When we issue a reexecution request via the private socket we need to
expect a "Disconnected" in addition to "NoReply" when the connection is
terminated.
During shutdown, when we try to clean up all remaining processes, the
kernel will fork new agents every time a cgroup runs empty. These
new processes cause delays in the final SIGTERM, SIGKILL logic.
Apart from that, this should also avoid that the kernel-forked binaries
cause unpredictably timed access to the filesystem which we might need to
unmount.
The affected files in this patch had inconsistent use of tabs vs. spaces
for indentation, and this patch eliminates the stray tabs.
Also, the opening brace of sigchld_hdl() in activate.c was moved so the
opening braces are consistent throughout the file.
The kernel adds those when the file is deleted,
but we don't really care if the file is still there
or not. The downside is that if the filename ends
in ' (deleted)', this part of the filename will be
removed. Too bad.
Use proper grammar, word usage, adjective hyphenation, commas,
capitalization, spelling, etc.
To improve readability, some run-on sentences or sentence fragments were
revised.
[zj: remove the space from 'file name', 'host name', and 'time zone'.]
In order to prepare things for the single-writer cgroup scheme, let's
make logind use systemd's own primitives for cgroup management.
Every login user now gets his own private slice unit, in which his sessions
live in a scope unit each. Also, add user@$UID.service to the same
slice, and implicitly start it on first login.
"Scope" units are very much like service units, however with the
difference that they are created from pre-existing processes, rather
than processes that systemd itself forks off. This means they are
generated programmatically via the bus API as transient units rather
than from static configuration read from disk. Also, they do not provide
execution-time parameters, as at the time systemd adds the processes to
the scope unit they already exist and the parameters cannot be applied
anymore.
The primary benefit of this new unit type is to create arbitrary cgroups
for worker-processes forked off an existing service.
This commit also adds a a new mode to "systemd-run" to run the specified
processes in a scope rather then a transient service.
Transient units can be created via the bus API. They are configured via
the method call parameters rather than on-disk files. They are subject
to normal GC. Transient units currently may only be created for
services (however, we will extend this), and currently only ExecStart=
and the cgroup parameters can be configured (also to be extended).
Transient units require a unique name, that previously had no
configuration file on disk.
A tool systemd-run is added that makes use of this functionality to run
arbitrary command lines as transient services:
$ systemd-run /bin/ping www.heise.de
Will cause systemd to create a new transient service and run ping in it.
Replace the very generic cgroup hookup with a much simpler one. With
this change only the high-level cgroup settings remain, the ability to
set arbitrary cgroup attributes is removed, so is support for adding
units to arbitrary cgroup controllers or setting arbitrary paths for
them (especially paths that are different for the various controllers).
This also introduces a new -.slice root slice, that is the parent of
system.slice and friends. This enables easy admin configuration of
root-level cgrouo properties.
This replaces DeviceDeny= by DevicePolicy=, and implicitly adds in
/dev/null, /dev/zero and friends if DeviceAllow= is used (unless this is
turned off by DevicePolicy=).
When looking at verbose output, additional "work" is required to
pick out the interesting MESSAGE= lines from all the fields.
Also, show long fields in full in verbose output mode when
OUTPUT_FULL_WIDTH is specified.
Before we only checked the MESSAGE_ID and COREDUMP_UNIT.
Those are both user-controlled fields.
For COREDUMP_USER_UNIT, relax the rules a bit, and also
allow messages from _UID=0.
- This changes all logind cgroup objects to use slice objects rather
than fixed croup locations.
- logind can now collect minimal information about running
VMs/containers. As fixed cgroup locations can no longer be used we
need an entity that keeps track of machine cgroups in whatever slice
they might be located. Since logind already keeps track of users,
sessions and seats this is a trivial addition.
- nspawn will now register with logind and pass various bits of metadata
along. A new option "--slice=" has been added to place the container
in a specific slice.
- loginctl gained commands to list, introspect and terminate machines.
- user.slice and machine.slice will now be pulled in by logind.service,
since only logind.service requires this slice.
In order to prepare for the kernel cgroup rework, let's introduce a new
unit type to systemd, the "slice". Slices can be arranged in a tree and
are useful to partition resources freely and hierarchally by the user.
Each service unit can now be assigned to one of these slices, and later
on login users and machines may too.
Slices translate pretty directly to the cgroup hierarchy, and the
various objects can be assigned to any of the slices in the tree.
AND term usually don't have many subterms (4 seems to be the maximum
sensible number, e.g. _BOOT_ID && _SYSTEMD_UNIT && _PID && MESSAGE_ID).
Nevertheless, the cost of checking each subterm can be relatively
high, especially when the nested terms are compound, and it
makes sense to minimize the number of checks.
Instead of looping to the end and then again over the whole list once
again after at least one term changed the offset, start the loop at
the term which caused the change. This way ½ terms in the AND match
are not checked unnecessarily again.
This is the just the library part.
SD_JOURNAL_CURRENT_USER flags is added to sd_j_open(), to open
files from current user.
SD_JOURNAL_SYSTEM_ONLY is renamed to SD_JOURNAL_SYSTEM,
and changed to mean to (also) open system files. This way various
flags can be combined, which gives them nicer semantics, especially
if other ones are added later.
Backwards compatibility is kept, because SD_JOURNAL_SYSTEM_ONLY
is equivalent to SD_JOURNAL_SYSTEM if used alone, and before there
we no other flags.
$ journalctl -o verbose _EXE=/quiet/binary -f
-- Logs begin at Sun 2013-03-17 17:28:22 EDT. --
Failed to get realtime timestamp: Cannot assign requested address
JOURNAL_FOREACH_DATA_RETVAL is added, which allows the caller
to get the return value from sd_journal_enumerate_data. I think
we might want to expose this macro like SD_JOURNAL_FOREACH_DATA,
but for now it is in journal-internal.h.
There's a change in behaviour for output_*, not only in
output_verbose, that errors in sd_j_enumerate_data are not silently
ignored anymore.
https://bugs.freedesktop.org/show_bug.cgi?id=56459
This is a minor fix because it's not a major issue, this fix just avoid
to get EINVAL error from sigaction(2).
There are two signals can not handled at user space, SIGKILL and
SIGSTOP even we're PID 1, trying to handle these two signals will get
EINVAL error.
There are two kinds of systemd instance, running as system manager or
user session manager, apparently, the latter is a general user space
process which can not handle SIGKILL. The special pid 1 also can not
do that refer to kernel/signal.c:do_sigaction().
However, pid 1 is unkillable because the kernel did attach
SIGNAL_UNKILLABLE to it at system boot up, refer to
init/main.c:start_kernel()
--> rest_init()
--> kernel_thread()
--> kernel_init()
--> init_post()
current->signal->flags |= SIGNAL_UNKILLABLE
Also reworded a few debug messages for brevity, and added a log
statement which prints out the filter at debug level:
Journal filter: (((UNIT=sys-module-configfs.device AND _PID=1) OR (COREDUMP_UNIT=sys-module-configfs.device AND MESSAGE_ID=fc2e22bc6ee647b6b90729ab34a250b1) OR _SYSTEMD_UNIT=sys-module-configfs.device) AND _BOOT_ID=4e3c518ab0474c12ac8de7896fe6b154)
Before, one the unit file was deleted, install_context_for_removal()
would refuse to look for symlinks. But we can remove dangling symlinks
anyway.
In principle, package installation/deinstallation scripts should do
that before the unit is uninstalled, but they don't always do. Also,
a user might have added additional symlinks manually.
https://bugs.freedesktop.org/show_bug.cgi?id=62395
Since 11ec7ce, journald isn't setting the ACLs properly anymore if
the files had no ACLs to begin with: acl_set_fd fails with EINVAL.
An ACL with ACL_USER or ACL_GROUP entries but no ACL_MASK entry is
invalid, so make sure a mask exists before trying to set the ACL.
Patch resolves the problem that 'systemctl is-enabled' does
not work for templated units.
Without this patch, systemctl is-enabled something@abc.service
returned "No such file or directory", because it first checked
if /usr/lib/systemd/system/something@abc.service, etc. exists.
If systemctl is-enabled is called for templated units, this
check should be omitted and it should search for symlinks in
the .wants dirs right away.
This patch fixes the broken behaviour and resolves
https://bugs.freedesktop.org/show_bug.cgi?id=55318.
[zj: fixed the patch to still check for broken symlinks and
masked instances. Also removed untrue assumptions from
the patch description.]
A new config file /etc/systemd/sleep.conf is added.
It is parsed by systemd-sleep and logind. The strings written
to /sys/power/disk and /sys/power/state can be configured.
This allows people to use different modes of suspend on
systems with broken or special hardware.
Configuration is shared between systemd-sleep and logind
to enable logind to answer the question "can the system be
put to sleep" as correctly as possible without actually
invoking the action. If the user configured systemd-sleep
to only use 'freeze', but current kernel does not support it,
logind will properly report that the system cannot be put
to sleep.
https://bugs.freedesktop.org/show_bug.cgi?id=57793https://git.kernel.org/?p=linux/kernel/git/torvalds/linux.git;a=commit;h=7e73c5ae6e7991a6c01f6d096ff8afaef4458c36http://lists.freedesktop.org/archives/systemd-devel/2013-February/009238.html
SYSTEM_CONFIG_FILE and USER_CONFIG_FILE defines were removed
since they were used in only a few places and with the
addition of /etc/systemd/sleep.conf it becomes easier to just
append the name of each file to the dir name.
