service: when starting a service make a copy of the watchdog timeout and use that
When we start a service process we pass the selected watchdog timeout to
it with the $WATCHDOG_USEC environment variable. If the unit file is
reconfigured later, we need to make sure to continue to honour the
original timeout, i.e. watch $WATCHDOG_USEC was set to, otherwise we'll
expect the ping at a different time as the service process is sending it
to us.
Hence, whenever we start a unit, save the watchdog timeout, and stick to
that for everything we do.
service: continue to use the overriden timeout when forking off again
Let's make sure we always use the right watchdog timeout: when a service
has overwritten it, then stick to it, also for follow-up processes of
the same service.
Let's be more careful with what we serialize: let's ensure we never
serialize strings that are longer than LONG_LINE_MAX, so that we know we
can read them back with read_line(…, LONG_LINE_MAX, …) safely.
In order to implement this all serialization functions are move to
serialize.[ch], and internally will do line size checks. We'd rather
skip a serialization line (with a loud warning) than write an overly
long line out. Of course, this is just a second level protection, after
all the data we serialize shouldn't be this long in the first place.
While we are at it also clean up logging: while serializing make sure to
always log about errors immediately. Also, (void)ify all calls we don't
expect errors in (or catch errors as part of the general
fflush_and_check() at the end.
core: make manager_serialize() a bit easier to read by adding predicate function
The predicate function manager_timestamp_shall_serialize() simply says
whether to serialize or not serialize a timestamp, and should make
things a bit easier to read.
In the default journalctl output, unprintable entries are abbreviated as
“[<amount> blob data]”; using the same term in the documentation helps
users to quickly discover the option they need to add in order to see
those entries.
"killing" is very UNIX terminology, and not really what this is about.
Let's be more correct and say "send a UNIX signal" for the operation.
Otherwise things are really weird if users call "journalctl --rotate"
from the command line, which internally asks systemd to send SIGUSR2 to
to journald: when german locale is selected this asks the user — roughly
transliterated — whether they want to "eliminate" journald, which is
definitely not the intended meaning.
journald: when we are asked to rotate all files, let's also look at closed files
Before this when asked for rotation we'd only rotate files we have open
anyway. However there might be a number of other files on disk that are
active (i.e. not archived yet) but not open. Let's take care of those
too, so that rotation is always comprehensive, and the user gets the
guarantee that afterthe rotation all stored data is in archived files.
journalctl: add ability to vacuum and rotate in one step
journalctl --vacuum-*= only vacuums archived files. To archive all
active files the rotate operation is used. Let's add a new switch that
combines both, so that the user a single command to first move all
running journal files into archival and then vacuum them.
Let's split the function in three: the part where we archive the old
file into journal_file_archive(), and the part where we initiate the
deferred closing into journal_file_initiate_close().
journal_file_rotate() then simply becomes a wrapper around these two
calls, and the opening of the new journal file.
This useful so that we can archive journal files without having to open
new ones, i.e. to do only the archival part of the rotation, without the
rotation part.
journal: fix some type confusion in journal_directory_vacuum()
Let's store array sizes and indexes in size_t. And let's count numbers
of files in uint64_t (simply because that is the type of the input
parameter for this of the function)
journald calls fd_get_path() a lot (it probably shouldn't, there's some
room for improvement there, but I'll leave that for another time), hence
it's worth optimizing the call a bit, in particular as it's easy.
Previously we'd open the dir /proc/self/fd/ first, before reading the
symlink inside it. This means the whole function requires three system
calls: open(), readlinkat(), close(). The reason for doing it this way
is to distinguish the case when we see ENOENT because /proc is not
mounted and the case when the fd doesn't exist.
With this change we'll directly go for the readlink(), and only if that
fails do an access() to see if /proc is mounted at all.
This optimizes the common case (where the fd is valid and /proc
mounted), in favour of the uncommon case (where the fd doesn#t exist or
/proc is not mounted).
fs-util: increase start buffer size in readlinkat_malloc()
I noticed while profiling journald that we invoke readlinkat() a ton on
open /proc/self/fd/<fd>, and that the returned paths are more often than
not longer than the 99 chars used before, when we look at archived
journal files. This means for these cases we generally need to execute
two rather than one syscalls.
Let's increase the buffer size a tiny bit, so that we reduce the number
of syscalls executed. This is really a low-hanging fruit of
optimization.
Lukas Nykryn [Thu, 25 Oct 2018 14:21:26 +0000 (16:21 +0200)]
proc-cmdline: introduce PROC_CMDLINE_RD_STRICT
Our current set of flags allows an option to be either
use just in initrd or both in initrd and normal system.
This new flag is intended to be used in the case where
you want apply some settings just in initrd or just
in normal system.
Martin Wilck [Wed, 24 Oct 2018 11:22:01 +0000 (13:22 +0200)]
core: don't create Requires for workdir if "missing ok"
Don't add an implicit RequiresMountsFor depenency for the
WorkingDirectory of a unit if the "-" character was used to
indicate that "a missing working directory is not considered fatal"
(see systemd.exec(5)). Otherwise systemd might fail the unit
because of missing dependencies.
dhcp6: prefer offsetof() over sizeof() for structs with undefined sizes
This doesn't change anything in the generated source, but I think makes
semantically more sense, as these structures have undefined size, and we
only want to know the size up to the data field in these cases.
man: fix wording a bit on the cgroup accountings options (#10509)
The &MEMORY_ACCOUNTING_DEFAULT; resolves to "yes" or "no" while the rest
of the paragraph talked about "on" and "off". Let's adjust this and
stick to "yes" and "no"...
Quite frankly I think it's not a particularly good idea to change the
docs based configuration changes... THis can only be incomplete, and the
wording is still very awkward since we repeat the same sentence twice.
units: drop systemd-user-sessions.service ordering dep on systemd-journal-flush.service (#10502)
THis dep existed since the unit was introduced, but I cannot see what
good it would do. Hence in the interest of simplifying things, let's
drop it. If breakages appear later we can certainly revert this again.
First of all, let's fix logging: let's simply log the same message as we
do on success, so that there's always the same pair of these messages
around, regardless if the suspend was successful or not. To distuingish
a successful suspend from a failed one, check the ERRNO= field of the
structured message.
In most ways a failed suspend cycle is not distuingishable from a
successful one that took no time, hence let's treat it this way, and
always pair the success message with a failure message.
This also changes a more important concept: the post-suspend callouts
are now called also called on failure, following the same logic: let's
always run them in pairs: for every pre callout a post callout has to
follow.
sleep: rework write_wakealarm() to take a numeric parameter
Also, let's rename it to rtc_write_wake_alarm(). Both changes together
make sure rtc_write_wake_alarm() and rtc_read_time() are more alike in
their naming and semantics.
This fixes the following warning when built by clang:
```
../src/reply-password/reply-password.c:76:21 warning: variable 'length' is used uninitialized whenever 'if' condition is true [-Wsometimes-uninitialized]
```
Yu Watanabe [Mon, 22 Oct 2018 09:21:42 +0000 (18:21 +0900)]
udev-event: move debug logging before safe_fork()
This fixes the following journal layout issue:
```
Oct 22 15:26:02 systemd-udevd[348]: RUN '/usr/sbin/setregdomain' /usr/lib/udev/rules.d/85-regulatory.rules:5
Oct 22 15:26:02 [439]: Starting '/usr/sbin/setregdomain'
Oct 22 15:26:02 systemd-udevd[348]: Process '/usr/sbin/setregdomain' succeeded.
```