| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
| |
So that we can use it at multiple places.
|
| |
|
|
|
| |
We should no longer pretend that we can run in any sensible way
without the kernel supporting us with cgroups functionality.
|
| | |
|
| |
|
|
| |
container
|
| |
|
|
|
|
|
|
|
|
|
|
| |
When we have job installed and added to run queue for service which is
still in dead state and systemd initiates reload then after reload we
never add deserialized job to the run queue again. This is caused by
check in service_coldplug() where we check if deserialized state is
something else than dead state, which is not the case thus we never call
service_set_state() and finally unit_notify() where we would have added
job to the run queue.
Thanks to Michal Sekletar <msekleta@redhat.com> for the original patch.
|
| |
|
|
|
| |
7-space indentation is just too weird to leave alone.
Make it 8 spaces, as per CODING_STYLE. No other changes.
|
| | |
|
| | |
|
| |
|
|
| |
It's used for the FailureAction property as well.
|
| |
|
|
|
| |
It has the same possible values as StartLimitAction= and is executed
immediately if a service fails.
|
| |
|
|
|
|
|
|
| |
When rebooting with systemctl, an optional argument can be passed to the
reboot system call. This makes it possible the specify the argument in a
service file and use it when the service triggers a restart.
This is useful to distinguish between manual reboots and reboots caused by
failing services.
|
| |
|
|
|
| |
This is a second attempt at 9754d56, reverted in 2f20a8e, because
I lost a 'break;' when moving chunks around.
|
| |
|
|
|
|
|
|
|
|
| |
This reverts commit 9754d56e9b21bfe89fc18f47987d6bef491b8521.
It causes a crash in PID1:
Apr 19 13:49:32 lon systemd[1]: Code should not be reached 'Unhandled socket type.'
at src/core/socket.c:684, function instance_from_socket(). Aborting.
Apr 19 13:49:32 lon systemd[1]: Caught <ABRT>, dumped core as pid 336.
Apr 19 13:49:32 lon systemd[1]: Freezing execution.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
NixOS uses Unix domain sockets for certain host <-> container
interaction; i.e. the host connects to a socket visible in the
container's directory tree, where the container uses a .socket unit to
spawn the handler program on demand. This worked in systemd 203, but
in 212 fails with "foo.socket failed to queue service startup job
(Maybe the service file is missing or not a template unit?): No data
available".
The reason is that getpeercred() now returns ENODATA if it can't get
the PID of the client, which happens in this case because the client
is not in the same PID namespace. Since getpeercred() is only used to
generate the instance name, this patch simply handles ENODATA by
creating an instance name "<nr>-unknown".
[zj: reorder clauses and remove (unsigned long) casts.]
|
| |
|
|
|
|
|
|
|
|
| |
If a persistent timer has no stamp file yet, it behaves just like a normal
timer until it runs for the first time. If the system is always shut down
while the timer is supposed to run, a stamp file is never created and
Peristent=true has no effect.
This patch fixes this by creating a stamp file with the current time
when the timer is first started.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Before:
$ systemd-analyze --user
Startup finished in 2.810s (firmware) + 48ms (loader) + 122ms (userspace) = 122ms
After:
$ systemd-analyze --user
Startup finished in 122ms (userspace) = 122ms
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
tcpwrap is legacy code, that is barely maintained upstream. It's APIs
are awful, and the feature set it exposes (such as DNS and IDENT
access control) questionnable. We should not support this natively in
systemd.
Hence, let's remove the code. If people want to continue making use of
this, they can do so by plugging in "tcpd" for the processes they start.
With that scheme things are as well or badly supported as they were from
traditional inetd, hence no functionality is really lost.
|
| |
|
|
|
|
| |
Given that native services do not carry a sysv priority anyway it is
pointless reading them from chkconfig headers, and pretend they'd work.
So let's drop this.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
safe_close_pair() is more like safe_close(), except that it handles
pairs of fds, and doesn't make and misleading allusion, as it works
similarly well for socketpairs() as for pipe()s...
|
| |
|
|
| |
CLOCK_BOOTTIME_ALARM, too
|
| | |
|
| |
|
|
|
| |
Keep mounts done by udev rules private to udevd. Also, document how
MountFlags= may be used for this.
|
| |
|
|
|
|
|
| |
A service with PrivateNetwork= cannot access abstract namespace sockets
of the host anymore, hence let's better not use abstract namespace
sockets for this, since we want to make sure that PrivateNetwork=
is useful and doesn't break sd_notify().
|
| |
|
|
|
| |
if PrivateDevices=yes is used we need to make sure we can still
create /dev/null and so on.
|
| |
|
|
|
|
|
|
| |
Let's automatically initialize the kill, exec and cgroup contexts of the
various unit types when the object is constructed, instead of
invididually in type-specific code.
Also, when PrivateDevices= is set, set DevicePolicy= to closed.
|
| |
|
|
| |
and /var/tmp are mounted
|
| |
|
|
|
| |
Also mount /dev/kdbus, /dev/mqueue and /dev/hugepages into the /dev for
namespaced services.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
Add a new config 'Activating' directive which denotes whether a busname
is actually registered on the bus. It defaults to 'yes'.
If set to 'no', the .busname unit only uploads policy, which will remain
active as long as the unit is running.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
AcceptFD= defaults to true, thus making sure that by default fd passing
is enabled for all activatable names. Since for normal bus connections
fd passing is enabled too by default this makes sure fd passing works
correctly regardless whether a service is already activated or not.
Making this configurable on both busname units and in bus connections is
messy, but unavoidable since busnames are established and may queue
messages before the connection feature negotiation is done by the
service eventually activated. Conversely, feature negotiation on bus
connections takes place before the connection acquires its names.
Of course, this means developers really should make sure to keep the
settings in .busname units in sync with what they later intend to
negotiate.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
safe_close() automatically becomes a NOP when a negative fd is passed,
and returns -1 unconditionally. This makes it easy to write lines like
this:
fd = safe_close(fd);
Which will close an fd if it is open, and reset the fd variable
correctly.
By making use of this new scheme we can drop a > 200 lines of code that
was required to test for non-negative fds or to reset the closed fd
variable afterwards.
|
| | |
|
| |
|
|
|
|
| |
Given that glibc searches for /dev/shm by just looking for any tmpfs we
should be more careful with providing tmpfs instances arbitrary code
might end up writing to.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
GCC optimizes strlen("string constant") to a constant, even with -O0.
Thus, replace patterns like sizeof("string constant")-1 with
strlen("string constant") where possible, for clarity. In particular,
for expressions intended to add up the lengths of components going into
a string, this often makes it clearer that the expression counts the
trailing '\0' exactly once, by putting the +1 for the '\0' at the end of
the expression, rather than hidden in a sizeof in the middle of the
expression.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
| |
This makes it possible to initialize the /etc/machine-id file on an
arbitrary filesystem hierarchy. This helps systems that wish to run
this at image creation time in a subdirectory, or from initramfs before
pivot-root is called.
[tomegun: converted to using _cleanup_free_ macros]
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
| |
The system state knows the states starting →
running/degraded/maintenance → stopping, where:
starting = system startup
running = normal operation
degraded = at least one unit is currently in failed state
maintenance = rescue/emergency mode is active or queued
stopping = system shutdown
|
| | |
|
