]>
git.ipfire.org Git - thirdparty/systemd.git/log
Lennart Poettering [Thu, 12 Dec 2019 16:06:06 +0000 (17:06 +0100)]
units: add unit file for systemd-repart to automatically run at boot
Lennart Poettering [Thu, 12 Dec 2019 16:05:56 +0000 (17:05 +0100)]
mkosi: modernize
Fedora minimization had some effect, hence add some required
dependencies explicitly so that we work anyway.
Also, the libtool is not used anymore, drop it.
Finally, the mkosi output format is called gpt_ext4 now, not raw_ext4
anymore.
Lennart Poettering [Tue, 10 Dec 2019 20:31:41 +0000 (21:31 +0100)]
repart: add new systemd-repart tool
Fixes: #14052
Lennart Poettering [Tue, 10 Dec 2019 20:32:10 +0000 (21:32 +0100)]
conf-parser: add parser for 32bit signed integers
Lennart Poettering [Tue, 10 Dec 2019 20:26:47 +0000 (21:26 +0100)]
locale-util: add special glyph Σ
Lennart Poettering [Tue, 10 Dec 2019 20:30:09 +0000 (21:30 +0100)]
locale-util: add block drawing special glyphs
Lennart Poettering [Tue, 10 Dec 2019 20:28:16 +0000 (21:28 +0100)]
format-table: add support for formatting uuids/id128 values
Lennart Poettering [Tue, 10 Dec 2019 10:32:59 +0000 (11:32 +0100)]
id128: move make_v4_uuid into id128-util.h to make it generally useful
Lennart Poettering [Tue, 10 Dec 2019 20:31:54 +0000 (21:31 +0100)]
makefs: simplify SPDX header
Zbigniew Jędrzejewski-Szmek [Wed, 18 Dec 2019 08:14:57 +0000 (09:14 +0100)]
units: drop full paths for utilities in $PATH
This makes things a bit simpler and the build a bit faster, because we don't
have to rewrite files to do the trivial substitution. @rootbindir@ is always in
our internal $PATH that we use for non-absolute paths, so there should be no
functional change.
Daniele Medri [Sun, 19 Jan 2020 10:58:21 +0000 (11:58 +0100)]
Italian: language update
Sascha Dewald [Sat, 18 Jan 2020 08:17:57 +0000 (08:17 +0000)]
pkgconf: add full generator paths
Lennart Poettering [Fri, 17 Jan 2020 14:37:56 +0000 (15:37 +0100)]
tree-wide: we forgot to destroy some bus errors
Zbigniew Jędrzejewski-Szmek [Sat, 18 Jan 2020 09:17:10 +0000 (10:17 +0100)]
Merge pull request #14596 from poettering/no-mask-perpetual
core: don't allow perpetual units to be masked
Wieland Hoffmann [Sat, 18 Jan 2020 07:38:29 +0000 (08:38 +0100)]
typo: "May modify to" -> "May modify"
Zbigniew Jędrzejewski-Szmek [Fri, 17 Jan 2020 14:23:02 +0000 (15:23 +0100)]
Merge pull request #14590 from poettering/doc-fixlets
A bunch of documentation fixes
Lennart Poettering [Fri, 17 Jan 2020 14:09:01 +0000 (15:09 +0100)]
mount: make checks on perpetual mount units more lax
We don#t really care where perpetual mounts are mounted from, since they
have to exist since before we run anyway.
Lennart Poettering [Fri, 17 Jan 2020 14:02:13 +0000 (15:02 +0100)]
core: never allow perpetual units to be masked
Fixes: #14550
Lennart Poettering [Fri, 17 Jan 2020 11:27:48 +0000 (12:27 +0100)]
Merge pull request #14592 from keszybz/simplifications
Simplifications
Lennart Poettering [Thu, 16 Jan 2020 18:40:51 +0000 (19:40 +0100)]
man: document that WakeSystem= affects clock choice
Fixes: #8308
Lennart Poettering [Thu, 16 Jan 2020 18:30:01 +0000 (19:30 +0100)]
docs: uppercase are headers
We do this in most cases, do so here too.
Lennart Poettering [Thu, 16 Jan 2020 18:29:49 +0000 (19:29 +0100)]
docs: let's reduce our spurious whitespace a bit
Lennart Poettering [Thu, 16 Jan 2020 18:27:19 +0000 (19:27 +0100)]
docs: in PORTABILITY_AND_STABILITY only use one h1
According to the designer of the page layout a page only should have one
h1 header, and everything else should be h2, h3, … I think that makes a
ton of sense, hence let's downgrade some headers here.
Lennart Poettering [Thu, 16 Jan 2020 18:22:30 +0000 (19:22 +0100)]
man: clarify that user rlimits cannot go beyond limits set for service mgr
Fixes: #10758
Lennart Poettering [Thu, 16 Jan 2020 18:01:05 +0000 (19:01 +0100)]
man: extend on halt documentation
Based on the suggestions on #13254 and #13264
Fixes: #13254
Lennart Poettering [Thu, 16 Jan 2020 17:51:19 +0000 (18:51 +0100)]
man: document that rootflags= does not override /etc/fstab
Fixes: #13324
Lennart Poettering [Thu, 16 Jan 2020 15:47:56 +0000 (16:47 +0100)]
man: underline that AccuracySec= is about coalescing timer events, nothing else
Fixes: #13328
Lennart Poettering [Thu, 16 Jan 2020 15:41:29 +0000 (16:41 +0100)]
man: mention that Before= doesn't work for device units
Fixes: #13362
Lennart Poettering [Thu, 16 Jan 2020 15:36:33 +0000 (16:36 +0100)]
man: suggest SYSTEMD_WANTS usage instead of RUN for long running processes
Fixes: #14259
Lennart Poettering [Thu, 16 Jan 2020 15:29:01 +0000 (16:29 +0100)]
man: document the limits of the block device discovery for IO cgroup options
Fixes: #14271
Lennart Poettering [Thu, 16 Jan 2020 15:13:50 +0000 (16:13 +0100)]
man: document how error propagation to path units works
Fixes: #14331
Lennart Poettering [Thu, 16 Jan 2020 11:14:03 +0000 (12:14 +0100)]
man: document that program invocation will fail if the User= does not exist
Fixes: #14565
Lennart Poettering [Thu, 16 Jan 2020 11:09:29 +0000 (12:09 +0100)]
docs: clarify that we don't want to own $BOOT exclusively
Let's be clearer here.
Prompted by a quick discussion I had with @gicmo.
Zbigniew Jędrzejewski-Szmek [Wed, 15 Jan 2020 10:42:40 +0000 (11:42 +0100)]
core: reduce indentation a bit
Zbigniew Jędrzejewski-Szmek [Wed, 15 Jan 2020 10:37:49 +0000 (11:37 +0100)]
logind: use loop instead of repeated code
https://github.com/systemd/systemd/pull/14096#discussion_r350953689
Zbigniew Jędrzejewski-Szmek [Wed, 15 Jan 2020 09:37:18 +0000 (10:37 +0100)]
shared/user-record-nss: use macro to avoid repeats
It's easier to read when each field is intialized in exactly one place.
Zbigniew Jędrzejewski-Szmek [Wed, 15 Jan 2020 09:04:30 +0000 (10:04 +0100)]
shared/user-record-nss: shorten code a bit
free_and_strdup() already does comparison internally.
Arian van Putten [Wed, 15 Jan 2020 16:10:11 +0000 (17:10 +0100)]
Disable reading SystemdOptions EFI Var when in SecureBoot mode
In SecureBoot mode this is probably not what you want. As your cmdline
is cryptographically signed like when using Type #2 EFI Unified Kernel
Images (https://systemd.io/BOOT_LOADER_SPECIFICATION/) The user's
intention is then that the cmdline should not be modified. You want to
make sure that the system starts up as exactly specified in the signed
artifact.
Lennart Poettering [Thu, 16 Jan 2020 17:45:29 +0000 (18:45 +0100)]
Merge pull request #14585 from keszybz/sysctl-downgrade-messages
Downgrade sysctl message to log_debug in containers
Luca Boccassi [Thu, 16 Jan 2020 16:24:07 +0000 (16:24 +0000)]
Clarify journald.conf MaxLevelStore documentation
'stored on disk' gives the impression that this option affects only
permanent storage, even though it affects everything the journal
records, regardless of the storage type.
Use 'stored in the journal' to avoid confusion.
Zbigniew Jędrzejewski-Szmek [Thu, 16 Jan 2020 13:45:28 +0000 (14:45 +0100)]
sysctl: downgrade message when we have no permission
We need to run sysctl also in containers, because the network
subtree is namespaces and may legitimately be writable. But logging
all "errors" at notice level creates unwanted noise.
Also downgrade message about missing sysctls to log_info. This might also be
relatively common when configuration is targeted at different kernel
versions. With log_debug it'll still end up in the logs, but isn't really worth
of "notice" most of the time.
https://bugzilla.redhat.com/show_bug.cgi?id=
1609806
Zbigniew Jędrzejewski-Szmek [Thu, 16 Jan 2020 12:05:32 +0000 (13:05 +0100)]
sysctl: move hashmap allocation out of main function
This allocation is a low level detail, and it seems nicer to keep it
out of run().
Zbigniew Jędrzejewski-Szmek [Thu, 16 Jan 2020 13:10:18 +0000 (14:10 +0100)]
man: rework section about configuration file precedence
This section is loaded in a bunch of places, so this affects many
man pages.
1. point the reader to the synopsis section, which has the exact paths
that are used to load files.
2. put the "reference" part first, and recommendations later, in separate
paragraphs.
3. describe how individual settings and whole files are replaces.
Closes #12791.
Zbigniew Jędrzejewski-Szmek [Thu, 16 Jan 2020 08:53:26 +0000 (09:53 +0100)]
Merge pull request #14581 from poettering/setcred-alternative-fix
alternative pam_setcred() fix
Lennart Poettering [Tue, 14 Jan 2020 15:25:45 +0000 (16:25 +0100)]
core: on each iteration processing /proc/self/mountinfo merge all discovery flags for each path
This extends on
d253a45e1c147f5174265d71d7419da7bd52a88b , and instead of
merging just a single flag from previous mount entries of
/proc/self/mountinfo for the same path we merge all three.
This shouldn't change behaviour, but I think make things more readable.
Previously we'd set MOUNT_PROC_IS_MOUNTED unconditionally, we still do.
Previously we'd inherit MOUNT_PROC_JUST_MOUNTED from a previous entry on
the same line, we still do.
MOUNT_PROC_JUST_CHANGED should generally stay set too. Why that? If we
have two mount entries on the same mount point we'd first process one
and then the other, and the almost certainly different mount parameters
of the two would mean we'd set MOUNT_PROC_JUST_CHANGED for the second.
And with this we'll definitely do that still.
This also adds a comment explaining the situation a bit, and why we get
into this situation.
Lennart Poettering [Wed, 15 Jan 2020 16:41:29 +0000 (17:41 +0100)]
Merge pull request #14375 from poettering/userdb
New varlink API for user and group management
Lennart Poettering [Wed, 15 Jan 2020 16:09:36 +0000 (17:09 +0100)]
execute: allow pam_setcred() to fail, ignore errors
Fixes: #14567
Alternative-To: #14569
Lennart Poettering [Wed, 15 Jan 2020 16:08:25 +0000 (17:08 +0100)]
execute: add const to array parameters, where possible
Lennart Poettering [Wed, 28 Aug 2019 17:36:01 +0000 (19:36 +0200)]
docs: add documentation for the varlink user/group APIs
Lennart Poettering [Fri, 29 Nov 2019 20:51:55 +0000 (21:51 +0100)]
docs: add documentation for JSON group records, too
Lennart Poettering [Tue, 27 Aug 2019 13:57:33 +0000 (15:57 +0200)]
docs: add documentation for JSON user records
Lennart Poettering [Tue, 19 Nov 2019 15:51:27 +0000 (16:51 +0100)]
man: document the new nss-systemd behaviour
(This also changes the suggested /etc/nsswitch.conf line to use for
hooking up nss-system to use glibc's [SUCCESS=merge] feature so that we
can properly merge group membership lists).
Lennart Poettering [Wed, 28 Aug 2019 11:33:13 +0000 (13:33 +0200)]
man: document systemd-userdbd.service
Lennart Poettering [Wed, 28 Aug 2019 10:40:23 +0000 (12:40 +0200)]
man: document userdbctl(1)
Lennart Poettering [Tue, 19 Nov 2019 10:30:41 +0000 (11:30 +0100)]
man: document new pam_systemd features in man page
This also updates the suggested PAM snippet in a number of way:
1. Be closer to the logic nowadays implemented in Fedora where the
auth/account/password stacks are all finished off with
pam_{deny|permit}.so
2. Make pam_unix.so just "sufficient" instead of "required" (paving
ground for pam_systemd_home.so being hooked in as additional
sufficient module.
3. Only do pam_nologin in the "account" stack, since it's about account
validity really.
4. Use modern parameters to pam_unix when changing passwords, i.e.
sha512 and shadow, and use already set up passwords (preparing ground
for pam_systemd_home again)
Lennart Poettering [Tue, 13 Aug 2019 11:18:15 +0000 (13:18 +0200)]
pam-systemd: apply user record properties to session
This way any component providing us with JSON user record data can use
this for automatic resource management and other session properties.
Lennart Poettering [Tue, 13 Aug 2019 11:17:51 +0000 (13:17 +0200)]
pam-systemd: normalize return values of append_session_xyz()
Let's propagate the PAM errors we got.
Lennart Poettering [Mon, 12 Aug 2019 16:55:26 +0000 (18:55 +0200)]
pam-systemd: port over to use a UserRecord structure
Later on this allows us to set various session properties from user
record.
Lennart Poettering [Mon, 12 Aug 2019 14:55:48 +0000 (16:55 +0200)]
pam-systemd: share bus connection with pam_systemd_home if we can
Let's use the pam-util.h provided helpers to acquire them.
Lennart Poettering [Mon, 12 Aug 2019 14:39:10 +0000 (16:39 +0200)]
pam-systemd: port to pam_bus_log_{create|parse}_error() and pam_log_oom()
Lennart Poettering [Wed, 18 Dec 2019 09:06:34 +0000 (10:06 +0100)]
shared: add pam utility helpers
Lennart Poettering [Fri, 9 Aug 2019 11:46:43 +0000 (13:46 +0200)]
logind: honour per-user stopDelayUSec property
Lennart Poettering [Fri, 9 Aug 2019 11:46:25 +0000 (13:46 +0200)]
logind: honour killProcesses field of user record
Lennart Poettering [Thu, 8 Aug 2019 14:58:06 +0000 (16:58 +0200)]
logind: enforce user record resource settings when user logs in
Lennart Poettering [Wed, 7 Aug 2019 14:22:35 +0000 (16:22 +0200)]
logind: port to UserRecord object
This changes the user tracking of logind to use the new-style UserRecord
object.
In a later commit this enables us to do per-user resource management.
Lennart Poettering [Thu, 4 Jul 2019 16:31:11 +0000 (18:31 +0200)]
nss: hook up nss-systemd with userdb varlink bits
This changes nss-systemd to use the new varlink user/group APIs for
looking up everything.
(This also changes the factory /etc/nsswitch.conf line to use for
hooking up nss-system to use glibc's [SUCCESS=merge] feature so that we
can properly merge group membership lists).
Fixes: #12492
Lennart Poettering [Wed, 7 Aug 2019 12:58:59 +0000 (14:58 +0200)]
core: add user/group resolution varlink interface to PID 1
Lennart Poettering [Wed, 7 Aug 2019 10:48:45 +0000 (12:48 +0200)]
core: make return parameter of dynamic_user_lookup_name() optional
Lennart Poettering [Mon, 5 Aug 2019 16:22:01 +0000 (18:22 +0200)]
userdbd: add userdbctl tool as client for userdbd
Lennart Poettering [Thu, 4 Jul 2019 16:33:30 +0000 (18:33 +0200)]
userdbd: add new service that can merge userdb queries from multiple clients
Lennart Poettering [Mon, 5 Aug 2019 16:21:49 +0000 (18:21 +0200)]
shared: add helpers for displaying new-style user/group records to users
Lennart Poettering [Wed, 7 Aug 2019 13:26:32 +0000 (15:26 +0200)]
shared: add internal API for querying JSON user records via varlink
This new API can be used in place of NSS by our own internal code if
more than the classic UNIX records are needed.
Lennart Poettering [Mon, 5 Aug 2019 16:21:30 +0000 (18:21 +0200)]
shared: add helpers for converting NSS passwd/group structures to new JSON objects
These new calls may be used to convert classic UNIX/glibc NSS struct
passwd and struct group records into new-style JSON-based user/group
objects.
Lennart Poettering [Wed, 7 Aug 2019 13:25:36 +0000 (15:25 +0200)]
shared: add generic user/group record structures and JSON parsers
Lennart Poettering [Wed, 13 Nov 2019 22:28:05 +0000 (23:28 +0100)]
libcrypt-util: add superficial validator for UNIX hashed password strings
Lennart Poettering [Wed, 13 Nov 2019 22:13:42 +0000 (23:13 +0100)]
shared: split out crypt() specific helpers into its own .c/.h in src/shared/
This way we can use libxcrypt specific functionality such as
crypt_gensalt() and thus take benefit of the newer algorithms libxcrypt
implements. (Also adds support for a new env var $SYSTEMD_CRYPT_PREFIX
which may be used to select the hash algorithm to use for libxcrypt.)
Also, let's move the weird crypt.h inclusion into libcrypt.h so that
there's a single place for it.
Lennart Poettering [Wed, 7 Aug 2019 10:33:33 +0000 (12:33 +0200)]
nss-util: add macros for generating getpwent()/getgrent() prototypes
We have similar macros already for getpwuid()/getpwnam(), let's add more
of this.
Zbigniew Jędrzejewski-Szmek [Wed, 15 Jan 2020 13:26:39 +0000 (14:26 +0100)]
Merge pull request #14579 from keszybz/docs-index
Revert the test move and fix formatting on main page a bit
Zbigniew Jędrzejewski-Szmek [Wed, 15 Jan 2020 12:59:11 +0000 (13:59 +0100)]
Merge pull request #14562 from yuwata/table-strv
introduce TABLE_STRV and use it in networkctl and resolvectl
Zbigniew Jędrzejewski-Szmek [Wed, 15 Jan 2020 12:46:16 +0000 (13:46 +0100)]
docs: fix width of console example
Zbigniew Jędrzejewski-Szmek [Wed, 15 Jan 2020 12:45:04 +0000 (13:45 +0100)]
Revert "docs: rename HACKING → Hacking"
This reverts commit
8c5cd27dd155fbe71a6bf82096b8775c5ff453b8 .
Zbigniew Jędrzejewski-Szmek [Wed, 15 Jan 2020 12:43:24 +0000 (13:43 +0100)]
Merge pull request #14578 from keszybz/docs-index
Let's see if redirects work
Zbigniew Jędrzejewski-Szmek [Wed, 15 Jan 2020 11:15:08 +0000 (12:15 +0100)]
docs: rename HACKING → Hacking
Let's see if this works at all.
Zbigniew Jędrzejewski-Szmek [Wed, 15 Jan 2020 10:55:49 +0000 (11:55 +0100)]
docs: shift console log on index page to the left
Lennart Poettering [Wed, 15 Jan 2020 10:46:11 +0000 (11:46 +0100)]
Merge pull request #14424 from poettering/watch-bus-name-rework
pid1: simplify drastically how we watch bus names for service's BusName= setting
Lennart Poettering [Wed, 15 Jan 2020 09:25:06 +0000 (10:25 +0100)]
Merge pull request #14573 from keszybz/docs-index
Docs index
Zbigniew Jędrzejewski-Szmek [Tue, 14 Jan 2020 20:35:44 +0000 (21:35 +0100)]
docs: add the systemd output example
It is still nice...
Zbigniew Jędrzejewski-Szmek [Tue, 14 Jan 2020 20:35:24 +0000 (21:35 +0100)]
docs: update old para with links to the blog stories
They are of historical interest, but without links not very useful.
Zbigniew Jędrzejewski-Szmek [Tue, 14 Jan 2020 20:25:52 +0000 (21:25 +0100)]
docs: remove markup from title
Github uses a different background for backticked text, and this stands out
(in a bad way) on the title page.
Zbigniew Jędrzejewski-Szmek [Tue, 14 Jan 2020 13:29:02 +0000 (14:29 +0100)]
man: add commas and reword a sentence
On more careful reading, "exit status ... do not cause the unit to enter a
failure state" is not gramatically or logically correct.
Yu Watanabe [Wed, 15 Jan 2020 02:56:01 +0000 (11:56 +0900)]
Merge pull request #14547 from keszybz/networkctl-matching
networkctl: return error or warning when interfaces are not matched
Yu Watanabe [Tue, 14 Jan 2020 10:07:39 +0000 (19:07 +0900)]
test-format-table: add tests for TABLE_STRV
Yu Watanabe [Tue, 14 Jan 2020 09:29:53 +0000 (18:29 +0900)]
resolvectl: use format-table.[ch]
Yu Watanabe [Tue, 14 Jan 2020 09:29:52 +0000 (18:29 +0900)]
networkctl: use TABLE_STRV
Yu Watanabe [Tue, 14 Jan 2020 09:29:51 +0000 (18:29 +0900)]
format-table: introduce TABLE_STRV
Yu Watanabe [Tue, 14 Jan 2020 09:29:50 +0000 (18:29 +0900)]
strv: introduce strv_compare()
Zbigniew Jędrzejewski-Szmek [Tue, 14 Jan 2020 20:22:13 +0000 (21:22 +0100)]
Merge pull request #14571 from poettering/assorted-fixlets
two minor fixes for recent merges
Lennart Poettering [Tue, 14 Jan 2020 15:53:43 +0000 (16:53 +0100)]
docs: rework HTML into GitHub Markdown table
Presumably this should render better on https://systemd.io/DISCOVERABLE_PARTITIONS then.
As pointed out on: https://github.com/systemd/systemd/pull/14390#issuecomment-
574205631
Lennart Poettering [Tue, 14 Jan 2020 15:32:20 +0000 (16:32 +0100)]
cgroup: minor comment improvement
As pointed out here:
https://github.com/systemd/systemd/pull/14564#discussion_r366305882
Lennart Poettering [Tue, 14 Jan 2020 15:17:38 +0000 (16:17 +0100)]
Merge pull request #14570 from keszybz/resource-docs
Modernize links to cgroups docs