Also, while we are at it, beef it up, by adding json-seq support (i.e.
https://tools.ietf.org/html/rfc7464). This is particularly useful in
conjunction with jq's --seq switch.
Mempool use is enabled or disabled based on the mempool_use_allowed symbol that
is linked in.
Should fix assert crashes in external programs caused by #9792.
Replaces #10286.
v2:
- use two different source files instead of a gcc constructor
Instead of
Please enter passphrase for disk <disk-name>!
use
Please enter passphrase for disk <disk-name>:
which is more polite and matches Plymouth convention.
This way users can directly influence the tty size if they like when
nspawn is invoked as a service and thus stdin/stdout/stderr are not
connected to a TTY.
On EFI variables that aren't whitelisted in the kernel the
FS_IMMUTABLE_FL is set, as protection against accidental
removal/modification. Since our own variables do not appear in those
whielists, and we are not changing these variables, let's unset the flag
temporarily when needed. We restore the flag after all writes, just in
case.
let's add an env var for this, as this really shouldn't be a top-level
feature, as it turning off the validity checks certainly isn't
advisable.
Fixes: #4925
boot_loader_read_conf(), boot_entries_find(), boot_entries_load_config()
all log their errors internally, hence no need to log a second or third
time about the same error when they return.
We do these checks only for the high-level calls as for the low-level
ones it might make sense in some exotic uses to read the host EFI data
from a container or so.
Let's separate out the unit files copied from attached portable service
image files from the admin's own files. Let's introduce
/etc/systemd/system.attached/ + /run/systemd/system.attached/ for the
files of portable services, and leave /etc/systemd/system/ and
/run/systemd/system/ for the admin.
/etc/systemd/sleep.conf gains four new switches:
AllowSuspend=, AllowHibernation=, AllowSuspendThenHibernate=, AllowHybridSleep=.
Disabling specific modes was already possible by masking suspend.target,
hibernate.target, suspend-then-hibernate.target, or hybrid-sleep.target.
But this is not convenient for distributions, which want to set some defaults
based on what they want to support. Having those available as configuration
makes it easy to put a config file in /usr/lib/systemd/sleep.conf.d/ that
overrides the defaults and gives instructions how to undo that override.
While the config parser correctly handles the case of multiple IPs,
bus_append_cgroup_property was only parsing one IP,
and it would fail with "Failed to parse IP address prefix" when given
a list of IPs.
We want to store either the first error or the total number of changes in 'r'.
Instead, we were overwriting this with the return value from
install_info_traverse().
LGTM complained later in the loop that:
> Comparison is always true because r >= 0.
The raison d'etre for this program is printing machine-app-specific IDs. We
provide a library function for that, but not a convenient API. We can hardly
ask people to quickly hack their own C programs or call libsystemd through CFFI
in python or another scripting language if they just want to print an ID.
Verb 'new' was already available as 'journalctl --new-id128', but this makes
it more discoverable.
v2:
- rename binary to systemd-id128
- make --app-specific= into a switch that applies to boot-id and machine-id
Allows configuring the watchdog signal (with a default of SIGABRT).
This allows an alternative to SIGABRT when coredumps are not desirable.
Appropriate references to SIGABRT or aborting were renamed to reflect
more liberal watchdog signals.
Closes#8658