be restored for individual services with NoExecPaths=/dev (or by allow-
listing and excluding /dev from ExecPaths=).
- * Permissions for /dev/vsock are now set to 0666, and /dev/vhost-vsock
+ * Permissions for /dev/vsock are now set to 0o666, and /dev/vhost-vsock
and /dev/vhost-net are owned by the kvm group.
* The hardware database has been extended with a list of fingerprint
Features:
+* systemd-repart: read LUKS encryption key from $CREDENTIALS_PATH
+
+* introduce /dev/disk/root/* symlinks that allow referencing partitions on the
+ disk the rootfs is on in a reasonably secure way.
+
+* systemd-repart: add a switch to factory reset the partition table without
+ immediately applying the new configuration again. i.e. --factory-reset=leave
+ or so. (this is useful to factory reset an image, then putting it into
+ another machine, ensuring that luks key is generated on new machine, not old)
+
* move logind udev rules to top-level rule.d/ directory
* move multiseat vid/pid matches from logind udev rule to hwdb
<refsect1>
<title>Description</title>
- <para>A unit configuration file whose name ends in
- <literal>.device</literal> encodes information about a device unit
- as exposed in the
- sysfs/<citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry>
- device tree.</para>
+ <para>A unit configuration file whose name ends in <literal>.device</literal> encodes information about a
+ device unit as exposed in the
+ sysfs/<citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry> device
+ tree. This may be used to define dependencies between devices and other units.</para>
<para>This unit type has no specific options. See
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
sections. A separate [Device] section does not
exist, since no device-specific options may be configured.</para>
- <para>systemd will dynamically create device units for all kernel
- devices that are marked with the "systemd" udev tag (by default
- all block and network devices, and a few others). This may be used
- to define dependencies between devices and other units. To tag a
- udev device, use <literal>TAG+="systemd"</literal> in the udev
- rules file, see
- <citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry>
- for details.</para>
+ <para>systemd will dynamically create device units for all kernel devices that are marked with the
+ <literal>systemd</literal> udev tag (by default all block and network devices, and a few others). Note
+ that <emphasis>if <filename>systemd-udev.service</filename> is not running, no device units will be
+ available (for example in a typical container)</emphasis>.</para>
<para>Device units are named after the <filename>/sys/</filename>
and <filename>/dev/</filename> paths they control. Example: the
name see
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
+ <para>To tag a udev device, use <literal>TAG+="systemd"</literal> in the udev rules file, see
+ <citerefentry><refentrytitle>udev</refentrytitle><manvolnum>7</manvolnum></citerefentry> for details.
+ </para>
+
<para>Device units will be reloaded by systemd whenever the
corresponding device generates a <literal>changed</literal> event.
Other units can use <varname>ReloadPropagatedFrom=</varname> to react
_systemd_run() {
local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]}
- local OPTS='-h --help --version --user --system --scope --unit --description --slice
- -r --remain-after-exit --send-sighup -H --host -M --machine --service-type
- --on-active --on-boot --on-startup --on-unit-active --on-unit-inactive
- --on-calendar --timer-property --path-property --socket-property -t --pty
- -q --quiet --no-block --uid --gid --nice -E --setenv -p --property
- --no-ask-password --wait -P --pipe -G --collect --working-directory
- -d --same-dir -S --shell'
+ local OPTS='--no-ask-password --scope -u --unit -p --property --description --slice --slice-inherit
+ -r --remain-after-exit --send-sighup --service-type --uid --gid --nice
+ --working-directory -d --same-dir -E --setenv -t --pty -P --pipe -S --shell -q --quiet
+ --on-active --on-boot --on-startup --on-unit-active --on-unit-inactive --on-calendar
+ --on-clock-change --on-timezone-change --path-property --socket-property
+ --timer-property --no-block --wait -G --collect --user --system -H --host -M --machine
+ -h --help --version'
local mode=--system
local i
local opts_with_values=(
- --unit --description --slice --service-type -H --host -M --machine -p --property --on-active
- --on-boot --on-startup --on-unit-active --on-unit-inactive --on-calendar --timer-property
- --path-property --socket-property --uid --gid --nice -E --setenv --working-directory
+ --unit -p --property --slice --description --service-type --uid --gid --nice --working-directory
+ -E --setenv --on-active --on-boot --on-startup --on-unit-active --on-unit-inactive --on-calendar
+ --path-property --socket-property --timer-property -H --host -M --machine
)
for (( i=1; i <= COMP_CWORD; i++ )); do
if [[ ${COMP_WORDS[i]} != -* ]]; then
}
_arguments \
+ {-G,--collect}'[Unload the transient unit after it completed]' \
+ '--description=[Description for unit]:description' \
+ '--gid=[Run as system group]:group:_groups' \
{-h,--help}'[Show help message]' \
- '--version[Show package version]' \
- '--user[Run as user unit]' \
{-H+,--host=}'[Operate on remote host]:[user@]host:_sd_hosts_or_user_at_host' \
{-M+,--machine=}'[Operate on local container]:machines:_sd_machines' \
- '--scope[Run this as scope rather than service]' \
- '--unit=[Run under the specified unit name]:unit name' \
+ '--nice=[Nice level]:nice level' \
+ '--no-ask-password[Do not query the user for authentication]' \
+ '--no-block[Do not synchronously wait for the unit start operation to finish]' \
+ '--on-active=[Run after SEC seconds]:SEC' \
+ '--on-boot=[Run SEC seconds after machine was booted up]:SEC' \
+ '--on-calendar=[Realtime timer]:SPEC' \
+ '--on-clock-change[Defines a trigger based on system clock jumps]' \
+ '--on-startup=[Run SEC seconds after systemd was first started]:SEC' \
+ '--on-timezone-change[Defines a trigger based on system timezone changes]' \
+ '--on-unit-active=[Run SEC seconds after the last activation]:SEC' \
+ '--on-unit-inactive=[Run SEC seconds after the last deactivation]:SEC' \
+ '--path-property=[Set path unit property]:NAME=VALUE' \
+ {-P,--pipe}'[Inherit standard input, output, and error]' \
{-p+,--property=}'[Set unit property]:NAME=VALUE:(( \
CPUAccounting= MemoryAccounting= BlockIOAccounting= SendSIGHUP= \
SendSIGKILL= MemoryLimit= CPUShares= BlockIOWeight= User= Group= \
ReadOnlyPaths= InaccessiblePaths= EnvironmentFile= \
ProtectSystem= ProtectHome= RuntimeDirectory= PassEnvironment= \
))' \
- '--description=[Description for unit]:description' \
- '--slice=[Run in the specified slice]:slices:__systemd-run_slices' \
+ {-t,--pty}'[The service connects to the terminal]' \
+ {-q,--quiet}'[Suppresses additional informational output]' \
{-r,--remain-after-exit}'[Leave service around until explicitly stopped]' \
+ {-d,--same-dir}'[Run on the current working directory]' \
+ '--scope[Run this as scope rather than service]' \
'--send-sighup[Send SIGHUP when terminating]' \
'--service-type=[Service type]:type:(simple forking oneshot dbus notify idle)' \
- '--uid=[Run as system user]:user:_users' \
- '--gid=[Run as system group]:group:_groups' \
- '--nice=[Nice level]:nice level' \
- '--setenv=[Set environment]:NAME=VALUE' \
- '--on-active=[Run after SEC seconds]:SEC' \
- '--on-boot=[Run SEC seconds after machine was booted up]:SEC' \
- '--on-startup=[Run SEC seconds after systemd was first started]:SEC' \
- '--on-unit-active=[Run SEC seconds after the last activation]:SEC' \
- '--on-unit-inactive=[Run SEC seconds after the last deactivation]:SEC' \
- '--on-calendar=[Realtime timer]:SPEC' \
+ {-E+,--setenv=}'[Set environment]:NAME=VALUE' \
+ {-S,--shell}'[requests an interactive shell in the current working directory]' \
+ '--slice=[Run in the specified slice]:slices:__systemd-run_slices' \
+ '--slice-inherit[Run in the inherited slice]' \
+ '--socket-property=[Set socket unit property]:NAME=VALUE' \
+ '--system[Run as system unit]' \
'--timer-property=[Set timer unit property]:NAME=VALUE' \
+ '--uid=[Run as system user]:user:_users' \
+ {-u+,--unit=}'[Run under the specified unit name]:unit name' \
+ '--user[Run as user unit]' \
+ '--version[Show package version]' \
'--wait=[Wait until service stopped again]' \
+ '--working-directory=[Run with the specified working directory]' \
'*::command:_command'
/* Do not call from library code. */
- /* If we don't use the console we close it here, to not get
- * killed by SAK. If we don't use syslog we close it here so
- * that we are not confused by somebody deleting the socket in
- * the fs, and to make sure we don't use it if prohibit_ipc is
- * set. If we don't use /dev/kmsg we still keep it open,
+ /* This function is often called in preparation for logging. Let's make sure we don't clobber errno,
+ * so that a call to a logging function immediately following a log_open() call can still easily
+ * reference an error that happened immediately before the log_open() call. */
+ PROTECT_ERRNO;
+
+ /* If we don't use the console, we close it here to not get killed by SAK. If we don't use syslog, we
+ * close it here too, so that we are not confused by somebody deleting the socket in the fs, and to
+ * make sure we don't use it if prohibit_ipc is set. If we don't use /dev/kmsg we still keep it open,
* because there is no reason to close it. */
if (log_target == LOG_TARGET_NULL) {
/* Spawns a temporary TTY agent, making sure it goes away when we go away */
- r = safe_fork_full(name, except, n_except, FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_CLOSE_ALL_FDS, ret_pid);
+ r = safe_fork_full(name,
+ except,
+ n_except,
+ FORK_RESET_SIGNALS|FORK_DEATHSIG|FORK_CLOSE_ALL_FDS|FORK_REOPEN_LOG,
+ ret_pid);
if (r < 0)
return r;
if (r > 0)
r = safe_fork_full("(sd-homework)",
(int[]) { stdin_fd, stdout_fd }, 2,
- FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG, &pid);
+ FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_REOPEN_LOG, &pid);
if (r < 0)
return r;
if (r == 0) {
assert(h->uid > 0); /* We never should be UID 0 */
/* Let's kill everything matching the specified UID */
- r = safe_fork("(sd-killer)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_WAIT|FORK_LOG, NULL);
+ r = safe_fork("(sd-killer)",
+ FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_WAIT|FORK_LOG|FORK_REOPEN_LOG,
+ NULL);
if (r < 0)
return r;
if (r == 0) {
/* Also install the access key in the user's own keyring */
if (uid_is_valid(h->uid)) {
- r = safe_fork("(sd-addkey)", FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_WAIT, NULL);
+ r = safe_fork("(sd-addkey)",
+ FORK_RESET_SIGNALS|FORK_CLOSE_ALL_FDS|FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_REOPEN_LOG,
+ NULL);
if (r < 0)
return log_error_errno(r, "Failed install encryption key in user's keyring: %m");
if (r == 0) {
return 0;
}
- r = safe_fork("(fsck)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_STDOUT_TO_STDERR, &fsck_pid);
+ r = safe_fork("(fsck)",
+ FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_STDOUT_TO_STDERR|FORK_CLOSE_ALL_FDS,
+ &fsck_pid);
if (r < 0)
return r;
if (r == 0) {
/* Child */
execl("/sbin/fsck", "/sbin/fsck", "-aTl", node, NULL);
+ log_open();
log_error_errno(errno, "Failed to execute fsck: %m");
_exit(FSCK_OPERATIONAL_ERROR);
}
log_info("Temporary unmounting of file system completed.");
/* resize2fs requires that the file system is force checked first, do so. */
- r = safe_fork("(e2fsck)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_STDOUT_TO_STDERR, &fsck_pid);
+ r = safe_fork("(e2fsck)",
+ FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_STDOUT_TO_STDERR|FORK_CLOSE_ALL_FDS,
+ &fsck_pid);
if (r < 0)
return r;
if (r == 0) {
/* Child */
execlp("e2fsck" ,"e2fsck", "-fp", setup->dm_node, NULL);
+ log_open();
log_error_errno(errno, "Failed to execute e2fsck: %m");
_exit(EXIT_FAILURE);
}
return log_oom();
/* Resize the thing */
- r = safe_fork("(e2resize)", FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_STDOUT_TO_STDERR, &resize_pid);
+ r = safe_fork("(e2resize)",
+ FORK_RESET_SIGNALS|FORK_RLIMIT_NOFILE_SAFE|FORK_DEATHSIG|FORK_LOG|FORK_WAIT|FORK_STDOUT_TO_STDERR|FORK_CLOSE_ALL_FDS,
+ &resize_pid);
if (r < 0)
return r;
if (r == 0) {
/* Child */
execlp("resize2fs" ,"resize2fs", setup->dm_node, size_str, NULL);
+ log_open();
log_error_errno(errno, "Failed to execute resize2fs: %m");
_exit(EXIT_FAILURE);
}
assert(w->child == 0);
assert(!w->child_event_source);
- r = safe_fork("(sd-bright)", FORK_DEATHSIG|FORK_NULL_STDIO|FORK_CLOSE_ALL_FDS|FORK_LOG, &w->child);
+ r = safe_fork("(sd-bright)", FORK_DEATHSIG|FORK_NULL_STDIO|FORK_CLOSE_ALL_FDS|FORK_LOG|FORK_REOPEN_LOG, &w->child);
if (r < 0)
return r;
if (r == 0) {
if (r == 0) {
/* Child */
execl("/sbin/fsck", "/sbin/fsck", "-aT", node, NULL);
+ log_open();
log_debug_errno(errno, "Failed to execl() fsck: %m");
_exit(FSCK_OPERATIONAL_ERROR);
}