summaryrefslogtreecommitdiffstats
path: root/docs (follow)
Commit message (Collapse)AuthorAgeFilesLines
...
* man: add man page for systemd-sysextLennart Poettering2021-01-191-0/+12
|
* Merge pull request #17576 from ↵Lennart Poettering2021-01-171-0/+3
|\ | | | | | | | | gportay/veritysetup-add-support-for-dm-verity-flags veritysetup: add support for veritytab
| * veritysetup-generator: add support for veritytabGaël PORTAY2021-01-151-0/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds the support for veritytab. The veritytab file contains at most five fields, the first four are mandatory, the last one is optional: - The first field contains the name of the resulting verity volume; its block device is set up /dev/mapper/</filename>. - The second field contains a path to the underlying block data device, or a specification of a block device via UUID= followed by the UUID. - The third field contains a path to the underlying block hash device, or a specification of a block device via UUID= followed by the UUID. - The fourth field is the roothash in hexadecimal. - The fifth field, if present, is a comma-delimited list of options. The following options are recognized only: ignore-corruption, restart-on-corruption, panic-on-corruption, ignore-zero-blocks, check-at-most-once and root-hash-signature. The others options will be implemented later. Also, this adds support for the new kernel verity command line boolean option "veritytab" which enables the read for veritytab, and the new environment variable SYSTEMD_VERITYTAB which sets the path to the file veritytab to read.
* | tree-wide: fix typoYu Watanabe2021-01-171-1/+1
| |
* | initrd: extend SYSTEMD_IN_INITRD to accept non-ramfs rootfsKairui Song2021-01-131-3/+7
|/ | | | | | | | | | | | | | | | | Sometimes, non-ramfs initrd root are useful. Eg, for kdump, because initramfs is memory consuming, so mount a compressed image in earlier initrd, chroot into it then let systemd do the rest of job is a good solution. But systemd doesn't recognize the initrd environment if rootfs is not a temporary fs. This is a reasonable check, because switch-root in initrd will wipe the whole rootfs, will be a disaster if there are any misdetect. So extend SYSTEMD_IN_INITRD environment variable, now it accepts boolean value and two extra keyword, "auto" and "lenient". "auto" is same as before, and it's the default value. "lenient" will let systemd bypass the rootfs check.
* doc: add missing comma in DISCOVERABLE_PARTITIONS.mdLennart Poettering2021-01-061-1/+1
|
* docs: fix the link to boot loader specificationGaël PORTAY2020-12-301-1/+1
| | | | | | | | The boot loader specification link points to the boot loader interface documentation. This fixes the link to point to BOOT_LOADER_SPECIFICATION instead of BOOTLOADER_INTERFACE which is itself.
* tree-wide: suggest meson command lines instead of ninja onesLennart Poettering2020-12-174-17/+19
| | | | | | | This only changes documentation. In various places we call "ninja" directly. I figured it would be safer to leave those in place for now, given the meson replacement commands lines appears to be supported in newer meson versions only.
* docs/RELEASE: clarify which steps are done whenZbigniew Jędrzejewski-Szmek2020-11-261-3/+3
|
* docs: document what VPNs should do to systemd-resolved.serviceLennart Poettering2020-11-251-0/+267
| | | | | | | | Fixes: #17588 #17512 Prompted-by: #17529 (Also relevant: #6076)
* gpt: add RISC-V GPT partition typecode uuidDimitri John Ledkov2020-11-231-0/+8
|
* Merge pull request #17651 from yuwata/the-theZbigniew Jędrzejewski-Szmek2020-11-181-2/+2
|\ | | | | tree-wide: fix "the the" and "that that"
| * tree-wide: update "that that"Yu Watanabe2020-11-181-2/+2
| |
* | JOURNAL_FILE_FORMAT: fixup typos and punctuationVito Caputo2020-11-181-7/+7
|/ | | | No significant changes
* Merge pull request #17497 from anitazha/randomizeonceLennart Poettering2020-11-101-0/+1
|\ | | | | timer: add new feature FixedRandomDelay=
| * timer: add new feature FixedRandomDelay=Kristijan Gjoshev2020-11-051-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | FixedRandomDelay=yes will use `siphash24(sd_id128_get_machine() || MANAGER_IS_SYSTEM(m) || getuid() || u->id)`, where || is concatenation, instead of a random number to choose a value between 0 and RandomizedDelaySec= as the timer delay. This essentially sets up a fixed, but seemingly random, offset for each timer iteration rather than having a random offset recalculated each time it fires. Closes #10355 Co-author: Anita Zhang <the.anitazha@gmail.com>
* | license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-092-2/+2
| |
* | seccomp: allow turning off of seccomp filtering via env varLennart Poettering2020-11-051-4/+7
|/ | | | | | | | | Fixes: #17504 (While we are it, also move $SYSTEMD_SECCOMP_LOG= env var description into the right document section) Also suggested in: https://github.com/systemd/systemd/issues/17245#issuecomment-704773603
* Merge pull request #17438 from anitazha/systoomd_quickZbigniew Jędrzejewski-Szmek2020-10-271-0/+8
|\ | | | | Additional fix ups from #17417
| * docs: update coding style for `return (void) func(...)`Anita Zhang2020-10-271-0/+8
| | | | | | | | | | Seems that people think it's useful for brevity so make it explicit in the CODING_STYLE.
* | tree-wide: fix typos found by Fossies codespell reportYu Watanabe2020-10-241-1/+1
|/
* Merge pull request #17390 from keszybz/logind-notifications-and-linksYu Watanabe2020-10-201-1/+1
|\ | | | | Fix sd_notify() usage in various daemons and update some documentation links
| * tree-wide: update web link to logind descriptionZbigniew Jędrzejewski-Szmek2020-10-191-1/+1
| | | | | | | | | | https://www.freedesktop.org/wiki/Software/systemd/multiseat/ says that it is obsoleted by sd-login(3), so it doesn't make much sense to link to the former.
* | Merge pull request #17389 from poettering/bootspec-clarificationsLennart Poettering2020-10-191-1/+21
|\ \ | | | | | | bootspec entry character set clarifications
| * | doc: document charset to use for bootspec entry namesLennart Poettering2020-10-191-1/+21
| |/ | | | | | | Prompted-by: https://github.com/systemd/systemd/issues/12572#issuecomment-711074702
* / docs: some coding style updatesLennart Poettering2020-10-191-8/+33
|/ | | | | | | | | | Primarily: 1. Mention that we prefer if return parameters carry "ret_" as prefix in their name 2. Clarify that debug-level logging is always OK, and irrelevant to when deciding whether a function is logging or non-logging.
* Merge pull request #15206 from anitazha/systoomd-v0Zbigniew Jędrzejewski-Szmek2020-10-151-0/+3
|\ | | | | systemd-oomd
| * core: add ManagedOOM*= properties to configure systemd-oomd on the unitAnita Zhang2020-10-081-0/+3
| | | | | | | | | | This adds the hook ups so it can be read with the usual systemd utilities. Used in later commits by sytemd-oomd.
* | docs: clarify that udev watches for IN_CLOSE_WRITE (and not IN_CLOSE)Lennart Poettering2020-10-101-9/+20
|/ | | | | Also, while we are at it, explain that udev won't reprobe if users just release the lock, they have to close the block device too.
* man: use paragraphs in descriptions of /tmp and /var/tmpZbigniew Jędrzejewski-Szmek2020-10-051-2/+2
| | | | | | | We have three somewhat separate ideas: what the directory is for, what $TMPDIR is for, and security considerations. Let's use paragraphs. Also, conjunctions in titles aren't capitalized usually.
* Merge pull request #17172 from keszybz/read-login-defsLennart Poettering2020-10-021-4/+5
|\ | | | | Read /etc/login.defs
| * Look at /etc/login.defs for the system_max_[ug]id valuesZbigniew Jędrzejewski-Szmek2020-10-011-4/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | It makes little sense to make the boundary between systemd and user guids configurable. Nevertheless, a completely fixed compile-time define is not enough in two scenarios: - the systemd_uid_max boundary has moved over time. The default used to be 500 for a long time. Systems which are upgraded over time might have users in the wrong range, but changing existing systems is complicated and expensive (offline disks, backups, remote systems, read-only media, etc.) - systems are used in a heterogenous enviornment, where some vendors pick one value and others another. So let's make this boundary overridable using /etc/login.defs. Fixes #3855, #10184.
* | docs: update old documentation linksnl67202020-09-292-6/+6
|/
* random-util: Add an environment variable to disable RDRAND.Kyle Huey2020-09-241-0/+3
| | | | | | | SYSTEMD_RDRAND=0 will prevent using RDRAND even on systems whose CPUID claims to support it. All other values have no effect. Fixes: #17112
* Merge pull request #17086 from keszybz/developer-mode-defaultLennart Poettering2020-09-221-0/+7
|\ | | | | Update dbus docs, make developer mode default
| * meson: make "developer" mode the defaultZbigniew Jędrzejewski-Szmek2020-09-171-0/+7
| | | | | | | | | | | | | | This means that the dbus doc consistency checks will be enabled by default, including in the CI. I think that will work better than current state where people do not enable them and them follow-up patches for the docs like the parent commit must be had.
* | doc: document the new GPT partition type UUIDsLennart Poettering2020-09-191-33/+43
|/
* exec: SystemCallLog= directiveTopi Miettinen2020-09-151-0/+1
| | | | | | | | | | | | With new directive SystemCallLog= it's possible to list system calls to be logged. This can be used for auditing or temporarily when constructing system call filters. --- v5: drop intermediary, update HASHMAP_FOREACH_KEY() use v4: skip useless debug messages, actually parse directive v3: don't declare unused variables with old libseccomp v2: fix build without seccomp or old libseccomp
* socket: New option 'FlushPending' (boolean) to flush socket before entering ↵Renaud Métrich2020-09-011-0/+1
| | | | | | | listening state Disabled by default. When Enabled, before listening on the socket, flush the content. Applies when Accept=no only.
* CONTRIBUTING: be clearer about versions and RFE processLennart Poettering2020-08-311-1/+2
| | | | Fixes: #16550
* Replace gendered pronouns with gender neutral ones. (#16844)PhoenixDiscord2020-08-271-2/+2
|
* Merge pull request #16568 from poettering/creds-storeZbigniew Jędrzejewski-Szmek2020-08-261-1/+15
|\ | | | | credentials logic to pass privileged data to services
| * man: document credentials passing in the container interfaceLennart Poettering2020-08-251-1/+15
| |
* | docs: document new recovery key user record fieldsLennart Poettering2020-08-251-0/+24
|/
* core: introduce ProtectProc= and ProcSubset= to expose hidepid= and subset= ↵Lennart Poettering2020-08-241-0/+2
| | | | | | | | | | | procfs mount options Kernel 5.8 gained a hidepid= implementation that is truly per procfs, which allows us to mount a distinct once into every unit, with individual hidepid= settings. Let's expose this via two new settings: ProtectProc= (wrapping hidpid=) and ProcSubset= (wrapping subset=). Replaces: #11670
* Merge pull request #16817 from keszybz/update-bus-api-docsZbigniew Jędrzejewski-Szmek2020-08-241-9/+10
|\ | | | | Update bus api docs
| * docs: add man/update-dbus-docs step to release instructionsZbigniew Jędrzejewski-Szmek2020-08-221-9/+10
| |
* | docs: fix gpt-auto-generator manpage linkRonan Pigott2020-08-221-1/+1
|/
* Request seccomp logging if SYSTEMD_LOG_SECCOMP environment variable is set.Steve Dodd2020-08-211-0/+4
|
* Merge pull request #16543 from poettering/nspawn-run-hostLennart Poettering2020-08-201-0/+63
|\ | | | | nspawn: /run/host/ tweaks
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-30 06:49:38 +0100