| Commit message (Collapse) | Author | Age | Files | Lines |
... | |
| | |_|_|/
| |/| | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
dbus-daemon currently uses a backlog of 30 on its D-bus system bus socket. On
overloaded systems this means that only 30 connections may be queued without
dbus-daemon processing them before further connection attempts fail. Our
cgroups-agent binary so far used D-Bus for its messaging, and hitting this
limit hence may result in us losing cgroup empty messages.
This patch adds a seperate cgroup agent socket of type AF_UNIX/SOCK_DGRAM.
Since sockets of these types need no connection set up, no listen() backlog
applies. Our cgroup-agent binary will hence simply block as long as it can't
enqueue its datagram message, so that we won't lose cgroup empty messages as
likely anymore.
This also rearranges the ordering of the processing of SIGCHLD signals, service
notification messages (sd_notify()...) and the two types of cgroup
notifications (inotify for the unified hierarchy support, and agent for the
classic hierarchy support). We now always process events for these in the
following order:
1. service notification messages (SD_EVENT_PRIORITY_NORMAL-7)
2. SIGCHLD signals (SD_EVENT_PRIORITY_NORMAL-6)
3. cgroup inotify and cgroup agent (SD_EVENT_PRIORITY_NORMAL-5)
This is because when receiving SIGCHLD we invalidate PID information, which we
need to process the service notification messages which are bound to PIDs.
Hence the order between the first two items. And we want to process SIGCHLD
metadata to detect whether a service is gone, before using cgroup
notifications, to decide when a service is gone, since the former carries more
useful metadata.
Related to this:
https://bugs.freedesktop.org/show_bug.cgi?id=95264
https://github.com/systemd/systemd/issues/1961
|
|\ \ \ \ \
| | | | | |
| | | | | | |
core: expose TriggerLimitIntervalUSec, dump TriggerLimitIntervalSec and TriggerLimitBurst too
|
| | | | | | |
|
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
Before:
$ systemctl show --property TriggerLimitIntervalSec test.socket
TriggerLimitIntervalSec=2000000
After:
$ systemctl show --property TriggerLimitIntervalUSec test.socket
TriggerLimitIntervalUSec=2s
|
|\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Minor fixes and .po updates
|
| | | | | | | |
|
|/ / / / / / |
|
|/ / / / / |
|
| |_|/ /
|/| | |
| | | | |
Fixes: #3194
|
| | | | |
|
| |_|/
|/| | |
|
|\ \ \
| | | |
| | | | |
networkd lib: cleanup FOREACH_WORD
|
| | | | |
|
| |/ / |
|
|\ \ \ |
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
For similar reasons as the recent addition of a limit on sessions.
Note that we don't enforce a limit on inhibitors per-user currently, but
there's an implicit one, since each inhibitor takes up one fd, and fds are
limited via RLIMIT_NOFILE, and the limit on the number of processes per user.
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
If we have a lot of simultaneous sessions we really shouldn't send the full
list of active sessions with each PropertyChanged message for user and seat
objects, as that can become quite substantial data, we probably shouldn't dump
on the bus on each login and logout.
Note that the global list of sessions doesn't send out changes like this
either, it only supports requesting the session list with ListSessions().
If cients want to get notified about sessions coming and going they should
subscribe to SessionNew and SessionRemoved signals, and clients generally do
that already.
This is kind of an API break, but then again the fact that this was included
was never documented.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Let's make sure we process session and inhibitor pipe fds (that signal
sessions/inhibtors going away) at a higher priority
than new bus calls that might create new sessions or inhibitors. This helps
ensuring that the number of open sessions stays minimal.
|
| | | | |
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We really should put limits on all resources we manage, hence add one to the
number of concurrent sessions, too. This was previously unbounded, hence set a
relatively high limit of 8K by default.
Note that most PAM setups will actually invoke pam_systemd prefixed with "-",
so that the return code of pam_systemd is ignored, and the login attempt
succeeds anyway. On systems like this the session will be created but is not
tracked by systemd.
|
|\ \ \ \
| | | | |
| | | | | |
change trigger timeout defaults
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The unit file settings are called SocketUser= and SocketGroup= hence name these
fields that way in the "systemd-analyze dump" output too.
https://github.com/systemd/systemd/issues/3171#issuecomment-216216995
|
| |/ / /
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Let's lower the default values a bit, and pick different defaults for
Accept=yes and Accept=no sockets.
Fixes: #3167
|
|\ \ \ \
| |/ / /
|/| | | |
Fixes for memleaks in networkd and test
|
| | | | |
|
|/ / / |
|
|/ /
| |
| |
| |
| |
| | |
* gitignore: typo fix for test-networkd-conf
* networkd: fix double include
|
|\ \
| | |
| | | |
Rework DUID setting
|
| | |
| | |
| | |
| | | |
It wasn't used for anything after the recent changes.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This is essentially a revert of f38e0cce75ff2ffbd99f7e382ed39c160bb7d799 (which
removed the documentation of DUIDType on purpose). The description is heavily
updated for the new semantics.
This addresses #3127 § 4.
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Separate fields are replaced with a struct.
Second second duid type field is removed. The first field was used to carry
the result of DUIDType= configuration, and the second was either a copy of
this, or contained the type extracted from DuidRawData. The semantics are changed
so that the type specified in DUIDType is always used. DUIDRawData= no longer
overrides the type setting.
The networkd code is now more constrained than the sd-dhcp code:
DUIDRawData cannot have 0 length, length 0 is treated the same as unsetting.
Likewise, it is not possible to set a DUIDType=0. If it ever becomes necessary
to set type=0 or a zero-length duid, the code can be changed to support that.
Nevertheless, I think that's unlikely.
This addresses #3127 § 1 and 3.
v2:
- rename DUID.duid, DUID.duid_len to DUID.raw_data, DUID.raw_data_len
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Both versions of the code are changed to allow the caller to override
DUID using simple rules: duid type and value may be specified, in
which case the caller is responsible to providing the contents,
or just duid type may be specified as DUID_TYPE_EN, in which case we
we fill in the values. In the future more support for other types may
be added, e.g. DUID_TYPE_LLT.
There still remains and ugly discrepancy between dhcp4 and dhcp6 code:
dhcp6 has sd_dhcp6_client_set_duid and sd_dhcp6_client_set_iaid and
requires client->state to be DHCP6_STATE_STOPPED, while dhcp4 has
sd_dhcp_client_set_iaid_duid and will reconfigure the client if it
is not stopped. This commit doesn't touch that part.
This addresses #3127 § 2.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
After all it is used in more than one place and is not that short.
Also tweak the test a bit:
- do not check that duid_len > 0, because we want to allow unknown
duid types, and there might be some which are fine with 0 length data,
(also assert should not be called from library code),
- always check that duid_len <= MAX_DUID_LEN, because we could overwrite
available buffer space otherwise.
|
| | | |
|
| | | |
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Header files were organized in a way where the includer would add various
typedefs used by the includee before including it, resulting in a tangled
web of dependencies between files.
Replace this with the following logic:
networkd.h
/ \
networkd-link.h \
networkd-ipv4ll.h--\__\
networkd-fdb.h \
networkd-network.h netword-netdev-*.h
networkd-route.h \
networkd-netdev.h
If a pointer to a structure defined in a different header file is needed,
use a typedef line instead of including the whole header.
|
| | |
|
|\ \
| | |
| | | |
make virtualization detection quieter, rework unit start limit logic, detect unit file drop-in changes correctly, fix autofs state propagation
|
| | |
| | |
| | |
| | |
| | | |
that way we can be sure that there's no expiry timeout in place at any time
when we aren't in the RUNNING state.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Port the progagation logic to the generic Unit->trigger_notify() callback logic
in the unit vtable, that is called for a unit not only when the triggered unit
of it changes state but also when a job for that unit finishes. This, firstly
allows us to make the code a bit cleaner and more generic, but more
importantly, allows us to notice correctly when a mount job fails, and
propagate that back to autofs client processes.
Fixes: #2181
|
| | |
| | |
| | |
| | | |
job for the service queued
|
| | |
| | |
| | |
| | | |
We already did this for the [Mount] section, let's do the same for [Automount].
|
| | | |
|
| | |
| | |
| | |
| | | |
Also, fix indentation.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
And let's make it more accurate: if we have acquire the list of unit drop-ins,
then let's do a full comparison against the old list we already have, and if
things differ in any way, we know we have to reload.
This makes sure we detect changes to drop-in directories in more cases.
|