| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This should be enough to fix https://bugzilla.redhat.com/show_bug.cgi?id=1856514.
But the limit should be significantly higher than 10% anyway. By setting a
limit on /tmp at 10% we'll break many reasonable use cases, even though the
machine would deal fine with a much larger fraction devoted to /tmp.
(In the first version of this patch I made it 25% with the comment that
"Even 25% might be too low.". The kernel default is 50%, and we have been using
that seemingly without trouble since https://fedoraproject.org/wiki/Features/tmp-on-tmpfs.
So let's just make it 50% again.)
See 7d85383edbab73274dc81cc888d884bb01070bc2.
(Another consideration is that we learned from from the whole initiative with
zram in Fedora that a reasonable size for zram is 0.5-1.5 of RAM, and that pretty
much all systems benefit from having zram or zswap enabled. Thus it is reasonable
to assume that it'll become widely used. Taking the usual compression effectiveness
of 0.2 into account, machines have effective memory available of between
1.0 - 0.2*0.5 + 0.5 = 1.4 (for zram sized to 0.5 of RAM) and
1.0 - 0.2*1.5 + 1.5 = 2.2 (for zram 1.5 sized to 1.5 of RAM) times RAM size.
This means that the 10% was really like 7-4% of effective memory.)
A comment is added to mount-util.h to clarify that tmp.mount is separate.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit c7220ca8025e8dbded36131b23a502d975c45754.
The removal was done as a reaction to the messages from systemd:
initrd-root-fs.target: Requested dependency OnFailure=emergency.target ignored (target units cannot fail).
initrd.target: Requested dependency OnFailure=emergency.target ignored (target units cannot fail).
initrd-root-device.target: Requested dependency OnFailure=emergency.target ignored (target units cannot fail).
initrd-fs.target: Requested dependency OnFailure=emergency.target ignored (target units cannot fail).
local-fs.target: Requested dependency OnFailure=emergency.target ignored (target units cannot fail).
...
But it seems that the messages themselves are wrong, and the units were OK.
|
| |
|
|
|
| |
dont install systemd-update-utmp if utmp is disabled.
dont install systemd-initctl.service if sysv is disabled.
|
| | |
|
| |
|
|
| |
https://github.com/systemd/systemd/pull/15982#pullrequestreview-422536495
|
| |
|
|
|
| |
Repeating the unit name in the description is not useful, and "manages devices"
is too cryptic.
|
| |\
| |
| | |
disable PassCredentials= on networkd netlink socket, enable NETLINK_PKTINFO instead
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
We actually care for NETLINK_PKTINFO, not for SO_PASSCRED, hence when
allocating the netlink socket, configure things accordingly.
Tracked down by Benjamin Robin, see:
https://github.com/systemd/systemd/pull/15571#issuecomment-633213747
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
| |
Strictly speaking you can run homed without userdb. But it doesn't
really make much sense: they go hand in hand and implement the same
concepts, just for different sets of users. Let's hence disable both
automatically by default if homed is requested.
(We don't do the reverse: opting into userdbd shouldn't mean that you
are OK with homed.)
And of course, users can always deviate from our defaults easily, and
turn off userbd again right-away if they don't like it, and things will
generally work.
|
| |\
| |
| | |
xdg-autostart-generator: a generator for XDG autostart files
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This generator can be used by desktop environments to launch autostart
applications and services. The feature is an opt-in, triggered by
xdg-desktop-autostart.target being activated.
Also included is the new binary xdg-autostart-condition. This binary is
used as an ExecCondition to test the OnlyShowIn and NotShowIn XDG
desktop file keys. These need to be evaluated against the
XDG_CURRENT_DESKTOP environment variable which may not be known at
generation time.
Co-authored-by: Henri Chain <henri.chain@enioka.com>
|
| |/
|
|
|
|
|
| |
In our regular gettys the actual shell commands live the the session
scope anyway (as long as logind is used). Hence, let's avoid
KillMode=process, it serves no purpose and is simply unsafe since it
disables systemd's own process lifecycle management.
|
| |
|
|
|
|
|
|
|
| |
We want to watch USB sticks being plugged in, and that requires
AF_NETLINK to work correctly and get the host's events. But if we live
in a network namespace AF_NETLINK is disconnected too and we'll not get
the host udev events.
Fixes: #15287
|
| |\
| |
| | |
Avoid log noise when setting proc titles and some doc updates
|
| | |
| |
| |
| | |
See 3f9a0a522f2029e9295ea5e9984259022be88413 for justification.
|
| |/
|
|
| |
systemd-initctl executable is still built.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Limit size of various tmpfs mounts to 10% of RAM, except volatile root and /var
to 25%. Another exception is made for /dev (also /devs for PrivateDevices) and
/sys/fs/cgroup since no (or very few) regular files are expected to be used.
In addition, since directories, symbolic links, device specials and xattrs are
not counted towards the size= limit, number of inodes is also limited
correspondingly: 4MB size translates to 1k of inodes (assuming 4k each), 10% of
RAM (using 16GB of RAM as baseline) translates to 400k and 25% to 1M inodes.
Because nr_inodes option can't use ratios like size option, there's an
unfortunate side effect that with small memory systems the limit may be on the
too large side. Also, on an extremely small device with only 256MB of RAM, 10%
of RAM for /run may not be enough for re-exec of PID1 because 16MB of free
space is required.
|
| |
|
|
|
|
| |
"Login Service" doesn''t explain much, esp. considering that logind is actually is
for logins. I think "User Login Management" is better, but not that great either.
Suggestions welcome.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We unregister binfmt_misc twice during shutdown with this change:
1. A previous commit added support for doing that in the final shutdown
phase, i.e. when we do the aggressive umount loop. This is the robust
thing to do, in case the earlier ("clean") shutdown phase didn't work
for some reason.
2. This commit adds support for doing that when systemd-binfmt.service
is stopped. This is a good idea so that people can order mounts
before the service if they want to register binaries from such
mounts, as in that case we'll undo the registration on shutdown
again, before unmounting those mounts.
And all that, just because of that weird "F" flag the kernel introduced
that can pin files...
Fixes: #14981
|
| |
|
|
|
|
|
|
|
| |
This doesn't really matter, since in non-/usr-merged systems plymouth
needs to be in /bin and on merged ones it doesn't matter, but it is
still prettier to insert the right path, and avoid /bin on merged
systems, since it's just a compat symlink.
Replaces: #15351
|
| |
|
|
|
| |
This doesn't matter too much given that the service doesn't do anything
on shutdown, but let's still stop it to make things cleaner.
|
| |
|
|
|
| |
All services using StateDirectory= don't need the explicit dep anymore,
let's hence drop it everywhere.
|
| |
|
|
|
|
|
|
| |
This dependency is now generated automatically given we use
StateDirectory=. Moreover the combination of Wants= and After= was too
strong anway, as whether remount-fs is pulled in or not should not be up
to systemd-pstore.service, and in fact is part of the initial
transaction anyway.
|
| |
|
|
|
|
|
|
| |
sysinit.target is the target our early boot services are generally
pulled in from, make systemd-pstore.service not an exception of that.
Effectively this doesn't mean much, either way our unit is part of the
initial transaction.
|
| |
|
|
|
|
| |
Add `ProtectClock=yes` to systemd units. Since it implies certain
`DeviceAllow=` rules, make sure that the units have `DeviceAllow=` rules so
they are still able to access other devices. Exclude timesyncd and timedated.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 7e1ed1f3b29162df25064b33dc55ac8cf432bb0b.
systemd-repart is not a user service that should be something people
enable/disable, instead it should just work if there's configuration for
it. It's like systemd-tmpfiles, systemd-sysusers, systemd-load-modules,
systemd-binfmt, systemd-systemd-sysctl which are NOPs if they have no
configuration, and thus don't hurt, but cannot be disabled since they
are too deep part of the OS.
This doesn't mean people couldn't disable the service if they really
want to, there's after all "systemctl mask" and build-time disabling,
but those are OS developer facing instead of admin facing, that's how it
should be.
Note that systemd-repart is in particular an initrd service, and so far
enable/disable state of those is not managed anyway via "systemctl
enable/disable" but more what dracut decides to package up and what not.
|
| |\
| |
| | |
Make homed/userdbd/repart services installable (to allow uninstalling)
|
| | |
| |
| |
| |
| |
| |
| |
| | |
It's lightweight and generally useful, so it should be enabled by default. But
users might want to disable it for whatever reason, and things should be fine
without it, so let's make it installable so it can be disabled if wanted.
Fixes #15175.
|
| | |
| |
| |
| | |
Fixes #15083. Users might want to disable homed if not used to save resources.
|
| | |
| |
| |
| |
| |
| | |
This essentially adds another layer of configurability:
build disable, this, presence of configuration. The default is
set to enabled, because the service does nothing w/o config.
|
| |/
|
|
|
|
|
|
|
| |
/home is posibly a remote file system. it makes sense to order homed
after it, so that we can properly enumerate users in it, but we probably
shouldn't pull it in ourselves, and leave that to users to configure
otherwise.
Fixes: #15102
|
| | |
|
| |
|
|
|
|
|
| |
Mounting tracefs fails in unprivileged LXC containers and latest LXD
(3.23) bind mounts tracefs already.
Fixes https://github.com/lxc/lxd/issues/7059
|
| | |
|
| |\
| |
| | |
Make units remain after exit
|
| | |
| |
| |
| | |
Once done, its done, and shouldn't be run again.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts the second part of 8125e8d38e3aa099c7dce8b0161997b8842aebdc.
The first part was reverted in 750e550eba362096d56a35104c6a32631aa67b8e.
The problem starts when s-v-s.s is pulled in by something that is then pulled
in by sysinit.target. Every time a unit is started, systemd recursively checks
all dependencies, and since sysinit.target is pull in by almost anything, we'll
start s-v-s.s over and over. In particular, plymouth-start.service currently
has Wants=s-v-s.s and After=s-v-s.s.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Possible alternative to #14819.
For me, setting RemainAfterExit=yes would be OK, but if people think that it
might cause issues, then this could be a reasonable alternative that still
let's us skip the invocation of the separate binary.
|
| |\ \
| | |
| | | |
Man page for systemd-network-generator
|
| | |/
| |
| |
| |
| | |
It's a bit bare-bones, but it should be enough to point the reader in the right
direction.
|
| |/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This minus has been there since the unit was added in
d42d27ead91e470cb12986d928441e56c0f543ca. I think the idea was not cause things
to fail if the user instance doesn't work. But ignoring the return value
doesn't seem to be the right way to approach the problem. In particular, if
the program fails to run, we'll get a bogus fail state, see
https://bugzilla.redhat.com/show_bug.cgi?id=1727895#c1:
with the minus:
$ systemctl start user@1002
Job for user@1002.service failed because the service did not take the steps required by its unit configuration.
See "systemctl status user@1002.service" and "journalctl -xe" for details.
without the minus:
$ systemctl start user@1002
Job for user@1002.service failed because the control process exited with error code.
See "systemctl status user@1002.service" and "journalctl -xe" for details.
|
| |
|
|
|
| |
This patch modifies the RequireMountsFor setting in systemd-nspawn@.service to wait for the machine instance directory to be mounted, not just /var/lib/machines.
Closes #14931
|
| |
|
|
|
|
|
|
|
|
|
| |
machined needs access to the host mount namespace to propagate bind
mounts created with the "machinectl bind" command. However, the
"ProtectKernelLogs" directive relies on mount namespaces to make the
kernel ring buffer inaccessible. This commit removes the
"ProtectKernelLogs=yes" directive from machined service file introduced
in 6168ae5.
Closes #14559.
|
| |
|
|
|
| |
Usually it is not useful and can also fail making
boot-and-services autopkgtest fail.
|
| |
|
|
|
|
|
|
|
|
|
| |
Kernel 4.1 separated the tracing system from the debugfs,
actual documentation already points to a different path
that needs this new mount to exist.
the old sysfs path will still be an automount in the debugfs,
created by the kernel (for now).
Signed-off-by: Norbert Lange <nolange79@gmail.com>
|
| |
|
|
|
|
| |
See c80a9a33d04fb4381327a69ce929c94a9f1d0e6c, target units can't fail.
I guess we need to figure out some replacement functionality, but at least
let's avoid the warning from systemd for now.
|
| |\ |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
cryptsetup
Let's hook it into both cryptsetup-generator and gpt-auto-generator with
a shared implementation in generator.c
Fixes: #8472
|
