summaryrefslogtreecommitdiff
path: root/units
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #7078 from keszybz/cryptsetup-netdev-fixesLennart Poettering2017-10-183-16/+6
|\ | | | | Cryptsetup _netdev fixes
| * units: make remote-cryptsetup.target also after cryptsetup-pre.targetZbigniew Jędrzejewski-Szmek2017-10-181-1/+1
| | | | | | | | | | This way people can order units before cryptsetup-pre.target and have them run before any cryptsetup-related stuff.
| * units: replace remote-cryptsetup-pre.target with remote-fs-pre.targetZbigniew Jędrzejewski-Szmek2017-10-173-17/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | remote-cryptsetup-pre.target was designed as an active unit (that pulls in network-online.target), the opposite of remote-fs-pre.target (a passive unit, with individual provider services ordering itself before it and pulling it in, for example iscsi.service and nfs-client.target). To make remote-cryptsetup-pre.target really work, those services should be ordered before it too. But this would require updates to all those services, not just changes from systemd side. But the requirements for remote-fs-pre.target and remote-cryptset-pre.target are fairly similar (e.g. iscsi devices can certainly be used for both), so let's reuse remote-fs-pre.target also for remote cryptsetup units. This loses a bit of flexibility, but does away with the requirement for various provider services to know about remote-cryptsetup-pre.target.
| * units: add [Install] section to remote-cryptsetup.targetZbigniew Jędrzejewski-Szmek2017-10-131-0/+6
| | | | | | | | | | | | | | | | This makes this target the same as remote-fs.target in this regard. In practice it probably doesn't make that much difference, because all encrypted devices that are part of remote-fs.target (marked with _netdev) will be used for mount points, so they will be pulled in anyway individually, but with this change any such device will be configured, even if it is not pulled by any other unit.
* | mount: make sure we unmount tmpfs mounts before we deactivate swaps (#7076)Michal Sekletar2017-10-161-1/+0
|/ | | | | | | | In the past we introduced this property just for tmp.mount. However on todays systems usually there are many more tmpfs mounts. Most notably mounts backing XDG_RUNTIME_DIR for each user. Let's generalize what we already have for tmp.mount and implement the ordering After=swap.target for all tmpfs based mounts.
* unit: enable DynamicUser= for journal-uploadYu Watanabe2017-10-061-2/+1
|
* timesyncd: enable DynamicUser=Yu Watanabe2017-10-061-2/+1
|
* Merge pull request #6909 from sourcejedi/unitsLennart Poettering2017-10-057-9/+9
|\ | | | | Unit dependency fixes (and cleanups)
| * units: DefaultDependencies already implies conflict with shutdown.targetAlan Jenkins2017-09-301-2/+0
| | | | | | | | (and system-update.target does not have DefaultDependencies=no)
| * units: add missing Before=shutdown.target for units which it ConflictsAlan Jenkins2017-09-303-2/+2
| | | | | | | | | | | | | | There's a few services missing this ordering. Also remove a duplicate Conflicts=shutdown.target from systemd-volatile-root.service.
| * units: add missing ordering deps for Conflicts= of emergency.serviceAlan Jenkins2017-09-292-0/+2
| | | | | | | | | | | | | | | | | | | | | | 1. If we exited emergency mode immediately, we don't want to have an irreversible stop job still running for syslog.socket. I _suspect_ that can't happen, but let's not waste effort working out exactly why it's impossible and not just very improbable. 2. Similarly, it seems undesirable to have rescue.service and emergency.service both running with an open FD of /dev/console, for however short a period.
| * units: express Conflict in syslog.socket instead of emergency.serviceAlan Jenkins2017-09-292-2/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Note this commit only changes how the code is expressed; it does not change the existence of any dependency. The `Conflicts=` was added in 3136ec90, "Stop syslog.socket when entering emergency mode". The discussion in the issue #266 raised concerns that this might be needed for other units, but failed to point out why syslog.socket is special. The reason is that syslog.socket has DefaultDepedencies=no, so it does not get Requires=sysinit.target like other socket units do. But syslog.service does require sysinit.target, among other things. We don't have many socket, path, or timer units with DefaultDependencies=no, and I don't think any of the triggered services have such additional hard dependencies as syslog.service does. It is much less confusing if we keep this `Conflicts=` in the same file as the `DefaultDependencies=no` which made it necessary.
| * units: do not kill rescue shell when machines.target is startedAlan Jenkins2017-09-291-3/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The original aim of this commit is that starting machines.target from the rescue shell would not kill the rescue shell and lock you out of the system. This is similar to commit 6579a622, for the conflict between sysinit.target and the _emergency_ shell. That particular commit introduced an ordering cycle and will need to be reverted and/or fixed. This one does not, because it does not need to introduce any new dependencies. The reason why this commit is allowable also has it's own merit: machines.target was not marked as AllowIsolate. Also, the point of containers is to not escape them... I don't think we want to promote machines.target as a default target or similar; you would generally want some system service to allow you to shut down the machine, for example. I don't see this approach used in CoreOS, nor in Fedora Atomic Host; we are missing any positive examples of its utility. Requires=basic.target / After=basic.target can be removed for the same reason.
* | units: restore User=systemd-journal-gateway in ↵Lennart Poettering2017-10-051-0/+1
| | | | | | | | | | | | | | | | | | | | | | systemd-journal-gatewayd.service (#7005) After the discussions around #7003 I think we should restore the User=systemd-journal-gateway line for systemd-journal-gatewayd.service, too, so that we continue to use the state user if it exists, and create it as dynamic user only when it does not. Note that undoes part of a change made after 234, i.e. a never released change.
* | Merge pull request #6974 from keszybz/clean-up-definesLennart Poettering2017-10-041-10/+10
|\ \ | | | | | | Clean up define definitions
| * | build-sys: s/ENABLE_RESOLVED/ENABLE_RESOLVE/Zbigniew Jędrzejewski-Szmek2017-10-041-1/+1
| | | | | | | | | | | | | | | | | | The configuration option was called -Dresolve, but the internal define was …RESOLVED. This options governs more than just resolved itself, so let's settle on the version without "d".
| * | build-sys: s/HAVE_UTMP/ENABLE_UTMP/Zbigniew Jędrzejewski-Szmek2017-10-041-2/+2
| | | | | | | | | | | | | | | "Have" should be about the external environment and dependencies. Anything which is a pure yes/no choice should be "enable".
| * | build-sys: use #if Y instead of #ifdef Y everywhereZbigniew Jędrzejewski-Szmek2017-10-041-7/+7
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The advantage is that is the name is mispellt, cpp will warn us. $ git grep -Ee "conf.set\('(HAVE|ENABLE)_" -l|xargs sed -r -i "s/conf.set\('(HAVE|ENABLE)_/conf.set10('\1_/" $ git grep -Ee '#ifn?def (HAVE|ENABLE)' -l|xargs sed -r -i 's/#ifdef (HAVE|ENABLE)/#if \1/; s/#ifndef (HAVE|ENABLE)/#if ! \1/;' $ git grep -Ee 'if.*defined\(HAVE' -l|xargs sed -i -r 's/defined\((HAVE_[A-Z0-9_]*)\)/\1/g' $ git grep -Ee 'if.*defined\(ENABLE' -l|xargs sed -i -r 's/defined\((ENABLE_[A-Z0-9_]*)\)/\1/g' + manual changes to meson.build squash! build-sys: use #if Y instead of #ifdef Y everywhere v2: - fix incorrect setting of HAVE_LIBIDN2
* | | units: prohibit all IP traffic on all our long-running services (#6921)Lennart Poettering2017-10-048-0/+8
|/ / | | | | Let's lock things down further.
* | Revert "units: don't kill the emergency shell when sysinit.target is ↵Alan Jenkins2017-09-264-16/+9
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | triggered (#6765)" (#6904) This reverts commit f1e24a259ca182b6cd8a723a56da43435ce48aac. Oops. # systemctl emergency Failed to start emergency.target: Transaction order is cyclic. See syste... See system logs and 'systemctl status emergency.target' for details. # systemctl status emergency.target ● emergency.target - Emergency Mode Loaded: loaded (/usr/lib/systemd/system/emergency.target; static; vendor preset: disabled) Active: inactive (dead) since Mon 2017-09-25 10:43:02 BST; 2h 42min ago Docs: man:systemd.special(7) systemd[1]: sysinit.target: Found dependency on sysinit.target/stop sysinit.target: Unable to break cycle starting with sysinit.target/stop network.target: Found ordering cycle on wpa_supplicant.service/stop network.target: Found dependency on sysinit.target/stop network.target: Found dependency on emergency.target/start network.target: Found dependency on emergency.service/start network.target: Found dependency on serial-getty@ttyS0.service/stop network.target: Found dependency on systemd-user-sessions.service/stop network.target: Found dependency on network.target/stop network.target: Unable to break cycle starting with network.target/stop IMO #6509 is ugly enough that we should aim to answer it. But it could take some time to investigate, so let's re-open the issue as a first step.
* units: don't kill the emergency shell when sysinit.target is triggered (#6765)Alan Jenkins2017-09-144-9/+16
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Why --- The advantage of this is that starting sysinit.target from the emergency shell will no longer kill the emergency shell and lock you out of the system. Our docs already claimed that emergency.target was useful for "starting individual units in order to continue the boot process in steps". This resolves #6509 for my purposes. Remaining limitation -------------------- Starting getty.target will still kill the shell, and if you don't have a root password you will then be locked out at that point. This is relevant to distributions which patch the sulogin system to permit logins when the root password is locked. Both Debian and RedHat used to follow this behaviour! Debian have been discussing what they could replace it with at https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806852 So this doesn't quite achieve perfection, but I think it's a worthwhile change. It should be easier to understand the logic now it doesn't have such a big hole in it. Repairing the sysinit stage of the boot is the main reason we have emergency.target. And as discussed in the issue, sysinit.target gets pulled in implicitly as soon as any DefaultDependencies service is activated. How --- sysinit.target only needs to conflict with emergency.target. It didn't need to conflict with emergency.service as well. In theory the conflicts are pointless, we could just change the dependency of sysinit.target on local-fs.target from Wants to Requires. However, doing so would mean that when local-fs fails, the screen is flooded with yellow [DEPEND] failures. That would hinder the poor unfortunate admin, so let's not do that. There is no additional ordering requirement against emergency. If the failure happens, the job for sysinit will be cancelled instantly. We don't need to worry about when sysinit.target and its dependents would be stopped, because sysinit waits for local-fs before it starts. emergency.target is still necessarily stopped once we reach sysinit (you can't express a one-way conflict in pure unit directives). This is largely cosmetic... though perhaps it symbolizes that you're no longer in Emergency Mode if System Initialization is successful ;-). As a secondary advantage, the getty's which conflict on rescue.service now need to conflict on emergency.service as well. This makes the system more uniform and simpler to understand. The only other effect this should have is that `systemctl start emergency.target` is now practically the same as `systemctl start rescue.target`. The only units this command will stop are the conflicting getty units. Neither of those commands should ever be used. E.g. they will not stop the gdm.service unit on Fedora 26.
* Merge pull request #6790 from poettering/unit-unsetenvZbigniew Jędrzejewski-Szmek2017-09-142-2/+2
|\ | | | | add UnsetEnvironment= unit file setting, in order to fix #6407
| * units: properly unset the l10n environment variables where we need toLennart Poettering2017-09-142-2/+2
| | | | | | | | | | | | | | Now that we have UnsetEnvironment=, let's make proper use of it for unsetting l10n settings for console gettys. Fixes: #6407
* | units: set LockPersonality= for all our long-running services (#6819)Lennart Poettering2017-09-1415-0/+15
|/ | | | Let's lock things down. Also, using it is the only way how to properly test this to the fullest extent.
* units: remove unnecessary Requires= and After= in system.slice (#6794)John Lin2017-09-111-2/+0
|
* sulogin-shell: switch from shell implementation to a C implementation (#6698)Felipe Sateler2017-09-082-0/+2
|
* Merge pull request #6748 from msekletar/console-container-getty-pre-afterLennart Poettering2017-09-052-2/+2
|\ | | | | units: order container and console getty units after getty-pre.target
| * units: order container and console getty units after getty-pre.targetMichal Sekletar2017-09-052-2/+2
| |
* | units: add remote-cryptsetup.target and remote-cryptsetup-pre.targetZbigniew Jędrzejewski-Szmek2017-09-055-2/+30
| | | | | | | | | | | | The pair is similar to remote-fs.target and remote-fs-pre.target. Any cryptsetup devices which require network shall be ordered after remote-cryptsetup-pre.target and before remote-cryptsetup.target.
* | units: order cryptsetup-pre.target before cryptsetup.targetZbigniew Jędrzejewski-Szmek2017-09-051-0/+1
|/ | | | | | | Normally this happens automatically, but if it happened that both targets were pulled in, even though there were no cryptsetup units, they could be started in reverse order, which would be somewhat confusing. Add an explicit ordering to avoid this potential issue.
* Merge pull request #6580 from poettering/nspawn-dm-deviceallowZbigniew Jędrzejewski-Szmek2017-09-041-5/+10
|\ | | | | add DM devices to DeviceAllow for systemd-nspawn@.service
| * units: include DM devices in DeviceAllow fpor systemd-nspawn@.serviceLennart Poettering2017-08-291-5/+10
| | | | | | | | | | | | We need it to make LUKS devices work. Fixes: #6525
* | units: do not install rescue.target for alt-↑Alan Jenkins2017-08-311-3/+0
| | | | | | | | | | | | | | rescue.target does not work well for this. It is not meant to be started, only isolated. Fixes #6493
* | Merge pull request #6709 from yuwata/imply-requires-mountsLennart Poettering2017-08-314-4/+2
|\ \ | | | | | | core: StateDirectory= and friends imply RequiresMountsFor=
| * | unit: use StateDirectory= instead of RequiresMountsFor=Yu Watanabe2017-08-312-2/+2
| | |
| * | unit: drop redundant optionsYu Watanabe2017-08-312-2/+0
| | |
* | | units: introduce getty-pre.target (#6667)Michal Sekletar2017-08-314-2/+14
|/ / | | | | | | | | | | | | | | This new target is a passive unit, hence it is supposed to be pulled in to the transaction by the service that wants to block login on the console (e.g. text version of initial-setup). Now both getty and serial-getty are ordered after this target. https://lists.freedesktop.org/archives/systemd-devel/2015-July/033754.html
* | units: starting suspend.target should not fail when suspend is successful ↵Alan Jenkins2017-08-303-3/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | (#6678) and the same for hibernate.target and hybrid-sleep.target. Tested with both sucessful and unsuccessful suspends. The result of the start job was correct in both cases. Closes #6419 (a regression in v233 and v234). > suspend is unsual for a target, because it has to stop itself once it's > started. Otherwise you couldn't start it again, so you could only suspend > once! Currently that's implemented using BindsTo=systemd-sleep.service. > Meaning it pulls in systemd-sleep.service to do the actual suspend, and > then de-activates afterwards. But the behaviour of BindsTo was changed > recently (not without some issues during development) - maybe this bug > is caused by poettering/systemd@631b676 which I think was added in > release v233. > > sleep.target (see man systemd.special) has the same need, but it > implements it differently. It simply has StopWhenUnneeded=yes. This commit switches suspend.target etc. to the approach used by sleep.target.
* | Merge pull request #6617 from sourcejedi/udev-unit-depsLennart Poettering2017-08-302-3/+2
|\ \ | | | | | | udev service dependency nitpicks
| * | units: order service(s) before udevd, not udev-trigger (coldplug)Alan Jenkins2017-08-152-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Since hotplugs happen as soon as udevd is started, there is not much sense in giving udev-trigger an After= dependency on any service. The device could be hotplugged before coldplug starts. This is intended to avoid the race window where we create the hwdb with the wrong selinux context (then fix it up afterwards). https://github.com/systemd/systemd/issues/3458#issuecomment-322444107
| * | units: Sockets= already implies Wants= and After= (systemd-udevd.service)Alan Jenkins2017-08-151-2/+1
| | | | | | | | | | | | | | | I grepped for other `After=` on a socket unit as well. This was the only instance.
* | | Merge pull request #6672 from yuwata/drop-privLennart Poettering2017-08-302-8/+13
|\ \ \ | | | | | | | | use !! prefix in networkd and timesyncd
| * | | timesync: move stamp file to /var/lib/systemd/timesync/clockYu Watanabe2017-08-301-2/+2
| | | |
| * | | units: make use of !! ExecStart= prefix in systemd-timesyncd.serviceYu Watanabe2017-08-271-3/+5
| | | | | | | | | | | | | | | | | | | | Let's make use of !! to run timesyncd with ambient capabilities on systems supporting them.
| * | | units: make use of !! ExecStart= prefix in systemd-networkd.serviceYu Watanabe2017-08-271-3/+6
| | |/ | |/| | | | | | | | | | Let's make use of !! to run networkd with ambient capabilities on systems supporting them.
* | | Merge pull request #6670 from fsateler/disable-networkdLennart Poettering2017-08-291-1/+1
|\ \ \ | |/ / |/| | build-sys: don't build networkctl if networkd is disabled
| * | networkd: do not install the socket when networkd is not enabledFelipe Sateler2017-08-271-1/+1
| | |
* | | units: make use of the new !! ExecStart= prefix in systemd-resolved.serviceLennart Poettering2017-08-101-3/+6
|/ / | | | | | | | | Let's make use of !! to run resolved with ambient capabilities on systems supporting them.
* | Merge pull request #6579 from sourcejedi/gettyLennart Poettering2017-08-102-4/+11
|\ \ | | | | | | getty nitpicks
| * | units: console-getty.service: use the default RestartSecAlan Jenkins2017-08-091-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | > Note that console-getty.service as more uses than just containers. The > idea is that it may be used as alternative to the whole VC/logind stuff, > if all you need is a console on /dev/console, even on physical devices. This means we want to remove RestartSec=0, for serial systems. See 4bf0432 "units/serial-getty@.service: use the default RestartSec".