Previously all journal files were owned by "adm". In order to allow
specific users to read the journal files without granting it access to
the full "adm" powers, introduce a new specific group for this.
"systemd-journal" has to be created by the packaging scripts manually at
installation time. It's a good idea to assign a static UID/GID to this
group, since /var/log/journal might be shared across machines via NFS.
This commit also grants read access to the journal files by default to
members of the "wheel" and "adm" groups via file system ACLs, since
these "almost-root" groups should be able to see what's going on on the
system. These ACLs are created by "make install". Packagers probably
need to duplicate this logic in their postinst scripts.
This also adds documentation how to grant access to the journal to
additional users or groups via fs ACLs.
Previously for cases like "su" or "sudo" where a session is attempted to
be created from within an existing one we used the audit session ID to
detect this and in such a case we simple returned the session data of
the original session a second time.
With this change we will now use the cgroup path of the calling path to
determine the old session, i.e. we only rely on our own session
identification scheme, instead of audits.
We will continue to keep the audit session ID and ours in sync however,
to avoid unnecessary confusion.
Harald encountered division by zero in manager_print_jobs_in_progress.
Clearly we had the watch enabled when we shouldn't - there were no
running jobs in m->jobs, only waiting ones. This is either a deadlock,
or maybe some of them would be detected as runnable in the next dispatch
of the run queue. In any case we mustn't crash.
Fix it by starting and stopping the watch based on n_running_jobs
instead of the number of all jobs.
When watches are installed from the bottom, it is always possible
to race, and miss a file creation event. The race can be avoided
if a watch is first established for a parent directory, and then for
the file in the directory. If the file is created in the time between,
the watch on the parent directory will fire.
Some messages (mostly at debug level) are added to help diagnose
pidfile issues.
Should fix https://bugzilla.redhat.com/show_bug.cgi?id=917075.
The android gadget driver for network tethering over rndis somehow has a
parent device with a null subsystem. Probably this is bug in android driver,
but it is easy enough to make systemd/udev behave gracefully and not
segfault. And this will help for making linux distros with systemd
(like fedora) work on android devices.
The userspace firmware loader is deprecated now, and will be entirely
removed when we depend on a kernel version with the built-in firmware
loader available.
Errors because of oom conditions or descriptor exhaustion should not
be ignored. We probably cannot recover from those conditions.
Current behaviour wrt. insufficient permissions is described in the
man page. It might make sense in case of user sessions, so I left
it as is.
The "OK" status messages should not draw attention to themselves.
It's better if they're not printed in bright/bold. Leave that
to errors and warnings.
Use a plain inconspicuous enterprisey green.
We only mount "/usr" and entries marked with "x-initrd.mount".
This (together with the right unit files) is needed in the initramfs in order to
natively support mounting /usr (and friends) from the initramfs.
The way it is meant to work is:
* wait for sysroot.mount to be mounted
* do a daemon-reload to generate sysroot-usr.mount (++) from /sysroot/etc/fstab
* wait for sysroot-usr.mount to be mounted
* switch-root
Cc: Harald Hoyer <harald.hoyer@gmail.com>
Cc: Dave Reisner <d@falconindy.com>
I originally added this to stay as compatible as possible with the kernel, but
as Lennart argued it is not really useful in the initramfs, so let's drop it (we
already don't support 'rootdealy').
The columnar output can become pretty horrible. When GNOME inhibits
power/suspend/hibernate keys, the "WHAT" column's text extends to "WHO"
and even "WHY". At the same time, all texts in "WHY" are of the form
GNOME handlin...sses
Receiving sle...ions
GNOME needs t...reen
This patch splits each inhibit entry into four lines, allowing the full
text to fit in a normal-width terminal.
All active units will call unit_notify() during coldplug, so we just
make sure we're counting from zero again and get the correct result for
n_on_console.
For n_running_jobs we likewise reset it to zero and then count
the running jobs as we encounter them in deserialization.
unit_notify is fired in deserelization code (particulary in
service_set_state). Units passed in random order, and there is possibility,
that unit with StopWhenUnneeded=yes passed before it actual dependecies. In
that case unit will be stopped as unneeded, because deps in UNIT_INACTIVE state
yet.
So, reuse similar logic (unit.c:1421) to avoid this race
If rd.luks.uuid or luks.uuid is specified on the kernel command, only
generate units for these UUIDs. Additionally use the information in
/etc/crypttab unless rd.luks.crypttab=0 or luks.crypttab=0 is specified.
This partially reverts 7ad94c716d.
After that commit commands such as "systemctl enable" and friends
printed the search path information multiple times in its output, which
is ugly.
If we want the search paths to be printed at a higher log level, then we
should do this in PID 1 only, i.e. split the printing out of the normal
path lookup logic and invoke that explicitly from PID 1 but not in the
auxiliary tools.
Using less as a pager sometimes breaks terminal when output
is interrupted by ctrl-c.
Reproducer: run 'sudo journalctl' ctrl-c.
Thanks mbriza@redhat.com for the solution.
