journald: do not free space when disk space runs low
Before, journald would remove journal files until both MaxUse= and
KeepFree= settings would be satisfied. The first one depends (if set
automatically) on the size of the file system and is constant. But
the second one depends on current use of the file system, and a spike
in disk usage would cause journald to delete journal files, trying to
reach usage which would leave 15% of the disk free. This behaviour is
surprising for the user who doesn't expect his logs to be purged when
disk usage goes above 85%, which on a large disk could be some
gigabytes from being full. In addition attempting to keep 15% free
provides an attack vector where filling the disk sufficiently disposes
of almost all logs.
Instead, obey KeepFree= only as a limit on adding additional files.
When replacing old files with new, ignore KeepFree=. This means that
if journal disk usage reached some high point that at some later point
start to violate the KeepFree= constraint, journald will not add files
to go above this point, but it will stay (slightly) below it. When
journald is restarted, it forgets the previous maximum usage value,
and sets the limit based on the current usage, so if disk remains to
be filled, journald might use one journal-file-size less on each
restart, if restarts happen just after rotation. This seems like a
reasonable compromise between implementation complexity and robustness.
Łukasz Stelmach [Tue, 7 Jan 2014 14:00:22 +0000 (15:00 +0100)]
gpt-auto-generator: skip nonexistent devices
The devices we work with have eMMC chips for storage. The chips
provide four "hardware" partitions. The first is /dev/mmcblk0, it
takes almost whole space and holds a GPT with several real partitions
(/dev/mmcblk0p?). Then there are three block devices (mmcblk0boot0,
mmcblk0boot1, rpmb) that are part of the same hardware as mmcblk0 that
are presented by the kernel as children of the latter. That relationship
makes gpt-auto-generator try to peek them but since they are not GPT
partitions blkid_do_safeprobe() returns -2 making verify_gpt_parition()
function return -ENODEV.
journalctl: allow globbing in --unit and --user-unit
This is a continuation of e3e0314b systemctl: allow globbing in commands
which take multiple unit names.
Multiple patterns can be specified, as separate arguments, or as one argument
with patterns seperated by commas.
If patterns are given, at least one unit must be matched (by any of the patterns).
This is different behaviour than systemctl, but here it is necessary because
otherwise anything would be matched, which is unlikely to be the intended
behaviour.
journal: fix access to munmapped memory in sd_journal_enumerate_unique
sd_j_e_u needs to keep a reference to an object while comparing it
with possibly duplicate objects in other files. Because the size of
mmap cache is limited, with enough files and object to compare to,
at some point the object being compared would be munmapped, resulting
in a segmentation fault.
Fix this issue by turning keep_always into a reference count that can
be increased and decreased. Other callers which set keep_always=true
are unmodified: their references are never released but are ignored
when the whole file is closed, which happens at some point. keep_always
is increased in sd_j_e_u and later on released.
udev/net_id: Introduce predictable network names for Linux on System z
Use the bus-ID to create predicatable devices names for network interfaces
on Linux on System z instances. The bus-ID identifies a device in the s390
channel subsystem.
Network interfaces of device type Ethernet are named as:
enccw0.0.1234 (13 characters)
up to
enccwff.7.ffff (14 characters)
CTC network devices of device type SLIP, use a different prefix as follows:
slccw0.0.1234 (13 characters)
See also Red Hat Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=870859
[tomegun: typical problem of netdevs switching names between reboots.]
networkd: print the received DHCPv4 address and gateway
It seems that networkd stores in_addr.s_addr contents in reverse
order (little-endian, not network order). This is a bit confusing,
but sd_rtnl evidently likes this order.
nspawn: do not invoke RegisterMachine on machined from inside the new PID namespace
On kdbus user credentials are not translated across PID namespaces, but
simply invalidated if sender and receiver namespaces don't match. This
makes it impossible to properly authenticate requests from different PID
namespaces (which is probably a good thing). Hence, register the machine
in the parent and not the client and properly synchronize this.
Kay Sievers [Wed, 8 Jan 2014 13:32:37 +0000 (21:32 +0800)]
bus-driverd: do not track identical matches
Identical matches are only one time in the hash map but multiple
times in the list; when removing, the hash will be empty but the
list still has entries.
Not adding dupicates to the list should keep us in sync and prevent
hitting the assert.
Kay Sievers [Mon, 6 Jan 2014 22:37:23 +0000 (06:37 +0800)]
core: do not add implicit dbus.socket dependency
Sockets are ordered before sockets.target anyway, and sockets.target
is ordered before basic.target, and hence all bus services end up
being ordered after dbus.socket anyway. Since for kdbus clients
dbus.socket is obsolete, let's not add this dependency explicitly.
Also, it's hot in Australia and we are going for breakfast now.
src/libsystemd-bus/sd-bus.c: In function 'sd_bus_open_user':
src/libsystemd-bus/sd-bus.c:1104:25: warning: format '%s' expects argument of type 'char *', but argument 3 has type 'long unsigned int' [-Wformat=]
asprintf(&b->address, UNIX_USER_BUS_FMT, (unsigned long) getuid());
Simon Peeters [Sat, 4 Jan 2014 01:35:27 +0000 (02:35 +0100)]
strv: multiple cleanups
- turn strv_merge into strv_extend_strv.
appending strv b to the end of strv a instead of creating a new strv
- strv_append: remove in favor of strv_extend and strv_push.
- strv_remove: write slightly more elegant
- strv_remove_prefix: remove unused function
- strv_overlap: use strv_contains
- strv_printf: STRV_FOREACH handles NULL correctly
David Herrmann [Sun, 5 Jan 2014 12:59:12 +0000 (13:59 +0100)]
TODO: extend login capability note
We cannot remove CAP_SYS_ADMIN, which basically makes removing all other
capabilities useless. Anyhow, still wouldn't hurt checking whether stuff
like CAP_KILL can be dropped from logind.
Stefan Beller [Fri, 3 Jan 2014 19:33:21 +0000 (20:33 +0100)]
Update .mailmap file
This commit updates email addresses of people, who are already in the
.mailmap file, so I'd assume they have sorted out their viewpoint on
privacy within the .mailmap file.
The entries for this commit have been produced using:
# Finding out duplicates by comparing email addresses:
git shortlog -sne |awk '{ print $NF }' |sort |uniq -d
# Finding out duplicates by comparing names:
git shortlog -sne |awk '{ NF--; $1=""; print }' |sort |uniq -d