proxmox-mirrors/systemd
1
0
Fork 0
mirror of https://git.proxmox.com/git/systemd synced 2025-10-04 18:14:10 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

New upstream version 252.11

Browse Source
This commit is contained in:
Luca Boccassi 2023-06-11 23:01:56 +01:00
parent d5dae14012
commit ecfb185f0d
335 changed files with 3479 additions and 1363 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
.github/ISSUE_TEMPLATE/bug_report.yml vendored
View File

@ -26,7 +26,7 @@ body:
id: distro
attributes:
label: Used distribution
description: Used distribution and it's version
description: Used distribution and its version
placeholder: Fedora 36
validations:
required: false

2
.github/workflows/build_test.sh vendored
View File

@ -11,7 +11,7 @@ ARGS=(
"--optimization=0"
"--optimization=s -Dgnu-efi=true -Defi-cflags=-m32 -Defi-libdir=/usr/lib32"
"--optimization=3 -Db_lto=true -Ddns-over-tls=false"
"--optimization=3 -Db_lto=false"
"--optimization=3 -Db_lto=false -Dtpm2=false -Dlibfido2=false -Dp11kit=false"
"--optimization=3 -Ddns-over-tls=openssl"
"--optimization=3 -Dfexecve=true -Dstandalone-binaries=true -Dstatic-libsystemd=true -Dstatic-libudev=true"
"-Db_ndebug=true"

2
.github/workflows/linter.yml vendored
View File

@ -29,7 +29,7 @@ jobs:
fetch-depth: 0
- name: Lint Code Base
uses: github/super-linter/slim@01d3218744765b55c3b5ffbb27e50961e50c33c5
uses: github/super-linter/slim@454ba4482ce2cd0c505bc592e83c06e1e37ade61
env:
DEFAULT_BRANCH: main
MULTI_STATUS: false

24
.github/workflows/make_release.yml vendored Normal file
View File

@ -0,0 +1,24 @@
name: Make a Github release
on:
push:
tags:
- "v*"
permissions:
contents: read
jobs:
release:
if: github.repository == 'systemd/systemd' || github.repository == 'systemd/systemd-stable'
runs-on: ubuntu-latest
permissions:
contents: write
steps:
- name: Release
uses: softprops/action-gh-release@de2c0eb89ae2a093876385947365aca7b0e5f844
with:
prerelease: ${{ contains(github.ref_name, '-rc') }}
draft: ${{ github.repository == 'systemd/systemd' }}

6
.github/workflows/mkosi.yml vendored
View File

@ -39,16 +39,10 @@ jobs:
release: testing
- distro: ubuntu
release: jammy
- distro: fedora
release: "37"
- distro: fedora
release: rawhide
- distro: opensuse
release: tumbleweed
- distro: centos_epel
release: 9-stream
- distro: centos_epel
release: 8-stream
steps:
- uses: actions/checkout@2541b1294d2704b0964813337f33b291d3f8596b

2
NEWS
View File

@ -22,7 +22,7 @@ CHANGES WITH 252 🎃:
* ConditionKernelVersion= checks that use the '=' or '!=' operators
will now do simple string comparisons (instead of version comparisons
á la stverscmp()). Version comparisons are still done for the
à la stverscmp()). Version comparisons are still done for the
ordering operators '<', '>', '<=', '>='. Moreover, if no operator is
specified, a shell-style glob match is now done. This creates a minor
incompatibility compared to older systemd versions when the '*', '?',

2
README
View File

@ -299,7 +299,7 @@ USERS AND GROUPS:
group to exist. New journal files will be readable by this group (but
not writable), which may be used to grant specific users read access. In
addition, system groups "wheel" and "adm" will be given read-only access
to journal files using systemd-tmpfiles.service.
to journal files using systemd-tmpfiles-setup.service.
The journal remote daemon requires the "systemd-journal-remote" system
user and group to exist. During execution this network facing service

2
TODO
View File

@ -573,7 +573,7 @@ Features:
what to do if support ended
* pam_systemd: on interactive logins, maybe show SUPPORT_END information at
login time, á la motd
login time, à la motd
* sd-boot: instead of unconditionally deriving the ESP to search boot loader
spec entries in from the paths of sd-boot binary, let's optionally allow it

2
docs/NETWORK_ONLINE.md
View File

@ -152,7 +152,7 @@ For details, see the next question.
## What does "up" actually mean?
The services that are ordered before `network-online.target` define it's
The services that are ordered before `network-online.target` define its
meaning. *Usually* means that all configured network devices are up and have an
IP address assigned, but details may vary. In particular, configuration may
affect which interfaces are taken into account.

2
docs/UIDS-GIDS.md
View File

@ -301,7 +301,7 @@ means they should not be provided by any networked service (as those usually
become available during late boot only), except if a local cache is kept that
makes them available during early boot too (i.e. before networking is
up). Specifically, system users need to be resolvable at least before
`systemd-udevd.service` and `systemd-tmpfiles.service` are started, as both
`systemd-udevd.service` and `systemd-tmpfiles-setup.service` are started, as both
need to resolve system users — but note that there might be more services
requiring full resolvability of system users than just these two.

2
docs/USER_RECORD.md
View File

@ -635,7 +635,7 @@ field of `struct passwd`).
`sshAuthorizedKeys` → An array of strings, each listing an SSH public key that
is authorized to access the account. The strings should follow the same format
as the lines in the traditional `~/.ssh/authorized_key` file.
as the lines in the traditional `~/.ssh/authorized_keys` file.
`pkcs11EncryptedKey` → An array of objects. Each element of the array should be
an object consisting of three string fields: `uri` shall contain a PKCS#11

7
hwdb.d/60-evdev.hwdb
View File

@ -583,6 +583,13 @@ evdev:input:b0003v17EFp60B5*
EVDEV_ABS_35=::12
EVDEV_ABS_36=::11
# Lenovo Thinkpad L14 Gen1 (AMD)
evdev:name:SynPS/2 Synaptics TouchPad:dmi:*svnLENOVO:*pvrThinkPadL14Gen1**
EVDEV_ABS_00=::44
EVDEV_ABS_01=::50
EVDEV_ABS_35=::44
EVDEV_ABS_36=::50
# Lenovo T460
evdev:name:SynPS/2 Synaptics TouchPad:dmi:*svnLENOVO*:pn*ThinkPad*T460:*
EVDEV_ABS_00=1266:5677:44

40
hwdb.d/60-keyboard.hwdb
View File

@ -398,7 +398,8 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnDell*:pnPrecision*:*
KEYBOARD_KEY_88=! # wireless switch
KEYBOARD_KEY_9e=!f21
# Dell Latitude E7*
# Dell Latitude E[67]*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnDell*:pnLatitude*E6*:*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnDell*:pnLatitude*E7*:*
KEYBOARD_KEY_88=unknown # Fn-PrtScr rfkill - handled in HW
@ -549,6 +550,14 @@ evdev:input:b0003v18D1p8001*
evdev:input:b0003v18D1p8007*
KEYBOARD_KEY_b002f=reserved # Disable micmute key
###########################################################
# Haier
###########################################################
# 7G-Series
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnHaierComputer:pn7G-Series:*
KEYBOARD_KEY_91=wlan
###########################################################
# Hewlett Packard
###########################################################
@ -624,7 +633,7 @@ evdev:atkbd:dmi:bvn*:bvr*:svnHP*:pnHPElitex21013G3:*
KEYBOARD_KEY_97=brightnessup
# HP Laptop 15s-eq0023nl
evdev:atkbd:dmi:bvn*:bvr*:svnHP*:pnHPLaptop15s-eq0*:sku9MG38EA#ABZ:*
evdev:atkbd:dmi:bvn*:bvr*:svnHP*:pnHPLaptop15s-eq0*:sku9MG38EA*ABZ:*
KEYBOARD_KEY_9d=102nd # Greater than/Less than
# Elitebook
@ -925,7 +934,7 @@ evdev:input:b0003v17EFp6009*
KEYBOARD_KEY_090010=f20 # Microphone mute button; should be micmute
# Lenovo 3000
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*3000*:*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*3000*:pvr*
KEYBOARD_KEY_8b=switchvideomode # Fn+F7 video
KEYBOARD_KEY_96=wlan # Fn+F5 wireless
KEYBOARD_KEY_97=sleep # Fn+F4 suspend
@ -937,7 +946,7 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO:pn0769AP2:pvr3000N200:*
KEYBOARD_KEY_b4=prog1
# Lenovo IdeaPad
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*IdeaPad*:*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*IdeaPad*:pvr*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pnS10-*:*
KEYBOARD_KEY_81=rfkill # does nothing in BIOS
KEYBOARD_KEY_83=display_off # BIOS toggles screen state
@ -952,7 +961,7 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*:pvrIdeaPad5*:*
KEYBOARD_KEY_81=insert
# Thinkpad X200_Tablet
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*:pvrThinkPad*X2*Tablet*:*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*:pvrThinkPad*X2*T*:rvn*
KEYBOARD_KEY_5d=menu
KEYBOARD_KEY_63=fn
KEYBOARD_KEY_66=screenlock
@ -961,7 +970,7 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*:pvrThinkPad*X2*Tablet*:*
KEYBOARD_KEY_6c=direction # rotate screen
# ThinkPad X6 Tablet
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*:pvrThinkPad*X6*Tablet*:*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*:pvrThinkPad*X6*Tablet*:rvn*
KEYBOARD_KEY_6c=direction # rotate
KEYBOARD_KEY_68=leftmeta # toolbox
KEYBOARD_KEY_6b=esc # escape
@ -985,20 +994,20 @@ evdev:name:Ideapad extra buttons:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*:*
KEYBOARD_KEY_42=f23
KEYBOARD_KEY_43=f22
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*IdeaPad*Y550*:*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*IdeaPad*Y550*:pvr*
KEYBOARD_KEY_95=media
KEYBOARD_KEY_a3=play
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*IdeaPad*U300s*:*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*IdeaPad*U300s*:pvr*
KEYBOARD_KEY_f1=f21
KEYBOARD_KEY_ce=f20 # micmute
evdev:atkbd:dmi:bvn*:bvr*:svnLENOVO*:pn*IdeaPad*Z370*:*
evdev:atkbd:dmi:bvn*:bvr*:svnLENOVO*:pn*IdeaPad*Z370*:pvr*
KEYBOARD_KEY_a0=!mute
KEYBOARD_KEY_ae=!volumedown
KEYBOARD_KEY_b0=!volumeup
evdev:atkbd:dmi:bvn*:bvr*:svnLENOVO*:pn*IdeaPadFlex5*:*
evdev:atkbd:dmi:bvn*:bvr*:svnLENOVO:*:pvrIdeaPadFlex514IIL05:*
KEYBOARD_KEY_a0=!mute
KEYBOARD_KEY_ae=!volumedown
KEYBOARD_KEY_b0=!volumeup
@ -1017,11 +1026,11 @@ evdev:atkbd:dmi:bvn*:bvr*:svnLENOVO:pn81Q7*:pvrLenovoYogaS940:*
KEYBOARD_KEY_b0=!volumeup
# Lenovo Y50-70
evdev:atkbd:dmi:bvn*:bvr*:svnLENOVO*:pn*20378*:*
evdev:atkbd:dmi:bvn*:bvr*:svnLENOVO*:pn*20378*:pvr*
KEYBOARD_KEY_f3=f21 # Fn+F6 (toggle touchpad)
# V480
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*Lenovo*V480*:*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnLENOVO*:pn*Lenovo*V480*:pvr*
KEYBOARD_KEY_f1=f21
# Lenovo ThinkCentre M800z/M820z/M920z AIO machines
@ -1398,6 +1407,7 @@ evdev:input:b0003v1532p0200*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnMICRO-STAR*:pn*:*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnMicro-Star*:pn*:*
KEYBOARD_KEY_76=f21 # Toggle touchpad, sends meta+ctrl+toggle
KEYBOARD_KEY_91=config # MSIControl Center
KEYBOARD_KEY_a0=mute # Fn+F9
KEYBOARD_KEY_ae=volumedown # Fn+F7
@ -1438,8 +1448,6 @@ evdev:atkbd:dmi:bvn*:bvr*:bd*:svnMICRO-STAR*:pnU90/U100:*
# Keymaps MSI Prestige And MSI Modern FnKeys and Special keys
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnMicro-Star*:pn*Prestige*:*
evdev:atkbd:dmi:bvn*:bvr*:bd*:svnMicro-Star*:pn*Modern*:*
KEYBOARD_KEY_f1=f20 # Fn+F5 Micmute
KEYBOARD_KEY_76=f21 # Fn+F4 Toggle touchpad, sends meta+ctrl+toggle
KEYBOARD_KEY_91=prog1 # Fn+F7 Creation Center, sometime F7
KEYBOARD_KEY_f2=prog2 # Fn+F12 Screen rotation
KEYBOARD_KEY_8d=prog3 # Fn+A Change True Color selections
@ -2041,10 +2049,14 @@ evdev:name:AT Translated Set 2 keyboard:dmi:bvn*:bvr*:bd*:svnPositivoBahia-VAIO:
###########################################################
# Positivo MASTER-N1110
evdev:name:AT Translated Set 2 keyboard:dmi:bvn*:svnPositivoTecnologiaSA:pn*:pvr*:rvnPositivoTecnologiaSA:rnNP11G-E*
# Positivo (CF40CM-V2)
evdev:name:AT Translated Set 2 keyboard:dmi:bvn*:svnPositivoTecnologiaSA:pn*:pvr*:rvnPositivoTecnologiaSA:rnCF40CM-V2*
# Positivo DUO (k116)
evdev:name:AT Translated Set 2 keyboard:dmi:bvn*:svnPositivoTecnologiaSA:pn*:pvr*:rvnPositivoTecnologiaSA:rnK116*
KEYBOARD_KEY_76=f21 # Fn+F1 toggle touchpad
# Positivo (CG15D)
evdev:name:AT Translated Set 2 keyboard:dmi:bvn*:bvr*:svnPositivoTecnologiaSA:pn*:pvr*:rvn*:rnCG15D*
# Positivo Motion (N14DP6, N14DP7, N14DP7-V2, N14DP9, N14JP6, N14KP6)
evdev:name:AT Translated Set 2 keyboard:dmi:bvn*:bvr*:svnPositivoTecnologiaSA:pn*:pvr*:rvn*:rnN14[DJK]P*
KEYBOARD_KEY_76=f21 # Fn+f2 toggle touchpad

35
hwdb.d/60-sensor.hwdb
View File

@ -171,6 +171,9 @@ sensor:modalias:acpi:SMO8500*:dmi:*svn*ASUSTeK*:*pn*TP300LAB:*
sensor:modalias:acpi:BOSC0200*:dmi:*svn*ASUSTeK*:*pn*TP412UA:*
ACCEL_MOUNT_MATRIX=0, -1, 0; 1, 0, 0; 0, 0, 1
sensor:modalias:acpi:BOSC0200*:dmi:*svn*ASUSTeK*:pn*BR1100FKA:*
ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, -1
#########################################
# Axxo
#########################################
@ -189,6 +192,15 @@ sensor:modalias:acpi:BMI0160*:dmi:*:svnAYANEO:pnAIR*:*
sensor:modalias:acpi:BMI0160*:dmi:*:svnAYANEO:pn*NEXT*:*
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
#########################################
# BMAX
#########################################
# BMAX Y13
sensor:modalias:acpi:KIOX010A:*:dmi:*:svnAMI:*:skuH2M6:*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, -1, 0; 0, 0, -1
ACCEL_LOCATION=display
#########################################
# Chuwi
#########################################
@ -627,6 +639,10 @@ sensor:modalias:acpi:KIOX000A*:dmi:bvnLENOVO:bvr1HCN4?WW:*:svnLENOVO:pn80SG:*
sensor:modalias:acpi:KIOX000A*:dmi:bvnLENOVO:bvr1HCN2?WW:*:svnLENOVO:pn80SG:*
ACCEL_MOUNT_MATRIX=0, 1, 0; 1, 0, 0; 0, 0, 1
# IdeaPad Miix 310 BIOS version bvr1HCN3?WW (variant 3)
sensor:modalias:acpi:KIOX000A*:dmi:bvnLENOVO:bvr1HCN3?WW:*:svnLENOVO:pn80SG:*
ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1
# IdeaPad Miix 320, different batches use a different sensor
sensor:modalias:acpi:*BOSC0200*:dmi:*:svnLENOVO*:pn80XF:*
sensor:modalias:acpi:SMO8840*:dmi:*:svnLENOVO:pn80XF:pvrLenovoMIIX320:*
@ -648,6 +664,10 @@ sensor:modalias:i2c:bmc150_accel:dmi:*:svnLENOVO:*:pvrLenovoYoga300-11IBR:*
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, 1, 0; 0, 0, -1
ACCEL_LOCATION=base
# Yoga Tablet 2 851F/L
sensor:modalias:acpi:ACCL0001*:dmi:*:svnLENOVO:pn60072:pvr851*:*
ACCEL_MOUNT_MATRIX=0, 1, 0; -1, 0, 0; 0, 0, 1
# IdeaPad Duet 3 10IGL5 (82AT)
sensor:modalias:acpi:SMO8B30*:dmi:*:svnLENOVO*:pn82AT:*
ACCEL_MOUNT_MATRIX=0, 1, 0; -1, 0, 0; 0, 0, 1
@ -704,12 +724,15 @@ sensor:modalias:acpi:KIOX000A*:dmi:*svnMEDION:pnE2215TMD60198:*
sensor:modalias:acpi:KIOX010A*:dmi:*:svnMEDION:pnE*:*
# Medion Akoya E3222 MD62450
sensor:modalias:acpi:KIOX010A*:dmi:*:svnMEDION:pnMEDION*:*
# and rebrands of the above
sensor:modalias:acpi:KIOX010A*:dmi:*:rvnMEDION:rnMEDION*:*
ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1
ACCEL_LOCATION=display
# Same as above, but for base sensor
sensor:modalias:acpi:KIOX020A*:dmi:*:svnMEDION:pnE*:*
sensor:modalias:acpi:KIOX020A*:dmi:*:svnMEDION:pnMEDION*:*
sensor:modalias:acpi:KIOX020A*:dmi:*:rvnMEDION:rnMEDION*:*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, -1
ACCEL_LOCATION=base
@ -805,6 +828,14 @@ sensor:modalias:acpi:BOSC0200*:dmi:bvnAmericanMegatrendsInc.:bvr5.12:bd07/17/201
sensor:modalias:acpi:BMI0160*:dmi:*:rnONEXPLAYER:rvrV01:*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, -1
#########################################
# Passion
#########################################
# Passion P612F
sensor:modalias:acpi:MXC6655*:dmi:*:svnDefaultstring*:pnP612F:*
ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1
#########################################
# Peaq
#########################################
@ -960,6 +991,10 @@ sensor:modalias:acpi:INVN6500*:dmi:*:svnTOSHIBA:pnTOSHIBAENCORE2WT8-B:*
sensor:modalias:acpi:INVN6500*:dmi:*:svnTOSHIBA:pnTOSHIBAWT10-A-103:*
ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1
# Toshiba Encore WT10A-102 tablet
sensor:modalias:acpi:INVN6500*:dmi:*:svnTOSHIBA:pnTOSHIBAWT10-A-102:*
ACCEL_MOUNT_MATRIX=0, -1, 0; -1, 0, 0; 0, 0, 1
#########################################
# Trekstor
#########################################

5
hwdb.d/70-joystick.hwdb
View File

@ -5,11 +5,6 @@
# The lookup keys are composed in:
# 70-joystick.rules
#
# Note: The format of the "joystick:" prefix match key is a
# contract between the rules file and the hardware data, it might
# change in later revisions to support more or better matches, it
# is not necessarily expected to be a stable ABI.
#
# Match string format:
# joystick:<bustype>:v<vid>p<pid>:name:<name>:
#

17
hwdb.d/70-mouse.hwdb
View File

@ -153,6 +153,15 @@ mouse:*:name:*TrackBall*:*
mouse:bluetooth:v05acp030d:name:*:*
MOUSE_DPI=1300@1000
##########################################
# Cherry
##########################################
# Cherry MW 2310
mouse:usb:v1A81p1701:name:G-Tech Wireless Dongle Mouse:*
KEYBOARD_KEY_90005=back
KEYBOARD_KEY_90004=forward
##########################################
# Chicony
##########################################
@ -388,6 +397,14 @@ mouse:usb:v046dpc08b:name:Logitech G502 HERO SE:*
mouse:usb:v046dpc08b:name:Logitech G502 HERO Gaming Mouse:*
MOUSE_DPI=1200@1000 *2400@1000 3200@1000 6400@1000
# Logitech G502 X (Wired)
mouse:usb:v046dpc098:name:Logitech, Inc. G502 X LIGHTSPEED:*
# Logitech G502 X (Wireless)
# The USB receiver is also used by other mice. See #27118.
# If you want to enable the entry, please copy below to your custom hwdb file.
#mouse:usb:v046dpc547:name:Logitech USB Receiver:*
MOUSE_DPI=1200@1000 *2400@1000 3200@1000 6400@1000
# Logitech G700 Laser Mouse (Wired)
mouse:usb:v046dpc06b:name:Logitech G700 Laser Mouse:*
# Logitech G700 Laser Mouse (Wireless)

5
hwdb.d/70-touchpad.hwdb
View File

@ -5,11 +5,6 @@
# The lookup keys are composed in:
# 70-touchpad.rules
#
# Note: The format of the "touchpad:" prefix match key is a
# contract between the rules file and the hardware data, it might
# change in later revisions to support more or better matches, it
# is not necessarily expected to be a stable ABI.
#
# Match string format:
# touchpad:<subsystem>:v<vid>p<pid>:name:<name>:
#

4
man/custom-entities.ent.in
View File

@ -15,5 +15,5 @@
<!ENTITY HIGH_RLIMIT_NOFILE "{{HIGH_RLIMIT_NOFILE}}">
<!ENTITY DEFAULT_DNSSEC_MODE "{{DEFAULT_DNSSEC_MODE_STR}}">
<!ENTITY DEFAULT_DNS_OVER_TLS_MODE "{{DEFAULT_DNS_OVER_TLS_MODE_STR}}">
<!ENTITY fedora_latest_version "36">
<!ENTITY fedora_cloud_release "1.5">
<!ENTITY fedora_latest_version "37">
<!ENTITY fedora_cloud_release "1.7">

2
man/file-hierarchy.xml
View File

@ -737,7 +737,7 @@
</row>
<row>
<entry><filename>/var/log/<replaceable>package</replaceable>/</filename></entry>
<entry>Persistent log data of the package. As above, the package should make sure to create this directory if necessary, possibly using <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> or <varname>LogsDirectory=</varname> (see <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>), as it might be missing.</entry>
<entry>Persistent log data of the package. As above, the package should make sure to create this directory if necessary, possibly using <citerefentry><refentrytitle>tmpfiles.d</refentrytitle><manvolnum>5</manvolnum></citerefentry> or <varname>LogsDirectory=</varname> (see <citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>), as it might be missing.</entry>
</row>
<row>
<entry><filename>/var/spool/<replaceable>package</replaceable>/</filename></entry>

6
man/html.in
View File

@ -14,7 +14,11 @@ target="man/$1.html"
ninja -C "@BUILD_ROOT@" "$target"
fullname="@BUILD_ROOT@/$target"
redirect="$(test -f "$fullname" && readlink "$fullname" || :)"
if [ -f "$fullname" ]; then
redirect="$(readlink "$fullname" || :)"
else
redirect=""
fi
if [ -n "$redirect" ]; then
ninja -C "@BUILD_ROOT@" "man/$redirect"

232
man/logcontrol-example.c Normal file
View File

@ -0,0 +1,232 @@
/* SPDX-License-Identifier: MIT-0 */
/* Implements the LogControl1 interface as per specification:
* https://www.freedesktop.org/software/systemd/man/org.freedesktop.LogControl1.html
*
* Compile with 'cc logcontrol-example.c $(pkg-config --libs --cflags libsystemd)'
*
* To get and set properties via busctl:
*
* $ busctl --user get-property org.freedesktop.Example \
* /org/freedesktop/LogControl1 \
* org.freedesktop.LogControl1 \
* SyslogIdentifier
* s "example"
* $ busctl --user get-property org.freedesktop.Example \
* /org/freedesktop/LogControl1 \
* org.freedesktop.LogControl1 \
* LogTarget
* s "journal"
* $ busctl --user get-property org.freedesktop.Example \
* /org/freedesktop/LogControl1 \
* org.freedesktop.LogControl1 \
* LogLevel
* s "info"
* $ busctl --user set-property org.freedesktop.Example \
* /org/freedesktop/LogControl1 \
* org.freedesktop.LogControl1 \
* LogLevel \
* "s" debug
* $ busctl --user get-property org.freedesktop.Example \
* /org/freedesktop/LogControl1 \
* org.freedesktop.LogControl1 \
* LogLevel
* s "debug"
*/
#include <errno.h>
#include <stdlib.h>
#include <stdio.h>
#include <syslog.h>
#include <systemd/sd-bus.h>
#include <systemd/sd-journal.h>
#define _cleanup_(f) __attribute__((cleanup(f)))
#define check(log_level, x) ({ \
int _r = (x); \
errno = _r < 0 ? -_r : 0; \
sd_journal_print((log_level), #x ": %m"); \
if (_r < 0) \
return EXIT_FAILURE; \
})
typedef enum LogTarget {
LOG_TARGET_JOURNAL,
LOG_TARGET_KMSG,
LOG_TARGET_SYSLOG,
LOG_TARGET_CONSOLE,
_LOG_TARGET_MAX,
} LogTarget;
static const char* const log_target_table[_LOG_TARGET_MAX] = {
[LOG_TARGET_JOURNAL] = "journal",
[LOG_TARGET_KMSG] = "kmsg",
[LOG_TARGET_SYSLOG] = "syslog",
[LOG_TARGET_CONSOLE] = "console",
};
static const char* const log_level_table[LOG_DEBUG + 1] = {
[LOG_EMERG] = "emerg",
[LOG_ALERT] = "alert",
[LOG_CRIT] = "crit",
[LOG_ERR] = "err",
[LOG_WARNING] = "warning",
[LOG_NOTICE] = "notice",
[LOG_INFO] = "info",
[LOG_DEBUG] = "debug",
};
typedef struct object {
const char *syslog_identifier;
LogTarget log_target;
int log_level;
} object;
static int property_get(
sd_bus *bus,
const char *path,
const char *interface,
const char *property,
sd_bus_message *reply,
void *userdata,
sd_bus_error *error) {
object *o = userdata;
if (strcmp(property, "LogLevel") == 0)
return sd_bus_message_append(reply, "s", log_level_table[o->log_level]);
if (strcmp(property, "LogTarget") == 0)
return sd_bus_message_append(reply, "s", log_target_table[o->log_target]);
if (strcmp(property, "SyslogIdentifier") == 0)
return sd_bus_message_append(reply, "s", o->syslog_identifier);
return sd_bus_error_setf(error,
SD_BUS_ERROR_UNKNOWN_PROPERTY,
"Unknown property '%s'",
property);
}
static int property_set(
sd_bus *bus,
const char *path,
const char *interface,
const char *property,
sd_bus_message *message,
void *userdata,
sd_bus_error *error) {
object *o = userdata;
const char *value;
int r;
r = sd_bus_message_read(message, "s", &value);
if (r < 0)
return r;
if (strcmp(property, "LogLevel") == 0) {
for (int i = 0; i < LOG_DEBUG + 1; i++)
if (strcmp(value, log_level_table[i]) == 0) {
o->log_level = i;
return 0;
}
return sd_bus_error_setf(error,
SD_BUS_ERROR_INVALID_ARGS,
"Invalid value for LogLevel: '%s'",
value);
}
if (strcmp(property, "LogTarget") == 0) {
for (LogTarget i = 0; i < _LOG_TARGET_MAX; i++)
if (strcmp(value, log_target_table[i]) == 0) {
o->log_target = i;
return 0;
}
return sd_bus_error_setf(error,
SD_BUS_ERROR_INVALID_ARGS,
"Invalid value for LogTarget: '%s'",
value);
}
return sd_bus_error_setf(error,
SD_BUS_ERROR_UNKNOWN_PROPERTY,
"Unknown property '%s'",
property);
}
/* https://www.freedesktop.org/software/systemd/man/sd_bus_add_object.html
*/
static const sd_bus_vtable vtable[] = {
SD_BUS_VTABLE_START(0),
SD_BUS_WRITABLE_PROPERTY(
"LogLevel", "s",
property_get, property_set,
0,
0),
SD_BUS_WRITABLE_PROPERTY(
"LogTarget", "s",
property_get, property_set,
0,
0),
SD_BUS_PROPERTY(
"SyslogIdentifier", "s",
property_get,
0,
SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_VTABLE_END
};
int main(int argc, char **argv) {
/* The bus should be relinquished before the program terminates. The cleanup
* attribute allows us to do it nicely and cleanly whenever we exit the
* block.
*/
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
object o = {
.log_level = LOG_INFO,
.log_target = LOG_TARGET_JOURNAL,
.syslog_identifier = "example",
};
/* Acquire a connection to the bus, letting the library work out the details.
* https://www.freedesktop.org/software/systemd/man/sd_bus_default.html
*/
check(o.log_level, sd_bus_default(&bus));
/* Publish an interface on the bus, specifying our well-known object access
* path and public interface name.
* https://www.freedesktop.org/software/systemd/man/sd_bus_add_object.html
* https://dbus.freedesktop.org/doc/dbus-tutorial.html
*/
check(o.log_level, sd_bus_add_object_vtable(bus, NULL,
"/org/freedesktop/LogControl1",
"org.freedesktop.LogControl1",
vtable,
&o));
/* By default the service is assigned an ephemeral name. Also add a fixed
* one, so that clients know whom to call.
* https://www.freedesktop.org/software/systemd/man/sd_bus_request_name.html
*/
check(o.log_level, sd_bus_request_name(bus, "org.freedesktop.Example", 0));
for (;;) {
/* https://www.freedesktop.org/software/systemd/man/sd_bus_wait.html
*/
check(o.log_level, sd_bus_wait(bus, UINT64_MAX));
/* https://www.freedesktop.org/software/systemd/man/sd_bus_process.html
*/
check(o.log_level, sd_bus_process(bus, NULL));
}
/* https://www.freedesktop.org/software/systemd/man/sd_bus_release_name.html
*/
check(o.log_level, sd_bus_release_name(bus, "org.freedesktop.Example"));
return 0;
}

4
man/networkctl.xml
View File

@ -18,7 +18,7 @@
<refnamediv>
<refname>networkctl</refname>
<refpurpose>Query the status of network links</refpurpose>
<refpurpose>Query or modify the status of network links</refpurpose>
</refnamediv>
<refsynopsisdiv>
@ -33,7 +33,7 @@
<refsect1>
<title>Description</title>
<para><command>networkctl</command> may be used to introspect the
<para><command>networkctl</command> may be used to query or modify the
state of the network links as seen by
<command>systemd-networkd</command>. Please refer to
<citerefentry><refentrytitle>systemd-networkd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>

14
man/org.freedesktop.LogControl1.xml
View File

@ -116,6 +116,20 @@ node /org/freedesktop/LogControl1 {
for details about <varname>BusName=</varname>.)</para>
</refsect1>
<refsect1>
<title>Example</title>
<example>
<title>Create a simple listener on the bus that implements LogControl1</title>
<programlisting><xi:include href="logcontrol-example.c" parse="text"/></programlisting>
<para>This creates a simple server on the bus. It implements the LogControl1 interface by providing
the required properties and allowing to set the writable ones. It logs at the configured log level using
<citerefentry><refentrytitle>sd_journal_print</refentrytitle><manvolnum>3</manvolnum></citerefentry>.</para>
</example>
</refsect1>
<refsect1>
<title>See Also</title>
<para>

11
man/org.freedesktop.systemd1.xml
View File

@ -1357,7 +1357,8 @@ node /org/freedesktop/systemd1 {
<function>DumpByFileDescriptor()</function>/<function>DumpUnitsMatchingPatternsByFileDescriptor()</function>
are usually the preferred interface, since it ensures the data can be passed reliably from the service
manager to the client. Note though that they cannot work when communicating with the service manager
remotely, as file descriptors are strictly local to a system.</para>
remotely, as file descriptors are strictly local to a system. All the <function>Dump*()</function>
methods are rate limited for unprivileged users.</para>
<para><function>Reload()</function> may be invoked to reload all unit files.</para>
@ -1721,7 +1722,9 @@ node /org/freedesktop/systemd1 {
<function>UnsetAndSetEnvironment()</function>) require
<interfacename>org.freedesktop.systemd1.set-environment</interfacename>. <function>Reload()</function>
and <function>Reexecute()</function> require
<interfacename>org.freedesktop.systemd1.reload-daemon</interfacename>.
<interfacename>org.freedesktop.systemd1.reload-daemon</interfacename>. Operations which dump internal
state require <interfacename>org.freedesktop.systemd1.bypass-dump-ratelimit</interfacename> to avoid
rate limits.
</para>
</refsect2>
</refsect1>
@ -2406,10 +2409,6 @@ node /org/freedesktop/systemd1/unit/avahi_2ddaemon_2eservice {
<varname>IgnoreOnIsolate</varname>, <varname>IgnoreOnSnapshot</varname> map directly to the
corresponding configuration booleans in the unit file.</para>
<para><varname>DefaultControlGroup</varname> contains the main control group of this unit as a
string. This refers to a group in systemd's own <literal>name=systemd</literal> hierarchy, which
systemd uses to watch and manipulate the unit and all its processes.</para>
<para><varname>NeedDaemonReload</varname> is a boolean that indicates whether the configuration file
this unit is loaded from (i.e. <varname>FragmentPath</varname> or <varname>SourcePath</varname>) has
changed since the configuration was read and hence whether a configuration reload is recommended.

51
man/print-unit-path-call-method.c Normal file
View File

@ -0,0 +1,51 @@
/* SPDX-License-Identifier: MIT-0 */
/* This is equivalent to:
* busctl call org.freedesktop.systemd1 /org/freedesktop/systemd1 \
* org.freedesktop.systemd1.Manager GetUnitByPID $$
*
* Compile with 'cc print-unit-path-call-method.c -lsystemd'
*/
#include <errno.h>
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
#include <systemd/sd-bus.h>
#define _cleanup_(f) __attribute__((cleanup(f)))
#define DESTINATION "org.freedesktop.systemd1"
#define PATH "/org/freedesktop/systemd1"
#define INTERFACE "org.freedesktop.systemd1.Manager"
#define MEMBER "GetUnitByPID"
static int log_error(int error, const char *message) {
errno = -error;
fprintf(stderr, "%s: %m\n", message);
return error;
}
int main(int argc, char **argv) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
int r;
r = sd_bus_open_system(&bus);
if (r < 0)
return log_error(r, "Failed to acquire bus");
r = sd_bus_call_method(bus, DESTINATION, PATH, INTERFACE, MEMBER, &error, &reply, "u", (unsigned) getpid());
if (r < 0)
return log_error(r, MEMBER " call failed");
const char *ans;
r = sd_bus_message_read(reply, "o", &ans);
if (r < 0)
return log_error(r, "Failed to read reply");
printf("Unit path is \"%s\".\n", ans);
return 0;
}

41
man/print-unit-path.c
View File

@ -1,20 +1,20 @@
/* SPDX-License-Identifier: MIT-0 */
#include <errno.h>
#include <stdio.h>
#include <unistd.h>
#include <sys/types.h>
#include <systemd/sd-bus.h>
#define _cleanup_(f) __attribute__((cleanup(f)))
/* This is equivalent to:
* busctl call org.freedesktop.systemd1 /org/freedesktop/systemd1 \
* org.freedesktop.systemd1.Manager GetUnitByPID $$
*
* Compile with 'cc -lsystemd print-unit-path.c'
* Compile with 'cc print-unit-path.c -lsystemd'
*/
#include <errno.h>
#include <stdio.h>
#include <sys/types.h>
#include <unistd.h>
#include <systemd/sd-bus.h>
#define _cleanup_(f) __attribute__((cleanup(f)))
#define DESTINATION "org.freedesktop.systemd1"
#define PATH "/org/freedesktop/systemd1"
#define INTERFACE "org.freedesktop.systemd1.Manager"
@ -26,12 +26,16 @@ static int log_error(int error, const char *message) {
return error;
}
static int print_unit_path(sd_bus *bus) {
_cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL;
int main(int argc, char **argv) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
_cleanup_(sd_bus_error_free) sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL;
_cleanup_(sd_bus_message_unrefp) sd_bus_message *reply = NULL, *m = NULL;
int r;
r = sd_bus_open_system(&bus);
if (r < 0)
return log_error(r, "Failed to acquire bus");
r = sd_bus_message_new_method_call(bus, &m,
DESTINATION, PATH, INTERFACE, MEMBER);
if (r < 0)
@ -43,7 +47,7 @@ static int print_unit_path(sd_bus *bus) {
r = sd_bus_call(bus, m, -1, &error, &reply);
if (r < 0)
return log_error(r, "Call failed");
return log_error(r, MEMBER " call failed");
const char *ans;
r = sd_bus_message_read(reply, "o", &ans);
@ -54,14 +58,3 @@ static int print_unit_path(sd_bus *bus) {
return 0;
}
int main(int argc, char **argv) {
_cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL;
int r;
r = sd_bus_open_system(&bus);
if (r < 0)
return log_error(r, "Failed to acquire bus");
print_unit_path(bus);
}

24
man/resolved.conf.xml
View File

@ -75,7 +75,7 @@
<varlistentry>
<term><varname>Domains=</varname></term>
<listitem><para>A space-separated list of domains optionally prefixed with <literal>~</literal>,
<listitem><para>A space-separated list of domains, optionally prefixed with <literal>~</literal>,
used for two distinct purposes described below. Defaults to the empty list.</para>
<para>Any domains <emphasis>not</emphasis> prefixed with <literal>~</literal> are used as search
@ -86,17 +86,23 @@
<filename>/etc/resolv.conf</filename> with the <varname>search</varname> keyword are used instead, if
that file exists and any domains are configured in it.</para>
<para>The domains prefixed with <literal>~</literal> are called "routing domains". All domains listed
here (both search domains and routing domains after removing the <literal>~</literal> prefix) define
a search path that preferably directs DNS queries to this interface. This search path has an effect
only when suitable per-link DNS servers are known. Such servers may be defined through the
<varname>DNS=</varname> setting (see above) and dynamically at run time, for example from DHCP
leases. If no per-link DNS servers are known, routing domains have no effect.</para>
<para>The domains prefixed with <literal>~</literal> are called "route-only domains". All domains
listed here (<emphasis>both search domains and route-only domains</emphasis> after removing the
<literal>~</literal> prefix) define a search path that preferably directs DNS queries to this
interface. This search path has an effect only when suitable per-link DNS servers are known. Such
servers may be defined through the <varname>DNS=</varname> setting (see above) and dynamically at run
time, for example from DHCP leases. If no per-link DNS servers are known, route-only domains have no
effect.</para>
<para>Use the construct <literal>~.</literal> (which is composed from <literal>~</literal> to
indicate a routing domain and <literal>.</literal> to indicate the DNS root domain that is the
indicate a route-only domain and <literal>.</literal> to indicate the DNS root domain that is the
implied suffix of all DNS domains) to use the DNS servers defined for this link preferably for all
domains.</para></listitem>
domains.</para>
<para>See "Protocols and Routing" in
<citerefentry><refentrytitle>systemd-resolved.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
for details of how search and route-only domains are used.</para>
</listitem>
</varlistentry>
<varlistentry>

3
man/rules/meson.build
View File

@ -890,7 +890,7 @@ manpages = [
['systemd-firstboot', '1', ['systemd-firstboot.service'], 'ENABLE_FIRSTBOOT'],
['systemd-fsck@.service',
'8',
['systemd-fsck', 'systemd-fsck-root.service'],
['systemd-fsck', 'systemd-fsck-root.service', 'systemd-fsck-usr.service'],
''],
['systemd-fstab-generator', '8', [], ''],
['systemd-getty-generator', '8', [], ''],
@ -952,6 +952,7 @@ manpages = [
['systemd-makefs@.service',
'8',
['systemd-growfs',
'systemd-growfs-root.service',
'systemd-growfs@.service',
'systemd-makefs',
'systemd-mkswap@.service'],

13
man/sd_bus_call_method.xml
View File

@ -126,6 +126,19 @@
<xi:include href="libsystemd-pkgconfig.xml" />
<refsect1>
<title>Examples</title>
<example>
<title>Make a call to a D-Bus method that takes a single parameter</title>
<programlisting><xi:include href="print-unit-path-call-method.c" parse="text" /></programlisting>
<para>This defines a minimally useful program that will open a connection to the bus, call a method,
wait for the reply, and finally extract and print the answer. It does error handling and proper
memory management.</para>
</example>
</refsect1>
<refsect1>
<title>See Also</title>

15
man/sd_bus_default.xml
View File

@ -110,13 +110,14 @@
<title>Description</title>
<para><function>sd_bus_default()</function> acquires a bus
connection object to the user bus when invoked in user context, or
to the system bus otherwise. The connection object is associated
with the calling thread. Each time the function is invoked from
the same thread, the same object is returned, but its reference
count is increased by one, as long as at least one reference is
kept. When the last reference to the connection is dropped (using
the
connection object to the user bus when invoked from within a user
slice (any session under <literal>user-*.slice</literal>, e.g.:
<literal>user@1000.service</literal>), or to the system bus
otherwise. The connection object is associated with the calling
thread. Each time the function is invoked from the same thread,
the same object is returned, but its reference count is increased
by one, as long as at least one reference is kept. When the last
reference to the connection is dropped (using the
<citerefentry><refentrytitle>sd_bus_unref</refentrytitle><manvolnum>3</manvolnum></citerefentry>
call), the connection is terminated. Note that the connection is
not automatically terminated when the associated thread ends. It

2
man/systemctl.xml
View File

@ -1136,7 +1136,7 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
</listitem>
</varlistentry>
<varlistentry>
<term><command>cancel <replaceable>JOB</replaceable></command></term>
<term><command>cancel <optional><replaceable>JOB</replaceable></optional></command></term>
<listitem>
<para>Cancel one or more jobs specified on the command line

2
man/systemd-analyze.xml
View File

@ -260,7 +260,7 @@ multi-user.target @47.820s
<para>Without any parameter, this command outputs a (usually very long) human-readable serialization of
the complete service manager state. Optional glob pattern may be specified, causing the output to be
limited to units whose names match one of the patterns. The output format is subject to change without
notice and should not be parsed by applications.</para>
notice and should not be parsed by applications. This command is rate limited for unprivileged users.</para>
<example>
<title>Show the internal state of user manager</title>

4
man/systemd-bless-boot.service.xml
View File

@ -24,7 +24,7 @@
<refsynopsisdiv>
<para><filename>systemd-bless-boot.service</filename></para>
<para><filename>/usr/lib/systemd/system-bless-boot</filename></para>
<para><filename>/usr/lib/systemd/systemd-bless-boot</filename></para>
</refsynopsisdiv>
<refsect1>
@ -50,7 +50,7 @@
<refsect1>
<title>Options</title>
<para>The <filename>/usr/lib/systemd/system-bless-boot</filename> executable may also be invoked from the
<para>The <filename>/usr/lib/systemd/systemd-bless-boot</filename> executable may also be invoked from the
command line, taking one of the following command arguments:</para>
<variablelist>

6
man/systemd-coredump.xml
View File

@ -60,6 +60,9 @@
files. Some metadata is attached to core files in the form of extended attributes, so the core files are
useful for some purposes even without the full metadata available in the journal entry.</para>
<para>For further details see <ulink url="https://systemd.io/COREDUMP">systemd Coredump
Handling</ulink>.</para>
<refsect2>
<title>Invocation of <command>systemd-coredump</command></title>
@ -430,7 +433,8 @@ user.coredump.exe="/usr/lib64/firefox/firefox"
<citerefentry><refentrytitle>systemd-tmpfiles</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>core</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>sysctl.d</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-sysctl.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
<citerefentry><refentrytitle>systemd-sysctl.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<ulink url="https://systemd.io/COREDUMP">systemd Coredump Handling</ulink>
</para>
</refsect1>
</refentry>

2
man/systemd-dissect.xml
View File

@ -140,7 +140,7 @@
a directory where an OS image was mounted.</para>
<para>All mounted partitions will be recursively unmounted, and the underlying loop device will be
removed, along with all it's partition sub-devices.</para></listitem>
removed, along with all its partition sub-devices.</para></listitem>
</varlistentry>
<varlistentry>

26
man/systemd-fsck@.service.xml
View File

@ -18,6 +18,7 @@
<refnamediv>
<refname>systemd-fsck@.service</refname>
<refname>systemd-fsck-root.service</refname>
<refname>systemd-fsck-usr.service</refname>
<refname>systemd-fsck</refname>
<refpurpose>File system checker logic</refpurpose>
</refnamediv>
@ -25,18 +26,20 @@
<refsynopsisdiv>
<para><filename>systemd-fsck@.service</filename></para>
<para><filename>systemd-fsck-root.service</filename></para>
<para><filename>systemd-fsck-usr.service</filename></para>
<para><filename>/usr/lib/systemd/systemd-fsck</filename></para>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para><filename>systemd-fsck@.service</filename> and <filename>systemd-fsck-root.service</filename> are
services responsible for file system checks. They are instantiated for each device that is configured for
file system checking. <filename>systemd-fsck-root.service</filename> is responsible for file system
checks on the root file system, but only if the root filesystem was not checked in the initrd.
<filename>systemd-fsck@.service</filename> is used for all other file systems and for the root file
system in the initrd.</para>
<para><filename>systemd-fsck@.service</filename>, <filename>systemd-fsck-root.service</filename>, and
<filename>systemd-fsck-usr.service</filename> are services responsible for file system checks. They are
instantiated for each device that is configured for file system checking.
<filename>systemd-fsck-root.service</filename> and <filename>systemd-fsck-usr.service</filename> are
responsible for file system checks on the root and /usr file system, respectively, but only if the root
filesystem was not checked in the initrd. <filename>systemd-fsck@.service</filename> is used for all
other file systems and for the root file system in the initrd.</para>
<para>These services are started at boot if
<option>passno</option> in <filename>/etc/fstab</filename> for the
@ -48,18 +51,17 @@
<para><filename>systemd-fsck</filename> does not know any details
about specific filesystems, and simply executes file system
checkers specific to each filesystem type
(<filename>/sbin/fsck.<replaceable>type</replaceable></filename>). These checkers will decide if
(<filename>fsck.<replaceable>type</replaceable></filename>). These checkers will decide if
the filesystem should actually be checked based on the time since
last check, number of mounts, unclean unmount, etc.</para>
<para><filename>systemd-fsck-root.service</filename> will activate
<filename>reboot.target</filename> if <filename>/sbin/fsck</filename>
returns the "System should reboot" condition, or
<filename>emergency.target</filename> if <filename>/sbin/fsck</filename>
<para><filename>systemd-fsck-root.service</filename> and <filename>systemd-fsck-usr.service</filename>
will activate <filename>reboot.target</filename> if <filename>fsck</filename> returns the "System
should reboot" condition, or <filename>emergency.target</filename> if <filename>fsck</filename>
returns the "Filesystem errors left uncorrected" condition.</para>
<para><filename>systemd-fsck@.service</filename> will fail if
<filename>/sbin/fsck</filename> returns with either "System should reboot"
<filename>fsck</filename> returns with either "System should reboot"
or "Filesystem errors left uncorrected" conditions. For filesystems
listed in <filename>/etc/fstab</filename> without <literal>nofail</literal>
or <literal>noauto</literal> options, <literal>local-fs.target</literal>

2
man/systemd-journal-remote.service.xml
View File

@ -227,6 +227,7 @@
<variablelist>
<varlistentry>
<term><option>-o <replaceable>FILE</replaceable></option></term>
<term><option>--output=<replaceable>FILE</replaceable></option></term>
<listitem><para>Will write to this journal file. The filename
@ -238,6 +239,7 @@
</varlistentry>
<varlistentry>
<term><option>-o <replaceable>DIR</replaceable></option></term>
<term><option>--output=<replaceable>DIR</replaceable></option></term>
<listitem><para>Will create journal files underneath directory

7
man/systemd-makefs@.service.xml
View File

@ -19,6 +19,7 @@
<refname>systemd-makefs@.service</refname>
<refname>systemd-mkswap@.service</refname>
<refname>systemd-growfs@.service</refname>
<refname>systemd-growfs-root.service</refname>
<refname>systemd-makefs</refname>
<refname>systemd-growfs</refname>
<refpurpose>Creating and growing file systems on demand</refpurpose>
@ -28,6 +29,7 @@
<para><filename>systemd-makefs@<replaceable>device</replaceable>.service</filename></para>
<para><filename>systemd-mkswap@<replaceable>device</replaceable>.service</filename></para>
<para><filename>systemd-growfs@<replaceable>mountpoint</replaceable>.service</filename></para>
<para><filename>systemd-growfs-root.service</filename></para>
<para><filename>/usr/lib/systemd/systemd-makefs</filename></para>
<para><filename>/usr/lib/systemd/systemd-growfs</filename></para>
</refsynopsisdiv>
@ -36,8 +38,9 @@
<title>Description</title>
<para><filename>systemd-makefs@.service</filename>,
<filename>systemd-mkswap@.service</filename>, and
<filename>systemd-growfs@.service</filename> are used to implement the
<filename>systemd-mkswap@.service</filename>,
<filename>systemd-growfs@.service</filename>, and
<filename>systemd-growfs-root.service</filename> are used to implement the
<option>x-systemd.makefs</option> and <option>x-systemd.growfs</option> options
in <citerefentry project='man-pages'><refentrytitle>fstab</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
see <citerefentry><refentrytitle>systemd.mount</refentrytitle><manvolnum>5</manvolnum></citerefentry>.

2
man/systemd-measure.xml
View File

@ -277,7 +277,7 @@
<citerefentry project='man-pages'><refentrytitle>objcopy</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-creds</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-cryptsetup@.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-pcrphase.service</refentrytitle><manvolnum>1</manvolnum></citerefentry>
<citerefentry><refentrytitle>systemd-pcrphase.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
</para>
</refsect1>

2
man/systemd-mount.xml
View File

@ -227,7 +227,7 @@
<listitem><para>This option only has an effect in automount mode,
and controls whether the automount unit shall be bound to the backing device's lifetime. If set, the
automount point will be removed automatically when the backing device vanishes. By default the automount point
automount unit will be stopped automatically when the backing device vanishes. By default the automount unit
stays around, and subsequent accesses will block until backing device is replugged. This option has no effect
in case of non-device mounts, such as network or virtual file system mounts.</para>

2
man/systemd-network-generator.service.xml
View File

@ -95,7 +95,7 @@
</variablelist>
<para>See
<citerefentry project='man-pages'><refentrytitle>dracut.kernel</refentrytitle><manvolnum>7</manvolnum></citerefentry>
<citerefentry project='man-pages'><refentrytitle>dracut.cmdline</refentrytitle><manvolnum>7</manvolnum></citerefentry>
and
<citerefentry><refentrytitle>systemd-udevd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
for option syntax and details.</para>

2
man/systemd-nspawn.xml
View File

@ -1657,7 +1657,7 @@ After=sys-subsystem-net-devices-ens1.device</programlisting>
<programlisting># dnf -y --releasever=&fedora_latest_version; --installroot=/var/lib/machines/f&fedora_latest_version; \
--repo=fedora --repo=updates --setopt=install_weak_deps=False install \
passwd dnf fedora-release vim-minimal systemd systemd-networkd
passwd dnf fedora-release vim-minimal util-linux systemd systemd-networkd
# systemd-nspawn -bD /var/lib/machines/f&fedora_latest_version;</programlisting>
<para>This installs a minimal Fedora distribution into the

2
man/systemd-random-seed.service.xml
View File

@ -23,7 +23,7 @@
<refsynopsisdiv>
<para><filename>systemd-random-seed.service</filename></para>
<para><filename>/usr/lib/systemd/random-seed</filename></para>
<para><filename>/usr/lib/systemd/systemd-random-seed</filename></para>
</refsynopsisdiv>
<refsect1>

55
man/systemd-sleep.conf.xml
View File

@ -138,21 +138,24 @@
<term><varname>HibernateMode=</varname></term>
<term><varname>HybridSleepMode=</varname></term>
<listitem><para>The string to be written to
<filename>/sys/power/disk</filename> by,
respectively,
<listitem><para>The string to be written to <filename>/sys/power/disk</filename> by, respectively,
<citerefentry><refentrytitle>systemd-suspend.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-hibernate.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>, or
<citerefentry><refentrytitle>systemd-hibernate.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
or
<citerefentry><refentrytitle>systemd-hybrid-sleep.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
More than one value can be specified by separating
multiple values with whitespace. They will be tried
in turn, until one is written without error. If
neither succeeds, the operation will be aborted.
</para>
More than one value can be specified by separating multiple values with whitespace. They will be
tried in turn, until one is written without error. If none of the writes succeed, the operation will
be aborted.</para>
<para><citerefentry><refentrytitle>systemd-suspend-then-hibernate.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
uses the value of <varname>SuspendMode=</varname> when suspending and the value of <varname>HibernateMode=</varname> when hibernating.
</para></listitem>
<para>The allowed set of values is determined by the kernel and is shown in the file itself (use
<command>cat /sys/power/disk</command> to display). See <ulink
url="https://www.kernel.org/doc/html/latest/admin-guide/pm/sleep-states.html#basic-sysfs-interfaces-for-system-suspend-and-hibernation">the
kernel documentation</ulink> for more details.</para>
<para>
<citerefentry><refentrytitle>systemd-suspend-then-hibernate.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
uses the value of <varname>SuspendMode=</varname> when suspending and the value of
<varname>HibernateMode=</varname> when hibernating.</para></listitem>
</varlistentry>
<varlistentry>
@ -160,21 +163,25 @@
<term><varname>HibernateState=</varname></term>
<term><varname>HybridSleepState=</varname></term>
<listitem><para>The string to be written to
<filename>/sys/power/state</filename> by,
respectively,
<listitem><para>The string to be written to <filename>/sys/power/state</filename> by, respectively,
<citerefentry><refentrytitle>systemd-suspend.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-hibernate.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>, or
<citerefentry><refentrytitle>systemd-hibernate.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
or
<citerefentry><refentrytitle>systemd-hybrid-sleep.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
More than one value can be specified by separating
multiple values with whitespace. They will be tried
in turn, until one is written without error. If
neither succeeds, the operation will be aborted.
More than one value can be specified by separating multiple values with whitespace. They will be
tried in turn, until one is written without error. If none of the writes succeed, the operation will
be aborted.
</para>
<para><citerefentry><refentrytitle>systemd-suspend-then-hibernate.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
uses the value of <varname>SuspendState=</varname> when suspending and the value of <varname>HibernateState=</varname> when hibernating.
</para></listitem>
<para>The allowed set of values is determined by the kernel and is shown in the file itself (use
<command>cat /sys/power/state</command> to display). See <ulink
url="https://www.kernel.org/doc/html/latest/admin-guide/pm/sleep-states.html#basic-sysfs-interfaces-for-system-suspend-and-hibernation">the
kernel documentation</ulink> for more details.</para>
<para>
<citerefentry><refentrytitle>systemd-suspend-then-hibernate.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
uses the value of <varname>SuspendState=</varname> when suspending and the value of
<varname>HibernateState=</varname> when hibernating.</para></listitem>
</varlistentry>
<varlistentry>
@ -197,7 +204,7 @@
capacity level and estimate battery discharging rate, which is used for estimating timespan until the system battery charge
level goes down to 5%. Only used by
<citerefentry><refentrytitle>systemd-suspend-then-hibernate.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.
Defaults to 2h.</para></listitem>
Defaults to 1h.</para></listitem>
</varlistentry>
</variablelist>
</refsect1>

10
man/systemd-system.conf.xml
View File

@ -448,11 +448,11 @@
<varname>IPAccounting=</varname>. See
<citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details on the per-unit settings. <varname>DefaultTasksAccounting=</varname> defaults to yes,
<varname>DefaultMemoryAccounting=</varname> to
&MEMORY_ACCOUNTING_DEFAULT;. <varname>DefaultCPUAccounting=</varname> defaults to yes if enabling CPU
accounting doesn't require the CPU controller to be enabled (Linux 4.15+ using the unified hierarchy
for resource control), otherwise it defaults to no. The other three settings default to
no.</para></listitem>
<varname>DefaultMemoryAccounting=</varname> to &MEMORY_ACCOUNTING_DEFAULT;.
<varname>DefaultCPUAccounting=</varname> defaults to yes, but really has no effect if enabling CPU
accounting doesn't require the <option>cpu</option> controller to be enabled (Linux 4.15+ using the
unified hierarchy for resource control), otherwise it defaults to no. The other three settings
default to no.</para></listitem>
</varlistentry>
<varlistentry>

6
man/systemd-tmpfiles.xml
View File

@ -142,8 +142,10 @@
<varlistentry>
<term><option>--boot</option></term>
<listitem><para>Also execute lines with an exclamation mark.
</para></listitem>
<listitem><para>Also execute lines with an exclamation mark. Lines that are not safe to be executed
on a running system may be marked in this way. <command>systemd-tmpfiles</command> is executed in
early boot with <option>--boot</option> specified and will execute those lines. When invoked again
later, it should be called without <option>--boot</option>.</para></listitem>
</varlistentry>
<varlistentry>

2
man/systemd-userdbd.service.xml
View File

@ -57,7 +57,7 @@
records as acquired with APIs such as <citerefentry
project='man-pages'><refentrytitle>getpwnam</refentrytitle><manvolnum>1</manvolnum></citerefentry> to
JSON user/group records, thus hiding the differences between the services as much as
possible. <constant>io.systemd.Dropin</constant> makes JSON user/group records from the aforementioned
possible. <constant>io.systemd.DropIn</constant> makes JSON user/group records from the aforementioned
drop-in directories available.</para>
</refsect1>

21
man/systemd.exec.xml
View File

@ -1788,17 +1788,22 @@ BindReadOnlyPaths=/var/lib/systemd</programlisting>
<varlistentry>
<term><varname>ProtectClock=</varname></term>
<listitem><para>Takes a boolean argument. If set, writes to the hardware clock or system clock will be denied.
It is recommended to turn this on for most services that do not need modify the clock. Defaults to off. Enabling
this option removes <constant>CAP_SYS_TIME</constant> and <constant>CAP_WAKE_ALARM</constant> from the
capability bounding set for this unit, installs a system call filter to block calls that can set the
clock, and <varname>DeviceAllow=char-rtc r</varname> is implied. This ensures <filename>/dev/rtc0</filename>,
<filename>/dev/rtc1</filename>, etc. are made read-only to the service. See
<listitem><para>Takes a boolean argument. If set, writes to the hardware clock or system clock will
be denied. Defaults to off. Enabling this option removes <constant>CAP_SYS_TIME</constant> and
<constant>CAP_WAKE_ALARM</constant> from the capability bounding set for this unit, installs a system
call filter to block calls that can set the clock, and <varname>DeviceAllow=char-rtc r</varname> is
implied. Note that the system calls are blocked altogether, the filter does not take into account
that some of the calls can be used to read the clock state with some parameter combinations.
Effectively, <filename>/dev/rtc0</filename>, <filename>/dev/rtc1</filename>, etc. are made read-only
to the service. See
<citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for the details about <varname>DeviceAllow=</varname>. If this setting is on, but the unit
doesn't have the <constant>CAP_SYS_ADMIN</constant> capability (e.g. services for which
for the details about <varname>DeviceAllow=</varname>. If this setting is on, but the unit doesn't
have the <constant>CAP_SYS_ADMIN</constant> capability (e.g. services for which
<varname>User=</varname> is set), <varname>NoNewPrivileges=yes</varname> is implied.</para>
<para>It is recommended to turn this on for most services that do not need modify the clock or check
its state.</para>
<xi:include href="system-or-user-ns.xml" xpointer="singular"/></listitem>
</varlistentry>

10
man/systemd.generator.xml
View File

@ -103,16 +103,16 @@
<listitem>
<para><parameter>normal-dir</parameter></para>
<para>In normal use this is <filename>/run/systemd/generator</filename> in case of the system
generators and <filename>$XDG_RUNTIME_DIR/generator</filename> in case of the user generators. Unit
files placed in this directory take precedence over vendor unit configuration but not over native
user/administrator unit configuration.
generators and <filename>$XDG_RUNTIME_DIR/systemd/generator</filename> in case of the user
generators. Unit files placed in this directory take precedence over vendor unit configuration but
not over native user/administrator unit configuration.
</para>
</listitem>
<listitem>
<para><parameter>early-dir</parameter></para>
<para>In normal use this is <filename>/run/systemd/generator.early</filename> in case of the system
generators and <filename>$XDG_RUNTIME_DIR/generator.early</filename> in case of the user
generators and <filename>$XDG_RUNTIME_DIR/systemd/generator.early</filename> in case of the user
generators. Unit files placed in this directory override unit files in <filename>/usr/</filename>,
<filename>/run/</filename> and <filename>/etc/</filename>. This means that unit files placed in this
directory take precedence over all normal configuration, both vendor and user/administrator.</para>
@ -121,7 +121,7 @@
<listitem>
<para><parameter>late-dir</parameter></para>
<para>In normal use this is <filename>/run/systemd/generator.late</filename> in case of the system
generators and <filename>$XDG_RUNTIME_DIR/generator.late</filename> in case of the user
generators and <filename>$XDG_RUNTIME_DIR/systemd/generator.late</filename> in case of the user
generators. This directory may be used to extend the unit file tree without overriding any other unit
files. Any native configuration files supplied by the vendor or user/administrator take
precedence.</para>

4
man/systemd.netdev.xml
View File

@ -1711,7 +1711,9 @@
<term><varname>Endpoint=</varname></term>
<listitem>
<para>Sets an endpoint IP address or hostname, followed by a colon, and then
a port number. This endpoint will be updated automatically once to
a port number. IPv6 address must be in the square brackets. For example,
<literal>111.222.333.444:51820</literal> for IPv4 and <literal>[1111:2222::3333]:51820</literal>
for IPv6 address. This endpoint will be updated automatically once to
the most recent source IP address and port of correctly
authenticated packets from the peer at configuration time.</para>
</listitem>

222
man/systemd.resource-control.xml
View File

@ -59,10 +59,78 @@
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
Those options complement options listed here.</para>
<para>See the <ulink
url="https://www.freedesktop.org/wiki/Software/systemd/ControlGroupInterface">New
Control Group Interfaces</ulink> for an introduction on how to make
use of resource control APIs from programs.</para>
<refsect2>
<title>Enabling and disabling controllers</title>
<para>Controllers in the cgroup hierarchy are hierarchical, and resource control is realized by
distributing resource assignments between siblings in branches of the cgroup hierarchy. There is no
need to explicitly <emphasis>enable</emphasis> a cgroup controller for a unit.
<command>systemd</command> will instruct the kernel to enable a controller for a given unit when this
unit has configuration for a given controller. For example, when <varname>CPUWeight=</varname> is set,
the <option>cpu</option> controller will be enabled, and when <varname>TasksMax=</varname> are set, the
<option>pids</option> controller will be enabled. In addition, various controllers may be also be
enabled explicitly via the
<varname>MemoryAccounting=</varname>/<varname>TasksAccounting=</varname>/<varname>IOAccounting=</varname>
settings. Because of how the cgroup hierarchy works, controllers will be automatically enabled for all
parent units and for any sibling units starting with the lowest level at which a controller is enabled.
Units for which a controller is enabled may be subject to resource control even if they don't have any
explicit configuration.</para>
<para>Setting <varname>Delegate=</varname> enables any delegated controllers for that unit (see below).
The delegatee may then enable controllers for its children as appropriate. In particular, if the
delegatee is <command>systemd</command> (in the <filename>user@.service</filename> unit), it will
repeat the same logic as the system instance and enable controllers for user units which have resource
limits configured, and their siblings and parents and parents' siblings.</para>
<para>Controllers may be <emphasis>disabled</emphasis> for parts of the cgroup hierarchy with
<varname>DisableControllers=</varname> (see below).</para>
<example>
<title>Enabling and disabling controllers</title>
<programlisting>
-.slice
/ \
/-----/ \--------------\
/ \
system.slice user.slice
/ \ / \
/ \ / \
/ \ user@42.service user@1000.service
/ \ Delegate= Delegate=yes
a.service b.slice / \
CPUWeight=20 DisableControllers=cpu / \
/ \ app.slice session.slice
/ \ CPUWeight=100 CPUWeight=100
/ \
b1.service b2.service
CPUWeight=1000
</programlisting>
<para>In this hierarchy, the <option>cpu</option> controller is enabled for all units shown except
<filename>b1.service</filename> and <filename>b2.service</filename>. Because there is no explicit
configuration for <filename>system.slice</filename> and <filename>user.slice</filename>, CPU
resources will be split equally between them. Similarly, resources are allocated equally between
children of <filename>user.slice</filename> and between the child slices beneath
<filename>user@1000.service</filename>. Assuming that there is no futher configuration of resources
or delegation below slices <filename>app.slice</filename> or <filename>session.slice</filename>, the
<option>cpu</option> controller would not be enabled for units in those slices and CPU resources
would be further allocated using other mechanisms, e.g. based on nice levels. The manager for user
42 has delegation enabled without any controllers, i.e. it can manipulate its subtree of the cgroup
hierarchy, but without resource control.</para>
<para>In the slice <filename>system.slice</filename>, CPU resources are split 1:6 for service
<filename>a.service</filename>, and 5:6 for slice <filename>b.slice</filename>, because slice
<filename>b.slice</filename> gets the default value of 100 for <filename>cpu.weight</filename> when
<varname>CPUWeight=</varname> is not set.</para>
<para><varname>CPUWeight=</varname> setting in service <filename>b2.service</filename> is neutralized
by <varname>DisableControllers=</varname> in slice <filename>b.slice</filename>, so the
<option>cpu</option> controller would not be enabled for services <filename>b1.service</filename> and
<filename>b2.service</filename>, and CPU resources would be further allocated using other mechanisms,
e.g. based on nice levels.</para>
</example>
</refsect2>
<refsect2>
<title>Setting resource controls for a group of related units</title>
@ -82,6 +150,11 @@
<filename index="false">/etc/systemd/system/user-.slice.d/*.conf</filename>. This last directory
applies to all user slices.</para>
</refsect2>
<para>See the <ulink
url="https://www.freedesktop.org/wiki/Software/systemd/ControlGroupInterface">New
Control Group Interfaces</ulink> for an introduction on how to make
use of resource control APIs from programs.</para>
</refsect1>
<refsect1>
@ -118,6 +191,9 @@
setting may be controlled with
<varname>DefaultCPUAccounting=</varname> in
<citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
<para>Under the unified cgroup hierarchy, CPU accounting is available for all units and this
setting has no effect.</para>
</listitem>
</varlistentry>
@ -126,17 +202,20 @@
<term><varname>StartupCPUWeight=<replaceable>weight</replaceable></varname></term>
<listitem>
<para>These settings control the <option>cpu</option> controller in the unified hierarchy.</para>
<para>These options accept an integer value or a the special string "idle":</para>
<itemizedlist>
<listitem>
<para>If set to an integer value, assign the specified CPU time weight to the processes executed,
if the unified control group hierarchy is used on the system. These options control the
<literal>cpu.weight</literal> control group attribute. The allowed range is 1 to 10000. Defaults to
100. For details about this control group attribute, see <ulink
url="https://docs.kernel.org/admin-guide/cgroup-v2.html">Control Groups v2</ulink>
and <ulink url="https://docs.kernel.org/scheduler/sched-design-CFS.html">CFS
Scheduler</ulink>. The available CPU time is split up among all units within one slice relative to
their CPU time weight. A higher weight means more CPU time, a lower weight means less.</para>
<para>If set to an integer value, assign the specified CPU time weight to the processes
executed, if the unified control group hierarchy is used on the system. These options control
the <literal>cpu.weight</literal> control group attribute. The allowed range is 1 to 10000.
Defaults to unset, but the kernel default is 100. For details about this control group
attribute, see <ulink url="https://docs.kernel.org/admin-guide/cgroup-v2.html">Control Groups
v2</ulink> and <ulink url="https://docs.kernel.org/scheduler/sched-design-CFS.html">CFS
Scheduler</ulink>. The available CPU time is split up among all units within one slice
relative to their CPU time weight. A higher weight means more CPU time, a lower weight means
less.</para>
</listitem>
<listitem>
<para>If set to the special string "idle", mark the cgroup for "idle scheduling", which means
@ -151,6 +230,13 @@
<varname>CPUWeight=</varname> applies to normal runtime of the system, and if the former is not set also to
the startup and shutdown phases. Using <varname>StartupCPUWeight=</varname> allows prioritizing specific services at
boot-up and shutdown differently than during normal runtime.</para>
<para>In addition to the resource allocation performed by the <option>cpu</option> controller, the
kernel may automatically divide resources based on session-id grouping, see "The autogroup feature"
in <citerefentry
project='man-pages'><refentrytitle>sched</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
The effect of this feature is similar to the <option>cpu</option> controller with no explicit
configuration, so users should be careful to not mistake one for the other.</para>
</listitem>
</varlistentry>
@ -158,6 +244,8 @@
<term><varname>CPUQuota=</varname></term>
<listitem>
<para>This setting controls the <option>cpu</option> controller in the unified hierarchy.</para>
<para>Assign the specified CPU time quota to the processes executed. Takes a percentage value, suffixed with
"%". The percentage specifies how much CPU time the unit shall get at maximum, relative to the total CPU time
available on one CPU. Use values &gt; 100% for allotting CPU time on more than one CPU. This controls the
@ -177,6 +265,8 @@
<term><varname>CPUQuotaPeriodSec=</varname></term>
<listitem>
<para>This setting controls the <option>cpu</option> controller in the unified hierarchy.</para>
<para>Assign the duration over which the CPU time quota specified by <varname>CPUQuota=</varname> is measured.
Takes a time duration value in seconds, with an optional suffix such as "ms" for milliseconds (or "s" for seconds.)
The default setting is 100ms. The period is clamped to the range supported by the kernel, which is [1ms, 1000ms].
@ -197,6 +287,8 @@
<term><varname>StartupAllowedCPUs=</varname></term>
<listitem>
<para>This setting controls the <option>cpuset</option> controller in the unified hierarchy.</para>
<para>Restrict processes to be executed on specific CPUs. Takes a list of CPU indices or ranges separated by either
whitespace or commas. CPU ranges are specified by the lower and upper CPU indices separated by a dash.</para>
@ -218,6 +310,8 @@
<term><varname>StartupAllowedMemoryNodes=</varname></term>
<listitem>
<para>These settings control the <option>cpuset</option> controller in the unified hierarchy.</para>
<para>Restrict processes to be executed on specific memory NUMA nodes. Takes a list of memory NUMA nodes indices
or ranges separated by either whitespace or commas. Memory NUMA nodes ranges are specified by the lower and upper
NUMA nodes indices separated by a dash.</para>
@ -239,6 +333,8 @@
<term><varname>MemoryAccounting=</varname></term>
<listitem>
<para>This setting controls the <option>memory</option> controller in the unified hierarchy.</para>
<para>Turn on process and kernel memory accounting for this
unit. Takes a boolean argument. Note that turning on memory
accounting for one unit will also implicitly turn it on for
@ -254,6 +350,8 @@
<term><varname>MemoryMin=<replaceable>bytes</replaceable></varname>, <varname>MemoryLow=<replaceable>bytes</replaceable></varname></term>
<listitem>
<para>These settings control the <option>memory</option> controller in the unified hierarchy.</para>
<para>Specify the memory usage protection of the executed processes in this unit.
When reclaiming memory, the unit is treated as if it was using less memory resulting in memory
to be preferentially reclaimed from unprotected units.
@ -291,6 +389,8 @@
<term><varname>MemoryHigh=<replaceable>bytes</replaceable></varname></term>
<listitem>
<para>These settings control the <option>memory</option> controller in the unified hierarchy.</para>
<para>Specify the throttling limit on memory usage of the executed processes in this unit. Memory usage may go
above the limit if unavoidable, but the processes are heavily slowed down and memory is taken away
aggressively in such cases. This is the main mechanism to control memory usage of a unit.</para>
@ -309,6 +409,8 @@
<term><varname>MemoryMax=<replaceable>bytes</replaceable></varname></term>
<listitem>
<para>These settings control the <option>memory</option> controller in the unified hierarchy.</para>
<para>Specify the absolute limit on memory usage of the executed processes in this unit. If memory usage
cannot be contained under the limit, out-of-memory killer is invoked inside the unit. It is recommended to
use <varname>MemoryHigh=</varname> as the main control mechanism and use <varname>MemoryMax=</varname> as the
@ -327,6 +429,8 @@
<term><varname>MemorySwapMax=<replaceable>bytes</replaceable></varname></term>
<listitem>
<para>These settings control the <option>memory</option> controller in the unified hierarchy.</para>
<para>Specify the absolute limit on swap usage of the executed processes in this unit.</para>
<para>Takes a swap size in bytes. If the value is suffixed with K, M, G or T, the specified swap size is
@ -341,17 +445,14 @@
<term><varname>TasksAccounting=</varname></term>
<listitem>
<para>Turn on task accounting for this unit. Takes a
boolean argument. If enabled, the system manager will keep
track of the number of tasks in the unit. The number of
tasks accounted this way includes both kernel threads and
userspace processes, with each thread counting
individually. Note that turning on tasks accounting for one
unit will also implicitly turn it on for all units contained
in the same slice and for all its parent slices and the
units contained therein. The system default for this setting
may be controlled with
<varname>DefaultTasksAccounting=</varname> in
<para>This setting controls the <option>pids</option> controller in the unified hierarchy.</para>
<para>Turn on task accounting for this unit. Takes a boolean argument. If enabled, the kernel will
keep track of the total number of tasks in the unit and its children. This number includes both
kernel threads and userspace processes, with each thread counted individually. Note that turning on
tasks accounting for one unit will also implicitly turn it on for all units contained in the same
slice and for all its parent slices and the units contained therein. The system default for this
setting may be controlled with <varname>DefaultTasksAccounting=</varname> in
<citerefentry><refentrytitle>systemd-system.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
</listitem>
</varlistentry>
@ -360,6 +461,8 @@
<term><varname>TasksMax=<replaceable>N</replaceable></varname></term>
<listitem>
<para>This setting controls the <option>pids</option> controller in the unified hierarchy.</para>
<para>Specify the maximum number of tasks that may be created in the unit. This ensures that the
number of tasks accounted for the unit (see above) stays below a specific limit. This either takes
an absolute number of tasks or a percentage value that is taken relative to the configured maximum
@ -379,6 +482,8 @@
<term><varname>IOAccounting=</varname></term>
<listitem>
<para>This setting controls the <option>io</option> controller in the unified hierarchy.</para>
<para>Turn on Block I/O accounting for this unit, if the unified control group hierarchy is used on the
system. Takes a boolean argument. Note that turning on block I/O accounting for one unit will also implicitly
turn it on for all units contained in the same slice and all for its parent slices and the units contained
@ -393,6 +498,8 @@
<term><varname>StartupIOWeight=<replaceable>weight</replaceable></varname></term>
<listitem>
<para>These settings control the <option>io</option> controller in the unified hierarchy.</para>
<para>Set the default overall block I/O weight for the executed processes, if the unified control
group hierarchy is used on the system. Takes a single weight value (between 1 and 10000) to set the
default block I/O weight. This controls the <literal>io.weight</literal> control group attribute,
@ -415,6 +522,8 @@
<term><varname>IODeviceWeight=<replaceable>device</replaceable> <replaceable>weight</replaceable></varname></term>
<listitem>
<para>This setting controls the <option>io</option> controller in the unified hierarchy.</para>
<para>Set the per-device overall block I/O weight for the executed processes, if the unified control group
hierarchy is used on the system. Takes a space-separated pair of a file path and a weight value to specify
the device specific weight value, between 1 and 10000. (Example: <literal>/dev/sda 1000</literal>). The file
@ -439,6 +548,8 @@
<term><varname>IOWriteBandwidthMax=<replaceable>device</replaceable> <replaceable>bytes</replaceable></varname></term>
<listitem>
<para>These settings control the <option>io</option> controller in the unified hierarchy.</para>
<para>Set the per-device overall block I/O bandwidth maximum limit for the executed processes, if the unified
control group hierarchy is used on the system. This limit is not work-conserving and the executed processes
are not allowed to use more even if the device has idle capacity. Takes a space-separated pair of a file
@ -461,6 +572,8 @@
<term><varname>IOWriteIOPSMax=<replaceable>device</replaceable> <replaceable>IOPS</replaceable></varname></term>
<listitem>
<para>These settings control the <option>io</option> controller in the unified hierarchy.</para>
<para>Set the per-device overall block I/O IOs-Per-Second maximum limit for the executed processes, if the
unified control group hierarchy is used on the system. This limit is not work-conserving and the executed
processes are not allowed to use more even if the device has idle capacity. Takes a space-separated pair of
@ -482,6 +595,8 @@
<term><varname>IODeviceLatencyTargetSec=<replaceable>device</replaceable> <replaceable>target</replaceable></varname></term>
<listitem>
<para>This setting controls the <option>io</option> controller in the unified hierarchy.</para>
<para>Set the per-device average target I/O latency for the executed processes, if the unified control group
hierarchy is used on the system. Takes a file path and a timespan separated by a space to specify
the device specific latency target. (Example: "/dev/sda 25ms"). The file path may be specified
@ -976,29 +1091,37 @@ DeviceAllow=/dev/loop-control
<para>Turns on delegation of further resource control partitioning to processes of the unit. Units where this
is enabled may create and manage their own private subhierarchy of control groups below the control group of
the unit itself. For unprivileged services (i.e. those using the <varname>User=</varname> setting) the unit's
control group will be made accessible to the relevant user. When enabled the service manager will refrain
from manipulating control groups or moving processes below the unit's control group, so that a clear concept
of ownership is established: the control group tree above the unit's control group (i.e. towards the root
control group) is owned and managed by the service manager of the host, while the control group tree below
the unit's control group is owned and managed by the unit itself. Takes either a boolean argument or a list
of control group controller names. If true, delegation is turned on, and all supported controllers are
enabled for the unit, making them available to the unit's processes for management. If false, delegation is
turned off entirely (and no additional controllers are enabled). If set to a list of controllers, delegation
is turned on, and the specified controllers are enabled for the unit. Note that additional controllers than
the ones specified might be made available as well, depending on configuration of the containing slice unit
or other units contained in it. Note that assigning the empty string will enable delegation, but reset the
list of controllers, all assignments prior to this will have no effect. Defaults to false.</para>
control group will be made accessible to the relevant user.</para>
<para>Note that controller delegation to less privileged code is only safe on the unified control group
hierarchy. Accordingly, access to the specified controllers will not be granted to unprivileged services on
the legacy hierarchy, even when requested.</para>
<para>When enabled the service manager will refrain from manipulating control groups or moving
processes below the unit's control group, so that a clear concept of ownership is established: the
control group tree at the level of the unit's control group and above (i.e. towards the root
control group) is owned and managed by the service manager of the host, while the control group
tree below the unit's control group is owned and managed by the unit itself.</para>
<para>Takes either a boolean argument or a (possibly empty) list of control group controller names.
If true, delegation is turned on, and all supported controllers are enabled for the unit, making
them available to the unit's processes for management. If false, delegation is turned off entirely
(and no additional controllers are enabled). If set to a list of controllers, delegation is turned
on, and the specified controllers are enabled for the unit. Assigning the empty string will enable
delegation, but reset the list of controllers, and all assignments prior to this will have no
effect. Note that additional controllers other than the ones specified might be made available as
well, depending on configuration of the containing slice unit or other units contained in it.
Defaults to false.</para>
<para>Note that controller delegation to less privileged code is only safe on the unified control
group hierarchy. Accordingly, access to the specified controllers will not be granted to
unprivileged services on the legacy hierarchy, even when requested.</para>
<xi:include href="supported-controllers.xml" xpointer="controllers-text" />
<para>Not all of these controllers are available on all kernels however, and some are
specific to the unified hierarchy while others are specific to the legacy hierarchy. Also note that the
kernel might support further controllers, which aren't covered here yet as delegation is either not supported
at all for them or not defined cleanly.</para>
<para>Not all of these controllers are available on all kernels however, and some are specific to
the unified hierarchy while others are specific to the legacy hierarchy. Also note that the kernel
might support further controllers, which aren't covered here yet as delegation is either not
supported at all for them or not defined cleanly.</para>
<para>Note that because of the hierarchical nature of cgroup hierarchy, any controllers that are
delegated will be enabled for the parent and sibling units of the unit with delegation.</para>
<para>For further details on the delegation model consult <ulink
url="https://systemd.io/CGROUP_DELEGATION">Control Group APIs and Delegation</ulink>.</para>
@ -1009,19 +1132,20 @@ DeviceAllow=/dev/loop-control
<term><varname>DisableControllers=</varname></term>
<listitem>
<para>Disables controllers from being enabled for a unit's children. If a controller listed is already in use
in its subtree, the controller will be removed from the subtree. This can be used to avoid child units being
able to implicitly or explicitly enable a controller. Defaults to not disabling any controllers.</para>
<para>It may not be possible to successfully disable a controller if the unit or any child of the unit in
question delegates controllers to its children, as any delegated subtree of the cgroup hierarchy is unmanaged
by systemd.</para>
<para>Disables controllers from being enabled for a unit's children. If a controller listed is
already in use in its subtree, the controller will be removed from the subtree. This can be used to
avoid configuration in child units from being able to implicitly or explicitly enable a controller.
Defaults to empty.</para>
<para>Multiple controllers may be specified, separated by spaces. You may also pass
<varname>DisableControllers=</varname> multiple times, in which case each new instance adds another controller
to disable. Passing <varname>DisableControllers=</varname> by itself with no controller name present resets
the disabled controller list.</para>
<para>It may not be possible to disable a controller after units have been started, if the unit or
any child of the unit in question delegates controllers to its children, as any delegated subtree
of the cgroup hierarchy is unmanaged by systemd.</para>
<xi:include href="supported-controllers.xml" xpointer="controllers-text" />
</listitem>
</varlistentry>

3
man/systemd.service.xml
View File

@ -907,8 +907,7 @@
limiting configured with <varname>StartLimitIntervalSec=</varname>
and <varname>StartLimitBurst=</varname>, see
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details. A restarted service enters the failed state only
after the start limits are reached.</para>
for details.</para>
<para>Setting this to <option>on-failure</option> is the
recommended choice for long-running services, in order to

44
man/systemd.unit.xml
View File

@ -110,19 +110,19 @@
<para>Unit files are loaded from a set of paths determined during compilation, described in the next
section.</para>
<para>Valid unit names consist of a "name prefix" and a dot and a suffix specifying the unit type. The
"unit prefix" must consist of one or more valid characters (ASCII letters, digits, <literal>:</literal>,
<literal>-</literal>, <literal>_</literal>, <literal>.</literal>, and <literal>\</literal>). The total
length of the unit name including the suffix must not exceed 256 characters. The type suffix must be one
of <literal>.service</literal>, <literal>.socket</literal>, <literal>.device</literal>,
<literal>.mount</literal>, <literal>.automount</literal>, <literal>.swap</literal>,
<literal>.target</literal>, <literal>.path</literal>, <literal>.timer</literal>,
<literal>.slice</literal>, or <literal>.scope</literal>.</para>
<para>Valid unit names consist of a "unit name prefix", and a suffix specifying the unit type which
begins with a dot. The "unit name prefix" must consist of one or more valid characters (ASCII letters,
digits, <literal>:</literal>, <literal>-</literal>, <literal>_</literal>, <literal>.</literal>, and
<literal>\</literal>). The total length of the unit name including the suffix must not exceed 255
characters. The unit type suffix must be one of <literal>.service</literal>, <literal>.socket</literal>,
<literal>.device</literal>, <literal>.mount</literal>, <literal>.automount</literal>,
<literal>.swap</literal>, <literal>.target</literal>, <literal>.path</literal>,
<literal>.timer</literal>, <literal>.slice</literal>, or <literal>.scope</literal>.</para>
<para>Units names can be parameterized by a single argument called the "instance name". The unit is then
<para>Unit names can be parameterized by a single argument called the "instance name". The unit is then
constructed based on a "template file" which serves as the definition of multiple services or other
units. A template unit must have a single <literal>@</literal> at the end of the name (right before the
type suffix). The name of the full unit is formed by inserting the instance name between
units. A template unit must have a single <literal>@</literal> at the end of the unit name prefix (right
before the type suffix). The name of the full unit is formed by inserting the instance name between
<literal>@</literal> and the unit type suffix. In the unit file itself, the instance parameter may be
referred to using <literal>%i</literal> and other specifiers, see below.</para>
@ -823,8 +823,7 @@
<term><varname>OnFailure=</varname></term>
<listitem><para>A space-separated list of one or more units that are activated when this unit enters
the <literal>failed</literal> state. A service unit using <varname>Restart=</varname> enters the
failed state only after the start limits are reached.</para></listitem>
the <literal>failed</literal> state.</para></listitem>
</varlistentry>
<varlistentry>
@ -1602,14 +1601,23 @@
<term><varname>ConditionControlGroupController=</varname></term>
<listitem><para>Check whether given cgroup controllers (e.g. <literal>cpu</literal>) are available
for use on the system.</para>
for use on the system or whether the legacy v1 cgroup or the modern v2 cgroup hierarchy is used.
</para>
<para>Multiple controllers may be passed with a space separating them; in this case the condition
will only pass if all listed controllers are available for use. Controllers unknown to systemd are
ignored. Valid controllers are <literal>cpu</literal>, <literal>cpuset</literal>,
<literal>io</literal>, <literal>memory</literal>, and <literal>pids</literal>. Even if available in
the kernel, a particular controller may not be available if it was disabled on the kernel command
line with <varname>cgroup_disable=controller</varname>.</para></listitem>
ignored. Valid controllers are <literal>cpu</literal>, <literal>io</literal>,
<literal>memory</literal>, and <literal>pids</literal>. Even if available in the kernel, a
particular controller may not be available if it was disabled on the kernel command line with
<varname>cgroup_disable=controller</varname>.</para>
<para>Alternatively, two special strings <literal>v1</literal> and <literal>v2</literal> may be
specified (without any controller names). <literal>v2</literal> will pass if the unified v2 cgroup
hierarchy is used, and <literal>v1</literal> will pass if the legacy v1 hierarchy or the hybrid
hierarchy are used. Note that legacy or hybrid hierarchies have been deprecated. See
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry> for
more information.</para>
</listitem>
</varlistentry>
<varlistentry>

2
man/tmpfiles.d.xml
View File

@ -644,7 +644,7 @@ w- /proc/sys/vm/swappiness - - - - 10</programlisting></para>
<para>For example:<programlisting>
# Files created and modified, and directories accessed more than
# an hour ago in "/tmp/foo/bar", are subject to time-based cleanup.
d /tmp/foo/bar - - - - bmA:1h -</programlisting></para>
d /tmp/foo/bar - - - bmA:1h -</programlisting></para>
<para>Note that while the aging algorithm is run a 'shared' BSD file lock (see <citerefentry
project='man-pages'><refentrytitle>flock</refentrytitle><manvolnum>2</manvolnum></citerefentry>) is

15
man/udev.xml
View File

@ -186,10 +186,10 @@
<varlistentry>
<term><varname>SYMLINK</varname></term>
<listitem>
<para>Match the name of a symlink targeting the node. It can
be used once a SYMLINK key has been set in one of the preceding
rules. There may be multiple symlinks; only one needs to match.
</para>
<para>Match the name of a symlink targeting the node. It can be used once a SYMLINK key has
been set in one of the preceding rules. There may be multiple symlinks; only one needs to
match. If the operator is <literal>!=</literal>, the token returns true only if there is no
symlink matched.</para>
</listitem>
</varlistentry>
@ -287,14 +287,17 @@
<varlistentry>
<term><varname>TAG</varname></term>
<listitem>
<para>Match against a device tag.</para>
<para>Match against one of device tags. It can be used once a TAG key has been set in one of
the preceding rules. There may be multiple tags; only one needs to match. If the operator is
<literal>!=</literal>, the token returns true only if there is no tag matched.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><varname>TAGS</varname></term>
<listitem>
<para>Search the devpath upwards for a device with matching tag.</para>
<para>Search the devpath upwards for a device with matching tag. If the operator is
<literal>!=</literal>, the token returns true only if there is no tag matched.</para>
</listitem>
</varlistentry>

3
meson.build
View File

@ -510,6 +510,7 @@ conf.set('SIZEOF_RLIM_T', cc.sizeof('rlim_t', prefix : '#include <sys/resource.h
conf.set('SIZEOF_TIMEX_MEMBER', cc.sizeof('typeof(((struct timex *)0)->freq)', prefix : '#include <sys/timex.h>'))
decl_headers = '''
#include <dirent.h>
#include <uchar.h>
#include <sys/mount.h>
#include <sys/stat.h>
@ -519,6 +520,7 @@ foreach decl : ['char16_t',
'char32_t',
'struct mount_attr',
'struct statx',
'struct dirent64',
]
# We get -1 if the size cannot be determined
@ -742,6 +744,7 @@ foreach header : ['crypt.h',
'linux/memfd.h',
'linux/vm_sockets.h',
'sys/auxv.h',
'threads.h',
'valgrind/memcheck.h',
'valgrind/valgrind.h',
'linux/time_types.h',

2
meson_options.txt
View File

@ -18,7 +18,7 @@ option('rootlibdir', type : 'string',
option('rootprefix', type : 'string',
description : '''override the root prefix [default '/' if split-usr and '/usr' otherwise]''')
option('link-udev-shared', type : 'boolean',
description : 'link systemd-udev and its helpers to libsystemd-shared.so')
description : 'link systemd-udevd and its helpers to libsystemd-shared.so')
option('link-systemctl-shared', type: 'boolean',
description : 'link systemctl against libsystemd-shared.so')
option('link-networkd-shared', type: 'boolean',

8
rules.d/60-persistent-storage.rules
View File

@ -37,14 +37,22 @@ KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{serial}=="?*", ENV{ID_S
KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{wwid}=="?*", ENV{ID_WWN}="$attr{wwid}"
KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{model}=="?*", ENV{ID_MODEL}="$attr{model}"
KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{firmware_rev}=="?*", ENV{ID_REVISION}="$attr{firmware_rev}"
KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ATTRS{nsid}=="?*", ENV{ID_NSID}="$attr{nsid}"
# obsolete symlink that might get overridden on adding a new nvme controller, kept for backward compatibility
KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ENV{ID_MODEL}=="?*", ENV{ID_SERIAL_SHORT}=="?*", \
OPTIONS="string_escape=replace", ENV{ID_SERIAL}="$env{ID_MODEL}_$env{ID_SERIAL_SHORT}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}"
KERNEL=="nvme*[0-9]n*[0-9]", ENV{DEVTYPE}=="disk", ENV{ID_MODEL}=="?*", ENV{ID_SERIAL_SHORT}=="?*", ENV{ID_NSID}=="?*",\
OPTIONS="string_escape=replace", ENV{ID_SERIAL}="$env{ID_MODEL}_$env{ID_SERIAL_SHORT}_$env{ID_NSID}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}"
KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{serial}=="?*", ENV{ID_SERIAL_SHORT}="$attr{serial}"
KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{model}=="?*", ENV{ID_MODEL}="$attr{model}"
KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{firmware_rev}=="?*", ENV{ID_REVISION}="$attr{firmware_rev}"
KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ATTRS{nsid}=="?*", ENV{ID_NSID}="$attr{nsid}"
# obsolete symlink that might get overridden on adding a new nvme controller, kept for backward compatibility
KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ENV{ID_MODEL}=="?*", ENV{ID_SERIAL_SHORT}=="?*", \
OPTIONS="string_escape=replace", ENV{ID_SERIAL}="$env{ID_MODEL}_$env{ID_SERIAL_SHORT}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}-part%n"
KERNEL=="nvme*[0-9]n*[0-9]p*[0-9]", ENV{DEVTYPE}=="partition", ENV{ID_MODEL}=="?*", ENV{ID_SERIAL_SHORT}=="?*", ENV{ID_NSID}=="?*",\
OPTIONS="string_escape=replace", ENV{ID_SERIAL}="$env{ID_MODEL}_$env{ID_SERIAL_SHORT}_$env{ID_NSID}", SYMLINK+="disk/by-id/nvme-$env{ID_SERIAL}-part%n"
# virtio-blk
KERNEL=="vd*[!0-9]", ATTRS{serial}=="?*", ENV{ID_SERIAL}="$attr{serial}", SYMLINK+="disk/by-id/virtio-$env{ID_SERIAL}"

2
shell-completion/bash/busctl
View File

@ -86,7 +86,7 @@ _busctl() {
--show-machine --unique --acquired --activatable --list
-q --quiet --verbose --expect-reply=no --auto-start=no
--allow-interactive-authorization=no --augment-creds=no
--watch-bind=yes -j -l --full'
--watch-bind=yes -j -l --full --xml-interface'
[ARG]='--address -H --host -M --machine --match --timeout --size --json
--destination'
)

8
shell-completion/bash/coredumpctl
View File

@ -40,23 +40,23 @@ _coredumpctl() {
local cur=${COMP_WORDS[COMP_CWORD]} prev=${COMP_WORDS[COMP_CWORD-1]}
local OPTS='-h --help --version --no-pager --no-legend -o --output -F --field -1
-r --reverse -S --since -U --until -D --directory -q --quiet --debugger
-A --debugger-arguments --json -n --all'
-A --debugger-arguments --json -n --all --file --root --image'
local -A VERBS=(
[LIST]='list info'
[DUMP]='dump debug'
)
if __contains_word "$prev" '--output -o'; then
if __contains_word "$prev" --output -o --file --image; then
comps=$( compgen -A file -- "$cur" )
compopt -o filenames
elif __contains_word "$prev" '-D --directory'; then
elif __contains_word "$prev" -D --directory --root; then
comps=$( compgen -A directory -- "$cur" )
compopt -o filenames
elif __contains_word "$prev" '--debugger'; then
comps=$( compgen -A command -- "$cur" )
compopt -o filenames
elif __contains_word "$prev" '--field -F'; then
elif __contains_word "$prev" --field -F; then
comps=$( compgen -W '${__journal_fields[*]}' -- "$cur" )
elif __contains_word "$prev" '--json'; then
comps=$( compgen -W 'pretty short off' -- "$cur" )

6
shell-completion/bash/portablectl
View File

@ -36,7 +36,7 @@ _portablectl() {
local -A OPTS=(
[STANDALONE]='-q --quiet --runtime --no-reload --cat --no-pager --no-legend
--no-ask-password --enable --now -h --help --version'
[ARG]='-p --profile --copy -H --host -M --machine'
[ARG]='-p --profile --copy -H --host -M --machine --extension'
)
local -A VERBS=(
@ -60,6 +60,10 @@ _portablectl() {
--machine|-M)
comps=$( __get_machines )
;;
--extension)
comps=$( compgen -A file -- "$cur" )
compopt -o filenames
;;
esac
COMPREPLY=( $(compgen -W '$comps' -- "$cur") )
return 0

1
shell-completion/zsh/_busctl
View File

@ -276,6 +276,7 @@ _arguments \
'--list[Do not show tree, but simple object path list]' \
{-q,--quiet}'[Do not show method call reply]'\
'--verbose[Show result values in long format]' \
'--xml-interface[Dump the XML description in introspect command]' \
'--json=[Show result values in long format]:format:_busctl_get_json' \
'-j[Show pretty json in interactive sessions, short json otherwise]' \
'--expect-reply=[Expect a method call reply]:boolean:(1 0)' \

54
shell-completion/zsh/_systemctl.in
View File

@ -28,6 +28,8 @@
"show:Show properties of one or more units/jobs or the manager"
"cat:Show the source unit files and drop-ins"
"set-property:Sets one or more properties of a unit"
"service-log-level:Get or set the logging threshold for service"
"service-log-target:Get or set the logging target for service"
"help:Show documentation for specified units"
"reset-failed:Reset failed state for all, one, or more units"
"list-dependencies:Show unit dependency tree"
@ -159,8 +161,8 @@ __systemctl()
if ( [[ ${+_sys_all_units} -eq 0 ]] || _cache_invalid SYS_ALL_UNITS$_sys_service_mgr ) ||
! _retrieve_cache SYS_ALL_UNITS$_sys_service_mgr;
then
_sys_all_units=( ${${(f)"$(__systemctl list-units --all "$PREFIX*" )"}%% *} )
_store_cache SYS_ALL_UNITS$_sys_service_mgr _sys_all_units
_sys_all_units=( ${${(f)"$(__systemctl list-units --all)"}%% *} )
_store_cache SYS_ALL_UNITS$_sys_service_mgr _sys_all_unis
fi
}
@ -173,7 +175,7 @@ __systemctl()
if ( [[ ${+_sys_really_all_units} -eq 0 ]] || _cache_invalid SYS_REALLY_ALL_UNITS$_sys_service_mgr ) ||
! _retrieve_cache SYS_REALLY_ALL_UNITS$_sys_service_mgr;
then
all_unit_files=( ${${(f)"$(__systemctl list-unit-files "$PREFIX*" )"}%% *} )
all_unit_files=( ${${(f)"$(__systemctl list-unit-files)"}%% *} )
_systemctl_all_units
really_all_units=($_sys_all_units $all_unit_files)
_sys_really_all_units=(${(u)really_all_units})
@ -192,22 +194,22 @@ __systemctl()
(( $+functions[_systemctl_get_non_template_names] )) ||
_systemctl_get_non_template_names() { echo -E - ${^${(R)${(f)"$(
__systemctl list-unit-files "$PREFIX*"
__systemctl list-units --all "$PREFIX*"
__systemctl list-unit-files
__systemctl list-units --all
)"}:#*@.*}%%[[:space:]]*} }
(( $+functions[_systemctl_get_template_names] )) ||
_systemctl_get_template_names() { echo -E - ${^${(M)${(f)"$(__systemctl list-unit-files "$PREFIX*" )"}##*@.[^[:space:]]##}%%@.*}\@ }
_systemctl_get_template_names() { echo -E - ${^${(M)${(f)"$(__systemctl list-unit-files)"}##*@.[^[:space:]]##}%%@.*}\@ }
(( $+functions[_systemctl_active_units] )) ||
_systemctl_active_units() {_sys_active_units=( ${${(f)"$(__systemctl list-units "$PREFIX*" )"}%% *} )}
_systemctl_active_units() {_sys_active_units=( ${${(f)"$(__systemctl list-units)"}%% *} )}
(( $+functions[_systemctl_startable_units] )) ||
_systemctl_startable_units(){
_sys_startable_units=( $( _filter_units_by_property ActiveState inactive $(
_filter_units_by_property CanStart yes ${${${(f)"$(
__systemctl list-unit-files --state enabled,enabled-runtime,linked,linked-runtime,static,indirect,disabled,generated,transient "$PREFIX*"
__systemctl list-units --state inactive,failed "$PREFIX*"
__systemctl list-unit-files --state enabled,enabled-runtime,linked,linked-runtime,static,indirect,disabled,generated,transient
__systemctl list-units --state inactive,failed
)"}:#*@.*}%%[[:space:]]*}
)) )
}
@ -215,19 +217,19 @@ __systemctl()
(( $+functions[_systemctl_restartable_units] )) ||
_systemctl_restartable_units(){
_sys_restartable_units=( $( _filter_units_by_property CanStart yes ${${${(f)"$(
__systemctl list-unit-files --state enabled,disabled,static "$PREFIX*"
__systemctl list-units "$PREFIX*"
__systemctl list-unit-files --state enabled,disabled,static
__systemctl list-units
)"}:#*@.*}%%[[:space:]]*} ) )
}
(( $+functions[_systemctl_failed_units] )) ||
_systemctl_failed_units() {_sys_failed_units=( ${${(f)"$(__systemctl list-units --state=failed "$PREFIX*" )"}%% *} ) }
_systemctl_failed_units() {_sys_failed_units=( ${${(f)"$(__systemctl list-units --state=failed)"}%% *} ) }
(( $+functions[_systemctl_unit_state] )) ||
_systemctl_unit_state() {
setopt localoptions extendedglob
typeset -gA _sys_unit_state
_sys_unit_state=( ${=${${(f)"$(__systemctl list-unit-files "$PREFIX*" )"}%%[[:space:]]#}% *} )
_sys_unit_state=( ${=${${(f)"$(__systemctl list-unit-files)"}%%[[:space:]]#}% *} )
}
local fun
@ -300,6 +302,30 @@ for fun in stop kill try-restart condrestart ; do
}
done
(( $+functions[_systemctl_service-log-level] )) ||
_systemctl_service-log-level() {
local -a log_levels=( emerg alert crit err warning notice info debug )
local _sys_active_units; _systemctl_active_units
if (( CURRENT == 2 )); then
_wanted systemd-units expl 'active unit' \
compadd "$@" -a - _sys_active_units || _message "no units found"
else
compadd "$@" -a - log_levels
fi
}
(( $+functions[_systemctl_service-log-target] )) ||
_systemctl_service-log-target() {
local -a log_targets=( console kmsg journal syslog null auto )
local _sys_active_units; _systemctl_active_units
if (( CURRENT == 2 )); then
_wanted systemd-units expl 'active unit' \
compadd "$@" -a - _sys_active_units || _message "no units found"
else
compadd "$@" -a - log_targets
fi
}
# Completion functions for ISOLATABLE_UNITS
(( $+functions[_systemctl_isolate] )) || _systemctl_isolate()
{
@ -350,7 +376,7 @@ done
(( $+functions[_systemctl_set-default] )) || _systemctl_set-default()
{
_wanted systemd-targets expl target \
compadd "$@" - ${${(f)"$(__systemctl list-unit-files --type target --all "$PREFIX*" )"}%% *} ||
compadd "$@" - ${${(f)"$(__systemctl list-unit-files --type target --all)"}%% *} ||
_message "no targets found"
}

2
shell-completion/zsh/_timedatectl
View File

@ -36,6 +36,8 @@ _timedatectl_command(){
'set-time:Set system time'
'set-timezone:Set system timezone'
'list-timezones:Show known timezones'
'timesync-status:Show status of systemd-timesyncd'
'show-timesync:Show properties of systemd-timesyncd'
'set-local-rtc:Control whether RTC is in local time'
'set-ntp:Control whether NTP is enabled'
)

14
src/activate/activate.c
View File

@ -76,6 +76,9 @@ static int open_sockets(int *epoll_fd, bool accept) {
except[i] = SD_LISTEN_FDS_START + i;
log_close();
log_set_open_when_needed(true);
log_settle_target();
r = close_all_fds(except, n);
if (r < 0)
return log_error_errno(r, "Failed to close all file descriptors: %m");
@ -88,17 +91,17 @@ static int open_sockets(int *epoll_fd, bool accept) {
STRV_FOREACH(address, arg_listen) {
r = make_socket_fd(LOG_DEBUG, *address, arg_socket_type, (arg_accept * SOCK_CLOEXEC));
if (r < 0) {
log_open();
if (r < 0)
return log_error_errno(r, "Failed to open '%s': %m", *address);
}
assert(r == SD_LISTEN_FDS_START + count);
count++;
}
if (arg_listen)
if (arg_listen) {
log_open();
log_set_open_when_needed(false);
}
*epoll_fd = epoll_create1(EPOLL_CLOEXEC);
if (*epoll_fd < 0)
@ -341,6 +344,9 @@ static int parse_argv(int argc, char *argv[]) {
assert(argc >= 0);
assert(argv);
/* Resetting to 0 forces the invocation of an internal initialization routine of getopt_long()
* that checks for GNU extensions in optstring ('-' or '+' at the beginning). */
optind = 0;
while ((c = getopt_long(argc, argv, "+hl:aE:d", options, NULL)) >= 0)
switch (c) {
case 'h':

37
src/analyze/analyze-syscall-filter.c
View File

@ -58,17 +58,38 @@ static int load_kernel_syscalls(Set **ret) {
return 0;
}
static int syscall_set_add(Set **s, const SyscallFilterSet *set) {
const char *sc;
int r;
assert(s);
if (!set)
return 0;
NULSTR_FOREACH(sc, set->value) {
if (sc[0] == '@')
continue;
r = set_put_strdup(s, sc);
if (r < 0)
return r;
}
return 0;
}
static void syscall_set_remove(Set *s, const SyscallFilterSet *set) {
const char *syscall;
const char *sc;
if (!set)
return;
NULSTR_FOREACH(syscall, set->value) {
if (syscall[0] == '@')
NULSTR_FOREACH(sc, set->value) {
if (sc[0] == '@')
continue;
free(set_remove(s, syscall));
free(set_remove(s, sc));
}
}
@ -88,17 +109,17 @@ static void dump_syscall_filter(const SyscallFilterSet *set) {
int verb_syscall_filters(int argc, char *argv[], void *userdata) {
bool first = true;
int r;
pager_open(arg_pager_flags);
if (strv_isempty(strv_skip(argv, 1))) {
_cleanup_set_free_ Set *kernel = NULL, *known = NULL;
const char *sys;
int k = 0; /* explicit initialization to appease gcc */
NULSTR_FOREACH(sys, syscall_filter_sets[SYSCALL_FILTER_SET_KNOWN].value)
if (set_put_strdup(&known, sys) < 0)
return log_oom();
r = syscall_set_add(&known, syscall_filter_sets + SYSCALL_FILTER_SET_KNOWN);
if (r < 0)
return log_error_errno(r, "Failed to prepare set of known system calls: %m");
if (!arg_quiet)
k = load_kernel_syscalls(&kernel);

4
src/ask-password/ask-password.c
View File

@ -107,6 +107,10 @@ static int parse_argv(int argc, char *argv[]) {
/* Note the asymmetry: the long option --echo= allows an optional argument, the short option does
* not. */
/* Resetting to 0 forces the invocation of an internal initialization routine of getopt_long()
* that checks for GNU extensions in optstring ('-' or '+' at the beginning). */
optind = 0;
while ((c = getopt_long(argc, argv, "+hen", options, NULL)) >= 0)
switch (c) {

61
src/basic/audit-util.c
View File

@ -1,6 +1,7 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include <errno.h>
#include <linux/audit.h>
#include <linux/netlink.h>
#include <stdio.h>
#include <sys/socket.h>
@ -12,6 +13,7 @@
#include "macro.h"
#include "parse-util.h"
#include "process-util.h"
#include "socket-util.h"
#include "user-util.h"
int audit_session_from_pid(pid_t pid, uint32_t *id) {
@ -68,8 +70,50 @@ int audit_loginuid_from_pid(pid_t pid, uid_t *uid) {
return 0;
}
static int try_audit_request(int fd) {
struct iovec iov;
struct msghdr mh;
ssize_t n;
assert(fd >= 0);
struct {
struct nlmsghdr hdr;
struct nlmsgerr err;
} _packed_ msg = {
.hdr.nlmsg_len = NLMSG_LENGTH(0),
.hdr.nlmsg_type = AUDIT_GET_FEATURE,
.hdr.nlmsg_flags = NLM_F_REQUEST | NLM_F_ACK,
};
iov = (struct iovec) {
.iov_base = &msg,
.iov_len = msg.hdr.nlmsg_len,
};
mh = (struct msghdr) {
.msg_iov = &iov,
.msg_iovlen = 1,
};
if (sendmsg(fd, &mh, MSG_NOSIGNAL) < 0)
return -errno;
iov.iov_len = sizeof(msg);
n = recvmsg_safe(fd, &mh, 0);
if (n < 0)
return -errno;
if (n != NLMSG_LENGTH(sizeof(struct nlmsgerr)))
return -EIO;
if (msg.hdr.nlmsg_type != NLMSG_ERROR)
return -EINVAL;
return msg.err.error;
}
bool use_audit(void) {
static int cached_use = -1;
int r;
if (cached_use < 0) {
int fd;
@ -80,7 +124,22 @@ bool use_audit(void) {
if (!cached_use)
log_debug_errno(errno, "Won't talk to audit: %m");
} else {
cached_use = true;
/* If we try and use the audit fd but get -ECONNREFUSED, it is because
* we are not in the initial user namespace, and the kernel does not
* have support for audit outside of the initial user namespace
* (see https://elixir.bootlin.com/linux/latest/C/ident/audit_netlink_ok).
*
* If we receive any other error, do not disable audit because we are not
* sure that the error indicates that audit will not work in general. */
r = try_audit_request(fd);
if (r < 0) {
cached_use = r != -ECONNREFUSED;
log_debug_errno(r, cached_use ?
"Failed to make request on audit fd, ignoring: %m" :
"Won't talk to audit: %m");
} else
cached_use = true;
safe_close(fd);
}
}

1
src/basic/capability-util.c
View File

@ -13,6 +13,7 @@
#include "log.h"
#include "macro.h"
#include "missing_prctl.h"
#include "missing_threads.h"
#include "parse-util.h"
#include "user-util.h"
#include "util.h"

1
src/basic/cgroup-util.c
View File

@ -23,6 +23,7 @@
#include "login-util.h"
#include "macro.h"
#include "missing_magic.h"
#include "missing_threads.h"
#include "mkdir.h"
#include "parse-util.h"
#include "path-util.h"

32
src/basic/coverage.h
View File

@ -1,6 +1,9 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once
extern void __gcov_dump(void);
extern void __gcov_reset(void);
/* When built with --coverage (gcov) we need to explicitly call __gcov_dump()
* in places where we use _exit(), since _exit() skips at-exit hooks resulting
* in lost coverage.
@ -8,12 +11,37 @@
* To make sure we don't miss any _exit() calls, this header file is included
* explicitly on the compiler command line via the -include directive (only
* when built with -Db_coverage=true)
* */
*/
extern void _exit(int);
extern void __gcov_dump(void);
static inline _Noreturn void _coverage__exit(int status) {
__gcov_dump();
_exit(status);
}
#define _exit(x) _coverage__exit(x)
/* gcov provides wrappers for the exec*() calls but there's none for execveat(),
* which means we lose all coverage prior to the call. To mitigate this, let's
* add a simple execveat() wrapper in gcov's style[0], which dumps and resets
* the coverage data when needed.
*
* This applies only when we're built with -Dfexecve=true.
*
* [0] https://gcc.gnu.org/git/?p=gcc.git;a=blob;f=libgcc/libgcov-interface.c;h=b2ee930864183b78c8826255183ca86e15e21ded;hb=HEAD
*/
extern int execveat(int, const char *, char * const [], char * const [], int);
static inline int _coverage_execveat(
int dirfd,
const char *pathname,
char * const argv[],
char * const envp[],
int flags) {
__gcov_dump();
int r = execveat(dirfd, pathname, argv, envp, flags);
__gcov_reset();
return r;
}
#define execveat(d,p,a,e,f) _coverage_execveat(d, p, a, e, f)

2
src/basic/dirent-util.h
View File

@ -35,6 +35,7 @@ struct dirent *readdir_no_dot(DIR *dirp);
/* Only if 64bit off_t is enabled struct dirent + struct dirent64 are actually the same. We require this, and
* we want them to be interchangeable to make getdents64() work, hence verify that. */
assert_cc(_FILE_OFFSET_BITS == 64);
#if HAVE_STRUCT_DIRENT64
assert_cc(sizeof(struct dirent) == sizeof(struct dirent64));
assert_cc(offsetof(struct dirent, d_ino) == offsetof(struct dirent64, d_ino));
assert_cc(sizeof_field(struct dirent, d_ino) == sizeof_field(struct dirent64, d_ino));
@ -46,6 +47,7 @@ assert_cc(offsetof(struct dirent, d_type) == offsetof(struct dirent64, d_type));
assert_cc(sizeof_field(struct dirent, d_type) == sizeof_field(struct dirent64, d_type));
assert_cc(offsetof(struct dirent, d_name) == offsetof(struct dirent64, d_name));
assert_cc(sizeof_field(struct dirent, d_name) == sizeof_field(struct dirent64, d_name));
#endif
#define FOREACH_DIRENT_IN_BUFFER(de, buf, sz) \
for (void *_end = (uint8_t*) ({ (de) = (buf); }) + (sz); \

2
src/basic/hash-funcs.h
View File

@ -102,7 +102,7 @@ extern const struct hash_ops uint64_hash_ops;
/* On some archs dev_t is 32bit, and on others 64bit. And sometimes it's 64bit on 32bit archs, and sometimes 32bit on
* 64bit archs. Yuck! */
#if SIZEOF_DEV_T != 8
void devt_hash_func(const dev_t *p, struct siphash *state) _pure_;
void devt_hash_func(const dev_t *p, struct siphash *state);
#else
#define devt_hash_func uint64_hash_func
#endif

7
src/basic/list.h
View File

@ -133,8 +133,11 @@
} \
} while (false)
#define LIST_JUST_US(name,item) \
(!(item)->name##_prev && !(item)->name##_next)
#define LIST_JUST_US(name, item) \
({ \
typeof(*(item)) *_item = (item); \
!(_item)->name##_prev && !(_item)->name##_next; \
})
/* The type of the iterator 'i' is automatically determined by the type of 'head', and declared in the
* loop. Hence, do not declare the same variable in the outer scope. Sometimes, we set 'head' through

19
src/basic/log.c
View File

@ -23,6 +23,7 @@
#include "log.h"
#include "macro.h"
#include "missing_syscall.h"
#include "missing_threads.h"
#include "parse-util.h"
#include "proc-cmdline.h"
#include "process-util.h"
@ -1199,6 +1200,24 @@ LogTarget log_get_target(void) {
return log_target;
}
void log_settle_target(void) {
/* If we're using LOG_TARGET_AUTO and opening the log again on every single log call, we'll check if
* stderr is attached to the journal every single log call. However, if we then close all file
* descriptors later, that will stop working because stderr will be closed as well. To avoid that
* problem, this function is used to permanently change the log target depending on whether stderr is
* connected to the journal or not. */
LogTarget t = log_get_target();
if (t != LOG_TARGET_AUTO)
return;
t = getpid_cached() == 1 || stderr_is_journal() ? (prohibit_ipc ? LOG_TARGET_KMSG : LOG_TARGET_JOURNAL_OR_KMSG)
: LOG_TARGET_CONSOLE;
log_set_target(t);
}
int log_get_max_level(void) {
return log_max_level;
}

1
src/basic/log.h
View File

@ -51,6 +51,7 @@ LogTarget log_target_from_string(const char *s) _pure_;
void log_set_target(LogTarget target);
int log_set_target_from_string(const char *e);
LogTarget log_get_target(void) _pure_;
void log_settle_target(void);
void log_set_max_level(int level);
int log_set_max_level_from_string(const char *e);

18
src/basic/macro.h
View File

@ -268,6 +268,10 @@ static inline int __coverity_check_and_return__(int condition) {
#define sizeof_field(struct_type, member) sizeof(((struct_type *) 0)->member)
/* Maximum buffer size needed for formatting an unsigned integer type as hex, including space for '0x'
* prefix and trailing NUL suffix. */
#define HEXADECIMAL_STR_MAX(type) (2 + sizeof(type) * 2 + 1)
/* Returns the number of chars needed to format variables of the specified type as a decimal string. Adds in
* extra space for a negative '-' prefix for signed types. Includes space for the trailing NUL. */
#define DECIMAL_STR_MAX(type) \
@ -315,20 +319,6 @@ static inline int __coverity_check_and_return__(int condition) {
p != (typeof(p)) POINTER_MAX; \
p = *(++_l))
/* Define C11 thread_local attribute even on older gcc compiler
* version */
#ifndef thread_local
/*
* Don't break on glibc < 2.16 that doesn't define __STDC_NO_THREADS__
* see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=53769
*/
#if __STDC_VERSION__ >= 201112L && !(defined(__STDC_NO_THREADS__) || (defined(__GNU_LIBRARY__) && __GLIBC__ == 2 && __GLIBC_MINOR__ < 16))
#define thread_local _Thread_local
#else
#define thread_local __thread
#endif
#endif
#define DEFINE_TRIVIAL_DESTRUCTOR(name, type, func) \
static inline void name(type *p) { \
func(p); \

1
src/basic/memory-util.c
View File

@ -3,6 +3,7 @@
#include <unistd.h>
#include "memory-util.h"
#include "missing_threads.h"
size_t page_size(void) {
static thread_local size_t pgsz = 0;

15
src/basic/missing_threads.h Normal file
View File

@ -0,0 +1,15 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#pragma once
/* If threads.h doesn't exist, then define our own thread_local to match C11's thread_local. */
#if HAVE_THREADS_H
# include <threads.h>
#elif !(defined(thread_local))
/* Don't break on glibc < 2.16 that doesn't define __STDC_NO_THREADS__
* see https://gcc.gnu.org/bugzilla/show_bug.cgi?id=53769 */
# if __STDC_VERSION__ >= 201112L && !(defined(__STDC_NO_THREADS__) || (defined(__GNU_LIBRARY__) && __GLIBC__ == 2 && __GLIBC_MINOR__ < 16))
# define thread_local _Thread_local
# else
# define thread_local __thread
# endif
#endif

10
src/basic/mountpoint-util.c
View File

@ -118,7 +118,7 @@ static int fd_fdinfo_mnt_id(int fd, const char *filename, int flags, int *ret_mn
r = read_full_virtual_file(path, &fdinfo, NULL);
if (r == -ENOENT) /* The fdinfo directory is a relatively new addition */
return -EOPNOTSUPP;
return proc_mounted() > 0 ? -EOPNOTSUPP : -ENOSYS;
if (r < 0)
return r;
@ -275,7 +275,7 @@ int fd_is_mount_point(int fd, const char *filename, int flags) {
fallback_fdinfo:
r = fd_fdinfo_mnt_id(fd, filename, flags, &mount_id);
if (IN_SET(r, -EOPNOTSUPP, -EACCES, -EPERM))
if (IN_SET(r, -EOPNOTSUPP, -EACCES, -EPERM, -ENOSYS))
goto fallback_fstat;
if (r < 0)
return r;
@ -493,6 +493,8 @@ int dev_is_devtmpfs(void) {
return r;
r = fopen_unlocked("/proc/self/mountinfo", "re", &proc_self_mountinfo);
if (r == -ENOENT)
return proc_mounted() > 0 ? -ENOENT : -ENOSYS;
if (r < 0)
return r;
@ -512,12 +514,12 @@ int dev_is_devtmpfs(void) {
if (mid != mount_id)
continue;
e = strstr(line, " - ");
e = strstrafter(line, " - ");
if (!e)
continue;
/* accept any name that starts with the currently expected type */
if (startswith(e + 3, "devtmpfs"))
if (startswith(e, "devtmpfs"))
return true;
}

2
src/basic/process-util.c
View File

@ -34,6 +34,7 @@
#include "memory-util.h"
#include "missing_sched.h"
#include "missing_syscall.h"
#include "missing_threads.h"
#include "namespace-util.h"
#include "path-util.h"
#include "process-util.h"
@ -1305,6 +1306,7 @@ int safe_fork_full(
/* Close the logs if requested, before we log anything. And make sure we reopen it if needed. */
log_close();
log_set_open_when_needed(true);
log_settle_target();
}
if (name) {

1
src/basic/random-util.c
View File

@ -24,6 +24,7 @@
#include "io-util.h"
#include "missing_random.h"
#include "missing_syscall.h"
#include "missing_threads.h"
#include "parse-util.h"
#include "random-util.h"
#include "sha256.h"

18
src/basic/ratelimit.c
View File

@ -43,3 +43,21 @@ unsigned ratelimit_num_dropped(RateLimit *r) {
return r->num > r->burst ? r->num - r->burst : 0;
}
usec_t ratelimit_end(const RateLimit *rl) {
assert(rl);
if (rl->begin == 0)
return 0;
return usec_add(rl->begin, rl->interval);
}
usec_t ratelimit_left(const RateLimit *rl) {
assert(rl);
if (rl->begin == 0)
return 0;
return usec_sub_unsigned(ratelimit_end(rl), now(CLOCK_MONOTONIC));
}

3
src/basic/ratelimit.h
View File

@ -23,3 +23,6 @@ static inline bool ratelimit_configured(RateLimit *rl) {
bool ratelimit_below(RateLimit *r);
unsigned ratelimit_num_dropped(RateLimit *r);
usec_t ratelimit_end(const RateLimit *rl);
usec_t ratelimit_left(const RateLimit *rl);

1
src/basic/signal-util.c
View File

@ -5,6 +5,7 @@
#include "errno-util.h"
#include "macro.h"
#include "missing_threads.h"
#include "parse-util.h"
#include "signal-util.h"
#include "stdio-util.h"

30
src/basic/socket-util.c
View File

@ -1307,7 +1307,7 @@ ssize_t recvmsg_safe(int sockfd, struct msghdr *msg, int flags) {
return n;
}
int socket_get_family(int fd, int *ret) {
int socket_get_family(int fd) {
int af;
socklen_t sl = sizeof(af);
@ -1321,12 +1321,11 @@ int socket_get_family(int fd, int *ret) {
}
int socket_set_recvpktinfo(int fd, int af, bool b) {
int r;
if (af == AF_UNSPEC) {
r = socket_get_family(fd, &af);
if (r < 0)
return r;
af = socket_get_family(fd);
if (af < 0)
return af;
}
switch (af) {
@ -1350,12 +1349,11 @@ int socket_set_recvpktinfo(int fd, int af, bool b) {
int socket_set_unicast_if(int fd, int af, int ifi) {
be32_t ifindex_be = htobe32(ifi);
int r;
if (af == AF_UNSPEC) {
r = socket_get_family(fd, &af);
if (r < 0)
return r;
af = socket_get_family(fd);
if (af < 0)
return af;
}
switch (af) {
@ -1372,12 +1370,10 @@ int socket_set_unicast_if(int fd, int af, int ifi) {
}
int socket_set_option(int fd, int af, int opt_ipv4, int opt_ipv6, int val) {
int r;
if (af == AF_UNSPEC) {
r = socket_get_family(fd, &af);
if (r < 0)
return r;
af = socket_get_family(fd);
if (af < 0)
return af;
}
switch (af) {
@ -1397,9 +1393,9 @@ int socket_get_mtu(int fd, int af, size_t *ret) {
int mtu, r;
if (af == AF_UNSPEC) {
r = socket_get_family(fd, &af);
if (r < 0)
return r;
af = socket_get_family(fd);
if (af < 0)
return af;
}
switch (af) {

2
src/basic/socket-util.h
View File

@ -304,7 +304,7 @@ struct timespec_large {
ssize_t recvmsg_safe(int sockfd, struct msghdr *msg, int flags);
int socket_get_family(int fd, int *ret);
int socket_get_family(int fd);
int socket_set_recvpktinfo(int fd, int af, bool b);
int socket_set_unicast_if(int fd, int af, int ifi);

4
src/basic/stat-util.c
View File

@ -189,10 +189,10 @@ int files_same(const char *filea, const char *fileb, int flags) {
assert(fileb);
if (fstatat(AT_FDCWD, filea, &a, flags) < 0)
return -errno;
return log_debug_errno(errno, "Cannot stat %s: %m", filea);
if (fstatat(AT_FDCWD, fileb, &b, flags) < 0)
return -errno;
return log_debug_errno(errno, "Cannot stat %s: %m", fileb);
return stat_inode_same(&a, &b);
}

12
src/basic/string-util.h
View File

@ -29,6 +29,18 @@ static inline char* strstr_ptr(const char *haystack, const char *needle) {
return strstr(haystack, needle);
}
static inline char *strstrafter(const char *haystack, const char *needle) {
char *p;
/* Returns NULL if not found, or pointer to first character after needle if found */
p = strstr_ptr(haystack, needle);
if (!p)
return NULL;
return p + strlen(needle);
}
static inline const char* strnull(const char *s) {
return s ?: "(null)";
}

1
src/basic/syscall-list.txt
View File

@ -427,6 +427,7 @@ renameat2
request_key
restart_syscall
riscv_flush_icache
riscv_hwprobe
rmdir
rseq
rt_sigaction

1
src/basic/syscalls-alpha.txt
View File

@ -427,6 +427,7 @@ renameat2 510
request_key 440
restart_syscall 412
riscv_flush_icache
riscv_hwprobe
rmdir 137
rseq 527
rt_sigaction 352

1
src/basic/syscalls-arc.txt
View File

@ -427,6 +427,7 @@ renameat2 276
request_key 218
restart_syscall 128
riscv_flush_icache
riscv_hwprobe
rmdir
rseq 293
rt_sigaction 134

1
src/basic/syscalls-arm.txt
View File

@ -427,6 +427,7 @@ renameat2 382
request_key 310
restart_syscall 0
riscv_flush_icache
riscv_hwprobe
rmdir 40
rseq 398
rt_sigaction 174

1
src/basic/syscalls-arm64.txt
View File

@ -427,6 +427,7 @@ renameat2 276
request_key 218
restart_syscall 128
riscv_flush_icache
riscv_hwprobe
rmdir
rseq 293
rt_sigaction 134

1
src/basic/syscalls-i386.txt
View File

@ -427,6 +427,7 @@ renameat2 353
request_key 287
restart_syscall 0
riscv_flush_icache
riscv_hwprobe
rmdir 40
rseq 386
rt_sigaction 174

1
src/basic/syscalls-ia64.txt
View File

@ -427,6 +427,7 @@ renameat2 1338
request_key 1272
restart_syscall 1246
riscv_flush_icache
riscv_hwprobe
rmdir 1056
rseq 1357
rt_sigaction 1177

1
src/basic/syscalls-loongarch64.txt
View File

@ -427,6 +427,7 @@ renameat2 276
request_key 218
restart_syscall 128
riscv_flush_icache
riscv_hwprobe
rmdir
rseq 293
rt_sigaction 134

1
src/basic/syscalls-m68k.txt
View File

@ -427,6 +427,7 @@ renameat2 351
request_key 280
restart_syscall 0
riscv_flush_icache
riscv_hwprobe
rmdir 40
rseq 384
rt_sigaction 174

1
src/basic/syscalls-mips64.txt
View File

@ -427,6 +427,7 @@ renameat2 5311
request_key 5240
restart_syscall 5213
riscv_flush_icache
riscv_hwprobe
rmdir 5082
rseq 5327
rt_sigaction 5013

1
src/basic/syscalls-mips64n32.txt
View File

@ -427,6 +427,7 @@ renameat2 6315
request_key 6244
restart_syscall 6214
riscv_flush_icache
riscv_hwprobe
rmdir 6082
rseq 6331
rt_sigaction 6013

Some files were not shown because too many files have changed in this diff Show More