$ sudo dracut -f
Trying to run as user instance, but $XDG_RUNTIME_DIR is not set.
/usr/lib/dracut/modules.d/98systemd/module-setup.sh: line 10:
((: >= 198 : syntax error: operand expected (error token is ">= 198 ")
Instead of individually checking for containers in each user do this
once in a new call proc_cmdline() that read the file only if we are not
in a container.
First drop the capabilities of the userhelpers before dropping our own,
otherwise we might not be allowed to drop the capabilities of the
userhelpers. Especially, if we want to drop CAP_SYS_MODULE.
Credits: Matteo Sasso
Stop importing non-sensical kernel-exported variables. All
parameters in the kernel command line are exported to the
initial environment of PID1, but suppressed if they are
recognized by kernel built-in code. The EFI booted kernel
will add further kernel-internal things which do not belong
into userspace.
The passed original environ data of the process is not touched
and preserved across re-execution, to allow external reading of
/proc/self/environ for process properties like container*=.
Since we'll unload all units/job during a reload, and then readd them it
is really useful for clients to be aware of this phase hence sent a
signal out before and after. This signal is called "Reloading" (despite
the fact that it is also sent out during reexecution, which we consider
a special case in this context) and has one boolean parameter which is
true for the signal sent before the reload, and false for the signal
after the reload. The UnitRemoved/JobRremoved and UnitNew/JobNew due to
the reloading are guranteed to be between the pair of Reloading
messages.
During shutdown, when we try to clean up all remaining processes, the
kernel will fork new agents every time a cgroup runs empty. These
new processes cause delays in the final SIGTERM, SIGKILL logic.
Apart from that, this should also avoid that the kernel-forked binaries
cause unpredictably timed access to the filesystem which we might need to
unmount.
Use proper grammar, word usage, adjective hyphenation, commas,
capitalization, spelling, etc.
To improve readability, some run-on sentences or sentence fragments were
revised.
[zj: remove the space from 'file name', 'host name', and 'time zone'.]
Transient units can be created via the bus API. They are configured via
the method call parameters rather than on-disk files. They are subject
to normal GC. Transient units currently may only be created for
services (however, we will extend this), and currently only ExecStart=
and the cgroup parameters can be configured (also to be extended).
Transient units require a unique name, that previously had no
configuration file on disk.
A tool systemd-run is added that makes use of this functionality to run
arbitrary command lines as transient services:
$ systemd-run /bin/ping www.heise.de
Will cause systemd to create a new transient service and run ping in it.
Replace the very generic cgroup hookup with a much simpler one. With
this change only the high-level cgroup settings remain, the ability to
set arbitrary cgroup attributes is removed, so is support for adding
units to arbitrary cgroup controllers or setting arbitrary paths for
them (especially paths that are different for the various controllers).
This also introduces a new -.slice root slice, that is the parent of
system.slice and friends. This enables easy admin configuration of
root-level cgrouo properties.
This replaces DeviceDeny= by DevicePolicy=, and implicitly adds in
/dev/null, /dev/zero and friends if DeviceAllow= is used (unless this is
turned off by DevicePolicy=).
This complements existing functionality of setting variables
through 'systemctl set-environment', the kernel command line,
and through normal environment variables for systemd in session
mode.
This is a minor fix because it's not a major issue, this fix just avoid
to get EINVAL error from sigaction(2).
There are two signals can not handled at user space, SIGKILL and
SIGSTOP even we're PID 1, trying to handle these two signals will get
EINVAL error.
There are two kinds of systemd instance, running as system manager or
user session manager, apparently, the latter is a general user space
process which can not handle SIGKILL. The special pid 1 also can not
do that refer to kernel/signal.c:do_sigaction().
However, pid 1 is unkillable because the kernel did attach
SIGNAL_UNKILLABLE to it at system boot up, refer to
init/main.c:start_kernel()
--> rest_init()
--> kernel_thread()
--> kernel_init()
--> init_post()
current->signal->flags |= SIGNAL_UNKILLABLE
This partially reverts commit c3a170f3, which moved
efi_get_boot_timestamps too early in main(), before
/sys is assured to be mounted
Bugzilla: https://bugs.freedesktop.org/show_bug.cgi?id=64371
[tomegun: in particular /sys/firmware/efi/efivars needs to be
mounted, which is not a problem if a systemd-initramfs containing
the correct module is being used. But not everyone uses an
initramfs...]
A new config file /etc/systemd/sleep.conf is added.
It is parsed by systemd-sleep and logind. The strings written
to /sys/power/disk and /sys/power/state can be configured.
This allows people to use different modes of suspend on
systems with broken or special hardware.
Configuration is shared between systemd-sleep and logind
to enable logind to answer the question "can the system be
put to sleep" as correctly as possible without actually
invoking the action. If the user configured systemd-sleep
to only use 'freeze', but current kernel does not support it,
logind will properly report that the system cannot be put
to sleep.
https://bugs.freedesktop.org/show_bug.cgi?id=57793https://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=7e73c5ae6e7991a6c01f6d096ff8afaef4458c36http://lists.freedesktop.org/archives/systemd-devel/2013-February/009238.html
SYSTEM_CONFIG_FILE and USER_CONFIG_FILE defines were removed
since they were used in only a few places and with the
addition of /etc/systemd/sleep.conf it becomes easier to just
append the name of each file to the dir name.
The time for systemd initialization and selinux policy loading
is accounted to the initrd or the kernel, which is wrong.
Instead of:
Startup finished in 5.559s (firmware) + 36ms (loader) + 665ms (kernel) +
975ms (initrd) + 1.410s (userspace) = 8.647s
the more correct output is:
Startup finished in 5.559s (firmware) + 36ms (loader) + 665ms (kernel) +
475ms (initrd) + 1.910s (userspace) = 8.647s
The information about the unit for which files are being parsed
is passed all the way down. This way messages land in the journal
with proper UNIT=... or USER_UNIT=... attribution.
'systemctl status' and 'journalctl -u' not displaying those messages
has been a source of confusion for users, since the journal entry for
a misspelt setting was often logged quite a bit earlier than the
failure to start a unit.
Based-on-a-patch-by: Oleksii Shevchuk <alxchk@gmail.com>
When switching root, i.e. LANG can be set to the locale of the initramfs
or "C", if it was unset. When systemd deserializes LANG in the real root
this would overwrite the setting previously gathered by locale_set().
To reproduce, boot with an initramfs without locale.conf or change
/etc/locale.conf to a different language than the initramfs and check a
daemon started by systemd:
$ tr "$\000" '\n' </proc/$(pidof sshd)/environ | grep LANG
LANG=C
To prevent that, serialization of environment variables is skipped, when
serializing for switching root.
https://bugzilla.redhat.com/show_bug.cgi?id=949525
Before, we would initialize many fields twice: first
by filling the structure with zeros, and then a second
time with the real values. We can let the compiler do
the job for us, avoiding one copy.
A downside of this patch is that text gets slightly
bigger. This is because all zero() calls are effectively
inlined:
$ size build/.libs/systemd
text data bss dec hex filename
before 897737 107300 2560 1007597 f5fed build/.libs/systemd
after 897873 107300 2560 1007733 f6075 build/.libs/systemd
… actually less than 1‰.
A few asserts that the parameter is not null had to be removed. I
don't think this changes much, because first, it is quite unlikely
for the assert to fail, and second, an immediate SEGV is almost as
good as an assert.
Instead of outputting "5h 55s 50ms 3us" we'll now output "5h
55.050003s". Also, while outputting the accuracy is configurable.
Basically we now try use "dot notation" for all time values > 1min. For
>= 1s we use 's' as unit, otherwise for >= 1ms we use 'ms' as unit, and
finally 'us'.
This should give reasonably values in most cases.
Internally we store all time values in usec_t, however parse_usec()
actually was used mostly to parse values in seconds (unless explicit
units were specified to define a different unit). Hence, be clear about
this and name the function about what we pass into it, not what we get
out of it.
Back from old times when we developed systemd on non-systemd hosts we
still mounted the missing directories such as the cgroup stuff even when
running with a PID != 1. There's no point for that anymore, so let's
just do that if we are actually PID 1, and never otherwise.
https://bugs.freedesktop.org/show_bug.cgi?id=62354
In order to maintain compatibility with older initrds which do not have
AllowIsolate=yes set for their target units, fallback to JOB_REPLACE if
JOB_ISOLATE doesn't work, but complain about it.
SMACK is the Simple Mandatory Access Control Kernel, a minimal
approach to Access Control implemented as a kernel LSM.
The kernel exposes the smackfs filesystem API through which access
rules can be loaded. At boot time, we want to load the access rules
as early as possible to ensure all early boot steps are checked by Smack.
This patch mounts smackfs at the new location at /sys/fs/smackfs for
kernels 3.8 and above. The /smack mountpoint is not supported.
After mounting smackfs, rules are loaded from the usual location.
For more information about Smack see:
http://www.kernel.org/doc/Documentation/security/Smack.txt
This allows switch-root to work correctly if a unit is active both before and
after the switch-root, but its dependencies change. Before the patch, any
dependencies added to active units by switch-root will not be pulled, in
particular filesystems configured in /etc/fstab would not be activated if
local-fs.target was active in the initrd.
It is not clear to me if there is a bug in the REPLACE handling, or if it is
working as expected and that we really want to use ISOLATE instead as this patch
does.
Turns out cpuset needs explicit initialization before we could make use
of it. Thus mounting cpuset with cpu/cpuacct would make it impossible to
just create a group in "cpu" and start it.
Note: I did s/MANAGER/SYSTEMD/ everywhere, even though it makes the
patch quite verbose. Nevertheless, keeping MANAGER prefix in some
places, and SYSTEMD prefix in others would just lead to confusion down
the road. Better to rip off the band-aid now.
When the new PID is invoked the journal socket from the initrd might
still be around. Due to the default log target being journal we'd log to
that initially when the new main systemd initializes even if the kernel
command line included a directive to redirect systemd's logging
elsewhere.
With this fix we initially always log to kmsg now, if we are PID1, and
only after parsing the kernel cmdline try to open the journal if that's
desired.
(The effective benefit of this is that SELinux performance data is now
logged again to kmsg like it used to be.)
Properly tell the kernel at bootup, and any later time zone changes,
the actual system time zone.
Things like the kernel's FAT filesystem driver needs the actual time
zone to calculate the proper local time to use for the on-disk time
stamps.
https://bugzilla.redhat.com/show_bug.cgi?id=802198
For setups with many listening sockets the default kernel resource limit
of 1024 fds is not enough. Bump this up to 64K to avoid any limitations
in this regard. We are careful to pass on the kernel default to daemons
however, since normally resource limits are a good to enforce,
especially since select() can't handle fds > 1023.
After talking to the cgroup kernel folks at LPC we came to the
conclusion that it is probably a good idea to mount all CPU related
resp. all network related cgroup controllers together, both because they
are good defaults for admins and because this might prepare
for eventual kernel cleanups where the ability to mount them separately
is removed.
Adds messages for formally silent errors: new "Failed on cmdline argument %s: %s".
Removes some specific error messages for -ENOMEM in mount-setup.c. A few specific
ones have been left in other binaries.
systemd --version mirrors systemctl --version:
$ ./systemd --version
systemd 186
other
+PAM +LIBWRAP +AUDIT +SELINUX +IMA +SYSVINIT -LIBCRYPTSETUP
This information can be retrieved by other means (systemctl, etc.),
but it's easier for a newbie if 'systemd --version' says something
useful. And 'systemd --help' is already there, so let's complement
that with '--version'.
This adds a timeout if the TTY cannot be acquired and makes sure we
always output the question to the console, never to the TTY of the
respective service.
This option never made much sense. It was originally intended to make
sure that the usual startup output of sysv scripts goes to the terminal.
However, since SysV scripts started from a terminal would not output to
that terminal, but rather /dev/console this effect was more often than
not actually taking place. Nowadays systemd has much nicer boot time
status output than SysV which makes the sysv output redundant. Finally,
all output of services goes to the journal anyway, and is not lost.
Hence, let's drop this option, and simplify things a bit.
This also ensures that caps dropped from the bounding set are also
dropped from the inheritable set, to be extra-secure. Usually that should
change very little though as the inheritable set is empty for all our uses
anyway.
If systemd serializes from a switch_root, it adds "--switchedroot" to
the systemd in the real root.
If "--switchedroot" is found, then we do not skip all the stuff, which
is skipped for normal rexecs.
The ability to set MountAuto=no and SwapAuto=no was useful during the
adoption phase of systemd, so that distributions could stick to their
classic mount scripts a bit longer. It is about time to get rid of it
now.
