chiark / gitweb /
6 years agoudev: always close lock file descriptor
Kay Sievers [Tue, 3 Jun 2014 08:46:51 +0000 (10:46 +0200)]
udev: always close lock file descriptor

6 years agosd-dhcp-client: allways request broadcast
Camilo Aguilar [Wed, 28 May 2014 18:43:37 +0000 (14:43 -0400)]
sd-dhcp-client: allways request broadcast

On systems which cannot receive unicast packets until its IP stack has been configured
we need to request broadcast packets. We are currently not able to reliably detect when
this is necessary, so set it unconditionally for now.

This is set on all packets, but the DHCP server will only broadcast the packets that are
necessary, and unicast the rest.

For more information please refer to this thread in CoreOS:

[tomegun: rephrased commit message]

6 years agoresolved: run as unpriviliged "systemd-resolve" user
Tom Gundersen [Sun, 1 Jun 2014 21:01:20 +0000 (22:01 +0100)]
resolved: run as unpriviliged "systemd-resolve" user

This service is not yet network facing, but let's prepare nonetheless.
Currently all caps are dropped, but some may need to be kept in the

6 years agoconfigure: networkd no longer requires kmod
Tom Gundersen [Mon, 2 Jun 2014 23:05:13 +0000 (01:05 +0200)]
configure: networkd no longer requires kmod

Reported by Samuli Suominen.

6 years agonetworkd: drop CAP_SYS_MODULE
Tom Gundersen [Mon, 2 Jun 2014 19:50:50 +0000 (21:50 +0200)]
networkd: drop CAP_SYS_MODULE

Rely on modules being built-in or autoloaded on-demand.

As networkd is a network facing service, we want to limits its capabilities,
as much as possible. Also, we may not have CAP_SYS_MODULE in a container,
and we want networkd to work the same there.

Module autoloading does not always work, but should be fixed by the kernel
patch f98f89a0104454f35a: 'net: tunnels - enable module autoloading', which
is currently in net-next and which people may consider backporting if they
want tunneling support without compiling in the modules.

Early adopters may also use a module-load.d snippet and order
systemd-modules-load.service before networkd to force the module
loading of tunneling modules.

This sholud fix the various build issues people have reported.

6 years agonetworkd: introduce vti tunnel
Susant Sahani [Fri, 23 May 2014 06:37:46 +0000 (12:07 +0530)]
networkd: introduce vti tunnel

This patch enables vti tunnel support.

example conf:

file : vti.netdev





Add more attributes for vti tunnel

6 years agonetworkd: sit-tunnel add support for pmtudisc
Susant Sahani [Thu, 22 May 2014 06:29:19 +0000 (11:59 +0530)]
networkd: sit-tunnel add support for pmtudisc

This patch adds path of mtu discovery for sit tunnel.
To enable/disable DiscoverPathMTU is introduced.

Example configuration

file: sit.netdev


By default pmtudisc is turned on , if DiscoverPathMTU
is missing from the config. To turn it off
DiscoverPathMTU=0 needs to be set.

6 years agonetworkd: introduce gre tunnel
Susant Sahani [Thu, 22 May 2014 10:35:03 +0000 (16:05 +0530)]
networkd: introduce gre tunnel

This patch enables gre tunnel support.

example conf:

file : gre.netdev





Add more attributes for gre tunnel

6 years agonetworkd-netdev: fix white space
Susant Sahani [Wed, 21 May 2014 09:55:30 +0000 (15:25 +0530)]
networkd-netdev: fix white space

6 years agonetworkd: introduce veth device support
Susant Sahani [Wed, 21 May 2014 08:31:04 +0000 (14:01 +0530)]
networkd: introduce veth device support

This patch adds veth device support to networkd.

Example conf:

File: veth.netdev



6 years agoresolved: move resolv.conf to resolved's runtime dir
Tom Gundersen [Mon, 2 Jun 2014 13:13:30 +0000 (15:13 +0200)]
resolved: move resolv.conf to resolved's runtime dir

6 years agotmpfiles: systemd.conf - fix ownership of network directories
Tom Gundersen [Mon, 2 Jun 2014 13:05:05 +0000 (15:05 +0200)]
tmpfiles: systemd.conf - fix ownership of network directories

6 years agokeyboard: add Plantronics .Audio mute button
Zbigniew Jędrzejewski-Szmek [Sun, 1 Jun 2014 18:01:23 +0000 (14:01 -0400)]
keyboard: add Plantronics .Audio mute button

6 years agoREADME: document the new "systemd-network" user we require for systemd-networkd
Lennart Poettering [Sun, 1 Jun 2014 07:35:19 +0000 (09:35 +0200)]
README: document the new "systemd-network" user we require for systemd-networkd

6 years agonetworkd: run as unpriviliged "systemd-network" user
Lennart Poettering [Sun, 1 Jun 2014 07:12:00 +0000 (09:12 +0200)]
networkd: run as unpriviliged "systemd-network" user

This allows us to run networkd mostly unpriviliged with the exception of
CAP_NET_* and CAP_SYS_MODULE. I'd really like to get rid of the latter

6 years agounits: remove CAP_SYS_PTRACE capability from hostnamed/networkd
Lennart Poettering [Sun, 1 Jun 2014 06:54:09 +0000 (08:54 +0200)]
units: remove CAP_SYS_PTRACE capability from hostnamed/networkd

The ptrace capability was only necessary to detect virtualizations
environments. Since we changed the logic to determine this to not
require priviliges, there's no need to carry the CAP_SYS_PTRACE
capability anymore.

6 years agotimesyncd: split privilege dropping code out of timesyncd so that we can make use...
Lennart Poettering [Sun, 1 Jun 2014 06:49:33 +0000 (08:49 +0200)]
timesyncd: split privilege dropping code out of timesyncd so that we can make use of it from other daemons too

This is preparation to make networkd work as unpriviliged user.

6 years agotty-ask-password-agent: Do tell what directory we failed to open
Cristian Rodríguez [Thu, 29 May 2014 18:17:37 +0000 (14:17 -0400)]
tty-ask-password-agent: Do tell what directory we failed to open

6 years agoudev-builtin-keyboard: do tell on which device EVIOCSKEYCODE failed.
Cristian Rodríguez [Fri, 30 May 2014 17:16:56 +0000 (13:16 -0400)]
udev-builtin-keyboard: do tell on which device EVIOCSKEYCODE failed.

I am getting

"Error calling EVIOCSKEYCODE (scan code 0xc022d, key code 418): Invalid
argument", the error message does not tell on which specific device the
problem is, add that info.

6 years agoutil: ignore_file should not allow files ending with '~'
Thomas Hindoe Paaboel Andersen [Sat, 31 May 2014 19:36:23 +0000 (21:36 +0200)]
util: ignore_file should not allow files ending with '~'

ignore_file currently allows any file ending with '~' while it
seems that the opposite was intended:

6 years agounits: use KillMode=mixed for systemd-nspawn@.service
Jonathan Liu [Wed, 28 May 2014 15:17:25 +0000 (01:17 +1000)]
units: use KillMode=mixed for systemd-nspawn@.service

This causes the container to shut down cleanly when the service is

6 years agofsck: include device name in the message about missing fsck
Zbigniew Jędrzejewski-Szmek [Tue, 27 May 2014 03:03:11 +0000 (23:03 -0400)]
fsck: include device name in the message about missing fsck

6 years agovirt: rework container detection logic
Lennart Poettering [Wed, 28 May 2014 10:37:11 +0000 (18:37 +0800)]
virt: rework container detection logic

Instead of accessing /proc/1/environ directly, trying to read the
$container variable from it, let's make PID 1 save the contents of that
variable to /run/systemd/container. This allows us to detect containers
without the need for CAP_SYS_PTRACE, which allows us to drop it from a
number of daemons and from the file capabilities of systemd-detect-virt.

Also, don't consider chroot a container technology anymore. After all,
we don't consider file system namespaces container technology anymore,
and hence chroot() should be considered a container even less.

6 years agobuild-sys: use glibc's xattr support instead of requiring libattr
Kay Sievers [Wed, 28 May 2014 09:36:40 +0000 (17:36 +0800)]
build-sys: use glibc's xattr support instead of requiring libattr

6 years agoNEWS: mention that we need a new user systemd-timesync v213
Lennart Poettering [Wed, 28 May 2014 01:43:43 +0000 (09:43 +0800)]
NEWS: mention that we need a new user systemd-timesync

6 years agoNEWS: update NEWS file according to most recent changes in git
Lennart Poettering [Wed, 28 May 2014 01:39:55 +0000 (09:39 +0800)]
NEWS: update NEWS file according to most recent changes in git

6 years agohostnamed: Fix the way that static and transient host names interact
Stef Walter [Wed, 12 Feb 2014 08:46:31 +0000 (09:46 +0100)]
hostnamed: Fix the way that static and transient host names interact

It is almost always incorrect to allow DHCP or other sources of
transient host names to override an explicitly configured static host

This commit changes things so that if a static host name is set, this
will override the transient host name (eg: provided via DHCP). Transient
host names can still be used to provide host names for machines that have
not been explicitly configured with a static host name.

The exception to this rule is if the static host name is set to
"localhost". In those cases we act as if no
static host name has been explicitly set.

As discussed elsewhere, systemd may want to have an fd based ownership
of the transient name. That part is not included in this commit.

6 years agobuild-sys: bump package and library version
Lennart Poettering [Tue, 27 May 2014 11:02:22 +0000 (19:02 +0800)]
build-sys: bump package and library version

6 years agotest-dhcp-option: fix memleak
Tom Gundersen [Sun, 25 May 2014 15:34:17 +0000 (17:34 +0200)]
test-dhcp-option: fix memleak

6 years agoanalyze/run: use bus_open_transport_systemd instead of bus_open_transport
Thomas Bächler [Fri, 21 Feb 2014 10:55:24 +0000 (11:55 +0100)]
analyze/run: use bus_open_transport_systemd instead of bus_open_transport

Both systemd-analyze and systemd-run only access org.freedesktop.systemd1
on the bus. This patch allows using systemd-run --user and systemd-analyze
--user even if the user session's bus is not properly integrated with the
systemd user unit. and other reports...

6 years agoDo not unescape unit names in [Install] section
Michal Sekletar [Mon, 26 May 2014 18:09:45 +0000 (20:09 +0200)]
Do not unescape unit names in [Install] section

6 years agoudev: keyboard - also hook into "change" events
Kay Sievers [Mon, 26 May 2014 01:30:21 +0000 (09:30 +0800)]
udev: keyboard - also hook into "change" events

Re-apply the keymaps when "udevadm trigger" is called. Hooking into
"add" only would just remove all keymap content from the udev database
instead of applying the new config.

6 years agokeymap: Asus EeePC touchpad toggle key
Martin Pitt [Sun, 25 May 2014 10:16:35 +0000 (12:16 +0200)]
keymap: Asus EeePC touchpad toggle key

Originally is KEY_TOUCHPAD_TOGGLE, but can't handle the big key events,
so use the F21 convention.

6 years agokeymap: Add Lenovo Enhanced USB Keyboard
Martin Pitt [Sun, 25 May 2014 09:57:22 +0000 (11:57 +0200)]
keymap: Add Lenovo Enhanced USB Keyboard

6 years agotimesysnc: reword network watching messages, and move resolver errors to debug
Kay Sievers [Sun, 25 May 2014 05:40:17 +0000 (13:40 +0800)]
timesysnc: reword network watching messages, and move resolver errors to debug

6 years agonspawn: make nspawn robust to container failure
Djalal Harouni [Sat, 24 May 2014 13:58:55 +0000 (14:58 +0100)]
nspawn: make nspawn robust to container failure

nspawn and the container child use eventfd to wait and notify each other
that they are ready so the container setup can be completed.

However in its current form the wait/notify event ignore errors that
may especially affect the child (container).

On errors the child will jump to the "child_fail" label and terminate
with _exit(EXIT_FAILURE) without notifying the parent. Since the eventfd
is created without the "EFD_NONBLOCK" flag, this leaves the parent
blocking on the eventfd_read() call. The container can also be killed
at any moment before execv() and the parent will not receive

We can fix this by using cheap mechanisms, the new high level eventfd
API and handle SIGCHLD signals:

* Keep the cheap eventfd and EFD_NONBLOCK flag.

* Introduce eventfd states for parent and child to sync.
Child notifies parent with EVENTFD_CHILD_SUCCEEDED on success or
EVENTFD_CHILD_FAILED on failure and before _exit(). This prevents the
parent from waiting on an event that will never come.

* If the child is killed before execv() or before notifying the parent,
we install a NOP handler for SIGCHLD which will interrupt blocking calls
with EINTR. This gives a chance to the parent to call wait() and
terminate in main().

* If there are no errors, parent will block SIGCHLD, restore default
handler and notify child which will do execv(), then parent will pass
control to process_pty() to do its magic.

This was exposed in part by:

Reported-by: Tobias Hunger
6 years agonspawn: move container wait logic into wait_for_container()
Djalal Harouni [Sat, 24 May 2014 13:58:54 +0000 (14:58 +0100)]
nspawn: move container wait logic into wait_for_container()

Move the container wait logic into its own wait_for_container() function
The status will be stored in its argument, this way we handle:
a) Return negative on failures.
b) Return zero on success and set the status to either

These status codes are used to terminate nspawn or loop again in case of

6 years agotest-path-util: add tests for path_make_relative()
Tanu Kaskinen [Sat, 24 May 2014 09:01:13 +0000 (12:01 +0300)]
test-path-util: add tests for path_make_relative()

6 years agopath-util: fix missing terminating zero
Tanu Kaskinen [Sat, 24 May 2014 09:01:12 +0000 (12:01 +0300)]
path-util: fix missing terminating zero

There was this code:

        if (to_path_len > 0)
                memcpy(p, to_path, to_path_len);

That didn't add the terminating zero, so the resulting string was
corrupt if this code path was taken.

Using strcpy() instead of memcpy() solves this issue, and also
simplifies the code.

Previously there was special handling for shortening "../../" to
"../..", but that has now been replaced by a path_kill_slashes() call,
which also makes the result prettier in case the input contains
redundant slashes that would otherwise be copied to the result.

6 years agoUse %m instead of strerror(errno) where appropiate
Cristian Rodríguez [Sat, 24 May 2014 04:10:36 +0000 (00:10 -0400)]
Use %m instead of strerror(errno) where appropiate

6 years agotest-unit-file: skip if unit_file_get_list returns permission denied
Cristian Rodríguez [Sat, 24 May 2014 16:16:42 +0000 (12:16 -0400)]
test-unit-file: skip if unit_file_get_list returns permission denied

6 years agoFix several small typos
Jonathan Boulle [Fri, 23 May 2014 18:56:42 +0000 (11:56 -0700)]
Fix several small typos

6 years agoman: describe sd_uid_get_display
Zbigniew Jędrzejewski-Szmek [Sat, 24 May 2014 22:49:45 +0000 (18:49 -0400)]
man: describe sd_uid_get_display

6 years agoNEWS: mention that systemd-analyze uses new kernel release info
Zbigniew Jędrzejewski-Szmek [Sat, 24 May 2014 22:45:04 +0000 (18:45 -0400)]
NEWS: mention that systemd-analyze uses new kernel release info

Also some small grammar updates.

6 years agobuild-sys: fix typo in variable name
Zbigniew Jędrzejewski-Szmek [Sat, 24 May 2014 22:23:06 +0000 (18:23 -0400)]
build-sys: fix typo in variable name

6 years agoman: reword StartupCPUShares= description
Zbigniew Jędrzejewski-Szmek [Sat, 24 May 2014 22:02:16 +0000 (18:02 -0400)]
man: reword StartupCPUShares= description

Now that we have two options described in the same paragraph, we cannot
use singular anymore.

6 years agoNEWS
Tom Gundersen [Sat, 24 May 2014 10:28:47 +0000 (12:28 +0200)]

6 years agoNEWS: update
Kay Sievers [Sat, 24 May 2014 06:50:17 +0000 (14:50 +0800)]
NEWS: update

6 years agodetect-virt: Remove string for Microsoft virtualization detection in DMI vendor strin...
Reyad Attiyat [Mon, 5 May 2014 21:29:57 +0000 (16:29 -0500)]
detect-virt: Remove string for Microsoft virtualization detection in DMI vendor string array.

The string "Microsoft Corporation" is used in the Surface Tablet's DMI vendor ID.

6 years agoNEWS: prepare NEWS update for 213
Lennart Poettering [Sat, 24 May 2014 06:25:28 +0000 (14:25 +0800)]
NEWS: prepare NEWS update for 213

6 years agocore: timer - switch to touch_file()
Kay Sievers [Sat, 24 May 2014 03:39:47 +0000 (11:39 +0800)]
core: timer - switch to touch_file()

6 years agotimedated: refuse manual system time updates when automatic timesync is enabled
Kay Sievers [Sat, 24 May 2014 02:38:32 +0000 (10:38 +0800)]
timedated: refuse manual system time updates when automatic timesync is enabled

6 years agoclock-util: clock_[sg]et_time() -> clock_[sg]et_hwclock()
Kay Sievers [Sat, 24 May 2014 02:26:33 +0000 (10:26 +0800)]
clock-util: clock_[sg]et_time() -> clock_[sg]et_hwclock()

6 years agotimesyncd: only update stamp file when we are synchronized
Kay Sievers [Thu, 22 May 2014 12:31:46 +0000 (21:31 +0900)]
timesyncd: only update stamp file when we are synchronized

Create initial stamp file with compiled-in time to prevent bootups
with clocks in the future from storing invalid timestamps.

At shutdown, only update the timestamp if we got an authoritative
time to store.

6 years agoshared: add touch_file() and let touch() always update timestamp
Kay Sievers [Thu, 22 May 2014 12:10:50 +0000 (21:10 +0900)]
shared: add touch_file() and let touch() always update timestamp

6 years agoshared: rename hwclock.[ch] to clock-util.[ch]
Kay Sievers [Thu, 22 May 2014 12:21:38 +0000 (21:21 +0900)]
shared: rename hwclock.[ch] to clock-util.[ch]

6 years agosd-network: avoid false positive compiler warning caused by LTO
Tom Gundersen [Fri, 23 May 2014 22:46:30 +0000 (00:46 +0200)]
sd-network: avoid false positive compiler warning caused by LTO

Djalal Harouni <>:
There is also this one genrated by LTO, IMO it's a false positive since
we do *check* for "lease" but the code is not consistent since in that
code path, "lease" is initialized to NULL in other places, except for
this one:

src/resolve/resolved-manager.c: In function 'manager_update_resolv_conf':
src/libsystemd-network/sd-dhcp-lease.c:67:18: warning: 'lease' may be used uninitialized in this function [-Wmaybe-uninitialized]
        if (lease->dns_size) {
src/network/sd-network.c:146:24: note: 'lease' was declared here
        sd_dhcp_lease *lease;

6 years agosocket: properly handle if our service vanished during runtime
Lennart Poettering [Thu, 22 May 2014 07:56:21 +0000 (16:56 +0900)]
socket: properly handle if our service vanished during runtime

6 years agocore: remove unused vars
Lennart Poettering [Thu, 22 May 2014 07:52:53 +0000 (16:52 +0900)]
core: remove unused vars

6 years agocore: never consider failure when reading drop-ins fatal
Lennart Poettering [Thu, 22 May 2014 07:49:12 +0000 (16:49 +0900)]
core: never consider failure when reading drop-ins fatal

drop-ins don't carry the main configuration of a unit, hence read them
if we can't, complain if we cannot, but don't fail.

6 years agoconf-parser: never consider it an error if we cannot load a drop-in file because...
Lennart Poettering [Thu, 22 May 2014 07:47:46 +0000 (16:47 +0900)]
conf-parser: never consider it an error if we cannot load a drop-in file because it is missing

After all, we want to be able to boot with /etc empty one day...

6 years agoman: update URL refernce in daemon(7)
Lennart Poettering [Thu, 22 May 2014 07:22:48 +0000 (16:22 +0900)]
man: update URL refernce in daemon(7)

6 years agoman: drop reference to file locking for PID file creation from daemon(7)
Lennart Poettering [Thu, 22 May 2014 07:15:56 +0000 (16:15 +0900)]
man: drop reference to file locking for PID file creation from daemon(7)

File locking is usually a bad idea, don't suggest using it.

6 years agoupdate TODO
Lennart Poettering [Thu, 22 May 2014 07:14:50 +0000 (16:14 +0900)]
update TODO

6 years agonspawn: restore journal directory is empty check
Lennart Poettering [Thu, 22 May 2014 06:19:46 +0000 (15:19 +0900)]
nspawn: restore journal directory is empty check

This undoes part of commit e6a4a517befe559adf6d1dbbadf425c3538849c9.

Instead of removing the error message about non-empty journal bind mount
directories, simply downgrade the message to a warning and proceed.

6 years agoupdate TODO
Lennart Poettering [Thu, 22 May 2014 03:16:25 +0000 (12:16 +0900)]
update TODO

6 years agocgroups: simplify CPUQuota= logic
Lennart Poettering [Thu, 22 May 2014 02:53:12 +0000 (11:53 +0900)]
cgroups: simplify CPUQuota= logic

Only accept cpu quota values in percentages, get rid of period

It's not clear whether the CFS period controllable per-cgroup even has a
future in the kernel, hence let's simplify all this, hardcode the period
to 100ms and only accept percentage based quota values.

6 years agotime-util: make sure USEC_PER_SEC and friends are actually of type usec_t
Lennart Poettering [Thu, 22 May 2014 02:44:03 +0000 (11:44 +0900)]
time-util: make sure USEC_PER_SEC and friends are actually of type usec_t

6 years agologind: also escape external data when saving to /run
Lennart Poettering [Thu, 22 May 2014 01:35:28 +0000 (10:35 +0900)]
logind: also escape external data when saving to /run

Better be safe than sorry...

6 years agoupdate TODO
Lennart Poettering [Thu, 22 May 2014 01:27:17 +0000 (10:27 +0900)]
update TODO

6 years agomachine: escape fields we store in /run, so that they can be properly unescaped by...
Lennart Poettering [Thu, 22 May 2014 01:26:23 +0000 (10:26 +0900)]
machine: escape fields we store in /run, so that they can be properly unescaped by parse_env_file()

6 years agobuild-sys: let libsystemd_network pull in
Kay Sievers [Thu, 22 May 2014 01:08:04 +0000 (10:08 +0900)]
build-sys: let libsystemd_network pull in

On Thu, May 22, 2014 at 9:53 AM, Jan Engelhardt <> wrote:
> If is relying on that udev function, it ought
> to specify libudev(-internal).la in libsystemd_network_la_LIBADD.

6 years agonspawn: allow to bind mount journal on top of a non empty container journal dentry
Djalal Harouni [Fri, 11 Apr 2014 00:45:52 +0000 (01:45 +0100)]
nspawn: allow to bind mount journal on top of a non empty container journal dentry

Currently if nspawn was called with --link-journal=host or
--link-journal=auto and the right /var/log/journal/machine-id/ exists
then the bind mount the subdirectory into the container might fail due
to the ~/mycontainer/var/log/journal/machine-id/ of the container not
being empty.

There is no reason to check if the container journal subdir is empty
since there will be a bind mount on top of it. The user asked for a bind
mount so give it.

Note: a next call with --link-journal=guest may fail due to the
/var/log/journal/machine-id/ on the host not being empty.

Reported-by: Tobias Hunger <>
6 years agobuild-sys: do not run symbol list export test for compat-only libs
Kay Sievers [Thu, 22 May 2014 00:43:22 +0000 (09:43 +0900)]
build-sys: do not run symbol list export test for compat-only libs

The verbose link-time deprecation warnings are annoying. These libs
will never change or be extended; there is no need to test the list
of exported symbols.

6 years agobuild-sys: fix linking order
Kay Sievers [Thu, 22 May 2014 00:41:32 +0000 (09:41 +0900)]
build-sys: fix linking order

  network-internal.c:function net_get_unique_predictable_data:
  error: undefined reference to 'udev_device_get_property_value'
collect2: error: ld returned 1 exit status

6 years fix whitespace
Kay Sievers [Thu, 22 May 2014 00:06:17 +0000 (09:06 +0900)] fix whitespace

6 years agobuild: put missing KMOD_CFLAGS into Makefile
Jan Engelhardt [Tue, 20 May 2014 21:31:59 +0000 (23:31 +0200)]
build: put missing KMOD_CFLAGS into Makefile

The build fails if kmod is not in a default location.

6 years agotimesyncd: order after tmpfiles to get a working network monitor
Kay Sievers [Wed, 21 May 2014 22:55:38 +0000 (07:55 +0900)]
timesyncd: order after tmpfiles to get a working network monitor

6 years agocgroups: always propagate controller membership to siblings, for all controllers
Lennart Poettering [Wed, 21 May 2014 22:50:03 +0000 (07:50 +0900)]
cgroups: always propagate controller membership to siblings, for all controllers

This is the behaviour the kernel cgroup rework exposes for all
controllers, hence let's do this already now for all cases.

6 years agocgroup: rework startup logic
Lennart Poettering [Wed, 21 May 2014 22:06:16 +0000 (07:06 +0900)]
cgroup: rework startup logic

Introduce a (unsigned long) -1 as "unset" state for cpu shares/block io
weights, and keep the startup unit set around all the time.

6 years agocore: add startup resource control option
WaLyong Cho [Thu, 15 May 2014 15:09:34 +0000 (00:09 +0900)]
core: add startup resource control option

Similar to CPUShares= and BlockIOWeight= respectively. However only
assign the specified weight during startup. Each control group
attribute is re-assigned as weight by CPUShares=weight and
BlockIOWeight=weight after startup.  If not CPUShares= or
BlockIOWeight= be specified, then the attribute is re-assigned to each
default attribute value. (default cpu.shares=1024, blkio.weight=1000)
If only CPUShares=weight or BlockIOWeight=weight be specified, then
that implies StartupCPUShares=weight and StartupBlockIOWeight=weight.

6 years agoRevert "update gitignore"
Kay Sievers [Wed, 21 May 2014 21:14:41 +0000 (06:14 +0900)]
Revert "update gitignore"

This reverts commit 351efdc7a4d900a1aebca517dd0b46b89cdd7306.

6 years agosd-dhcp-client: factor out dhcp packet allocation
Tom Gundersen [Wed, 21 May 2014 14:46:14 +0000 (16:46 +0200)]
sd-dhcp-client: factor out dhcp packet allocation

6 years agosd-dhcp: rely on FIONREAD working
Tom Gundersen [Wed, 21 May 2014 14:31:28 +0000 (16:31 +0200)]
sd-dhcp: rely on FIONREAD working

This fallback will anyway never get tested, so rip it out.

6 years agosd-dhcp: option_append - support falling back to 'sname' and 'file'
Tom Gundersen [Wed, 21 May 2014 13:55:02 +0000 (15:55 +0200)]
sd-dhcp: option_append - support falling back to 'sname' and 'file'

6 years agosd-dhcp: make sure we can not fill options so much that there is no space for END
Tom Gundersen [Wed, 21 May 2014 13:27:53 +0000 (15:27 +0200)]
sd-dhcp: make sure we can not fill options so much that there is no space for END

6 years agonetworkd: link - serialize link when addresses change
Tom Gundersen [Wed, 21 May 2014 09:28:13 +0000 (11:28 +0200)]
networkd: link - serialize link when addresses change

Thanks to Kay for tracking this down.

6 years agoupdate gitignore
Kay Sievers [Wed, 21 May 2014 09:21:02 +0000 (18:21 +0900)]
update gitignore

6 years agohwdb: update
Kay Sievers [Wed, 21 May 2014 09:19:24 +0000 (18:19 +0900)]
hwdb: update

6 years agoutil: fix a gcc compiler warning
Lennart Poettering [Wed, 21 May 2014 08:44:45 +0000 (17:44 +0900)]
util: fix a gcc compiler warning

6 years agotimesyncd: use STR_IN_SET()
Kay Sievers [Wed, 21 May 2014 01:35:17 +0000 (10:35 +0900)]
timesyncd: use STR_IN_SET()

6 years agotimesyncd: fix english language typo
Lennart Poettering [Wed, 21 May 2014 00:36:42 +0000 (09:36 +0900)]
timesyncd: fix english language typo

6 years agologind: don't apply RemoveIPC= to system users
Lennart Poettering [Wed, 21 May 2014 00:31:22 +0000 (09:31 +0900)]
logind: don't apply RemoveIPC= to system users

We shouldn't destroy IPC objects of system users on logout.

This introduces SYSTEM_UID_MAX defined to the maximum UID of system
users. This value is determined compile-time, either as configure switch
or from /etc/login.defs. (We don't read that file at runtime, since this
is really a choice for a system builder, not the end user.)

While we are at it we then also update journald to use SYSTEM_UID_MAX
when we decide whether to split out log data for a specific client.

6 years agodhcp-lease: add support for parsing a few more dhcp options
Tom Gundersen [Tue, 20 May 2014 20:02:49 +0000 (22:02 +0200)]
dhcp-lease: add support for parsing a few more dhcp options

6 years agodhcp-lease: refactor lease parsing
Tom Gundersen [Tue, 20 May 2014 14:40:59 +0000 (16:40 +0200)]
dhcp-lease: refactor lease parsing

Use helper functions, and add some more sanity checking/asserts.

6 years agosd-dhcp: refactor parse_options
Tom Gundersen [Tue, 20 May 2014 11:07:19 +0000 (13:07 +0200)]
sd-dhcp: refactor parse_options

Similar to the previous patch, exchange a length and a pointer with only one offset variable.
Also fix the type of the options to be uint8_t[], rather than uint8_t*.

6 years agosd-dhcp: refactor dhcp_option_append
Tom Gundersen [Tue, 20 May 2014 09:04:50 +0000 (11:04 +0200)]
sd-dhcp: refactor dhcp_option_append

Store a pointer to the options in the DHCPMessage struct, and pass
this together with an offset around, rather than a uint8_t**.

This avoids us having to (re)compute the pointer; and changes
dhcp_option_append from adjusting both the pointer to the next
option and the remaining size of the options, to just adjusting
the current offset.

This makes the code a bit simpler to follow IMHO, but there should
be no functional change.

6 years agotimesyncd: save clock to disk everytime we get an NTP fix, and bump clock at boot...
Lennart Poettering [Tue, 20 May 2014 15:04:11 +0000 (00:04 +0900)]
timesyncd: save clock to disk everytime we get an NTP fix, and bump clock at boot using this

This is useful to make sure the system clock stays monotonic even on
systems that lack an RTC.

Also, why we are at it, also use the systemd release time for bumping
the clock, since it's a slightly less bad than starting with jan 1st,

This also moves timesyncd into the early bootphase, in order to make
sure this initial bump is guaranteed to have finished by the time we
start real daemons which might write to the file systemd and thus
shouldn't leave 1970's timestamps all over the place...

6 years agoudevadm-settle: fixed return code for empty queue
Harald Hoyer [Tue, 20 May 2014 10:25:16 +0000 (12:25 +0200)]
udevadm-settle: fixed return code for empty queue

If the udev queue is empty and "/run/udev/queue" does not exist,
"udevadm settle" would return with EXIT_FAILURE, because the inotify on
"/run/udev/queue" would fail with ENOENT.

This patch lets "udevadm settle" exit with EXIT_SUCCESS in this case.

6 years agoTODO
Susant Sahani [Mon, 19 May 2014 20:58:15 +0000 (22:58 +0200)]