summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--man/supported-controllers.xml14
-rw-r--r--man/systemd.resource-control.xml11
-rw-r--r--meson.build14
-rw-r--r--meson_options.txt2
-rw-r--r--src/core/main.c2
-rw-r--r--src/nspawn/nspawn.c2
-rw-r--r--units/user@.service.in2
7 files changed, 36 insertions, 11 deletions
diff --git a/man/supported-controllers.xml b/man/supported-controllers.xml
new file mode 100644
index 0000000000..15e048b12d
--- /dev/null
+++ b/man/supported-controllers.xml
@@ -0,0 +1,14 @@
+<?xml version="1.0"?>
+<!DOCTYPE book PUBLIC "-//OASIS//DTD DocBook XML V4.5//EN" "http://www.oasis-open.org/docbook/xml/4.5/docbookx.dtd">
+
+<!--
+ SPDX-License-Identifier: LGPL-2.1+
+-->
+
+<refsect1>
+
+<para id="controllers-text">The following controller names may be specified: <option>cpu</option>, <option>cpuacct</option>,
+<option>cpuset</option>, <option>io</option>, <option>blkio</option>, <option>memory</option>, <option>devices</option>,
+<option>pids</option>, <option>bpf-firewall</option>, and <option>bpf-devices</option>.</para>
+
+</refsect1>
diff --git a/man/systemd.resource-control.xml b/man/systemd.resource-control.xml
index fce7dc7505..7e116f8e83 100644
--- a/man/systemd.resource-control.xml
+++ b/man/systemd.resource-control.xml
@@ -3,7 +3,7 @@
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!-- SPDX-License-Identifier: LGPL-2.1+ -->
-<refentry id="systemd.resource-control">
+<refentry id="systemd.resource-control" xmlns:xi="http://www.w3.org/2001/XInclude">
<refentryinfo>
<title>systemd.resource-control</title>
<productname>systemd</productname>
@@ -847,9 +847,9 @@ DeviceAllow=/dev/loop-control
hierarchy. Accordingly, access to the specified controllers will not be granted to unprivileged services on
the legacy hierarchy, even when requested.</para>
- <para>The following controller names may be specified: <option>cpu</option>, <option>cpuacct</option>,
- <option>io</option>, <option>blkio</option>, <option>memory</option>, <option>devices</option>,
- <option>pids</option>. Not all of these controllers are available on all kernels however, and some are
+ <xi:include href="supported-controllers.xml" xpointer="controllers-text" />
+
+ <para>Not all of these controllers are available on all kernels however, and some are
specific to the unified hierarchy while others are specific to the legacy hierarchy. Also note that the
kernel might support further controllers, which aren't covered here yet as delegation is either not supported
at all for them or not defined cleanly.</para>
@@ -876,8 +876,7 @@ DeviceAllow=/dev/loop-control
to disable. Passing <varname>DisableControllers=</varname> by itself with no controller name present resets
the disabled controller list.</para>
- <para>Valid controllers are <option>cpu</option>, <option>cpuacct</option>, <option>io</option>,
- <option>blkio</option>, <option>memory</option>, <option>devices</option>, and <option>pids</option>.</para>
+ <xi:include href="supported-controllers.xml" xpointer="controllers-text" />
</listitem>
</varlistentry>
</variablelist>
diff --git a/meson.build b/meson.build
index c8f6482e4a..fc216d22da 100644
--- a/meson.build
+++ b/meson.build
@@ -2292,10 +2292,19 @@ if conf.get('ENABLE_TIMEDATECTL') == 1
endif
if conf.get('ENABLE_TIMESYNCD') == 1
+ if get_option('link-timesyncd-shared')
+ timesyncd_link_with = [libshared]
+ else
+ timesyncd_link_with = [libsystemd_static,
+ libshared_static,
+ libjournal_client,
+ libbasic_gcrypt]
+ endif
+
executable('systemd-timesyncd',
systemd_timesyncd_sources,
include_directories : includes,
- link_with : [libshared],
+ link_with : [timesyncd_link_with],
dependencies : [threads,
libm],
install_rpath : rootlibexecdir,
@@ -2305,7 +2314,7 @@ if conf.get('ENABLE_TIMESYNCD') == 1
executable('systemd-time-wait-sync',
'src/time-wait-sync/time-wait-sync.c',
include_directories : includes,
- link_with : [libshared],
+ link_with : [timesyncd_link_with],
install_rpath : rootlibexecdir,
install : true,
install_dir : rootlibexecdir)
@@ -3469,6 +3478,7 @@ foreach tuple : [
['link-udev-shared', get_option('link-udev-shared')],
['link-systemctl-shared', get_option('link-systemctl-shared')],
['link-networkd-shared', get_option('link-networkd-shared')],
+ ['link-timesyncd-shared', get_option('link-timesyncd-shared')],
]
if tuple.length() >= 2
diff --git a/meson_options.txt b/meson_options.txt
index 4f82479a9b..4988d41ff3 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -18,6 +18,8 @@ option('link-systemctl-shared', type: 'boolean',
description : 'link systemctl against libsystemd-shared.so')
option('link-networkd-shared', type: 'boolean',
description : 'link systemd-networkd and its helpers to libsystemd-shared.so')
+option('link-timesyncd-shared', type: 'boolean',
+ description : 'link systemd-timesyncd and its helpers to libsystemd-shared.so')
option('static-libsystemd', type : 'combo',
choices : ['false', 'true', 'pic', 'no-pic'],
description : '''install a static library for libsystemd''')
diff --git a/src/core/main.c b/src/core/main.c
index 3baecc5f00..3c6b66e89c 100644
--- a/src/core/main.c
+++ b/src/core/main.c
@@ -1930,7 +1930,7 @@ static int initialize_runtime(
status_welcome();
hostname_setup();
machine_id_setup(NULL, arg_machine_id, NULL);
- loopback_setup();
+ (void) loopback_setup();
bump_unix_max_dgram_qlen();
bump_file_max_and_nr_open();
test_usr();
diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c
index f2f420c26f..734dee1130 100644
--- a/src/nspawn/nspawn.c
+++ b/src/nspawn/nspawn.c
@@ -3000,7 +3000,7 @@ static int inner_child(
return log_error_errno(errno, "setsid() failed: %m");
if (arg_private_network)
- loopback_setup();
+ (void) loopback_setup();
if (arg_expose_ports) {
r = expose_port_send_rtnl(rtnl_socket);
diff --git a/units/user@.service.in b/units/user@.service.in
index e898b39783..ace24369dd 100644
--- a/units/user@.service.in
+++ b/units/user@.service.in
@@ -18,7 +18,7 @@ IgnoreOnIsolate=yes
User=%i
PAMName=systemd-user
Type=notify
-ExecStart=-@rootlibexecdir@/systemd --user
+ExecStart=@rootlibexecdir@/systemd --user
Slice=user-%i.slice
KillMode=mixed
Delegate=pids memory
View Lorry Controller Status