summaryrefslogtreecommitdiff
path: root/units
Commit message (Collapse)AuthorAgeFilesLines
* units: add [Install] section to tmp.mountJan Synacek2019-05-021-0/+4
| | | | | | rhel-only Resolves: #1667065
* journal: don't enable systemd-journald-audit.socket by defaultJan Synacek2019-05-022-3/+2
| | | | Resolves: #1699287
* Revert "journal: remove journal audit socket"Jan Synacek2019-05-023-2/+26
| | | | | | This reverts commit 8618ef2fb30b4139c9bec4e45fb499cd8192a87f. Resolves: #1699287
* units: don't enable per-service IP firewall by defaultMichal Sekletar2018-10-299-9/+0
| | | | Resolves: #1630219
* journal: remove journal audit socketMichal Sekletar2018-08-103-26/+2
| | | | Resolves: #1614554
* units: drop DynamicUser=yes from systemd-resolved.serviceMichal Sekletar2018-08-091-1/+0
| | | | | We don't really need DynamicUser since we add systemd-resolve user from rpm script
* pid1: bump maximum number of process in user slice to 80% of pid_maxrpm-build2018-08-021-1/+1
| | | | Related: #1523236
* Avoid /tmp being mounted as tmpfs without the user's willJan Synacek2018-08-021-1/+2
| | | | | | | | | Ensure PrivateTmp doesn't require tmpfs through tmp.mount, but rather adds an After relationship. rhel-only Resolves: #1578772
* units: let's use two ExecStart= lines instead of ;Lennart Poettering2018-06-201-1/+2
|
* units: fix typo in After=Zbigniew Jędrzejewski-Szmek2018-06-201-1/+1
| | | | Followup for c7668c1ce04fa85370432d197d2ccd9411e85649.
* units: make system-update-pre.target a passive unit (#9349)Lennart Poettering2018-06-202-3/+1
| | | | | | | This is an additional synchronization point normally not needed. Hence, let's make it passive, i.e. pull it in from the unit which wants to be ordered before the update service rather than by the update service itself.
* units: Add new system-update-pre.targetHans de Goede2018-06-193-0/+18
| | | | | | | | | | | | | | | | | | | | | systemd offline-updates allows dropping multiple system update units to be added to system-update.target.wants. As documented in systemd.offline-updates(7) only 1 of these units should actually be active (based on the /system-update symlink) and when that unit is done it should reboot the system. In some cases it is desirable to run a unit whenever booting in offline-updates mode indepedent of which update unit is going to handle the update. One example of this is integration with bootloader code which checks if the previous boot was succesful. Since the active unit will reboot the system when it is done, there is no guarantee that adding such a unit to system-update.target.wants will get it executed always. This commit adds a system-update-pre.target which can be used for units which should always run when booting in offline-updates mode.
* units: switch from system call blacklist to whitelistLennart Poettering2018-06-1412-11/+24
| | | | | | | | | | | | | | | | | | | | | This is generally the safer approach, and is what container managers (including nspawn) do, hence let's move to this too for our own services. This is particularly useful as this this means the new @system-service system call filter group will get serious real-life testing quickly. This also switches from firing SIGSYS on unexpected syscalls to returning EPERM. This would have probably been a better default anyway, but it's hard to change that these days. When whitelisting system calls SIGSYS is highly problematic as system calls that are newly introduced to Linux become minefields for services otherwise. Note that this enables a system call filter for udev for the first time, and will block @clock, @mount and @swap from it. Some downstream distributions might want to revert this locally if they want to permit unsafe operations on udev rules, but in general this shiuld be mostly safe, as we already set MountFlags=shared for udevd, hence at least @mount won't change anything.
* Drop my copyright headersZbigniew Jędrzejewski-Szmek2018-06-142-4/+0
| | | | | | | perl -i -0pe 's/\s*Copyright © .... Zbigniew Jędrzejewski.*?\n/\n/gms' man/*xml git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/(#\n)?# +Copyright © [0-9, -]+ Zbigniew Jędrzejewski.*?\n//gms' git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/\s*\/\*\*\*\s+Copyright © [0-9, -]+ Zbigniew Jędrzejewski[^\n]*?\s*\*\*\*\/\s*/\n\n/gms' git grep -e 'Copyright.*Jędrzejewski' -l | xargs perl -i -0pe 's/\s+Copyright © [0-9, -]+ Zbigniew Jędrzejewski[^\n]*//gms'
* tree-wide: beautify remaining copyright statementsLennart Poettering2018-06-142-2/+2
| | | | | | Let's unify an beautify our remaining copyright statements, with a unicode ©. This means our copyright statements are now always formatted the same way. Yay.
* units: switch udev service to use PrivateMounts=yesLennart Poettering2018-06-121-1/+1
| | | | | Given that PrivateMounts=yes is the "successor" to MountFlags=slave in unit files, let's make use of it for udevd.
* add new portable service frameworkLennart Poettering2018-05-242-0/+28
| | | | | | | | | | | This adds a small service "systemd-portabled" and a matching client "portablectl", which implement the "portable service" concept. The daemon implements the actual operations, is PolicyKit-enabled and is activated on demand with exit-on-idle. Both the daemon and the client are an optional build artifact, enabled by default rhough.
* network: set DynamicUser= to systemd-networkd.serviceYu Watanabe2018-05-221-2/+2
|
* resolve: enable DynamicUser= for systemd-resolved.serviceYu Watanabe2018-05-221-3/+2
|
* unit: drop After=systemd-sysusers.service from timesyncdYu Watanabe2018-05-221-1/+1
| | | | | After=systemd-sysusers.service is not necessary, as timesyncd already enables DynamicUser=.
* units: set RestrictNamespaces=yes to networkd and resolvedYu Watanabe2018-05-102-0/+2
| | | | Closes #8949.
* meson: generate m4 preprocessor from config.h (#8914)Yu Watanabe2018-05-071-1/+1
|
* timesync: expose manager properties on busYu Watanabe2018-05-031-0/+1
|
* unit: tighten sandboxing for logindYu Watanabe2018-04-271-2/+2
|
* logind: split %t directory creation to a helper unitZbigniew Jędrzejewski-Szmek2018-04-253-0/+20
| | | | | | | | | | | | | | | Unfortunately this needs a new binary to do the mount because there's just too many special steps to outsource this to systemd-mount: - EPERM needs to be treated specially - UserRuntimeDir= setting must be obeyed - SELinux label must be adjusted This allows user@.service to be started independently of logind. So 'systemctl start user@nnn' will start the user manager for user nnn. Logind will start it too when the user logs in, and will stop it (unless lingering is enabled) when the user logs out. Fixes #7339.
* Use a dash-truncated drop-in for user-%j.slice configurationZbigniew Jędrzejewski-Szmek2018-04-252-0/+18
| | | | | | | | | | | | | | | | | | | This removes the UserTasksMax= setting in logind.conf. Instead, the generic TasksMax= setting on the slice should be used. Instead of a transient unit we use a drop-in to tweak the default definition of a .slice. It's better to use the normal unit mechanisms instead of creating units on the fly. This will also make it easier to start user@.service independently of logind, or set additional settings like MemoryMax= for user slices. The setting in logind is removed, because otherwise we would have two sources of "truth": the slice on disk and the logind config. Instead of trying to coordinate those two sources of configuration (and maintainer overrides to both), let's just convert to the new one fully. Right now now automatic transition mechanism is provided. logind will emit a hint when it encounters the setting, but otherwise it will be ignored. Fixes #2556.
* unit,meson: drop .in suffix if no substitution is required (#8740)Yu Watanabe2018-04-174-17/+3
|
* time-wait-sync: use watchfile to coordinate with timesyncdPeter A. Bigot2018-04-141-0/+1
| | | | | | | | | | | Systems that have an accurate real-time clock may have an initial unsynchronized time that is close enough to the synchronized time that the final adjustment doesn't trigger a waking "clock set" event. Have timesyncd touch a file in its runtime directory as a secondary signal for synchronization. Continue to support the timerfd-based trigger as a sufficient condition when the watchfile is not present. Closes issue #8683
* units: leave systemd-time-wait-sync disabled by defaultPeter A. Bigot2018-04-141-2/+1
| | | | Also mark its presence conditional on ENABLE_TIMESYNCD.
* fix url for binfmt documentation (#8720)guixxx2018-04-141-1/+2
| | | this file went unnoticed in PR #6223
* tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek2018-04-062-26/+0
| | | | | | | | | | Files which are installed as-is (any .service and other unit files, .conf files, .policy files, etc), are left as is. My assumption is that SPDX identifiers are not yet that well known, so it's better to retain the extended header to avoid any doubt. I also kept any copyright lines. We can probably remove them, but it'd nice to obtain explicit acks from all involved authors before doing that.
* Merge pull request #8617 from keszybz/tmpfiles-relaxLennart Poettering2018-04-052-2/+2
|\ | | | | Do not exit with error when systemd-tmpfiles --boot fails
| * tmpfiles: ignore "operational" errors during setupZbigniew Jędrzejewski-Szmek2018-04-052-2/+2
| | | | | | | | | | | | | | | | | | | | We still get the errors logged, but we don't fail the service. This is better for users because rerunning tmpfiles-setup.service a second time is dangerous (c.f. cd9f5b68ce08375eb1d68a4ddaa7a24a5092d7ba). Note that this only touches sd-tmpfiles-setup.service and sd-tmpfiles-setup-dev.service. sd-tmpfiles-clean.service is as before. https://bugzilla.redhat.com/show_bug.cgi?id=1539341
* | units: use `systemctl exit` to kill the user manager (#8648)Filipe Brandenburger2018-04-041-1/+1
| | | | | | | | | | | | | | | | | | | | | | Use `systemctl --user --force exit` to implement the systemd-exit user service. This removes our dependence on an external `kill` binary and the concerns about whether they recognize SIGRTMIN+n by name or what their interpretation of SIGRTMIN is. Tested: `systemctl --user start systemd-exit.service` kills the `systemd --user` instance for my user.
* | units: initctl: move the fifo to /run/initctl to match sysvinitMike Gilbert2018-03-302-3/+3
|/ | | | | | The fifo location was moved in sysvinit-2.89. http://git.savannah.nongnu.org/cgit/sysvinit.git/commit/?id=80dbcf3de3c1b83aeaa713a8fe5b8d35d8649af2
* Fix description on suspend-then-hibernate units.Mario Limonciello2018-03-282-2/+2
| | | | Suspend; Idle into hibernate didn't make sense.
* Rename suspend-to-hibernate to suspend-then-hibernateMario Limonciello2018-03-283-5/+5
| | | | | Per some discussion with Gnome folks, they would prefer this name as it's more descriptive of what's happening.
* units: document why systemd-time-wait-sync.service conditions on ↵Lennart Poettering2018-03-221-0/+9
| | | | | CAP_SYS_TIME (#8555) As requested by @evverx in https://github.com/systemd/systemd/pull/8537#issuecomment-375122615
* units: disable systemd-time-sync-wait inside containers (#8537)Peter A. Bigot2018-03-221-0/+2
| | | Fixes #8535
* time-sync-wait: add service (#8494)Peter A. Bigot2018-03-212-0/+27
| | | | This one-shot service waits until the kernel time has been set to synchronized.
* units: Fix SuccessAction that belongs to [Unit] section not [Service] ↵Karol Augustin2018-03-181-1/+1
| | | | section (#8478)
* Introduce suspend-to-hibernate (#8274)Mario Limonciello2018-03-083-0/+37
| | | | | | | | | | | | | | Suspend to Hibernate is a new sleep method that invokes suspend for a predefined period of time before automatically waking up and hibernating the system. It's similar to HybridSleep however there isn't a performance impact on every suspend cycle. It's intended to use with systems that may have a higher power drain in their supported suspend states to prevent battery and data loss over an extended suspend cycle. Signed-off-by: Mario Limonciello <mario.limonciello@dell.com>
* units: use SuccessAction=reboot where appropriate (#8335)Lennart Poettering2018-03-021-1/+1
| | | We should really use our own native concepts for rebooting.
* units: delegate "memory" instead of "cpu" by default for user instances (#8320)Franck Bui2018-03-011-1/+1
| | | | | | | | CPU accounting has a too bad impact on performance to be enabled by default. Therefore we should not delegate "cpu" for now. OTOH since commit e0c46a736412b79b94a21f8512a769b9212b9adf, memory accounting has been turned on for all units by default so it makes sense to delegate this controller by default.
* slice: system.slice should be perpetual like -.mountAlan Jenkins2018-02-042-15/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | `-.mount` is placed in `system.slice`, and hence depends on it. `-.mount` is always active and can never be stopped. Therefore the same should be true of `system.slice`. Synthesize it as perpetual (unless systemd is running as a user manager). Notice we also drop `Before=slices.target` as unnecessary. AFAICS the justification for `perpetual` is to provide extra protection against unintentionally stopping every single service. So adding system.slice to the perpetual units is perfectly consistent. I don't expect this will (or can) fix any other problem. And the `perpetual` protection probably isn't formal enough to spend much time thinking about. I've just noticed this a couple of times, as something that looks strange. Might be a bit surprising that we have user.slice on-disk but not system.slice, but I think it's ok. `systemctl status system.slice` will still point you towards `man systemd.special`. The only detail is that the system slice disables `DefaultDependencies`. If you're worrying about how system shutdown works when you read `man systemd.slice`, I think it is not too hard to guess that system.slice might do this: > Only slice units involved with early boot > or late system shutdown should disable this option (Docs are great. I really appreciate the systemd ones).
* resolved.service: set DefaultDependencies=noDimitri John Ledkov2018-01-111-2/+4
| | | | | | | | | | | | | | On systems that only use resolved for name resolution, there are usecases that require resolved to be started before sysinit target, such that network name resolution is available before network-online/sysinit targets. For example, cloud-init for some datasources hooks into the boot process ahead of sysinit target and may need network name resolution at that point already. systemd-resolved already starts pretty early in the process, thus starting it slightly earlier should not have negative side effects. However, this depends on resolved ability to connect to system DBus once that is up.
* units: link up debug-generator documentation from debug-shell.serviceLennart Poettering2017-12-261-0/+1
|
* man: add a systemd-rc-local-generator(8) man pageLennart Poettering2017-12-261-0/+1
| | | | | | | Most importantly, let's highlight the differences to the rc-local behaviour in SysV. Fixes: #7703
* separate flags from shebangbleep_blop2017-12-251-1/+2
|
* nspawn: turn on watchdog logic for nspawn tooLennart Poettering2017-12-071-0/+1
| | | | It's a long-running daemon, and it's easy to enable, hence do it.
View Lorry Controller Status