| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
Nowadays people use systemd on many different architectures, so we
shouldn't presuppose that they are using amd64. debootstrap defaults
to the native architecture and this should be good enough.
|
|
DBus-API: add more options in transient units
|
|
where the remote endpoint is a local host address.
|
|
store persistentl (#7750)
Currently we can only change initcwnd/initrwnd in the following way, and it does not store persistently:
sudo ip route change default via 192.168.1.1 dev tun0 initcwnd 20
sudo ip route change default via 192.168.1.1 dev tun0 initrwnd 20
For more details about initcwnd/initrwnd, please look at:
http://hjzhao.blogspot.com/2012/05/increase-initcwnd-for-performance.html
http://www.cdnplanet.com/blog/tune-tcp-initcwnd-for-optimum-performance
or google 'initcwnd initrwnd'
This work allows to configure the initcwnd and initrwnd.
Closes #2118
|
|
|
|
core,udev,networkd: add ConditionKernelVersion=
|
|
Add missing _r_ for ctl-alt-del.target
|
|
Now that we have str_verscmp() in our source tree anyway, let's make it
generic and reuse it for ConditionKernelVersion=.
|
|
|
|
This adds a simple condition/assert/match to the service manager, to
udev's .link handling and to networkd, for matching the kernel version
string.
In this version we only do fnmatch() based globbing, but we might want
to extend that to version comparisons later on, if we like, by slightly
extending the syntax with ">=", "<=", ">", "<" and "==" expressions.
|
|
rc-local documentation
|
|
Follow-up to @poettering’s comments in #7723:
- Slightly expand on the difference between using tmpfiles.d and service
directives
- Mention CacheDirectory=
- Mention LogsDirectory=
- Abbreviate and unify some later descriptions
ConfigDirectory= is not mentioned, since it does not support the
functionality mentioned in the manpage which tmpfiles.d provides:
copying or symlinking default configuration from /usr/share/factory. And
the user package variable file locations don’t mention the directives
because in user units the service can always create the directories
itself (whereas in system units lesser-privileged services lack
permission to create them).
|
|
Most importantly, let's highlight the differences to the rc-local
behaviour in SysV.
Fixes: #7703
|
|
DBus-API: implement transient socket unit
|
|
This works supports to configure L3S mode and flags
such as bridge, private and vepa
|
|
Two docs
|
|
|
|
|
|
The config example contains wrong specificator for hostname.
It should be %H instead of %h as documented in the man page.
Use correct specificator for hostname.
|
|
Old text:
> Note that the User= and
> Group= options are not particularly useful for mount units specifying a
> "Type=" option or using configuration not specified in /etc/fstab;
> mount(8) will refuse options that are not listed in /etc/fstab if it is
> not run as UID 0.
However I recently learnt the following:
> The mount program does not read the /etc/fstab file if both device
> and dir are specified.
Therefore, if both device and dir are specified, the `user` or `users`
options in `fstab` will not have any effect. Run as a normal user,
you will always see
mount: only root can do that
Fix the explanation in the man page.
Also make sure to markup User= and Group= with <varname>.
|
|
Fixes #7694.
|
|
|
|
Up until now, the behaviour in systemd has (mostly) been to silently
ignore failures to action unit directives that refer to an unavailble
controller. The addition of AssertControlGroupController and its
conditional counterpart allow explicit specification of the desired
behaviour when such a situation occurs.
As for how this can happen, it is possible that a particular controller
is not available in the cgroup hierarchy. One possible reason for this
is that, in the running kernel, the controller simply doesn't exist --
for example, the CPU controller in cgroup v2 has only recently been
merged and was out of tree until then. Another possibility is that the
controller exists, but has been forcibly disabled by `cgroup_disable=`
on the kernel command line.
In future this will also support whatever comes out of issue #7624,
`DefaultXAccounting=never`, or similar.
|
|
Systemd services are permitted to be scripts, as well as binary
executables.
The same also applies to the underlying /sbin/mount and /sbin/swapon.
It is not necessary for the user to consider what type of program file
these are. Nor is it necessary with systemd-nspawn, to distinguish between
init as a "binary" v.s. a user-specified "program".
Also fix a couple of grammar nits in the modified sentences.
|
|
Slice cleanups and systemd-mount --owner
|
|
The kernel needs two numbers, but for the user it's most convenient to provide the
user name and have that resolved to uid and gid.
Right now the primary group of the specified user is always used. That's the most
common case anyway. In the future we can extend the --owner option to allow a group
after a colon.
[I added this before realizing that this will not be enough to be used for user
runtime directory. But this seems useful on its own, so I'm keeping this commit.]
|
|
|
|
nspawn: introduce an option for specifying network namespace path
|
|
They may be old (or rather compatible implementations of old commands), but
they certainly are not going away. Apart from privilege escalation through
polkit, they are mostly equivalent.
|
|
configuration into systemd-resolved (#7576)
This is useful to debug things, but also to hook up external post-up
scripts with resolved.
Eventually this code might be useful to implement a
resolvconf(8)-compatible interface for compatibility purposes. Since the
semantics don't map entirely cleanly as first step we add a native
interface for pushing DNS configuration into resolved, that exposes the
correct semantics, before adding any compatibility interface.
See: #7202
|
|
startup/runtime/shutdown (#7214)
With Type=notify services, EXTEND_TIMEOUT_USEC= messages will delay any startup/
runtime/shutdown timeouts.
A service that hasn't timed out, i.e, start time < TimeStartSec,
runtime < RuntimeMaxSec and stop time < TimeoutStopSec, may by sending
EXTEND_TIMEOUT_USEC=, allow the service to continue beyond the limit for
the execution phase (i.e TimeStartSec, RunTimeMaxSec and TimeoutStopSec).
EXTEND_TIMEOUT_USEC= must continue to be sent (in the same way as
WATCHDOG=1) within the time interval specified to continue to reprevent
the timeout from occuring.
Watchdog timeouts are also extended if a EXTEND_TIMEOUT_USEC is greater
than the remaining time on the watchdog counter.
Fixes #5868.
|
|
This is mainly for drop-in files.
|
|
sentences
This very important commit is very important.
|
|
Add a new option `--network-namespace-path` to systemd-nspawn to allow
users to specify an arbitrary network namespace, e.g. `/run/netns/foo`.
Then systemd-nspawn will open the netns file, pass the fd to
outer_child, and enter the namespace represented by the fd before
running inner_child.
```
$ sudo ip netns add foo
$ mount | grep /run/netns/foo
nsfs on /run/netns/foo type nsfs (rw)
...
$ sudo systemd-nspawn -D /srv/fc27 --network-namespace-path=/run/netns/foo \
/bin/readlink -f /proc/self/ns/net
/proc/1/ns/net:[4026532009]
```
Note that the option `--network-namespace-path=` cannot be used together
with other network-related options such as `--private-network` so that
the options do not conflict with each other.
Fixes https://github.com/systemd/systemd/issues/7361
|
|
Document reverse settings
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1524759
|
|
Add path configuration for hardware watchdog device
|
|
Document the command line parameter and the system configuration file
setting.
|
|
|
|
It would be nicer to use <footnote> to place the notes directly in the table,
but docbook renders this improperly.
v2:
- also add "RequiredBy=" to the notes section
- remove duplicated paragraph
v3:
- clarify the description
- drop References/ReferenceBy which are only shown in systemd-analyze dump
|
|
Section 6.8 of RFC 6763 allows having service instances with
multiple TXT resource records.
|
|
|
|
|
|
Fixes #7043.
|
|
Tmpfiles --user mode and various fixes
|
|
|
|
sd_path_home() returns ENXIO when a variable (such as $XDG_RUNTIME_DIR) is not
defined. Previously we used ENOKEY for unresolvable specifiers. To avoid having
two codes, or translating ENXIO to ENOKEY, I replaced ENOKEY use with ENXIO.
v2:
- use sd_path_home and change to ENXIO everywhere
|
|
An explicit --user switch is necessary because for the user@0.service instance
systemd-tmpfiles is running as root, and we need to distinguish that from
systemd-tmpfiles running in systemd-tmpfiles*.service.
Fixes #2208.
v2:
- restore "systemd-" prefix
- add systemd-tmpfiles-clean.{service,timer}, systemd-setup.service to
systemd-tmpfiles(8)
|
|
|
|
This commit adds specifiers %U, %u and %h for the user UID, name and
home directory, respectively.
[zj: drop untrue copy-pasted comments and move the next text
to the new "Specifiers" section.
Now that #7444 has been merged, also drop the specifier functions.]
|
