Age | Commit message (Collapse) | Author | Files | Lines |
|
Change the SMACK label for systemd in the user session to
System::Privileged to avoid problems with handling
org.freedesktop.systemd1.Manager.GetUnitByPID method.
Change-Id: If9f30e57050f01004c56b85235ad50d49710ac53
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
|
|
Replace obsolete Capabilities option in user@.service with
AmbientCapabilities to provide appropriate set of capabilties for systemd
to manage user session.
According to capability set transformation rules described in
capabilities(7)
if a process with nonzero user IDs performs an execve(2) then any
capa‐ bilities that are present in its permitted and effective
sets will be cleared.
This means that for systemd running with nonzero UID (i.e. as the user
session manager) to keep permitted and effective capability
sets non-empty without setting file capabilities for systemd it is
required to use ambient capabilities.
Using file capabilities for systemd may be a wrong choice in the long
term, because different sets of capabilities may be assigned to different
user sessions.
Change-Id: I479fbbcf153737dbf88340ef4eb4be15d707a9a4
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
|
|
user-runtime-dir@.service should never stop.
When it stops,
user@5001.service(Requires=user-runtime-dir.service) stops accordingly.
Change-Id: I24f5780ab0eebcfbd2efa4c75141f817a9242bca
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
|
|
booting-done.service should be privileged to be responsible for
checkpointing booting status not only for normal booting
but also for FOTA and recovery booting.
Change-Id: Ic17dd0559544c323dedfe7c9b5ad13d01bc65588
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
|
|
[Problem]
Subject: FW: RE:(2) ~RE(3): [Debug Attach] Program Symbols Not Loading
+ Tomasz Swierczek
Hello Tomasz,
A problem has been reported that the "Debug Attach" function does not work in Tizen Studio.
(For more information, please refer to the mails below.)
This seems to be related to mount namespace separation operation.
If we revert https://review.tizen.org/gerrit/#/c/platform/core/appfw/launchpad/+/212712/ , it works well as expected.
It seems that the gdserver process requires setns operation to attach to the app process that is already in operation.
To solve this problem, capabilities need to be assigned to "gdserver" executable file, but it is pushed by tizen-studio
during the runtime of debugging, so "setcap" does not work because it has "sdk_user" permission.
There seems to be no solution at the moment, if you have any good ideas, please share them.
Thanks,
Jin-gyu Kim
[Solution]
Precondition : A. launchpad needs to know that the current request was made by the gdbserver.
B. launchpad needs to know the pid of the target app process.
1. Add "cap_sys_chroot" to launchpad process. (It should be also included in user@.service as an inheritable option.)
2. If the current request is executed by the gdbserver, it's namespace needs to be equal to the target app process by using setns().
- setns() requires the pid of target app process. (Please refer https://man7.org/linux/man-pages/man2/setns.2.html)
example : int fd = open("/proc/1234/ns/mnt", O_RDONLY); setns(fd,0); // "/proc/[pid]/ns/mnt"
- These must be executed before "security_manager_prepare_app()".
Change-Id: Ief42b5e40259fa074ec110cfac957508dcb468d3
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
|
|
/usr/bin/device_board_set_boot_success reports boot success to the bootloader.
If boot success is not reported for, e.g., 10-times booting in a row,
bootloader recovers the system.
-- Bootloader --
If (BOOT_SUCCESS flag is set) {
Clear the BOOT_SUCCESS flag
BOOT_FAIL_COUNT = 0
} Else {
If (++ BOOT_FAIL_COUNT > 10) {
BOOT_FAIL_COUNT = 0
Restore to the other partitions (e.g., b -> a)
Proceed to the recovery booting (ramdisk-recovery, bootmode="recovery")
}
}
Proceed to the normal booting (ramdisk, bootmode="")
Change-Id: I581c5dbcf216806dfcff826bbdf7ca82dc944676
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
|
|
Change-Id: I289839f05abd3830691119ac8c9a8a7c370e757e
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
|
|
shutdown.target is special unit to which systemd automatically adds
Conflicts= with for every unit.
By removing the relation to this target in shutdown units we practically
change the shutdown to use only explicitly configured units.
Change-Id: I93a43cdb3875250920e3e49817ffcd6f7f7725b6
|
|
Due to noise coming into the serial console or other abnormal behavior,
agetty changes the baudrate in the following order: 115200, 38400, 9600.
Since tizen only uses 115200 baudrate, this is fixed.
It is reported in the DA.
Change-Id: Icf7224d1fabd4cdb45971ac9314ed4d19d220bb1
|
|
VD security remove capability of /usr/bin/touch. (cap_dac_override=ei)
Change permision and group of /run/systemd/system
from 0755/root/root to 0775/root/systemf_fw.
Change-Id: I6e2189c2cd0d4a86db995651b43a4dcdc25fcabf
|
|
Change-Id: Ifacc46fcc5c7ec7bb52f9b4f47ed5ea98aa5fd5a
|
|
Delay time is also applied to user systemd.
System systemd is already applied.
Change-Id: I8da0c1f224a74d45badd82f2ac1dda13cb8febbb
|
|
If /etc/systemd/delayed-target.conf exists and has DelayedTargetWait environment value,
delayed.target starts after DelayedTargetWait seconds.
If the /tmp/.systemd_delayed_target_wait file is created within the delayed time,
delayed.target starts immediately.
Change-Id: I4ad1ff6a8084ed9db7d630f533a9348b41decbf0
|
|
system-delayed-target-trigger.service
Add 'Requires=sysinit.target' and 'After=sysinit.target basic.target'
Two dependencies prevent those service from running in emergency mode,
because sysinit.target always fails in emergency mode.
Change-Id: I7602100652f478b3d66fcba215659f39a63694e2
|
|
The emergency-target-holder.service prevents emergency.target from completing.
If emergency.target is not completed,
other services that are not intended can not be run in emergency mode.
Detailed information.
============================================================================================================================
1. If local-fs.target fails, emergency.target is started by 'OnFailure=emergency.target'.
2. By 'OnFailureJobMode=replace-irreversibly' option,
emergency.target cannot be canceled until completion.
3. When starting a new service by any activation(dbus, path, socket) in emergency mode,
sysinit.target is always checked and started by 'DefaultDependency=yes'.
4. sysinit.target stops emergency.target because of the 'Conflicts=emergency.target' setting.
5. However, emergency.target can not be stopped
because it started with 'replace-irreversibly' and not finished yet.
6. So sysinit.target can not be started.
7. New service can not be run because sysinit.target could not be started.
============================================================================================================================
Logs when running new services after applying this patch
=============================================================================================================================
bash-3.2# systemctl start deviced.service
Failed to start deviced.service: Transaction for deviced.service/start is destructive (emergency.target has 'start' job queued, but 'stop' is included in transaction).
See system logs and 'systemctl status deviced.service' for details.
bash-3.2# systemctl start sysinit.target
Failed to start sysinit.target: Transaction for sysinit.target/start is destructive (emergency.target has 'start' job queued, but 'stop' is included in transaction).
See system logs and 'systemctl status sysinit.target' for details.
==============================================================================================================================
Change-Id: I2cefadd7228d463fe1755e0c475f4563d98c8260
|
|
Change-Id: Ib742d57963db8cfba2a091d4de1562ab0b95fc7a
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
|
|
1. Change inotify fd to nonblock.
2. Change timeout to use alarm(). And make it encompass
the whole process, which now includes wd allocation.
3. Add dependency with tlm.service to
system-delayed-target-trigger.service
4. Add journal log.
Change-Id: Ibec5e4f4030e26235dbba6610a5142d0e29e423f
Signed-off-by: Youngjae Cho <y0.cho@samsung.com>
|
|
Tizen no longer uses /etc/fstab.
So we don't need systemd-remount-fs.service and systemd-fstab-generager to handle /etc/fstab.
Change-Id: I64a3655f69f80d161b00fad40aef6b0235e71977
|
|
Change-Id: Ie8fd3b105508ff233d28c9f7e8f97beb12d1b1d7
|
|
Change-Id: I25ff0d8d40a64ee9e9faa87db5ff2ce09bc9e976
|
|
- systemd-exit.service
- systemd-poweroff.service
- systemd-reboot.service
Change-Id: Ic5cde17a34fd75ca0157a56dc66534f23db62a15
|
|
To change smack label /run/user/5001/system_share to "*", we need System::Privileged.
Change-Id: Icd1e8c7794236670575df68d1fe35c35584f24f2
|
|
systemd v244
|
|
This reverts commit 07125d24eedb71693b3bf2b1f0730cd01aaac2dd.
The revert may be reverted with dbus update to version >= 1.10.10.
|
|
systemd v243
|
|
systemd v242
|
|
systemd 241
|
|
This reverts commit df134443395f6e043e0cd2a45ab529583df96e4e.
|
|
This reverts commit 0ba89873372c3ab508852b4e0071da0719bcea0a.
|
|
systemd 240
|
|
systemd 239
|
|
systemd 238
|
|
systemd 237
|
|
Change-Id: Id62f08b8ecf2a909a49e5f93b2f7594b3880ef44
|
|
This reverts commit 4bc5d27b942afa83cc3d95debd2ad48d42ac07a8.
There are people somewhere that need kdbus.
Change-Id: Ib2d05f88171718c07e7de06409a1c224230e7a8d
|
|
This reverts commit a132bef0239e6c3f04096eee3a00c7ecf24a4f5c.
There are people somewhere that need kdbus.
Change-Id: I5a1f09485c524d47ef8ae53712d5fb77949bc7fa
|
|
Change-Id: Iafcca23df73f2694eda50a97771acac4b7996f30
|
|
Change-Id: If676fe909a40eadc60ee5ff023abe4ee2c64b44e
|
|
Fixes: systemd-tmpfiles-clean.timer: Refusing to start, unit
systemd-tmpfiles-clean.service to trigger not loaded.
|
|
variable gracefully
Apparently some firmwares don't allow us to write this token, and refuse
it with EINVAL. We should normally consider that a fatal error, but not
really in the case of "bootctl random-seed" when called from the
systemd-boot-system-token.service since it's called as "best effort"
service after boot on various systems, and hence we shouldn't fail
loudly.
Similar, when we cannot find the ESP don't fail either, since there are
systems (arch install ISOs) that carry a boot loader capable of the
random seed logic but don't mount it after boot.
Fixes: #13603
|
|
We set ProtectKernelLogs=yes on all long running services except for
udevd, since it accesses /dev/kmsg, and journald, since it calls syslog
and accesses /dev/kmsg.
|
|
As discussed on systemd-devel [1], in Fedora we get lots of abrt reports
about the watchdog firing [2], but 100% of them seem to be caused by resource
starvation in the machine, and never actual deadlocks in the services being
monitored. Killing the services not only does not improve anything, but it
makes the resource starvation worse, because the service needs cycles to restart,
and coredump processing is also fairly expensive. This adds a configuration option
to allow the value to be changed. If the setting is not set, there is no change.
My plan is to set it to some ridiculusly high value, maybe 1h, to catch cases
where a service is actually hanging.
[1] https://lists.freedesktop.org/archives/systemd-devel/2019-October/043618.html
[2] https://bugzilla.redhat.com/show_bug.cgi?id=1300212
|
|
The code supports SIGTERM and SIGINT to termiante the process. It would
be possible to reporpose one of those signals for the restart operation,
but I think it's better to use a completely different signal to avoid
misunderstandings.
|
|
See https://bugzilla.redhat.com/show_bug.cgi?id=1731772:
when autofs4 is disabled in the kernel,
proc-sys-fs-binfmt_misc.automount is not started, so the binfmt_misc module is
never loaded. If we added a dependency on proc-sys-fs-binfmt_misc.mount
to systemd-binfmt.service, things would work even if autofs4 was disabled, but
we would unconditionally pull in the module and mount, which we don't want to do.
(Right now we ony load the module if some binfmt is configured.)
But let's make it easier to handle this case by doing two changes:
1. order systemd-binfmt.service after the .mount unit (so that the .service
can count on the mount if both units are pulled in, even if .automount
is skipped)
2. add [Install] section to the service unit. This way the user can do
'systemctl enable proc-sys-fs-binfmt_misc.mount' to get the appropriate behaviour.
|
|
|
|
This fixes the following problem:
> At the very end of the boot, just after the first user logs in
> (usually using sddm / X) I get the following messages in my logs:
> Nov 18 07:02:33 samd dbus-daemon[2879]: [session uid=1000 pid=2877] Activated service 'org.freedesktop.systemd1' failed: Process org.freedesktop.systemd1 exited with status 1
> Nov 18 07:02:33 samd dbus-daemon[2879]: [session uid=1000 pid=2877] Activated service 'org.freedesktop.systemd1' failed: Process org.freedesktop.systemd1 exited with status 1
These messages are caused by the "stub" service files that systemd
installs. It installed them because early versions of systemd activation
required them to exist.
Since dbus 1.11.0, a dbus-daemon that is run with --systemd-activation
automatically assumes that o.fd.systemd1 is an activatable
service. As a result, with a new enough dbus version,
/usr/share/dbus-1/services/org.freedesktop.systemd1.service and
/usr/share/dbus-1/system-services/org.freedesktop.systemd1.service should
become unnecessary, and they can be removed.
dbus 1.11.0 was released 2015-12-02.
Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=914015
|
|
If logging disappears issues are hard to debug, hence let's give
journald a slight edge over other services when the OOM killer hits.
Here are the special adjustments we now make:
systemd-coredump@.service.in OOMScoreAdjust=500
systemd-journald.service.in OOMScoreAdjust=-250
systemd-udevd.service.in OOMScoreAdjust=-1000
(i.e. the coredump processing is made more likely to be killed on OOM,
and udevd and journald are less likely to be killed)
|
|
This reverts commit a2a4073acee7935040cc25380d4f51010903d9ca.
We've optimized systemd-user without unified system/session.
So, we revert the patch for unified system/session.
Change-Id: I11f6a43185aa3531c05787226a896d4a76cf2e11
|
|
It is generated using kmod, but apart from that doesn't have
much to do with kmod.
|
|
Follow-up for 26ded55709947d936634f1de0f43dcf88f594621.
The commit says,
> Note that with this change sysinit.target (and thus early boot) is NOT
systematically delayed until the entropy pool is initialized,
But the dependency was not dropped.
This was found by David Seifert (@SoapGentoo).
|