summaryrefslogtreecommitdiffstats
path: root/src/core (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Merge pull request #34403 from poettering/askpw-per-userLennart Poettering2024-10-212-31/+38
|\ | | | | modernize the ask-password logic, and add unpriv askpw agents to the concept
| * core: modernize askpw handling a bitLennart Poettering2024-10-212-31/+38
| |
* | Merge pull request #34787 from yuwata/core-ip-address-allow-denyLennart Poettering2024-10-211-3/+4
|\ \ | |/ |/| core/cgroup: fix IPAddressAllow=/IPAddressDeny= set through DBus
| * core/cgroup: fix IPAddressAllow=/IPAddressDeny= set through DBusYu Watanabe2024-10-161-3/+4
| | | | | | | | | | Fixes a regression caused by 84ebe6f01381c21b88e37e856956c9c9ee6781d6 (v250). Fixes #34773.
* | pid1: close fds we receive via sd_notify() and cannot make use of asynchronouslyLennart Poettering2024-10-171-1/+1
| | | | | | | | | | | | | | | | | | This addresses #11112 fully. It mostly was addressed by 99620f457ed0886852ba18c9093b59767299121c already, but for fds not even passed to the fdstore, this adds the missing asynchronous close codepath. Fixes: #11112
* | fdset: optionally, close remaining fds asynchronouslyLennart Poettering2024-10-172-2/+2
| |
* | Reformat load-fragment-gperf.gperf.inRyan Wilson2024-10-171-527/+527
| | | | | | | | | | This commit reformats load-fragment-gperf.gperf.in after changes made for adding the ManagedOOMMemoryPressureDurationSec= property.
* | cgroup: Add ManagedOOMMemoryPressureDurationSec= override setting for unitsRyan Wilson2024-10-178-3/+92
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This will allow units (scopes/slices/services) to override the default systemd-oomd setting DefaultMemoryPressureDurationSec=. The semantics of ManagedOOMMemoryPressureDurationSec= are: - If >= 1 second, overrides DefaultMemoryPressureDurationSec= from oomd.conf - If is empty, uses DefaultMemoryPressureDurationSec= from oomd.conf - Ignored if ManagedOOMMemoryPressure= is not "kill" - Disallowed if < 1 second Note the corresponding dbus property is DefaultMemoryPressureDurationUSec which is in microseconds. This is consistent with other time-based dbus properties.
* | pid1: add env var to override default mount rate limit intervalxujing2024-10-161-3/+11
| | | | | | | | | | | | | | | | Similar to 24a4542c. 24a4542c can only be set 1 in 1s at most, sometimes we may need to set to something else(such as 1 in 2s). So it's best to let the user decide. This also allows users to solve #34690.
* | core: move debug logging from _can_live_mount() functions to callerLennart Poettering2024-10-163-19/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | Let's debug log the returned dbus error where we want the logging, but don't log it, where we don't. This removes the noisy logging from the property handler for the CanLiveMount property, but keeps it in place for the MountImage() method call where we want it. Alternative to #34175 Follow-up for 5162829ec87df20c7af763bdf274735bf9e53552 and 1cafbecabecc619b4e147abd9925282d0ff323bd
* | core: one more Mount -> LiveMount renameLuca Boccassi2024-10-161-1/+1
|/ | | | | | Missed by earlier search-and-replace Follow-up for 5162829ec87df20c7af763bdf274735bf9e53552
* core: do not fail if ignorable img.v/ vpick dir is missingLuca Boccassi2024-10-151-0/+4
| | | | | | | | Do not fail if the directory is missing entirely, other than just empty Follow-up for 00f546e25e8 Follow-up for 5e79dd96a88 Follow-up for 622efc544dc
* core/manager: pass soft-reboot count to generatorsMike Yuan2024-10-151-0/+6
| | | | | | soft-reboot allows switching into a different root/installation, i.e. potentially invalidate settings from kernel cmdline and such. Let's hence inform generators about soft-reboots.
* core/manager: minor cleanup for generator_path_any() and friendsMike Yuan2024-10-151-26/+32
|
* timer: introduce DeferReactivation settingArthur Shau2024-10-114-7/+22
| | | | | | | | | | | | | | | | | | | | | | | By default, in instances where timers are running on a realtime schedule, if a service takes longer to run than the interval of a timer, the service will immediately start again when the previous invocation finishes. This is caused by the fact that the next elapse is calculated based on the last trigger time, which, combined with the fact that the interval is shorter than the runtime of the service, causes that elapse to be in the past, which in turn means the timer will trigger as soon as the service finishes running. This behavior can be changed by enabling the new DeferReactivation setting, which will cause the next calendar elapse to be calculated based on when the trigger unit enters inactivity, rather than the last trigger time. Thus, if a timer is on an realtime interval, the trigger will always adhere to that specified interval. E.g. if you have a timer that runs on a minutely interval, the setting guarantees that triggers will happen at *:*:00 times, whereas by default this may skew depending on how long the service runs. Co-authored-by: Matteo Croce <teknoraver@meta.com>
* core/service: add missing serialization for extra fdsMike Yuan2024-10-111-0/+38
|
* core/service: use array rather than list for extra fds, limit max numberMike Yuan2024-10-113-118/+76
| | | | | | | | Follow-up for 3543456f84ec2e83e07b6c9bf2b3a1c5d30241d8 I don't think list is particularly useful here. The passed fds are constant for the lifetime of service, and with this commit we track the number of extra fds in a dedicated var anyway.
* core/service: use LIST_HEAD where appropriateMike Yuan2024-10-111-1/+1
|
* core/manager-serialize: drop serialization for Manager.ready_sentMike Yuan2024-10-111-11/+1
| | | | | | | | This field indicates whether READY=1 has been sent to the service manager/supervisor. Whenever we reload/reexec/soft-reboot, manager_send_reloading() always resets it to false first, so that READY=1 is sent after reloading finishes. Hence we utterly get "false" at all times. Kill it.
* core/manager: still send out STATUS=Ready for user managerMike Yuan2024-10-111-7/+7
| | | | | | | | This effectively reverts 37d15cd132f3a8a0bf42fb252c1604e804171ff2. The offending commit wrongly assumed that the second READY=1 notification is for system scope only, but it also serves the purpose of flushing out previous STATUS= containing user unit job status.
* core/mount: fix typoYu Watanabe2024-10-091-1/+1
| | | | Follow-up for 00ad3f02275b507a753495ace5e5f84cb38b604d.
* namespace: rename drop_unused_mounts() → sort_and_drop_unused_mounts()Lennart Poettering2024-10-091-3/+3
| | | | | The function sorts the listed mounts, and that's kinda key, hence reflect that in the name.
* Merge pull request #34679 from DaanDeMeyer/bus-logDaan De Meyer2024-10-091-4/+16
|\ | | | | Various logging improvements
| * core: Log in more scenarios about which process initiated an operationDaan De Meyer2024-10-091-0/+12
| | | | | | | | | | Exit/Reboot/Poweroff and similar operations are invasive enough that logging about who initiated them is very useful to debug issues.
| * core: Bump log level of reexecute request to noticeDaan De Meyer2024-10-091-4/+4
| | | | | | | | | | A daemon-reload is important enough to deserve logging at notice level.
* | Merge pull request #34656 from yuwata/private-usersLennart Poettering2024-10-095-14/+14
|\ \ | | | | | | core: drop implicit support of PrivateUsers=off
| * | core: drop implicit support of PrivateTmp=offYu Watanabe2024-10-095-6/+6
| | | | | | | | | | | | | | | | | | Follow-up for 0e551b04efb911d38b586cca1a6a462c87a2cb1b. Similar to the previous commit, but for PrivateTmp=.
| * | core: drop implicit support of PrivateUsers=offYu Watanabe2024-10-084-8/+8
| | | | | | | | | | | | | | | | | | | | | | | | Follow-up for fa693fdc7e17618958c505af4b2f39ecd1c3363e. The documentation says the option takes a boolean or one of the "self" and "identity". But the parser uses private_users_from_string() which also accepts "off". Let's drop the implicit support of "off".
* | | Merge pull request #34651 from yuwata/polkit-transient-unitLennart Poettering2024-10-095-62/+95
|\ \ \ | | | | | | | | dbus: pass transient unit name metadata to polkit
| * | | core/dbus: pass transient unit name metadata to polkitRenjaya Raga Zenta2024-10-081-1/+8
| | | | | | | | | | | | | | | | Fixes #17224
| * | | core/dbus: add assertionsYu Watanabe2024-10-081-0/+12
| | | |
| * | | core/dbus: introduce bus_verify_manage_units_async_impl()Yu Watanabe2024-10-082-21/+33
| | | | | | | | | | | | | | | | | | | | | | | | Then, make bus_verify_manage_units_async() and _full() inline. Co-authored-by: Renjaya Raga Zenta <ragazenta@gmail.com>
| * | | core/dbus: move bus_verify_xyz() to dbus-util.cYu Watanabe2024-10-085-49/+51
| | | |
* | | | Merge pull request #34593 from Werkov/deprecate-aux-scopesLennart Poettering2024-10-091-1/+6
|\ \ \ \ | | | | | | | | | | core/manager: Deprecate StartAuxiliaryScope() method
| * | | | core/manager: Deprecate StartAuxiliaryScope() methodMichal Koutný2024-10-081-1/+6
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | The method was added with migration of resources in mind (e.g. process's allocated memory will follow it to the new scope), however, such a resource migration is not in cgroup semantics. The method may thus have the intended users and others could be guided to StartTransientUnit(). Since this API was advertised in a regular release, start the removal with a deprecation message to callers. Eventually, the goal is to remove the method to clean up DBus API and simplify code (removal of cgroup_context_copy()). Part of DBus docs is retained to satisfy build checks.
* | | | | Merge pull request #34671 from yuwata/memoryLennart Poettering2024-10-091-1/+5
|\ \ \ \ \ | |_|/ / / |/| | | | tree-wide: several memory accounting cleanups
| * | | | core: suppress one debugging logYu Watanabe2024-10-081-1/+5
| | |/ / | |/| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Otherwise, the log is shown even when getting properties. Even though it is in the debug level, that's quite noisy. [ 338.785847] TEST-55-OOMD.sh[1624]: Oct 07 16:35:15 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount [ 338.786985] TEST-55-OOMD.sh[1624]: Oct 07 16:35:17 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount [ 338.787412] TEST-55-OOMD.sh[1624]: Oct 07 16:35:20 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount [ 338.791776] TEST-55-OOMD.sh[1624]: Oct 07 16:35:22 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount [ 338.792938] TEST-55-OOMD.sh[1624]: Oct 07 16:35:24 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount [ 338.793225] TEST-55-OOMD.sh[1624]: Oct 07 16:35:26 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount [ 338.793424] TEST-55-OOMD.sh[1624]: Oct 07 16:35:28 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount [ 338.796448] TEST-55-OOMD.sh[1624]: Oct 07 16:35:31 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount [ 338.797997] TEST-55-OOMD.sh[1624]: Oct 07 16:35:33 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount [ 338.799206] TEST-55-OOMD.sh[1624]: Oct 07 16:35:35 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
* / | | mount: optimize mountinfo traversal by decoupling device discoveryChen Guanqiao2024-10-081-1/+6
|/ / / | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | In mount_load_proc_self_mountinfo(), device_found_node() is synchronously called during the traversal of mountinfo entries. When there are a large number of mount points, and the device types are not significantly different, this results in excessive time consumption during device discovery, causing a performance bottleneck. This issue is particularly prominent on servers with a large number of cores in IDC. This patch decouples device discovery from the mountinfo traversal process, avoiding redundant device operations. As a result, it significantly improves performance, especially in environments with numerous mount points. Signed-off-by: Chen Guanqiao <chen.chenchacha@foxmail.com>
* | | Merge pull request #34674 from yuwata/reallocarrayLuca Boccassi2024-10-083-32/+11
|\ \ \ | | | | | | | | tree-wide: replace reallocarray() with GREEDY_REALLOC()
| * | | tree-wide: replace reallocarray() with GREEDY_REALLOC()Yu Watanabe2024-10-083-28/+10
| | | |
| * | | core: use memdup_suffix0() at one more placeYu Watanabe2024-10-081-4/+1
| | | |
* | | | Merge pull request #34556 from ryantimwilson/extra-fdsLennart Poettering2024-10-088-46/+234
|\ \ \ \ | |/ / / |/| | | Add ExtraFileDescriptor property to StartTransientUnit dbus API
| * | | Add ExtraFileDescriptor property to StartTransientUnit dbus APIRyan Wilson2024-10-078-46/+234
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This adds the ExtraFileDescriptor property to StartTransient dbus API with format "a(hs)" - array of (file descriptor, name) pairs. The FD will be passed to the unit via sd_notify like Socket and OpenFile. systemctl show also shows ExtraFileDescriptorName for these transient units. We only show the name passed to dbus as the FD numbers will change once passed over the unix socket and are duplicated, so its confusing to display the numbers. We do not add this functionality for systemd-run or general systemd service units as it is not useful for general systemd services. Arguably, it could be useful for systemd-run in bash scripts but we prefer to be cautious and not expose the API yet. Fixes: #34396
* | | | tree-wide: drop doubled empty linesYu Watanabe2024-10-072-2/+0
| | | |
* | | | Merge pull request #34408 from Werkov/fix-device-limitsYu Watanabe2024-10-072-10/+10
|\ \ \ \ | | | | | | | | | | core/cgroup: Apply IODevice*= directives in configured order
| * | | | core/cgroup: Apply IODevice*= directives in configured orderMichal Koutný2024-09-242-10/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Different device paths may resolve to same device node (lookup_block_device()), e.g. IOReadBandwidthMax=/dev/sda1 18879 IOReadBandwidthMax=/dev/sda2 18878 where both partitions resolve to /dev/sda and when these values are applied (they are associated with original paths, i.e. as if applied for different device) in the order from io_device_limits. The parsing code prepends, so they end up in reverse order wrt config file. Switch the direction so that the order of application matches the order of configuration -- i.e. semantics in all other unit file directives. Apply same change to all directives that use per-device lists. (The question whether partitions should be resolved to base device is independent.) And apply the changes equally to DBus properties write handlers. Fixes #34126
* | | | | core: warn if a generator is world-writableLukas Nykryn2024-10-071-1/+1
| | | | | | | | | | | | | | | | | | | | ... because that is obviously a security risk.
* | | | | path-lookup: deduplicate xdg_user_*() with sd_path_lookup()Mike Yuan2024-10-063-5/+6
| |/ / / |/| | | | | | | | | | | While at it, place ret param at last.
* | | | fs-util: rename laccess to access_nofollowMike Yuan2024-10-051-3/+3
| |_|/ |/| | | | | | | | In order to distinguish it from libc function naming.
* | | Merge pull request #34610 from poettering/exec-start-single-lineLuca Boccassi2024-10-031-1/+5
|\ \ \ | | | | | | | | Soft deprecate multiple ExecStart= command lines within a single assignment
generated by cgit v1.2.3 (git 2.39.1) at 2024-12-02 11:14:09 +0100