Michal Bloch [Wed, 7 Apr 2021 12:54:42 +0000 (14:54 +0200)]
Add "dlog|journal" output redirection option
Journal seems to default to /dev/null even when not explicitly
specified, so there is no separate "dlog|journal|null".
Change-Id: I5682de7dce014f76f403406ef73c7bd5a9661d5e
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Łukasz Stelmach [Fri, 22 Mar 2024 13:58:40 +0000 (14:58 +0100)]
fixup! Rework delayed.target
Change-Id: Idce2f4b4224fef71b8974d60090ca05a4e055591
Łukasz Stelmach [Fri, 22 Mar 2024 13:57:55 +0000 (14:57 +0100)]
fixup! Emergency mode: add emergency-target-holder.service
Change-Id: I15d863136ecf3be34ac8c142138f54b05dfb1c88
Łukasz Stelmach [Fri, 22 Mar 2024 13:56:18 +0000 (14:56 +0100)]
fixup! delayed: rework dealyed service without capability of /usr/bin/touch
Change-Id: Ib01b104f554cc0125e4894cdd4961b50ec9d0873
Łukasz Stelmach [Fri, 22 Mar 2024 13:55:48 +0000 (14:55 +0100)]
fixup! Delayed target: add delaying the start of delayed.target
Change-Id: Icb36b2d38183c194391efe6a649d0316cc9046dc
Michal Bloch [Mon, 8 Feb 2021 14:06:03 +0000 (15:06 +0100)]
Basic PoC for DLog stdout redirector
Set Standard{Output,Error}=dlog in a service file,
or DefaultStandard{Output,Error}=dlog for global.
Note that setting the global default should only
really be done if DLog is working under the Android
Logger backend, since the Pipe backend daemon is
not really available early on which can make early
daemons fail.
Change-Id: Icf7224d1fabd4cdb45971ac9314ed4d19d220bbb
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
INSUN PYO [Thu, 4 Mar 2021 06:22:39 +0000 (15:22 +0900)]
unit: fix serial console baudrate to 115200
Due to noise coming into the serial console or other abnormal behavior,
agetty changes the baudrate in the following order: 115200, 38400, 9600.
Since tizen only uses 115200 baudrate, this is fixed.
It is reported in the DA.
Change-Id: Icf7224d1fabd4cdb45971ac9314ed4d19d220bb1
Adrian Szyndela [Thu, 11 Feb 2021 08:08:26 +0000 (09:08 +0100)]
spec: depend on libdbuspolicy1
kdbus.h is being moved to libdbuspolicy1 package.
Change-Id: Ib9009bc7fdc5c407d6e9349a028a81322294d2d7
INSUN PYO [Thu, 3 Dec 2020 06:07:43 +0000 (15:07 +0900)]
delayed: rework dealyed service without capability of /usr/bin/touch
VD security remove capability of /usr/bin/touch. (cap_dac_override=ei)
Change permision and group of /run/systemd/system
from 0755/root/root to 0775/root/systemf_fw.
Change-Id: I6e2189c2cd0d4a86db995651b43a4dcdc25fcabf
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Karol Lewandowski [Tue, 1 Dec 2020 11:34:31 +0000 (12:34 +0100)]
tizen: Search for configuration files in /hal dir
Since Tizen 6.5, a HAL image is mounted on the /hal directory,
which contains hardware-specific configurations and drivers,
for better portability of Tizen.
This is the priority of path searching for configuration file.
1. /etc/
2. /run/
3. /usr/local/lib/
4. /usr/lib/
5. /hal/lib/
When the same file exists, the higher priority file is used.
In this case, "/etc" is the highest priority.
Because hal can never override platform,
hal has a lower priority than platform.
Change-Id: Ie5e6cf98e64b4317bda23d49571b5c0f60084569
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
[ Change search order for /hal to be searched last ]
Signed-off-by: Karol Lewandowski <k.lewandowsk@samsung.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
INSUN PYO [Mon, 7 Dec 2020 07:26:51 +0000 (16:26 +0900)]
sysctl: delete unnecessary sysctl-tizen-override.conf
/proc/sys/net/core/default_qdisc has only pfifo_fast values in all targets.
(TM1, TW2, TW3, RPI3, RPI4, ARTIK, EMUL)
If this conf does not exist, there is warning journal log and this is not harmful.
"Jan 01 11:36:16 localhost systemd-sysctl[208]: Couldn't write 'pfifo_fast' to 'net/core/default_qdisc', ignoring: No such file or directory"
Change-Id: I970dc97fc0771b1ef3fce1ef05b5f6a2d6b22778
INSUN PYO [Thu, 3 Dec 2020 04:30:38 +0000 (13:30 +0900)]
delayed: remove unused file
Change-Id: Ifacc46fcc5c7ec7bb52f9b4f47ed5ea98aa5fd5a
INSUN PYO [Thu, 26 Nov 2020 05:21:57 +0000 (14:21 +0900)]
Delayed target: add delaying the start of delayed.target #2
Delay time is also applied to user systemd.
System systemd is already applied.
Change-Id: I8da0c1f224a74d45badd82f2ac1dda13cb8febbb
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
INSUN PYO [Wed, 18 Nov 2020 04:07:24 +0000 (13:07 +0900)]
spec: fix typo in %postun script
Change-Id: Ib4b6481a67646e02f59a622c42ca84f26616a394
INSUN PYO [Mon, 26 Oct 2020 09:14:28 +0000 (18:14 +0900)]
Delayed target: add delaying the start of delayed.target
If /etc/systemd/delayed-target.conf exists and has DelayedTargetWait environment value,
delayed.target starts after DelayedTargetWait seconds.
If the /tmp/.systemd_delayed_target_wait file is created within the delayed time,
delayed.target starts immediately.
Change-Id: I4ad1ff6a8084ed9db7d630f533a9348b41decbf0
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Karol Lewandowski [Mon, 26 Oct 2020 14:37:15 +0000 (15:37 +0100)]
packaging: Align alternatives setup with fedora-recommended scheme
Change-Id: I5ff9241180d32fb936a19dadfea9fa7d174a1dee
Hyotaek Shim [Wed, 28 Oct 2020 07:36:05 +0000 (16:36 +0900)]
Add an api for early initialization of input udev
KERNEL[3.864698] add /devices/virtual/rc/rc1/input2 (input)
DEVPATH=/devices/virtual/rc/rc1/input2
UDEV [6.541278] add /devices/virtual/rc/rc1/input2 (input)
DEVPATH=/devices/virtual/rc/rc1/input2
For fast input accessing, input udev should be set up early,
so that udev_device_get_is_initialized(input_udev_dev) check can be skipped before UDEV [6.541278].
Change-Id: I8182f856b0169f9c434bb360a49cfef109485c94
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
INSUN PYO [Thu, 8 Oct 2020 10:24:47 +0000 (19:24 +0900)]
Restore 'Default Dependendies' to system-default-target-done.service and system-delayed-target-trigger.service
Add 'Requires=sysinit.target' and 'After=sysinit.target basic.target'
Two dependencies prevent those service from running in emergency mode,
because sysinit.target always fails in emergency mode.
Change-Id: I7602100652f478b3d66fcba215659f39a63694e2
INSUN PYO [Wed, 7 Oct 2020 03:13:45 +0000 (12:13 +0900)]
Emergency mode: add emergency-target-holder.service
The emergency-target-holder.service prevents emergency.target from completing.
If emergency.target is not completed,
other services that are not intended can not be run in emergency mode.
Detailed information.
============================================================================================================================
1. If local-fs.target fails, emergency.target is started by 'OnFailure=emergency.target'.
2. By 'OnFailureJobMode=replace-irreversibly' option,
emergency.target cannot be canceled until completion.
3. When starting a new service by any activation(dbus, path, socket) in emergency mode,
sysinit.target is always checked and started by 'DefaultDependency=yes'.
4. sysinit.target stops emergency.target because of the 'Conflicts=emergency.target' setting.
5. However, emergency.target can not be stopped
because it started with 'replace-irreversibly' and not finished yet.
6. So sysinit.target can not be started.
7. New service can not be run because sysinit.target could not be started.
============================================================================================================================
Logs when running new services after applying this patch
=============================================================================================================================
bash-3.2# systemctl start deviced.service
Failed to start deviced.service: Transaction for deviced.service/start is destructive (emergency.target has 'start' job queued, but 'stop' is included in transaction).
See system logs and 'systemctl status deviced.service' for details.
bash-3.2# systemctl start sysinit.target
Failed to start sysinit.target: Transaction for sysinit.target/start is destructive (emergency.target has 'start' job queued, but 'stop' is included in transaction).
See system logs and 'systemctl status sysinit.target' for details.
==============================================================================================================================
Change-Id: I2cefadd7228d463fe1755e0c475f4563d98c8260
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Karol Lewandowski [Tue, 13 Oct 2020 08:52:24 +0000 (10:52 +0200)]
packaging: Fixup removal of pamconsole-tmp.conf
Change-Id: Id8c736f5d00823a67446df98e19f8e9faa6536ca
INSUN PYO [Thu, 8 Oct 2020 10:06:46 +0000 (19:06 +0900)]
Remove unused file pamconsole-tmp.conf
Change-Id: I0c737140c57588a2e8dc936b0e371040ab20e3d2
Karol Lewandowski [Wed, 30 Sep 2020 11:37:47 +0000 (13:37 +0200)]
packaging: Ensure systemd-shutdown is owned by systemd
Change-Id: I37ced8706c8bb86e465226b01fffe9976edbf08c
Karol Lewandowski [Mon, 28 Sep 2020 13:53:24 +0000 (15:53 +0200)]
packaging: Drop unused kernel-install utility
Change-Id: I73301481613fbefc77374fcc42297d10eebe3795
Mateusz Majewski [Thu, 17 Sep 2020 05:50:10 +0000 (07:50 +0200)]
Alternativize shutdown command et al.
Change-Id: I43030af64c1791ffbc99aeb3906a5517edbd3670
Łukasz Stelmach [Thu, 21 Mar 2024 08:45:52 +0000 (09:45 +0100)]
packaging: Do not require WITH_... macros to be explicitly defined
Change-Id: I1496d79b626da11085caceec32e1748bb5b16836
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
INSUN PYO [Tue, 22 Sep 2020 11:33:59 +0000 (20:33 +0900)]
spec: fix feature macro typo
Change-Id: Ifccdcf1561a32d04526d8ccf8ea76586b5a1c85c
Łukasz Stelmach [Wed, 20 Mar 2024 20:59:13 +0000 (21:59 +0100)]
Disable virtualization feature
1. Tizen does not support continer and vm.
2. Resolving Smack error.
==========================================================================================
Jan 01 09:00:19 localhost audit[591]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=591 comm="systemd" name="sched" dev="proc" ino=12322
Jan 01 09:00:19 localhost audit[591]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=591 comm="systemd" name="sched" dev="proc" ino=12322
Jan 01 09:00:19 localhost audit[591]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=591 comm="systemd" name="sched" dev="proc" ino=12322
Jan 01 09:00:19 localhost audit[535]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=535 comm="tlm-sessiond" name="environ" dev="proc" ino=12572
Jan 01 09:00:19 localhost audit[535]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=535 comm="tlm-sessiond" name="sched" dev="proc" ino=12322
Jan 01 09:00:30 localhost audit[949]: AVC lsm=SMACK fn=smack_inode_permission action=denied subject="User" object="System::Privileged" requested=r pid=949 comm="systemctl" name="sched" dev="proc" ino=12322
==========================================================================================
Change-Id: I8b947a0de6c030fa7dd4f8d8b080b1f7783a4010
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
INSUN PYO [Tue, 22 Sep 2020 04:32:57 +0000 (13:32 +0900)]
spec: disable ldconfig feature
A ldconfig.service is not able to run because / is mounted as RO.
Change-Id: I36d579b147a74df2a2efb0349958f76f65f710a0
Hyotaek Shim [Thu, 27 Aug 2020 11:42:09 +0000 (20:42 +0900)]
Add Conflicts=emergency.service in system-delayed-target-trigger.service
Change-Id: Ib742d57963db8cfba2a091d4de1562ab0b95fc7a
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Karol Lewandowski [Tue, 18 Aug 2020 20:51:28 +0000 (22:51 +0200)]
Do not log reboots to utmp
This functionality is not used by Tizen services. Users can find
reboots using standard log facilities (journal).
Change-Id: Ie8926606ebb386684ba321ef4560eaec9143e4cf
Youngjae Cho [Mon, 6 Jul 2020 23:22:57 +0000 (08:22 +0900)]
Fix wait-target-done.c
1. Change inotify fd to nonblock.
2. Change timeout to use alarm(). And make it encompass
the whole process, which now includes wd allocation.
3. Add dependency with tlm.service to
system-delayed-target-trigger.service
4. Add journal log.
Change-Id: Ibec5e4f4030e26235dbba6610a5142d0e29e423f
Signed-off-by: Youngjae Cho <y0.cho@samsung.com>
INSUN PYO [Wed, 24 Jun 2020 23:57:14 +0000 (08:57 +0900)]
Remove unused systemd-remount-fs.service and systemd-fstab-generator
Tizen no longer uses /etc/fstab.
So we don't need systemd-remount-fs.service and systemd-fstab-generager to handle /etc/fstab.
Change-Id: I64a3655f69f80d161b00fad40aef6b0235e71977
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
INSUN PYO [Fri, 19 Jun 2020 10:05:51 +0000 (19:05 +0900)]
spec: remove unused service
- /usr/lib/systemd/systemd-volatile-root
- /usr/lib/systemd/system/systemd-volatile-root.service
Change-Id: Ib3cf266a5ed7bc53ee16a97d7514bfb0bcabd498
INSUN PYO [Fri, 19 Jun 2020 08:38:02 +0000 (17:38 +0900)]
Apply SmackProcessLabel=System to system-update-cleanup.service
Change-Id: Ie8fd3b105508ff233d28c9f7e8f97beb12d1b1d7
INSUN PYO [Fri, 19 Jun 2020 07:07:05 +0000 (16:07 +0900)]
Apply SmackProcessLabel=System to systemd-boot-check-no-failures.service
Change-Id: I25ff0d8d40a64ee9e9faa87db5ff2ce09bc9e976
INSUN PYO [Fri, 19 Jun 2020 06:44:15 +0000 (15:44 +0900)]
spec: disable hibernate feature
Change-Id: Iecb223fc98412d8635b724ca6fc8952457820e45
INSUN PYO [Thu, 18 Jun 2020 06:35:09 +0000 (15:35 +0900)]
spec: disable EFI feature
Change-Id: Ia4b0612f77c5bde4615af615bf8747168bb9abda
INSUN PYO [Thu, 18 Jun 2020 06:24:09 +0000 (15:24 +0900)]
Apply SmackProcessLabel=System to systemd-OOO.service
- systemd-exit.service
- systemd-poweroff.service
- systemd-reboot.service
Change-Id: Ic5cde17a34fd75ca0157a56dc66534f23db62a15
Hyotaek Shim [Wed, 10 Jun 2020 10:56:29 +0000 (19:56 +0900)]
Apply ASLR for send-booting-done and wait-target-done
Change-Id: I80b6c67671a4c8ebb1cb4afa5d8065a164554800
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Youngjae Cho [Wed, 6 May 2020 06:39:03 +0000 (15:39 +0900)]
Fix delayed.target
Add binary wait-target-done.c for waiting creation of *.done file.
Change-Id: I0d87c574086073b28aa52dccca3e760914e2abbd
Signed-off-by: Youngjae Cho <y0.cho@samsung.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
INSUN PYO [Tue, 21 Apr 2020 07:11:15 +0000 (16:11 +0900)]
Delayed target: check interval is changed from 1 second to 0.2 seconds.
Change-Id: I2206ada9509d503ac02733d0cb0c1539d932b184
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
INSUN PYO [Thu, 16 Apr 2020 00:04:39 +0000 (09:04 +0900)]
spec: fix indent in systemd.spec
Change-Id: I7b48f4cd8e66e3c52a23305d48466c75e5443845
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
INSUN PYO [Thu, 9 Apr 2020 05:17:05 +0000 (14:17 +0900)]
Change file permission of org.tizen.system.conf to 644.
Change-Id: Ibdf905f96c6f72951db4e90b761462e05a956232
Adrian Szyndela [Mon, 6 Apr 2020 10:14:04 +0000 (12:14 +0200)]
delayed: replace dbus-send with a dedicated program
In release versions there can be no helper programs for sending
any messages over D-Bus. Thus, dbus-send, busctl etc. are removed.
This commit replaces dbus-send use cases with a specialized little
tool, which does what dbus-send did in those cases.
Change-Id: I54e51fc3fe563961f18b953215cee41c3bf4510e
INSUN PYO [Fri, 3 Apr 2020 01:37:48 +0000 (10:37 +0900)]
logind: add SmackProcessLabel=System::Privileged to user-runtime-dir@.service
To change smack label /run/user/5001/system_share to "*", we need System::Privileged.
Change-Id: Icd1e8c7794236670575df68d1fe35c35584f24f2
Adrian Szyndela [Thu, 2 Apr 2020 12:32:02 +0000 (14:32 +0200)]
socket: fix printing of size_t value
Change-Id: I9a6fa9f3a15c091fdda0e738de96dcebca8ee1c3
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Łukasz Stelmach [Thu, 25 Jan 2024 14:14:39 +0000 (15:14 +0100)]
Merge upgrade-to-244 into tizen
Change-Id: Id141f6a5f624ba6a4a24b0bf85a20b7e51878781
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Łukasz Stelmach [Wed, 20 Mar 2024 09:40:39 +0000 (10:40 +0100)]
test-copy: allow copy from symlinked dir
Change-Id: I96f7e86c4f3b26bc79431ccd962dffc82befb14f
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Łukasz Stelmach [Tue, 19 Mar 2024 15:48:08 +0000 (16:48 +0100)]
tests: make tests pass with non-utf8 locale
Change-Id: Id9056e66b5b3619f7f30a8e1a12b184bf82b1991
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Łukasz Stelmach [Tue, 19 Mar 2024 13:33:16 +0000 (14:33 +0100)]
tree-wide: replace realpath with readlink -f
Tizen's coreutils doesn't include 'realpath' utility, which was
introduced in coreutils 8.15. However, Tizen's coreutils includes 'readlink'
utility, which is very close to 'realpath' if called with '-f' param.
Change-Id: I08b6ed68fc6bf0c384b599f4de3724724345d5c7
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
Adrian Szyndela [Thu, 5 Mar 2020 08:30:26 +0000 (09:30 +0100)]
Revert "units: drop units/user/busnames.target"
This reverts commit
df134443395f6e043e0cd2a45ab529583df96e4e.
Adrian Szyndela [Thu, 5 Mar 2020 08:28:16 +0000 (09:28 +0100)]
Revert "units: remove unused busnames.target"
This reverts commit
0ba89873372c3ab508852b4e0071da0719bcea0a.
Adrian Szyndela [Thu, 26 Mar 2020 10:19:37 +0000 (11:19 +0100)]
sd-bus: fix fcntl flag for duplicating fd
Adrian Szyndela [Tue, 25 Feb 2020 15:51:26 +0000 (16:51 +0100)]
tests: correct test-bus-benchmark test name
Additionally, move the entry to the alphabetically correct position after
the name change.
Change-Id: I348bae84a948eb35cfcb9858465156c66b6f01eb
Hyotaek Shim [Mon, 17 Feb 2020 04:54:18 +0000 (13:54 +0900)]
Increase the max number of INotify instances per real user ID
Change-Id: I49a2ed1881d03def82be5a83ae5b6eb0db01ce6c
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
INSUN PYO [Wed, 22 Jan 2020 02:21:43 +0000 (11:21 +0900)]
Exclude systemd-remount-fs.service
Change-Id: I653420164edb44a7a941f5c98887dc3ee6d4852e
Hyotaek Shim [Thu, 9 Jan 2020 09:23:18 +0000 (18:23 +0900)]
Apply priv_keygrab:r ACL rule to /dev/input
Change-Id: I8174ccd81aa3970a76a6f3680234dae77d920429
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
INSUN PYO [Tue, 5 Nov 2019 02:51:19 +0000 (11:51 +0900)]
logind: change the power key to disabled
Tizen does not support power off without deviced.
So, you need to turn off the power key function in logind.
1. Disable TAG+="power-switch" uevent rules because logind uses "power-switch" uevent to recognize the power key.
2. Change default behavior for power key to ignore.
Change-Id: I0523d4cc46ce2edd05e479e9101c6d20f70b4296
Hyotaek Shim [Mon, 7 Oct 2019 11:43:04 +0000 (20:43 +0900)]
Remove the smack exec label of busctl
Change-Id: Iaab47bd04b0c480fa2c2e9e5deeeded9d461c4b4
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Hyungju Lee [Tue, 10 Sep 2019 02:06:08 +0000 (11:06 +0900)]
Change smack label of /dev/full from '_' to '*'
Change-Id: I706f14f7e8d767b0d7904a08e793f424c47e001b
Hyotaek Shim [Thu, 22 Aug 2019 11:46:11 +0000 (20:46 +0900)]
Add dbus policy for org.tizen.system.BootingDone
Change-Id: I8f0bd7887b5f1cbd7637c00e03240e4d5e09e4c7
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Paweł Szewczyk [Fri, 26 Jul 2019 08:48:24 +0000 (10:48 +0200)]
Use separate udev tag for devices in user session
The system-user tag can be used to mark devices that will be enumerated by
systemd in 'systemd --user' instance.
Change-Id: I5889f50df6c329de36c2544ee5cf1ba1c52ad433
Signed-off-by: Paweł Szewczyk <p.szewczyk@samsung.com>
INSUN PYO [Fri, 19 Jul 2019 08:23:57 +0000 (17:23 +0900)]
Rework delayed.target
start delayed.service --> finish default.target --> start all of delayed.service -->
finish delayed.target --> StartupFinished
Change-Id: I2f291ea8b5f535157eec4f105f2c37b0cea448c9
INSUN PYO [Wed, 26 Jun 2019 00:12:45 +0000 (09:12 +0900)]
Change the config value of the "RemainAfterExit=" ("true" -> "yes")
Change-Id: I56db28be6f0cecd0562ba8db6bb1d4af0b1a3b7b
INSUN PYO [Fri, 7 Jun 2019 06:30:41 +0000 (15:30 +0900)]
Add delayed target
Change-Id: I0527d1387500c699be0fbc319c702a77d9ae587b
Cheoleun Moon [Fri, 19 Apr 2019 07:31:03 +0000 (16:31 +0900)]
Add SECLABEL for /dev/net/tun
Change smack label of /dev/net/tun to *
Change-Id: Ie3c7d4e908a077064cb4d5ba5e4e082a7409da64
Signed-off-by: Cheoleun Moon <chleun.moon@samsung.com>
Łukasz Stelmach [Thu, 14 Mar 2024 23:42:20 +0000 (00:42 +0100)]
fixup! socket: Serialize auxiliary file descriptors
Change-Id: I0c5b4d51523c4c2ef96aef6aec79723a11699e03
Łukasz Stelmach [Thu, 14 Mar 2024 23:14:59 +0000 (00:14 +0100)]
Enable stack protection option, -fstack-clash-protection
http://suprem.sec.samsung.net/jira/browse/SATIZENVUL-1930
http://suprem.sec.samsung.net/jira/browse/SATIZENVUL-1933
Change-Id: I0c3292fd0d7fdd69a1aa902a1e9d8b75a6f11d87
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
sanghyeok.oh [Tue, 29 Jan 2019 07:19:49 +0000 (16:19 +0900)]
busctl: set execute label as 'System'
Change-Id: Id76f4cc5c2ab52c61355033fb4bcf8681d2cedbf
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
Hyotaek Shim [Fri, 25 Jan 2019 08:50:42 +0000 (17:50 +0900)]
Minor fix regarding "update-alternatives --remove systemd-shutdown.."
Change-Id: I33510d36510a468c9fa67265f3ba3e73934080a0
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Karol Lewandowski [Wed, 9 Jan 2019 15:16:19 +0000 (16:16 +0100)]
tizen: Allow replacing systemd-shutdown
This will be used by deviced to install custom shutdown handler.
Change-Id: I1f921fbae7d05f9ba937bb68cfa997a310407484
Karol Lewandowski [Thu, 15 Nov 2018 13:02:51 +0000 (14:02 +0100)]
tizen: All logins should use User::Shell smack label
Change-Id: I8c0e7de59689aa83bd0273af4a66dd7a8f823ec9
Łukasz Stelmach [Thu, 14 Mar 2024 22:58:17 +0000 (23:58 +0100)]
socket: Serialize auxiliary file descriptors
When socket is serialized/deserialized it's important to keep all file
descriptors. This commit adds the serialization of auxiliary fds.
For now, only ffs sockets are using auxiliary descriptors.
Change-Id: I5fea0152fee51560e160fe5df4806b55a5b369d6
Signed-off-by: Paweł Szewczyk <p.szewczyk@samsung.com>
Adrian Szyndela [Fri, 21 Sep 2018 14:11:05 +0000 (16:11 +0200)]
D-Bus policy configs: fixed rules
Removed duplicate rules in all three configs, and specified proper sender
for receiving ActivationRequest signal in org.freedesktop.systemd1.conf.
Change-Id: I550c07ede30a0bb70a9bb3ca00d5771e1722826b
Łukasz Stelmach [Wed, 13 Mar 2024 21:09:16 +0000 (22:09 +0100)]
fixup! logind: change smack label /run/user/%UID/system_share to "*"
Change-Id: I515b016407a253ec0b49a3c52bab5e370332e7a9
Łukasz Stelmach [Wed, 13 Mar 2024 21:08:45 +0000 (22:08 +0100)]
Remove build warnings
- Add TIZEN_JOURNALD_KMSG
- Print kmsg log on dlogutil because journald is heavier than dlogutil
Change-Id: I763cfccbb0d877c52d8448de4a50966a33c84981
Signed-off-by: pr.jung <pr.jung@samsung.com>
Hyotaek Shim [Wed, 5 Sep 2018 09:23:10 +0000 (18:23 +0900)]
Set the smack label of executable binary tools
Apps (3rd party and even in-house Apps) are not permitted to run systemd tools directly.
User System::Tools rx
User::Shell System::Tools rx
System::TEF System::Tools rx
System::Privileged System::Tools rx
System System::Tools rx
Change-Id: I55a9b00a6ec0583d4673d9a41cdda7fbd9e23310
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Łukasz Stelmach [Fri, 31 Mar 2017 11:05:09 +0000 (13:05 +0200)]
spec: configure rpmmacrosdir instead of manually installing rpm macros
Change-Id: Iec5f938f97695f8eafcfc4f3b0b120d5fe77a54e
Mateusz Moscicki [Fri, 11 May 2018 12:58:41 +0000 (14:58 +0200)]
Set the default deny policy for system dbus
org.freedesktop.locale1.conf - send: deny, own: deny
org.freedesktop.login1.conf - send: deny, own: deny
org.freedesktop.systemd1.conf - send: deny, own: deny
Change-Id: I49f402d56f83700fe7528eab3e034cd845afc0a2
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
INSUN PYO [Wed, 7 Mar 2018 07:40:53 +0000 (16:40 +0900)]
logind: change smack label /run/user/%UID/system_share to "*"
INSUN PYO [Tue, 27 Feb 2018 08:48:52 +0000 (17:48 +0900)]
logind: change group and permission /run/user/%UID
1. change group and pemission of /run/usre/%UID to uid/system_share,0750
2. make /run/user/%UID/system_share to uid/system_share,0750
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Ie22b8d4e96c1669f7068005952d83f7f4086b60c
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
INSUN PYO [Wed, 31 Jan 2018 01:02:17 +0000 (10:02 +0900)]
journald: Limit system journal size from 10M to 4M
A journald always loads two journal files (one is current and the other is just before) in memory using mmap.
So it always consumes as much memory as file size.
A journald rotates the log in 8 files.
Each log file has a SystemMaxUse/8 size.
(But the minimum value is 512k.)
So SystemMaxUse is 4M to minimize memory usage. (512k * 8 = 4M)
sh-3.2# memps `pidof systemd-journald`
S(CODE) S(DATA) P(CODE) P(DATA) ADDR(start-end) OBJECT NAME
-------- -------- -------- -------- -----------------------------------------------
4 0 508 0
f6d80000-
f6ec0000 /opt/var/log/journal/
999fcdd05c714da0859337c08df2230e/system@
800f735a88e44c35bc7cca47\
9a6984b1-
00000000000015ad-
000561d5c48aab1f.journal
0 4 302 0
f6c40000-
f6d80000 /opt/var/log/journal/
999fcdd05c714da0859337c08df2230e/system.journal
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I9aa53189eae878464acba58b5fdd490f6b3ba7f8
Dawid Kuczma [Tue, 5 Dec 2017 08:31:16 +0000 (09:31 +0100)]
Add well-known-names -> unique names on graph
Usage:
--well-known-names=true
Change-Id: Ife01bd8d1a2d6acc4a45c6595bcc52c15d523742
Łukasz Stelmach [Tue, 12 Mar 2024 14:26:56 +0000 (15:26 +0100)]
fixup! Generate graph from the traffic observable by busctl monitor.
Change-Id: I74dd13254322d1cc3cb3f8e52c40d807f86f05f0
Łukasz Stelmach [Tue, 12 Mar 2024 14:21:44 +0000 (15:21 +0100)]
Add tool for processing graph generated by busctl dot.
Usage:
1) gvpr -f graphinfo.gvpr input_file
2) gvpr -f graphinfo.gvpr input_file -a node -a NODE
3) gvpr -f graphinfo.gvpr input_file -a -node -a NODE
Change-Id: Ie4d05c715df17b61c8c7ad1f7724977c9c2f8bb8
Dawid Kuczma [Thu, 28 Sep 2017 13:08:20 +0000 (15:08 +0200)]
Generate graph from the traffic observable by busctl monitor.
Busctl dot is used to visualize IPC traffic.
It generate dot output whitch can be visualized e.g. by using graphviz.
Also adds filtering by sender/receiver pid.
Internally busctl dot works similar to busctl capture.
It reuses monitor() framework.
--pid=PID -only show messages where sender or receiver pid is equal to PID
--sender-pid=PID -only show messages where sender pid is equal to PID
--receiver-pid=PID -same as above, but filtering by receiver pid.
Signed-off-by: Dawid Kuczma <d.kuczma@partner.samsung.com>
Change-Id: Id9ce46f5085dde10010e89057f78d58b3088d3bc
Hyotaek Shim [Fri, 15 Dec 2017 06:56:43 +0000 (15:56 +0900)]
tizen: Change the permission of /dev/kmsg to "root:log 660 *"
Through this patch, /usr/bin/dlog_logger (log:log) can access /dev/kmsg
without root credentials.
Change-Id: Ie955499c4a0bf1581cd64244cb94acfa6279719d
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
[ Minor style change in commit log. ]
Signed-off-by: Karol Lewandowski <k.lewandowsk@samsung.com>
INSUN PYO [Wed, 27 Sep 2017 07:10:21 +0000 (16:10 +0900)]
units: [user@.service] Set Group as users
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Iaf0d6f57e6a4a124ac0301e38527bddcbb7fe679
INSUN PYO [Thu, 31 Aug 2017 04:10:36 +0000 (13:10 +0900)]
packaging: Remove unused systemd-tmpfiles-clean.service, systemd-tmpfiles-clean.timer
systemd-tmpfiles-clean.service and systemd-tmpfiles-clean.timer are already disabled.
Removes the file that was left to identify the history.
Removes the user to remove the systemd-tmpfiles-clean.service manually.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Ifb105bedc29d7ab660c303059c8e3378c59a6e31
Yunmi Ha [Fri, 18 Aug 2017 08:37:11 +0000 (17:37 +0900)]
Remove upgrade script file from package
Change-Id: If547cb04400e412c00559881e312f831c2d25688
Signed-off-by: Yunmi Ha <yunmi.ha@samsung.com>
INSUN PYO [Mon, 31 Jul 2017 07:46:46 +0000 (16:46 +0900)]
hostnamed : disable hostnamed
Requested by MCD.
The connman, efl, bluez using hostnamed have also agreed to disable.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Iecb82b74305201696caa77d108efa216051181ce
Hyotaek Shim [Fri, 9 Jun 2017 12:10:29 +0000 (21:10 +0900)]
Remove "Requires(post): gawk" in the spec.
This patch is needed for reducing storage usage in IoT/Headless devices.
Change-Id: Ie0a5833ef1cf114202d9d783eb63135b31a1f6d6
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Hyotaek Shim [Wed, 7 Jun 2017 04:37:29 +0000 (13:37 +0900)]
55-udev-smack-default.rules: add group rw permission to input nodes
Change-Id: I61c7a3bb1098406172e5ed289cc0510b02794ea5
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Łukasz Stelmach [Fri, 8 Mar 2024 15:41:27 +0000 (16:41 +0100)]
fixup! tizen: Patch for unlimited timeout for User Session
Change-Id: I13ba233a5f4101c55f06be29f91a4b8d5558770d
INSUN PYO [Thu, 25 May 2017 05:50:55 +0000 (14:50 +0900)]
packaging: Disable systemd-tmpfiles-clean.timer
If you change the time in 15 minutes after booting,
some files in /tmp are removed by systemd-tmpfiles-clean.service.
Also, VD and MCD does't want tmpfile cleanup to be run.
I have modified the timer to not run automatically at boot time.
The timer and service are left unerased.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I5ce99c5a37488e5a89af6a49f32150cc7391a5ef
sanghyeok.oh [Tue, 25 Apr 2017 03:22:06 +0000 (12:22 +0900)]
license:change test-runner's license from Apache 2.0 to BSD-2-clause
To avoid license conflict between LGPL-2.1 and Apache-2.0, change it.
Change-Id: I60125a53b19193fb300f516387d08243cfa94698
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
sanghyeok.oh [Fri, 14 Apr 2017 05:50:54 +0000 (14:50 +0900)]
License:add license file for Apache-2.0
Change-Id: I9c6d1128fdc89b099c68c5fc2c7fd46fa193f0bc
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
INSUN PYO [Tue, 11 Apr 2017 07:26:57 +0000 (16:26 +0900)]
tizen: Do not try to read /proc/1/cgroup from unprivileged processes
In Tizen access to /proc/1 is restricted via Smack. However, there are
unprivileged functions that need to work with information from this dir.
This function caches cgroup information in /run, allowing system-wide
access to this information.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I2a2977400c7917804599cfb6f225dab897dc8b14
INSUN PYO [Thu, 30 Mar 2017 06:18:35 +0000 (15:18 +0900)]
License: add license files for systemd-analyze package
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Iea4a6b72d5c277e1bcf3a4604ec6c5b603d1d973
INSUN PYO [Mon, 27 Mar 2017 13:50:39 +0000 (22:50 +0900)]
License: add license files
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I39d99a2040f267c29529d331ff5de7591cbf1fa5
projects / platform / upstream / systemd.git / log