| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| | |
exec: Add TTYRows and TTYColumns properties to set TTY dimensions
|
| | | |
|
| | |
| |
| |
| | |
Follow-up for 4c2ee5c7f26fda41d7eb1250c61c85cc869a90de
|
| | | |
|
| |/
|
|
|
| |
These are not defined by us, but are defined as proper UUIDs by their
respective specs, hence show them as such.
|
| |\
| |
| | |
A coding style tweak and checking of sd_notify() calls and voidification of pager_open()
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The LoopDevice object supports a shortcut: if the backing fd we are
supposed to create a loopback device of refers to a
block device alrady then we'll use it as is – if we can – instead of
setting up an unnecessary loopback device that would be pretty much
the same as its backing device.
Previously, when doing this we'd just dup() the original backing fd and
use that. But that's problematic in case O_DIRECT was set on the fd,
since we'll keep that flag set on our copy too, which means we can't do
simple, regular IO on it anymore.
Thus, let's reopen the inode in this case with the exact access flags
we'd apply if we'd actually allocate and open a new loopback device.
Fixes: #21176
|
| |\ \
| | |
| | | |
Improve hint to use -M in various tools
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
(Or when -H is used, since -H and -M are incompatible.)
Note that the slightly unusual form with separate boolean variables (hint_vars,
hint_addr) instead of e.g. a const char* variable to hold the message, because this
way we don't trigger the warning about non-literal format.
|
| | | |
| | |
| | |
| | | |
(Or when -H is used, since -H and -M are incompatible.)
|
| | |/
| |
| |
| |
| | |
They were defined as macros, but they are a bit too complicated for this,
so it's getting unwieldy. We can make them functions without any loss.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
rearrange_stdio() invalidates specified fds even on failure, which means
we should always invalidate the fds we pass in no matter what. Let's
make this explicit by using TAKE_FD() for that everywhere.
Note that in many places we such invalidation doesnt get us much
behaviour-wise, since we don't use the variables anymore later. But
TAKE_FD() in a way is also documentation, it encodes explicitly that the
fds are invalidated here, so I think it's a good thing to always make
this explicit here.
|
| |/ |
|
| |\
| |
| | |
fix "sytemctl status" cgroup tree output
|
| | |
| |
| |
| |
| | |
Let's add the same dash of color (well, grey, …) to the dbus-based
pid/cgroup tree output as systemd-cgls has.
|
| |\ \
| |/
|/| |
core: add [State|Runtime|Cache|Logs]DirectorySymlink
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
When combined with a tmpfs on /run or /var/lib, allows to create
arbitrary and ephemeral symlinks for StateDirectory or RuntimeDirectory.
This is especially useful when sharing these directories between
different services, to make the same state/runtime directory 'backend'
appear as different names to each service, so that they can be added/removed
to a sharing agreement transparently, without code changes.
An example (simplified, but real) use case:
foo.service:
StateDirectory=foo
bar.service:
StateDirectory=bar
foo.service.d/shared.conf:
StateDirectory=
StateDirectory=shared:foo
bar.service.d/shared.conf:
StateDirectory=
StateDirectory=shared:bar
foo and bar use respectively /var/lib/foo and /var/lib/bar. Then
the orchestration layer decides to stop this sharing, the drop-in
can be removed. The services won't need any update and will keep
working and being able to store state, transparently.
To keep backward compatibility, new DBUS messages are added.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Those devices show up as /sys/devices/vif-N, let's use that number
to name them enXN.
Without this, all schemes fail and they keep the kernel names, which can
be racy.
Signed-off-by: Benjamin Herrenschmidt <benh@kernel.crashing.org>
|
| |/
|
|
|
|
|
|
| |
backend
This is useful since certain shares can only be mounted with additional
mount flags. For example the SMB share in modern AVM Fritz!Boxes
requires "noserverino" to be set to work from Linux.
|
| |
|
|
| |
This reverts commit 9c46228b7deb53d6384545535b37b2844a102b2b.
|
| |
|
|
| |
Fixes #21113.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
JSON doesn't have NaN/infinity/-infinity concepts in the spec.
Implementations vary what they do with it. JSON5 + Python simply
generate special words "NAN" and "Inifinity" from it. Others generate
"null" for it.
At this point we never actually want to output this, so let's be
conservative and generate RFC compliant JSON, i.e. convert to null.
One day should JSON5 actually become a thing we can revisit this, but in
that case we should implement things via a flag, and only optinally
process nan/infinity/-infinity.
This patch is extremely simple: whenever accepting a
nan/infinity/-infinity from outside it converts it to NULL. I.e. we
convert on input, not output.
|
| |
|
|
|
|
|
|
|
|
| |
bind_remount_one_with_mountinfo()
Let's move things around a bit, and open /proc/self/mountinfo if needed
inside of bind_remount_one_with_mountinfo(). That way bind_remount_one()
can become a superthin inline wrapper around
bind_remount_one_with_mountinfo(). Main benefit is that we don't even
have to open /p/s/mi in case mount_setattr() actually worked for us.
|
| | |
|
| |
|
|
|
|
|
| |
bind_remount_one_with_mountinfo()
New kernels have a nice syscall for changing bind mount flags. Let's use
it. This makes the complex libmount based iteration logic unnecessary.
|
| |
|
|
|
|
|
|
| |
unbound userns
This returns a namespace fd, and takes a uidmap/gidmap as string. This
is split out out mount-util.c's remount_idmap() logic, so that we can
allocate a userns independently.
|
| |
|
|
|
| |
That way we can use it in other code from basic/. It fits into both
headers equally well or badly, hence let's just move this one function.
|
| |
|
|
|
|
|
|
|
|
| |
Previously we'd possibly see POLLHUP on a varlink link, and continue to
run epoll on it even though we have nothing to read nor write anymore.
Let's fix that, and once we know that there's nothing to write anymore
(or we saw a write error already) we'll disconnect after POLLHUP.
Fixes: #20062
|
| |
|
|
| |
Fixes: #11559
|
| |\
| |
| | |
nspawn: add --suppress-sync=yes mode for turning sync() and friends i…
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
NOPs via seccomp
This is supposed to be used by package/image builders such as mkosi to
speed up building, since it allows us to suppress sync() inside a
container.
This does what Debian's eatmydata tool does, but for a container, and
via seccomp (instead of LD_PRELOAD).
|
| |\ \
| | |
| | | |
tweaks to O_DIRECT loop work
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
The whole reason loop_device_make_internal() exists (as opposed to just
loop_device_make()) is to avoid mangling the loop flags value/call
getenv twice. Hence let's actually call it when we already mangled the
flags value.
|
| | | |
| | |
| | |
| | |
| | | |
Once we managed to open the file let's log what we wanted and what we
got.
|
| | |/
| |
| |
| | |
As suggested here: https://github.com/systemd/systemd/pull/21044#pullrequestreview-783530343
|
| |/ |
|
| |
|
|
|
|
|
|
| |
Inspired by the discussions in #21003.
Inspired in particular by what Android apexd does:
https://android.googlesource.com/platform/system/apex/+/refs/heads/master/apexd/apexd_loop.cpp
|
| |
|
|
| |
Fixes: #21003
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Let's define two helpers strdupa_safe() + strndupa_safe() which do the
same as their non-safe counterparts, except that they abort if called
with allocations larger than ALLOCA_MAX.
This should ensure that all our alloca() based allocations are subject
to this limit.
afaics glibc offers three alloca() based APIs: alloca() itself,
strndupa() + strdupa(). With this we have now replacements for all of
them, that take the limit into account.
|
| | |
|
| | |
|
| |\
| |
| | |
Watchdog more rework
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If an error happened while the timeout value was being programmed, the error
was ignored and the watchdog module used the new timeout value whereas the
watchdog device was left with the previous one.
Now in cases of error, the device is now disabled and closed if it wasn't
opened already otherwise the previous timeout value is kept so the device is
still pinged at correct intervals.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Passing 0 meant "disable the watchdog although still kept it opened". However
this case didn't seem to be useful especially since PID1 closes the device if
it is passed the nul timeout.
Hence let's change the meaning of watchdog_setup(0) to match PID1's behavior
which allows to simplify the code a bit.
Hence this patch also drops enable_watchdog().
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
timeout value
This patch changes the meaning of USEC_INFINITY value for the watchdog
module.
Previously passing this value was a NOP. It now has a special meaning: it
requests the watchdog module to read the programmed timeout value and reuse it
for pinging the device.
This is mostly useful when the watchdog is started by the firmware and there's
no way to reconfigure the timeout with a different value
afterwards. "RuntimeWatchdogSec=infinity" in system.conf can now be used rather
than putting an arbitrary value that PID1 will fail to set (even if it still
felt back to the programmed timeout).
Please note that "infinity" is not supposed to restore the default value of the
firmware. If the value is changed after booting then "infinity" would simply
reuse the current programmed value. IOW it's a NOP unless the watchdog was
previously closed and in that case it will be reopened and the last programmed
value reused.
|
