Since this is a shortopt with an optional argument, assume the user
knows what they're doing. The longopts --boot and --this-boot will
continue to offer boot IDs as completions.
This flag shouldn't try and consume the following argument. It should
behave like every other flag which takes an optional argument when
parsed by getopt_long.
Even if the lower-leveld dbus1 protocol calls it "serial", let's expose
the word "cookie" for this instead, as this is what kdbus uses and since
it doesn't imply monotonicity the same way "serial" does.
Since 0c6f1f4ea4 the check was useless, because the kernel will
ever only write "partition" or "file" there.
OTOH, it is possible that "\\040(deleted)" (escaped " (deleted)")
will be added for removed files. This should not happen, so add
a warning to detect those cases.
Various operations done by systemd-tmpfiles may only be safely done at
boot (e.g. removal of X lockfiles in /tmp, creation of /run/nologin).
Other operations may be done at any point in time (e.g. setting the
ownership on /{run,var}/log/journal). This distinction is largely
orthogonal to the type of operation.
A new switch --unsafe is added, and operations which should only be
executed during bootup are marked with an exclamation mark in the
configuration files. systemd-tmpfiles.service is modified to use this
switch, and guards are added so it is hard to re-start it by mistake.
If we install a new version of systemd, we actually want to enforce
some changes to tmpfiles configuration immediately. This should now be
possible to do safely, so distribution packages can be modified to
execute the "safe" subset at package installation time.
/run/nologin creation is split out into a separate service, to make it
easy to override.
https://bugzilla.redhat.com/show_bug.cgi?id=1043212https://bugzilla.redhat.com/show_bug.cgi?id=1045849
Condition for /lib (necessary for split /usr) was missing from the unit.
Some changes which were done in tmpfiles.d(5) were not carried over to
systemd-tmpfiles(1).
Also use markup where possible.
This allows userspace to fake kdbus creds via struct ucred in the proxy,
without making the recieving side choke on the missing fields of the
kdbus struct, more precisel pid_starttime and tid
Previously we invalidated the peeked signature as soon as the caller
would recurse into a container, making stack based handling difficult.
With this change we will keep the peeked signature around until the user
advances to the next field.