logind: explicitly create state directories during early initialization
Strictly speaking this isn't necessary for the /run/systemd/seats/
directory, since that is created anyway as the first seat is found, and
seat0 is always found. But let's be explicit here, and also create the
sessions/ and users/ directories, so that people can always install
inotify watches from very early on, even when nobody logged in yet.
Previously we were testing whether /sys/fs/cgroup/systemd/ was a mount
point. This might be problematic however, when the cgroup trees are bind
mounted into a container from the host (which should be absolutely
valid), which might create the impression that the container was running
systemd, but only the host actually is.
Replace this by a check for the existance of the directory
/run/systemd/system/, which should work unconditionally, since /run can
never be a bind mount but *must* be a tmpfs on systemd systems, which is
flushed at boots. This means that data in /run always reflects
information about the current boot, and only of the local container,
which makes it the perfect choice for a check like this.
(As side effect this is nice to Ubuntu people who now use logind with
the systemd cgroup hierarchy, where the old sd_booted() check misdetects
systemd, even though they still run legacy Upstart.)
Harald Hoyer [Thu, 14 Mar 2013 12:12:10 +0000 (13:12 +0100)]
Make initrd.target the default target in the initrd
First, rename root-fs.target to initrd-root-fs.target to clarify its usage.
Mount units with "x-initrd-rootfs.mount" are now ordered before
initrd-root-fs.target. As we sometimes construct /sysroot mounts in
/etc/fstab in the initrd, we want these to be mounted before the
initrd-root-fs.target is active.
initrd.target can be the default target in the initrd.
(normal startup)
:
:
v
basic.target
|
______________________/|
/ |
| sysroot.mount
| |
| v
| initrd-root-fs.target
| |
| v
| initrd-parse-etc.service
(custom initrd services) |
| v
| (sysroot-usr.mount and
| various mounts marked
| with fstab option
| x-initrd.mount)
| |
| v
| initrd-fs.target
| |
\______________________ |
\|
v
initrd.target
|
v
initrd-cleanup.service
isolates to
initrd-switch-root.target
|
v
______________________/|
/ |
| initrd-udevadm-cleanup-db.service
| |
(custom initrd services) |
| |
\______________________ |
\|
v
initrd-switch-root.target
|
v
initrd-switch-root.service
|
v
switch-root
main: don't mount /sys, /dev and friends when we run with PID != 1
Back from old times when we developed systemd on non-systemd hosts we
still mounted the missing directories such as the cgroup stuff even when
running with a PID != 1. There's no point for that anymore, so let's
just do that if we are actually PID 1, and never otherwise.
/usr/lib/gcc/x86_64-pc-linux-gnu/4.6.3/../../../../lib64/libsystemd-login.so:
undefined reference to `sd_listen_fds'
In ee465038ce8 'build-sys: break dependency loop between
libsystemd-id128.la and -shared.la', a partial fix was applied, and
the use of functions from libsystemd-id128 was removed from
libsystemd-shared. Nevertheless, fdset.c was still using sd_listen_fds,
so libsystemd-login should be linked against libysystemd-daemon
or libsystemd-daemon-internal.
journalctl: show systemd messages about unit for -u
journalctl -u unit is not very useful, because it doesn't show
systemd messages about starting, stopping, coredumps, etc,
like systemctl status unit does. Make it show the same
information using the same rules.
If somebody really want to see just messages from by the unit,
it is easy enough to use _SYSTEMD_UNIT=...
After that functions which add matches, show_journal_by_unit
and show_journal_by_user_unit, become nearly identical, so
I merged them into one function.
Harald Hoyer [Mon, 4 Mar 2013 18:01:05 +0000 (19:01 +0100)]
add initrd-fs.target and root-fs.target
Instead of using local-fs*.target in the initrd, use root-fs.target for
sysroot.mount and initrd-fs.target for /sysroot/usr and friends.
Using local-fs.target would mean to carry over the activated
local-fs.target to the isolated initrd-switch-root.target and thus in
the real root. Having local-fs.target already active after
deserialization causes ordering problems with the real root services and
targets.
We better isolate to targets for initrd-switch-root.target, which are
only available in the initrd.
This should help readers of the man or HTML pages know if the documentation
is out of date. An alternative to use a date generated from 'git log' was
considered, but since we try to keep user visible documentation up to date,
showing the project version should be enough.
Harald Hoyer [Tue, 12 Mar 2013 17:24:44 +0000 (18:24 +0100)]
remote-fs.target: want remote-fs-pre.target
This pulls in remote-fs-pre.target if remote-fs.target is needed.
Previously remote-fs-pre.target was not active, if no remote fs was
mounted from /etc/fstab. So, every manual remote fs mount was ordered
against the inactive remote-fs-pre.target and umount.target.
Because remote-fs-pre.target was not active, the remote fs was umounted
at umount.target time, which was too late (network already down).
Now remote-fs-pre.target is active, even if no remote fs is mounted.
On shutdown it is deactivated in the correct order and all manual remote
fs mounts also.
BogdanR> I think it's cool it supports SMACK and that it encourages
them to use a propper mount point for smackfs but I don't
think it's cool that it's printing on the screen even when
I parse quiet to the kernel that "SMACK support is not
enabled ...".
It is only needed in files designed to be usable in standalone
compilation. In those files the #ifdefinery is indented. When
compiling in-tree, GNU_SOURCE is always defined, so remove one
definition.
<Lekensteyn> The 198 announcement mentions
"/etc/systemd/systemd/foobar.service.d/*.conf", is that a
typo? I only have a /etc/systemd/system/. Is there a
manpage describing this new feature?
Update systemd-analyze to follow the coding style of the other tools
more closely. Also, update the CODING_STYLE to document this for future
additions.
Changes:
- Always use usec_t for time units, so that we always use the same types
everywhere, and format times the same way as everywhere else.
- Add "static" to global variables
- Make sure we can always distuingish OOM and other errors: ensure we
always return useful error codes from all functions.
Michal Schmidt [Wed, 6 Mar 2013 13:17:59 +0000 (14:17 +0100)]
shared: remove pointless checks in auto-cleanup functions
The argument given to the __attribute__((cleanup)) functions is the
address of the variable that's going out of scope. It cannot be NULL.
The "if (!s)" check in set_freep() is pointless.
Perhaps "if (!*s)" was intented. But that's pointless too, because
set_free()/set_free_free() are OK to call with a NULL argument (just
like free()).
Setting "*s = NULL" is pointless, because the variable that s points
to is about to go out of scope.
core: if we cannot JOB_ISOLATE the default target JOB_REPLACE it instead
In order to maintain compatibility with older initrds which do not have
AllowIsolate=yes set for their target units, fallback to JOB_REPLACE if
JOB_ISOLATE doesn't work, but complain about it.
man/*.html: link to directives, python, guvev, libudev in headers
Since the HTML files are in different directories during build
and on fd.o, links are broken in the build directory. This could
be fixed by moving stuff around, or by modifying the files during
upload, but I think that people do not usually create HTML files
for local browsing, and this is not necessary.
Kay Sievers [Thu, 7 Mar 2013 20:04:30 +0000 (21:04 +0100)]
<mbiebl> poettering: small typo in the NEWS file: directory systems looks for <- systemd
<mbiebl> the sentence reads a bit strange "looks for units in"
<mbiebl> " by assigning the empty strings to them" <- an empty string or the empty string
<mbiebl> "this allows resetting" <- I was told this is not correct English, too: "this allows one to reset"
Nathaniel Chen [Thu, 7 Mar 2013 19:06:58 +0000 (11:06 -0800)]
core: mount and initialize Smack
SMACK is the Simple Mandatory Access Control Kernel, a minimal
approach to Access Control implemented as a kernel LSM.
The kernel exposes the smackfs filesystem API through which access
rules can be loaded. At boot time, we want to load the access rules
as early as possible to ensure all early boot steps are checked by Smack.
This patch mounts smackfs at the new location at /sys/fs/smackfs for
kernels 3.8 and above. The /smack mountpoint is not supported.
After mounting smackfs, rules are loaded from the usual location.
For more information about Smack see:
http://www.kernel.org/doc/Documentation/security/Smack.txt
Commit ed1553a fixed current errors, but this error is easy to
make. A wrong id messes up the indexes and linking, so it is
better to catch this automatically.
systemd-python: refuse path and flags together in __init__
It's better to explictly check, instead of just documenting it.
The return value from init is changed from 1 to -1 on error.
Python seems to ignore 1 every second time. Looks like a bug
in Python, but the return value doesn't seem to be documented
anywhere, and -1 works as expected... so let's just use that.