core: add RemainAfterElapse= setting to timer units
Previously, after a timer unit elapsed we'd leave it around for good,
which has the nice benefit that starting a timer that shall trigger at a
specific point in time multiple times will only result in one trigger
instead of possibly many. With this change a new option
RemainAfterElapse= is added. It defaults to "true", to mimic the old
behaviour. If set to "false" timer units will be unloaded after they
elapsed. This is specifically useful for transient timer units.
run: when automatically generating names for transient units, use unique bus ID, fallback to random
Previously we used the process ID to generate transient unit names.
However, that is problematic as PIDs get reused easily, and applying
them to remote systems makes little sense.
Fortunately, each bus peer gets a unique, non-reusable ID assigned when
attaching to a bus, hence let's use that, if we can. In some cases we
cannot however, because we connect directly to PID's private socket, and
thus are not a proper bus peer with a unique ID. In that case generate a
random UUID to name the unit after.
core: dispatch load queue each time we set up a transient units
manager_load_unit() will dispatch the load queue anyway, but let's make
sure we also dispatch it immediately, after truning a unit into a
transient one and loading the properties from the message. That way the
know about the validity of the unit before we begin processing the next
auxiliary unit.
core: move check whether a unit is suitable to become transient into unit.c
Lets introduce unit_is_pristine() that verifies whether a unit is
suitable to become a transient unit, by checking that it is no
referenced yet and has no data on disk assigned.
core: generate nice error messages for auxiliary transient units, too
Let's move the validation checks into the loop that sets up the main and
auxiliary transient units, so that we can generate pretty error messages
for all units a transient unit transaction generates, not just for the
main unit.
Tom Gundersen [Tue, 17 Nov 2015 14:32:39 +0000 (15:32 +0100)]
networkd: ndisc - consider configured on timeout
Don't block indefinitely, when control has been passed on from NDisc to DHCPv6.
In this case there is likely no IPv6 support on the local link, so otherwise
this would block indefinitely.
Tom Gundersen [Mon, 16 Nov 2015 15:47:18 +0000 (16:47 +0100)]
networkd: ndisc - always configure dhcp6 client
The ndisc client may trigger the dhcpv6 client to be started (this is the common case),
so we should allocate the dhcpv6 client whenever we allocate the ndisc one.
tests: copy /etc/pam.d/systemd-user from the host on Debian, Ubuntu
Fixes:
systemd-testsuite systemd[34]: PAM _pam_load_conf_file: unable to open /etc/pam.d/system-auth
systemd-testsuite systemd[34]: PAM _pam_load_conf_file: unable to open /etc/pam.d/system-auth
systemd-testsuite systemd[34]: user@0.service: Failed at step PAM spawning /lib/systemd/systemd: Operation not permitted
...
on Debian, Ubuntu
Daniel Mack [Mon, 16 Nov 2015 22:17:52 +0000 (23:17 +0100)]
siphash24: let siphash24_finalize() and siphash24() return the result directly
Rather than passing a pointer to return the result, return it directly
from the function calls.
Also, return the result in native endianess, and let the callers care
about the conversion. For hash tables and bloom filters, we don't care,
but in order to keep MAC addresses and DHCP client IDs stable, we
explicitly convert to LE.
David Herrmann [Mon, 16 Nov 2015 14:45:02 +0000 (15:45 +0100)]
login: ignore JobRemoved of old jobs
If we requeue jobs, we are no longer interested in old jobs. Hence, we
better ignore any JobRemoved signals for old jobs and concentrate on our
replacements.
David Herrmann [Mon, 16 Nov 2015 14:43:18 +0000 (15:43 +0100)]
login: make sure to replace existing units
When queuing unit jobs, we should rather replace existing units than
fail. This is especially important when we queued a user-shutdown and a
new login is encountered. In this case, we better raplce the shutdown
jobs. systemd takes care of everything else.
David Herrmann [Tue, 29 Sep 2015 09:36:18 +0000 (11:36 +0200)]
login: fix re-use of users
If the last reference to a user is released, we queue stop-jobs for the
user-service and slice. Only once those are finished, we drop the
user-object. However, if a new session is opened before the user object is
fully dropped, we currently incorrectly re-use the object. This has the
effect, that we get stale sessions without a valid "systemd --user"
instance.
Fix this by properly allowing user_start() to be called, even if
user->stopping is true.
David Herrmann [Tue, 29 Sep 2015 09:18:46 +0000 (11:18 +0200)]
login: make user->service static
Just like user->slice, there is no reason to store the unit name in /run,
nor should we allocate it dynamically on job instantiation/removal. Just
keep it statically around at all times and rely on user->started ||
user->stopping to figure out whether the unit exists or not.
David Herrmann [Tue, 29 Sep 2015 09:10:01 +0000 (11:10 +0200)]
login: make user_new() and user_free() follow coding-style
Few changes to user_new() and user_free():
- Use _cleanup_(user_freep) in constructor
- return 'int' from user_new()
- make user_free() deal with partially initialized objects
- keep reverse-order in user_free() compared to user_new()
- make user_free() return NULL
- make user_free() accept NULL as no-op
David Herrmann [Tue, 29 Sep 2015 09:03:04 +0000 (11:03 +0200)]
login: keep user->slice constant
Currently, we allocate user->slice when starting a slice, but we never
release it. This is incompatible if we want to re-use a user object once
it was stopped. Hence, make sure user->slice is allocated statically on
the user object and use "u->started || u->stopping" as an indication
whether the slice is actually available on pid1 or not.
David Herrmann [Mon, 28 Sep 2015 10:53:42 +0000 (12:53 +0200)]
login: simply XDG_RUNTIME_DIR management
Lets not pretend we support changing XDG_RUNTIME_DIR via logind state
files. There is no reason to ever write the string into /run, as we
allocate it statically based on the UID, anyway. Lets stop that and just
allocate the runtime_path in "struct User" at all times.
We keep writing it into the /run state to make sure pam_systemd of
previous installs can still read it. However, pam_systemd is now fixed to
allocate it statically as well, so we can safely remove that some time in
the future.
Last but not least: If software depends on systemd, they're more than free
to assume /run/user/$uid is their runtime dir. Lets not require sane
applications to query the environment to get their runtime dir. As long as
applications know their login-UID, they should be safe to deduce the
runtime dir.
tmpfiles: create subvolumes for "v", "q", and "Q" only if / is a subvolume
It's not a good idea to create subvolumes for parts of the OS tree (such
as /home, or /var) if the root directory is not a subvolume too. We
shouldn't assume control of "heavier" objects such as subvolumes, if the
originating object (the root directory) is a "light-weight" object, i.e.
a plain directory.
Effectively this means that chroot() environments that are run on a
plain directory do not have to deal with problems around systemd
creating subvolumes that cannot be removed with a simple "rm" anymore.
However, if the chroot manager creates a proper subvolume for such an
environment it will also get further subvolumes placed in there, under
the assumption that the manager understands the concept of subvolumes in
that case.
Martin Pitt [Mon, 16 Nov 2015 08:21:20 +0000 (09:21 +0100)]
siphash24: change result argument to uint64_t
Change the "out" parameter from uint8_t[8] to uint64_t. On architectures which
enforce pointer alignment this fixes crashes when we previously cast an
unaligned array to uint64_t*, and on others this should at least improve
performance as the compiler now aligns these properly.
This also simplifies the code in most cases by getting rid of typecasts. The
only place which we can't change is struct duid's en.id, as that is _packed_
and public API, so we can't enforce alignment of the "id" field and have to
use memcpy instead.
Martin Pitt [Mon, 16 Nov 2015 07:04:24 +0000 (08:04 +0100)]
virt: add missing #includes
src/basic/virt.c: In function 'detect_vm_device_tree':
src/basic/virt.c:117:17: error: unknown type name '_cleanup_closedir_'
_cleanup_closedir_ DIR *dir = NULL;
src/basic/virt.c:128:17: error: implicit declaration of function 'FOREACH_DIRENT' [-Werror=implicit-function-declaration]
FOREACH_DIRENT(dent, dir, return -errno)
Move daemon-reload from package %post scripts to file triggers
This uses new functionality added in rpm 4.13. Instead of doing
one daemon-reload per packages, we do just one or two
(When both installing and uninstalling packages, we do
two. Unfortunately this also includes the common case of upgrades.
When only installing or when only installing, we do just one.)
New file triggers.systemd can be built, but the contents have
to be copied into the rpm spec file by hand. Using %{load} does
not seem to work. It can serve as documentation.
Fixes:
systemd[39]: systemd-exit.service: Executing: /bin/kill -s 58 29
systemd[39]: systemd-exit.service: Failed at step EXEC spawning /bin/kill: No such file or directory
systemd[29]: Received SIGCHLD from PID 39 ((kill)).
systemd[29]: Child 39 ((kill)) died (code=exited, status=203/EXEC)
logind: add a new UserTasksMax= setting to logind.conf
This new setting configures the TasksMax= field for the slice objects we
create for each user.
This alters logind to create the slice unit as transient unit explicitly
instead of relying on implicit generation of slice units by simply
starting them. This also enables us to set a friendly description for
slice units that way.