| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
|
|
| |
This way it is easy to only exclude directories from the current boot
from automatic clean up in /var/tmp.
Also, pick a longer name for the directories so that are globs in
tmp.conf can be simpler yet equally accurate.
|
| |
|
|
|
| |
In d8c9d3a (systemd: use unit name in PrivateTmp directories)
I forgot to update the tmpfiles config.
|
| |
|
|
|
|
|
| |
4608af4333d0f7f5 set permissions for journal storage on persistent disk
but not the volatile storage.
ref: https://bugs.archlinux.org/task/37170
|
| |
|
|
|
|
|
| |
Seeing http://www.happyassassin.net/2013/09/27/further-sysadmin-adventures-wheres-my-freeipa-badge/
it seems that the default message is a bit confusing for people
who never encountered it before, so adding a link to the manpage could
help them.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
In order to avoid a deadlock between journald looking up the
"systemd-journal" group name, and nscd (or anyother NSS backing daemon)
logging something back to the journal avoid all NSS in journald the same
way as we avoid it from PID 1.
With this change we rely on the kernel file system logic to adjust the
group of created journal files via the SETGID bit on the journal
directory. To ensure that it is always set, even after the user created
it with a simply "mkdir" on the shell we fix it up via tmpfiles on boot.
|
| |
|
|
|
|
|
| |
Embedded folks don't need the machine registration stuff, hence it's
nice to make this optional. Also, I'd expect that machinectl will grow
additional commands quickly, for example to join existing containers and
suchlike, hence it's better keeping that separate from loginctl.
|
| |
|
|
|
|
|
|
|
|
|
| |
Currently, PrivateTmp=yes means that the service cannot see the /tmp
shared by rest of the system and is isolated from other services using
PrivateTmp, but users can access and modify /tmp as seen by the
service.
Move the private /tmp and /var/tmp directories into a 0077-mode
directory. This way unpriviledged users on the system cannot see (or
modify) /tmp as seen by the service.
|
| | |
|
| |
|
|
|
| |
See http://thread.gmane.org/gmane.comp.sysutils.systemd.devel/6874/focus=6891
Should fix https://bugzilla.redhat.com/show_bug.cgi?id=866693
|
| | |
|
| | |
|
| |
|
|
|
| |
systemd-user-sessoins.service will later on remove the flag file, thus
permitting user logins when the time has come.
|
| |
|
|
|
|
|
| |
clean up
It's logind's job to maintain those user dirs, so avoid automatic clean
up for them. However, we do cover everything within them.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We finally got the OK from all contributors with non-trivial commits to
relicense systemd from GPL2+ to LGPL2.1+.
Some udev bits continue to be GPL2+ for now, but we are looking into
relicensing them too, to allow free copy/paste of all code within
systemd.
The bits that used to be MIT continue to be MIT.
The big benefit of the relicensing is that closed source code may now
link against libsystemd-login.so and friends.
|
| |
|
|
|
|
|
|
|
|
|
| |
This extends the shutdownd interface to expose schedule shutdown
information in /run/systemd/shutdown/schedule.
This also cleans up the shutdownd protocol and documents it in a header
file sd-shutdown.h.
This is supposed to be used by client code that wants to control and
monitor scheduled shutdown.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
overrides via /etc
Many people prefer to avoid clearing /tmp and /var/tmp, and
distributions often have explicit settings for how often to clear them
if at all. Overriding those with systemd currently requires overriding
all of /usr/lib/tmpfiles.d/systemd.conf via
/etc/tmpfiles.d/systemd.conf, copying across all the other entries, and
updating that override when systemd.conf changes.
Move the /tmp and /var/tmp entries from systemd.conf to a separate
tmp.conf, making them easier to override without affecting the rest of
systemd.conf.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
| |
http://lists.freedesktop.org/archives/systemd-devel/2011-March/001823.html
|
| |
|
|
|
|
| |
<mbiebl> kay: just wondering: d /run/lock 0755 root lock -
<mbiebl> shouldn't that rather be 0775?
<mbiebl> otherwise it doesn't make sense
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of the /dev/.run trick we have currently implemented, we decided
to move the early-boot runtime dir to /run.
An existing /var/run directory is bind-mounted to /run. If /var/run is
already a symlink, no action is taken.
An existing /var/lock directory is bind-mounted to /run/lock.
If /var/lock is already a symlink, no action is taken.
To implement the directory vs. symlink logic, we have a:
ConditionPathIsDirectory=
now, which is used in the mount units.
Skipped mount unit in case of symlink:
$ systemctl status var-run.mount
var-run.mount - Runtime Directory
Loaded: loaded (/lib/systemd/system/var-run.mount)
Active: inactive (dead)
start condition failed at Fri, 25 Mar 2011 04:51:41 +0100; 6min ago
Where: /var/run
What: /run
CGroup: name=systemd:/system/var-run.mount
The systemd rpm needs to make sure to add something like:
%pre
mkdir -p -m0755 /run >/dev/null 2>&1 || :
or it needs to be added to filesystem.rpm.
Udev -git already uses /run if that exists, and is writable at bootup.
Otherwise it falls back to the current /dev/.udev.
Dracut and plymouth need to be adopted to switch from /dev/.run to run
too.
Cheers,
Kay
|
| | |
|
| | |
|
| |
|
|
| |
It will get 'cleaned' on boot due to being tmpfs anyway.
|
| | |
|
| | |
|
| |
|
|
| |
tmpfiles quite a bit
|
| |
|
