Mounts are "unmounted".
Swaps are "deactivated", not "turned off" nor "disabled".
Loop and DM devices are "detached", not "deleted".
Especially the deleting sounded a bit scary.
In bugreports about hangs during the late shutdown we are often missing
important information - what were we trying to unmount/detach when it hung.
Instead of printing what we successfully unmounted, print what we are
going to unmount/detach. And add messages to mark the completion of
categories (mount/swap/loop/DM).
In the words of Homer: If you don't try, you can't fail.
This is a revert of 9279749b84.
It used to be necessary to consider the umounting failed to make sure /
and /usr were remounted read-only, but that is no longer necessary as
everything is now remounted read-only anyway.
Moreover, this avoids a warning at shutdown saying a filesystem was not
unmounted. As the umounting of / is never attempted there was no
corresponding warning message saying which fs that failed. This caused some
spurious bug-reports from concerned users.
Cc: Michael Biebl <biebl@debian.org>
TARGET_UBUNTU is effectively the same as TARGET_DEBIAN. Given the Ubuntu
is unlikely to use systemd anytime soon there's no point in keeping this
separate.
This adds #ifdef HAVE_ATTR_XATTR_H guards around all usage of xattr.
This unbreaks building with --disable-xattr when <attr/xattr.h> doesn't exist.
<attr/xattr.h> and usage of fsetxattr() without
strncmp() could be used with size bigger then the size of the string,
because MAX was used instead of MIN.
If failing, print just the offending mount flag.
Whenever a message fails, mention the offending word, instead
of just giving the whole line. If one bad word causes just this
word to be rejected, print only the word. If one bad word causes
the whole line to be rejected, print the whole line too.
https://bugs.freedesktop.org/show_bug.cgi?id=56874
More specifically this adds a number of macros that resolve to
directories for udev rules, hwdb entries, tmpfiles and sysctl.
Thsi also includes three new macros for rebuilding the hwbd/catalog
index when a package drops in new files
This remove distro-specific support for early-boot SysV init scripts.
(And leaves support for normal SysV scripts untouched).
If distributions wish to continue to allow early-boot SysV scripts in
their distribution-specific way they should either maintain this patch
downstream manually, or write a generator for them, or simply ship all
those scripts with a .service wrapper.
We should always try to umount the old root dir if possible, instead of
overmounting it -- if that's possible.
The initial ("first") kernel rootfs can never be umounted, hence
for the usual nitrd case we never bothered using pivot_root() and
hence with fully unmounting it. However, fedup now tranisitions twice
during boot, and in that case it is highly desirable that the "second"
root dir is entirely unmounted when we switch to the "third". This patch
makes that possible.
The pivot_root() needs a directory in the "third" root dir, to move the
"second" root dir to. We use /mnt for that, under the assumption that
this directory is likely to exist, and is not itself a mount point.
As it turns out reboot() doesn't actually imply a file system sync, but
only a disk sync. Accordingly, readd explicit sync() invocations
immediately before we invoke reboot().
This is much less dramatic than it might sounds as we umount all
disks/read-only remount them anyway before going down.
If ListUnitFiles fails, or an OOM occurs, then dbus_message_unref()
will be called twice on "reply", causing systemd to crash. So remove
the call to dbus_message_unref(); it is unnecessary because of
the cleanup attribute on "reply".
[zj: modified to leave one dbus_message_unref() alone, per Colin
Walters' comment.]
A service that only sets the scheduling policy to round-robin
fails to be started. This is because the cpu_sched_priority is
initialized to 0 and is not adjusted when the policy is changed.
Clamp the cpu_sched_priority when the scheduler policy is set. Use
the current policy to validate the new priority.
Change the manual page to state that the given range only applies
to the real-time scheduling policies.
Add a testcase that verifies this change:
$ make test-sched-prio; ./test-sched-prio
[test/sched_idle_bad.service:6] CPU scheduling priority is out of range, ignoring: 1
[test/sched_rr_bad.service:7] CPU scheduling priority is out of range, ignoring: 0
[test/sched_rr_bad.service:8] CPU scheduling priority is out of range, ignoring: 100
Having unit(s) removed/not started, even if it solved the issue and allowed
to boot successfully, should still be considered an error, as something
clearly isn't right.
This patch elevates the log message from warning to error, and adds a status
message to make things more obvious.
Since we already allow defining the mode of AF_UNIX sockets and FIFO, it
makes sense to also allow specific user/group ownership of the socket
file for restricting access.
The mount() system call, which we issue before loading modules, will trigger
a modprobe by the kernel and block until it returns. Trying to load it again
later, will have exactly the same result as the first time.
This was premarily intended to support the LSB facility $httpd which is
only known by Fedora, and a bad idea since it lacks any real-life
usecase.
Similar, drop support for some other old Fedora-specific facilities.
Also, document the rules for introduction of new facilities, to clarify
the situation for the future.
The behaviour of the common name##_from_string conversion is surprising.
It accepts not only the strings from name##_table but also any number
that falls within the range of the table. The order of items in most of
our tables is an internal affair. It should not be visible to the user.
I know of a case where the surprising numeric conversion leads to a crash.
We will allow the direct numeric conversion only for the tables where the
mapping of strings to numeric values has an external meaning. This holds
for the following lookup tables:
- netlink_family, ioprio_class, ip_tos, sched_policy - their numeric
values are stable as they are defined by the Linux kernel interface.
- log_level, log_facility_unshifted - the well-known syslog interface.
We allow the user to use numeric values whose string names systemd does
not know. For instance, the user may want to test a new kernel featuring
a scheduling policy that did not exist when his systemd version was
released. A slightly unpleasant effect of this is that the
name##_to_string conversion cannot return pointers to constant strings
anymore. The strings have to be allocated on demand and freed by the
caller.
This adds SMACK label configuration options to socket units.
SMACK labels should be applied to most objects on disk well before
execution time, but two items remain that are generated dynamically
at run time that require SMACK labels to be set in order to enforce
MAC on all objects.
Files on disk can be labelled using package management.
For device nodes, simple udev rules are sufficient to add SMACK labels
at boot/insertion time.
Sockets can be created at run time and systemd does just that for
several services. In order to protect FIFO's and UNIX domain sockets,
we must instruct systemd to apply SMACK labels at runtime.
This patch adds the following options:
Smack - applicable to FIFO's.
SmackIpIn/SmackIpOut - applicable to sockets.
No external dependencies are required to support SMACK, as setting
the labels is done using fsetxattr(). The labels can be set on a
kernel that does not have SMACK enabled either, so there is no need
to #ifdef any of this code out.
For more information about SMACK, please see Documentation/Smack.txt
in the kernel source code.
v3 of this patch changes the config options to be CamelCased.
Add efivarfs to the mount_table in mount-setup.c, so the EFI variable
filesystem will be mounted when systemd executed.
The EFI variable filesystem will merge in v3.7 or v3.8 linux kernel.
Cc: Kay Sievers <kay@vrfy.org>
Cc: Lennart Poettering <lennart@poettering.net>
Cc: Mantas Mikulėnas <grawity@gmail.com>
Cc: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Cc: Matt Fleming <matt.fleming@intel.com>
Cc: Jeremy Kerr <jeremy.kerr@canonical.com>
Cc: Matthew Garrett <mjg@redhat.com>
Signed-off-by: Lee, Chun-Yi <jlee@suse.com>
Starting a swap unit pointing to (What) a symlink (e.g. /dev/mapper/swap
or /dev/disk/by-uuid/...) would have said unit marked active, following
the one using the "actual" device (/dev/{dm-1,sda3}), but that new unit
would be seen as inactive.
Since all requests to stop swap units would follow/redirect to it,
and it is seen inactive, nothing would be done (swapoff never called).
This is because this unit would be treated twice in
swap_process_new_swap, the second call to swap_add_one causing it to
eventually be marked inactive.
Michal Schmidt