service: add ability to pin fd store

Oftentimes it is useful to allow the per-service fd store to survive longer than for a restart. This is useful in various scenarios: 1. An fd to some security relevant object needs to be stashed somewhere, that should not be cleaned automatically, because the security enforcement would be dropped then. 2. A user namespace fd should be allocated on first invocation and be kept around until the user logs out (i.e. systemd --user ends), á la #16328 (This does not implement what #16318 asks for, but should solve the use-case discussed there.) 3. There's interest in allow a concept of "userspace reboots" where the kernel stays running, and userspace is swapped out (i.e. all services exit, and the rootfs transitioned into a new version of it) while keeping some select resources pinned, very similar to how we implement a switch root. Thus it is useful to allow services to exit, while leaving their fds around till the very end. This is exposed through a new FileDescriptorStorePreserve= setting that is closely modelled after RuntimeDirectoryPreserve= (in fact it reused the same internal type), since we want similar behaviour in the end, and quite often they probably want to be used together.
author: Lennart Poettering <lennart@poettering.net> 2023-03-29 22:07:22 +0200
committer: Lennart Poettering <lennart@poettering.net> 2023-04-13 06:44:27 +0200
commit: b9c1883a9cd9b5126fe648f3e198143dc19a222d (patch)
tree: f31bf560425d33c0d6933b20fe724e11942d6206 /src/core/dbus-execute.h
parent: c25fac9a17b95271bb6f8d967d33c5a9aa9e4bc9 (diff)
download: systemd-b9c1883a9cd9b5126fe648f3e198143dc19a222d.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/src/core/dbus-execute.h b/src/core/dbus-execute.h
index c53834140e..5926bdb4b1 100644
--- a/src/core/dbus-execute.h
+++ b/src/core/dbus-execute.h
@@ -28,6 +28,8 @@ int bus_property_get_exec_output(sd_bus *bus, const char *path, const char *inte
 int bus_property_get_exec_command(sd_bus *bus, const char *path, const char *interface, const char *property, sd_bus_message *reply, void *userdata, sd_bus_error *ret_error);
 int bus_property_get_exec_command_list(sd_bus *bus, const char *path, const char *interface, const char *property, sd_bus_message *reply, void *userdata, sd_bus_error *ret_error);
 int bus_property_get_exec_ex_command_list(sd_bus *bus, const char *path, const char *interface, const char *property, sd_bus_message *reply, void *userdata, sd_bus_error *ret_error);
+int bus_property_get_exec_preserve_mode(sd_bus *bus, const char *path, const char *interface, const char *property, sd_bus_message *reply, void *userdata, sd_bus_error *ret_error);
 
 int bus_exec_context_set_transient_property(Unit *u, ExecContext *c, const char *name, sd_bus_message *message, UnitWriteFlags flags, sd_bus_error *error);
 int bus_set_transient_exec_command(Unit *u, const char *name, ExecCommand **exec_command, sd_bus_message *message, UnitWriteFlags flags, sd_bus_error *error);
+int bus_set_transient_exec_preserve_mode(Unit *u, const char *name, ExecPreserveMode *p, sd_bus_message *message, UnitWriteFlags flags, sd_bus_error *error);
author	Lennart Poettering <lennart@poettering.net>	2023-03-29 22:07:22 +0200
committer	Lennart Poettering <lennart@poettering.net>	2023-04-13 06:44:27 +0200
commit	b9c1883a9cd9b5126fe648f3e198143dc19a222d (patch)
tree	f31bf560425d33c0d6933b20fe724e11942d6206 /src/core/dbus-execute.h
parent	c25fac9a17b95271bb6f8d967d33c5a9aa9e4bc9 (diff)
download	systemd-b9c1883a9cd9b5126fe648f3e198143dc19a222d.tar.gz