Karol Lewandowski [Thu, 16 May 2013 08:40:03 +0000 (10:40 +0200)]
Make it possible to disable smack separately from xattr support
Additionally, compile out rule loading if feature is disabled.
Lennart Poettering [Fri, 17 May 2013 02:25:56 +0000 (04:25 +0200)]
bus: add APIs for negotiating what is attached to messages
Lennart Poettering [Fri, 17 May 2013 01:13:58 +0000 (03:13 +0200)]
bus: add minimal locking around the memfd cache
We want to allow clients to process an sd_bus_message on a different
thread than it was received on. Since unreffing a bus message might
readd some of its memfds to the memfd cache add some minimal locking
around the cache.
Lennart Poettering [Fri, 17 May 2013 00:50:00 +0000 (02:50 +0200)]
bus: return ECHILD as soon as people try to reuse a bus connection across a fork()
Lennart Poettering [Fri, 17 May 2013 00:32:32 +0000 (02:32 +0200)]
bus: actually unmap kdbus pool after use
Lennart Poettering [Fri, 17 May 2013 00:22:37 +0000 (02:22 +0200)]
bus: keep kernel bus fd around during entire life-time of bus
We need this since we might need to invoke the release ioctl for
messages. Since we don't want to add any locking for that we simply keep
a reference to the bus and then rely that the fd stays valid all the
time.
Zbigniew Jędrzejewski-Szmek [Thu, 16 May 2013 00:42:22 +0000 (20:42 -0400)]
systemd-delta: count overrides only of the requested type
Lukas Nykryn [Thu, 16 May 2013 09:09:03 +0000 (11:09 +0200)]
systemd-delta: add support for drop-in snippets
Lennart Poettering [Thu, 16 May 2013 19:52:35 +0000 (21:52 +0200)]
bus: make bus ref counting atomic
This is preparation to allow sd_bus_message obejcts to be processed in a
different thread from their originating sd_bus object.
Lennart Poettering [Thu, 16 May 2013 19:14:56 +0000 (21:14 +0200)]
bus: synthesize timeout message errors instead of returning error codes
Lennart Poettering [Thu, 16 May 2013 14:53:03 +0000 (16:53 +0200)]
bus: implement sd_bus_message_append_string_memfd()
Lennart Poettering [Thu, 16 May 2013 14:26:35 +0000 (16:26 +0200)]
bus: send memfds as payload only on directed messages and for large parts
Zbigniew Jędrzejewski-Szmek [Thu, 16 May 2013 04:38:39 +0000 (00:38 -0400)]
systemd-python: do not attempt to convert str to bytes
Bug-spotted-by: Steven Hiscocks <steven-systemd@hiscocks.me.uk>
Chengwei Yang [Tue, 14 May 2013 01:03:04 +0000 (09:03 +0800)]
Fix syscall(__NR_fanotify_mark, ...) on arm
Michał Bartoszkiewicz [Wed, 15 May 2013 09:28:58 +0000 (11:28 +0200)]
journal: correctly convert usec_t to timespec.
Use timespec_store instead of (incorrectly) doing it inline.
Lennart Poettering [Thu, 16 May 2013 00:37:42 +0000 (02:37 +0200)]
bus: implement receiving side of memfd hookup
Lennart Poettering [Thu, 16 May 2013 00:04:13 +0000 (02:04 +0200)]
bus: put together messages with memfd payload correctly
Lennart Poettering [Wed, 15 May 2013 22:19:03 +0000 (00:19 +0200)]
utmp: turn systemd-update-utmp-shutdown.service into a normal runtime service
With this change systemd-update-utmp-shutdown.service is replaced by
systemd-update-utmp.service which is started at boot and stays around
until shutdown. This allows us to properly order the unit against both
/var/log and auditd.
https://bugzilla.redhat.com/show_bug.cgi?id=853104
https://bugs.freedesktop.org/show_bug.cgi?id=64365
Lennart Poettering [Wed, 15 May 2013 20:40:36 +0000 (22:40 +0200)]
update TODO
Lennart Poettering [Wed, 15 May 2013 20:38:51 +0000 (22:38 +0200)]
units: rework systemd-random-seed-{load,save}.service to be a single service
That way ordering it with MountsRequiredFor= works properly, as this no
longer results in mount units start requests to be added to the shutdown
transaction that conflict with stop requests for the same unit.
Lennart Poettering [Wed, 15 May 2013 17:45:05 +0000 (19:45 +0200)]
bus: add support for adding memfds into message payload
Zbigniew Jędrzejewski-Szmek [Wed, 15 May 2013 03:08:00 +0000 (23:08 -0400)]
journalctl: add -k/--dmesg
Zbigniew Jędrzejewski-Szmek [Wed, 15 May 2013 02:23:00 +0000 (22:23 -0400)]
build-sys: fix gtkdocize check
gtkdocize: GTK_DOC_CHECK not called in configure.ac
Fixup for
6581f00f7ea.
Zbigniew Jędrzejewski-Szmek [Wed, 15 May 2013 02:10:44 +0000 (22:10 -0400)]
build-sys: properly report missing gtk-doc
This brings the check for ENABLE_GTK_DOC in line with
HAVE_INTROSPECTION and other similar checks. Only
the status line that is printed with uninstalled
gtk-doc is changed.
https://bugs.freedesktop.org/show_bug.cgi?id=63108
Thomas Hindoe Paaboel Andersen [Fri, 12 Oct 2012 18:26:47 +0000 (20:26 +0200)]
sd-journal: check if the pointers passed are the same
Johan Heikkilä [Fri, 3 May 2013 13:59:51 +0000 (16:59 +0300)]
keymap: Add support for Eject button on MSI GE60/GE70
Lennart Poettering [Wed, 15 May 2013 00:56:45 +0000 (02:56 +0200)]
bus: rework message struct to keep header with fields in same malloc() block
This allows us to guarantee that the first payload_vec we pass to the
kernel for each message is guaranteed to include the full header and all
its field.
Lennart Poettering [Tue, 14 May 2013 23:43:15 +0000 (01:43 +0200)]
bus: add macro for iterating through body parts of a message
Lennart Poettering [Tue, 14 May 2013 23:36:09 +0000 (01:36 +0200)]
bus: minor fixes
Lennart Poettering [Tue, 14 May 2013 22:46:24 +0000 (00:46 +0200)]
bus: seal off memfds when sealing messages
Lennart Poettering [Tue, 14 May 2013 20:52:58 +0000 (22:52 +0200)]
bus: fix allocation of body parts from memfd
Lennart Poettering [Tue, 14 May 2013 20:24:26 +0000 (22:24 +0200)]
bus: properly handle message bodies that are a chain of memory areas rather than a single one
Kay Sievers [Tue, 14 May 2013 14:13:52 +0000 (16:13 +0200)]
bus: add and use UINT64_TO_PTR()
Lennart Poettering [Tue, 14 May 2013 12:01:20 +0000 (14:01 +0200)]
update TODO
Auke Kok [Mon, 13 May 2013 21:40:55 +0000 (14:40 -0700)]
journald-stream: typo in error message.
Kay Sievers [Mon, 13 May 2013 20:21:54 +0000 (22:21 +0200)]
TODO: add "debug" kernel cmdline switch
Kay Sievers [Mon, 13 May 2013 13:12:25 +0000 (15:12 +0200)]
bus: test-bus-memfd - use pread()/pwrite()
Kay Sievers [Mon, 13 May 2013 03:56:31 +0000 (05:56 +0200)]
bus: update test-bus-memfd
Kay Sievers [Sun, 12 May 2013 18:11:03 +0000 (20:11 +0200)]
bus: remove KDBUS_MAKE_ACCESS_WORLD, remove (n_payload > 2) check
KDBUS_MAKE_ACCESS_WORLD is no longer needed, the kernel creates the
kdbus device node with the uid/gid of the caller now.
Auke Kok [Sat, 11 May 2013 20:40:08 +0000 (13:40 -0700)]
Add support for ConditionSecurity=ima
Just as with SMACK, we don't really know if a policy has been
loaded or not, as the policy interface is write-only. Assume
therefore that if ima is present in securityfs that it is
enabled.
Update the man page to reflect that "ima" is a valid option
now as well.
Auke Kok [Sat, 11 May 2013 20:35:38 +0000 (13:35 -0700)]
Re-indent with spaces.
Kay Sievers [Sat, 11 May 2013 12:48:24 +0000 (14:48 +0200)]
bus: update test-bus-memfd
Kay Sievers [Fri, 10 May 2013 17:58:05 +0000 (19:58 +0200)]
bus: fix test-bus-memfd
Lennart Poettering [Fri, 10 May 2013 17:15:55 +0000 (19:15 +0200)]
bus: fix error check in memfd code
Lennart Poettering [Fri, 10 May 2013 15:33:44 +0000 (17:33 +0200)]
bus: extend memfd test
Dave Reisner [Fri, 10 May 2013 12:59:00 +0000 (08:59 -0400)]
nspawn: only warn about audit when booting the container
The audit subsystem isn't relevant when nspawn is only being used as a
chroot.
Lennart Poettering [Fri, 10 May 2013 12:34:57 +0000 (14:34 +0200)]
bus: add new API for kdbus memfd functionality
Kay Sievers [Fri, 10 May 2013 02:55:43 +0000 (04:55 +0200)]
kdbus: update kdbus.h from upstream
Lennart Poettering [Fri, 10 May 2013 01:36:55 +0000 (03:36 +0200)]
bus: catch up with latest kdbus
Lennart Poettering [Thu, 9 May 2013 23:12:15 +0000 (01:12 +0200)]
bus: add sd_bus_message_append_string_space() for zero-copy string appending
Colin Walters [Thu, 9 May 2013 23:31:20 +0000 (19:31 -0400)]
nspawn: Include netlink headers rather than using #ifdef
This is a better fix than
e13e1fad8b231e187bd5de3ce668411bdcd3ac1a for
failing to compile without audit that
77b6e19458f37cfde127ec6aa9494c0ac45ad890 introduced.
Colin Walters [Thu, 9 May 2013 22:32:32 +0000 (18:32 -0400)]
Fix previous commit for !HAVE_AUDIT
Zbigniew Jędrzejewski-Szmek [Thu, 9 May 2013 22:28:15 +0000 (18:28 -0400)]
systemd-python: allow threads around flush
flush() is potentially costly.
Zbigniew Jędrzejewski-Szmek [Thu, 9 May 2013 22:25:54 +0000 (18:25 -0400)]
systemd-python: use consistent indentation
Lennart Poettering [Thu, 9 May 2013 22:14:12 +0000 (00:14 +0200)]
audit: since audit is apparently never going to be fixed for containers tell the user what's going on
Let's try to be helpful to the user and give him a hint what he can do
to make nspawn work with normal OS containers.
https://bugzilla.redhat.com/show_bug.cgi?id=893751
Eelco Dolstra [Tue, 7 May 2013 12:16:53 +0000 (14:16 +0200)]
Start ctrl-alt-del.target irreversibly
This makes ctrl-alt-del reboots more robust, just like "systemctl
reboot".
Zbigniew Jędrzejewski-Szmek [Thu, 9 May 2013 22:10:44 +0000 (18:10 -0400)]
build-sys: add convinience 'make python-shell'
This will launch $(PYTHON) with $LD_LIBRARY_PATH and $PYTHONPATH
as ./configure-d and DESTDIR-ed. Use as:
make install DESTDIR=/var/tmp/inst python-shell
Zbigniew Jędrzejewski-Szmek [Thu, 9 May 2013 22:10:30 +0000 (18:10 -0400)]
systemd-python: wrap sd_login_monitor
Lennart Poettering [Thu, 9 May 2013 18:00:51 +0000 (20:00 +0200)]
bus: add API for appending/reading fixed arrays
Auke Kok [Thu, 9 May 2013 16:39:15 +0000 (09:39 -0700)]
systemctl does not expand %u, so revert back to %I
The description field is only displayed by systemctl, and
it can't expand %u properly (it will always display "root").
Lennart Poettering [Thu, 9 May 2013 13:45:50 +0000 (15:45 +0200)]
build-sys: prepare 204
Lennart Poettering [Thu, 9 May 2013 13:32:27 +0000 (15:32 +0200)]
man: document that the kernel's audit subsystem is currently incompatible with nspawn containers
Karol Lewandowski [Tue, 7 May 2013 11:21:46 +0000 (13:21 +0200)]
condition, man: Add support for ConditionSecurity=smack
According to Documentation/security/Smack.txt:
In keeping with the intent of Smack, configuration data is minimal
and not strictly required. The most important configuration step is
mounting the smackfs pseudo filesystem.
This means that checking the mount point should be enough.
Zbigniew Jędrzejewski-Szmek [Wed, 8 May 2013 23:46:49 +0000 (19:46 -0400)]
systemd-python: add wrappers for easy functions in sd-login
sd_get_uids, sd_get_seats, sd_get_sessions, and sd_get_machine_names.
Zbigniew Jędrzejewski-Szmek [Thu, 9 May 2013 01:08:14 +0000 (21:08 -0400)]
systemd-python: add __version__ strings
Zbigniew Jędrzejewski-Szmek [Wed, 8 May 2013 01:07:39 +0000 (21:07 -0400)]
Rearrange a few fields to reduce holes
Zbigniew Jędrzejewski-Szmek [Tue, 7 May 2013 00:00:16 +0000 (20:00 -0400)]
man: add permalinks to subsection titles too
Lennart Poettering [Tue, 7 May 2013 18:56:30 +0000 (20:56 +0200)]
update TODO
Lennart Poettering [Tue, 7 May 2013 18:56:05 +0000 (20:56 +0200)]
hostnamectl: suppress outputting of pretty hostname field in status if empty
Lennart Poettering [Tue, 7 May 2013 18:55:11 +0000 (20:55 +0200)]
hostname: only suppress setting of pretty hostname if it is non-equal to the static hostname and if the static hostname is set, too
https://bugzilla.redhat.com/show_bug.cgi?id=957814
Zbigniew Jędrzejewski-Szmek [Tue, 7 May 2013 18:38:51 +0000 (14:38 -0400)]
build-sys: properly mkdir for GENERAL_ALIASES
Previous commit (
20d408766) was broken. The problem is not connected
to DESTDIR being set or not, but to the fact that targets in
$GENERAL_ALIASES have directory components, so mkdir -p wasn't
recursing deep enough.
Zbigniew Jędrzejewski-Szmek [Tue, 7 May 2013 18:13:04 +0000 (14:13 -0400)]
build-sys: properly mkdir with DESTDIR set
grawity> ln: failed to create symbolic link
‘/home/grawity/pkg/aur/systemd-git/pkg/systemd//etc/systemd/system/multi-user.target.wants/remote-fs.target’: No such file or directory
Lennart Poettering [Tue, 7 May 2013 17:07:27 +0000 (19:07 +0200)]
journald: don't recalculate the ACL mask
Otherwise we might end up with executable files if some default ACL is
set for the journal directory.
Lennart Poettering [Tue, 7 May 2013 17:03:46 +0000 (19:03 +0200)]
build-sys: support builds without EAs again
Lennart Poettering [Tue, 7 May 2013 15:51:41 +0000 (17:51 +0200)]
hashmap: document trivial_hash_func()
Lennart Poettering [Tue, 7 May 2013 15:48:25 +0000 (17:48 +0200)]
kmod-setup: properly iterate through module table
Previously we skipped every second entry.
This also cleans up much of the code and removes some dead code.
Zbigniew Jędrzejewski-Szmek [Tue, 7 May 2013 15:35:23 +0000 (11:35 -0400)]
systemd-sleep: it is not an error if the config file is missing
Lennart Poettering [Tue, 7 May 2013 10:47:30 +0000 (12:47 +0200)]
login: add missing _public_ to sd_get_machine_names()
Lennart Poettering [Tue, 7 May 2013 00:42:15 +0000 (02:42 +0200)]
update TODO
Lennart Poettering [Mon, 6 May 2013 23:09:33 +0000 (01:09 +0200)]
journald: be more careful when we try to flush the runtime journal to disk and the disk is close to being full
Bump the minimal size of the journal so that we can be sure creating the
journal file will always succeed. Previously the minimum size was
smaller than a empty jounral file...
Lennart Poettering [Mon, 6 May 2013 21:59:14 +0000 (23:59 +0200)]
NEWS: typo fix
Lennart Poettering [Mon, 6 May 2013 21:43:59 +0000 (23:43 +0200)]
build-sys: prepare new release
MUNEDA Takahiro [Tue, 23 Apr 2013 17:34:38 +0000 (13:34 -0400)]
core: escape unit name from udev
This patch escapes a unit name which was derived from udev.
Please imagine following udev rule.
ACTION=="online|offline", TAG+="systemd", ENV{SYSTEMD_WANTS}="muneda@%p.service"
ACTION=="online|offline", TAG+="systemd", ENV{SYSTEMD_WANTS}="muneda@%r.service"
ACTION=="online|offline", TAG+="systemd", ENV{SYSTEMD_WANTS}="muneda@%S.service"
When unit name is derived from udev via
udev_device_get_property_value(), the name may contains '/' if
ENV{SYSTEMD_WANTS} has the udev options $devpath(%p), $root(%r), or
$sys(%S). However, '/' is a invalid char for unit name so processing
of this rule fails as Invalid argument with following message.
Apr 22 13:21:37 localhost systemd[1]: Failed to load device unit: Invalid argument
Apr 22 13:21:37 localhost systemd[1]: Failed to process udev device event: Invalid argument
This patch escapes those invalid chars in a unit name.
Tested with 202, and confirmed to apply cleanly on top of commit
195f8e36.
Thanks,
Takahiro
Zbigniew Jędrzejewski-Szmek [Sat, 4 May 2013 16:31:28 +0000 (12:31 -0400)]
systemd-sleep: add support for freeze and standby
A new config file /etc/systemd/sleep.conf is added.
It is parsed by systemd-sleep and logind. The strings written
to /sys/power/disk and /sys/power/state can be configured.
This allows people to use different modes of suspend on
systems with broken or special hardware.
Configuration is shared between systemd-sleep and logind
to enable logind to answer the question "can the system be
put to sleep" as correctly as possible without actually
invoking the action. If the user configured systemd-sleep
to only use 'freeze', but current kernel does not support it,
logind will properly report that the system cannot be put
to sleep.
https://bugs.freedesktop.org/show_bug.cgi?id=57793
https://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=
7e73c5ae6e7991a6c01f6d096ff8afaef4458c36
http://lists.freedesktop.org/archives/systemd-devel/2013-February/009238.html
SYSTEM_CONFIG_FILE and USER_CONFIG_FILE defines were removed
since they were used in only a few places and with the
addition of /etc/systemd/sleep.conf it becomes easier to just
append the name of each file to the dir name.
Zbigniew Jędrzejewski-Szmek [Sat, 4 May 2013 15:38:23 +0000 (11:38 -0400)]
fileio: split write_one_line_file into two
The new function allows one to write to an already
open file.
Daniel Wallace [Sun, 5 May 2013 23:09:53 +0000 (18:09 -0500)]
zsh_completion: complete only pids for systemd-coredumpctl
Instead of completing the whole line, which doesn't work, only complete
the pid, but still show the whole line so the user can see which command
was which.
Users can also let the parameter expansion sort the completion by date
instead of by pid, by setting
zstyle ':completion:*:*:systemd-coredumpctl:*' sort no
so that the zshcompsys doesn't sort the _describe function for only
systemd-coredumpctl.
Ross Lagerwall [Mon, 6 May 2013 14:32:23 +0000 (15:32 +0100)]
man: fix typos in systemd.special
Lennart Poettering [Mon, 6 May 2013 20:47:41 +0000 (22:47 +0200)]
man: clarify behaviour of Also= in unit files
Lennart Poettering [Mon, 6 May 2013 20:39:17 +0000 (22:39 +0200)]
man: correct SIGUSR1 semantics for journald
Lennart Poettering [Mon, 6 May 2013 20:28:39 +0000 (22:28 +0200)]
core: unit_inactive_or_pending() should actually do as it claims
Lennart Poettering [Mon, 6 May 2013 20:26:55 +0000 (22:26 +0200)]
update TODO
Nirbheek Chauhan [Tue, 9 Apr 2013 13:00:24 +0000 (18:30 +0530)]
condition, man: Add support for ConditionSecurity=apparmor
Checking for the apparmor directory in securityfs means the apparmor module is
loaded and enabled, and hence should suffice as a test.
https://bugs.freedesktop.org/show_bug.cgi?id=63312
Lennart Poettering [Mon, 6 May 2013 19:15:38 +0000 (21:15 +0200)]
quota: use QUOTACHECK path correctly as tested in configure.ac
https://bugs.freedesktop.org/show_bug.cgi?id=63555
Lennart Poettering [Mon, 6 May 2013 19:04:31 +0000 (21:04 +0200)]
nspawn: explain that we look for /etc/os-release in the container directory
https://bugs.freedesktop.org/show_bug.cgi?id=64014
Kay Sievers [Mon, 6 May 2013 15:39:07 +0000 (17:39 +0200)]
hwdb: update
Kay Sievers [Mon, 6 May 2013 15:38:27 +0000 (17:38 +0200)]
TODO: update
Harald Hoyer [Tue, 30 Apr 2013 16:01:47 +0000 (18:01 +0200)]
kernel-install: add default install scripts
Do the depmod in the kernel-install hooks, so hooks can produce/install
kernel modules and be part of the depmod.
Also move the basic boot loader entry creation and removal to a
plugin script.
If PRETTY_NAME is not defined in /etc/os-release, fallback to
PRETTY_NAME="Linux $KERNEL_VERSION".
Add documentation for everything in the man page.
Ville Skyttä [Fri, 3 May 2013 20:43:12 +0000 (23:43 +0300)]
keymap/findkeyboards: avoid throwaway attribute-walk
Ville Skyttä [Fri, 3 May 2013 20:43:11 +0000 (23:43 +0300)]
Spelling fixes
Zbigniew Jędrzejewski-Szmek [Sat, 4 May 2013 00:25:57 +0000 (20:25 -0400)]
man: provide "permalinks" to sections and terms
So no one needs to say "go to fd.o/software/systemd/man, open page X,
then scroll down to section 3, and look for ..." anymore.