summaryrefslogtreecommitdiffstats
Commit message (Collapse)AuthorAgeFilesLines
* presets: "disable" all passive targets by defaultZbigniew Jędrzejewski-Szmek2020-02-042-4/+27
| | | | | | | | | | | | | Officially we default to a "enable *", even though pretty much everybody overrides this with "disable *". We have a bunch of targets and services which should not be enabled by default. In case the default policy is not overriden, our passive units would be enabled by presets, which is generally not useful at all. So let's explicitly mark them as disabled. Note that this effectively changes very little. E.g. on Fedora, all the units listed in this patch were "disabled" already. Fixes #14648.
* Merge pull request #14589 from keszybz/sysctl-downgrade-messagesZbigniew Jędrzejewski-Szmek2020-02-047-94/+248
|\ | | | | sysctl: add glob patterns to set network settings more flexibly
| * sysctl: set ipv4 settings in a race-free wayZbigniew Jędrzejewski-Szmek2020-02-041-0/+6
| | | | | | | | | | | | | | | | | | | | | | Fixes #6282. This solution is a bit busy, but we close the race without setting *.all.*, so it is still possible to set a different setting for particular interfaces. Setting just "default" is not very useful because any interfaces present before systemd-sysctl is invoked are not affected. Setting "all" is too harsh, because the kernel takes the stronger of the device-specific setting and the "all" value, so effectively having a weaker setting for specific interfaces is not possible.
| * sysctl: add glob syntax to sysctl.d filesZbigniew Jędrzejewski-Szmek2020-02-042-70/+156
| | | | | | | | | | | | | | | | | | This is intended for net.*.conf.*.foo files. Setting just "default" is not very useful because any interfaces present before systemd-sysctl is invoked are not affected. Setting "all" is too harsh, because the kernel takes the stronger of the device-specific setting and the "all" value, so effectively having a weaker setting for specific interfaces is not possible. Let's add a way in which can set "default" first and then all the others without "all".
| * man: add syntax quickhelp to sysctl.d(5)Zbigniew Jędrzejewski-Szmek2020-01-301-0/+7
| |
| * Revert "sysctl: always write net.ipv4.conf.all.xyz= in addition to ↵Zbigniew Jędrzejewski-Szmek2020-01-301-3/+3
| | | | | | | | | | | | | | | | | | net.ipv4.conf.default.xyz=" This reverts commits 1836bf9e1d70240c8079e4db4312309f4f1f91fd and 9fefb9e3cdebcefa681672423d23ccc72ae6c165. The race is reintroduced, and will be fixed later.
| * man: document logging downgrade in systemctlZbigniew Jędrzejewski-Szmek2020-01-301-5/+6
| | | | | | | | Fixup for 32458cc968.
| * shared/sysctl-util: normalize repeated slashes or dots to a single valueZbigniew Jędrzejewski-Szmek2020-01-303-13/+67
| | | | | | | | | | | | | | | | | | We use those strings as hash keys. While writing "a...b" looks strange, "a///b" does not look so strange. Both syntaxes would actually result in the value being correctly written to the file, but they would confuse our de-deplication over keys. So let's normalize. Output also becomes nicer. Add test.
| * shared/sysctl-util: add missing headerZbigniew Jędrzejewski-Szmek2020-01-161-1/+1
| | | | | | | | one_zero() is used later in the header...
* | l10n: update Czech TranslationAsciiWolf2020-02-031-13/+97
| |
* | Merge pull request #14747 from yuwata/core-dynamic-user-14733Anita Zhang2020-02-031-1/+1
|\ \ | | | | | | core: call dynamic_user_acquire() only when 'group' is non-null
| * | core: call dynamic_user_acquire() only when 'group' is non-nullYu Watanabe2020-02-031-1/+1
|/ / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | When unit is reloaded, and the reloaded unit has bad-setting, then unit_patch_contexts() is not called and exec_context::user and group may not be configured. A minimum reproducer for the case is: - step 1. $ sudo systemctl edit --full hoge.service [Service] oneshot ExecStart=sleep 1h - step 2. $ sudo systemctl start hoge.service - step 3. $ sudo systemctl edit --full hoge.service [Service] Type=oneshot ExecStart=@bindir@/sleep 1h DynamicUser=yes Then pid1 crashed. Fixes #14733.
* | journal: drop unreachable pathYu Watanabe2020-02-031-2/+2
| |
* | po: update French translationsplantefeve2020-02-031-6/+63
| |
* | udev: add {Receive,Transmit}ChecksumOffload= settingsYu Watanabe2020-02-035-25/+50
| | | | | | | | Closes #14661.
* | network: add SuppressPrefixLength option to RoutingPolicyRule (#14736)Naïm Favier2020-02-039-230/+337
| | | | | | Closes #14724.
* | po: update Japanese translationYu Watanabe2020-02-021-9/+90
| |
* | po: update Polish translationPiotr Drąg2020-02-021-2/+59
| |
* | update NEWSLennart Poettering2020-02-021-0/+50
| |
* | Merge pull request #14645 from keszybz/sd-bus-message-dumpLennart Poettering2020-02-0213-37/+148
|\ \ | | | | | | sd_bus_message_dump
| * | man: document man/sd_bus_message_dump.xmlZbigniew Jędrzejewski-Szmek2020-01-303-0/+109
| | |
| * | sd-bus: export sd_bus_message_dumpZbigniew Jędrzejewski-Szmek2020-01-2310-24/+26
| | | | | | | | | | | | Fixes #14640.
| * | sd-bus: make dump flags publicZbigniew Jędrzejewski-Szmek2020-01-238-31/+31
| | |
* | | Merge pull request #14699 from yuwata/dhcp6-fix-t1-t2Lennart Poettering2020-02-021-9/+8
|\ \ \ | | | | | | | | dhcp6: do not use T1 and T2 longer than one provided by the lease
| * | | dhcp6: coding style fixesYu Watanabe2020-01-311-7/+7
| | | |
| * | | dhcp6: do not use T1 and T2 longer than one provided by the leaseYu Watanabe2020-01-311-2/+1
| | | | | | | | | | | | | | | | Fixes #12623.
* | | | util: uid_t, gid_t, and pid_t must be 32bitYu Watanabe2020-02-025-34/+9
| | | | | | | | | | | | | | | | | | | | We already have assert_cc(sizeof(uid_t) == sizeof(uint32_t)) or friends at various places.
* | | | meson: fix feature listYu Watanabe2020-02-021-1/+1
| | | |
* | | | Merge pull request #14719 from yuwata/sd-boot-fix-warningsLennart Poettering2020-02-023-7/+7
|\ \ \ \ | | | | | | | | | | sd-boot: fix warnings
| * | | | sd-boot: fix -Wpointer-sign warningYu Watanabe2020-01-312-6/+6
| | | | |
| * | | | sd-boot: fix warning about comparison is always trueYu Watanabe2020-01-311-1/+1
| | | | |
* | | | | sysusers: support creating users with a specific primary groupDavid Michael2020-02-0212-23/+88
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This extends the "uid:gid" syntax for "u" lines so that a group name can be given instead of a GID. This requires that the group is either queued for creation by sysusers, or it is already defined on the system. Closes #14340
* | | | | Merge pull request #14672 from yuwata/network-routing-policy-uidrangeYu Watanabe2020-02-0210-2/+164
|\ \ \ \ \ | | | | | | | | | | | | network: support UID based routing policy
| * | | | | test-network: add test for UID based routing policyYu Watanabe2020-02-022-0/+40
| | | | | |
| * | | | | network: support UID based routing policyYu Watanabe2020-02-026-2/+100
| | | | | | | | | | | | | | | | | | | | | | | | Closes #14666.
| * | | | | util: add parse_uid_range() helper functionYu Watanabe2020-02-022-0/+24
|/ / / / /
* | | | | meson, man: do not install pam_systemd_home(8) when pam or homed is disabledYu Watanabe2020-02-013-2/+5
| | | | | | | | | | | | | | | | | | | | Fixes #14725.
* | | | | test: don't install /etc/securettyFrantisek Sumsal2020-02-011-1/+0
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Having /etc/securetty in test containers prevents root from logging into them: ``` Jan 31 10:15:11 systemd-testsuite login[69]: pam_securetty(login:auth): access denied: tty 'pts/0' is not secure ! Jan 31 10:15:11 systemd-testsuite login[69]: FAILED LOGIN 1 FROM pts/0 FOR root, Authentication failure ```
* | | | | Merge pull request #14178 from poettering/journal-namespaceLennart Poettering2020-02-0159-471/+1386
|\ \ \ \ \ | | | | | | | | | | | | journal: add concept of "journal namespaces"
| * | | | | update TODOLennart Poettering2020-01-311-5/+0
| | | | | |
| * | | | | man: document --namespace= switch of journalctlLennart Poettering2020-01-311-0/+12
| | | | | |
| * | | | | man: document the new sd_journal_open_namespace() APILennart Poettering2020-01-312-1/+25
| | | | | |
| * | | | | man: document LogNamespace= unit settingLennart Poettering2020-01-311-0/+34
| | | | | |
| * | | | | man: document new _NAMESPACE= journal fieldLennart Poettering2020-01-311-0/+9
| | | | | |
| * | | | | man: document journald@NAMESPACE.confLennart Poettering2020-01-312-27/+25
| | | | | |
| * | | | | man: document journald namespacesLennart Poettering2020-01-312-6/+54
| | | | | |
| * | | | | journalctl: underline sections in --helpLennart Poettering2020-01-311-6/+7
| | | | | |
| * | | | | units: define RuntimeDirectory= in systemd-journald.serviceLennart Poettering2020-01-311-0/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It doesn't get us much, but makes the differences between the templated and non-templated versions a bit smaller.
| * | | | | units: sort settings in systemd-journald.service againLennart Poettering2020-01-311-1/+1
| | | | | |
| * | | | | tmpfiles: apply ACLs to top-level journal directory in /run, tooLennart Poettering2020-01-311-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We already apply them to the directory in /var. Let's do the same in /run too. That's because due to the log namespace logic we nowadays can gain additional subdirs there during regular operation.
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-03 08:41:13 +0100