condition, man: Add support for ConditionSecurity=smack
According to Documentation/security/Smack.txt:
In keeping with the intent of Smack, configuration data is minimal
and not strictly required. The most important configuration step is
mounting the smackfs pseudo filesystem.
This means that checking the mount point should be enough.
Previous commit (20d408766) was broken. The problem is not connected
to DESTDIR being set or not, but to the fact that targets in
$GENERAL_ALIASES have directory components, so mkdir -p wasn't
recursing deep enough.
grawity> ln: failed to create symbolic link
‘/home/grawity/pkg/aur/systemd-git/pkg/systemd//etc/systemd/system/multi-user.target.wants/remote-fs.target’: No such file or directory
journald: be more careful when we try to flush the runtime journal to disk and the disk is close to being full
Bump the minimal size of the journal so that we can be sure creating the
journal file will always succeed. Previously the minimum size was
smaller than a empty jounral file...
When unit name is derived from udev via
udev_device_get_property_value(), the name may contains '/' if
ENV{SYSTEMD_WANTS} has the udev options $devpath(%p), $root(%r), or
$sys(%S). However, '/' is a invalid char for unit name so processing
of this rule fails as Invalid argument with following message.
Apr 22 13:21:37 localhost systemd[1]: Failed to load device unit: Invalid argument
Apr 22 13:21:37 localhost systemd[1]: Failed to process udev device event: Invalid argument
This patch escapes those invalid chars in a unit name.
Tested with 202, and confirmed to apply cleanly on top of commit 195f8e36.
A new config file /etc/systemd/sleep.conf is added.
It is parsed by systemd-sleep and logind. The strings written
to /sys/power/disk and /sys/power/state can be configured.
This allows people to use different modes of suspend on
systems with broken or special hardware.
Configuration is shared between systemd-sleep and logind
to enable logind to answer the question "can the system be
put to sleep" as correctly as possible without actually
invoking the action. If the user configured systemd-sleep
to only use 'freeze', but current kernel does not support it,
logind will properly report that the system cannot be put
to sleep.
SYSTEM_CONFIG_FILE and USER_CONFIG_FILE defines were removed
since they were used in only a few places and with the
addition of /etc/systemd/sleep.conf it becomes easier to just
append the name of each file to the dir name.
Daniel Wallace [Sun, 5 May 2013 23:09:53 +0000 (18:09 -0500)]
zsh_completion: complete only pids for systemd-coredumpctl
Instead of completing the whole line, which doesn't work, only complete
the pid, but still show the whole line so the user can see which command
was which.
Users can also let the parameter expansion sort the completion by date
instead of by pid, by setting
zstyle ':completion:*:*:systemd-coredumpctl:*' sort no
so that the zshcompsys doesn't sort the _describe function for only
systemd-coredumpctl.
Everything which is an absolute filename marked with <filename></filename>
lands in the index, unless noindex= attribute is present. Should make
it easier for people to find stuff when they are looking at a file on
disk.
Various formatting errors in manpages are fixed, kernel-install(1) is
restored to formatting sanity.
build-sys: tell rsync no to tranfer times and permissions
When rsyncing to fd.o, rsync would fail on symlinks in man/.
We don't care about the times too much anyway. rsync will
set times to "now", which is fine, since modification times
don't matter much outside of each uploader's machine anyway.
The point is to complete all steps of the transfer, so Python
documentation is properly updated.
build-sys: "link" python _reader and pam_systemd against libsd-daemon-internal
The same old story as d3b9e0ff: those two use libsystemd-shared, and
in turn, some functions in libsystemd-shared use libsystemd-daemon.
The fact that *those* functions are used neither by the python modules
in question nor pam_systemd isn't always enough. Currently, I'm seeing
linking failures with -flto. The result of adding
libsystemd-daemon-internal to the list of linked libraries should be
harmless, with no change in size or final link requirements.
Add __attribute__((const, pure, format)) in various places
I'm assuming that it's fine if a _const_ or _pure_ function
calls assert. It is assumed that the assert won't trigger,
and even if it does, it can only trigger on the first call
with a given set of parameters, and we don't care if the
compiler moves the order of calls.
man: we need to be more careful with the unit search paths we document
We generally document the suggested paths, not the paths possible in
weird, non-standard setups. We do this in order to not confuse
administrators/users unnecessarily and to push people to install things
into the same directories on all distributions.
We are PID 1 after all, the really basic building block of the OS.
Unlike for an app there's very little benefit in being entirely
relocatable.
- Consistent use of $VAR vs ${VAR}
- Consistent use of && vs 'if'
- Add error checking to some places
- Consistent error messages ("Can't" vs "Cannot", etc.)
- Function declarations at the top
- Miscellaneous adjustments
Colin Walters [Wed, 24 Apr 2013 22:19:04 +0000 (18:19 -0400)]
coredump: use realloc() loop instead of malloc(768M)
I typically run VMs with 1024MiB allocated; systemd is unable to write
coredumps in this scenario at all because the default kernel
configuration will only overcommit 50% of available RAM.
Distributions may have selinux but not sushell or might
need to set a custom debug shell.
Defaults to /sbin/sushell if selinux is enabled, /bin/sh if not.
[zj: Renamed --with-debugshelltty to --with-debug-tty, and
added a line in output showing DEBUGSHELL and DEBUGTTY.
I figure that debug shell is pretty useful, and I hope
the extra line in configure status will draw attention
to it.]
clang emits warnings about unused attribute _saved_errno_, which drown
out other—potentially useful—warnings. gcc documentation is not exactly
verbose about the effects of __attribute__((unused)) on variables, but
let's assume that it works if the unit test passes.
It is imperative that open source code be well attributed.
Sprinkle attribute((alloc_size)) here and there, telling gcc
how much memory we are actually allocating.
According to gcc documentation, returned pointer "cannot alias any
other pointer valid when the function returns" and "the memory has
undefined content". This second part is (hopefully) untrue for all
those functions.
systemd-python: attach fields to JournalHandler, add SYSLOG_IDENTIFIER
Arbitrary fields can be attached at the level of the handler,
and they'll be sent with all messages from this handler.
This facility is used to attach SYSLOG_IDENTIFIER to all messages,
since otherwise journald attaches SYSLOG_IDENTIFIER=python or
something similar, which is completely useless.
When a trigger unit wants to know if a stop is queued for it, we should
just check precisely that and do not check whether it is actually
stopped already. This is because we use these checks usually from state
change calls where the state variables are not updated yet.
This change splits unit_pending_inactive() into two calls
unit_inactive_or_pending() and unit_stop_pending(). The former checks
state and pending jobs, the latter only pending jobs.