| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Limit size of various tmpfs mounts to 10% of RAM, except volatile root and /var
to 25%. Another exception is made for /dev (also /devs for PrivateDevices) and
/sys/fs/cgroup since no (or very few) regular files are expected to be used.
In addition, since directories, symbolic links, device specials and xattrs are
not counted towards the size= limit, number of inodes is also limited
correspondingly: 4MB size translates to 1k of inodes (assuming 4k each), 10% of
RAM (using 16GB of RAM as baseline) translates to 400k and 25% to 1M inodes.
Because nr_inodes option can't use ratios like size option, there's an
unfortunate side effect that with small memory systems the limit may be on the
too large side. Also, on an extremely small device with only 256MB of RAM, 10%
of RAM for /run may not be enough for re-exec of PID1 because 16MB of free
space is required.
|
|
|
|
|
|
| |
"Login Service" doesn''t explain much, esp. considering that logind is actually is
for logins. I think "User Login Management" is better, but not that great either.
Suggestions welcome.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We unregister binfmt_misc twice during shutdown with this change:
1. A previous commit added support for doing that in the final shutdown
phase, i.e. when we do the aggressive umount loop. This is the robust
thing to do, in case the earlier ("clean") shutdown phase didn't work
for some reason.
2. This commit adds support for doing that when systemd-binfmt.service
is stopped. This is a good idea so that people can order mounts
before the service if they want to register binaries from such
mounts, as in that case we'll undo the registration on shutdown
again, before unmounting those mounts.
And all that, just because of that weird "F" flag the kernel introduced
that can pin files...
Fixes: #14981
|
|
|
|
|
|
|
|
|
| |
This doesn't really matter, since in non-/usr-merged systems plymouth
needs to be in /bin and on merged ones it doesn't matter, but it is
still prettier to insert the right path, and avoid /bin on merged
systems, since it's just a compat symlink.
Replaces: #15351
|
|
|
|
|
| |
This doesn't matter too much given that the service doesn't do anything
on shutdown, but let's still stop it to make things cleaner.
|
|
|
|
|
| |
All services using StateDirectory= don't need the explicit dep anymore,
let's hence drop it everywhere.
|
|
|
|
|
|
|
|
| |
This dependency is now generated automatically given we use
StateDirectory=. Moreover the combination of Wants= and After= was too
strong anway, as whether remount-fs is pulled in or not should not be up
to systemd-pstore.service, and in fact is part of the initial
transaction anyway.
|
|
|
|
|
|
|
|
| |
sysinit.target is the target our early boot services are generally
pulled in from, make systemd-pstore.service not an exception of that.
Effectively this doesn't mean much, either way our unit is part of the
initial transaction.
|
|
|
|
|
|
| |
Add `ProtectClock=yes` to systemd units. Since it implies certain
`DeviceAllow=` rules, make sure that the units have `DeviceAllow=` rules so
they are still able to access other devices. Exclude timesyncd and timedated.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 7e1ed1f3b29162df25064b33dc55ac8cf432bb0b.
systemd-repart is not a user service that should be something people
enable/disable, instead it should just work if there's configuration for
it. It's like systemd-tmpfiles, systemd-sysusers, systemd-load-modules,
systemd-binfmt, systemd-systemd-sysctl which are NOPs if they have no
configuration, and thus don't hurt, but cannot be disabled since they
are too deep part of the OS.
This doesn't mean people couldn't disable the service if they really
want to, there's after all "systemctl mask" and build-time disabling,
but those are OS developer facing instead of admin facing, that's how it
should be.
Note that systemd-repart is in particular an initrd service, and so far
enable/disable state of those is not managed anyway via "systemctl
enable/disable" but more what dracut decides to package up and what not.
|
|\
| |
| | |
Make homed/userdbd/repart services installable (to allow uninstalling)
|
| |
| |
| |
| |
| |
| |
| |
| | |
It's lightweight and generally useful, so it should be enabled by default. But
users might want to disable it for whatever reason, and things should be fine
without it, so let's make it installable so it can be disabled if wanted.
Fixes #15175.
|
| |
| |
| |
| | |
Fixes #15083. Users might want to disable homed if not used to save resources.
|
| |
| |
| |
| |
| |
| | |
This essentially adds another layer of configurability:
build disable, this, presence of configuration. The default is
set to enabled, because the service does nothing w/o config.
|
|/
|
|
|
|
|
|
|
| |
/home is posibly a remote file system. it makes sense to order homed
after it, so that we can properly enumerate users in it, but we probably
shouldn't pull it in ourselves, and leave that to users to configure
otherwise.
Fixes: #15102
|
| |
|
|
|
|
|
|
|
| |
Mounting tracefs fails in unprivileged LXC containers and latest LXD
(3.23) bind mounts tracefs already.
Fixes https://github.com/lxc/lxd/issues/7059
|
| |
|
|\
| |
| | |
Make units remain after exit
|
| |
| |
| |
| | |
Once done, its done, and shouldn't be run again.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This reverts the second part of 8125e8d38e3aa099c7dce8b0161997b8842aebdc.
The first part was reverted in 750e550eba362096d56a35104c6a32631aa67b8e.
The problem starts when s-v-s.s is pulled in by something that is then pulled
in by sysinit.target. Every time a unit is started, systemd recursively checks
all dependencies, and since sysinit.target is pull in by almost anything, we'll
start s-v-s.s over and over. In particular, plymouth-start.service currently
has Wants=s-v-s.s and After=s-v-s.s.
|
| |
| |
| |
| |
| |
| |
| |
| | |
Possible alternative to #14819.
For me, setting RemainAfterExit=yes would be OK, but if people think that it
might cause issues, then this could be a reasonable alternative that still
let's us skip the invocation of the separate binary.
|
|\ \
| | |
| | | |
Man page for systemd-network-generator
|
| |/
| |
| |
| |
| | |
It's a bit bare-bones, but it should be enough to point the reader in the right
direction.
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This minus has been there since the unit was added in
d42d27ead91e470cb12986d928441e56c0f543ca. I think the idea was not cause things
to fail if the user instance doesn't work. But ignoring the return value
doesn't seem to be the right way to approach the problem. In particular, if
the program fails to run, we'll get a bogus fail state, see
https://bugzilla.redhat.com/show_bug.cgi?id=1727895#c1:
with the minus:
$ systemctl start user@1002
Job for user@1002.service failed because the service did not take the steps required by its unit configuration.
See "systemctl status user@1002.service" and "journalctl -xe" for details.
without the minus:
$ systemctl start user@1002
Job for user@1002.service failed because the control process exited with error code.
See "systemctl status user@1002.service" and "journalctl -xe" for details.
|
|
|
|
|
| |
This patch modifies the RequireMountsFor setting in systemd-nspawn@.service to wait for the machine instance directory to be mounted, not just /var/lib/machines.
Closes #14931
|
|
|
|
|
|
|
|
|
|
|
| |
machined needs access to the host mount namespace to propagate bind
mounts created with the "machinectl bind" command. However, the
"ProtectKernelLogs" directive relies on mount namespaces to make the
kernel ring buffer inaccessible. This commit removes the
"ProtectKernelLogs=yes" directive from machined service file introduced
in 6168ae5.
Closes #14559.
|
|
|
|
|
| |
Usually it is not useful and can also fail making
boot-and-services autopkgtest fail.
|
|
|
|
|
|
|
|
|
|
|
| |
Kernel 4.1 separated the tracing system from the debugfs,
actual documentation already points to a different path
that needs this new mount to exist.
the old sysfs path will still be an automount in the debugfs,
created by the kernel (for now).
Signed-off-by: Norbert Lange <nolange79@gmail.com>
|
|
|
|
|
|
| |
See c80a9a33d04fb4381327a69ce929c94a9f1d0e6c, target units can't fail.
I guess we need to figure out some replacement functionality, but at least
let's avoid the warning from systemd for now.
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
cryptsetup
Let's hook it into both cryptsetup-generator and gpt-auto-generator with
a shared implementation in generator.c
Fixes: #8472
|
| |
| |
| |
| |
| | |
It doesn't get us much, but makes the differences between the templated
and non-templated versions a bit smaller.
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| | |
If we have exit on idle, then operations such as "journalctl
--namespace=foo --rotate" should work even if the journal daemon is
currently not running.
(Note that we don't do activation by varlink for the main instance of
journald, I am not sure the deadlocks it might introduce are worth it)
|
| | |
|
| | |
|
| |
| |
| |
| | |
Fixes more or less: https://bugs.freedesktop.org/show_bug.cgi?id=67474
|
| |
| |
| |
| | |
networkd uses khash, and khash requires AF_ALG.
|
|/ |
|
|
|
|
|
|
|
| |
This makes things a bit simpler and the build a bit faster, because we don't
have to rewrite files to do the trivial substitution. @rootbindir@ is always in
our internal $PATH that we use for non-absolute paths, so there should be no
functional change.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's use uppercase wording in the description string, like we usually
do.
Let's allow using this service in early boot.
If it's pulled into the initial transaction it's better to finish
loading this before sysinit.target.
Don't bother with this in containers that lack CAP_SYS_MODULE
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Devices referred to by `DeviceAllow=` sandboxing are resolved into their
corresponding major numbers when the unit is loaded by looking at
`/proc/devices`. If a reference is made to a device which is not yet
available, the `DeviceAllow` is ignored and the unit's processes cannot
access that device.
In both logind and nspawn, we have `DeviceAllow=` lines, and `modprobe`
in `ExecStartPre=` to load some kernel modules. Those kernel modules
cause device nodes to become available when they are loaded: the device
nodes may not exist when the unit itself is loaded. This means that the
unit's processes will not be able to access the device since the
`DeviceAllow=` will have been resolved earlier and denied it.
One way to fix this would be to re-evaluate the available devices and
re-apply the policy to the cgroup, but this cannot work atomically on
cgroupsv1. So we fall back to a second approach: instead of running
`modprobe` via `ExecStartPre`, we move this out to a separate unit and
order it before the units which want the module.
Closes #14322.
Fixes: #13943.
|
|
|
|
| |
Prompted by #14417.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit 07125d24eedb71693b3bf2b1f0730cd01aaac2dd.
In contrast to what is claimed in #13396 dbus-broker apparently does
care for the service file to be around, and otherwise will claim
"Service Not Activatable" in the time between systemd starting up the
broker and connecting to it, which the stub service file is supposed to
make go away.
Reverting this makes the integration test suite pass again on host with
dbus-broker (i.e. current Fedora desktop).
Tested with dbus-broker-21-6.fc31.x86_64.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
shutdown"
This reverts commit 362c378291e85df3e00aaad491d1e08233ad127f.
This commit introduced an ordering loop: remote-cryptsetup.target was both
before and after remote-fs-pre.target. It also globally ordered all cryptsetup
volumes before all mounts. Such global ordering is problematic if people have
stacked storage. Let's look for a different solution.
See https://github.com/systemd/systemd/pull/14378#discussion_r359460109.
|
|
|
|
|
|
|
|
| |
Otherwise, systemd-udev-trigger|settle.service that ran in the initrd may
ramain active, and never re-run again from the system root.
This is observed by forexample examining ESP with udevadm info, which in the
initrd has all the ID_* variables, and none of them in fully booted system.
|