| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
As previously announced, execute order 66:
https://lists.freedesktop.org/archives/systemd-devel/2022-September/048352.html
The meson options split-usr, rootlibdir and rootprefix become no-ops
that print a warning if they are set to anything other than the
default values. We can remove them in a future release.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
No functional change, just a cleanup to make the subsequent changes easier to
see. This is a continuation of 9810e419425263bde86787bc21251f1ad3c35628
> The block is reordered and split to have:
> 1. description + documentation
> 2. (optionally) conditions
> 3. all the dependencies
The dependencies for shutdown.target are listed separately because they are the
other deps are for startup, and shutdown.target only matter much later.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd-boot-random-seed.service
This renames systemd-boot-system-token.service to
systemd-boot-random-seed.service and conditions it less strictly.
Previously, the job of the service was to write a "system token" EFI
variable if it was missing. It called "bootctl --graceful random-seed"
for that. With this change we condition it more liberally: instead of
calling it only when the "system token" EFI variable isn't set, we call
it whenever a boot loader interface compatible boot loader is used. This
means, previously it was invoked on the first boot only: now it is
invoked at every boot.
This doesn#t change the command that is invoked. That's because
previously already the "bootctl --graceful random-seed" did two things:
set the system token if not set yet *and* refresh the random seed in the
ESP. Previousy we put the focus on the former, now we shift the focus to
the latter.
With this simple change we can replace the logic
f913c784ad4c93894fd6cb2590738113dff5a694 added, but from a service that
can run much later and doesn't keep the ESP pinned.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I'm working on building initramfs images directly from normal packages, and it
doesn't make sense for those units to be started. Pristine system rpms need to
behave correctly as much as possible also in the initrd, and those units are
enabled by the rpms. There usually isn't enough time for the timer to actually
fire, but starting it gives a line on the console and generally looks confusing
and sloppy. Flushing the journal means that its actually lost, since the real
/var is not available yet.
Another approach would be not enable those units, but right now they are
statically enabled, and changing that would be more work, and doesn't really
seem necessary, since the condition checks are very quick.
Checking for /etc/initrd-release is the standard condition that the initrd
units use, so let's do the same here.
|
| |
|
|
|
|
|
|
|
| |
We don't need two (and half) templating systems anymore, yay!
I'm keeping the changes minimal, to make the diff manageable. Some enhancements
due to a better templating system might be possible in the future.
For handling of '## ' — see the next commit.
|
| | |
|
| |
|
|
|
|
| |
Ensure that systemd-random-seed.service has completed before marking
a first boot as completed to guarantee that a saved seed will only be
used after it has been initialized at least once.
|
| |
|
|
| |
See 3f9a0a522f2029e9295ea5e9984259022be88413 for justification.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Follow-up for 26ded55709947d936634f1de0f43dcf88f594621.
The commit says,
> Note that with this change sysinit.target (and thus early boot) is NOT
systematically delayed until the entropy pool is initialized,
But the dependency was not dropped.
This was found by David Seifert (@SoapGentoo).
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This makes two major changes to the way systemd-random-seed operates:
1. We now optionally credit entropy if this is configured (via an env
var). Previously we never would do that, with this change we still don't
by default, but it's possible to enable this if people acknowledge that
they shouldn't replicate an image with a contained random seed to
multiple systems. Note that in this patch crediting entropy is a boolean
thing (unlike in previous attempts such as #1062), where only a relative
amount of bits was credited. The simpler scheme implemented here should
be OK though as the random seeds saved to disk are now written only with
data from the kernel's entropy pool retrieved after the pool is fully
initialized. Specifically:
2. This makes systemd-random-seed.service a synchronization point for
kernel entropy pool initialization. It was already used like this, for
example by systemd-cryptsetup-generator's /dev/urandom passphrase
handling, with this change it explicitly operates like that (at least
systems which provide getrandom(), where we can support this). This
means services that rely on an initialized random pool should now place
After=systemd-random-seed.service and everything should be fine. Note
that with this change sysinit.target (and thus early boot) is NOT
systematically delayed until the entropy pool is initialized, i.e.
regular services need to add explicit ordering deps on this service if
they require an initialized random pool.
Fixes: #4271
Replaces: #10621 #4513
|
| | |
|
| |
|
|
|
| |
Random numbers are provided by the host kernel, we don't need to do anything.
https://bugzilla.redhat.com/show_bug.cgi?id=1329124
|
| |
|
|
|
|
|
|
|
| |
Even trivial service occasionally get stuck, for example when
there's a problem with the journal. There's nothing more annoying
that looking at the cylon eye for a job with an infinite timeout.
Use standard 90s for jobs that do some work, and 30s for those which
should be almost instantenous.
|
| | |
|
| |
|
|
|
| |
This service was merged with systemd-random-seed-save.service in
c35b956d34bbb8bb208e49e45de2c103ca11911c.
|
|
|
That way ordering it with MountsRequiredFor= works properly, as this no
longer results in mount units start requests to be added to the shutdown
transaction that conflict with stop requests for the same unit.
|
