core: support netns joining also for sockets created by .socket unit
Similar to the cgroup magic we nowadays do when listening to sockets, to
assign them the right bpf programs, let's also do the same and join the
specified netns in the child process.
This allows people to listen in sockets in specific namespaces, or join
multiple services and socket units together to live in the same
namespace.
The new call allows us to open a netns from the file system, and store
it in a "storage fd pair". It's supposed to work with setup_netns() and
allows pre-population of the netns used with one opened from the file
system.
nspawn: move payload to sub-cgroup first, then sync cgroup trees
if we sync the legacy and unified trees before moving to the right
subcgroup then ultimately the cgroup paths in the hierarchies will be
out-of-sync... Hence, let's move the payload first, and sync then.
remove "." path components from required mount paths
unit_require_mounts_for may be passed path arguments that contain "."
components like for user's home directories where "." is sometimes used
to specify some form of anchor point.
This change stops considering such path as an error and removes the "."
components instead.
shared/bootspec: do not fail on errors when reading EFI vars
It seems that my EFI storage is corrupted. The kernel reports the file as present, but returns
an error when reading. Nevertheless, this shouldn't prevent me from reading the entry
list.
meson: use a convenience library for the sources shared between core/ and the outside
This avoids double compilation. Those files are tiny, so it doesn't save time,
but we avoid repeated warnings and errors, and it's generally cleaner to it
this way.
The number of commands in 'ninja -C build clean && ninja -C build' drops from
1462 to 1455 for me.
pkgconfig: avoid double slash with split-usr configuration
By defining rootprefix= we avoid a double slash in $systemdsystemunitdir and
other variables. This fixes a regression introduced in 1c2c7c6cb3d92315624f3711114e86b0acfbce63 where the variables using rootprefix=/
would start with a double slash. This should be interpreted the same, but is
certainly ugly.
The rootprefix variable was added to systemd.pc in 1c2c7c6cb3d92315624f3711114e86b0acfbce63, so there is no question of backwards
compatiblity. If people try to "override" the prefix and specify
--define-variable=rootprefix=/, they will get a double slash, which should be
OK, and is the same as --define-variable=rootprefix=/something/, which also
results in a double slash somewhere in the strings.
systemctl: add support for booting into boot menu/entry
(This also removes support for booting into the EFI firmware setup
without logind. That's because otherwise the non-EFI fallback logind
implements can't work.)
logind: add support for booting into the boot menu or a specific boot menu entry
This behaves similar to the "boot into firmware" logic, and also allows
either direct EFI operation (which sd-boot supports and others might
support eventually too) or override through env var.
bootspec: get rid of find_default_boot_entry() entirely
Now only two operations are left. Let's just move this into the caller,
since it should make things simpler, clearer and shorter, in particular
as there's only a single user for this.
bootspec: introduce new helper boot_entries_load_config_auto()
It's a simple wrapper around boot_entries_load_config(), but determines
the ESP/XBOOTLDR paths automatically at first. Also, it looks for a path
/run/boot-loader-entries/ and loads the entries from there if it
exists. This is supposed to be a hook for other boot loaders to make our
tools aware of their own entries.
bootspec: move augmentation of loader-discovered entries into bootspec.c
Previously, bootctl would show boot loader entries discovered by the
boot loader which couldn't found locally separately in the output.
Let's move this code into bootspec.c, and beef it up a bit. This way we
can use it later on for logind, and correctly show automatically
discovered windows/macos entries too.
bootspec: move log msg from systemctl.c to bootspec.c
find_default_boot_entry() is only used by systemctl.c, and currently
handles one log message in the caller instead of the callee. Let's
simplify that and move it over, too
logind: optionally support non-EFI reboot-to-firmware
This extends the reboot-to-firmware logic in logind, so that other than
EFI firmwares could be theoretically support. The scheme is like this:
if you want to support this, set the $SYSTEMD_REBOOT_TO_FIRMWARE=1 env
var for logind. If so, this will override the EFI logic, and cause a
file /run/systemd/reboot-to-firmware file to be created when
reboot-to-firmware is requested. This file has no contents, it's mere
existance indicates a reboot with reboot-to-firmware set.
The idea is that for alternative firmwares a drop-in for logind is added
that sets the env var, in combination with some code run during shutdown
that checks for the file and does the right thing.
shutdown: rearrange shutdown sources in source tree
Let's move the shutdown binary into its own subdirectory in
src/shutdown, after all it is relatively isolated from the normal PID 1
sources, being a different binary and all.
Unfortunately it's not possible to move some of the code, since it is
shared with PID 1, that I wished we could move, but I still think it's
worth it.
Previously, RUN and SECLABEL keys are stored in udev_list with its unique
flag is false. If the flag is false, then udev_list is just a linked
list and new entries are always added in the last.
So, we should use OrderedHashmap instead of Hashmap.
resolved: when adding RR to an answer, avoid comparing keys twice
We'd call dns_resource_record_equal(), which calls dns_resource_key_equal()
internally, and then dns_resource_key_equal() a second time. Let's be
a bit smarter, and call dns_resource_key_equal() only once.
(before)
dns_resource_key_hash_func_count=514
dns_resource_key_compare_func_count=275
dns_resource_key_equal_count=62371
4.13s user 0.01s system 99% cpu 4.153 total
(after)
dns_resource_key_hash_func_count=514
dns_resource_key_compare_func_count=276
dns_resource_key_equal_count=31337
2.13s user 0.01s system 99% cpu 2.139 total
resolved: use a temporary Set to speed up dns question parsing
This doesn't necessarily make things faster, because we still spend more time
in dns_answer_add(), but it improves the compuational complexity of this part.
If we even make dns_resource_key_equal_faster, this will become worthwhile.