding starting dameons 2012-04-14 21:53:26 +02:00
Lennart Poettering
ecedd90fcd service: place control command in subcgroup control/
Previously, we were brutally and onconditionally killing all processes
in a service's cgroup before starting the service anew, in order to
ensure that StartPre lines cannot be misused to spawn long-running
processes.

On logind-less systems this has the effect that restarting sshd
necessarily calls all active ssh sessions, which is usually not
desirable.

With this patch control processes for a service are placed in a
sub-cgroup called "control/". When starting a service anew we simply
kill this cgroup, but not the main cgroup, in order to avoid killing any
long-running non-control processes from previous runs.

https://bugzilla.redhat.com/show_bug.cgi?id=805942
2012-04-13 23:29:59 +02:00
Lennart Poettering
8aec53fb90 polkit: spawn agent in --fallback mode 2012-04-13 21:52:42 +02:00
Léo Gillot-Lamure
40c32a4ad4 One can specify in which cgroup hierarchies a systemd-nspawn container will appear 2012-04-12 00:46:09 +02:00
Lennart Poettering
23e0573cea update TODO 2012-04-11 23:56:58 +02:00
Lennart Poettering
4771148bb9 units: exclude gettys from isolate requests
gettys are nowadays mostly autospawned and hence usually subject to
being shut down on isolate requests, since they are no dependency of any
other unit. This is a bad idea if the user isolates between
multi-user.graphical and graphical.target, hence exclude them from the
isolation.

This has the effect that gettys no longer cleaned up when
emergency.target is isolated, which might actualy be considered a
feature, even though it is a change from previous behaviour...

Note that the one getty that really matters (the one on tty1) is still
removed when isolating to emergency.target since it conflicts with
emergency.service.
2012-04-11 22:37:48 +02:00
Lennart Poettering
f25626edf4 main: disarm watchdog when preparing for reexecution 2012-04-11 18:40:22 +02:00