Lennart Poettering [Fri, 13 Jun 2014 10:18:18 +0000 (12:18 +0200)]
sysusers: hide generate .conf file
Lennart Poettering [Fri, 13 Jun 2014 10:17:30 +0000 (12:17 +0200)]
update TODO
Lennart Poettering [Fri, 13 Jun 2014 10:17:11 +0000 (12:17 +0200)]
sysusers: move systemd-sysusers to libexec for now
Kay Sievers [Fri, 13 Jun 2014 02:11:11 +0000 (04:11 +0200)]
tmpfiles: skip mknod() on -EPERM (device cgroup)
Kay Sievers [Fri, 13 Jun 2014 01:26:41 +0000 (03:26 +0200)]
sysusers: do not set todo to create a user when we only need a group
Thomas Hindoe Paaboel Andersen [Thu, 12 Jun 2014 20:50:04 +0000 (22:50 +0200)]
cryptsetup: check that password is not null
Beef up the assert to protect against passing null to strlen.
Found with scan-build.
Lennart Poettering [Thu, 12 Jun 2014 21:22:27 +0000 (23:22 +0200)]
sysuser: generate default snippet incorporating TTY_GID properly
When the user specifies --with-tty-gid= then we should honour that and
write it to the snippet, too.
Lennart Poettering [Thu, 12 Jun 2014 21:08:51 +0000 (23:08 +0200)]
sysusers: add new input group to default snippet
Lennart Poettering [Thu, 12 Jun 2014 21:07:17 +0000 (23:07 +0200)]
tmpfiles: minor modernizations
Lennart Poettering [Thu, 12 Jun 2014 21:06:56 +0000 (23:06 +0200)]
machine: minor modernizations
Lennart Poettering [Thu, 12 Jun 2014 20:54:02 +0000 (22:54 +0200)]
sysusers: add minimal tool to reconstruct /etc/passwd and /etc/group from static files
systemd-sysusers is a tool to reconstruct /etc/passwd and /etc/group
from static definition files that take a lot of inspiration from
tmpfiles snippets. These snippets should carry information about system
users only. To make sure it is not misused for normal users these
snippets only allow configuring UID and gecos field for each user, but
do not allow configuration of the home directory or shell, which is
necessary for real login users.
The purpose of this tool is to enable state-less systems that can
populate /etc with the minimal files necessary, solely from static data
in /usr. systemd-sysuser is additive only, and will never override
existing users.
This tool will create these files directly, and not via some user
database abtsraction layer. This is appropriate as this tool is supposed
to run really early at boot, and is only useful for creating system
users, and system users cannot be stored in remote databases anyway.
The tool is also useful to be invoked from RPM scriptlets, instead of
useradd. This allows moving from imperative user descriptions in RPM to
declarative descriptions.
The UID/GID for a user/group to be created can either be chosen dynamic,
or fixed, or be read from the owner of a file in the file system, in
order to support reconstructing the correct IDs for files that shall be
owned by them.
This also adds a minimal user definition file, that should be
sufficient for most basic systems. Distributions are expected to patch
these files and augment the contents, for example with fixed UIDs for
the users where that's necessary.
Kay Sievers [Thu, 12 Jun 2014 20:26:43 +0000 (22:26 +0200)]
debug-shell: add condition for tty device to run on
Kay Sievers [Thu, 12 Jun 2014 12:59:53 +0000 (14:59 +0200)]
udev: assign group "input" to all input devices
Mantas Mikulėnas [Wed, 11 Jun 2014 14:09:11 +0000 (17:09 +0300)]
NEWS: fix directory name
Lennart Poettering [Wed, 11 Jun 2014 16:42:38 +0000 (18:42 +0200)]
NEWS: add missing comment about the "floppy" group
Lennart Poettering [Wed, 11 Jun 2014 13:32:20 +0000 (15:32 +0200)]
NEWS: mention that resolved's resolv.conf fragment moved
Lennart Poettering [Wed, 11 Jun 2014 13:30:28 +0000 (15:30 +0200)]
build-sys: update library versions
Lennart Poettering [Wed, 11 Jun 2014 13:04:59 +0000 (15:04 +0200)]
NEWS: add contributor list for 214
Lennart Poettering [Wed, 11 Jun 2014 12:58:32 +0000 (14:58 +0200)]
units: order network-online.target after network.target
There might be implementations around where the network-online logic
might not talk to any network configuration service (and thus not have
to wait for it), hence let's explicitly order network-online.target
after network.target to avoid any ambiguities.
Kay Sievers [Wed, 11 Jun 2014 12:04:28 +0000 (14:04 +0200)]
NEWS: update
Lennart Poettering [Wed, 11 Jun 2014 11:31:51 +0000 (13:31 +0200)]
NEWS: prepare NEWS for 214
Umut Tezduyar Lindskog [Tue, 10 Jun 2014 21:29:30 +0000 (23:29 +0200)]
doc: specify kernel configs for cpushares
Lennart Poettering [Wed, 11 Jun 2014 09:35:42 +0000 (11:35 +0200)]
units: time-sync.target probably makes sense, is not just sysv compat
Lennart Poettering [Wed, 11 Jun 2014 09:33:02 +0000 (11:33 +0200)]
units: introduce network-pre.target as place to hook in firewalls
network-pre.target is a passive target that should be pulled in by
services that want to be executed before any network is configured (for
example: firewall scrips).
network-pre.target should be ordered before all network managemet
services (but not be pulled in by them).
network-pre.target should be order after all services that want to be
executed before any network is configured (and be pulled in by them).
Kay Sievers [Wed, 11 Jun 2014 10:00:47 +0000 (12:00 +0200)]
NEWS: add section about udev locking
Kay Sievers [Wed, 11 Jun 2014 09:20:55 +0000 (11:20 +0200)]
udev: stop using "floppy" group
Lennart Poettering [Wed, 11 Jun 2014 08:36:13 +0000 (10:36 +0200)]
journald: create /run/log/journal with the correct access modes
Lennart Poettering [Wed, 11 Jun 2014 08:23:16 +0000 (10:23 +0200)]
tmpfiles: don't allow read access to journal files to users not in systemd-journal
Also, don't apply access mode recursively to /var/log/journal/*/, since
that might be quite large, and should be correct anyway.
Lennart Poettering [Wed, 11 Jun 2014 08:15:51 +0000 (10:15 +0200)]
update TODO
Lennart Poettering [Wed, 11 Jun 2014 08:15:07 +0000 (10:15 +0200)]
tmpfiles: don't apply sgid and executable bit to journal files, only the directories they are contained in
Lennart Poettering [Wed, 11 Jun 2014 08:14:07 +0000 (10:14 +0200)]
tmpfiles: add ability to mask access mode by pre-existing access mode on files/directories
This way it makes a lot more sense to specify an access mode for "Z"
lines.
Lennart Poettering [Wed, 11 Jun 2014 07:20:17 +0000 (09:20 +0200)]
tmpfiles: if /var is mounted from tmpfs, we should adjust its access mode
Lennart Poettering [Wed, 11 Jun 2014 07:19:57 +0000 (09:19 +0200)]
tmpfiles: remove unnecessary function
Lennart Poettering [Tue, 10 Jun 2014 23:37:35 +0000 (01:37 +0200)]
tmpfiles: when processing lines, always process prefixes before suffixes
If two lines refer to paths that are suffix and prefix of each other,
then always process the prefix first, the suffix second. In all other
cases strictly process rules in the order they appear in the files.
This makes creating /var/run as symlink to /run a lot more fun, since it
is automatically created first.
Lennart Poettering [Tue, 10 Jun 2014 23:26:28 +0000 (01:26 +0200)]
tmpfiles: static variables populated immediately from the command line should be prefixed with arg_
Lennart Poettering [Tue, 10 Jun 2014 22:44:30 +0000 (00:44 +0200)]
nspawn: add new --tmpfs= option to mount a tmpfs on specific directories, such as /var
Lennart Poettering [Tue, 10 Jun 2014 22:12:21 +0000 (00:12 +0200)]
tmpfiles: always recreate the most basic directory structure in /var
Let's allow booting up with /var empty. Only create the most basic
directories to get to a working directory structure and symlink set in
/var.
Lennart Poettering [Tue, 10 Jun 2014 22:07:07 +0000 (00:07 +0200)]
update TODO
Lennart Poettering [Tue, 10 Jun 2014 21:42:16 +0000 (23:42 +0200)]
tmpfiles: get rid of "m" lines, make them redundant by "z"
"m" so far has been a non-globbing version of "z". Since this makes it
quite redundant, let's get rid of it. Remove "m" from the man pages,
beef up "z" docs instead, and make "m" nothing more than a compatibility
alias for "z".
Lennart Poettering [Tue, 10 Jun 2014 21:02:40 +0000 (23:02 +0200)]
tmpfiles: add new "C" line for copying files or directories
Lennart Poettering [Tue, 10 Jun 2014 20:50:46 +0000 (22:50 +0200)]
tmpfiles: various modernizations
Lennart Poettering [Tue, 10 Jun 2014 20:48:56 +0000 (22:48 +0200)]
label: when clearing selinux context, don't mangle errno
Mantas Mikulėnas [Tue, 10 Jun 2014 17:00:33 +0000 (20:00 +0300)]
bus-proxy: fix misplaced s/system/session/
Lennart Poettering [Tue, 10 Jun 2014 17:15:06 +0000 (19:15 +0200)]
machine-id-setup: fix array size of parameters
Not that it really would have any effect on the generated code, but
let's not confuse people...
Ronny Chevalier [Tue, 3 Jun 2014 17:44:03 +0000 (19:44 +0200)]
log: honour the kernel's quiet cmdline argument
It was forgotten in
b1e90ec515408aec2702522f6f68c4920b56375b
See https://bugs.freedesktop.org/show_bug.cgi?id=79582
Thomas Hindoe Paaboel Andersen [Wed, 4 Jun 2014 21:40:43 +0000 (23:40 +0200)]
udev: check the return value from udev_enumerate_scan_devices
The return value from udev_enumerate_scan_devices was stored but
never used. I assume this was meant to be checked.
Ronny Chevalier [Sat, 31 May 2014 20:28:17 +0000 (22:28 +0200)]
tests: do not use systemctl status --failed
since v212 calling systemctl status without arguments
will show a overall system state
Denis Tikhomirov [Thu, 5 Jun 2014 19:59:40 +0000 (23:59 +0400)]
backlight: Do not clamp brightness for LEDs
https://bugs.freedesktop.org/show_bug.cgi?id=77092
On Thu, Jun 05, 2014 at 08:37:20AM +0200, Lennart Poettering wrote:
> The patch is line-broken, please send an uncorrupted patch!
I am very sorry, I forgot that my client limits line width. I will use
mutt now on.
> clamp_brightness() clamps the brightness value to the range of the
> actual device. This is a recent addition that was added to deal with
> driver updates where the resolution is changed. I don't think this part
> should be dropped for LED devices. The clamp_brightness() call hence
> should be called unconditionally, however, internally it should use a
> different min_brightness value if something is an !backlight devices...
Thank you for explanation, this sounds very reasonable to me. Please,
see updated patch:
Lennart Poettering [Tue, 10 Jun 2014 16:52:28 +0000 (18:52 +0200)]
man: updates to the passive target section
Thomas Blume [Fri, 6 Jun 2014 14:36:45 +0000 (16:36 +0200)]
systemd-detect-virt: only discover Xen domU
The current vm detection lacks the distinction between Xen dom0 and Xen domU.
Both, dom0 and domU are running inside the hypervisor.
Therefore systemd-detect-virt and the ConditionVirtualization directive detect
dom0 as a virtual machine.
dom0 is not using virtual devices but is accessing the real hardware.
Therefore dom0 should be considered the virtualisation host and not a virtual
machine.
https://bugs.freedesktop.org/show_bug.cgi?id=77271
Mark Eichin [Mon, 9 Jun 2014 05:57:19 +0000 (01:57 -0400)]
man: Searching for an explanation of what a "slice unit" was, found this, felt compelled to send in fixes for the obvious typos
Lennart Poettering [Tue, 10 Jun 2014 15:56:17 +0000 (17:56 +0200)]
bus-proxy: properly index policy by uid/gid when parsing
Lennart Poettering [Tue, 10 Jun 2014 13:46:32 +0000 (15:46 +0200)]
bus-proxy: read the right policy when running in user mode
Christian Hesse [Tue, 10 Jun 2014 13:51:15 +0000 (15:51 +0200)]
udev: really exclude device-mapper from block device ownership event locking
Arguments were wrong order, no?
This fixes commits:
e918a1b5a94f270186dca59156354acd2a596494
3d06f4183470d42361303086ed9dedd29c0ffc1b
David Strauss [Mon, 9 Jun 2014 22:32:03 +0000 (15:32 -0700)]
man: clarify the effect of replace-irreversibly on future conflicting jobs
Dave Reisner [Mon, 9 Jun 2014 12:48:21 +0000 (08:48 -0400)]
build: fix copypaste error in networkd-wait-online symlink
Daniel Buch [Sun, 8 Jun 2014 11:57:21 +0000 (13:57 +0200)]
bus-policy.c: use draw_special_char(DRAW_ARROW)
Lets allow LC_ALL=C without corrupted output
Colin Ian King [Fri, 6 Jun 2014 22:06:33 +0000 (23:06 +0100)]
Fix spelling mistake, proces -> process
Zbigniew Jędrzejewski-Szmek [Wed, 28 May 2014 16:39:38 +0000 (12:39 -0400)]
nspawn: split long message into two lines
For names like /var/lib/container/something, the message
becomes quite long. Better to split it.
Also reword the message not to suggest that ^]^]^] only works
in the beginning.
Kay Sievers [Sat, 7 Jun 2014 14:22:28 +0000 (16:22 +0200)]
bus-proxyd: do not free NULL items
Thomas Hindoe Paaboel Andersen [Thu, 29 May 2014 19:51:50 +0000 (21:51 +0200)]
Remove sysv parser from service.c
Parsing sysv files was moved to the sysv-generator in the previous commit.
This patch removes the sysv parsing from serivce.c.
Note that this patch drops the following now unused sysv-specific info
from service dump:
"SysV Init Script has LSB Header: (yes/no)"
"SysVEnabled: (yes/no)"
"SysVRunLevels: (levels)"
Thomas Hindoe Paaboel Andersen [Thu, 22 May 2014 22:37:39 +0000 (00:37 +0200)]
Move handling of sysv initscripts to a generator
Reuses logic from service.c and the rc-local generator.
Note that this drops reading of chkconfig entirely. It also drops reading
runlevels from the LSB headers. The runlevels were only used to check for
runlevels outside of the normal 1-5 range and then add special dependencies
and settings. Special runlevels were dropped in the past so it seemed to be
unused code.
The generator does not know about non-generated units with a value set with
SysVStartPriority=. These are therefor not taken into account when converting
start priority to before/after.
Tom Gundersen [Fri, 6 Jun 2014 13:10:20 +0000 (15:10 +0200)]
core: allow transient mount units
For now only What=, Options=, Type= are supported, and Where= is deduced
from the unit name.
Thomas Hindoe Paaboel Andersen [Fri, 6 Jun 2014 21:29:09 +0000 (23:29 +0200)]
fix warnings
Prevent use of uninitialized variable and removed a now unused
cleanup function for freeaddrinfo
Lennart Poettering [Fri, 6 Jun 2014 17:52:50 +0000 (19:52 +0200)]
bus-proxy: properly read user/group policy items
Lennart Poettering [Fri, 6 Jun 2014 17:41:24 +0000 (19:41 +0200)]
bus: add basic dbus1 policy parser
Enforcement is still missing, but at least we can parse it now.
Lennart Poettering [Fri, 6 Jun 2014 16:38:43 +0000 (18:38 +0200)]
update TODO
Lennart Poettering [Fri, 6 Jun 2014 16:30:01 +0000 (18:30 +0200)]
sd-bus: don't allow creating message objects that are not attached to a bus
It seems unnecessary to support this, and we rather should avoid
allowing this at all, so that people don't program against this
sloppily and we end up remarshalling all the time...
Lennart Poettering [Fri, 6 Jun 2014 14:20:33 +0000 (16:20 +0200)]
units: pull in time-sync.target from systemd-timedated.service
After all, that's what we document for time-sync.target in
systemd.special(5), hence let's follow our own suggestion.
Mantas Mikulėnas [Mon, 2 Jun 2014 13:47:15 +0000 (16:47 +0300)]
man: fix references to sd_journal_cutoff_realtime_usec
Lennart Poettering [Fri, 6 Jun 2014 12:51:07 +0000 (14:51 +0200)]
update TODO
Lennart Poettering [Fri, 6 Jun 2014 12:48:51 +0000 (14:48 +0200)]
namespace: cover /boot with ProtectSystem= again
Now that we properly exclude autofs mounts from ProtectSystem= we can
include it in the effect of ProtectSystem= again.
Lennart Poettering [Fri, 6 Jun 2014 12:30:09 +0000 (14:30 +0200)]
units: fix minor typo
Lennart Poettering [Fri, 6 Jun 2014 09:42:25 +0000 (11:42 +0200)]
namespace: beef up read-only bind mount logic
Instead of blindly creating another bind mount for read-only mounts,
check if there's already one we can use, and if so, use it. Also,
recursively mark all submounts read-only too. Also, ignore autofs mounts
when remounting read-only unless they are already triggered.
Lennart Poettering [Thu, 5 Jun 2014 19:37:40 +0000 (21:37 +0200)]
namespace: also include /root in ProtectHome=
/root can't really be autofs, and is also a home, directory, so cover it
with ProtectHome=.
Lennart Poettering [Thu, 5 Jun 2014 19:35:35 +0000 (21:35 +0200)]
namespace: when setting up an inaccessible mount point, unmounting everything below
This has the benefit of not triggering any autofs mount points
unnecessarily.
Lennart Poettering [Thu, 5 Jun 2014 19:35:15 +0000 (21:35 +0200)]
umount: modernizations
Lennart Poettering [Thu, 5 Jun 2014 17:38:00 +0000 (19:38 +0200)]
util: fix fd_cloexec(), fd_nonblock()
Lennart Poettering [Thu, 5 Jun 2014 16:42:52 +0000 (18:42 +0200)]
core: introduce new Restart=on-abnormal setting
Restart=on-abnormal is similar to Restart=on-failure, but avoids
restarts on unclean exit codes (but still doing restarts on all
obviously unclean exits, such as timeouts, signals, coredumps, watchdog
timeouts).
Also see:
https://fedorahosted.org/fpc/ticket/191
Lennart Poettering [Thu, 5 Jun 2014 15:31:03 +0000 (17:31 +0200)]
update TODO
Lennart Poettering [Thu, 5 Jun 2014 15:05:18 +0000 (17:05 +0200)]
sd-daemon: introduce sd_pid_notify() and sd_pid_notifyf()
sd_pid_notify() operates like sd_notify(), however operates on a
different PID (for example the parent PID of a process).
Make use of this in systemd-notify, so that message are sent from the
PID specified with --pid= rather than the usually shortlived PID of
systemd-notify itself.
This should increase the likelyhood that PID 1 can identify the cgroup
that the notification message was sent from properly.
Lennart Poettering [Thu, 5 Jun 2014 14:13:22 +0000 (16:13 +0200)]
update TODO
Lennart Poettering [Thu, 5 Jun 2014 14:12:48 +0000 (16:12 +0200)]
socket-proxyd: port to asynchronous name resolution using sd-resolve
Lennart Poettering [Thu, 5 Jun 2014 11:53:44 +0000 (13:53 +0200)]
update TODO
Lennart Poettering [Thu, 5 Jun 2014 11:31:25 +0000 (13:31 +0200)]
bus: make use of sd_bus_try_close() in exit-on-idle services
Lennart Poettering [Thu, 5 Jun 2014 11:43:30 +0000 (13:43 +0200)]
sd-event: restore correct timeout behaviour
Lennart Poettering [Thu, 5 Jun 2014 10:23:41 +0000 (12:23 +0200)]
update TODO
Lennart Poettering [Thu, 5 Jun 2014 10:24:03 +0000 (12:24 +0200)]
kdbus: when uploading bus name policy, resolve users/groups out-of-process
It's not safe invoking NSS from PID 1, hence fork off worker processes
that upload the policy into the kernel for busnames.
Lennart Poettering [Thu, 5 Jun 2014 08:03:26 +0000 (10:03 +0200)]
core: don't include /boot in effect of ProtectSystem=
This would otherwise unconditionally trigger any /boot autofs mount,
which we probably should avoid.
ProtectSystem= will now only cover /usr and (optionally) /etc, both of
which cannot be autofs anyway.
ProtectHome will continue to cover /run/user and /home. The former
cannot be autofs either. /home could be, however is frequently enough
used (unlikey /boot) so that it isn't too problematic to simply trigger
it unconditionally via ProtectHome=.
Lennart Poettering [Thu, 5 Jun 2014 07:55:53 +0000 (09:55 +0200)]
socket: add SocketUser= and SocketGroup= for chown()ing sockets in the file system
This is relatively complex, as we cannot invoke NSS from PID 1, and thus
need to fork a helper process temporarily.
Lennart Poettering [Wed, 4 Jun 2014 21:03:37 +0000 (23:03 +0200)]
core: make sure we properly parse ProtectHome= and ProtectSystem=
Dave Reisner [Wed, 4 Jun 2014 19:03:08 +0000 (15:03 -0400)]
ycm: update flag blacklist
-Wdate-time isn't known to clang, and it seems to cause errors in
syntastic.
Tom Gundersen [Wed, 4 Jun 2014 19:29:08 +0000 (21:29 +0200)]
networkd: link - intialize mac address
Otherwise .netwrok matching on MAC address will not work.
Based on patch by Dave Reisner, and bug originally reported by Max Pray.
Lennart Poettering [Wed, 4 Jun 2014 16:58:05 +0000 (18:58 +0200)]
update TODO
Lennart Poettering [Wed, 4 Jun 2014 16:07:55 +0000 (18:07 +0200)]
core: rename ReadOnlySystem= to ProtectSystem= and add a third value for also mounting /etc read-only
Also, rename ProtectedHome= to ProtectHome=, to simplify things a bit.
With this in place we now have two neat options ProtectSystem= and
ProtectHome= for protecting the OS itself (and optionally its
configuration), and for protecting the user's data.
Kay Sievers [Wed, 4 Jun 2014 15:55:14 +0000 (17:55 +0200)]
hwdb: fix case-sensitive match
John [Wed, 4 Jun 2014 15:45:42 +0000 (17:45 +0200)]
build-sys: accommodate gcc-4.9.0 link-time optimization (LTO) changes
systemd fails to build (symbols not found/resolved during cgls link step)
under gcc-4.9.0 due to link-time optimization (lto) changes, in particular
from gcc-4.9.0/NEWS:
+ When using a linker plugin, compiling with the -flto option
now generates slim objects files (.o) which only contain
intermediate language representation for LTO. Use
-ffat-lto-objects to create files which contain additionally
the object code. To generate static libraries suitable for LTO
processing, use gcc-ar and gcc-ranlib; to list symbols from a
slim object file use gcc-nm. (Requires that ar, ranlib and nm
have been compiled with plugin support.)
Both -flto and -ffat-lto-objects are now needed when building and linking
against static libs w/LTO.
Lennart Poettering [Wed, 4 Jun 2014 15:31:31 +0000 (17:31 +0200)]
update TODO
Lennart Poettering [Wed, 4 Jun 2014 15:21:18 +0000 (17:21 +0200)]
core: provide /dev/ptmx as symlink in PrivateDevices= execution environments
Lennart Poettering [Wed, 4 Jun 2014 14:59:13 +0000 (16:59 +0200)]
core: make sure PrivateDevices= makes /dev/log available
Now that we moved the actual syslog socket to
/run/systemd/journal/dev-log we can actually make /dev/log a symlink to
it, when PrivateDevices= is used, thus making syslog available to
services using PrivateDevices=.