We finally got the OK from all contributors with non-trivial commits to
relicense systemd from GPL2+ to LGPL2.1+.
Some udev bits continue to be GPL2+ for now, but we are looking into
relicensing them too, to allow free copy/paste of all code within
systemd.
The bits that used to be MIT continue to be MIT.
The big benefit of the relicensing is that closed source code may now
link against libsystemd-login.so and friends.
This adds minimal hardware watchdog support to PID 1. The idea is that
PID 1 supervises and watchdogs system services, while the hardware
watchdog is used to supervise PID 1.
This adds two hardware watchdog configuration options, for the runtime
watchdog and for a shutdown watchdog. The former is active during normal
operation, the latter only at reboots to ensure that if a clean reboot
times out we reboot nonetheless.
If the runtime watchdog is enabled PID 1 will automatically wake up at
half the configured interval and write to the watchdog daemon.
By default we enable the shutdown watchdog, but leave the runtime
watchdog disabled in order not to break independent hardware watchdog
daemons people might be using.
This is only the most basic hookup. If necessary we can later on hook
up the watchdog ping more closely with services deemed crucial.
This is an S/MIME signed message
The new function ima_setup() loads an IMA custom policy from a file in the
default location '/etc/ima/ima-policy', if present, and writes it to the
path 'ima/policy' in the security filesystem. This function is executed
at early stage in order to avoid that some file operations are not measured
by IMA and it is placed after the initialization of SELinux because IMA
needs the latter (or other security modules) to understand LSM-specific
rules. This feature is enabled by default and can be disabled by providing
the option '--disable-ima' to the configure script.
Signed-off-by: Roberto Sassu <roberto.sassu@polito.it>
Acked-by: Gianluca Ramunno <ramunno@polito.it>
The assumption that the initial job is the job with id==1 is incorrect.
Some jobs may be enqueued before the job that starts the default unit as
in this example:
-.mount changed dead -> mounted
Trying to enqueue job quotacheck.service/start/fail
Installed new job quotacheck.service/start as 1
Installed new job systemd-stdout-syslog-bridge.socket/start as 2
Enqueued job quotacheck.service/start as 1
Trying to enqueue job quotaon.service/start/fail
Installed new job quotaon.service/start as 5
Enqueued job quotaon.service/start as 5
Activating default unit: default.target
Trying to enqueue job graphical.target/start/replace
This fixes a bug where displaying of boot status messages was turned off
too early.
Immediately after forking off a process change the comm name and argv[0]
to "(foobar)" where "foobar" is the basename of the path we are about to
execute.
This should be useful when charting boot progress.
When systemd starts, plymouth may be already displaying progress
graphically. Do not switch the console to text mode at that time.
All other users of reset_terminal_fd() do the switch as before.
This avoids a graphical glitch with plymouth, especially visible with
vesafb, but could be also seen as a sub-second blink with radeon.
https://bugzilla.redhat.com/show_bug.cgi?id=785548
Now that objects of all unit types are allocated the exact amount of
memory they need, the Unit union has lost its purpose. Remove it.
"Unit" is a more natural name for the base unit class than "Meta", so
rename Meta to Unit.
Access to members of the base class gets simplified.
Instead of having individual counters n_serializing and n_deserializing
have a single one n_reloading, which should be sufficient.
Set n_reloading when we are about to go down for reexecution to avoid
cgroup trimming when we free the units for reexecution.
We check for LOCAL in /etc/adjtime and if needed, ask the kernel to
apply the timezone delta to the system clock.
The very first call of settimeofday() without a time, but a timezone
warps the system clock, so that it properly runs in UTC.
Explicitly disconnect all clients from a VT when a getty starts/finishes
(requires TIOCVHANGUP, available in 2.6.29).
Explicitly deallocate getty VTs in order to flush scrollback buffer.
Explicitly reset terminals to a defined state before spawning getty.
Instead of the /dev/.run trick we have currently implemented, we decided
to move the early-boot runtime dir to /run.
An existing /var/run directory is bind-mounted to /run. If /var/run is
already a symlink, no action is taken.
An existing /var/lock directory is bind-mounted to /run/lock.
If /var/lock is already a symlink, no action is taken.
To implement the directory vs. symlink logic, we have a:
ConditionPathIsDirectory=
now, which is used in the mount units.
Skipped mount unit in case of symlink:
$ systemctl status var-run.mount
var-run.mount - Runtime Directory
Loaded: loaded (/lib/systemd/system/var-run.mount)
Active: inactive (dead)
start condition failed at Fri, 25 Mar 2011 04:51:41 +0100; 6min ago
Where: /var/run
What: /run
CGroup: name=systemd:/system/var-run.mount
The systemd rpm needs to make sure to add something like:
%pre
mkdir -p -m0755 /run >/dev/null 2>&1 || :
or it needs to be added to filesystem.rpm.
Udev -git already uses /run if that exists, and is writable at bootup.
Otherwise it falls back to the current /dev/.udev.
Dracut and plymouth need to be adopted to switch from /dev/.run to run
too.
Cheers,
Kay
Commit 099663ff8c added "b" as a
recognized argument, however, B is not a runlevel like S. (B appears
as a pseudo runlevel in openSUSE's init.d scripts only for the sake of
insserv being able to manage /etc/init.d/boot.d like the other dirs).
