| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| | |
core: drop implicit support of PrivateUsers=off
|
| | |
| |
| |
| |
| |
| | |
Follow-up for 0e551b04efb911d38b586cca1a6a462c87a2cb1b.
Similar to the previous commit, but for PrivateTmp=.
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Follow-up for fa693fdc7e17618958c505af4b2f39ecd1c3363e.
The documentation says the option takes a boolean or one of the "self"
and "identity". But the parser uses private_users_from_string() which
also accepts "off". Let's drop the implicit support of "off".
|
| |\ \
| | |
| | | |
dbus: pass transient unit name metadata to polkit
|
| | | |
| | |
| | |
| | | |
Fixes #17224
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Then, make bus_verify_manage_units_async() and _full() inline.
Co-authored-by: Renjaya Raga Zenta <ragazenta@gmail.com>
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
core/manager: Deprecate StartAuxiliaryScope() method
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The method was added with migration of resources in mind (e.g. process's
allocated memory will follow it to the new scope), however, such a
resource migration is not in cgroup semantics. The method may thus have
the intended users and others could be guided to StartTransientUnit().
Since this API was advertised in a regular release, start the removal
with a deprecation message to callers.
Eventually, the goal is to remove the method to clean up DBus API and
simplify code (removal of cgroup_context_copy()).
Part of DBus docs is retained to satisfy build checks.
|
| |\ \ \ \
| |_|/ /
|/| | | |
tree-wide: several memory accounting cleanups
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Otherwise, oomctl shows 0 memory and swap usage when swap monitoring
is not enabled.
=======
$ oomctl
Dry Run: no
Swap Used Limit: 90.00%
Default Memory Pressure Limit: 60.00%
Default Memory Pressure Duration: 20s
System Context:
Memory: Used: 0B Total: 0B
Swap: Used: 0B Total: 0B
Swap Monitored CGroups:
Memory Pressure Monitored CGroups:
...
======
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Just for readability.
Before:
$ build/systemctl status -n 0 systemd-networkd.service | grep Memory:
Memory: 4.7M (peak: 14.3M swap: 1M swap peak: 1.1M)
After:
$ build/systemctl status -n 0 systemd-networkd.service | grep Memory:
Memory: 4.7M (peak: 14.3M, swap: 1M, swap peak: 1.1M)
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Otherwise, the log is shown even when getting properties.
Even though it is in the debug level, that's quite noisy.
[ 338.785847] TEST-55-OOMD.sh[1624]: Oct 07 16:35:15 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.786985] TEST-55-OOMD.sh[1624]: Oct 07 16:35:17 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.787412] TEST-55-OOMD.sh[1624]: Oct 07 16:35:20 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.791776] TEST-55-OOMD.sh[1624]: Oct 07 16:35:22 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.792938] TEST-55-OOMD.sh[1624]: Oct 07 16:35:24 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.793225] TEST-55-OOMD.sh[1624]: Oct 07 16:35:26 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.793424] TEST-55-OOMD.sh[1624]: Oct 07 16:35:28 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.796448] TEST-55-OOMD.sh[1624]: Oct 07 16:35:31 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.797997] TEST-55-OOMD.sh[1624]: Oct 07 16:35:33 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
[ 338.799206] TEST-55-OOMD.sh[1624]: Oct 07 16:35:35 H systemd[1]: TEST-55-OOMD-testmunch.service: Unit not running in private mount namespace, cannot live mount
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
In mount_load_proc_self_mountinfo(), device_found_node() is synchronously called
during the traversal of mountinfo entries. When there are a large number of
mount points, and the device types are not significantly different, this results
in excessive time consumption during device discovery, causing a performance
bottleneck. This issue is particularly prominent on servers with a large number
of cores in IDC.
This patch decouples device discovery from the mountinfo traversal process,
avoiding redundant device operations. As a result, it significantly improves
performance, especially in environments with numerous mount points.
Signed-off-by: Chen Guanqiao <chen.chenchacha@foxmail.com>
|
| |\ \
| | |
| | | |
fd-util: use F_DUPFD_QUERY for same_fd()
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Catch up with the nice little toys the kernel fs developers have added
for us. Preferably, let's make use of the new F_DUPFD_QUERY fcntl() call
that checks whether two fds are just duplicates of each other
(duplicates as in dup(), not as in open() of the same inode, i.e.
whether they share a single file offset and so on).
This API is much nicer, since it is a core kernel feature, unlike the
kcmp() call we so far used, which is part of the (optional)
checkpoint/restore stuff.
F_DUPFD_QUERY is available since kernel 6.10.
|
| | | |
| | |
| | |
| | |
| | | |
It just uses F_GETFD to validate an fd. it's a bit easier to read
though, and handles the < 0 case internally.
|
| |\ \ \
| | | |
| | | | |
tree-wide: replace reallocarray() with GREEDY_REALLOC()
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | | |
- Close all fds on failure.
- Close pidfd on success.
|
| | | | | |
|
| | |/ /
| | |
| | |
| | | |
No functional change, just refactoring.
|
| |\ \ \
| | | |
| | | | |
analyze: fix timestamp
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | | |
Fixes #34670.
|
| | |/ /
| | |
| | |
| | | |
Fixes a bug caused by ef658a63f8163607d9e04f710cd26c0d36ff68ce.
|
| |\ \ \
| |/ /
|/| | |
Add ExtraFileDescriptor property to StartTransientUnit dbus API
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This adds the ExtraFileDescriptor property to StartTransient dbus API
with format "a(hs)" - array of (file descriptor, name) pairs. The FD
will be passed to the unit via sd_notify like Socket and OpenFile.
systemctl show also shows ExtraFileDescriptorName for these transient
units. We only show the name passed to dbus as the FD numbers will
change once passed over the unix socket and are duplicated, so its
confusing to display the numbers.
We do not add this functionality for systemd-run or general systemd
service units as it is not useful for general systemd services.
Arguably, it could be useful for systemd-run in bash scripts but we
prefer to be cautious and not expose the API yet.
Fixes: #34396
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Previously using file descriptors as input arguments in busctl was
unsupported with "UNIX file descriptor not supported as type."
We fix this by parsing the file descriptor as an integer and verifying
it is an available file descriptor in busctl.
Fixes: #14954
Replaces: #34551
|
| |\ \ \
| | | |
| | | | |
machine: implement varlink interfaces io.systemd.Machine.{List, Unregister, Terminate, Kill}
|
| | | | |
| | | |
| | | |
| | | | |
Effectivelly, this is an implementation of GetMachineSSHInfo in dbus.
|
| | | | |
| | | |
| | | |
| | | | |
output
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| |\ \ \ \
| |/ / /
|/| | | |
udev-node: do not create stack directory for by-diskseq symlink
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Also
- make the failure propagated,
- remove /dev/block or /dev/char if empty.
Hopefully, no effective functionality changed. Just refactoring.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Also adds short comment for the NULL arguments.
No functional change, just refactoring.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The disk/by-diskseq symlink should not be shared with multiple block
devices. Hence, it is not necessary to create stack directory for the
symlink that manages which device owns the symlink.
This is not just a optimization.
If a service unit tries to mount a disk image but the service fails, then
the diskseq of the loop device for the image may be continuously increased
during restart, and inodes in /run may increase rapidly, as the stack
directories are cleaned up only when udev queue is empty.
Fixes #34637.
|
| | | | |
| | | |
| | | |
| | | | |
Also, do similar for json_dispatch_user_group_name().
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | | |
No functional change, just refactoring.
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Before:
$ networkctl status
● Interfaces: 372, 368, 373, 375, 376, 377, 378, 379, 381, 391, 3, 1201, 1202, 1184, 1610, 9, 8, 1340, 2, 1, 1256, 7
After:
$ networkctl status
● Interfaces: 1, 2, 3, 7, 8, 9, 368, 372, 373, 375, 376, 377, 378, 379, 381, 391, 1184, 1201, 1202, 1256, 1340, 1610
|
| | | | |
| | | |
| | | |
| | | | |
Follow-up for 164ca24d7464253e5f8375226b792ef8f6eaffd0.
|
| |\ \ \ \
| | | | |
| | | | | |
Quick sysupdate fixups
|
| | | | | |
| | | | |
| | | | |
| | | | | |
We were passing a u64 into an argument that needs a u32
|
