chiark / gitweb /
6 years agorules: storage - whitelist partitioned MS & MMC devices
Kay Sievers [Tue, 24 Mar 2015 22:28:25 +0000 (23:28 +0100)]
rules: storage - whitelist partitioned MS & MMC devices

On Mon, Mar 23, 2015 at 8:55 AM, Mantas Mikulėnas <> wrote:
> On Tue, Mar 17, 2015 at 11:50 PM, Kay Sievers <> wrote:
>> On Tue, Mar 17, 2015 at 5:00 PM, Mantas Mikulėnas <>
>> wrote:
>> > Accidentally dropped in 1aff20687f4868575.
>> > ---
>> >  rules/60-persistent-storage.rules | 2 +-
>> >  1 file changed, 1 insertion(+), 1 deletion(-)
>> > +KERNEL!="loop*|mmcblk[0-9]*|mspblk[0-9]*|nvme*|sd*|sr*|vd*",
>> > GOTO="persistent_storage_end"
>> We can't do that, we need to ignore the mmc*rpmb devices:
>> Maybe "mmcblk*[0-9]" will work?
> Yeah, that would probably work (the names are like mmcblk0p1 etc.)

6 years agoTODO
Tom Gundersen [Tue, 24 Mar 2015 22:05:43 +0000 (23:05 +0100)]

6 years agotimedatectl: remove unused variables
Thomas Hindoe Paaboel Andersen [Tue, 24 Mar 2015 21:55:31 +0000 (22:55 +0100)]
timedatectl: remove unused variables

6 years agoman: Second example systemd-socket-proxyd does not need a Unix socket listener.
David Strauss [Tue, 24 Mar 2015 19:25:56 +0000 (12:25 -0700)]
man: Second example systemd-socket-proxyd does not need a Unix socket listener.

6 years agorules: storage - don't apply rules to remove events
Tom Gundersen [Tue, 24 Mar 2015 14:15:45 +0000 (15:15 +0100)]
rules: storage - don't apply rules to remove events

This line was accidentally lost in 52346b5f5424.

6 years agotimedate: remove daylight saving time handling and tzfile parser
Kay Sievers [Tue, 24 Mar 2015 12:52:04 +0000 (13:52 +0100)]
timedate: remove daylight saving time handling and tzfile parser

We planned to support (the conceptually broken) daylight saving
time/local time features in the kernel, SCSI, networking, FAT
filesystem, but it turned out to be a race we cannot win and do
not want to get involved. Systemd should not fiddle with daylight
saving time or parse timezone information itself.

Leave everything to glibc or tools like date(1) and do not make any
promises or raise expectations that systemd should handle anything
like this.

6 years agotimedatectl: fix when queried system has differn't timezone
Shawn Landden [Mon, 23 Mar 2015 11:44:57 +0000 (04:44 -0700)]
timedatectl: fix when queried system has differn't timezone

Also allow getting time from time(2) when BUS_TRANSPORT_MACHINE.

v2: check for error

6 years agopo: update Russian translation
Sergey Ptashnick [Sun, 22 Mar 2015 19:00:13 +0000 (22:00 +0300)]
po: update Russian translation

Add strings for importd, following 587fec427c.

6 years agobootchart: more useful error message for common error
Shawn Landden [Mon, 23 Mar 2015 10:51:35 +0000 (03:51 -0700)]
bootchart: more useful error message for common error

Reported-by: tfirg_ on IRC
6 years agobootchart: remove duplicated code, prevent creating empty files
Shawn Landden [Mon, 23 Mar 2015 10:48:41 +0000 (03:48 -0700)]
bootchart: remove duplicated code, prevent creating empty files

In Debian and rawhide Fedora, which have CONFIG_SCHEDSTATS=n,
bootchart creates empty files in /run/log before printing an error.
Stop doing that.

Moreover this duplicated part of the code doesn't even have error checking
so there is no error avoided by doing this early.

Reported-by: tfirg_ on IRC
6 years agofstab-generator: Do not check deviceless filesystems
Tobias Hunger [Mon, 23 Mar 2015 23:53:00 +0000 (00:53 +0100)]
fstab-generator: Do not check deviceless filesystems

There is no need to check those.

6 years agofstab-generator: Support root on tmpfs (or other deviceless FS)
Tobias Hunger [Mon, 23 Mar 2015 23:52:59 +0000 (00:52 +0100)]
fstab-generator: Support root on tmpfs (or other deviceless FS)

This allows for stateless systems.

6 years agosd-rtnl: handle empty multi-part message from the kernel
Alin Rauta [Wed, 18 Mar 2015 12:06:19 +0000 (05:06 -0700)]
sd-rtnl: handle empty multi-part message from the kernel

We strips out NLMSG_DONE piece from a multi-part message adding into the
receive queue only the messages containing actual data.

If we send a request to the kernel for getting the forwarding database table (just an example),
the response will be a multi-part message like below:
1. FDB entry 1;
2. FDB entry 2;

We strip out "3. NLMSG_DONE;" part and places into the receive queue a pointer to
"1. FDB entry 1; 2. FDB entry 2".

But if the FDB table is empty, the respose from the kernel will look like below:

We strip out "1. NLMSG_DONE;" part and since there is no actual data got, it continues
waiting until reaching timeout.

Therefore, a call to "sd_rtnl_call" to send and wait for a response from kernel will exit
with timeout which is interpreted as error in communication.

This patch puts the NLMSG_DONE message on the receive queue if it ends an empty multi-part
message. This situation is detected in sd_rtnl_call() and in the callback code and NULL is
returned to the caller instead.

  - added/reworded commit message
  - extend the same support to sd_rtnl_call_async()
  - drop debug logging from library, we only do this if something is really wrong, but an
    empty multi-part message is perfectly normal
  - modernize the code we touch whilst we are at it]

6 years agoman: add journal-remote.conf(5)
Chris Morgan [Sun, 22 Mar 2015 00:47:46 +0000 (20:47 -0400)]
man: add journal-remote.conf(5)

6 years agotimedated: fix enable/disable reversal
Zbigniew Jędrzejewski-Szmek [Sat, 21 Mar 2015 23:21:17 +0000 (19:21 -0400)]
timedated: fix enable/disable reversal

Bug introduced in 984f1b1d1b. The state was flipped later,
but the enable/disable routine made use of the state to decide
what to do.

context_enable_ntp() and context_start_ntp() now get the desired
state directly, so the Context parameter can be removed.

6 years agocore: make SELinux enable/disable check symmetric
Zbigniew Jędrzejewski-Szmek [Sat, 21 Mar 2015 22:50:10 +0000 (18:50 -0400)]
core: make SELinux enable/disable check symmetric

We'd use the generic check for disable, and a unit-file-specific one for enable.
Use the more specific one both ways.

systemd[1]: SELinux access check scon=system_u:system_r:systemd_timedated_t:s0 tcon=system_u:system_r:init_t:s0 tclass=system perm=disable path=(null) cmdline=/usr/lib/systemd/systemd-timedated: -13
systemd[1]: SELinux access check scon=system_u:system_r:systemd_timedated_t:s0 tcon=system_u:object_r:systemd_unit_file_t:s0 tclass=service perm=enable path=/usr/lib/systemd/system/systemd-timesyncd.service cmdline=/usr/lib/systemd/systemd-timedated: -13

6 years agotimedated: flip internal status after executing operation
Zbigniew Jędrzejewski-Szmek [Sat, 21 Mar 2015 21:40:20 +0000 (17:40 -0400)]
timedated: flip internal status after executing operation

timedated would set the internal status before calling out to systemd to do
the actual change. When the operation was refused because of a SELinux denial,
the state kept in timedated would get out of sync, and the second call from
timedatectl would appear to succeed.

6 years agomissing.h: add more btrfs types and defines
Michael Olbrich [Wed, 18 Mar 2015 13:04:55 +0000 (14:04 +0100)]
missing.h: add more btrfs types and defines

6 years agofstab-generator: ignore invalid swap priority
Zbigniew Jędrzejewski-Szmek [Sat, 21 Mar 2015 15:31:16 +0000 (11:31 -0400)]
fstab-generator: ignore invalid swap priority

A failed priority is not something worth stopping boot over. Most people
have only one swap device, in which case priority is irrelevant, and even
if there is more than one swap device, they are all usable, and ignoring the
priority field should only result in some loss of performance.

The kernel will report the priority as -1 if not set, so it's easy for
people to make this mistake.

6 years agonetworkd: use LOG_WARN not LOG_ERR for non-fatal errors
Zbigniew Jędrzejewski-Szmek [Mon, 16 Mar 2015 15:35:12 +0000 (11:35 -0400)]
networkd: use LOG_WARN not LOG_ERR for non-fatal errors

6 years agoshared/mkdir: do not set errno in addition to return value
Zbigniew Jędrzejewski-Szmek [Mon, 16 Mar 2015 15:34:39 +0000 (11:34 -0400)]
shared/mkdir: do not set errno in addition to return value

All callers look at the return value anyway.

6 years agorules: avoid 'device/' accesses
David Herrmann [Fri, 20 Mar 2015 11:28:12 +0000 (12:28 +0100)]
rules: avoid 'device/' accesses

We should never access parents, as the sysfs hierarchy is in no way
stable. Use KERNELS== etc. to match on a parent, then access it via
$attr{} (which accesses the matching device, not the current device).

6 years agorules: fix input-name for keyboard rules
David Herrmann [Fri, 20 Mar 2015 09:44:21 +0000 (10:44 +0100)]
rules: fix input-name for keyboard rules

We match on the evdev node, but only the parent has a "name" attribute.
Use $attr{device/name} to access it.

This is borked since 2013, I wonder how that ever worked? Maybe this will
suddenly fix all the DMI-based key detections.

Thanks to Peter Hutterer for catching this!

6 years agoman: add h/H to tmpfiles.d(5)
Goffredo Baroncelli [Mon, 16 Mar 2015 19:33:51 +0000 (20:33 +0100)]
man: add h/H to tmpfiles.d(5)

6 years agoAllow systemd-tmpfiles to set the file/directory attributes
Goffredo Baroncelli [Mon, 16 Mar 2015 19:33:50 +0000 (20:33 +0100)]
Allow systemd-tmpfiles to set the file/directory attributes

Allow systemd-tmpfiles to set the file/directory attributes, like
chattr(1) does. Two more commands are added: 'H' and 'h' to set the
attributes, recursively and not.

6 years agoAdd change_attr_fd()
Goffredo Baroncelli [Mon, 16 Mar 2015 19:33:49 +0000 (20:33 +0100)]
Add change_attr_fd()

Add change_attr_fd() function to modify the file/directory attribute.

6 years agopo: updated Swedish translation
Sebastian Rasmussen [Fri, 20 Mar 2015 01:55:25 +0000 (21:55 -0400)]
po: updated Swedish translation

6 years agohwdb: ship & sdio.ids in the release tarballs
Dimitri John Ledkov [Mon, 16 Mar 2015 22:54:07 +0000 (22:54 +0000)]
hwdb: ship & sdio.ids in the release tarballs

This makes it easier to apply stable branch patches on top of the
release tarball.

6 years agohwdb: add HP ProBook 450G0
Zbigniew Jędrzejewski-Szmek [Thu, 19 Mar 2015 23:48:57 +0000 (19:48 -0400)]
hwdb: add HP ProBook 450G0

6 years agofsck: use %zu for size_t
Thomas Hindoe Paaboel Andersen [Wed, 18 Mar 2015 21:36:16 +0000 (22:36 +0100)]
fsck: use %zu for size_t

cur and max were changed to size_t in ac6e2f0dfc2e800f01c79ecea2b811914110a7b9
update the format accordingly.

6 years agoresolved: Do not add .busname dependencies, when compiling without kdbus.
Dimitri John Ledkov [Tue, 17 Mar 2015 15:37:07 +0000 (16:37 +0100)]
resolved: Do not add .busname dependencies, when compiling without kdbus.

6 years agostrv: return NULL from strv_free()
David Herrmann [Tue, 17 Mar 2015 11:20:31 +0000 (12:20 +0100)]
strv: return NULL from strv_free()

We always return NULL/invalid-object from destructors, fix strv_free() to
do the same.

6 years agobootctl: drop redundant parse_argv()
David Herrmann [Mon, 16 Mar 2015 20:07:38 +0000 (21:07 +0100)]
bootctl: drop redundant parse_argv()

We already call parse_argv() from main(), don't call it here again.

6 years agolibudev: private - introduce udev_device_new_from_synthetic_event()
Tom Gundersen [Sun, 15 Mar 2015 16:10:17 +0000 (17:10 +0100)]
libudev: private - introduce udev_device_new_from_synthetic_event()

This allows set_action(), read_uevent_file() and read_db() to be made internal to libudev.

6 years agoconsole-getty.service: don't start when /dev/console is missing
Jan Pazdziora [Fri, 13 Mar 2015 11:57:18 +0000 (12:57 +0100)]
console-getty.service: don't start when /dev/console is missing

Create minimal image which runs systemd

   FROM rhel7.1
   RUN yum install -y /usr/bin/ps
   ENV container docker
   CMD [ "/usr/sbin/init" ]

When you run the container without -t, the process

   /sbin/agetty --noclear --keep-baud console 115200 38400 9600

is not happy and checking the journal in the container, there is a stream of

Mar 13 04:50:15 11bf07f59fff agetty[66]: /dev/console: No such file or directory
Mar 13 04:50:25 11bf07f59fff systemd[1]: console-getty.service holdoff time over, scheduling restart.
Mar 13 04:50:25 11bf07f59fff systemd[1]: Stopping Console Getty...
Mar 13 04:50:25 11bf07f59fff systemd[1]: Starting Console Getty...
Mar 13 04:50:25 11bf07f59fff systemd[1]: Started Console Getty.
Mar 13 04:50:25 11bf07f59fff agetty[67]: /dev/console: No such file or directory
Mar 13 04:50:35 11bf07f59fff systemd[1]: console-getty.service holdoff time over, scheduling restart.
Mar 13 04:50:35 11bf07f59fff systemd[1]: Stopping Console Getty...
Mar 13 04:50:35 11bf07f59fff systemd[1]: Starting Console Getty...
Mar 13 04:50:35 11bf07f59fff systemd[1]: Started Console Getty.
Mar 13 04:50:35 11bf07f59fff agetty[74]: /dev/console: No such file or directory
Mar 13 04:50:45 11bf07f59fff systemd[1]: console-getty.service holdoff time over, scheduling restart.
Mar 13 04:50:45 11bf07f59fff systemd[1]: Stopping Console Getty...
Mar 13 04:50:45 11bf07f59fff systemd[1]: Starting Console Getty...

6 years agocore/namespace: fix path sorting
Michal Schmidt [Mon, 16 Mar 2015 21:04:21 +0000 (22:04 +0100)]
core/namespace: fix path sorting

The comparison function we use for qsorting paths is overly indifferent.
Consider these 3 paths for sorting:
qsort() may compare:
 "/foo" with "/bar" => 0, indifference
 "/bar" with "/foo/foo" => 0, indifference
and assume transitively that "/foo" and "/foo/foo" are also indifferent.

But this is wrong, we want "/foo" sorted before "/foo/foo".
The comparison function must be transitive.

Use path_compare(), which behaves properly.


6 years agoshared: add path_compare(), an ordering path comparison
Michal Schmidt [Mon, 16 Mar 2015 20:58:35 +0000 (21:58 +0100)]
shared: add path_compare(), an ordering path comparison

... and make path_equal() a simple wrapper around it.

6 years agorules: keyboard - prefix "atkbd" match strings like we prefix the "name" strings
Kay Sievers [Mon, 16 Mar 2015 17:43:14 +0000 (18:43 +0100)]
rules: keyboard - prefix "atkbd" match strings like we prefix the "name" strings

6 years agorules: keyboard - only search the "input" subsystem for the modalias
Kay Sievers [Mon, 16 Mar 2015 17:33:45 +0000 (18:33 +0100)]
rules: keyboard - only search the "input" subsystem for the modalias

6 years agofsckd: check if plymouth is running before attempting connection
Didier Roche [Tue, 10 Mar 2015 09:05:19 +0000 (10:05 +0100)]
fsckd: check if plymouth is running before attempting connection

6 years agofsckd: Don't use strjoina on gettext() call
Didier Roche [Tue, 10 Mar 2015 07:58:23 +0000 (08:58 +0100)]
fsckd: Don't use strjoina on gettext() call

6 years agoshared - reinstate plymouth_running()
Tom Gundersen [Mon, 16 Mar 2015 17:29:26 +0000 (18:29 +0100)]
shared - reinstate plymouth_running()

This will be used by fsckd. This reverts part of

6 years agocore: Remove explicit Plymouth integration
Jasper St. Pierre [Mon, 16 Mar 2015 16:34:59 +0000 (09:34 -0700)]
core: Remove explicit Plymouth integration

Even if plymouth is running, it might have not displayed the splash yet,
so we'll see a few lines on fbcon when we should have otherwise had

Plymouth integration was added to systemd in commit
6faa11140bf776cdaeb8d22d01816e6e48296971. That same day, Plymouth got
systemd integration [0]. As such, the Plymouth integration has always
been obsolete, and was probably only for older Plymouth's. But I can't
imagine anybody running a Plymouth from 2011 with a systemd from 2015.

Remove the Plymouth/systemd integration, and let Plymouth's code tell
systemd to print the details.


Signed-off-by: Jasper St. Pierre <>
Cc: Daniel Drake <>
Cc: Ray Strode <>
6 years agoRevert "hwdb: merge atkbd into platform matches"
David Herrmann [Mon, 16 Mar 2015 14:51:25 +0000 (15:51 +0100)]
Revert "hwdb: merge atkbd into platform matches"

This reverts commit ba76ee29bc02879fb42c048132af8889b00220d5. As it turns
out, we need to match on driver=atkbd to not load the fixups on any
plugged USB devices.

That is, whenever you use "name:<name>:dmi:<dmi>" style matches, you
better provide a name or you're screwing things up.

6 years agocore: don't change removed devices to state "tentative"
Martin Pitt [Fri, 13 Mar 2015 07:35:59 +0000 (08:35 +0100)]
core: don't change removed devices to state "tentative"

Commit 628c89c introduced the "tentative" device state, which caused
devices to go from "plugged" to "tentative" on a remove uevent. This
breaks the cleanup of stale mounts (see commit 3b48ce4), as that only
applies to "dead" devices.

The "tentative" state only really makes sense on adding a device when
we don't know where it was coming from (i. e. not from udev). But when
we get a device removal from udev we definitively know that it's gone,
so change the device state back to "dead" as before 628c89c.

6 years agorules: keyboard - remove "platform" from comments
Kay Sievers [Mon, 16 Mar 2015 12:43:50 +0000 (13:43 +0100)]
rules: keyboard - remove "platform" from comments

6 years agohwdb: merge atkbd into platform matches
David Herrmann [Mon, 16 Mar 2015 11:19:09 +0000 (12:19 +0100)]
hwdb: merge atkbd into platform matches

Currently, we always run
  hwdb 'keyboard:name:$attr{name}:$attr{[dmi/id]modalias}'
as last step to match keyboards. Therefore, if nothing else matched so
far, we still try the device-name+dmi combination.

However, we have a special atkbd rule which is only run for atkbd as:
  hwdb 'keyboard:$attr{[dmi/id]modalias}'

This is redundant, as we already pass the same information to hwdb in the
last fallback step.

This patch converts the hwdb "keyboard:dmi:*" matches to
"keyboard:name:*:dmi:*" matches and drops the redundant rule.

6 years agorules: drop redundant match
David Herrmann [Mon, 16 Mar 2015 11:05:36 +0000 (12:05 +0100)]
rules: drop redundant match

The 60-keyboard rules are already guared by KERNEL!="event*" bail-outs,
therefore, KERNELS="input*" is always true. Drop it!

6 years agohwdb: support bluetooth keyboard fixups
David Herrmann [Mon, 16 Mar 2015 11:04:38 +0000 (12:04 +0100)]
hwdb: support bluetooth keyboard fixups

Drop the restriction not to match on bluetooth devices. They are supported
just fine!

6 years agohwdb: convert to generic input-modalias matches
David Herrmann [Mon, 16 Mar 2015 11:00:46 +0000 (12:00 +0100)]
hwdb: convert to generic input-modalias matches

There is no reason to match on usb-modaliases, if we can use the
input-modalias to achieve the same. This commit changes the
keyboard-lookups to not be restricted to USB, but pass all modaliases to
the hwdb. Furthermore, we convert all usb:* matches to input:* matches,
thus getting rid of any ambiguity if multiple usb devices are chained (or
a bluetooth device / etc. is on top).

Note that legacy keyboard:usb:* matches are still supported, but
deprecated. If possible, please use keyboard:input:* matches instead.

This is a required step to make other input devices work with
60-keyboard.hwdb. Other bus-types are often chained on usb and we want to
avoid any ambiguity here if we incorrectly match on a USB hub.

6 years agopo: update Polish translation
Piotr Drąg [Sun, 15 Mar 2015 22:01:19 +0000 (23:01 +0100)]
po: update Polish translation

6 years agoman: standard-conf: change directory reference to wildcard
Alison Chaiken [Sun, 15 Mar 2015 23:26:14 +0000 (16:26 -0700)]
man: standard-conf: change directory reference to wildcard

6 years agovconsole-setup: check error of child process
Lucas De Marchi [Fri, 13 Mar 2015 17:47:28 +0000 (17:47 +0000)]
vconsole-setup: check error of child process

If we don't check the error of the child process, systemd-vconsole-setup
would exit with 0 even if it could not really setup the console.

For a simple test, move loadkeys elsewhere and execute

[root@localhost ~]# strace -f -e execve /usr/lib/systemd/systemd-vconsole-setup
execve("/usr/lib/systemd/systemd-vconsole-setup", ["/usr/lib/systemd/systemd-vconsol"...], [/* 15 vars */]) = 0
Process 171 attached
[pid   171] execve("/usr/bin/loadkeys", ["/usr/bin/loadkeys", "-q", "-C", "/dev/tty0", "br-abnt2"], [/* 15 vars */]) = -1 ENOENT (No such file or directory)
[pid   171] +++ exited with 1 +++
--- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=171, si_uid=0, si_status=1, si_utime=0, si_stime=0} ---
+++ exited with 0 +++

Note that loadkeys returned 1 while systemd-vconsole-setup return 0.

Since the font and keyboard setup are already serialized, refactor the
code a little bit so the functions do the wait by themselves. One change
in behavior in this patch is that we don't return early, but we do try
to setup the keyboard even if the font load failed.

6 years agonetwork: add UseNTP DHCP option
Michael Marineau [Fri, 13 Mar 2015 19:01:29 +0000 (12:01 -0700)]
network: add UseNTP DHCP option

Despite having the internal logic in place to enable/disable using NTP
servers provided by DHCP the network config didn't expose the option.

6 years agoAdd (void) where we don't care about return value
Zbigniew Jędrzejewski-Szmek [Sun, 15 Mar 2015 21:17:24 +0000 (17:17 -0400)]
Add (void) where we don't care about return value

6 years agojournal-gatewayd: factor out opening of temp file
Zbigniew Jędrzejewski-Szmek [Sun, 15 Mar 2015 21:13:43 +0000 (17:13 -0400)]
journal-gatewayd: factor out opening of temp file

Also use our own mkostemp wrapper, which tries to use O_TMPFILE.

6 years agologind: check return value of session_release
Zbigniew Jędrzejewski-Szmek [Sun, 15 Mar 2015 20:37:39 +0000 (16:37 -0400)]
logind: check return value of session_release

It allocates memory, so it can fail.

CID #1237527.

6 years agoutil: check asprintf return value
Zbigniew Jędrzejewski-Szmek [Sun, 15 Mar 2015 19:59:23 +0000 (15:59 -0400)]
util: check asprintf return value

CID #1237546.

6 years agocore: remove useless debug message
Zbigniew Jędrzejewski-Szmek [Sun, 15 Mar 2015 16:12:19 +0000 (12:12 -0400)]
core: remove useless debug message

Mar 13 19:48:28 systemd[1]: Collecting (null)
Mar 13 19:48:28 systemd[1]: Collecting (null)
Mar 13 19:48:28 systemd[1]: Collecting (null)
Mar 13 19:48:28 systemd[1]: Collecting (null)
Mar 13 19:48:28 systemd[1]: Collecting (null)
Mar 13 19:48:28 systemd[1]: Collecting (null)
Mar 13 19:48:28 systemd[1]: Collecting (null)

6 years agolibudev-monitor: use initialization
Zbigniew Jędrzejewski-Szmek [Sun, 15 Mar 2015 11:31:20 +0000 (07:31 -0400)]
libudev-monitor: use initialization

6 years agotimesyncd: enable timesyncd in virtual machines
Kay Sievers [Sun, 15 Mar 2015 18:44:59 +0000 (19:44 +0100)]
timesyncd: enable timesyncd in virtual machines

On Fri, Mar 13, 2015 at 8:25 PM, Michael Marineau <> wrote:
> Currently systemd-timesyncd.service includes
> ConditionVirtualization=no, disabling it in both containers and
> virtual machines. Each VM platform tends to deal with or ignore the
> time problem in their own special ways, KVM/QEMU has the kernel time
> source kvm-clock, Xen has had different schemes over the years, VMware
> expects a userspace daemon sync the clock, and other platforms are
> content to drift with the wind as far as I can tell.
> I don't know of a robust way to know if a platform needs a little
> extra help from userspace to keep the clock sane or not but it seems
> generally safer to try than to risk drifting. Does anyone know of a
> reason to leave timesyncd off by default? Otherwise switching to
> ConditionVirtualization=!container should be reasonable.

6 years agojournald: add syslog fields for audit messages
Zbigniew Jędrzejewski-Szmek [Wed, 4 Mar 2015 15:31:42 +0000 (10:31 -0500)]
journald: add syslog fields for audit messages

Audit messages would be displayed as "unknown[1]".

Also specify AUTH as facility... This seems to be the closest match
(/* security/authorization messages */).

6 years agosysctl: tweak debug message
Zbigniew Jędrzejewski-Szmek [Sun, 15 Mar 2015 02:56:01 +0000 (22:56 -0400)]
sysctl: tweak debug message

6 years agocryptsetup-generator: remove warning about crypttab access mode
Zbigniew Jędrzejewski-Szmek [Sun, 15 Mar 2015 02:35:30 +0000 (22:35 -0400)]
cryptsetup-generator: remove warning about crypttab access mode

This file contains no privileged data — just names of devices to decrypt
and files containing keys. On a running system most of this can be inferred from
the device tree anyway.

6 years agoudev: downgrade "has devpath" and "filled with db file" messages
Zbigniew Jędrzejewski-Szmek [Sun, 15 Mar 2015 02:22:49 +0000 (22:22 -0400)]
udev: downgrade "has devpath" and "filled with db file" messages

Udev debug messages have to be significantly overhauled... For now
just downgrade those two. They are responsible for approximately 25%
of debug output during boot and are rather useless.

6 years agogpt-auto-generator: prefix messages with device name
Zbigniew Jędrzejewski-Szmek [Sun, 15 Mar 2015 02:15:05 +0000 (22:15 -0400)]
gpt-auto-generator: prefix messages with device name

6 years agocore: do not use quotes around virt and arch
Zbigniew Jędrzejewski-Szmek [Sun, 15 Mar 2015 01:49:10 +0000 (21:49 -0400)]
core: do not use quotes around virt and arch

Quotes are useful when the string can contain spaces or be otherwise
confusing. Not possible with those two.

6 years agosysv-generator: initialize LookupPaths just once
Zbigniew Jędrzejewski-Szmek [Sun, 15 Mar 2015 01:46:59 +0000 (21:46 -0400)]
sysv-generator: initialize LookupPaths just once

With debugging on, sysv-generator would print the full set of
lookup paths for *every* sysv script.

While at it, pass LookupPaths as a pointer in sysv-generator,
and constify it everywhere.

6 years agotmpfiles: remove redundant debug message
Zbigniew Jędrzejewski-Szmek [Sun, 15 Mar 2015 00:24:47 +0000 (20:24 -0400)]
tmpfiles: remove redundant debug message

Mar 13 19:48:30 systemd-tmpfiles[970]: "/var/lib/machines" has right mode 40700
Mar 13 19:48:30 systemd-tmpfiles[970]: /var/lib/machines created successfully.

6 years agoutil: remove redundant debug message
Zbigniew Jędrzejewski-Szmek [Sun, 15 Mar 2015 00:14:39 +0000 (20:14 -0400)]
util: remove redundant debug message

mar 14 20:05:34 fedora22 systemd[4058]: /usr/lib/systemd/system-generators/ will be executed.
mar 14 20:05:34 fedora22 systemd[4058]: Spawned /usr/lib/systemd/system-generators/ as 4059.

The second line already says everything.

6 years agounits: there is no systemd-udev-hwdb-update.service
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 21:56:13 +0000 (17:56 -0400)]
units: there is no systemd-udev-hwdb-update.service

6 years agocore: remove left-over debug message
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 21:41:53 +0000 (17:41 -0400)]
core: remove left-over debug message

6 years agoservice: don't add After= dependencies on .busname units if kdbus support is disabled
Michael Biebl [Sat, 14 Mar 2015 15:48:54 +0000 (16:48 +0100)]
service: don't add After= dependencies on .busname units if kdbus support is disabled

6 years agoudev-ctrl: fix strict aliasing issues
Shawn Landden [Wed, 11 Mar 2015 04:01:47 +0000 (21:01 -0700)]
udev-ctrl: fix strict aliasing issues

it is ironic that
"The only purpose of this structure is to cast the structure pointer
passed in addr in order to avoid compiler warnings.  See EXAMPLE below."
from bind(2)

6 years agosd-dhcp-client: fix strict aliasing issue
Shawn Landden [Wed, 11 Mar 2015 03:45:15 +0000 (20:45 -0700)]
sd-dhcp-client: fix strict aliasing issue

6 years agoman: add sd_event_{run,wait,prepare,dispatch,loop}
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 01:35:32 +0000 (21:35 -0400)]
man: add sd_event_{run,wait,prepare,dispatch,loop}

6 years agosd-event: sd_event_run - only return 0 on timeout
Tom Gundersen [Sat, 14 Mar 2015 11:09:20 +0000 (12:09 +0100)]
sd-event: sd_event_run - only return 0 on timeout

sd_event_dispatch() returns 0 on FINISH, so let's eat that up.

6 years agosd-event: rename PASSIVE/PREPARED to INITIAL/ARMED
Tom Gundersen [Sat, 14 Mar 2015 10:47:35 +0000 (11:47 +0100)]

6 years agoselinux: fix SEGV during switch-root if SELinux policy loaded
Will Woods [Fri, 13 Mar 2015 21:24:46 +0000 (17:24 -0400)]
selinux: fix SEGV during switch-root if SELinux policy loaded

If you've got SELinux policy loaded, label_hnd is your labeling handle.
When systemd is shutting down, we free that handle via mac_selinux_finish().

But: switch_root() calls mkdir_p_label(), which tries to look up a label
using that freed handle, and so we get a bunch of garbage and eventually
SEGV in libselinux.

(This doesn't happen in the switch-root from initramfs to real root because
there's no SELinux policy loaded in initramfs, so label_hnd is NULL and we
never attempt any lookups.)

So: make sure that mac_selinux_finish() actually sets label_hnd to NULL, so
nobody tries to use it after it becomes invalid.

6 years agoman: fix indentation of copyright headers
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:26:47 +0000 (21:26 -0500)]
man: fix indentation of copyright headers

6 years agoman: no paren in link
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:26:34 +0000 (21:26 -0500)]
man: no paren in link

6 years agoman: fix name of systemd.journal-fields(7)
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:26:20 +0000 (21:26 -0500)]
man: fix name of systemd.journal-fields(7)

6 years agoman: fix link to strerror(3)
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:26:06 +0000 (21:26 -0500)]
man: fix link to strerror(3)

6 years agoman: s/sd_bus_message_get_seqno/sd_bus_message_get_seqnum/
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:25:52 +0000 (21:25 -0500)]
man: s/sd_bus_message_get_seqno/sd_bus_message_get_seqnum/

6 years agoman: fix name of systemd.resource-control(5)
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:25:37 +0000 (21:25 -0500)]
man: fix name of systemd.resource-control(5)

6 years agoman: link to fd.o for dbus stuff
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:24:30 +0000 (21:24 -0500)]
man: link to fd.o for dbus stuff

6 years agoman: link to for inetd(8)
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:23:24 +0000 (21:23 -0500)]
man: link to for inetd(8)

6 years agoman: fix a bunch of links
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:22:39 +0000 (21:22 -0500)]
man: fix a bunch of links

All hail linkchecker!

6 years agosd-daemon: simplify sd_pid_notify_with_fds
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:22:05 +0000 (21:22 -0500)]
sd-daemon: simplify sd_pid_notify_with_fds

Coverity was complaining that CMSG_NXTHDR is used without
checking the return value. In this case it cannot fail, but
it is a good excuse to simplify the function a bit.

CID #1261726.

6 years agoudev: properly calculate size of remaining data
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:22:02 +0000 (21:22 -0500)]
udev: properly calculate size of remaining data

The data comes from the kernel, so chances of it being
garbled are low, but for correctness' sake, add the check.

CID #996458.

6 years agotest-dhcp-option: conform to usual coding style
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:22:00 +0000 (21:22 -0500)]
test-dhcp-option: conform to usual coding style

6 years agotest-dhcp-option: add assert to check index is nonnegative
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:21:58 +0000 (21:21 -0500)]
test-dhcp-option: add assert to check index is nonnegative

CID #1237623.

6 years agocore: check asprintf return value
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:21:52 +0000 (21:21 -0500)]
core: check asprintf return value

CID #1261729.

6 years agocore: print warning on invalid swap pri= field
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:21:46 +0000 (21:21 -0500)]
core: print warning on invalid swap pri= field

CID #1264371.

6 years agocore: one more (void)
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:21:41 +0000 (21:21 -0500)]
core: one more (void)

CID #996308.

6 years agologind: explicitly ignore errors we can do nothing about
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:21:38 +0000 (21:21 -0500)]
logind: explicitly ignore errors we can do nothing about

CID #1237545.

6 years agobus: explicitly ignore failure during error handling
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:21:05 +0000 (21:21 -0500)]
bus: explicitly ignore failure during error handling

CID #1237548.

6 years agocore: explicitly ignore failure during cleanup
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:20:59 +0000 (21:20 -0500)]
core: explicitly ignore failure during cleanup

CID #1237550.

6 years agocore: don't wait for reply if writing to pipe fails
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:20:53 +0000 (21:20 -0500)]
core: don't wait for reply if writing to pipe fails

This shouldn't really happen, but it's seems cleaner to
continue on error.

CID #1237552.

6 years agocore: either ignore or handle mount failures
Zbigniew Jędrzejewski-Szmek [Sat, 14 Mar 2015 02:20:47 +0000 (21:20 -0500)]
core: either ignore or handle mount failures

/dev/pts/ptmx is as important as /dev/pts, so error out if that
fails. Others seem less important, since the namespace is usable
without them, so ignore failures.

CID #123755, #123754.