[systemd-devel] About systemd call dbus session bus
Hi all I've got a problem here: When my system setup I need to execute a shell script to export dbus session address, the script as follows: #!/bin/sh rm /tmp/session_amgr dbus-daemon --session --print-address --fork > /tmp/session_amgr export DBUS_SESSION_BUS_ADDRESS=`cat /tmp/session_amgr` And I have an app in folder /geniviLife, it will export interfaces in session bus. When I run the app manually, it works. However, when I tried to start it using systemd, it failed. It seems systemd didn't read the export env? Here is the log: root@mx6q:/lib/systemd/scripts# systemctl start hsaevideo root@mx6q:/lib/systemd/scripts# systemctl status hsaevideo -l hsaevideo.service - LUC test service Loaded: loaded (/etc/systemd/system/hsaevideo.service; disabled) Active: failed (Result: signal) since Thu 1970-01-01 01:49:35 UTC; 10s ago Process: 2435 ExecStart=/geniviLife/hsaevideo (code=killed, signal=TRAP) Main PID: 2435 (code=killed, signal=TRAP) Jan 01 01:49:35 mx6q hsaevideo[2435]: ** Message: --video start running!!- Jan 01 01:49:35 mx6q hsaevideo[2435]: ** (process:2435): ERROR **: can't connection session bus Ps: env: iMX6, arm looking forward to received your reply, tks :) Best Regards ShenZhen HangSheng Electronics Co.,LTD ShangHai R&D Center SW Enginner Rex Zhang Mobile: (+86) 18652759021 Tel: (+86) 0514-85828822-8243 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [systemd-commits] 2 commits - TODO src/core src/shared
On Wed, Feb 04, 2015 at 02:30:28AM +0100, Lennart Poettering wrote: > On Wed, 04.02.15 02:23, Zbigniew Jędrzejewski-Szmek (zbys...@in.waw.pl) wrote: > > > > Sounds OK to me. Question is how to check this best... > > > > > > Maybe check with get_ctty_devnr() if we have a controlling tty? Done! Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd-nspawn create container under unprivileged user
On 5 February 2015 at 12:48, Vasiliy Tolstov wrote: > > 2015-02-05 12:44 GMT+03:00 Alban Crequy : >> >> Manual page namespaces(7): >> >>Creation of new namespaces using clone(2) and unshare(2) in most >> cases >>requires the CAP_SYS_ADMIN capability. User namespaces are the >>exception: since Linux 3.8, no privilege is required to create a >> user >>namespace. > > > So as i understand i can't create full featured container with network under > non root user (and not have cap_sys_admin) caps like CAP_SYS_ADMIN don't have an global meaning anymore but refers to operations a process can do *in its current namespace*. An unprivileged process (uid!=0, without cap_sys_admin) can join a user namespace and get uid=0 & cap_sys_admin for operations inside the user namespace, but it will still have uid!=0 & !cap_sys_admin for operations in the parent user namespace. user_namespaces(7) contains userns_child_exec.c and it creates a fully featured container with network without being root. (I attached a patched version I was testing) # # Because I'm using the kernel patched by my distribution # echo 1 > /proc/sys/kernel/unprivileged_userns_clone $ gcc -lcap -o userns_child_exec userns_child_exec.c Here it seems to work: alban@alban:~$ ls -l /tmp/userns_child_exec -rwxr-xr-x 1 alban alban 14488 Feb 5 23:24 /tmp/userns_child_exec alban@alban:~$ id -u 1000 alban@alban:~$ ip link # ---> will show lo, eth0, wlan0... alban@alban:~$ /tmp/userns_child_exec -p -m -U -M '0 1000 1' -G '0 1000 1' -n bash About to exec bash root@alban:~# id uid=0(root) gid=0(root) groups=0(root),65534(nogroup) root@alban:~# ip link # ---> only lo visible in this namespace Cheers, Alban --- userns_child_exec.orig.c 2015-02-05 23:20:19.208741366 +0100 +++ userns_child_exec.c 2015-01-30 17:01:56.948493001 +0100 @@ -108,6 +108,30 @@ close(fd); } +static void +write_file(char *content, char *path) +{ +int fd; +size_t content_len; + +content_len = strlen(content); + +fd = open(path, O_RDWR); +if (fd == -1) { +fprintf(stderr, "ERROR: open %s: %s\n", path, +strerror(errno)); +exit(EXIT_FAILURE); +} + +if (write(fd, content, content_len) != content_len) { +fprintf(stderr, "ERROR: write %s: %s\n", content, +strerror(errno)); +exit(EXIT_FAILURE); +} + +close(fd); +} + static int /* Start function for cloned child */ childFunc(void *arg) { @@ -149,6 +173,7 @@ const int MAP_BUF_SIZE = 100; char map_buf[MAP_BUF_SIZE]; char map_path[PATH_MAX]; +char groups_path[PATH_MAX]; /* Parse command-line options. The initial '+' character in the final getopt() argument prevents GNU-style permutation @@ -225,6 +250,11 @@ update_map(uid_map, map_path); } if (gid_map != NULL || map_zero) { +snprintf(groups_path, PATH_MAX, "/proc/%ld/setgroups", +(long) child_pid); +write_file("deny\n", groups_path); +} +if (gid_map != NULL || map_zero) { snprintf(map_path, PATH_MAX, "/proc/%ld/gid_map", (long) child_pid); if (map_zero) { /* userns_child_exec.c Licensed under GNU General Public License v2 or later Create a child process that executes a shell command in new namespace(s); allow UID and GID mappings to be specified when creating a user namespace. */ #define _GNU_SOURCE #include #include #include #include #include #include #include #include #include #include /* A simple error-handling function: print an error message based on the value in 'errno' and terminate the calling process */ #define errExit(msg)do { perror(msg); exit(EXIT_FAILURE); \ } while (0) struct child_args { char **argv;/* Command to be executed by child, with args */ intpipe_fd[2]; /* Pipe used to synchronize parent and child */ }; static int verbose; static void usage(char *pname) { fprintf(stderr, "Usage: %s [options] cmd [arg...]\n\n", pname); fprintf(stderr, "Create a child process that executes a shell " "command in a new user namespace,\n" "and possibly also other new namespace(s).\n\n"); fprintf(stderr, "Options can be:\n\n"); #define fpe(str) fprintf(stderr, "%s", str); fpe("-i New IPC namespace\n"); fpe("-m New mount namespace\n"); fpe("-n New network namespace\n"); fpe("-p New PID namespace\n"); fpe("-u New UTS namespace\n"); fpe("-U New user namespace\n"); fpe("-M uid_map Specify UID map for user namespace\n"); fpe("-G gid_map Specify GID map for user namespace\n"); fpe("-z Map user's UID and GID to 0 in user namespace\n"); fpe("(equivalent to: -M '0 1' -G '0 1')\n"); fpe("-v Display verbose messages\n"); fpe("\n"); fpe("If -z, -M, or -G is specified, -U is req
[systemd-devel] ExecStop IPC over same socket used for activation?
Hi, Lee Duncan and I were looking at a situation with iscsid where a systemctl stop command would sometimes print a job canceled message, and the service would be immediately restarted. The problem seems to be that the ExecStop command is sending a shutdown request over an IPC socket, the same IPC socket used for socket activation. I've captured debug logging of the failure, and it seems to show systemd moving the socket unit back to a listening state before the ExecStop command is run. The shutdown message then triggers a start job, which cancels the pending stop job, the daemon receives the message and exits, but is then restarted right away. This doesn't seem like too crazy of a way to shut things down, should the coordination between the service and the socket unit be waiting for for the ExecStop to complete before monitoring for socket activation again? - Chris Leech ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCHv2] sysctl: consider --prefix while parsing the files
On Thu, Feb 05, 2015 at 03:37:13PM +0100, Umut Tezduyar Lindskog wrote: > On Wed, Feb 4, 2015 at 4:55 PM, Zbigniew Jędrzejewski-Szmek > wrote: > > On Wed, Feb 04, 2015 at 03:50:01PM +0100, Umut Tezduyar Lindskog wrote: > >> not while applying the parsed sysctl values. Otherwise > >> info "Overwriting earlier assignment of %s in file %s" is > >> visible many times even though the given --prefix doesn't > >> try to set the overridden value. > >> --- > >> src/sysctl/sysctl.c | 32 > >> 1 file changed, 16 insertions(+), 16 deletions(-) > >> > >> diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c > >> index 973e67e..b22aff5 100644 > >> --- a/src/sysctl/sysctl.c > >> +++ b/src/sysctl/sysctl.c > >> @@ -78,22 +78,6 @@ static int apply_sysctl(const char *property, const > >> char *value) { > >> n = stpcpy(p, "/proc/sys/"); > >> strcpy(n, property); > >> > >> -if (!strv_isempty(arg_prefixes)) { > >> -char **i; > >> -bool good = false; > >> - > >> -STRV_FOREACH(i, arg_prefixes) > >> -if (path_startswith(p, *i)) { > >> -good = true; > >> -break; > >> -} > >> - > >> -if (!good) { > >> -log_debug("Skipping %s", p); > >> -return 0; > >> -} > >> -} > >> - > >> k = write_string_file(p, value); > >> if (k < 0) { > >> log_full(k == -ENOENT ? LOG_DEBUG : LOG_WARNING, > >> @@ -173,6 +157,22 @@ static int parse_file(Hashmap *sysctl_options, const > >> char *path, bool ignore_eno > >> p = normalize_sysctl(strstrip(p)); > >> value = strstrip(value); > >> > >> +if (!strv_isempty(arg_prefixes)) { > >> +char **i, *t; > >> +bool good = false; > >> +STRV_FOREACH(i, arg_prefixes) { > >> +t = path_startswith(*i, "/proc/sys/"); > >> +if (t == NULL) > >> +t = *i; > >> +if (path_startswith(p, t)) { > >> +good = true; > >> +break; > >> +} > >> +} > >> +if (!good) > >> +continue; > >> +} > > While at it, wouldn't it be better to use a goto and do away with the > > good variable. This will give a diff of -7/+3, a win also for readability > > imho. > > How Zbyszek. I am confused. if (!strv_isempty(arg_prefixes)) { char **i, *t; STRV_FOREACH(i, arg_prefixes) { t = path_startswith(*i, "/proc/sys/"); if (t == NULL) t = *i; if (path_startswith(p, t)) goto found; } /* not found */ continue; } found: ... Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Fail to reset-failed as user
On 02/03/15 22:17, Lennart Poettering wrote: > On Fri, 12.12.14 16:06, Olivier Brunel (j...@jjacky.com) wrote: > > Sorry for resurrecting this old thread this late. Is this still an > issue? Does this work on current git? Still an issue w/ 218 yes, haven't actually had time to try with current git. I'll try to do that over the weekend. >> Today I had one unit in failed state, and after taking care of things I >> wanted to simply reset its state (to inactive) w/out having to start it. >> >> Looking up the man page, I see there's a command reset-failed for this >> exact purpose, awesome. So I go: >> >> % systemctl reset-failed backups2.service >> Failed to reset failed state of unit backups2.service: No such device or >> address > > Hmm, did you issue this from some weird environment (su/sudo context, > from a system service context or so?) > > If this is still an issue, could you try to reproduce this after > issuing "systemd-analyze set-log-level debug"? Then please attach the > log output this generates! Meanwhile, this is what I get today: http://ix.io/gaR This is not from some weird environment no (or, not that I'm aware of), but an (almost) up-to-date Arch Linux x64, systemd 218. -j > Thanks, > > Lennart > ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 9/9] Add mock fsck process
>From 0c33545e512307774cb280cbf83e7b2c3e2137ef Mon Sep 17 00:00:00 2001 From: Didier Roche Date: Mon, 26 Jan 2015 17:46:36 +0100 Subject: [PATCH 9/9] Add mock fsck process --- test/mocks/fsck | 27 +++ 1 file changed, 27 insertions(+) create mode 100755 test/mocks/fsck diff --git a/test/mocks/fsck b/test/mocks/fsck new file mode 100755 index 000..77b50d7 --- /dev/null +++ b/test/mocks/fsck @@ -0,0 +1,27 @@ +#!/bin/bash +fd=0 + +OPTIND=1 +while getopts "C:aTlM" opt; do +case "$opt" in +C) +fd=$OPTARG +;; +\?);; +esac +done + +shift "$((OPTIND-1))" +device=$1 + +echo "Running fake fsck on $device" + +declare -a maxpass=(30 5 2 30 60) + +for pass in {1..5}; do +maxprogress=${maxpass[$((pass-1))]} +for (( current=0; current<=${maxprogress}; current++)); do +echo "$pass $current $maxprogress $device">&$fd +sleep 0.1 +done +done -- 2.1.4 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 8/9] Add man page and references to it.
>From 2533acf15135d9db18fbd79e63de9a702e3859cc Mon Sep 17 00:00:00 2001 From: Didier Roche Date: Mon, 26 Jan 2015 17:34:59 +0100 Subject: [PATCH 8/9] Add man page and references to it. Add man page explaining the plymouth theme protocol, usage of the daemon as well as the socket activation part. Adapt existing fsck man page. --- Makefile-man.am| 12 +++ man/systemd-f...@.service.xml | 6 +- man/systemd-fsckd.service.xml | 165 + units/systemd-fsckd.service.in | 1 + units/systemd-fsckd.socket | 2 +- 5 files changed, 183 insertions(+), 3 deletions(-) create mode 100644 man/systemd-fsckd.service.xml diff --git a/Makefile-man.am b/Makefile-man.am index 105853e..f2e13e8 100644 --- a/Makefile-man.am +++ b/Makefile-man.am @@ -67,6 +67,7 @@ MANPAGES += \ man/systemd-escape.1 \ man/systemd-firstboot.1 \ man/systemd-fsck@.service.8 \ + man/systemd-fsckd.service.8 \ man/systemd-fstab-generator.8 \ man/systemd-getty-generator.8 \ man/systemd-gpt-auto-generator.8 \ @@ -210,6 +211,8 @@ MANPAGES_ALIAS += \ man/systemd-firstboot.service.1 \ man/systemd-fsck-root.service.8 \ man/systemd-fsck.8 \ + man/systemd-fsckd.8 \ + man/systemd-fsckd.socket.8 \ man/systemd-hibernate-resume.8 \ man/systemd-hibernate.service.8 \ man/systemd-hybrid-sleep.service.8 \ @@ -323,6 +326,8 @@ man/systemd-ask-password-wall.service.8: man/systemd-ask-password-console.servic man/systemd-firstboot.service.1: man/systemd-firstboot.1 man/systemd-fsck-root.service.8: man/systemd-fsck@.service.8 man/systemd-fsck.8: man/systemd-fsck@.service.8 +man/systemd-fsckd.8: man/systemd-fsckd.service.8 +man/systemd-fsckd.socket.8: man/systemd-fsckd.service.8 man/systemd-hibernate-resume.8: man/systemd-hibernate-resume@.service.8 man/systemd-hibernate.service.8: man/systemd-suspend.service.8 man/systemd-hybrid-sleep.service.8: man/systemd-suspend.service.8 @@ -606,6 +611,12 @@ man/systemd-fsck-root.service.html: man/systemd-f...@.service.html man/systemd-fsck.html: man/systemd-f...@.service.html $(html-alias) +man/systemd-fsckd.html: man/systemd-fsckd.service.html + $(html-alias) + +man/systemd-fsckd.socket.html: man/systemd-fsckd.service.html + $(html-alias) + man/systemd-hibernate-resume.html: man/systemd-hibernate-res...@.service.html $(html-alias) @@ -1732,6 +1743,7 @@ EXTRA_DIST += \ man/systemd-escape.xml \ man/systemd-firstboot.xml \ man/systemd-f...@.service.xml \ + man/systemd-fsckd.service.xml \ man/systemd-fstab-generator.xml \ man/systemd-getty-generator.xml \ man/systemd-gpt-auto-generator.xml \ diff --git a/man/systemd-f...@.service.xml b/man/systemd-f...@.service.xml index ee66f37..d366712 100644 --- a/man/systemd-f...@.service.xml +++ b/man/systemd-f...@.service.xml @@ -87,8 +87,9 @@ check, number of mounts, unclean unmount, etc. systemd-fsck will forward -file system checking progress to the console. If a -file system check fails for a service without +file system checking progress to +systemd-fsckd.service +socket. If a file system check fails for a service without nofail, emergency mode is activated, by isolating to emergency.target. @@ -142,6 +143,7 @@ systemd1, fsck8, +systemd-fsckd.service8, systemd-quotacheck.service8, fsck.btrfs8, fsck.cramfs8, diff --git a/man/systemd-fsckd.service.xml b/man/systemd-fsckd.service.xml new file mode 100644 index 000..4a3b60d --- /dev/null +++ b/man/systemd-fsckd.service.xml @@ -0,0 +1,165 @@ + + +http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd";> + +http://www.w3.org/2001/XInclude";> + + +systemd-fsckd.service +systemd + + + +Developer +Didier +Roche +didro...@ubuntu.com + + + + + +systemd-fsckd.service +8 + + + +systemd-fsckd.service +systemd-fsckd.socket +systemd-fsckd +File system check progress reporting + + + +systemd-fsckd.service +systemd-fsckd.socket +/usr/lib/systemd/systemd-fsckd + + + +Description + +systemd-fsckd.service is a +service responsible for receiving file system check +progress, and communicating some consolidated data +to console and plymouth (if running). It also handles +possible check cancellations. + +systemd-fsckd accepts +systemd-fsck UNIX domain +sockets communication, fetches the lowest progress value of +all fsck running in parallel with the number of devices +being currently checked. It writes the result to +/dev/console if show status is enabled, +and communicates to the user translated strings to plymouth +ready to be used by scripted themes
[systemd-devel] [PATCH 7/9] Add fsckd service and socket, retarget systemd-fsck
>From 045e99a6865fec2a3e6167d271e01b77236c477d Mon Sep 17 00:00:00 2001 From: Didier Roche Date: Mon, 26 Jan 2015 17:30:00 +0100 Subject: [PATCH 7/9] Add fsckd service and socket, retarget systemd-fsck systemd-fsckd can be socket-activated by systemd-fsck process. Reflect that in the different unit files. --- Makefile.am| 3 +++ units/.gitignore | 1 + units/systemd-fsck-root.service.in | 3 ++- units/systemd-f...@.service.in | 4 ++-- units/systemd-fsckd.service.in | 16 units/systemd-fsckd.socket | 14 ++ 6 files changed, 38 insertions(+), 3 deletions(-) create mode 100644 units/systemd-fsckd.service.in create mode 100644 units/systemd-fsckd.socket diff --git a/Makefile.am b/Makefile.am index e0e8bc6..7cf9f36 100644 --- a/Makefile.am +++ b/Makefile.am @@ -492,6 +492,7 @@ dist_systemunit_DATA = \ units/slices.target \ units/system.slice \ units/x-.slice \ + units/systemd-fsckd.socket \ units/systemd-initctl.socket \ units/systemd-shutdownd.socket \ units/syslog.socket \ @@ -543,6 +544,7 @@ nodist_systemunit_DATA = \ units/systemd-kexec.service \ units/systemd-fsck@.service \ units/systemd-fsck-root.service \ + units/systemd-fsckd.service \ units/systemd-machine-id-commit.service \ units/systemd-udevd.service \ units/systemd-udev-trigger.service \ @@ -596,6 +598,7 @@ EXTRA_DIST += \ units/user/systemd-exit.service.in \ units/systemd-f...@.service.in \ units/systemd-fsck-root.service.in \ + units/systemd-fsckd.service.in \ units/systemd-machine-id-commit.service.in \ units/u...@.service.m4.in \ units/debug-shell.service.in \ diff --git a/units/.gitignore b/units/.gitignore index 6fdb629..26ae965 100644 --- a/units/.gitignore +++ b/units/.gitignore @@ -28,6 +28,7 @@ /systemd-firstboot.service /systemd-fsck-root.service /systemd-fsck@.service +/systemd-fsckd.service /systemd-machine-id-commit.service /systemd-halt.service /systemd-hibernate.service diff --git a/units/systemd-fsck-root.service.in b/units/systemd-fsck-root.service.in index 6d76578..f493445 100644 --- a/units/systemd-fsck-root.service.in +++ b/units/systemd-fsck-root.service.in @@ -9,12 +9,13 @@ Description=File System Check on Root Device Documentation=man:systemd-fsck-root.service(8) DefaultDependencies=no +Wants=systemd-fsckd.socket Before=local-fs.target shutdown.target +After=systemd-fsckd.socket ConditionPathIsReadWrite=!/ [Service] Type=oneshot RemainAfterExit=yes ExecStart=@rootlibexecdir@/systemd-fsck -StandardOutput=journal+console TimeoutSec=0 diff --git a/units/systemd-f...@.service.in b/units/systemd-f...@.service.in index 857e625..e6d98c0 100644 --- a/units/systemd-f...@.service.in +++ b/units/systemd-f...@.service.in @@ -10,12 +10,12 @@ Description=File System Check on %f Documentation=man:systemd-fsck@.service(8) DefaultDependencies=no BindsTo=%i.device -After=%i.device systemd-fsck-root.service local-fs-pre.target +Wants=systemd-fsckd.socket +After=%i.device systemd-fsck-root.service local-fs-pre.target systemd-fsckd.socket Before=shutdown.target [Service] Type=oneshot RemainAfterExit=yes ExecStart=@rootlibexecdir@/systemd-fsck %f -StandardOutput=journal+console TimeoutSec=0 diff --git a/units/systemd-fsckd.service.in b/units/systemd-fsckd.service.in new file mode 100644 index 000..27c325f --- /dev/null +++ b/units/systemd-fsckd.service.in @@ -0,0 +1,16 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=File System Check Daemon to report status +DefaultDependencies=no +Requires=systemd-fsckd.socket +Before=shutdown.target + +[Service] +ExecStart=@rootlibexecdir@/systemd-fsckd +StandardOutput=journal+console diff --git a/units/systemd-fsckd.socket b/units/systemd-fsckd.socket new file mode 100644 index 000..a8994a1 --- /dev/null +++ b/units/systemd-fsckd.socket @@ -0,0 +1,14 @@ +# This file is part of systemd. +# +# systemd is free software; you can redistribute it and/or modify it +# under the terms of the GNU Lesser General Public License as published by +# the Free Software Foundation; either version 2.1 of the License, or +# (at your option) any later version. + +[Unit] +Description=fsck to fsckd communication Socket +Documentation=man:systemd-fsck@.service(8) man:systemd-fsck-root.service(8) +DefaultDependencies=no + +[Socket] +ListenStream=/run/systemd/fsckd -- 2.1.4 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 5/9] Translate fsckd messages for plymouth
>From e850b1cf9b49918265609da8a6ef2fd4e78541b6 Mon Sep 17 00:00:00 2001 From: Didier Roche Date: Mon, 26 Jan 2015 17:12:54 +0100 Subject: [PATCH 5/9] Translate fsckd messages for plymouth For plymouth themes not supporting i18n (like .script), send translated messages to display to user, which is equivalent to the sent machine readable data. --- po/POTFILES.in| 1 + src/fsckd/fsckd.c | 10 +++--- 2 files changed, 8 insertions(+), 3 deletions(-) diff --git a/po/POTFILES.in b/po/POTFILES.in index b4c1121..70e7594 100644 --- a/po/POTFILES.in +++ b/po/POTFILES.in @@ -5,3 +5,4 @@ src/locale/org.freedesktop.locale1.policy.in src/login/org.freedesktop.login1.policy.in src/machine/org.freedesktop.machine1.policy.in src/timedate/org.freedesktop.timedate1.policy.in +src/fsckd/fsckd.c diff --git a/src/fsckd/fsckd.c b/src/fsckd/fsckd.c index f24f8c1..158ef3e 100644 --- a/src/fsckd/fsckd.c +++ b/src/fsckd/fsckd.c @@ -24,6 +24,7 @@ #include #include +#include #include #include #include @@ -181,7 +182,7 @@ static int send_message_plymouth(Manager *m, const char *message) { if (r < 0) return log_warning_errno(errno, "Can't send to plymouth cancel key: %m"); m->plymouth_cancel_sent = true; -plymouth_cancel_message = strappenda("fsckd-cancel-msg:", "Press Ctrl+C to cancel all checks in progress"); +plymouth_cancel_message = strappenda("fsckd-cancel-msg:", _("Press Ctrl+C to cancel all checks in progress")); r = send_message_plymouth_socket(m->plymouth_fd, plymouth_cancel_message, false); if (r < 0) log_warning_errno(r, "Can't send cancel user message to plymouth: %m"); @@ -221,8 +222,10 @@ static int update_global_progress(Manager *m) { m->numdevices = current_numdevices; m->percent = current_percent; -if (asprintf(&console_message, "Checking in progress on %d disks (%3.1f%% complete)", -m->numdevices, m->percent) < 0) +if (asprintf(&console_message, + ngettext("Checking in progress on %d disk (%3.1f%% complete)", + "Checking in progress on %d disks (%3.1f%% complete)", m->numdevices), + m->numdevices, m->percent) < 0) return -ENOMEM; if (asprintf(&fsck_message, "fsckd:%d:%3.1f:%s", m->numdevices, m->percent, console_message) < 0) return -ENOMEM; @@ -505,6 +508,7 @@ int main(int argc, char *argv[]) { log_set_target(LOG_TARGET_AUTO); log_parse_environment(); log_open(); +init_gettext(); r = parse_argv(argc, argv); if (r <= 0) -- 2.1.4 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 3/9] Connect to plymouth and support cancellation of in, progress fsck
>From ec3b3d2cd4b0097f9fafa6c3f0f400e06292e21c Mon Sep 17 00:00:00 2001 From: Didier Roche Date: Thu, 5 Feb 2015 17:08:18 +0100 Subject: [PATCH 3/9] Connect to plymouth and support cancellation of in progress fsck Try to connect and send to plymouth (if running) some checked report progress, using direct plymouth protocole. Update message is the following: fsckd::: * num_devices corresponds to the current number of devices being checked (int) * progress corresponds to the current minimum percentage of all devices being checked (float, from 0 to 100) * string is a translated message ready to be displayed by the plymouth theme displaying the information above. It can be overriden by plymouth themes supporting i18n. Grab in fsckd plymouth watch key Control+C, and propagate this cancel request to systemd-fsck which will terminate fsck. Send a message to signal to user what key we are grabbing for fsck cancel. Message is: fsckd-cancel-msg: Where string is a translated string ready to be displayed by the plymouth theme indicating that Control+C can be used to cancel current checks. It can be overriden (matching only fsckd-cancel-msg prefix) for themes supporting i18n. --- src/fsck/fsck.c | 33 + src/fsckd/fsckd.c | 145 +- src/fsckd/fsckd.h | 5 ++ 3 files changed, 173 insertions(+), 10 deletions(-) diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c index d5aaf9e..1f5a3de 100644 --- a/src/fsck/fsck.c +++ b/src/fsck/fsck.c @@ -132,7 +132,7 @@ static void test_files(void) { } -static int process_progress(int fd, dev_t device_num) { +static int process_progress(int fd, pid_t fsck_pid, dev_t device_num) { _cleanup_fclose_ FILE *f = NULL; usec_t last = 0; _cleanup_close_ int fsckd_fd = -1; @@ -159,11 +159,13 @@ static int process_progress(int fd, dev_t device_num) { while (!feof(f)) { int pass; +size_t buflen; size_t cur, max; -ssize_t n; +ssize_t r; usec_t t; _cleanup_free_ char *device = NULL; FsckProgress progress; +FsckdMessage fsckd_message; if (fscanf(f, "%i %lu %lu %ms", &pass, &cur, &max, &device) != 4) break; @@ -181,9 +183,19 @@ static int process_progress(int fd, dev_t device_num) { progress.max = max; progress.pass = pass; -n = send(fsckd_fd, &progress, sizeof(FsckProgress), 0); -if (n < 0 || (size_t) n < sizeof(FsckProgress)) +r = send(fsckd_fd, &progress, sizeof(FsckProgress), 0); +if (r < 0 || (size_t) r < sizeof(FsckProgress)) log_warning_errno(errno, "Cannot communicate fsck progress to fsckd: %m"); + +/* get fsckd requests, only read when we have coherent size data */ +r = ioctl(fsckd_fd, FIONREAD, &buflen); +if (r == 0 && (size_t) buflen == sizeof(FsckdMessage)) { +r = recv(fsckd_fd, &fsckd_message, sizeof(FsckdMessage), 0); +if (r > 0 && fsckd_message.cancel) { +log_warning("Request to cancel fsck from fsckd"); +kill(fsck_pid, SIGTERM); +} +} } return 0; @@ -193,6 +205,7 @@ int main(int argc, char *argv[]) { const char *cmdline[9]; int i = 0, r = EXIT_FAILURE, q; pid_t pid; +int progress_rc; siginfo_t status; _cleanup_udev_unref_ struct udev *udev = NULL; _cleanup_udev_device_unref_ struct udev_device *udev_device = NULL; @@ -335,7 +348,7 @@ int main(int argc, char *argv[]) { progress_pipe[1] = safe_close(progress_pipe[1]); if (progress_pipe[0] >= 0) { -process_progress(progress_pipe[0], st.st_rdev); +progress_rc = process_progress(progress_pipe[0], pid, st.st_rdev); progress_pipe[0] = -1; } @@ -345,13 +358,14 @@ int main(int argc, char *argv[]) { goto finish; } -if (status.si_code != CLD_EXITED || (status.si_status & ~1)) { +if (status.si_code != CLD_EXITED || (status.si_status & ~1) || progress_rc != 0) { -if (status.si_code == CLD_KILLED || status.si_code == CLD_DUMPED) +/* cancel will kill fsck (but process_progress returns 0) */ +if ((progress_rc != 0 && status.si_code == CLD_KILLED) || status.si_code == CLD_DUMPED) log_error("fsck terminated by signal %s.", signal_to_string(status.si_status)); else if (status.si_code == CLD_EXITED) log_error("fsck failed with error code %i.", status.si_status); -else +else if (pr
[systemd-devel] [PATCH 4/9] Add gettext support
>From 94bc7097a176c90127a9ff0106e81b4fce6e9ff2 Mon Sep 17 00:00:00 2001 From: Didier Roche Date: Thu, 29 Jan 2015 16:12:58 +0100 Subject: [PATCH 4/9] Add gettext support --- configure.ac | 1 + src/shared/util.c | 8 src/shared/util.h | 2 ++ 3 files changed, 11 insertions(+) diff --git a/configure.ac b/configure.ac index 12e4ab2..1a2c02c 100644 --- a/configure.ac +++ b/configure.ac @@ -75,6 +75,7 @@ AS_IF([test -z "$INTLTOOL_POLICY_RULE"], [ GETTEXT_PACKAGE=systemd AC_SUBST(GETTEXT_PACKAGE) +AC_DEFINE_UNQUOTED(GETTEXT_PACKAGE, "$GETTEXT_PACKAGE", [systemd]) AC_PROG_MKDIR_P AC_PROG_LN_S diff --git a/src/shared/util.c b/src/shared/util.c index 891182a..dafec01 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -25,6 +25,8 @@ #include #include #include +#include +#include #include #include #include @@ -70,6 +72,7 @@ #include #endif +#include "config.h" #include "macro.h" #include "util.h" #include "ioprio.h" @@ -5773,6 +5776,11 @@ void *xbsearch_r(const void *key, const void *base, size_t nmemb, size_t size, return NULL; } +void init_gettext(void) { +setlocale(LC_ALL, ""); +textdomain(GETTEXT_PACKAGE); +} + bool is_locale_utf8(void) { const char *set; static int cached_answer = -1; diff --git a/src/shared/util.h b/src/shared/util.h index ca0c2e5..4450ef5 100644 --- a/src/shared/util.h +++ b/src/shared/util.h @@ -740,6 +740,8 @@ void *xbsearch_r(const void *key, const void *base, size_t nmemb, size_t size, int (*compar) (const void *, const void *, void *), void *arg); +#define _(String) gettext (String) +void init_gettext(void); bool is_locale_utf8(void); typedef enum DrawSpecialChar { -- 2.1.4 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 2/9] systemd-fsck: always connect to systemd-fsckd
>From 1579acc911be682cddf4fc91646c4ded231a409a Mon Sep 17 00:00:00 2001 From: Didier Roche Date: Mon, 26 Jan 2015 16:01:11 +0100 Subject: [PATCH 2/9] systemd-fsck: always connect to systemd-fsckd Remove the plymouth running or show-status checks from systemd-fsck. Instead, always connect to systemd-fsckd socket, and let this one decide if we display progress or not. --- src/fsck/fsck.c | 12 src/fsckd/fsckd.c | 8 +--- 2 files changed, 9 insertions(+), 11 deletions(-) diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c index 9d9739b..d5aaf9e 100644 --- a/src/fsck/fsck.c +++ b/src/fsck/fsck.c @@ -45,7 +45,6 @@ static bool arg_skip = false; static bool arg_force = false; -static bool arg_show_progress = false; static const char *arg_repair = "-a"; static void start_target(const char *target) { @@ -131,8 +130,6 @@ static void test_files(void) { } #endif -if (access("/run/systemd/show-status", F_OK) >= 0 || plymouth_running()) -arg_show_progress = true; } static int process_progress(int fd, dev_t device_num) { @@ -292,11 +289,10 @@ int main(int argc, char *argv[]) { log_warning_errno(r, "fsck.%s cannot be used for %s: %m", type, device); } -if (arg_show_progress) -if (pipe(progress_pipe) < 0) { -log_error_errno(errno, "pipe(): %m"); -return EXIT_FAILURE; -} +if (pipe(progress_pipe) < 0) { +log_error_errno(errno, "pipe(): %m"); +return EXIT_FAILURE; +} cmdline[i++] = "/sbin/fsck"; cmdline[i++] = arg_repair; diff --git a/src/fsckd/fsckd.c b/src/fsckd/fsckd.c index 4a16f3d..45b8d64 100644 --- a/src/fsckd/fsckd.c +++ b/src/fsckd/fsckd.c @@ -258,9 +258,11 @@ static int manager_new(Manager **ret, int fd) { return r; m->connection_fd = fd; -m->console = fopen("/dev/console", "we"); -if (!m->console) -return log_warning_errno(errno, "Can't connect to /dev/console: %m"); +if (access("/run/systemd/show-status", F_OK) >= 0) { +m->console = fopen("/dev/console", "we"); +if (!m->console) +return log_warning_errno(errno, "Can't connect to /dev/console: %m"); +} m->percent = 100; *ret = m; -- 2.1.4 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH 1/9] fsckd daemon for inter-fsckd communication
Hey, Posting the new set of patches for the fsck/plymouth integration, rebased from all the comments and the systemd event loop system. This version talks the raw plymouth protocol directly, supporting only what is needed (sending updates, messages, requesting key listening, get key events). It's using Control+C as the cancellation key. If plymouth disconnects and then later respawn, the connection will be taken back. Same for any new fsck connection incoming after a cancellation (they will get cancelled right away). The update progress message is always reflecting the current connection state (they will only disappear once they are actually cleaned). As always, I'm opened to any comments. Cheers, Didier >From ac8d6f10768a5bcba0b7932547419637983637b2 Mon Sep 17 00:00:00 2001 From: Didier Roche Date: Wed, 4 Feb 2015 16:42:47 +0100 Subject: [PATCH 1/9] fsckd daemon for inter-fsckd communication Add systemd-fsckd multiplexer which accepts multiple systemd-fsck instances to connect to it and sends progress report. systemd-fsckd then computes and writes to /dev/console the number of devices currently being checked and the minimum fsck progress. This will be used for interactive progress report and cancelling in plymouth. systemd-fsckd stops on idle when no systemd-fsck is connected. Make the necessary changes to systemd-fsck to connect to the systemd-fsckd socket. --- .gitignore | 1 + Makefile.am| 13 ++ src/fsck/fsck.c| 88 +--- src/fsckd/Makefile | 1 + src/fsckd/fsckd.c | 403 + src/fsckd/fsckd.h | 34 + 6 files changed, 486 insertions(+), 54 deletions(-) create mode 12 src/fsckd/Makefile create mode 100644 src/fsckd/fsckd.c create mode 100644 src/fsckd/fsckd.h diff --git a/.gitignore b/.gitignore index ab6d9d1..9400e75 100644 --- a/.gitignore +++ b/.gitignore @@ -74,6 +74,7 @@ /systemd-evcat /systemd-firstboot /systemd-fsck +/systemd-fsckd /systemd-fstab-generator /systemd-getty-generator /systemd-gnome-ask-password-agent diff --git a/Makefile.am b/Makefile.am index c463f23..e0e8bc6 100644 --- a/Makefile.am +++ b/Makefile.am @@ -389,6 +389,7 @@ rootlibexec_PROGRAMS = \ systemd-remount-fs \ systemd-reply-password \ systemd-fsck \ + systemd-fsckd \ systemd-machine-id-commit \ systemd-ac-power \ systemd-sysctl \ @@ -2355,6 +2356,18 @@ systemd_fsck_LDADD = \ libsystemd-shared.la # -- +systemd_fsckd_SOURCES = \ + src/fsckd/fsckd.c \ + $(NULL) + +systemd_fsckd_LDADD = \ + libsystemd-internal.la \ + libsystemd-label.la \ + libsystemd-shared.la \ + libudev-internal.la \ + $(NULL) + +# -- systemd_machine_id_commit_SOURCES = \ src/machine-id-commit/machine-id-commit.c \ src/core/machine-id-setup.c \ diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c index 20b7940..9d9739b 100644 --- a/src/fsck/fsck.c +++ b/src/fsck/fsck.c @@ -27,6 +27,7 @@ #include #include #include +#include #include "sd-bus.h" #include "libudev.h" @@ -39,6 +40,8 @@ #include "fileio.h" #include "udev-util.h" #include "path-util.h" +#include "socket-util.h" +#include "fsckd/fsckd.h" static bool arg_skip = false; static bool arg_force = false; @@ -132,58 +135,42 @@ static void test_files(void) { arg_show_progress = true; } -static double percent(int pass, unsigned long cur, unsigned long max) { -/* Values stolen from e2fsck */ - -static const int pass_table[] = { -0, 70, 90, 92, 95, 100 +static int process_progress(int fd, dev_t device_num) { +_cleanup_fclose_ FILE *f = NULL; +usec_t last = 0; +_cleanup_close_ int fsckd_fd = -1; +static const union sockaddr_union sa = { +.un.sun_family = AF_UNIX, +.un.sun_path = FSCKD_SOCKET_PATH, }; -if (pass <= 0) -return 0.0; - -if ((unsigned) pass >= ELEMENTSOF(pass_table) || max == 0) -return 100.0; - -return (double) pass_table[pass-1] + -((double) pass_table[pass] - (double) pass_table[pass-1]) * -(double) cur / (double) max; -} - -static int process_progress(int fd) { -_cleanup_fclose_ FILE *console = NULL, *f = NULL; -usec_t last = 0; -bool locked = false; -int clear = 0; +fsckd_fd = socket(AF_UNIX, SOCK_STREAM | SOCK_CLOEXEC, 0); +if (fsckd_fd < 0) { +log_warning_errno(errno, "Cannot open fsckd socket, we won't report fsck progress: %m"); +return -errno; +} +if (connect(fsckd_fd, &sa.sa, offsetof(struct sockaddr_un, sun_path) + strlen(sa.un.sun_path)) < 0) { +log_warning_errno(errno, "Cannot connect to fsckd socket, we won't report fsck progress: %m"); +return -e
[systemd-devel] [PATCH] preset-transient
Some context for this patch. I would like to support a new preset model, which has the following properties: - distribution shipped defaults are enabled - and are applied to each boot/upgrade - without overriding any user configuration In many ways it is very similar to existing functionality but not quite possible to achieve all of the above. Thus, I'm introducing a new optional functionality, new unit configuration directory, and new transient-preset configurations. On each boot, if TransientPreset=yes, presets from /usr/lib/systemd/system-preset-transient/*.preset are applied into configuration path /run/systemd/system-preset-transient/. An upgrade tool, sysadmin can repeat that action at appropriate points by also calling: systemctl --runtime preset-all. If distribution integrates usage of Transient Presets, it gains a few very nice properties. Fresh installations, much upgrades. User/admin modifications are preserved. And there is no additional logic required to maintain separation / diffs between system-defaults and user-modifications. At the moment distributions like Debian (where most things are enabled by default) maintain a complex state in /var/ which tracks which things were distro-enabled before/after the upgrade, as well as whether user/admin has disabled/enabled things before/after the upgrade and try hard to correctly reconcile the correct state for all units. However, with this patch, most of this segregation moves away. The "transient presets" concept was discussed at the systemd hackfest in Brussels. I hope this matches at least some expectations and things we agreed upon there, but face-to-face meetings have a high amount of details that get lost/misunderstood, so comments & questions & review are welcomed. I'm starting to integrate and use this concept already, and I'm hoping it's un-intrusive enough to be included upstream. The remaining part, which is not addressed in this patch series, yet, is the ability to override .wants/ symlink from a higher order configuration directory. That is if the following symlinks are present: /etc/systemd/system/foo.service.wants/bar.service -> /dev/null /usr/lib/systemd/system/foo.service.wants/bar.service -> ../bar.service There is no wants dependency added from foo.service -> bar.service. This bit is discussed in details and agreed upon on the mailing list. (Unwants thread has urls to the messages) Regards, Dimitri. Dimitri John Ledkov (1): Add support for transient presets, applied on every boot. man/systemd-system.conf.xml | 1 + src/core/main.c | 30 +++ src/core/system.conf| 1 + src/core/unit.c | 2 +- src/shared/install.c| 59 ++--- src/shared/install.h| 2 +- src/shared/path-lookup.c| 2 ++ 7 files changed, 76 insertions(+), 21 deletions(-) -- 2.1.0 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] Add support for transient presets, applied on every boot.
--- man/systemd-system.conf.xml | 1 + src/core/main.c | 30 +++ src/core/system.conf| 1 + src/core/unit.c | 2 +- src/shared/install.c| 59 ++--- src/shared/install.h| 2 +- src/shared/path-lookup.c| 2 ++ 7 files changed, 76 insertions(+), 21 deletions(-) diff --git a/man/systemd-system.conf.xml b/man/systemd-system.conf.xml index 7137fdb..fe2d484 100644 --- a/man/systemd-system.conf.xml +++ b/man/systemd-system.conf.xml @@ -94,6 +94,7 @@ DumpCore=yes CrashShell=no ShowStatus=yes +TransientPreset=no CrashChVT=1 DefaultStandardOutput=journal DefaultStandardError=inherit diff --git a/src/core/main.c b/src/core/main.c index 0749f04..d3328f5 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -93,6 +93,7 @@ static bool arg_crash_shell = false; static int arg_crash_chvt = -1; static bool arg_confirm_spawn = false; static ShowStatus arg_show_status = _SHOW_STATUS_UNSET; +static bool arg_transient_preset = false; static bool arg_switched_root = false; static int arg_no_pager = -1; static char ***arg_join_controllers = NULL; @@ -336,6 +337,14 @@ static int parse_proc_cmdline_item(const char *key, const char *value) { if (r < 0) log_warning("Failed to parse show status switch %s. Ignoring.", value); +} else if (streq(key, "systemd.transient_preset") && value) { + +r = parse_boolean(value); +if (r < 0) +log_warning("Failed to parse transient_preset switch %s. Ignoring.", value); +else +arg_transient_preset = r; + } else if (streq(key, "systemd.default_standard_output") && value) { r = exec_output_from_string(value); @@ -635,6 +644,7 @@ static int parse_config_file(void) { { "Manager", "DumpCore", config_parse_bool, 0, &arg_dump_core }, { "Manager", "CrashShell",config_parse_bool, 0, &arg_crash_shell }, { "Manager", "ShowStatus", config_parse_show_status, 0, &arg_show_status }, +{ "Manager", "TransientPreset", config_parse_bool, 0, &arg_transient_preset }, { "Manager", "CrashChVT", config_parse_int, 0, &arg_crash_chvt}, { "Manager", "CPUAffinity", config_parse_cpu_affinity2,0, NULL }, { "Manager", "JoinControllers", config_parse_join_controllers, 0, &arg_join_controllers }, @@ -704,6 +714,7 @@ static int parse_argv(int argc, char *argv[]) { ARG_CRASH_SHELL, ARG_CONFIRM_SPAWN, ARG_SHOW_STATUS, +ARG_TRANSIENT_PRESET, ARG_DESERIALIZE, ARG_SWITCHED_ROOT, ARG_DEFAULT_STD_OUTPUT, @@ -727,6 +738,7 @@ static int parse_argv(int argc, char *argv[]) { { "crash-shell", optional_argument, NULL, ARG_CRASH_SHELL }, { "confirm-spawn",optional_argument, NULL, ARG_CONFIRM_SPAWN}, { "show-status", optional_argument, NULL, ARG_SHOW_STATUS }, +{ "transient-preset", optional_argument, NULL, ARG_TRANSIENT_PRESET }, { "deserialize", required_argument, NULL, ARG_DESERIALIZE }, { "switched-root",no_argument, NULL, ARG_SWITCHED_ROOT}, { "default-standard-output", required_argument, NULL, ARG_DEFAULT_STD_OUTPUT, }, @@ -879,6 +891,15 @@ static int parse_argv(int argc, char *argv[]) { arg_show_status = SHOW_STATUS_YES; break; +case ARG_TRANSIENT_PRESET: +r = optarg ? parse_boolean(optarg) : 1; +if (r < 0) { +log_error("Failed to parse transient preset boolean %s.", optarg); +return r; +} +arg_transient_preset = r; +break; + case ARG_DESERIALIZE: { int fd; FILE *f; @@ -961,6 +982,7 @@ static int help(void) { " --crash-shell[=0|1] Run shell on crash\n" " --confirm-spawn[=0|1] Ask for confirmation when spawning processes\n" " --show-status[=0|1] Show status upd
Re: [systemd-devel] [systemd-commits] src/timesync
On Wed, Feb 04, 2015 at 06:28:59PM +0100, Zbigniew Jędrzejewski-Szmek wrote: > On Wed, Feb 04, 2015 at 06:24:13PM +0100, Lennart Poettering wrote: > > - If we did not manage to get a successful sync, try again > > immediately, but not any more often than once per 10s or so... > I think we should fall back here too, maybe more slowly. In case we can't > connect, we shouldn't spam the network too much. Yes, unless sendto() is failing (i.e. no packet was sent) the polling interval should be increasing exponentially up to the maximum (4096 s) to prevent overloading network or servers. Once per 10 seconds is way too frequent. -- Miroslav Lichvar ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCHv2] sysctl: consider --prefix while parsing the files
On Wed, Feb 4, 2015 at 4:55 PM, Zbigniew Jędrzejewski-Szmek wrote: > On Wed, Feb 04, 2015 at 03:50:01PM +0100, Umut Tezduyar Lindskog wrote: >> not while applying the parsed sysctl values. Otherwise >> info "Overwriting earlier assignment of %s in file %s" is >> visible many times even though the given --prefix doesn't >> try to set the overridden value. >> --- >> src/sysctl/sysctl.c | 32 >> 1 file changed, 16 insertions(+), 16 deletions(-) >> >> diff --git a/src/sysctl/sysctl.c b/src/sysctl/sysctl.c >> index 973e67e..b22aff5 100644 >> --- a/src/sysctl/sysctl.c >> +++ b/src/sysctl/sysctl.c >> @@ -78,22 +78,6 @@ static int apply_sysctl(const char *property, const char >> *value) { >> n = stpcpy(p, "/proc/sys/"); >> strcpy(n, property); >> >> -if (!strv_isempty(arg_prefixes)) { >> -char **i; >> -bool good = false; >> - >> -STRV_FOREACH(i, arg_prefixes) >> -if (path_startswith(p, *i)) { >> -good = true; >> -break; >> -} >> - >> -if (!good) { >> -log_debug("Skipping %s", p); >> -return 0; >> -} >> -} >> - >> k = write_string_file(p, value); >> if (k < 0) { >> log_full(k == -ENOENT ? LOG_DEBUG : LOG_WARNING, >> @@ -173,6 +157,22 @@ static int parse_file(Hashmap *sysctl_options, const >> char *path, bool ignore_eno >> p = normalize_sysctl(strstrip(p)); >> value = strstrip(value); >> >> +if (!strv_isempty(arg_prefixes)) { >> +char **i, *t; >> +bool good = false; >> +STRV_FOREACH(i, arg_prefixes) { >> +t = path_startswith(*i, "/proc/sys/"); >> +if (t == NULL) >> +t = *i; >> +if (path_startswith(p, t)) { >> +good = true; >> +break; >> +} >> +} >> +if (!good) >> +continue; >> +} > While at it, wouldn't it be better to use a goto and do away with the > good variable. This will give a diff of -7/+3, a win also for readability > imho. How Zbyszek. I am confused. Umut > > Zbyszek > > >> + >> existing = hashmap_get2(sysctl_options, p, &v); >> if (existing) { >> if (streq(value, existing)) > ___ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] ata_id: remove unused header files
Signed-off-by: Robert Milasan --- src/udev/ata_id/ata_id.c | 4 1 file changed, 4 deletions(-) diff --git a/src/udev/ata_id/ata_id.c b/src/udev/ata_id/ata_id.c index 31bc167..9e4f674 100644 --- a/src/udev/ata_id/ata_id.c +++ b/src/udev/ata_id/ata_id.c @@ -34,12 +34,8 @@ #include #include #include -#include #include -#include -#include #include -#include #include "libudev.h" #include "libudev-private.h" -- 1.8.4.5 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd-nspawn create container under unprivileged user
2015-02-05 12:44 GMT+03:00 Alban Crequy : > Manual page namespaces(7): > >Creation of new namespaces using clone(2) and unshare(2) in most > cases >requires the CAP_SYS_ADMIN capability. User namespaces are the >exception: since Linux 3.8, no privilege is required to create a > user >namespace. > So as i understand i can't create full featured container with network under non root user (and not have cap_sys_admin) -- Vasiliy Tolstov, e-mail: v.tols...@selfip.ru jabber: v...@selfip.ru ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] sysv-generator: Skip init scripts for existing native services
"Jóhann B. Guðmundsson" [2015-02-04 22:36 +]: > I expect Debian to do the same sane thing as everyone else did back in the > day and strike out that components will be allowed to migrate to units > [...] > Then next thing the Debian community will realize is that once maintainers > have made the switch to use units they will have to stick the legacy sysv > initscript in a separated sub component which will depend on a virtual > provide for all the other init systems ( that is if the maintainers want to > support those et all ). For the record: For the time being, Debian doesn't "migrate" from sysv to systemd; it keeps all sysv init scripts as it also still needs to work with sysvinit, so it keeps units and sysv scripts in sync. (Just stating the situation; I don't want to discuss the "why" really, that was long and painful enough :-) Just describing the status quo). Thanks, Martin -- Martin Pitt| http://www.piware.de Ubuntu Developer (www.ubuntu.com) | Debian Developer (www.debian.org) ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] What's the correct way to configure encrypted volume and mount point?
On 02/02/15 20:54, Lennart Poettering wrote: > On Sat, 31.01.15 11:21, John Lane (syst...@jelmail.com) wrote: > >> Further to this, I tried manually creating a systemd-cryptsetup unit >> instead of putting an entry in /etc/crypttab. >> This allowed me to remove the "RequiresMountsFor" entry. > Yeah, I figure for your usecase a "WantsMountsFor=" setting would be > useful. ("Wants" is generally the softer variant of "Requires" for us). > > Added to the TODO list for now. > > Lennart > I assume "WantsMountsFor" will work similarly to "RequiresMountsFor" in that it will add a "Wants" and "Requires" dependencies. So, I just did a quick test by adding "Wants" and "Requires" has no detrimental effect on my use-case. My custom unit works fine without the dependency (thanks to the use of an automount) but adding those dependencies doesn't stop it working as desired. Will the TODO just replace the current use by the crypttab generator of "RequiresMountsFor" with "WantsMountsFor", or will an additional crypttab option (x-systemd-...) be required to make it configure it that way ? I'll look out for this being implemented and will try it out. Thanks for adding to the list. John ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] systemd-nspawn create container under unprivileged user
[reposting - sorry I forgot to Cc the mailing list] On 4 February 2015 at 23:03, Vasiliy Tolstov wrote: > Hello! > Does it possible to create container as regular user? Oh what capabilities i > need to add to create container not using root? Hello, Manual page namespaces(7): Creation of new namespaces using clone(2) and unshare(2) in most cases requires the CAP_SYS_ADMIN capability. User namespaces are the exception: since Linux 3.8, no privilege is required to create a user namespace. systemd-nspawn uses: src/nspawn/nspawn.c: pid = raw_clone(SIGCHLD|CLONE_NEWNS| (arg_share_system ? 0 : CLONE_NEWIPC|CLONE_NEWPID|CLONE_NEWUTS)| (arg_private_network ? CLONE_NEWNET : 0), NULL); So you need to have CAP_SYS_ADMIN to use systemd-nspawn. If you want to try user namespaces, it is something that is still moving... Manual page user_namespaces(7): Starting in Linux 3.8, unprivileged processes can create user namespaces, and mount, PID, IPC, network, and UTS namespaces can be created with just the CAP_SYS_ADMIN capability in the caller's user namespace. But it is not true in most Linux distributions as they disable unprivileged user namespaces and require CAP_SYS_ADMIN anyway. See for example: http://anonscm.debian.org/viewvc/kernel/dists/trunk/linux/debian/patches/debian/add-sysctl-to-disallow-unprivileged-CLONE_NEWUSER-by-default.patch?revision=20773&view=markup and: echo 1 > /proc/sys/kernel/unprivileged_userns_clone Additionally, the program userns_child_exec.c included in manual page namespaces(7) does not work as is yet because since the changes introduced by CVE-2014-8989, it needs to adjust /proc/pid/setgroups. See: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=66d2f338ee4c449396b6f99f5e75cd18eb6df272 Cheers, Alban ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 1/2] Add sd_event_loop_timeout to sd_event
Le 04/02/2015 18:20, Lennart Poettering a écrit : On Wed, 04.02.15 17:40, Didier Roche (didro...@ubuntu.com) wrote: Le 04/02/2015 17:10, Lennart Poettering a écrit : On Wed, 04.02.15 17:05, Didier Roche (didro...@ubuntu.com) wrote: Hey, I rewrote a version of this patch including the feedback on the list. As per IRC discussion, (and after giving up the busy loop for a rewrite with epool), I did rebase it again on sd_event. I'm only proposing there up for review the 2 first patches (without plymouth communication, cancel support, i18n, man pages and the service and socket) so that I don't have to rebase all other 10 patches on a moving ground. Tom just added support for installing timer events with a NULL callback, that trigger event loop exit. I kinda prefer that solution over a new call sd_event_loop() with timeout. sd_event_add_time(event, NULL, CLOCK_MONOTONIC, now(CLOCK_MONOTONIC) + 5 * USEC_PER_SEC, NULL, NULL); So, it means that I need to reset it after any received activity, is that ok? (as this will be really frequent as each clients in parallel can send a message each 50ms). The goal is to have a global "inactivity" timeout. I didn't see a way to cancel this event source though? Oh, I see, you actually want a real idle logic, not just a normal timer. So far, for daemons like timedated, localed and so on, we are using an idle logic that is implemented in bus_event_loop_with_idle() in src/libsystemd/sd-bus/bus-util.c. It does considerably more than what you need (since it contains all the magic to racefully do exit-on-idle for bus services so that no bus messages are lost). I think the best would be to take inspiration from that code, isolate there basic minimum out of it, without all the dbus logic, and then stick that in your C file. We can generalize such exit-on-idle logic one day, somewhere between sd-bus and sd-event, but that requires considerabe design work, so that we find a generic solution that works for you and also covers this dbus case without hacks. For now it's hence better if you just take inspiration from bus_event_loop_with_idle(), drop all the bus-specific bits, and stick it in your .c code... Making sense. Done and fixed. Thanks a lot Cheers, Didier ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel