summaryrefslogtreecommitdiff
path: root/man/org.freedesktop.systemd1.xml
Commit message (Collapse)AuthorAgeFilesLines
* man: fixes for assorted issues reported by the manpage-l10n projectZbigniew Jędrzejewski-Szmek2023-05-171-3/+4
| | | | Fixes #26761.
* doc: remove legacy DefaultControlGroup from dbus propertiesMiao Wang2023-05-081-4/+0
| | | DefaultControlGroup does not exist any more.
* core: add DelegateSubgroup= settingLennart Poettering2023-04-271-0/+28
| | | | | | | | | | | | | | | This implements a minimal subset of #24961, but in a lot more restrictive way: we only allow one level of subcgroup (as that's enough to address the no-processes in inner cgroups rule), and does not change anything about threaded cgroup logic or similar, or make any of this new behaviour mandatory. All this does is this: all non-control processes we invoke for a unit we'll invoke in a subgroup by the specified name. We'll later port all our current services that use cgroup delegation over to this, i.e. user@.service, systemd-nspawn@.service and systemd-udevd.service.
* service: add ability to pin fd storeLennart Poettering2023-04-131-0/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | Oftentimes it is useful to allow the per-service fd store to survive longer than for a restart. This is useful in various scenarios: 1. An fd to some security relevant object needs to be stashed somewhere, that should not be cleaned automatically, because the security enforcement would be dropped then. 2. A user namespace fd should be allocated on first invocation and be kept around until the user logs out (i.e. systemd --user ends), á la #16328 (This does not implement what #16318 asks for, but should solve the use-case discussed there.) 3. There's interest in allow a concept of "userspace reboots" where the kernel stays running, and userspace is swapped out (i.e. all services exit, and the rootfs transitioned into a new version of it) while keeping some select resources pinned, very similar to how we implement a switch root. Thus it is useful to allow services to exit, while leaving their fds around till the very end. This is exposed through a new FileDescriptorStorePreserve= setting that is closely modelled after RuntimeDirectoryPreserve= (in fact it reused the same internal type), since we want similar behaviour in the end, and quite often they probably want to be used together.
* Merge pull request #25608 from poettering/dissect-moarLennart Poettering2023-04-121-0/+72
|\ | | | | dissect: add dissection policies
| * tree-wide: hook up image dissection policy logic everywhereLennart Poettering2023-04-051-0/+72
| |
* | tree-wide: A few more uses of "unmet" for conditionsColin Walters2023-04-111-1/+1
|/ | | | | | | | | | | | | | This is a followup to 413e8650b71d4404a7453403797f93d73d88c466 > tree-wide: Use "unmet" for condition checks, not "failed" Since I noticed when running `systemctl status` on a recent systemd still seeing `Condition: start condition failed` To recap the original rationale here for "unmet" is that it's normal for some units to be conditional, so the term "failure" here is too strong.
* core: always calculate the next restart intervalMike Yuan2023-03-311-3/+3
| | | | | | | | | | Follow-up for #26902 and #26971 Let's always calculate the next restart interval since that's more useful. For that, we add 1 to s->n_restarts unconditionally, and change RestartUSecCurrent property to RestartUSecNext.
* pid1: add DumpFileDescriptorStore() bus call that returns fdstore content infoLennart Poettering2023-03-291-0/+22
|
* core/dbus-service: add RestartUSecCurrent propertyMike Yuan2023-03-271-0/+6
| | | | | This new property shows how much time we actually waits before restarting.
* core: add RestartSteps= and RestartSecMax= for exponentially increasingMike Yuan2023-03-271-0/+12
| | | | | | | | | | interval between restarts RestartSteps= accepts a positive integer as the number of steps to take to increase the interval between auto-restarts from RestartSec= to RestartSecMax=, or 0 to disable it. Closes #6129
* core: support overriding NOTIFYACCESS= through sd-notify during runtimeMike Yuan2023-03-221-1/+0
| | | | Closes #25963
* pid1: add unit file settings to control memory pressure logicLennart Poettering2023-03-011-0/+84
|
* tree-wide: fix typoYu Watanabe2023-02-221-3/+4
|
* pid1: add a new D-Bus method for enquing POSIX signals with values to unit ↵Lennart Poettering2023-02-171-6/+25
| | | | | | | | | | | processes This augments the existing KillUnit() + Kill() methods with QueueSignalUnit() + QueueSignal(), which are what sigqueue() is to kill(). This is useful for sending our new SIGRTMIN+18 control signals to system services.
* core: add support for Startup memory limitsLuca Boccassi2023-02-151-0/+216
| | | | | We support separate Startup configurations for CPU and I/O, so add it for memory too. Only cover cgroupsv2 settings.
* core: add GetUnitByPIDFD method and use it in systemctlLuca Boccassi2023-01-181-1/+11
| | | | | | | | | | | | | | | A pid can be recycled, but a pidfd is pinned. Add a new method that is safer as it takes a pidfd as input. Return not only the D-Bus object path, but also the unit id and the last recorded invocation id, as they are both useful (especially the id, as converting from a path object to a unit id from a script requires another round-trip via D-Bus). Note that the manager still tracks processes by pid, so theorethically this is not fully error-proof, but on the other hand the method response is synchronous and the manager is single-threaded, so once a call is being processed the unit database will not change anyway. Once the manager switches to use pidfds everywhere, this can be further hardened.
* pid1: add new Type=notify-reload service typeLennart Poettering2023-01-101-0/+6
| | | | Fixes: #6162
* core: add OpenFile settingRichard Phibel2023-01-101-0/+6
|
* journal: log filtering options support in PID1Quentin Deslandes2022-12-151-0/+24
| | | | | | | | | Define new unit parameter (LogFilterPatterns) to filter logs processed by journald. This option is used to store a regular expression which is carried from PID1 to systemd-journald through a cgroup xattrs: `user.journald_log_filter_patterns`.
* Merge pull request #25437 from ↵Zbigniew Jędrzejewski-Szmek2022-12-051-1/+12
|\ | | | | | | | | YHNdnzj/systemctl-disable-warn-statically-enabled-services systemctl: warn if trying to disable a unit with no install info
| * systemctl: warn if trying to disable a unit with no install infoMike Yuan2022-12-031-1/+12
| | | | | | | | | | | | | | | | | | | | | | Trying to disable a unit with no install info is mostly useless, so adding a warning like we do for enable (with the new dbus method 'DisableUnitFilesWithFlagsAndInstallInfo()'). Note that it would still find and remove symlinks to the unit in /etc, regardless of whether it has install info or not, just like before. And if there are actually files to remove, we suppress the warning. Fixes #17689
* | Merge pull request #25385 from drvink/mainLennart Poettering2022-11-291-0/+6
|\ \ | | | | | | systemd: Support OOMPolicy in scope units
| * | systemd: Support OOMPolicy in scope unitsMark Laws2022-11-241-0/+6
| |/ | | | | | | Closes #25376.
* | MemoryZSwapMax directive to configure new memory.zswap.max cgroup filePasha Vorobyev2022-11-151-0/+36
|/
* man: use the correct 'Markers' property name for marking unitsFrantisek Sumsal2022-11-021-1/+1
| | | | Follow-up to c9615f7352 and 70666e28a1.
* Merge pull request #25007 from keszybz/rename-dbus-dumpZbigniew Jędrzejewski-Szmek2022-10-181-12/+19
|\ | | | | manager: rename dbus method
| * manager: add DumpUnitsMatchingPatternsByFileDescriptor()Zbigniew Jędrzejewski-Szmek2022-10-171-9/+16
| |
| * manager: rename dbus methodZbigniew Jędrzejewski-Szmek2022-10-141-4/+4
| | | | | | | | Fixes #24989.
* | man: fix method nameZbigniew Jędrzejewski-Szmek2022-10-171-1/+1
|/
* analyze: extend the dump command to accept patternsFranck Bui2022-10-131-1/+7
| | | | | | | | | | The new function DumpPatterns() can be used to limit (drastically) the size of the data returned by PID1. Hence the optimization of serializing data into a file descriptor should be less relevant than having the possibility to limit the data when communicating with the service manager remotely. NB: when passing patterns, the dump command omits the version of the manager as well as the features and the timestamps.
* man: document the Dump() calls of the PID 1 D-Bus interface, and what they areLennart Poettering2022-09-301-4/+14
|
* Merge pull request #24709 from keszybz/partition-table-constantsLennart Poettering2022-09-211-5/+5
|\ | | | | Expose various GPT UUIDs as public contants and link them up in docs
| * man: "the initial RAM disk" → "the initrd"Zbigniew Jędrzejewski-Szmek2022-09-201-5/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In many places we spelled out the phrase behind "initrd" in full, but this isn't terribly useful. In fact, no "RAM disk" is used, so emphasizing this is just confusing to the reader. Let's just say "initrd" everywhere, people understand what this refers to, and that it's in fact an initramfs image. Also, s/i.e./e.g./ where appropriate. Also, don't say "in RAM", when in fact it's virtual memory, whose pages may or may not be loaded in page frames in RAM, and we have no control over this. Also, add <filename></filename> and other minor cleanups.
* | pid1: drop redundant DBus propertiesYu Watanabe2022-09-161-30/+18
|/ | | | | | | | | | Follow-up for 10f3f4ed016b9fe92ca3d093fcfaed8278e69220. We already have RuntimeWatchdogUSec or friends. Let's not introduce redundant properties. Also, drop the const qualifier for WatchdogLastPingTimestamp, as they are actually not constant.
* pid1: introduce dbus properties WatchdogDevice and friendsYu Watanabe2022-09-141-0/+30
| | | | Closes #24665.
* core: add basic infrastructure to record unit activation informationLuca Boccassi2022-08-231-0/+22
| | | | | | | Not wired in by any unit type yet, just the basic to allocate, ref, deref and plug in to other unit types. Includes recording the trigger unit name and passing it to the triggered unit as TRIGGER_UNIT= env var.
* Merge pull request #24044 from dtardon/default-device-timeoutLennart Poettering2022-08-081-0/+6
|\ | | | | Add a configuration option for setting default device timeout
| * man: update dbus docsDavid Tardon2022-08-051-0/+6
| |
* | core: cache unit file selinux label, and make decisions based on thatLennart Poettering2022-07-201-0/+9
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | Do not go back to disk on each selinux access, but instead cache the label off the inode we are actually reading. That way unit file contents and unit file label we use for access checks are always in sync. Based on discussions here: https://github.com/systemd/systemd/pull/10023#issuecomment-1179835586 Replaces: https://github.com/systemd/systemd/pull/23910 This changes behaviour a bit, because we'll reach and cache the label at the moment of loading the unit (i.e. usually on boot and reload), but not after relabelling. Thus, users must refresh the cache explicitly via a "systemctl daemon-reload" if they relabelled things. This makes the SELinux story a bit more debuggable, as it adds an AccessSELinuxContext bus property to units that will report the label we are using for a unit (or the empty string if not known). This also drops using the "source" path of a unit as label source. if there's value in it, then generators should manually copy the selinux label from the source files onto the generated unit files, so that the rule that "access labels are read when we read the definition files" is upheld. But I am not convinced this is really a necessary, good idea.
* manager: add taint flag "support-ended"Zbigniew Jędrzejewski-Szmek2022-07-101-0/+9
| | | | | | | | | | | | | | In the welcome line, use NAME= as the fallback for PRETTY_NAME=. PRETTY_NAME= doesn't have to be set, but NAME= should. Example output: --- Welcome to Fedora Linux 37 (Rawhide Prerelease)! [ !! ] This OS version (Fedora Linux 37 (Rawhide Prerelease)) is past its end-of-support date (1999-01-01) Queued start job for default target graphical.target. [ OK ] Created slice system-getty.slice. ---
* man: update the description of taint flagsZbigniew Jędrzejewski-Szmek2022-07-091-15/+81
| | | | | | We had a description in README, and an outdated list in the man page. I think we should keep a reference-style list in the man page. The description in README is more free-form.
* Revert NFTSet featureYu Watanabe2022-06-221-60/+0
| | | | | | | | | | | | | | | | | | | | | | | | This reverts PR #22587 and its follow-up commit. More specifically, 2299b1cae32c1fb8911da0ce26efced68032f4f8 (partially), e176f855278d5098d3fecc5aa24ba702147d42e0, ceb46a31a01b3d3d1d6095d857e29ea214a2776b, and 51bb9076ab8c050bebb64db5035852385accda35. The PR was merged without final approval, and has several issues: - OSS fuzz reported issues in the conf parser, - It calls synchrnous netlink call, it should not be especially in PID1, - The importance of NFTSet for CGroup and DynamicUser may be questionable, at least, there was no justification PID1 should support it. - For networkd, it should be implemented with Request object, - There is no test for the feature. Fixes #23711. Fixes #23717. Fixes #23719. Fixes #23720. Fixes #23721. Fixes #23759.
* core: firewall integration with DynamicUserNFTSet=Topi Miettinen2022-06-081-0/+24
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | New directive `DynamicUserNFTSet=` provides a method for integrating configuration of dynamic users into firewall rules with NFT sets. Example: ``` table inet filter { set u { typeof meta skuid } chain service_output { meta skuid != @u drop accept } } ``` ``` /etc/systemd/system/dunft.service [Service] DynamicUser=yes DynamicUserNFTSet=inet:filter:u ExecStart=/bin/sleep 1000 [Install] WantedBy=multi-user.target ``` ``` $ sudo nft list set inet filter u table inet filter { set u { typeof meta skuid elements = { 64864 } } } $ ps -n --format user,group,pid,command -p `pgrep sleep` USER GROUP PID COMMAND 64864 64864 55158 /bin/sleep 1000 ```
* core: firewall integration with ControlGroupNFTSet=Topi Miettinen2022-06-081-0/+36
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | New directive `ControlGroupNFTSet=` provides a method for integrating services into firewall rules with NFT sets. Example: ``` table inet filter { ... set timesyncd { type cgroupsv2 } chain ntp_output { socket cgroupv2 != @timesyncd counter drop accept } ... } ``` /etc/systemd/system/systemd-timesyncd.service.d/override.conf ``` [Service] ControlGroupNFTSet=inet:filter:timesyncd ``` ``` $ sudo nft list set inet filter timesyncd table inet filter { set timesyncd { type cgroupsv2 elements = { "system.slice/systemd-timesyncd.service" } } } ```
* tree-wide: streamline wiki linksBenjamin Franzke2022-05-211-2/+2
| | | | | | | | * Avoid traling slash as most links are defined without. * Always use https:// protocol and www. subdomain Allows for easier tree-wide linkvalidation for our migration to systemd.io.
* core: annotate Reexecute() as NoReplyFrantisek Sumsal2022-05-101-0/+1
| | | | | So we're able to tell from the introspection data that the method doesn't reply.
* man: deduplicate dbus versioning refZbigniew Jędrzejewski-Szmek2022-05-051-6/+1
|
* core: do not return 'skipped' when Condition*= fail with StartUnitWithFlags()Luca Boccassi2022-03-101-4/+1
| | | | | | | | | Backward incompatible change to avoid returning 'skipped' if a condition causes a job activation to be skipped when using StartUnitWithFlags(). Job results are broadcasted, so it is theoretically possible that existing software could get confused if they see this result. Replaces https://github.com/systemd/systemd/pull/22369
* core: manage SetShowStatus through polkitZbigniew Jędrzejewski-Szmek2022-03-081-1/+0
| | | | | | | | | | When writing docs for SD_BUS_VTABLE_CAPABILITY, I noticed that we have one use of SD_BUS_VTABLE_CAPABILITY(CAP_SYS_ADMIN) in the tree. This is the default, so it's not very useful to specify it. But if we're touching that, I think it's better to use mac + polkit for this like for everything else. We don't have a very good category for this, but I don't think it makes sense to add a new one. I just reused the same as other similar calls.
View Lorry Controller Status