Previously when a log message grew beyond the maximum AF_UNIX/SOCK_DGRAM
datagram limit we'd send an fd to a deleted file in /dev/shm instead.
Because the sender could still modify the file after delivery we had to
immediately copy the data on the receiving side.
With memfds we can optimize this logic, and also remove the dependency
on /dev/shm: simply send a sealed memfd around, and if we detect the
seal memory map the fd and use it directly.
When running sysusers we would clobber file ownership and permissions
on the files /etc/passwd, /etc/group and /etc/[g]shadow.
This simply preserves the ownership and mode if existing files are
found.
The docs don't clarify what is expected, but I don't see any reason
why --type should be ignored.
Also restucture the compund conditions into separate clauses for
easier reading.
A combination of commits f3c80515c and 79d80fc14 cause nspawn to
silently fail with a commandline such as:
# systemd-nspawn -D /build/extra-x86_64 --bind=/usr
strace shows the culprit:
[pid 27868] writev(2, [{"Failed to create mount point /build/extra-x86_64/usr: File exists", 82}, {"\n", 1}], 2) = 83
For now, it's systemd itself that parses the options string, but as soon
as util-linux' swapon can take the option string directly with -o we
should pass it on unmodified.
In some cases it is preferable to ship system images with a pre-generated
binary hwdb database, to avoid having to build it at runtime, avoid shipping
the source hwdb files, or avoid storing large binary files in /etc.
So if hwdb.bin does not exist in /etc/udev/, fall back to looking for it in
UDEVLIBEXECDIR. This keeps the possibility to add files to /etc/udev/hwdb.d/
and re-generating the database which trumps the one in /usr/lib.
Add a new --usr flag to "udevadm hwdb --update" which puts the database
into UDEVLIBEXECDIR.
Adjust systemd-udev-hwdb-update.service to not generate the file in /etc if we
already have it in /usr.
While GNOME/KDE are generally capitalized, systemd tools generally are
not, hence let's not start doing so in the XDG_CURRENT_SESSION
environment variable.
UID or GID of 0 is valid, so we cannot use that to distinguish whether
calls to sd_bus_creds_get_* succeeded, and the return value from the
function is the only way to know about missing fields. Print "n/a" if
the fields are missing.
CID #1238779
The system start timeout as previously implemented would get confused by
long-running services that are included in the initial system startup
transaction for example by being cron-job-like long-running services
triggered immediately at boot. Such long-running jobs would be subject
to the default 15min timeout, esily triggering it.
Hence, remove this again. In a subsequent commit, introduce per-target
job timeouts instead, that allow us to control these timeouts more
finegrained.
These use the (deprecated) IPv4 address classes to deduce the corresponding subnet masks. This is useful when addresses
without subnet masks and prefix lengths are given.
Make use of these new functions from sd-dhcp-lease.
This reverts commit b1543c4c93.
We check b->address anyway, no need to check the return value,
especially given that the other #ifdef branch don't get the same
treatment.
