e5f10cafe0
core: create inaccessible nodes for users when making runtime dirs
...
To support ProtectHome=y in a user namespace (which mounts the inaccessible
nodes), the nodes need to be accessible by the user. Create these paths and
devices in the user runtime directory so they can be used later if needed.
2019-12-18 11:09:30 -08:00
a49ad4c482
core: add test case for PrivateUsers=true in user manager
...
The test exercises that PrivateTmp=yes and ProtectHome={read-only,tmpfs}
directives work as expected when PrivateUsers=yes in a user manager.
Some code is also added to test-functions to help set up test cases that
exercise the user manager.
2019-12-18 11:09:30 -08:00
5749f855a7
core: PrivateUsers=true for (unprivileged) user managers
...
Let per-user service managers have user namespaces too.
For unprivileged users, user namespaces are set up much earlier
(before the mount, network, and UTS namespaces vs after) in
order to obtain capbilities in the new user namespace and enable use of
the other listed namespaces. However for privileged users (root), the
set up for the user namspace is still done at the end to avoid any
restrictions with combining namespaces inside a user namespace (see
inline comments).
Closes #10576
2019-12-18 11:09:30 -08:00
d909b40fda
analyze: badness if neither of RootImage and RootDirectory exists
...
Instead of requiring both RootImage and RootDirectory directives, give badness
points if neither is present. Fixes conversion in d737b451f
2019-12-18 20:38:04 +02:00
ecb040643d
Merge pull request #14376 from poettering/sd-event-no-stack
...
sd-event: don't use stack for event queue array
2019-12-18 17:18:07 +01:00
de697db05b
network: introduce AddPrefixRoute= and deprecate PrefixRoute=
...
PrefixRoute= was added by e63be0847c
2019-12-18 16:32:31 +01:00
0c8e33b6e9
Merge pull request #14377 from keszybz/fixups
...
Fixups
2019-12-18 16:21:20 +01:00
a0ce990e71
test-network: add test case for multipath routing
2019-12-18 22:12:57 +09:00
6ff5cc6b7a
network: introduce multipath route
...
Closes #12541 .
2019-12-18 22:12:57 +09:00
6497a8aa9b
sd-netlink: introduce rtattr_append_attribute()
...
It will be used in later commit.
2019-12-18 22:12:57 +09:00
9667e10b1a
Merge pull request #14365 from yuwata/networkctl-altname
...
network, udev: further alternative name support
2019-12-18 12:44:34 +01:00
b012a1f455
Make openssl dependency optional again
2019-12-18 11:24:44 +01:00
27b4b3cc92
update TODO
2019-12-18 11:02:21 +01:00
5cddd924aa
sd-event: don't allocate event queue array on stack
...
We might have quite a number of event sources, hence allocate this in a
buffer we can reuse on the heap, rather than on the stack.
2019-12-18 10:59:27 +01:00
ac6431dad9
man: add man page for sd_bus_message_sensitive()
2019-12-18 09:10:34 +01:00
4023637a8a
Restore silent handling of BUS_ERROR_SPEED_METER_INACTIVE
...
This only matters for the case where new networkctl is running against older
networkd. We should still handle the old error to avoid unnecessary warning
about speedmeeter being disabled.
This partially reverts commit e813de549b
2019-12-18 08:48:33 +01:00
1b49e3e3c4
shared/loop-util: rename function
...
As suggested in https://github.com/systemd/systemd/pull/14261#pullrequestreview-332398625 .
2019-12-18 08:48:33 +01:00
7a670b1dd9
shared/dropin: fix assert for invalid drop-in
...
Don't try to show top level drop-in for non-existent units or when trying to
instantiate non-instantiated units:
$ systemctl cat nonexistent@.service
Assertion 'name' failed at src/shared/dropin.c:143, function unit_file_find_dirs(). Aborting.
$ systemctl cat systemd-journald@.service
Assertion 'name' failed at src/shared/dropin.c:143, function unit_file_find_dirs(). Aborting.
2019-12-18 08:43:40 +01:00
51692fab56
Merge pull request #14370 from poettering/homed-preparation-misc
...
four smaller preparation patches from the homed PR
2019-12-18 11:17:59 +09:00
12742abe07
Merge pull request #14369 from poettering/pkcs11-cryptsetup-followup
...
PKCS#11 cryptsetup support followup
2019-12-18 11:16:17 +09:00
f27bb6abd3
initrd: make udev cleanup service confict trigger and settle too
...
Otherwise, systemd-udev-trigger|settle.service that ran in the initrd may
ramain active, and never re-run again from the system root.
This is observed by forexample examining ESP with udevadm info, which in the
initrd has all the ID_* variables, and none of them in fully booted system.
2019-12-17 21:38:11 +01:00
9652d74092
varlink: add varlink_close_unref() helper
2019-12-17 20:05:46 +01:00
e10720818e
chown-recursive: add fd based API
2019-12-17 20:03:40 +01:00
417a6eece8
chown-recursive: move src/core/chown-recursive.[ch] → src/shared/
...
We want to use it outside of the core, hence let's moved it to the
shared code directory.
2019-12-17 20:03:40 +01:00
845a7c1fc1
basic: add quota-util.[ch] with some helpers for the Linux quotactl() API
2019-12-17 20:03:40 +01:00
6789dd57f0
cryptsetup-pkcs11: just return zero on success, no need to return anything else
2019-12-17 18:54:07 +01:00
3ded1d616a
cryptsetup-pkcs11: line break some overly long lines
2019-12-17 18:54:04 +01:00
12f69587e9
cryptsetup-pkcs11: refuse keys above 16MiB size
2019-12-17 18:54:00 +01:00
2ccf0ff6e8
man: tweaks to the crypttab(5) man page
2019-12-17 18:53:45 +01:00
3d864658ea
hwdb: assume all Medion Akoya E-models have the same matrix
...
Since up to now all known Akoya E* models have the same Matrix, we assume all
other Akoya E* models work the same.
2019-12-17 18:15:34 +01:00
35a05d8d5e
man: whitespace fix
2019-12-17 18:02:04 +01:00
76b73ce21c
man: we support growing xfs too these days
2019-12-17 18:02:04 +01:00
601f91bec5
time-util: deal with systems where userspace has 64bit time_t but kernel does not
...
Fixes : #14362
2019-12-18 00:38:39 +09:00
e7bdadb5c6
network: support alternative name to get bus path for the link
2019-12-18 00:05:50 +09:00
f7581ed6e0
networkctl: support alternative name to specify interface
2019-12-18 00:05:50 +09:00
4d016e965b
udev: sort alternative names
...
Kernel preserves the order of alternative names. So, for user
visibility, let's sort the alternative names.
2019-12-18 00:05:50 +09:00
b04c5e51da
sd-netlink: introduce rtnl_resolve_link_alternative_names()
2019-12-18 00:05:50 +09:00
13b6c4c8de
Merge pull request #14267 from poettering/pkcs11-cryptsetup
...
just the pkcs11 hookup for classic cryptsetup (/etc/crypttab) split out of the homed PR
2019-12-17 15:30:32 +01:00
6e5df4036f
Merge pull request #14337 from yuwata/network-tc-fq-more
...
network: tc: introduce more FQ settings
2019-12-17 23:30:10 +09:00
1209ef94bd
[import] fix stdin/stdout pipe behavior in import/export tar/raw
...
The code existed in machinectl to use stdin/stdout if the path for
import/export tar/raw was empty or dash (-) but a check to
`fd_verify_regular` in importd prevented it from working.
Update the check instead to explicitly check for regular file or
pipe/fifo.
Fixes #14346
2019-12-17 23:14:53 +09:00
4d92039fce
Merge pull request #14352 from yuwata/sd-netlink-tiny-fixes
...
sd-netlink: tiny fixes
2019-12-17 23:10:46 +09:00
3267cb45e9
Merge pull request #14208 from poettering/json-homed-prepare
...
json bits from homed PR
2019-12-17 23:10:08 +09:00
05de16766b
hwdb: Add Bluetooth-attached Logitech MX Master
...
Except for the product IDs, the original MX Master appears identical to
the MX Master 2S.
2019-12-17 13:02:28 +01:00
0d9ac4ea57
Merge pull request #14360 from yuwata/udev-alternative-names-policy
...
udev: introduce AlternativeNamesPolicy= setting
2019-12-17 12:13:47 +01:00
4afb4a9cc5
systemctl: show what verbs support --dry-run in the help page
...
Signed-off-by: Bart Willems <bwillems@protonmail.com>
2019-12-17 11:08:00 +01:00
c16782577b
Merge pull request #14241 from keszybz/resume-timeout
...
Bump resume timeout to infinity
2019-12-17 10:34:43 +01:00
6d185cffb1
sd-netlink: add a whitespce between cast operator and variable
2019-12-17 17:36:08 +09:00
f501c25151
sd-netlink: make netlink_container_parse() takes size_t for rt_len
...
And use another unsigned short variable for RTA_OK() macro.
2019-12-17 17:35:25 +09:00
49f5cbe924
network: set AlternativeNamesPolicy= in 99-default.link
2019-12-17 15:44:48 +09:00
ef1d2c07f9
udev: introduce AlternativeNamesPolicy= setting
2019-12-17 15:44:43 +09:00
Anita Zhang