exit.target is now used for both system and user sessions,
so remove "on user service manager exit". Also reword that
paragraph: services will be killed before the manager exits,
even if they do not conflict with shutdown target, but we
recommend that they conflict with shutdown target so that
systemd schedules them to be stopped immediately when starting
to exit.
In the first paragraph, containers should be mentioned last,
and the more general systems first.
systemd-logind[27]: System is rebooting. (Applied kernel updates.)
is changed to
systemd-logind[27]: System is rebooting (Applied kernel updates).
Users should not add a dot in the sentence in --message, i.e. the correct usage is now:
$ systemctl reboot --message "Applied kernel updates"
If we just return the value we got from log_level_from_string() on
failure we'll return -1, which is not a proper error code.
log_set_target_from_string() did get this right already, hence let's fix
this here too.
This way we can hide things like /sys/firmware or /sys/hypervisor from
the container, while keeping the device tree around.
While this is a security benefit in itself it also allows us to fix
issue #1277.
Previously we'd mount /sys before creating the user namespace, in order
to be able to mount /sys/fs/cgroup/* beneath it (which resides in it),
which we can only mount outside of the user namespace. To ensure that
the user namespace owns the network namespace we'd set up the network
namespace at the same time as the user namespace. Thus, we'd still see
the /sys/class/net/ from the originating network namespace, even though
we are in our own network namespace now. With this patch, /sys is
mounted before transitioning into the user namespace as tmpfs, so that
we can also mount /sys/fs/cgroup/* into it this early. The directories
such as /sys/class/ are then later added in from the real sysfs from
inside the network and user namespace so that they actually show whatis
available in it.
Fixes#1277
Use get_proc_field and PROC_CPUINFO_MODEL to get the CPU type. Also don't
fail if it missing, instead restore the old behaviour and print "Unknown".
Fixes the following error seen with v225 on powerpc:
Unable to read module name from cpuinfo.
Error generating svg file: No such file or directory
All users of get_status_field() expect the field pattern to occur in
the beginning of a line, and the delimiter is ':'.
Hardcode this into the function, and also skip any whitespace before ':'
to support fields in files like /proc/cpuinfo. Add support for returning
the full field value (currently stops on first whitespace).
Rename the function so it's easier to ensure all callers switch to new
semantics.
Sometimes we have to connect to the system manager directly (early boot,
initrd, late boot, ...), sometimes through the system bus (unprivileged,
remote, logind, ...). Instead of guessing in advance, which kind of
connection we require (and sometimes guessing incorrectly), let's make
sure each time we need bus connection we request the right bus
explicitly.
This way, we set up exactly the bus connections require, never guess
incorrectly, and do so only immediately when necessary.
As effect this reworks avoid_bus() into install_client_side(), since
that's all it determines now: whether to install unit files client-side
or server-side (i.e. in PID 1).
We place the processes we fork off in the cgroup anyway, and we probably
shouldn't be able to get that far if we couldn't set up the slice due to
resource problems or unmet conditions. Hence upgrade the dependency
between units and the slices they are located in from Wants= to
Requires=.
In sd-bus, the sd_bus_open_xyz() family of calls allocates a new bus,
while sd_bus_default_xyz() family tries to reuse the thread's default
bus. bus_open_transport() sometimes internally uses the former,
sometimes the latter family, but suggests it only calls the former via
its name. Hence, let's avoid this confusion, and generically rename the
call to bus_connect_transport().
Similar for all related calls.
And while we are at it, also change cgls + cgtop to do direct systemd
connections where possible, since all they do is talk to systemd itself.
Previously, we'd allocate it sometimes from the heap, but otherwise let
it point directly int argv[]. Let's clean this up, so that we know
exactly how to release its resources, and do so at the end.
