remove units
units: explicitly require /var, /tmp and /var/tmp to be mounted before basic.target We support /var, /tmp and /var/tmp on NFS. NFS shares however are by default ordered only before remote-fs.target which is a late-boot service. /var, /tmp, /var/tmp need to be around earlier though, hence explicitly order them before basic.target. Note that this change simply makes explicit what was implicit before, since many early-boot services pulled in parts of /var anyway early.
units: move After=systemd-hwdb-update.service dependency from udev to udev-trigger Let's move the hwdb regeneration a bit later. Given that hwdb is non-essential it should be OK to allow udev to run without it until we do the full trigger. http://lists.freedesktop.org/archives/systemd-devel/2015-April/030074.html
console-getty.service: don't start when /dev/console is missing Create minimal image which runs systemd FROM rhel7.1 RUN yum install -y /usr/bin/ps ENV container docker CMD [ "/usr/sbin/init" ] When you run the container without -t, the process /sbin/agetty --noclear --keep-baud console 115200 38400 9600 is not happy and checking the journal in the container, there is a stream of Mar 13 04:50:15 11bf07f59fff agetty[66]: /dev/console: No such file or directory Mar 13 04:50:25 11bf07f59fff systemd[1]: console-getty.service holdoff time over, scheduling restart. Mar 13 04:50:25 11bf07f59fff systemd[1]: Stopping Console Getty... Mar 13 04:50:25 11bf07f59fff systemd[1]: Starting Console Getty... Mar 13 04:50:25 11bf07f59fff systemd[1]: Started Console Getty. Mar 13 04:50:25 11bf07f59fff agetty[67]: /dev/console: No such file or directory Mar 13 04:50:35 11bf07f59fff systemd[1]: console-getty.service holdoff time over, scheduling restart. Mar 13 04:50:35 11bf07f59fff systemd[1]: Stopping Console Getty... Mar 13 04:50:35 11bf07f59fff systemd[1]: Starting Console Getty... Mar 13 04:50:35 11bf07f59fff systemd[1]: Started Console Getty. Mar 13 04:50:35 11bf07f59fff agetty[74]: /dev/console: No such file or directory Mar 13 04:50:45 11bf07f59fff systemd[1]: console-getty.service holdoff time over, scheduling restart. Mar 13 04:50:45 11bf07f59fff systemd[1]: Stopping Console Getty... Mar 13 04:50:45 11bf07f59fff systemd[1]: Starting Console Getty...
timesyncd: enable timesyncd in virtual machines On Fri, Mar 13, 2015 at 8:25 PM, Michael Marineau <michael.marineau@coreos.com> wrote: > Currently systemd-timesyncd.service includes > ConditionVirtualization=no, disabling it in both containers and > virtual machines. Each VM platform tends to deal with or ignore the > time problem in their own special ways, KVM/QEMU has the kernel time > source kvm-clock, Xen has had different schemes over the years, VMware > expects a userspace daemon sync the clock, and other platforms are > content to drift with the wind as far as I can tell. > > I don't know of a robust way to know if a platform needs a little > extra help from userspace to keep the clock sane or not but it seems > generally safer to try than to risk drifting. Does anyone know of a > reason to leave timesyncd off by default? Otherwise switching to > ConditionVirtualization=!container should be reasonable.
importd: create a loopback btrfs file system for /var/lib/machines, if necessary When manipulating container and VM images we need efficient and atomic directory snapshots and file copies, as well as disk quota. btrfs provides this, legacy file systems do not. Hence, implicitly create a loopback file system in /var/lib/machines.raw and mount it to /var/lib/machines, if that directory is not on btrfs anyway. This is done implicitly and transparently the first time the user invokes "machinectl import-xyz". This allows us to take benefit of btrfs features for container management without actually having the rest of the system use btrfs. The loopback is sized 500M initially. Patches to grow it dynamically are to follow.
Add fsckd service and socket, retarget systemd-fsck systemd-fsckd can be socket-activated by systemd-fsck process. Reflect that in the different unit files.
Revert "units: add SecureBits" This reverts commit 6a716208b346b742053cfd01e76f76fb27c4ea47. Apparently this doesn't work. http://lists.freedesktop.org/archives/systemd-devel/2015-February/028212.html
units: add SecureBits No setuid programs are expected to be executed, so add SecureBits=noroot noroot-locked to unit files.
networkd: exit on idle We will be woken up on rtnl or dbus activity, so let's just quit if some time has passed and that is the only thing that can happen. Note that we will always stay around if we expect network activity (e.g. DHCP is enabled), as we are not restarted on that.