| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| | |
|
| |
|
|
|
|
|
| |
for the container's own subtree in the name=systemd hierarchy
More specifically mount all other hierarchies in their entirety and the
name=systemd above the container's subtree read-only.
|
| |
|
|
| |
mounted read-only
|
| |
|
|
|
|
|
|
| |
-n is only allowed for root. /etc/mtab is nowadays almost always a link to /proc/,
so in practice this does not really matter too much, but should allow .mount units
to work in --user mode.
https://bugs.freedesktop.org/show_bug.cgi?id=87602
|
| | |
|
| |
|
|
|
|
|
| |
https://github.com/vlajos/misspell_fixer
https://github.com/torstehu/systemd/commit/b6fdeb618cf2f3ce1645b3315f15f482710c7ffa
Thanks to Torstein Husebo <torstein@huseboe.net>.
|
| |
|
|
| |
fail
|
| |
|
|
|
|
| |
We no longer configure the addresses on the loopback interface, but simply bring it up
and let the kernel do the rest. Also change the check to only check if the interface
is up, rather than checking for the IPv4 loopback address.
|
| | |
|
| |
|
|
|
| |
Add missing htonl() so that check_loopback() actually tests for 127.0.0.1
instead of 1.0.0.127 on little-endian machines.
|
| |
|
|
|
| |
There is alot of cleanup that will have to happen to turn on
-fstrict-aliasing, but I think our code should be "correct" to the rule.
|
| |
|
|
| |
Accidentally forgot to commit this. Sorry!
|
| |
|
|
|
|
|
|
| |
After all, pretty much all our tools include it, and it should hence be
shared.
Also move sysfs-show.h from core/ to login/, since it has no point to
exist in core.
|
| | |
|
| |
|
|
|
|
|
| |
files from core
Stuff in src/shared or src/libsystemd should *never* include code from
src/core or any of the tools, so don't do that here either. It's not OK!
|
| | |
|
| |
|
|
| |
The KDBUS_CMD_FREE ioctl struct has a size field now, which needs to be set.
|
| |
|
|
|
| |
hidden_file() is a bit more precise, since dot files usually shouldn't
be ignored, but certainly be considered hidden.
|
| |
|
|
| |
rm_rf_dangerous() needlessly
|
| |
|
|
|
|
|
|
|
| |
The handling of the command name and other arguments is unified. This
simplifies things and should make them more predictable for users.
Incidentally, this makes ExecStart handling match the .desktop file
specification, apart for the requirment for an absolute path.
https://bugs.freedesktop.org/show_bug.cgi?id=86171
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
fork() is not async-signal-safe and calling it from the signal handler
could result in a deadlock when at_fork() handlers are called. Using
the raw clone() syscall sidesteps that problem.
The tricky part is that raise() does not work, since getpid() does not
work. Add raw_getpid() to get the real pid, and use kill() instead of
raise().
https://bugs.freedesktop.org/show_bug.cgi?id=86604
|
| |
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=87393
|
| |
|
|
|
| |
No functional change. This is in preparation for using this in
systemctl in the future.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Containers do not really support .device, .automount or .swap units;
Systems compiled without support for swap do not support .swap units;
Systems without kdbus do not support .busname units.
With this change attempts to start a unsupported unit types will result
in an immediate "unsupported" job result, which is a lot more
descriptive then before. Also, attempts to start device units in
containers will now immediately fail instead of causing jobs to be
enqueued that never go away.
|
| |
|
|
|
|
| |
cppcheck would give up with "syntax error" without them. This led
to reports of syntax errors in unrelated locations and potentially
hid other errors
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
| |
resulting name is actually valid
Also, rename filename_is_safe() to filename_is_valid(), since it
actually does a full validation for what the kernel will accept as file
name, it's not just a heuristic.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Sync up with recent kdbus changed:
* several ioctls gained .size and .items members (but still unused)
* CMD_SEND gained its own ioctl structure
* several members of kdbus_msg were dropped as they were only used during
SEND, not during RECV etc.
* CMD_RECV and CMD_SEND now share a kdbus_reply member which contains the
offset and size of the returned message.
|
| | |
|
| |
|
|
|
|
|
| |
for leaf units
Otherwise a slice or delegation unit might move PIDs around ignoring the
fact that it is attached to a subcgroup.
|
| | |
|
| |
|
|
|
|
| |
src/libsystemd/sd-bus/bus-common-errors.h
Stuff in src/shared/ should not use stuff from src/libsystemd/ really.
|
| | |
|
| |
|
|
|
|
|
| |
loop_write() didn't follow the usual systemd rules and returned status
partially in errno and required extensive checks from callers. Some of
the callers dealt with this properly, but many did not, treating
partial writes as successful. Simplify things by conforming to usual rules.
|
| |
|
|
|
| |
This way, we can ensure we have a more complete, up-to-date list of
capabilities around, always.
|
| |
|
|
| |
native API for this in libmount, as soon as that's stable
|
| |
|
|
|
| |
Let's add some syntactic sugar for iterating through inotify events, and
use it everywhere.
|
| | |
|
| |
|
|
|
|
|
|
| |
If a unit is set property by "systemctl set-property", a new dropin
file is generated. But the unit's dropin_paths and dropin_mtime are
not updated. So the unit is shown as need daemon reload.
Update unit dropin_paths and dropin_mtime also when dropin file is
written.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Support timer options --on-active=, --on-boot=, --on-startup=,
--on-unit-active=, --on-unit-inactive=, --on-calendar=. Each options
corresponding with OnActiveSec=, OnBootSec=, OnStartupSec=,
OnUnitActiveSec=, OnUnitInactiveSec=, OnCalendar= of timer
respectively. And OnCalendar= and WakeSystem= supported by
--timer-property= option like --property= of systemd-run.
And if --unit= option and timer options are specified the command can
be omitted. In this case, systemd-run assumes the target service is
already loaded. And just try to generate transient timer unit only.
|
| |
|
|
| |
it's not quite as destructive as it sounds nowadays
|
| |
|
|
|
|
|
|
|
| |
If a cgroup fails to be destroyed (most likely because there are still
processes running as part of a service after the main pid exits), don't
free and remove the cgroup unit from the manager. This fixes a
regression introduced by the cgroup rework in v205 where systemd would
forget about processes still running after the unit becomes inactive.
(This can happen when the main pid exits and KillMode=process or none).
|
| |
|
|
|
|
| |
config_parse_warn_compat is now always used for removed options.
https://bugs.freedesktop.org/show_bug.cgi?id=87125
|
| | |
|
| | |
|
| |
|
|
|
|
| |
We need original socket_fd around otherwise mac_selinux_get_child_mls_label
fails with -EINVAL return code. Also don't call setexeccon twice but rather pass
context value of SELinuxContext option as an extra argument.
|
