summaryrefslogtreecommitdiff
path: root/docs
Commit message (Collapse)AuthorAgeFilesLines
* tmpfiles: Try to take a BSD lock on files as wellDaan De Meyer2023-03-301-11/+8
| | | | | | Similar to what we do for directories, just before we remove a file, let's try to take a BSD lock on it. If that fails, skip removing the file.
* mkosi: Update to latestDaan De Meyer2023-03-292-2/+2
| | | | | | | | | | | - Drop Netdev= as it was removed in mkosi - Always install python-psutil in the final image (required for networkd tests) - Always Install python-pytest in the final image (required for ukify tests) - Use the narrow glob for all centos python packages - Drop the networkd mkosi config files (the default image can be used instead) - Use ".conf" as the mkosi config file suffix everywhere - Copy src/ to /root/src in the final image and set gdb substitute path in .gdbinit to make gdb work properly
* portable: add PORTABLE_NAME_AND_VERSION= and other metadata to LogsExtraFields=Luca Boccassi2023-03-281-2/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is useful to identify log messages with metadata from the images they run on. Look for ID/VERSION_ID/IMAGE_ID/IMAGE_VERSION/BUILD_ID, with a SYSEXT_ prefix if we are looking at an extension, and append via LogExtraFields= as respectively PORTABLE_NAME_AND_VERSION= in case of a single image. In case of extensions, append as PORTABLE_ROOT_NAME_AND_VERSION= for the base and one PORTABLE_EXTENSION_AND_VERSION= for each extension. Example with a base and two extensions, with the unit coming from the first extension: [Service] RootImage=/home/bluca/git/systemd/base.raw Environment=PORTABLE=app0.raw BindReadOnlyPaths=/etc/os-release:/run/host/os-release LogExtraFields=PORTABLE=app0.raw Environment=PORTABLE_ROOT=base.raw LogExtraFields=PORTABLE_ROOT=base.raw LogExtraFields=PORTABLE_ROOT_NAME_AND_VERSION=debian_10 ExtensionImages=/home/bluca/git/systemd/app0.raw LogExtraFields=PORTABLE_EXTENSION=app0.raw LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app_0 ExtensionImages=/home/bluca/git/systemd/app1.raw LogExtraFields=PORTABLE_EXTENSION=app1.raw LogExtraFields=PORTABLE_EXTENSION_NAME_AND_VERSION=app_1
* portable: include base and extension images in log fieldsLuca Boccassi2023-03-281-0/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When a portable service uses extensions, we use the 'main' image name (the one where the unit was found in) as PORTABLE=. It is useful to also list all the images actually used at runtime, as they might contain libraries and so on. Use PORTABLE_ROOT= for the image/directory that is used as RootImage= or RootDirectory=, and PORTABLE_EXTENSION= for the image/directory that is used as ExtensionImages= or ExtensionDirectories=. Note that these new fields are only added if extensions are used, there's no change for single-DDI portables. Example with a base and two extensions, with the unit coming from the first extension: [Service] RootImage=/home/bluca/git/systemd/base.raw Environment=PORTABLE=app0.raw BindReadOnlyPaths=/etc/os-release:/run/host/os-release LogExtraFields=PORTABLE=app0.raw LogExtraFields=PORTABLE_ROOT=base.raw ExtensionImages=/home/bluca/git/systemd/app0.raw LogExtraFields=PORTABLE_EXTENSION=app0.raw ExtensionImages=/home/bluca/git/systemd/app1.raw LogExtraFields=PORTABLE_EXTENSION=app1.raw
* docs: s/authorized_key/authorized_keys/Frantisek Sumsal2023-03-241-1/+1
|
* docs: Explicitly tell developers to enable mkosi required meson optionsDaan De Meyer2023-03-231-1/+1
| | | | | We need repart, bootctl, analyze and ukify for mkosi so let's make sure those get built in the HACKING guide.
* docs: Fix vscode debugging section in HACKING.mdDaan De Meyer2023-03-211-12/+13
| | | | | Let's account for the recent changes in mkosi in the debugging with vscode section.
* docs: update unit name for sd-tmpfiles-setupMike Yuan2023-03-191-1/+1
|
* doc: update ELF_PACKAGE_METADATA to use linker flag instead of manual scriptLuca Boccassi2023-03-161-49/+5
| | | | | bfd/gold/mold/lld support this flag, so document it explicitly, and drop the manually written linker script which is no longer necessary
* repart: Add support for reading mkfs options from environmentDaan De Meyer2023-03-101-0/+6
|
* Merge pull request #26038 from ↵Zbigniew Jędrzejewski-Szmek2023-03-091-0/+4
|\ | | | | | | | | lilyinstarlight/fix/fstab-generator-sysroot-without-cmdline fstab-generator: use correct targets when /sysroot is specificied in fstab only
| * fstab-generator: add SYSTEMD_SYSFS_CHECK env varLily Foster2023-01-251-0/+4
| | | | | | | | | | This forces processing of /dev entries in fstab when running in a container is detected (checked as the existence of read-only /sys).
* | CODING_STYLE: note that 'unsigned' form is preferred over 'unsigned int'Dmitry V. Levin2023-03-081-1/+1
| |
* | doc: correct wrong use "'s" contractionsJan Engelhardt2023-03-071-1/+1
| |
* | journal-file: journal-file: extend journal header to always carry offset of ↵Lennart Poettering2023-03-021-2/+7
| | | | | | | | | | | | | | | | | | | | most recent entry This way we can quickly find the most recent entry, without searching or traversing entry array chains. This is relevant later, as it it allows us to quickly determine the most recent timestamps of each journal file, in a roughly atomic way.
* | doc: add document explaining memory pressure handlingLennart Poettering2023-03-011-0/+240
| |
* | docs: document the new HEADER_COMPATIBLE_TAIL_ENTRY_BOOT_ID flagLennart Poettering2023-02-211-5/+27
| |
* | Drop mkosi + clang section from HACKINGDaan De Meyer2023-02-161-77/+0
| | | | | | | | | | We removed a few features that made this work, will be added back in the future when we restructure the way mkosi does build images.
* | Update HACKING for latest mkosiDaan De Meyer2023-02-161-13/+4
| |
* | Merge pull request #26213 from poettering/journal-rework-seqnumLuca Boccassi2023-02-151-2/+2
|\ \ | | | | | | journal sequence number rework
| * | man: document __SEQNUM=/__SEQNUM_ID= journal pseudo fieldsLennart Poettering2023-02-081-2/+2
| | |
* | | treewide: fix a few typos in NEWS, docs and commentsDmitry V. Levin2023-02-153-3/+3
| | |
* | | tree-wide: fix typo and comment style updateYu Watanabe2023-02-151-1/+1
| | |
* | | docs/NETWORK_ONLINE: fix exampleGeert Lorang2023-02-081-0/+2
|/ / | | | | | | | | | | | | Type=oneshot is necessary for systemd to actually wait for the service to return. With RemainAfterExit=yes it won't be started again. Fixes #26342.
* | docs/CODING_STYLE: add sentence about redirection operatorsZbigniew Jędrzejewski-Szmek2023-02-061-2/+5
| |
* | test: drop whitespace after shell redirection operatorsZbigniew Jędrzejewski-Szmek2023-02-061-1/+1
| | | | | | | | | | | | | | | | | | | | (The one case that is left unchanged is '< <(subcommand)'.) This way, the style with no gap was already dominant. This way, the reader immediately knows that ' < ' is a comparison operator and ' << ' is a shift. In a few cases, replace custom EOF replacement by just EOF. There is no point in using someting like "_EOL" unless "EOF" appears in the text.
* | docs: tweak rsync flags for moving existing home dir to systemd-homedwouter bolsterlee2023-02-011-1/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The documentation on moving an existing homedir into a systemd-homed managed one suggests using rsync(1) with a bunch of flags to preserve as much metadata as possible: permissions, xattrs, timestamps, etc. The previously suggested flags were: rsync -aHAXv --remove-source-files … … which does include mtimes, but not ctimes and atimes, because -a does not include those: --archive, -a archive mode is -rlptgoD (no -A,-X,-U,-N,-H) This change adds the -N and -U flags to preserve even more file timestamps, turning the command into: rsync -aHANUXv --remove-source-files … The new flags are: --crtimes, -N preserve create times (newness) --atimes, -U preserve access (use) times
* | update footer to 2023cake032023-01-291-1/+1
| |
* | docs: Update HACKING.md to mention latest mkosi is neededDaan De Meyer2023-01-241-10/+13
| | | | | | | | | | | | Let's require users to run mkosi from git so we can fix any issues forward instead of trying to keep the configs working with older versions.
* | docs: update instructions for translation stringsLuca Boccassi2023-01-241-1/+1
| |
* | docs: drop manual rc PR warning stepLuca Boccassi2023-01-241-13/+11
| | | | | | | | it is not automated, yay
* | docs, man: consistently use comma after "For example"Dmitry V. Levin2023-01-237-7/+7
| |
* | docs: fix formatting a bitDmitry V. Levin2023-01-232-3/+3
| |
* | docs: fix grammar a bitDmitry V. Levin2023-01-2312-30/+30
| |
* | docs: fix a few typosDmitry V. Levin2023-01-235-5/+5
| |
* | Merge pull request #23309 from DaanDeMeyer/log-contextLuca Boccassi2023-01-201-0/+3
|\ \ | |/ |/| basic: Add log context
| * basic: Add log contextDaan De Meyer2023-01-081-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This commit adds support for attaching extra metadata to log messages written to the journal via log.h. We keep track of a thread local log context in log.c onto which we can push extra metadata fields that should be logged. Once a field is no longer relevant, it can be popped again from the log context. On top of this, we then add macros to allow pushing extra fields onto the log context. LOG_CONTEXT_PUSH() will push the provided field onto the log context and pop the last field from the log context when the current block ends. LOG_CONTEXT_PUSH_STRV() will do the same but for all fields in the given strv. Using the macros is as simple as putting them anywhere inside a block to add a field to all following log messages logged from inside that block. void myfunction(...) { ... LOG_CONTEXT_PUSH("MYMETADATA=abc"); // Every journal message logged will now have the MYMETADATA=abc // field included. } For convenience, there's also LOG_CONTEXT_PUSHF() to allow constructing the field to be logged using printf() syntax. log_context_new()/log_context_free() can be used to attach a log context to an async operation by storing it in the associated userdata struct.
* | doc: document how we expect empty lines to be usedLennart Poettering2023-01-171-2/+16
| |
* | tpm2: add common helper for checking if we are running on UKI with TPM ↵Lennart Poettering2023-01-171-3/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | measurements Let's introduce a common implementation of a function that checks whether we are booted on a kernel with systemd-stub that has TPM PCR measurements enabled. Do our own userspace measurements only if we detect that. PCRs are scarce and most likely there are projects which already make use of them in other ways. Hence, instead of blindly stepping into their territory let's conditionalize things so that people have to explicitly buy into our PCR assignments before we start measuring things into them. Specifically bind everything to an UKI that reported measurements. This was previously already implemented in systemd-pcrphase, but with this change we expand this to all tools that process PCR measurement settings. The env var to override the check is renamed to SYSTEMD_FORCE_MEASURE, to make it more generic (since we'll use it at multiple places now). This is not a compat break, since the original env var for that was not included in any stable release yet.
* | docs/man: remove reference to default vsock CIDLuca Boccassi2023-01-151-4/+2
| | | | | | | | | | | | | | This was dropped on reviewers' request in the revision that got merged, but reference in two documents was not updated. Fix it. Follow-up for: https://github.com/systemd/systemd/pull/25918
* | bootctl: honor $KERNEL_INSTALL_CONF_ROOTLudwig Nussel2023-01-101-0/+3
|/ | | | | Honor $KERNEL_INSTALL_CONF_ROOT for reading config files, as kernel-install does.
* Merge pull request #25918 from bluca/smbios_sd_notifyLennart Poettering2023-01-061-1/+24
|\ | | | | Support AF_VSOCK in sd_notify and pick up notify_socket from creds
| * creds: import 'vmm.notify_socket' and use it to setLuca Boccassi2023-01-051-1/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is intended to be used with VSOCK, to notify the hypervisor/VMM, eg on the host: qemu <...> -smbios type=11,value=io.systemd.credential:vmm.notify_socket=vsock:2:1234 -device vhost-vsock-pci,id=vhost-vsock-pci0,guest-cid=42 (vsock:2:1234 -> send to host on vsock port 1234, default is to send to 0 which is the hypervisor itself) Also on the host: $ socat - VSOCK-LISTEN:1234,socktype=5 READY=1 STATUS=Ready.
* | CODING_STYLE: fix 'better' typoSam James2023-01-061-1/+1
|/
* docs: remove /dev/tty* confusionLennart Poettering2022-12-231-3/+3
| | | | | | | | | | | The text said /dev/tty* as a whole was the VT subsystem and that VT is not supported in containers. But that's not accurate as /dev/tty* will match /dev/tty too and that one device node is special and is not related to VT: it always points to the current process own controlling tty, regardless what that is. hence, rewrite /dev/tty* as /dev/tty[0-9]*.
* dissect-image: let's lock down fstypes a bitLennart Poettering2022-12-221-0/+4
| | | | | | | | | | | | | | | | | When we dissect images automatically, let's be a bit more conservative with the file system types we are willing to mount: only mount common file systems automatically. Explicit mounts requested by admins should always be OK, but when we do automatic mounts, let's not permit barely maintained, possibly legacy file systems. The list for now covers the four common writable and two common read-only file systems. Sooner or later we might want to add more to the list. Also, it might make sense to eventually make this configurable via the image dissection policy logic.
* tree-wide: use -EBADF for fd initializationZbigniew Jędrzejewski-Szmek2022-12-191-1/+1
| | | | | | | | | | | | | | | | -1 was used everywhere, but -EBADF or -EBADFD started being used in various places. Let's make things consistent in the new style. Note that there are two candidates: EBADF 9 Bad file descriptor EBADFD 77 File descriptor in bad state Since we're initializating the fd, we're just assigning a value that means "no fd yet", so it's just a bad file descriptor, and the first errno fits better. If instead we had a valid file descriptor that became invalid because of some operation or state change, the other errno would fit better. In some places, initialization is dropped if unnecessary.
* Implement SYSTEMD_HOME_MKFS_OPTIONS_* envvars to configure mkfs options for ↵Aidan Dang2022-12-151-0/+5
| | | | homed LUKS directories
* journal: log filtering options support in PID1Quentin Deslandes2022-12-151-0/+1
| | | | | | | | | Define new unit parameter (LogFilterPatterns) to filter logs processed by journald. This option is used to store a regular expression which is carried from PID1 to systemd-journald through a cgroup xattrs: `user.journald_log_filter_patterns`.
* Merge pull request #25723 from keszybz/generators-tmpYu Watanabe2022-12-151-1/+1
|\ | | | | Run generators with / ro and /tmp mounted
View Lorry Controller Status