Using ConditionSecurity a unit can depend on a security module being
enabled/disabled. For now the only recognized security module is SELinux.
I'd like to use this feature for a unit that creates /.autorelabel if
SELinux is disabled, to ensure a relabel is done automatically when the
system is later rebooted with SELinux enabled.
Instead of the /dev/.run trick we have currently implemented, we decided
to move the early-boot runtime dir to /run.
An existing /var/run directory is bind-mounted to /run. If /var/run is
already a symlink, no action is taken.
An existing /var/lock directory is bind-mounted to /run/lock.
If /var/lock is already a symlink, no action is taken.
To implement the directory vs. symlink logic, we have a:
ConditionPathIsDirectory=
now, which is used in the mount units.
Skipped mount unit in case of symlink:
$ systemctl status var-run.mount
var-run.mount - Runtime Directory
Loaded: loaded (/lib/systemd/system/var-run.mount)
Active: inactive (dead)
start condition failed at Fri, 25 Mar 2011 04:51:41 +0100; 6min ago
Where: /var/run
What: /run
CGroup: name=systemd:/system/var-run.mount
The systemd rpm needs to make sure to add something like:
%pre
mkdir -p -m0755 /run >/dev/null 2>&1 || :
or it needs to be added to filesystem.rpm.
Udev -git already uses /run if that exists, and is writable at bootup.
Otherwise it falls back to the current /dev/.udev.
Dracut and plymouth need to be adopted to switch from /dev/.run to run
too.
Cheers,
Kay
Hello,
i`ve been using systemd for a while now, and found out that when
using NICE parameter for .service files the varible is not set correctly.
i`ve found the problem in file *load-fragment.c* function
*config_parse_nice* variable /*c->nice_set = false;*/ should be
/*c->nice_set = true;*/
Problem is alsom manifesting on v17 but did not upgrade yet ...
The property StopRetroactively= needs to be per-dependency, not
per-unit, in order to properly express dependencies between .mount units
and its .device and fsck .service units. If the .device unit is
unplugged the mount should go away, but if the fsck process terminates
the .mount should stay.
This patch adds a cpp definition HAVE_SYSV_COMPAT that is used to
isolate code dealing with /etc/init.d and /etc/rcN.d for systems where
it does not make sense (one that does not use sysv or one that is fully
systemd native).
The patch tries to be as little intrusive as possible, however in
order to minimize the number of #ifdef'ed regions I've reordered some
code in path-lookup.c:lookup_paths_init() where all code dealing with
sysv is now isolated under running_as == MANAGER_SYSTEM as well.
Moreover, In struct Service, some fields were rearranged to reduce
the number of ifdefs.
Lennart's suggestions were fixed and squashed with the original patch,
that was sent by Gustavo Sverzut Barbieri (barbieri@profusion.mobi).
This replaces OOMAdjust= by OOMScoreAdjust= in the config files,
breaking compatibility with older unit files. However, this keeps compat
with older kernels which lack the new OOM rework.
Some unit shall never be start on user request (e.g. shutdown.target)
others never be stopped on user request (e.g. auditd.servce), hence
offer options for both.
Hi,
attached path extends socket configurables with another
knob - TCP Congestion Avoidance selection. Linux implements
handful of those, useful in various situations. For example,
TCP Low Priority may be used by FTP service to gracefully
yield bandwidth for more important TCP/IP streams.
Until recently TCP_CONGESTION was Linux-specific, recently
FreeBSD 8 and OpenSolaris gained compatible support.
Lennart Poettering