| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Some ambiguity (e.g., same-named man pages in multiple volumes)
makes it impossible to fully automate this, but the following
Python snippet (run inside the man/ directory of the systemd repo)
helped to generate the sed command lines (which were subsequently
manually reviewed, run and the false positives reverted):
from pathlib import Path
import lxml
from lxml import etree as ET
man2vol: dict[str, str] = {}
man2citerefs: dict[str, list] = {}
for file in Path(".").glob("*.xml"):
tree = ET.parse(file, lxml.etree.XMLParser(recover=True))
meta = tree.find("refmeta")
if meta is not None:
title = meta.findtext("refentrytitle")
if title is not None:
vol = meta.findtext("manvolnum")
if vol is not None:
man2vol[title] = vol
citerefs = list(tree.iter("citerefentry"))
if citerefs:
man2citerefs[title] = citerefs
for man, refs in man2citerefs.items():
for ref in refs:
title = ref.findtext("refentrytitle")
if title is not None:
has = ref.findtext("manvolnum")
try:
should_have = man2vol[title]
except KeyError: # Non-systemd man page reference? Ignore.
continue
if has != should_have:
print(
f"sed -i '\\|<citerefentry><refentrytitle>{title}"
f"</refentrytitle><manvolnum>{has}</manvolnum>"
f"</citerefentry>|s|<manvolnum>{has}</manvolnum>|"
f"<manvolnum>{should_have}</manvolnum>|' {man}.xml"
)
|
| |
|
|
| |
and welcome messages
|
| | |
|
| |
|
|
|
|
| |
In mkosi CI, we want persistent journals when running interactively
and runtime journals when running in CI, so let's add a credential
that allows us to configure which one to use.
|
| |
|
|
| |
Follow-up for 1a30285590c2f40f256d0628950ef9243b2c1938.
|
| | |
|
| |
|
|
| |
These allow adding extra units and drop-ins via credentials.
|
| |
|
|
|
|
|
|
|
| |
Let's bring the credentials into a better order, in order of relevance.
Also, let's clarify what the generic LUKS PIN is about.
Finally, list the credentials in system-credentials(7) too, after all
people might want to unlock a disk with this via SMBIOS Type 11 or so.
|
| |
|
|
|
|
|
|
|
|
|
| |
This commit adds a new way of forwarding journal messages - forwarding
over a socket.
The socket can be any of AF_INET, AF_INET6, AF_UNIUX or AF_VSOCK.
The address to connect to is retrieved from the "journald.forward_address" credential.
It can also be specified in systemd-journald's unit file with ForwardAddress=
|
| |
|
|
|
|
|
|
|
|
| |
`system.hostname` credential is treated similarly to the pre-existing
`system.machine_id` credential. It is considered after /etc/hostname,
but prior to the kernel defaults or os-release defaults.
Fixes #30667.
Signed-off-by: Ivan Shapovalov <intelfx@intelfx.name>
|
| | |
|
| |
|
|
| |
Closes #26702
|
| |
|
|
|
|
|
|
|
| |
To me this is the last major basic functionality that couldn't be
configured via credentials: the network.
We do not invent any new format for this, but simply copy relevant creds
1:1 into /run/systemd/network/ to open up the full functionality of
networkd to VM hosts.
|
| | |
|
| |
|
|
|
| |
This is just a slight markup improvement; there should be no difference
in rendering.
|
| |
|
|
|
|
|
| |
This extends what systemd-firstboot does and runs on first boots only
and either processes user records passed in via credentials to create,
or asks the user interactively to create one (only if no regular user
exists yet).
|
| |
|
|
|
|
|
|
| |
As I noticed a lot of missing information when trying to implement checking
for missing info. I reimplemented the version information script to be more
robust, and here is the result.
Follow up to ec07c3c80b2b1bfa6788500202006ff85f5ae4f4
|
| |
|
|
|
|
|
|
| |
This tries to add information about when each option was added. It goes
back to version 183.
The version info is included from a separate file to allow generating it,
which would allow more control on the formatting of the final output.
|
| |
|
|
|
| |
This will be used by the next commit to add version information to the
nodes.
|
| | |
|
| |
|
|
| |
Fixes: #27260
|
| |
|
|
|
|
|
|
| |
Let's hook up one more thing with credentials: the machine ID to use
when none is initialized yet.
This requires some reordering of initialization steps in PID 1: we need
to import credentials first, and only then initialize the machine ID.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Let's move the long explanation to the man page of the component that
interprets the credential, and keep only a brief summary in
systemd.system-credentials(7).
|
| |
|
|
| |
Fixes #26761.
|
| |
|
|
| |
Done using linkchecker as usual.
|
| |
|
|
|
|
|
| |
This was dropped on reviewers' request in the revision that got merged,
but reference in two documents was not updated. Fix it.
Follow-up for: https://github.com/systemd/systemd/pull/25918
|
| |\
| |
| | |
Support AF_VSOCK in sd_notify and pick up notify_socket from creds
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is intended to be used with VSOCK, to notify the hypervisor/VMM, eg on the host:
qemu <...> -smbios type=11,value=io.systemd.credential:vmm.notify_socket=vsock:2:1234 -device vhost-vsock-pci,id=vhost-vsock-pci0,guest-cid=42
(vsock:2:1234 -> send to host on vsock port 1234, default is to send to 0 which is
the hypervisor itself)
Also on the host:
$ socat - VSOCK-LISTEN:1234,socktype=5
READY=1
STATUS=Ready.
|
| |/
|
|
|
|
|
|
|
|
|
| |
Note that this drops ProtectProc=invisible from
systemd-resolved.service.
This is done because othewise access to the booted "kernel" command line is not
necessarily available. That's because in containers we want to read
/proc/1/cmdline for that.
Fixes: #24103
|
| | |
|
| |
|
