| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|\
| |
| | |
journalctl: honour --output-fields= in -o cat mode
|
| | |
|
| | |
|
| |
| |
| |
| | |
Fixes: #15621
|
| | |
|
| |
| |
| |
| |
| |
| |
| | |
We probably can migrate even more, but for now let's just migrate those
which have the 1:1 identical text everywhere.
(Also, let's add the % entry to all specifier tables)
|
|\ \
| | |
| | | |
systemctl: optionally output tables as json
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Let's try to mangle table contents a bit to make them more suitable as
JSON field names. Specifically when we see "foo bar" convert this to
"foo_bar" as field name, as variable/field names are generally assumed
to be without spaces.
|
| | |
| | |
| | |
| | |
| | |
| | | |
The original source of these dimensions had swapped the x y dimension
arguments to touchpad-edge-detector. The correct dimensions are
x = 100 mm, y = 68 mm
|
| | |
| | |
| | |
| | | |
Closes: #15698
|
| |/
|/| |
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Consider such configuration:
$ systemd-nspawn --read-only --timezone=copy --resolv-conf=copy-host \
--overlay="+/etc::/etc" <...>
Assuming one wants `/` to be read-only, DNS and `/etc/localtime` to
work. One way to do it is to create an overlay filesystem in `/etc/`.
However, systemd-nspawn tries to create `/etc/resolv.conf` and
`/etc/localtime` before mounting the custom paths, while `/` (and, by
extension, `/etc`) is read-only. Thus it fails to create those files.
Mounting custom paths before modifying anything in `/etc/` makes this
possible.
Full example:
```
$ debootstrap buster /var/lib/machines/t1 http://deb.debian.org/debian
$ systemd-nspawn --private-users=false --timezone=copy --resolv-conf=copy-host --read-only --tmpfs=/var --tmpfs=/run --overlay="+/etc::/etc" -D /var/lib/machines/t1 ping -c 1 example.com
Spawning container t1 on /var/lib/machines/t1.
Press ^] three times within 1s to kill container.
ping: example.com: Temporary failure in name resolution
Container t1 failed with error code 130.
```
With the patch:
```
$ sudo ./build/systemd-nspawn --private-users=false --timezone=copy --resolv-conf=copy-host --read-only --tmpfs=/var --tmpfs=/run --overlay="+/etc::/etc" -D /var/lib/machines/t1 ping -qc 1 example.com
Spawning container t1 on /var/lib/machines/t1.
Press ^] three times within 1s to kill container.
PING example.com (93.184.216.34) 56(84) bytes of data.
--- example.org ping statistics ---
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 110.912/110.912/110.912/0.000 ms
Container t1 exited successfully.
```
|
|\
| |
| | |
be more careful when setting json variant + dbus message sensitive flag
|
| |
| |
| |
| | |
the the sensitive flag on it
|
| |
| |
| |
| |
| | |
let's make sure that when we append potentially sensitive data to a bus
message we set the sensitive flag on the message object.
|
| |
| |
| |
| |
| | |
Let's make sure we never lose the bit when copying a variant, after all
the data contained is still going to be sensitive after the copy.
|
|\ \
| | |
| | | |
docs: Change prefix for desktop applications to app-
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We need both a slice name and a prefix for application units. For
consistency we tried to use the same name and ended up standardising on
"apps.slice" and and "apps-" prefix for the units.
However, "app-" would be a more natural prefix for applications. And it
is no problem to simply also name the slice "app.slice" for consistency
rather than keeping the current "apps.slice".
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
User accounts of given names are necessary for the build script and
tests to succeed.
(Fixup of #15527, too keen cleaning of dependencies and cached image
caused this.)
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | | |
CID#1428676.
|
|\ \ \
| | | |
| | | | |
coredump: add zstandard support for coredumps
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | | |
this will hook libzstd into coredump,
using this format as default.
|
|/ / /
| | |
| | |
| | | |
streq()
|
| | |
| | |
| | |
| | | |
Reported by Fossies.org.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
HUGE_SIZE was defined inconsistently.
> In file included from ../src/basic/alloc-util.h:9,
> from ../src/journal/test-compress.c:9:
> ../src/journal/test-compress.c: In function ‘main’:
> ../src/journal/test-compress.c:280:33: error: ‘HUGE_SIZE’ undeclared (first use in this function)
> 280 | assert_se(huge = malloc(HUGE_SIZE));
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Discovered, tracked down and fix proposed by Emmanuel Garette.
See: https://lists.freedesktop.org/archives/systemd-devel/2020-April/044435.html
(Lennart turned this into a PR)
Fixes: #15608
|
|\ \ \
| | | |
| | | | |
Fix Chromebook Caroline board accelerometer not having correct orientation
|
| | | | |
|
|\ \ \ \
| | | | |
| | | | | |
Introduce sd_notify_barrier
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Add note for change of behaviour in systemd-notify, where parent pid trick
is only used when --no-block is passed, and with enough privileges ofcourse.
Also, fix a small error in systemd(1).
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This adds the sd_notify_barrier function, to allow users to synchronize against
the reception of sd_notify(3) status messages. It acts as a synchronization
point, and a successful return gurantees that all previous messages have been
consumed by the manager. This can be used to eliminate race conditions where
the sending process exits too early for systemd to associate its PID to a
cgroup and attribute the status message to a unit correctly.
systemd-notify now uses this function for proper notification delivery and be
useful for NotifyAccess=all units again in user mode, or in cases where it
doesn't have a control process as parent.
Fixes: #2739
|
|\ \ \ \ \
| |/ / / /
|/| | | | |
core: introduce support for cgroup freezer
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
With cgroup v2 the cgroup freezer is implemented as a cgroup
attribute called cgroup.freeze. cgroup can be frozen by writing "1"
to the file and kernel will send us a notification through
"cgroup.events" after the operation is finished and processes in the
cgroup entered quiescent state, i.e. they are not scheduled to
run. Writing "0" to the attribute file does the inverse and process
execution is resumed.
This commit exposes above low-level functionality through systemd's DBus
API. Each unit type must provide specialized implementation for these
methods, otherwise, we return an error. So far only service, scope, and
slice unit types provide the support. It is possible to check if a
given unit has the support using CanFreeze() DBus property.
Note that DBus API has a synchronous behavior and we dispatch the reply
to freeze/thaw requests only after the kernel has notified us that
requested operation was completed.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Callers of cg_get_keyed_attribute_full() can now specify via the flag whether the
missing keyes in cgroup attribute file are OK or not. Also the wrappers for both
strict and graceful version are provided.
|
| | |_|/
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | | |
This has the advantage that mac_selinux_access_check() can be used as a
function in all contexts. For example, parameters passed to it won't be
reported as unused if the "function" call is replaced with 0 on SELinux
disabled builds.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
As Debian/Ubuntu use /lib/systemd instead of /usr/lib/systemd,
add systemd-journal-remote to the list of programs that test-functions
detects the correct path to, and replace its direct usage with
$SYSTEMD_JOURNAL_REMOTE
Also use $JOURNALCTL instead of journalctl.
Also minor correction in install_plymouth() to look in /lib/... as
well as /usr/lib/... and /etc/...
|
|\ \ \ \
| | | | |
| | | | | |
Introduce FDPOLL=0
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This replaces manual string splitting and unescaping with
extract_first_word.
|
| | |/ /
| |/| |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
A service can specify FDSTORE=1 FDPOLL=0 to request that PID1 does not
poll the fd to remove them on error. If set, fds will only be removed on
FDSTOREREMOVE=1 or when the service is done.
Fixes: #12086
|
|/ / / |
|
| |/
|/|
| |
| | |
Prompted by the discussions on #15547.
|
| |
| |
| |
| |
| |
| | |
EFI var due to SecureBoot
Fixes: #14864
|
| |
| |
| |
| |
| |
| |
| |
| | |
EFI variable access is nowadays subject to rate limiting by the kernel.
Thus, let's cache the results of checking them, in order to minimize how
often we access them.
Fixes: #14828
|