| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We can not reliably manage any notion of local time. Every daylight
saving time change or time zone change by traveling will make the
time jump, and the local time might jump backwards which creates
unsolvable problems with file timestamps.
We will no longer tell the kernel our local time zone and leave
everything set to UTC. This will effectively turn FAT timestamps
into UTC timestamps.
If and only if the machine is configured to read the RTC in local
time mode, the kernel's time zone will be configured, but
systemd-timesysnc will disable the kernel's system time to RTC
syncing. In this mode, the RTC will not be managed, and external
tools like Windows bootups are expected to manage the RTC's time.
https://bugs.freedesktop.org/show_bug.cgi?id=81538
|
| |
|
|
|
|
|
|
| |
Also add a bit of debugging output to help diagnose problems,
add missing units, and simplify cppflags.
Move test-engine to normal tests from manual tests, it should now
work without destroying the system.
|
| | |
|
| |
|
|
|
|
|
|
| |
Special care is needed so that we get an error message if the
file failed to parse, but not when it is missing. To avoid duplicating
the same error check in every caller, add an additional 'warn' boolean
to tell config_parse whether a message should be issued.
This makes things both shorter and more robust wrt. to error reporting.
|
| | |
|
| |
|
|
|
|
|
|
| |
ConditionFirstBoot= instead
As Zbigniew pointed out a new ConditionFirstBoot= appears like the nicer
way to hook in systemd-firstboot.service on first boots (those with /etc
unpopulated), so let's do this, and get rid of the generator again.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
or when creating OS images offline
A new tool "systemd-firstboot" can be used either interactively on boot,
where it will query basic locale, timezone, hostname, root password
information and set it. Or it can be used non-interactively from the
command line when prepareing disk images for booting. When used
non-inertactively the tool can either copy settings from the host, or
take settings on the command line.
$ systemd-firstboot --root=/path/to/my/new/root --copy-locale --copy-root-password --hostname=waldi
The tool will be automatically invoked (interactively) now on first boot
if /etc is found unpopulated.
This also creates the infrastructure for generators to be notified via
an environment variable whether they are running on the first boot, or
not.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Previously, we checked whether /etc was completely empty. This makes it
difficult though for container managers such as nspawn to install a
small number of files (such as /etc/timezone), and have the system
otherwise populate its own tree.
Hence, change this by looking for /etc/machine-id, which should be a
good sign whether /etc is populated or not.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
There's no need to save the old sigmask, if we are going to die. Let's
simplify this. Also, reset all the signal handlers, so that we don't
leave SIG_IGN set for some of them across reexec.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
value starting with "systemd."
As generators and other components started to maintain their own kernel
command line options this help text needed more and more exceptions and
wasn't complete anyway. Fixing that would leak more information about
specific generators into PID 1, which we should avoid.
Given that kernel cmdline handling traditionally doesn't generate errors
or show help texts, let's just remove the logic for it for systemd too.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
container
It's generally preferrable to conditionalize on the actual ability to do
something then the context we run in.
|
| |
|
|
|
|
| |
cmdline
"debug" should apply to all tools, but "quiet" only to PID1.
|
| |
|
|
|
|
|
|
|
| |
Process 1 (aka init) needs to be started with an empty signal mask.
That includes the process 1 that's started after the initrd is finished.
When the initrd is using systemd (as it does with dracut based initrds)
then it is systemd that calls the real init. Normally this is systemd
again, except when the user uses for instance "init=/bin/bash" on the
kernel command line.
|
| |
|
|
|
| |
When we boot up with an empty /etc it's ok if the symlink doesn't exist.
We will create it later with tmpfiles.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The file should have been in /usr/lib/ in the first place, since it
describes the OS container in /usr (and not the configuration in /etc),
hence, let's support os-release files in /usr/lib as fallback if no
version in /etc exists, following the usual override logic.
A prior commit already enabled tmpfiles to create /etc/os-release as a
symlink to /usr/lib/os-release should it be missing, thus providing nice
compatibility with applications only checking in /etc.
While it's probably a good idea if all apps check both locations via a
fallback logic, it is only necessary in the early boot process, as long
as the /etc/os-release symlink has not been restored, in case we boot
with an empty /etc.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Instead of accessing /proc/1/environ directly, trying to read the
$container variable from it, let's make PID 1 save the contents of that
variable to /run/systemd/container. This allows us to detect containers
without the need for CAP_SYS_PTRACE, which allows us to drop it from a
number of daemons and from the file capabilities of systemd-detect-virt.
Also, don't consider chroot a container technology anymore. After all,
we don't consider file system namespaces container technology anymore,
and hence chroot() should be considered a container even less.
|
| | |
|
| |
|
|
|
|
|
|
|
| |
Only accept cpu quota values in percentages, get rid of period
definition.
It's not clear whether the CFS period controllable per-cgroup even has a
future in the kernel, hence let's simplify all this, hardcode the period
to 100ms and only accept percentage based quota values.
|
| |
|
|
|
| |
We should no longer pretend that we can run in any sensible way
without the kernel supporting us with cgroups functionality.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
safe_close() automatically becomes a NOP when a negative fd is passed,
and returns -1 unconditionally. This makes it easy to write lines like
this:
fd = safe_close(fd);
Which will close an fd if it is open, and reset the fd variable
correctly.
By making use of this new scheme we can drop a > 200 lines of code that
was required to test for non-negative fds or to reset the closed fd
variable afterwards.
|
| |
|
|
|
|
|
|
|
| |
This makes it possible to initialize the /etc/machine-id file on an
arbitrary filesystem hierarchy. This helps systems that wish to run
this at image creation time in a subdirectory, or from initramfs before
pivot-root is called.
[tomegun: converted to using _cleanup_free_ macros]
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Since the index is already post-incremented when the array is appended
to, this assertion can be wrongly reached when the array is at capacity
(with the NULL terminator). The bug is reproducible on shutdown with
the following settings in /etc/systemd/system.conf:
LogTarget=journal-or-kmsg
LogColor=yes
LogLocation=yes
Reported by Thermi on IRC.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When run in an initrd and no root= argument is set (or is set to
root=gpt-auto) we will automatically look for the root partition on the
same disk the EFI ESP is located on.
Since we look for swap, /home and /srv on the disk the root partition is
located on, we hence have a fully discoverable chain:
Firmware discovers the EFI ESP partition → the initrd discovers the
root partition → the host OS discovers swap, /home, and /srv.
Note that this requires an EFI boot loader that sets the
LoaderDevicePartUUID EFI variable, such as Gummiboot.
|
| |
|
|
|
| |
Already split variable assignments before invoking the callback. And
drop "rd." settings if we are not in an initrd.
|
| |
|
|
| |
define for the max number of rlimits, too
|
| |
|
|
|
| |
Let's make the scope of the show-status stuff a bit smaller, and make it
private to the core, rather than shared API in shared/.
|
| | |
|
| |
|
|
| |
BlockIOAccounting= for all units at once
|
| |
|
|
| |
With loaded_policy set to true mount_setup() relabels /dev properly.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Previously, we'd fixed show_state only after printing the welcome
message which had the effect that the welcome message was almost always
suppressed.
|
| |
|
|
| |
After all, we want to allow userspace to get new privs...
|
| |
|
|
|
|
|
| |
If PID 1 debug logging is enabled, it is nice to keep those settings
when switching to systemd-shutdown binary, independently of whether
this was done through /proc/cmdline options, or through runtime
manipulations.
|
| | |
|
| |
|
|
|
|
|
| |
In cryptsetup-generator automatic cleanup had to be replaced
with manual cleanup, and the code gets a bit longer. But existing
code had the issue that it returned negative values from main(),
which was wrong, so should be reworked anyway.
|
| | |
|
| |
|
|
|
|
| |
This is useful to prohibit execution of non-native processes on systems,
for example 32bit binaries on 64bit systems, this lowering the attack
service on incorrect syscall and ioctl 32→64bit mappings.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
When set to auto, status will shown when the first ephemeral message
is shown (a job has been running for five seconds). Then until the
boot or shutdown ends, status messages will be shown.
No indication about the switch is done: I think it should be clear
for the user that first the cylon eye and the ephemeral messages appear,
and afterwards messages are displayed.
The initial arming of the event source was still wrong, but now should
really be fixed.
|
| | |
|
| | |
|
