A timer configured with OnActiveSec will start its associated unit again
if the timer is stopped, then started. However, if the timer unit is
restarted -- with "systemctl restart", say -- this does not occur.
This commit ensures that TIMER_ACTIVE timers are re-enabled whenever the
timer is started, even if that's within a restart job.
Our initrd interface specifies that the verb is in argv[1].
This is where systemd passes it to systemd-shutdown, but getopt
permutes argv[]. This confuses dracut's shutdown script:
Shutdown called with argument '--log-level'. Rebooting!
getopt can be convinced to not permute argv[] by having '-' as the first
character of optstring. Let's use it. This requires changing the way
non-option arguments (in our case, the verb) are processed.
This fixes a bug where the system would reboot instead of powering off.
The SELinux policy defines no context for some files. E.g.:
$ matchpathcon /run/lock/subsys /dev/mqueue
/run/lock/subsys <<none>>
/dev/mqueue <<none>>
We still need to be able to create them.
In this case selabel_lookup_raw() returns ENOENT. We should then skip
setfscreatecon(), but still return success.
It was broken since c34255bdb2 ("label: unify code to make directories,
symlinks").
Not all switch roots are like base_filesystem_create() wants them
to look like. They might even boot, if they are RO and don't have the FS
layout. Just ignore the error and switch_root nevertheless.
base_filesystem_create() should have logged, what went wrong.
We really don't want to get lost in adding fridge, car, plane, drone, or
whatever else, hence add a generic term "embedded" cover all the cases
where the computer is just part of something bigger, and not at the
focus of things.
That way only one file with condition code remaining, in src/shared/,
rather than src/core/.
Next step: dropping the "-util" suffix from condition-util.[ch].
When used in an initramfs, it's expected that the hwdb.bin file is
not present (it makes for a very large initramfs otherwise).
While it's nice to tell the user about this, as it's not strictly
speaking an error we really shouldn't be so forceful in our
reporting.
For priviliged units this resource control property ensures that the
processes have all controllers systemd manages enabled.
For unpriviliged services (those with User= set) this ensures that
access rights to the service cgroup is granted to the user in question,
to create further subgroups. Note that this only applies to the
name=systemd hierarchy though, as access to other controllers is not
safe for unpriviliged processes.
Delegate=yes should be set for container scopes where a systemd instance
inside the container shall manage the hierarchies below its own cgroup
and have access to all controllers.
Delegate=yes should also be set for user@.service, so that systemd
--user can run, controlling its own cgroup tree.
This commit changes machined, systemd-nspawn@.service and user@.service
to set this boolean, in order to ensure that container management will
just work, and the user systemd instance can run fine.
This mirrors code in dbus.c when creating the private socket and
avoids error messages like:
systemd[1353]: bind(/run/user/603/systemd/notify) failed: No such file or directory
systemd[1353]: Failed to fully start up daemon: No such file or directory
The metadata logic in kdbus has seen a rework, and the only mandatory
change we have to follow for now is that attach_flags in kdbus_cmd_hello
is now split into two parts, attach_flags_send and attach_flags_recv.
In kdbus a "server id" is mostly a misnomer, as there isn't any "server"
involved anymore. Let's rename this to "owner" id hence, since it is an
ID that is picked by the owner of a bus or direct connection. This
matches nicely the sd_bus_get_owner_creds() call we already have.
