With this change the logic for placing transient unit files and drop-ins
generated via "systemctl set-property" is reworked.
The latter are now placed in the newly introduced "control" unit file
directory. The fomer are now placed in the "transient" unit file directory.
Note that the properties originally set when a transient unit was created will
be written to and stay in the transient unit file directory, while later
changes are done via drop-ins.
This is preparation for a later "systemctl revert" addition, where existing
drop-ins are flushed out, but the original transient definition is restored.
This patch adds a concept of a "control" unit file directory, which is supposed
to be used as place for unit file drop-ins created by "systemctl set-property"
(note that this directory is not actually hooked up to "systemctl set-property"
yet, that's coming in a later patch).
The rationale for this: previously changes made by the user and by "systemctl
set-property" were done in the same directory, which made semantics very
unclear: the changes made by "systemctl set-property" were applied instantly,
and their drop-ins only written to not lose settings on a later "systemctl
daemon-reload", while drop-ins made by the user would only be in effect after
"systemctl daemon-reload". This is particular problematic as the changes made
by "systemctl set-property" would really apply immediately without any respect
for the unit search path. This meant that using "set-property" could have an
effect that is lsot as soon as "daemon-reload" is issued, in case there was a
"later" drop-in already in place.
With this change the directories are seperated, and the "control" directory
always takes the highest priority of all, to avoid any confusion.
This is too confusing, as this funciton returns the paths to the generator
binaries, while usually when we refer to the just the "generator path" we mean
the generated unit files. Let's clean this up.
Previously, libxkbcommon was a compile-time option. When enabled the localed
binary would strictly depend on it, thus pulling in libxkbcommon and its
dependencies, which are non-trivial in size.
With this change we dlopen() libxkbcommon when it is available instead. If the
library is available behaviour is as before. However, if it isn't the system is
considered "headless", i.e. without local hardware and all attempts to set the
local keyboard configuration will be refused.
This is useful for general-purpose distributions which want to support
"headless" (such as container systems) and "full" systems with the same build.
Now, that the search path logic knows the unit path for transient units we also
can introduce an explicit unit file state "transient" that clarifies to the
user what kind of unit file he is encountering.
Previously, we'd execute some operations with the root prefix applied, while
others without (which was a bug). Clean this up: all paths are now prefixed
properly with the root path, and we strip it off when necessary.
(Of course, an alternative option would be to strictly pass around paths
without the prefix prepended and only prepend it right before hitting the disk,
however, I am came to the conclusion this would result in more code.)
Let's modernize these calls a bit.
Also, don't call them from user_dirs() anymore, as we already have both dirs in
the list a second time via the persistent_config and runtime_config function
parameters.
The drop-in order we present should actually show what we is in effect, hence
let's not reorder it when writing changes. After all, just sorting
alphabetically is going to break things, as it doesn't respect that /etc breaks
/run breaks /usr...
Previously, when creating a transient unit, we'd first add the transient
drop-ins to the unit, and then normally load any other drop-ins later on top of
this, replacing the already loaded drop-ins. Let's not do this, after all the
transient drop-ins area already in effect, let's just add what we find on disk,
but not replace it.
Previously, transient units were created below the normal runtime directory
/run/systemd/system. With this change they are created in a special transient
directory /run/systemd/transient, which only contains data for transient units.
This clarifies the life-cycle of transient units, and makes clear they are
distinct from user-provided runtime units. In particular, users may now
extend transient units via /run/systemd/system, without systemd interfering
with the life-cycle of these files.
This change also adds code so that when a transient unit exits only the
drop-ins in this new directory are removed, but nothing else.
Fixes: #2139
We use the root directory parameter while putting together the LookupPaths
structure, hence let's also store it in the structure as-is. That way we can
drop a parameter from half of the functions in install.c
Also, let's move the validation of the root paths into lookup_paths_init() so
that we can drop even more code from install.c
This replaces the old function call manager_is_reloading_or_reexecuting() which
was used only at very few places. Use the new macro wherever we check whether
we are reloading. This should hopefully make things a bit more readable, given
the nature of Manager:n_reloading being a counter.
Previously, we had two enums ManagerRunningAs and UnitFileScope, that were
mostly identical and converted from one to the other all the time. The latter
had one more value UNIT_FILE_GLOBAL however.
Let's simplify things, and remove ManagerRunningAs and replace it by
UnitFileScope everywhere, thus making the translation unnecessary. Introduce
two new macros MANAGER_IS_SYSTEM() and MANAGER_IS_USER() to simplify checking
if we are running in one or the user context.
Let's add a seperate fields for the directories where we place runtime and
persistent configuration, so that we can use this in install.c (to be added in
a later commit), and we store path information in the same place everywhere.
Now that we store the generator directories in LookupPaths we can use this to
intrdouce a new unit file state called "generated", for units in these
directories.
Fixes: #2348
A long time ago – when generators where first introduced – the directories for
them were randomly created via mkdtemp(). This was changed later so that they
use fixed name directories now. Let's make use of this, and add the genrator
dirs to the LookupPaths structure and into the unit file search path maintained
in it. This has the benefit that the generator dirs are now normal part of the
search path for all tools, and thus are shown in "systemctl list-unit-files"
too.
The sysv-generator is the only user of the SysV paths these days, let's make it
figure out the right paths on its own.
(In a subsequent commit we can then drop the same logic from LookupPath).
* core/unit: extract checking of stat paths into helper function
The same code was repeated three times.
* core: treat masked files as "unchanged"
systemctl prints the "unit file changed on disk" warning
for a masked unit. I think it's better to print nothing in that
case.
When a masked unit is loaded, set mtime as 0. When checking
if a unit with mtime of 0 needs reload, check that the mask
is still in place.
* test-dnssec: fix build without gcrypt
Also reorder the test functions to follow the way they are called
from main().
The "SYSTEMD_READY=0" will cause automatic unmount
of mountpoint that is on top of such DM device
if this is used with multipath which sets
DM_UDEV_DISABLE_OTHER_RULES_FLAG in case
we have a CHANGE event thatcomes after DM multipath
device reload when one of the paths is down or up.
See https://bugzilla.redhat.com/show_bug.cgi?id=1312011
All callers of create_symlink(), such as install_info_symlink_wants(), expect
that to return > 0 if it actually did something, and then return that number.
unit_file_enable() uses that to determine if any action was done
(carries_install_info != 0) and if not, show a "The unit files have no
[Install] section" warning.
Return 1 instead of 0 in the two code paths of create_symlink() when the link
was created or replaced with a new value.
This fixes getting a bogus "No [Install] section" warning when enabling a unit
with full path, like "systemctl enable /some/path/myunit.service".
We check /etc/machine-id of the container and if it is already populated
we use value from there, possibly ignoring value of --uuid option from
the command line. When dealing with R/O image we setup transient machine
id.
Once we determined machine id of the container, we use this value for
registration with systemd-machined and we also export it via
container_uuid environment variable.
As registration with systemd-machined is done by the main nspawn process
we communicate container machine id established by setup_machine_id from
outer child to the main process by unix domain socket. Similarly to PID
of inner child.
