| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
Otherwise, systemd-homed-active.service will fail to deactivate all
homes because homectl can no longer talk to homed if dbus stops first.
As a result, /home cannot be umounted.
Doing this on systemd-homed-active.service instead works as well, but
systemd-homed will exit 1 if dbus is already shut down.
|
| |
|
|
|
|
|
| |
The uidmap suff requires additional caps and userns to work in some
cases. Allow it.
Follow-up for: 1147c538bbb6a2d3d5ba2e40f1437bcbeb22b33e
|
| |
|
|
|
|
|
|
|
| |
In 2020 mount.cifs started to require a bunch for caps to work. let's
add them to the capability bounding set.
Also, SMB support obviously needs network access, hence open that up.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1962920
|
| |
|
|
| |
Add DeviceAllow= option for FIDO2 devices in systemd-homed.service.
|
| |
|
|
|
|
|
|
|
| |
We don't need two (and half) templating systems anymore, yay!
I'm keeping the changes minimal, to make the diff manageable. Some enhancements
due to a better templating system might be possible in the future.
For handling of '## ' — see the next commit.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's explicitly deactivate all home dirs on shutdown, in order to
properly synchronizing unmounting and avoiding blocking devices.
Previously, we'd rely on automatic deactivation when home directories
become unused. However, that scheme is asynchronous, and ongoing
deactviations might conflicts with attempts to unmount /home. Let's fix
that by providing an explicit service systemd-homed-activate.service
whose only job is to have a ExecStop= line that explicitly deactivates
all home directories on shutdown. This service can the be ordered after
home.mount and similar, ensuring that we'll first deactivate all homes
before deactivating /home itself during shutdown.
This is kept separate from systemd-homed.service so that it is possible
to restart systemd-homed.service without deactivating all home
directories.
Fixes: #16842
|
| | |
|
| |
|
|
|
|
|
| |
The ext4 fs resize ioctl needs CAP_SYS_RESOURCE, irritatingly. Let's
grant it to homed hence.
Fixes: #15115
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Strictly speaking you can run homed without userdb. But it doesn't
really make much sense: they go hand in hand and implement the same
concepts, just for different sets of users. Let's hence disable both
automatically by default if homed is requested.
(We don't do the reverse: opting into userdbd shouldn't mean that you
are OK with homed.)
And of course, users can always deviate from our defaults easily, and
turn off userbd again right-away if they don't like it, and things will
generally work.
|
| |
|
|
|
|
|
|
|
| |
We want to watch USB sticks being plugged in, and that requires
AF_NETLINK to work correctly and get the host's events. But if we live
in a network namespace AF_NETLINK is disconnected too and we'll not get
the host udev events.
Fixes: #15287
|
| |\
| |
| | |
Make homed/userdbd/repart services installable (to allow uninstalling)
|
| | |
| |
| |
| | |
Fixes #15083. Users might want to disable homed if not used to save resources.
|
| |/
|
|
|
|
|
|
|
| |
/home is posibly a remote file system. it makes sense to order homed
after it, so that we can properly enumerate users in it, but we probably
shouldn't pull it in ourselves, and leave that to users to configure
otherwise.
Fixes: #15102
|
| | |
|
|
|
Fixes more or less: https://bugs.freedesktop.org/show_bug.cgi?id=67474
|
