| Commit message (Collapse) | Author | Age |
|
|
|
|
| |
Add a "systemd.service_watchdogs=" option to the command line which
disables all service runtime watchdogs and emergency actions.
|
| |
|
|
|
|
| |
More information may be found at wireguard.com.
|
| |
|
|
|
|
| |
Add missing _r_ for ctl-alt-del.target
|
|
|
|
|
|
|
| |
Most importantly, let's highlight the differences to the rc-local
behaviour in SysV.
Fixes: #7703
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
startup/runtime/shutdown (#7214)
With Type=notify services, EXTEND_TIMEOUT_USEC= messages will delay any startup/
runtime/shutdown timeouts.
A service that hasn't timed out, i.e, start time < TimeStartSec,
runtime < RuntimeMaxSec and stop time < TimeoutStopSec, may by sending
EXTEND_TIMEOUT_USEC=, allow the service to continue beyond the limit for
the execution phase (i.e TimeStartSec, RunTimeMaxSec and TimeoutStopSec).
EXTEND_TIMEOUT_USEC= must continue to be sent (in the same way as
WATCHDOG=1) within the time interval specified to continue to reprevent
the timeout from occuring.
Watchdog timeouts are also extended if a EXTEND_TIMEOUT_USEC is greater
than the remaining time on the watchdog counter.
Fixes #5868.
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
startup/runtime/shutdown (#7214)
With Type=notify services, EXTEND_TIMEOUT_USEC= messages will delay any startup/
runtime/shutdown timeouts.
A service that hasn't timed out, i.e, start time < TimeStartSec,
runtime < RuntimeMaxSec and stop time < TimeoutStopSec, may by sending
EXTEND_TIMEOUT_USEC=, allow the service to continue beyond the limit for
the execution phase (i.e TimeStartSec, RunTimeMaxSec and TimeoutStopSec).
EXTEND_TIMEOUT_USEC= must continue to be sent (in the same way as
WATCHDOG=1) within the time interval specified to continue to reprevent
the timeout from occuring.
Watchdog timeouts are also extended if a EXTEND_TIMEOUT_USEC is greater
than the remaining time on the watchdog counter.
Fixes #5868.
|
|
|
|
|
|
|
|
|
| |
Currenly the only way to remove fds from the fdstore is to fully
stop the service, or to somehow trigger POLLERR/POLLHUP on the fd, in
which case elogind will remove the fd automatically.
Let's add another way: a new message that can be sent to remove fds
explicitly, given their name.
|
|
|
|
|
| |
READY=1 may be used to signal when a service finished startup, but also
when it finished reloading. Say so.
|
|
|
|
|
| |
Let's keep handling of WATCHDOG= and WATCHDOG_USEC= together. No
functional changes.
|
|
|
|
|
|
|
| |
I want to configure -Dman=false for speed, but be able to build a specific
man page sometimes to check my edits. Commit 5b316b9ea6c broke this by mistake.
Let's adjust the condition to better match the logic of disabling tests only
if xsltproc is really not found.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
SetLinger is authorized by the PolicyKit action "set-self-linger", if it is
not passed an explicit UID.
According to comments we were determining the default UID from the client's
session. However, user processes e.g. which are run from a terminal
emulator do not necessarily belong to a session scope unit. They may
equally be started from the elogind user manager [1][2]. Actually the
comment was wrong, and it would also have worked for processes
started from the elogind user manager.
Nevertheless it seems to involve fetching "augmented credentials" i.e.
it's using a racy method, so we shouldn't have been authenticating based
on it.
We could change the default UID, but that raises issues especially for
consistency between the methods. Instead we can just use the clients
effective UID for authorization.
This commit also fixes `loginctl enable-linger $USER` to match the docs
that say it was equivalent to `loginctl enable-linger` (given that $USER
matches the callers user and owner_uid). Previously, the former would not
have suceeded for unpriviliged users in the default configuration.
[1] It seems the main meaning of per-session scopes is tracking the PAM
login process. Killing that provokes logind to revoke device access. Less
circularly, killing it provokes getty to hangup the TTY.
[2] User units may be started with an environment which includes
XDG_SESSION_ID (presuambly GNOME does this?). Or not.
|
|
|
|
| |
Fixes #7232.
|
|
|
|
|
|
|
|
|
|
| |
The process of cleaning up elogind, meaning to mask all bits that are
unneeded by elogind, has been finished a while ago.
It is therefore time to re-enable all previously masked API functions
that elogind can support. This will make it easier for future
developers to integrate elogind into their software where they
already support systemd-login.
|
|
|
|
| |
Hopefully finally fixes #6639.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The advantage is that is the name is mispellt, cpp will warn us.
$ git grep -Ee "conf.set\('(HAVE|ENABLE)_" -l|xargs sed -r -i "s/conf.set\('(HAVE|ENABLE)_/conf.set10('\1_/"
$ git grep -Ee '#ifn?def (HAVE|ENABLE)' -l|xargs sed -r -i 's/#ifdef (HAVE|ENABLE)/#if \1/; s/#ifndef (HAVE|ENABLE)/#if ! \1/;'
$ git grep -Ee 'if.*defined\(HAVE' -l|xargs sed -i -r 's/defined\((HAVE_[A-Z0-9_]*)\)/\1/g'
$ git grep -Ee 'if.*defined\(ENABLE' -l|xargs sed -i -r 's/defined\((ENABLE_[A-Z0-9_]*)\)/\1/g'
+ manual changes to meson.build
squash! build-sys: use #if Y instead of #ifdef Y everywhere
v2:
- fix incorrect setting of HAVE_LIBIDN2
|
|
|
|
|
| |
With libxslt-1.30, builds were failing on some recursion depth limit
with elogind.index.xml. Bumping the limit fixes the issue.
|
|
|
|
| |
Fixes #6734.
|
|
|
|
|
|
|
| |
We settled on "filename" and "file system", so change a couple of places for
consistency. The exception is when there's an adjective before "file" that
binds more strongly then "name": "password file name", "output file name", etc.
Those cases are left intact.
|
|
|
|
|
|
|
|
|
| |
Fixes #6639.
(This behaviour of elogind-sysusers is long established, so it's better
to adjust the documentation rather than change the code. If there are any
situations out there where it matters, users must have adjusted to the
current behaviour.)
|
|
|
|
|
|
| |
- Update man/rules/meson.build with elogind set of xml files.
- Update documentation generating tools to fit elogind.
- Follow upstream and link against libelogind-shared-<version>.so
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
some run_target() calls were using params from custom_target()
example message:
WARNING: Passed invalid keyword argument "input". This will become a hard error in the future.
New way to call targets:
ninja man/man
ninja man/html
ninja man/update-man-rules
|
| |
|
|
|
|
|
|
|
|
| |
Upstream thinks, that the auto tools are too 'legacy', or that they
are at least no longer fitting.
We follow, as the classic auto tools files have been removed, so no
other choice here...
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
This also alters the documentation to recommend memfds rather than /run
for serializing state across reboots. That's because /run doesn't
actually have the same lifecycle as the fd store, as it is cleared out
on restarts.
Fixes: #5606
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The -ENOMEDIUM return value was introduced in v232-1001-g2977724b09,
('core: make hybrid cgroup unified mode keep compat /sys/fs/cgroup/elogind hierarchy'),
and would be returned by cg_pid_get_path_shifted(), but the documented and
expected return value is -ENODATA. Let's just catch ENXIO/ENOMEDIUM and translate
it to ENODATA in all cases.
Complements 171f8f591ff27ebb5ff475b7a9d1f13a846c9331, fixes #6012.
|
|
|
|
|
|
|
|
| |
sd_seat_get_sessions returns two arrays, that in principle should always match:
the session names and corresponding uids. The second array could be shorter only
if parsing or uid conversion fails. But in that case there is no way to tell
*which* uid is wrong, so they are *all* useless. It's better to simplify things and
just return an error if parsing fails.
|
|
|
|
|
|
|
| |
Explain briefly how the concept of "sd_bus_slot" works.
This recently came up on the mailing list, hence let's document this for
the next time.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
test-login.c is largely rewritten to use _cleanup_ and give more meaningful
messages (function names are used instead of creative terms like "active
session", so that when something unexpected is returned, it's much easier to
see what function is responsible).
The monitoring part is only activated if '-m' is passed on the command line.
It runs against the information from /run/elogind/ in the live system, but that
should be OK: logind/sd-login interface is supposed to be stable and both
backwards and forwards compatible.
If not running in a login session, some tests are skipped.
Those two changes together mean that it's possible to run test-login in the
test suite.
Tests for sd_pid_get_{unit,user_unit,slice} are added.
|
|
|
|
| |
linkchecker ftw!
|