From bc96c63c0522dc81c036dcd340369eb04df8d0e9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Wed, 21 Mar 2018 16:07:20 +0100 Subject: [PATCH 01/11] man: add a note that nspawn gives access to network by default Fixes #6546. --- man/systemd-nspawn.xml | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/man/systemd-nspawn.xml b/man/systemd-nspawn.xml index 633d939384..55ef48bfec 100644 --- a/man/systemd-nspawn.xml +++ b/man/systemd-nspawn.xml @@ -519,8 +519,10 @@ configured with . If this option is specified, the CAP_NET_ADMIN capability will be added to the set of capabilities the container retains. The - latter may be disabled by using - . + latter may be disabled by using . + If this option is not specified (or implied by one of the options + listed below), the container will have full access to the host network. + From 929f52632bc899ae9bd6932b667008f35acd25e4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Wed, 21 Mar 2018 16:32:17 +0100 Subject: [PATCH 02/11] man: move examples out of sd_journal_get_fd into separate files man/.dir-locals is to keep indentation under control. This makes it much easier to compile and run those examples, c.f. #7578. v2: - copy more of .dir-locals.el from the root to man/.dir-locals.el (I though emacs would inherit from the one in the parent dir, but it seems it just uses its own broken defaults, including indent-tabs-mode by default.) --- man/.dir-locals.el | 14 ++++++++ man/journal-iterate-poll.c | 23 +++++++++++++ man/journal-iterate-wait.c | 39 ++++++++++++++++++++++ man/sd_journal_get_fd.xml | 66 ++------------------------------------ 4 files changed, 79 insertions(+), 63 deletions(-) create mode 100644 man/.dir-locals.el create mode 100644 man/journal-iterate-poll.c create mode 100644 man/journal-iterate-wait.c diff --git a/man/.dir-locals.el b/man/.dir-locals.el new file mode 100644 index 0000000000..1c2512052d --- /dev/null +++ b/man/.dir-locals.el @@ -0,0 +1,14 @@ +; special .c mode with reduced indentation for man pages +((nil . ((indent-tabs-mode . nil) + (tab-width . 8) + (fill-column . 79))) + (c-mode . ((fill-column . 80) + (c-basic-offset . 2) + (eval . (c-set-offset 'substatement-open 0)) + (eval . (c-set-offset 'statement-case-open 0)) + (eval . (c-set-offset 'case-label 0)) + (eval . (c-set-offset 'arglist-intro '++)) + (eval . (c-set-offset 'arglist-close 0)))) + (nxml-mode . ((nxml-child-indent . 2) + (fill-column . 119))) + (meson-mode . ((meson-indent-basic . 8)))) diff --git a/man/journal-iterate-poll.c b/man/journal-iterate-poll.c new file mode 100644 index 0000000000..174f6038fd --- /dev/null +++ b/man/journal-iterate-poll.c @@ -0,0 +1,23 @@ +#include +#include + +int wait_for_changes(sd_journal *j) { + struct pollfd pollfd; + int msec; + + sd_journal_get_timeout(m, &t); + if (t == (uint64_t) -1) + msec = -1; + else { + struct timespec ts; + uint64_t n; + clock_gettime(CLOCK_MONOTONIC, &ts); + n = (uint64_t) ts.tv_sec * 1000000 + ts.tv_nsec / 1000; + msec = t > n ? (int) ((t - n + 999) / 1000) : 0; + } + + pollfd.fd = sd_journal_get_fd(j); + pollfd.events = sd_journal_get_events(j); + poll(&pollfd, 1, msec); + return sd_journal_process(j); +} diff --git a/man/journal-iterate-wait.c b/man/journal-iterate-wait.c new file mode 100644 index 0000000000..0a23569f79 --- /dev/null +++ b/man/journal-iterate-wait.c @@ -0,0 +1,39 @@ +#include +#include +#include + +int main(int argc, char *argv[]) { + int r; + sd_journal *j; + r = sd_journal_open(&j, SD_JOURNAL_LOCAL_ONLY); + if (r < 0) { + fprintf(stderr, "Failed to open journal: %s\n", strerror(-r)); + return 1; + } + for (;;) { + const void *d; + size_t l; + r = sd_journal_next(j); + if (r < 0) { + fprintf(stderr, "Failed to iterate to next entry: %s\n", strerror(-r)); + break; + } + if (r == 0) { + /* Reached the end, let's wait for changes, and try again */ + r = sd_journal_wait(j, (uint64_t) -1); + if (r < 0) { + fprintf(stderr, "Failed to wait for changes: %s\n", strerror(-r)); + break; + } + continue; + } + r = sd_journal_get_data(j, "MESSAGE", &d, &l); + if (r < 0) { + fprintf(stderr, "Failed to read message field: %s\n", strerror(-r)); + continue; + } + printf("%.*s\n", (int) l, (const char*) d); + } + sd_journal_close(j); + return 0; +} diff --git a/man/sd_journal_get_fd.xml b/man/sd_journal_get_fd.xml index b15fc1728c..f51fbc3415 100644 --- a/man/sd_journal_get_fd.xml +++ b/man/sd_journal_get_fd.xml @@ -23,7 +23,7 @@ along with systemd; If not, see . --> - + sd_journal_get_fd @@ -263,73 +263,13 @@ else { Iterating through the journal, in a live view tracking all changes: - #include <stdio.h> -#include <string.h> -#include <systemd/sd-journal.h> - -int main(int argc, char *argv[]) { - int r; - sd_journal *j; - r = sd_journal_open(&j, SD_JOURNAL_LOCAL_ONLY); - if (r < 0) { - fprintf(stderr, "Failed to open journal: %s\n", strerror(-r)); - return 1; - } - for (;;) { - const void *d; - size_t l; - r = sd_journal_next(j); - if (r < 0) { - fprintf(stderr, "Failed to iterate to next entry: %s\n", strerror(-r)); - break; - } - if (r == 0) { - /* Reached the end, let's wait for changes, and try again */ - r = sd_journal_wait(j, (uint64_t) -1); - if (r < 0) { - fprintf(stderr, "Failed to wait for changes: %s\n", strerror(-r)); - break; - } - continue; - } - r = sd_journal_get_data(j, "MESSAGE", &d, &l); - if (r < 0) { - fprintf(stderr, "Failed to read message field: %s\n", strerror(-r)); - continue; - } - printf("%.*s\n", (int) l, (const char*) d); - } - sd_journal_close(j); - return 0; -} + Waiting with poll() (this example lacks all error checking for the sake of simplicity): - #include <poll.h> -#include <systemd/sd-journal.h> - -int wait_for_changes(sd_journal *j) { - struct pollfd pollfd; - int msec; - - sd_journal_get_timeout(m, &t); - if (t == (uint64_t) -1) - msec = -1; - else { - struct timespec ts; - uint64_t n; - clock_gettime(CLOCK_MONOTONIC, &ts); - n = (uint64_t) ts.tv_sec * 1000000 + ts.tv_nsec / 1000; - msec = t > n ? (int) ((t - n + 999) / 1000) : 0; - } - - pollfd.fd = sd_journal_get_fd(j); - pollfd.events = sd_journal_get_events(j); - poll(&pollfd, 1, msec); - return sd_journal_process(j); -} + From c0be035da77394269bf92574ef8a42fbd9ecf6d3 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Wed, 21 Mar 2018 20:02:49 +0100 Subject: [PATCH 03/11] man: drop license header in glib-event-glue.c We're moving towards just SPDX license identifiers, and the boilerplate is especially annoying in a man page. Also adjust to the smaller indentation to make the code fit better on a page. --- man/glib-event-glue.c | 63 ++++++++++++++----------------------------- 1 file changed, 20 insertions(+), 43 deletions(-) diff --git a/man/glib-event-glue.c b/man/glib-event-glue.c index 32d8e921b8..4baa12c5e8 100644 --- a/man/glib-event-glue.c +++ b/man/glib-event-glue.c @@ -1,70 +1,47 @@ -/*** - SPDX-License-Identifier: MIT - - Copyright 2014 Tom Gundersen - - Permission is hereby granted, free of charge, to any person - obtaining a copy of this software and associated documentation files - (the "Software"), to deal in the Software without restriction, - including without limitation the rights to use, copy, modify, merge, - publish, distribute, sublicense, and/or sell copies of the Software, - and to permit persons to whom the Software is furnished to do so, - subject to the following conditions: - - The above copyright notice and this permission notice shall be - included in all copies or substantial portions of the Software. - - THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, - EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF - MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND - NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS - BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN - ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN - CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE - SOFTWARE. -***/ +/* SPDX-License-Identifier: MIT */ +/* Copyright 2014 Tom Gundersen */ #include typedef struct SDEventSource { - GSource source; - GPollFD pollfd; - sd_event *event; + GSource source; + GPollFD pollfd; + sd_event *event; } SDEventSource; static gboolean event_prepare(GSource *source, gint *timeout_) { - return sd_event_prepare(((SDEventSource *)source)->event) > 0; + return sd_event_prepare(((SDEventSource *)source)->event) > 0; } static gboolean event_check(GSource *source) { - return sd_event_wait(((SDEventSource *)source)->event, 0) > 0; + return sd_event_wait(((SDEventSource *)source)->event, 0) > 0; } static gboolean event_dispatch(GSource *source, GSourceFunc callback, gpointer user_data) { - return sd_event_dispatch(((SDEventSource *)source)->event) > 0; + return sd_event_dispatch(((SDEventSource *)source)->event) > 0; } static void event_finalize(GSource *source) { - sd_event_unref(((SDEventSource *)source)->event); + sd_event_unref(((SDEventSource *)source)->event); } static GSourceFuncs event_funcs = { - .prepare = event_prepare, - .check = event_check, - .dispatch = event_dispatch, - .finalize = event_finalize, + .prepare = event_prepare, + .check = event_check, + .dispatch = event_dispatch, + .finalize = event_finalize, }; GSource *g_sd_event_create_source(sd_event *event) { - SDEventSource *source; + SDEventSource *source; - source = (SDEventSource *)g_source_new(&event_funcs, sizeof(SDEventSource)); + source = (SDEventSource *)g_source_new(&event_funcs, sizeof(SDEventSource)); - source->event = sd_event_ref(event); - source->pollfd.fd = sd_event_get_fd(event); - source->pollfd.events = G_IO_IN | G_IO_HUP | G_IO_ERR; + source->event = sd_event_ref(event); + source->pollfd.fd = sd_event_get_fd(event); + source->pollfd.events = G_IO_IN | G_IO_HUP | G_IO_ERR; - g_source_add_poll((GSource *)source, &source->pollfd); + g_source_add_poll((GSource *)source, &source->pollfd); - return (GSource *)source; + return (GSource *)source; } From 1027e0dc4d84fc7b6b500ee74d13439f322633eb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Wed, 21 Mar 2018 16:35:02 +0100 Subject: [PATCH 04/11] man: fix compilation of journal-iterate-poll.c Our examples should compile... --- man/journal-iterate-poll.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/man/journal-iterate-poll.c b/man/journal-iterate-poll.c index 174f6038fd..100d07e202 100644 --- a/man/journal-iterate-poll.c +++ b/man/journal-iterate-poll.c @@ -1,11 +1,13 @@ #include +#include #include int wait_for_changes(sd_journal *j) { - struct pollfd pollfd; + uint64_t t; int msec; + struct pollfd pollfd; - sd_journal_get_timeout(m, &t); + sd_journal_get_timeout(j, &t); if (t == (uint64_t) -1) msec = -1; else { From 0760dfc62f77ae16077dc8abb2547e44bf0fea00 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Wed, 21 Mar 2018 16:38:51 +0100 Subject: [PATCH 05/11] man: add missing headers to glib-event-glue.c --- man/glib-event-glue.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/man/glib-event-glue.c b/man/glib-event-glue.c index 4baa12c5e8..6349485b3a 100644 --- a/man/glib-event-glue.c +++ b/man/glib-event-glue.c @@ -2,6 +2,8 @@ /* Copyright 2014 Tom Gundersen */ #include +#include +#include typedef struct SDEventSource { GSource source; From 8d5a4f27f501d98a14b145697ef1a5af8da4f579 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 23 Mar 2018 12:59:09 +0100 Subject: [PATCH 06/11] man: add link and list of known attrs to systemd-gpt-auto-generator(8) Fixes #7859. --- man/systemd-gpt-auto-generator.xml | 53 +++++++++++++++++++++++++++--- 1 file changed, 48 insertions(+), 5 deletions(-) diff --git a/man/systemd-gpt-auto-generator.xml b/man/systemd-gpt-auto-generator.xml index 3fbe215c41..a02eabba6d 100644 --- a/man/systemd-gpt-auto-generator.xml +++ b/man/systemd-gpt-auto-generator.xml @@ -62,8 +62,9 @@ generator that automatically discovers root, /home, /srv and swap partitions and creates mount and swap units for them, based on the - partition type GUIDs of GUID partition tables (GPT). It implements - the UEFI Specification, chapter 5. + It implements the Discoverable Partitions Specification. Note that this generator has no effect on non-GPT systems, or where the directories under the @@ -78,13 +79,13 @@ same physical disk the EFI System Partition (ESP) is located on. It will only look for the other partitions on the same physical disk the root file system is located on. These partitions will not - be searched on systems where the root file system is distributed + be searched for on systems where the root file system is distributed on multiple disks, for example via btrfs RAID. systemd-gpt-auto-generator is useful for centralizing file system configuration in the partition table - and making manual configuration in /etc/fstab - or suchlike unnecessary. + and making configuration in /etc/fstab unnecessary. + This generator looks for the partitions based on their partition type GUID. The following partition type GUIDs are @@ -153,6 +154,48 @@ + This generator understands the following attribute flags for partitions: + + + Partition Attributes + + + + + + + + Name + Value + Applicable to + Explanation + + + + + GPT_FLAG_READ_ONLY + 0x1000000000000000 + /, /srv, /home + Partition is mounted read-only + + + + GPT_FLAG_NO_AUTO + 0x8000000000000000 + /, /srv, /home + Partition is not mounted automatically + + + + GPT_FLAG_NO_BLOCK_IO_PROTOCOL + 0x0000000000000002 + ESP + Partition is not mounted automatically + + + +
+ The /home and /srv partitions may be encrypted in LUKS format. In this case, a device mapper device is set up under the names From 2230a2908b3b1993ef8421360a51cef5049a1a50 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 23 Mar 2018 13:15:19 +0100 Subject: [PATCH 07/11] man: add a note about $XDG_SEAT and $XDG_VTNR to pam_systemd(8) Issue #6499 requests that a mention that those varibles can be set in the environment is added. But the man page already says that. There isn't much detail, but a man page does not need to and in this case should not include all the details. Instead a note is added that those vars can be derived from $DISPLAY. Closes #6499. --- man/pam_systemd.xml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/man/pam_systemd.xml b/man/pam_systemd.xml index f45631688c..a769a49bbe 100644 --- a/man/pam_systemd.xml +++ b/man/pam_systemd.xml @@ -255,8 +255,11 @@ for, if any. (Only applies to seats with a VT available, such as seat0) - + + If not set, pam_systemd will determine the + values for $XDG_SEAT and $XDG_VTNR + based on the $DISPLAY variable. From 4bb890bc04a6fd93e16eaafa72b0ad68c868a78c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 23 Mar 2018 13:54:20 +0100 Subject: [PATCH 08/11] man: add a note about "archived" journal files and when files can be copied Issue #6673 requests advice on backup strategy. But the right backup strategy depends on many factors, too many to describe in a man page. So let's just provide some general information which files are mutable and that it is always safe to use/copy files. Closes #6673. --- man/systemd-journald.service.xml | 21 +++++++++++++++------ 1 file changed, 15 insertions(+), 6 deletions(-) diff --git a/man/systemd-journald.service.xml b/man/systemd-journald.service.xml index 8ca0e896ab..dfff107e1f 100644 --- a/man/systemd-journald.service.xml +++ b/man/systemd-journald.service.xml @@ -261,9 +261,7 @@ systemd-tmpfiles --create --prefix /var/log/journal /etc/systemd/journald.conf - Configure - systemd-journald - behavior. See + Configure systemd-journald behavior. See journald.conf5. @@ -274,8 +272,7 @@ systemd-tmpfiles --create --prefix /var/log/journal /var/log/journal/machine-id/*.journal /var/log/journal/machine-id/*.journal~ - systemd-journald writes - entries to files in + systemd-journald writes entries to files in /run/log/journal/machine-id/ or /var/log/journal/machine-id/ @@ -287,7 +284,19 @@ systemd-tmpfiles --create --prefix /var/log/journal /var/log/journal is not available, or when is set in the journald.conf5 - configuration file. + configuration file. + + When systemd-journald ceases writing to a journal file, + it will be renamed to original-name@suffix.journal + (or original-name@suffix.journal~). + Such files are "archived" and will not be written to any more. + + In general, it is safe to read or copy any journal file (active or archived). + journalctl1 + and the functions in the + sd-journal3 + library should be able to read all entries that have been fully written. + From 752ce3967e4d7be1a98d06e4a293f6ef87f8dec5 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 23 Mar 2018 14:04:13 +0100 Subject: [PATCH 09/11] man: mention that oldest journal files are removed Fixes #7225. --- man/journalctl.xml | 2 +- man/systemd-journald.service.xml | 7 ++++++- 2 files changed, 7 insertions(+), 2 deletions(-) diff --git a/man/journalctl.xml b/man/journalctl.xml index 37fb0d67fd..39c8c07d6b 100644 --- a/man/journalctl.xml +++ b/man/journalctl.xml @@ -752,7 +752,7 @@ - Removes archived journal files until the disk + Removes the oldest archived journal files until the disk space they use falls below the specified size (specified with the usual K, M, G and T suffixes), or all diff --git a/man/systemd-journald.service.xml b/man/systemd-journald.service.xml index dfff107e1f..d78aef3a63 100644 --- a/man/systemd-journald.service.xml +++ b/man/systemd-journald.service.xml @@ -296,7 +296,12 @@ systemd-tmpfiles --create --prefix /var/log/journal and the functions in the sd-journal3 library should be able to read all entries that have been fully written. - + + systemd-journald will automatically remove the oldest + archived journal files to limit disk use. See SystemMaxUse= + and related settings in + journald.conf5. + From b3e4e23e834348cbd6a69c7eb0edff024eeb76bd Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 23 Mar 2018 14:27:48 +0100 Subject: [PATCH 10/11] man: add an additional note about journalctl -u Fixes #5387. I kept the _SYSTEMD_UNIT= example because it is easy to understand and not very verbose. _SYSTEMD_CGROUP has much longer entries which do not fit well in the narrow man page. Instead, I added an explanation of what -u is translated into. --- man/journalctl.xml | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/man/journalctl.xml b/man/journalctl.xml index 39c8c07d6b..be2916c0c1 100644 --- a/man/journalctl.xml +++ b/man/journalctl.xml @@ -930,7 +930,8 @@ With one match specified, all entries with a field matching the expression are shown: - journalctl _SYSTEMD_UNIT=avahi-daemon.service + journalctl _SYSTEMD_UNIT=avahi-daemon.service +journalctl _SYSTEMD_CGROUP=/user.slice/user-42.slice/session-c1.scope If two different fields are matched, only entries matching both expressions at the same time are shown: @@ -950,6 +951,19 @@ journalctl _SYSTEMD_UNIT=avahi-daemon.service _PID=28097 + _SYSTEMD_UNIT=dbus.service + To show all fields emited by a unit and about + the unit, option / should be used. + journalctl -u name + expands to a complex filter similar to + _SYSTEMD_UNIT=name.service + + UNIT=name.service _PID=1 + + OBJECT_SYSTEMD_UNIT=name.service _UID=0 + + COREDUMP_UNIT=name.service _UID=0 MESSAGE_ID=fc2e22bc6ee647b6b90729ab34a250b1 + + (see systemd.journal-fields5 + for an explanation of those patterns). + + Show all logs generated by the D-Bus executable: journalctl /usr/bin/dbus-daemon From 5ce6e7f525ae7bec35ac6787d54315b6f65b6c9e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= Date: Fri, 23 Mar 2018 14:43:52 +0100 Subject: [PATCH 11/11] core/service: rework the hold-off time over message "hold-off" is apparently confusing, because we also have HoldoffTimeoutSec=. Let's use RestartSec= directly in the message. Fixes #5472. --- src/core/service.c | 13 +++++++++---- 1 file changed, 9 insertions(+), 4 deletions(-) diff --git a/src/core/service.c b/src/core/service.c index 23a5bcd1c4..5c66876c8f 100644 --- a/src/core/service.c +++ b/src/core/service.c @@ -3400,10 +3400,15 @@ static int service_dispatch_timer(sd_event_source *source, usec_t usec, void *us break; case SERVICE_AUTO_RESTART: - log_unit_info(UNIT(s), - s->restart_usec > 0 ? - "Service hold-off time over, scheduling restart." : - "Service has no hold-off time, scheduling restart."); + if (s->restart_usec > 0) { + char buf_restart[FORMAT_TIMESPAN_MAX]; + log_unit_info(UNIT(s), + "Service RestartSec=%s expired, scheduling restart.", + format_timespan(buf_restart, sizeof buf_restart, s->restart_usec, USEC_PER_SEC)); + } else + log_unit_info(UNIT(s), + "Service has no hold-off time (RestartSec=0), scheduling restart."); + service_enter_restart(s); break;