Still use helper when Xen Dom0, to avoid duplicating some hairy code.
Future: generate BootLoaderSpec files for other kernel install locations
v2: support specifying the kernel version
support appending to the kernel cmdline
some docs
support double force with kexec
allow rpmvercm
---
src/core/main.c | 27 +++
src/core/unit.c | 2 +-
src/shared/install.c | 25 -
src/shared/install.h | 2 +-
4 files changed, 49 insertions(+), 7 deletions(-)
diff --git a/src/core/main.c b/src/core/main.c
index 08f46f5..2656779 10064
After some additional testing, I found a bug in this patch where it would not
compile with seccomp disabled. I’ve updated the patch at
https://github.com/jayofdoom/systemd/pull/4.patch — also I’ve attached the
fixed patch.
-Jay
refactor-nspawn-map-seccomp-to-capabilities.patch
Description: re
Hi all,
At the suggestion (and with the assistance of) a co-worker, we remade this
patch to not have quite as much repeated code. The new version is attached and
can be found here https://github.com/jayofdoom/systemd/pull/4.patch — thanks!
refactor-nspawn-map-seccomp-to-capabilities.patch
Desc
Hi all,
Two weeks ago[1] I patched systemd-nspawn to respect CAP_SYS_MODULE with
regards to setting seccomp filters. As I needed access to some of the other
blocked syscalls as well, I have a patch to map all seccomp filters to various
capabilities, and to only set those filters if the matching
Still use helper when Xen Dom0, to avoid duplicating some hairy code.
---
Makefile.am | 4 +-
TODO | 3 -
src/power/shutdown.c | 28 ---
src/shared/missing.h | 11 +++
src/shared/strv.c | 9 ++-
src/systemctl/bootspec.c | 195 ++
---
Makefile.am| 2 +
src/shared/rpmvercmp.c | 122 +
src/shared/rpmvercmp.h | 14 ++
3 files changed, 138 insertions(+)
create mode 100644 src/shared/rpmvercmp.c
create mode 100644 src/shared/rpmvercmp.h
diff --git a/Makefile.a
---
TODO | 2 ++
1 file changed, 2 insertions(+)
diff --git a/TODO b/TODO
index 52a32d3..bf66ba1 100644
--- a/TODO
+++ b/TODO
@@ -32,6 +32,8 @@ External:
* When lz4 gets an API for lz4 command output, make use of it to
compress coredumps in a way compatible with /usr/bin/lz4.
+* Fix emacs f
---
man/systemd-halt.service.xml | 1 -
man/systemd-shutdownd.service.xml | 1 -
man/systemd-suspend.service.xml | 1 -
3 files changed, 3 deletions(-)
diff --git a/man/systemd-halt.service.xml b/man/systemd-halt.service.xml
index c94e2a1..7e7f8f2 100644
--- a/man/systemd-halt.service.xml
---
man/systemd.timer.xml | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/man/systemd.timer.xml b/man/systemd.timer.xml
index 20890f2..4207be0 100644
--- a/man/systemd.timer.xml
+++ b/man/systemd.timer.xml
@@ -230,8 +230,9 @@
be suspended and if the system support
---
Makefile.am | 6 +-
src/core/shutdown.c | 420 -
src/power/Makefile| 28 +++
src/power/shutdown.c | 420 +
src/power/shutdownd.c | 461 +++
from https://github.com/fbuihuu/libtree (LGPLv2.1+)
---
Makefile.am | 2 +
src/shared/rbtree.c | 482
src/shared/rbtree.h | 79 +
3 files changed, 563 insertions(+)
create mode 100644 src/shared/rbtree.c
create mode 100644 s
They are not executed by a user (they all check how they were executed)
so we can use assert() in main() just like we would anywhere else.
---
src/power/shutdown.c | 20 ++--
src/power/shutdownd.c | 22 --
src/power/sleep.c | 14 +++---
3 files chan
Hi,
Using fresh installation with suse 13.2 my startup with systemd is
failing...
Feb 20 18:56:55 linux02 systemd-udevd[1019]: worker [1024]
/devices/pci:00/:00:1c.4/:03:00.0/net/eth1 is taking a long time
Feb 20 18:57:22 linux02 systemd[1]: Timed out waiting for device
dev-di
---
src/shared/util.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/shared/util.c b/src/shared/util.c
index dc65280..6729461 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -1692,6 +1692,7 @@ bool chars_intersect(const char *a, const char *b) {
bool fstype_is_network(const c
assert(b->pipe[0] >= 0 && b->pipe[0] >= 0);
Test the same condition twice, pretty sure we mean
assert(b->pipe[0] >= 0 && b->pipe[1] >= 0);
---
src/shared/barrier.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/shared/barrier.c b/src/shared/barrier.c
index f65363a..b7d
From: Alban Crequy
Manpage systemd.mount(5) says: "If the mount point does not exist at the
time of mounting, it is created." However, it was not working for bind
mounts of non-directory files (regular, device, socket, etc).
This patch checks the type of the resource to bind mount and does a
"to
В Fri, 20 Feb 2015 10:56:42 +0100
Jan Synacek пишет:
> To be more consistent with how dracut parses rd.luks.key, it is now
> allowed to specified it in the format "keyfile[:keyfile_device]".
>
> Should keyfile_device be provided, it needs to be in "UUID=uuid-here"
> format. Also, keyfile path is
В Fri, 20 Feb 2015 12:20:09 +0100
Przemyslaw Rudy пишет:
> Right, not in the doc. In fedora it is used in:
> /usr/lib/dracut/modules.d/90crypt/parse-crypt.sh
>
It is also upstream.
> Simply a device timeout in seconds.
>
> On 02/20/2015 11:53 AM, Jan Synacek wrote:
> > Przemyslaw Rudy writes
В Fri, 20 Feb 2015 10:56:41 +0100
Jan Synacek пишет:
> First version of the patch that allows rd.luks.key to be specified almost the
> same way as dracut can
> read it.
>
This sounds like working around dracut bug. Dracut already has code to
deal with it, it updates /etc/crypttab and reload sy
On Fri, 20.02.15 08:38, h15...@mailas.com (h15...@mailas.com) wrote:
> I'm working on a machine running systemd v210 (Opensuse 13.2)
This is a really old systemd version, please ask downtream for help on
such old version!
> Its disks are all on RAID.
>
> /boot is on RAID1 on /dev/md126
>
> The
On Fri, 20 Feb 2015 22:14:20 +0530, Zbigniew Jędrzejewski-Szmek
wrote:
On Thu, Feb 19, 2015 at 12:10:04PM +0100, Lennart Poettering wrote:
On Thu, 19.02.15 13:28, Susant Sahani (sus...@redhat.com) wrote:
> This patch adds support for RFC 5424 syslog format to journald.
Journald
> can now
On Thu, Feb 19, 2015 at 12:10:04PM +0100, Lennart Poettering wrote:
> On Thu, 19.02.15 13:28, Susant Sahani (sus...@redhat.com) wrote:
>
> > This patch adds support for RFC 5424 syslog format to journald. Journald
> > can now forward logs to a multicast UDP group.
> >
> > RFC 5424 format:
> > VER
I'm working on a machine running systemd v210 (Opensuse 13.2)
Its disks are all on RAID.
/boot is on RAID1 on /dev/md126
The remaining partitions are on LVM-on-RAID10
The LVs are
LV_ROOT VG0 -wi-ao--- 20.00g
LV_SWAP VG0
On Fri, 20.02.15 15:36, Martin Pitt (martin.p...@ubuntu.com) wrote:
> Hello all,
>
> Since we updated to 219 in Ubuntu, several people reported boot
> failures. Booting hangs a long time after starting D-Bus, in the
> journal you get a lot of error messages like
>
>systemd[1]: Failed to regi
On Fri, 20.02.15 10:18, Peter Jones (pjo...@redhat.com) wrote:
> ---
> [Unit]
> Description=Secure Boot DBX updater
> After=local-fs.target
THis is a late boot service now, given that you do not use
DefaultDependencies=no. Late boot services are
On Fri, 20.02.15 10:33, Peter Jones (pjo...@redhat.com) wrote:
> > This is wrong. efivarfs is an API file system that is not exposed as .mount
> > unit. It's always mounted by PID 1 early on, like /proc. Please remove.
>
> Okay, that's definitely useful info. Which piece of documentation
> shoul
On Fri, Feb 20, 2015 at 04:01:26PM +0100, Lennart Poettering wrote:
> Heya,
>
> On 18.02.2015 19:14, Peter Jones wrote:
>
> >Description=Secure Boot DBX updater
>
> It would be good to mention what "DBX" is.
>
> >RequiresMountsFor=/usr/bin/ /usr/share/dbxtool/
>
> This is unnecessary. Please r
Hey Zbigniew,
Zbigniew Jędrzejewski-Szmek [2015-02-20 16:08 +0100]:
> Anything interesetingif you attach gdb to systemd-jouranld?Can you
> paste bt
It's in __epoll_wait_nocancel (glibc) → sd_event_wait() ->
sd_event_run() -> main(), nothing surprising I'd say.
> and the Server variable (IIRC, i
On Fri, Feb 20, 2015 at 05:32:44AM +0100, Zbigniew Jędrzejewski-Szmek wrote:
> > > dbxtools.service declares itself both before basic.target, and also
> > > after basic.target (It has the default DefaultDependencies=yes, which
> > > adds a dependency on basic.target automatically. It declares itsel
On Fri, Feb 20, 2015 at 04:01:34PM +0100, Didier Roche wrote:
> Le 20/02/2015 15:41, Michael Biebl a écrit :
> >2015-02-20 15:36 GMT+01:00 Martin Pitt :
> >>Hello all,
> >>
> >>Since we updated to 219 in Ubuntu, several people reported boot
> >>failures. Booting hangs a long time after starting D-B
Le 20/02/2015 15:41, Michael Biebl a écrit :
2015-02-20 15:36 GMT+01:00 Martin Pitt :
Hello all,
Since we updated to 219 in Ubuntu, several people reported boot
failures. Booting hangs a long time after starting D-Bus, in the
journal you get a lot of error messages like
systemd[1]: Failed
2015-02-20 15:36 GMT+01:00 Martin Pitt :
> Hello all,
>
> Since we updated to 219 in Ubuntu, several people reported boot
> failures. Booting hangs a long time after starting D-Bus, in the
> journal you get a lot of error messages like
>
>systemd[1]: Failed to register match for Disconnected me
Hello all,
Since we updated to 219 in Ubuntu, several people reported boot
failures. Booting hangs a long time after starting D-Bus, in the
journal you get a lot of error messages like
systemd[1]: Failed to register match for Disconnected message: Connection
timed out
systemd-logind[749]:
Zitat von Lennart Poettering :
On Thu, 19.02.15 19:46, Peter Paule (systemd-de...@fedux.org) wrote:
BTW:
--dkr-index-url cannot handle http redirects
By accident I tried "http://index.docker.io"; and this will be redirected to
"https://index.docker.io"; but importd cannot handle this.
I t
On 19-02-2015 19:23, Greg KH wrote:
> Then you are lucky. PCI can reorder device ids any time it wants to at
> boot time. I had a box that would do so every other boot, it made it
> wonderful for fixing lots of bugs in distros. Never assume PCI device
> probe order is ever deterministic, because
Here's a small patch for changing the documentation.
add_hint_for_updating_local_dkr_image.patch
Description: Binary data
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
From: Alban Crequy
When a service is chrooted with the option RootDirectory=/opt/..., then
the option PrivateDevices=true must mount the private /dev in
$RootDirectory/dev instead of /dev.
v2:
- create the $RootDirectory/dev directory if missing. This is
consistent with mount unit creating t
Hi
On Fri, Feb 20, 2015 at 1:54 PM, Simon McVittie
wrote:
> On 20/02/15 12:43, David Herrmann wrote:
>>
>> -1 is not a valid value. It should be silently dropped, so we're fine
>> here.
>
>
> Perhaps I'm misunderstanding what you're saying here and we're actually
> agreeing, but for clarity:
Yea
On Thu, 19.02.15 19:46, Peter Paule (systemd-de...@fedux.org) wrote:
> BTW:
>
> --dkr-index-url cannot handle http redirects
>
> By accident I tried "http://index.docker.io"; and this will be redirected to
> "https://index.docker.io"; but importd cannot handle this.
I think this is actually a p
On 20/02/15 12:43, David Herrmann wrote:
-1 is not a valid value. It should be silently dropped, so we're fine here.
Perhaps I'm misunderstanding what you're saying here and we're actually
agreeing, but for clarity:
The specification for GetConnectionCredentials deliberately does not
docume
Hi
On Fri, Feb 20, 2015 at 1:20 PM, Simon McVittie
wrote:
> On 19/02/15 21:26, Djalal Harouni wrote:
>>
>> On Thu, Feb 19, 2015 at 05:44:34PM +0100, Djalal Harouni wrote:
>>>
>>> On Thu, Feb 19, 2015 at 01:05:22PM +, Simon McVittie wrote:
On 19/02/15 12:43, Lukasz Skalski wrote:
>>>
On Fri, Feb 20, 2015 at 11:15:36AM +0100, Przemyslaw Rudy wrote:
> Could you use the rd.luks.key.tout= instead of hardcoded
> JobTimeoutSec=30, as the dracut does?
Maybe we could rename it to rd.luks.key.device-timeout= ? tout is not
really descriptive. (Old name should be kept for comptibility, th
Zitat von Lennart Poettering :
If you invoke pull-dkr again, you can remove and replace the writable
snapshot with "--force", or you can simply give it a new name by
specifying it at the end of the command line.
dkr doesn't know the concept of updating containers that have already
been written
From: Harald Hoyer
path_is_mount_point() compares the mount_id of a directory and the
mount_id of the parent directory. When following symlinks, the function
to get the parent directory does not take the symlink into account.
/bin -> /usr/bin with /usr being a mountpoint:
mount_id of /bin with A
On 19/02/15 21:26, Djalal Harouni wrote:
On Thu, Feb 19, 2015 at 05:44:34PM +0100, Djalal Harouni wrote:
On Thu, Feb 19, 2015 at 01:05:22PM +, Simon McVittie wrote:
On 19/02/15 12:43, Lukasz Skalski wrote:
r = get_creds_by_message(a, m, SD_BUS_CREDS_PID|SD_BUS_CREDS_EUID, &creds,
&error);
On Fri, 20.02.15 12:06, Peter Paule (systemd-de...@fedux.org) wrote:
> Hi,
>
> what needs to be done to update an existing docker image? Pulling it again
> "fails" with "Image '' already exists".
>
> sudo machinectl pull-dkr maxmeyer/test-server --dkr-index-url
> https://index.docker.io --veri
From: Harald Hoyer
path_is_mount_point() compares the mount_id of a directory and the
mount_id of the parent directory. When following symlinks, the function
to get the parent directory does not take the symlink into account.
/bin -> /usr/bin with /usr being a mountpoint:
mount_id of /bin with A
From: Harald Hoyer
If the fstab-generator generates a mount unit for /sysroot, we shall not
run systemd-fsck-root in the real root.
---
Makefile.am | 1 +
src/fstab-generator/fstab-generator.c | 11 +++
2 files changed, 12 insertions(+)
diff --git a/Makefile.a
Right, not in the doc. In fedora it is used in:
/usr/lib/dracut/modules.d/90crypt/parse-crypt.sh
Simply a device timeout in seconds.
On 02/20/2015 11:53 AM, Jan Synacek wrote:
> Przemyslaw Rudy writes:
>
>> Could you use the rd.luks.key.tout= instead of hardcoded
>> JobTimeoutSec=30, as the dr
El jue, 19-02-2015 a las 00:48 +0100, Michael Biebl escribió:
[...]
> Incidentally, we do have to remove the -Wl,-fuse-ld=gold line in
> Debian as well, since gold is problematic/less mature on various
> architectures.
>
>
> Couldn't we just add -Wl,-fuse-ld=gold via LDFLAGS in autogen.sh?
>
We
Hi,
what needs to be done to update an existing docker image? Pulling it
again "fails" with "Image '' already exists".
sudo machinectl pull-dkr maxmeyer/test-server --dkr-index-url
https://index.docker.io --verify=no
Enqueued transfer job 1. Press C-c to continue download in background
Przemyslaw Rudy writes:
> Could you use the rd.luks.key.tout= instead of hardcoded
> JobTimeoutSec=30, as the dracut does?
I didn't know about such parameter. In fact, I don't see it anywhere in
dracut.cmdline(5). If it really exists and just isn't documented, then
yes, it would probably make se
On Fri, 20.02.15 10:32, har...@redhat.com (har...@redhat.com) wrote:
> From: Harald Hoyer
>
> path_is_mount_point() compares the mount_id of a directory and the
> mount_id of the parent directory. When following symlinks, the function
> to get the parent directory does not take the symlink into
Hi Tom,
Thank you. Please let me know if you have any questions regarding the
implementation.
We can have another patch for the DOWN logic. It's a little bit complicated
since we don't have UP either and since during UP operation we don't know the
previous port state so that we get back to it.
B
On Fri, Feb 20, 2015 at 10:50 AM, Rauta, Alin wrote:
> Hi Tom, Lennart, Zbyszek,
> Did you have any chance to look at this patch version ?
I hope to review it this weekend. I might go ahead and implement the
DOWN logic independently if that is still an issue (saw your question,
but didn't yet loo
Could you use the rd.luks.key.tout= instead of hardcoded
JobTimeoutSec=30, as the dracut does?
On 02/20/2015 10:56 AM, Jan Synacek wrote:
> To be more consistent with how dracut parses rd.luks.key, it is now
> allowed to specified it in the format "keyfile[:keyfile_device]".
>
> Should keyfile_de
Otherwise every daemon reload prints out warnings like:
systemd[1]: Unit type .busname is not supported on this system.
systemd[1]: Unit type .swap is not supported on this system.
---
src/core/manager.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/core/manager.c b/src/
---
src/core/org.freedesktop.systemd1.policy.in.in | 6 +++---
src/login/org.freedesktop.login1.policy.in | 8
2 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/src/core/org.freedesktop.systemd1.policy.in.in
b/src/core/org.freedesktop.systemd1.policy.in.in
index cc39a9e.
To be more consistent with how dracut parses rd.luks.key, it is now
allowed to specified it in the format "keyfile[:keyfile_device]".
Should keyfile_device be provided, it needs to be in "UUID=uuid-here"
format. Also, keyfile path is then treated relatively to the root of the
keyfile device.
If n
First version of the patch that allows rd.luks.key to be specified almost the
same way as dracut can
read it.
The solution creates a temporary mount unit "mnt.mount" that the generated
cryptsetup service wants.
The partition where the keyfile is then mounted to /mnt and the absolute path
to the
Hi Tom, Lennart, Zbyszek,
Did you have any chance to look at this patch version ?
Best Regards,
Alin
-Original Message-
From: Rauta, Alin
Sent: Tuesday, February 17, 2015 12:07 PM
To: t...@jklm.no; lenn...@poettering.net; zbys...@in.waw.pl
Cc: systemd-devel@lists.freedesktop.org; Kinsella
From: Harald Hoyer
path_is_mount_point() compares the mount_id of a directory and the
mount_id of the parent directory. When following symlinks, the function
to get the parent directory does not take the symlink into account.
/bin -> /usr/bin with /usr being a mountpoint:
mount_id of /bin with A
63 matches
Mail list logo