| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|\
| |
| | |
Rework serialization of command lines in pid1 and make run not expand variables
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This makes syntax be the same for commands which are started by the manager and
those which are spawned directly (when --scope is used).
Before:
$ systemd-run -q -t echo '$TERM'
xterm-256color
$ systemd-run -q --scope echo '$TERM'
$TERM
Now:
$ systemd-run -q --scope echo '$TERM'
xterm-256color
Previous behaviour can be restored via --expand-environment=no:
$ systemd-run -q --scope --expand-environment=no echo '$TERM'
$TERM
Fixes #22948.
At some level, this is a compat break. Fortunately --scope is not very widely
used, so I think we can get away with this. Having different syntax depending
on whether --scope was used or not was bad UX.
A NEWS entry will be required.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This uses StartExecEx to get the equivalent of ExecStart=:. StartExecEx was
added in b3d593673c5b8b0b7d781fd26ab2062ca6e7dbdb, so this will not work with
older systemds.
A hint is emitted if we get an error indicating lack of support. PID1 returns
SD_BUS_ERROR_PROPERTY_READ_ONLY, but I'm checking for
SD_BUS_ERROR_UNKNOWN_PROPERTY too for safety.
|
| |
| |
| |
| | |
Follow-up for c6b8fffdfaf1f7c9a1dac73e1e54993a06c766c0
|
| |
| |
| |
| | |
It picks the bus based on the cgroup slice.
|
| |
| |
| |
| | |
Add fully working and documented example that can be copied and pasted
|
|\ \
| | |
| | | |
tree-wide: code spelling fixes
|
| | |
| | |
| | |
| | | |
As reported by Fossies.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Meta's resource control demo project[0] includes a benchmark tool that can
be used to calculate the best iocost solutions for a given SSD.
[0]: https://github.com/facebookexperimental/resctl-demo
A project[1] has now been started to create a publicly available database
of results that can be used to apply them automatically.
[1]: https://github.com/iocost-benchmark/iocost-benchmarks
This change adds a new tool that gets triggered by a udev rule for any
block device and queries the hwdb for known solutions. The format for
the hwdb file that is currently generated by the github action looks like
this:
# This file was auto-generated on Tue, 23 Aug 2022 13:03:57 +0000.
# From the following commit:
# https://github.com/iocost-benchmark/iocost-benchmarks/commit/ca82acfe93c40f21d3b513c055779f43f1126f88
#
# Match key format:
# block:<devpath>:name:<model name>:
# 12 points, MOF=[1.346,1.346], aMOF=[1.249,1.249]
block:*:name:HFS256GD9TNG-62A0A:fwver:*:
IOCOST_SOLUTIONS=isolation isolated-bandwidth bandwidth naive
IOCOST_MODEL_ISOLATION=rbps=1091439492 rseqiops=52286 rrandiops=63784 wbps=192329466 wseqiops=12309 wrandiops=16119
IOCOST_QOS_ISOLATION=rpct=0.00 rlat=8807 wpct=0.00 wlat=59023 min=100.00 max=100.00
IOCOST_MODEL_ISOLATED_BANDWIDTH=rbps=1091439492 rseqiops=52286 rrandiops=63784 wbps=192329466 wseqiops=12309 wrandiops=16119
IOCOST_QOS_ISOLATED_BANDWIDTH=rpct=0.00 rlat=8807 wpct=0.00 wlat=59023 min=100.00 max=100.00
IOCOST_MODEL_BANDWIDTH=rbps=1091439492 rseqiops=52286 rrandiops=63784 wbps=192329466 wseqiops=12309 wrandiops=16119
IOCOST_QOS_BANDWIDTH=rpct=0.00 rlat=8807 wpct=0.00 wlat=59023 min=100.00 max=100.00
IOCOST_MODEL_NAIVE=rbps=1091439492 rseqiops=52286 rrandiops=63784 wbps=192329466 wseqiops=12309 wrandiops=16119
IOCOST_QOS_NAIVE=rpct=99.00 rlat=8807 wpct=99.00 wlat=59023 min=75.00 max=100.00
The IOCOST_SOLUTIONS key lists the solutions available for that device
in the preferred order for higher isolation, which is a reasonable
default for most client systems. This can be overriden to choose better
defaults for custom use cases, like the various data center workloads.
The tool can also be used to query the known solutions for a specific
device or to apply a non-default solution (say, isolation or bandwidth).
Co-authored-by: Santosh Mahto <santosh.mahto@collabora.com>
|
|\ \ \
| | | |
| | | | |
kmod-setup: Add early loading for virtio_console
|
| |/ /
| | |
| | |
| | |
| | | |
This allows us to disable kmsg ratelimiting in the integration tests
and mkosi for easier debugging.
|
|/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
/usr/lib/systemd/system-shutdown/ callouts
I made the mistake to look into what is installed into
/usr/lib/systemd/system-shutdown/ on Fedora. fwdupd among other things
assumes /var/ is available from these callouts, though it is not in the
general case.
Hence, let's emphasize this in the documentation a bit more.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This removes remaining hardcoded occurences of `/sbin/fsck`, and instead
uses `find_executable` to find `fsck`.
We also use `fsck_exists_for_fstype` to check for the `fsck.*`
executable, which also checks in `$PATH`, so it's fair to assume fsck
itself is also available.
|
| |
| |
| |
| |
| |
| | |
The ignore directive specifies to not do anything with the given
unit and leave existing configuration intact. This allows distributions
to gradually adopt preset files by shipping a ignore * preset file.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Entia non sunt multiplicanda praeter necessitatem. We had a list of PCRs in the
man page which was already half out-of-date. Instead, link to web page with the
"authoritative" list. Here, drop the descriptions of what shim and grub do. Instead,
just give some short descriptions and mention what systemd components do.
systemd-pcrmachine.service and systemd-pcrfs@.service are now mentioned too.
https://github.com/uapi-group/specifications/commit/d0e590b1e2648e76ece66157ceade3f45b165b14
extended the table in the specs repo.
https://github.com/uapi-group/specifications/pull/59 adds some more text there
too.
Also, rework the recommendation: hint that PCR 11 is useful, and recommend
binding to policy signatures instead of direct PCR values. This new text is
intentionally vague: doing this correctly is hard, but let's at least not imply
that just binding to PCR 7 is useful in any way.
Also, change "string alias" to "name" in discussion of PCR names.
Inspired by https://discussion.fedoraproject.org/t/future-of-encryption-in-fedora/80397/17
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Enabling these options when not running as root requires a user
namespace, so implicitly enable PrivateUsers=.
This has a side effect as it changes which users are visible to the unit.
However until now these options did not work at all for user units, and
in practice just a handful of user units in Fedora, Debian and Ubuntu
mistakenly used them (and they have been all fixed since).
This fixes the long-standing confusing issue that the user and system
units take the same options but the behaviour is wildly (and sometimes
silently) different depending on which is which, with user units
requiring manually specifiying PrivateUsers= in order for sandboxing
options to actually work and not be silently ignored.
|
| |
| |
| |
| |
| |
| |
| | |
functionality (#27264)
* Fix inaccurate synposis, and description
Before the fix, they reflected only part of networkctl functionality.
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Confexts should not contain code, so mount confexts with noexec.
We cannot mount invidial extensions as noexec, as the overlay ignores
it and bypasses it, we need to use the flag on the whole overlay for
it to be effective.
But given there are legacy scripts still shipped in /etc, allow to
override it with --noexec=false.
|
| |
| |
| |
| | |
Fixes #26697. RFE.
|
|\ \
| | |
| | |
| | |
| | | |
gportay/veritysetup-add-options-for-parity-with-cryptsetup-verity-utility
veritysetup: Add options for parity support with the cryptsetup's verity utility
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The verity fec_* parameters allows to use Forward Error Correction to
recover from corruption if hash verification fails.
This adds the options fec_device, fec_offset and fec_roots (sixth
argument) which are the equivalent of the options --fec-device,
--fec-offset and --fec-roots in the veritysetup world.
- fec-device=FILE
- fec-offset=BYTES
- fec-roots=UINT64
See `veritysetup(8)` for more details.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The verity parameter no_superblock allows to format/open an hash device
without the superblock. However, the superblock data must be set to open
the data-device.
This adds the option superblocks (sixth argument) and all the underlying
options which are implied to set the superblock manually if hash device
has no superblock:
- superblock=BOOL
- format=NUMBER (hash version type, 0 for original ChromeOS, 1 for
modern)
- data-block-size=BYTES (max page-size, multiple of 512)
- hash-block-size=BYTES (max page-size, multiple of 512)
- data-blocks=BLOCKS (size of data-device in blocks)
- salt=HEXSTR (salt used at format, max 256 bytes)
- uuid=UUID
- hash=STR (algorithm name for dm-verity used at format, default is
sha256)
See `veritysetup(8)` for more details.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The verity parameter hash_area_offset allows to locate the superblock in
the hash device. It can be used to have a single device which contains
both data and hashes.
This adds the option hash-offset=BYTES (sixth argument) which is the
equivalent of the option --hash-offset in the veritysetup world.
See `veritysetup(8)` for more details.
|
| | |
| | |
| | |
| | |
| | |
| | | |
Now that we have a potentially pinned fdstore let's add a concept for
cleaning it explicitly on user requested. Let's expose this via
"systemctl clean", i.e. the same way as user directories are cleaned.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Oftentimes it is useful to allow the per-service fd store to survive
longer than for a restart. This is useful in various scenarios:
1. An fd to some security relevant object needs to be stashed somewhere,
that should not be cleaned automatically, because the security
enforcement would be dropped then.
2. A user namespace fd should be allocated on first invocation and be
kept around until the user logs out (i.e. systemd --user ends), á la
#16328 (This does not implement what #16318 asks for, but should
solve the use-case discussed there.)
3. There's interest in allow a concept of "userspace reboots" where the
kernel stays running, and userspace is swapped out (i.e. all services
exit, and the rootfs transitioned into a new version of it) while
keeping some select resources pinned, very similar to how we
implement a switch root. Thus it is useful to allow services to exit,
while leaving their fds around till the very end.
This is exposed through a new FileDescriptorStorePreserve= setting that
is closely modelled after RuntimeDirectoryPreserve= (in fact it reused
the same internal type), since we want similar behaviour in the end, and
quite often they probably want to be used together.
|
|/ / |
|
| |
| |
| |
| |
| |
| |
| |
| | |
/bin/login is shipped in util-linux, however, systemd.spec on Fedora has
"Requires: (util-linux-core or util-linux)". If the dependency is
fulfilled just by installation of util-linux-core then users won't be
able to log in into the container after it boots. Let's add util-linux
package to the package list so that /bin/login is always present.
|
|\ \
| | |
| | | |
core: Propagate exit status via notify socket when running in VM
|
| | |
| | |
| | |
| | |
| | | |
Whenever one of our tools or daemons exits, let's send the exit status
via sd-notify in the EXIT_STATUS field.
|
|\ \ \
| | | |
| | | | |
dissect: follow-up for image policy merge
|
| | | | |
|
|/ / /
| | |
| | |
| | |
| | | |
Fedora 36 is a bit old at this point and will be EOL in about 6 weeks.
Fedora 38 is not out yet, so the cloud link wouldn't work.
|
|/ /
| |
| |
| |
| |
| |
| |
| | |
systemd-nspawn now optionally supports colon-separated pair of
host interface name and container interface name for --network-macvlan, --network-ipvlan and --network-interface options.
Also supported in .nspawn configuration files (i.e Interface=, MACVLAN=, IPVLAN= parameters).
man page changed for ntwk interface naming
|
|\ \
| | |
| | | |
dissect: add dissection policies
|
| | |
| | |
| | |
| | | |
various components
|
| | |
| | |
| | |
| | |
| | |
| | | |
This allows unprivileged validation of DDIs. Only superficial structure,
i.e. not mounting or so. This becomes particularly handy in the
integration tests, and to validate image policies.
|
| |/ |
|
| |
| |
| |
| |
| | |
No change of contents, just some rebreaking of the full file to match
our current line break settings.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a followup to
413e8650b71d4404a7453403797f93d73d88c466
> tree-wide: Use "unmet" for condition checks, not "failed"
Since I noticed when running `systemctl status` on a recent
systemd still seeing
`Condition: start condition failed`
To recap the original rationale here for "unmet" is that it's
normal for some units to be conditional, so the term "failure"
here is too strong.
|
| |
| |
| |
| |
| |
| |
| |
| | |
The documentation suggests that the mount point (i.e. the directory
where the device is mounted) is removed when the device vanishes.
However only stopping of the automount unit is implemented.
So adapt the documentation to reality.
|
|\ \
| | |
| | | |
systemd-sysext/confext.service: Refresh on start/reload
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The /usr/lib/extensions/ location for systemd-sysext images is not
supported anymore. In https://github.com/systemd/systemd/pull/26013
systemd-confext images got introduced and we can list its path under
/usr instead.
|
|/ / |
|
|/ |
|
|\
| |
| | |
Improvements to man pages for systemd.service, sd-bus, and better error messages
|
| |
| |
| |
| |
| | |
Also add definitions for a few names that didn't have them and update
the list in the man page.
|
| | |
|