ece87975a97509b48a01b1e3da2e99c1c7dfd77a |
|
11-Jan-2016 |
Ismo Puustinen <ismo.puustinen@intel.com> |
man: add AmbientCapabilities entry. |
91518d20ddf0376808544576d0ef0883cedc67d4 |
|
25-Nov-2015 |
Karel Zak <kzak@redhat.com> |
core: support <soft:hard> ranges for RLIMIT options
The new parser supports:
<value> - specify both limits to the same value
<soft:hard> - specify both limits
the size or time specific suffixes are supported, for example
LimitRTTIME=1sec
LimitAS=4G:16G
The patch introduces parse_rlimit_range() and rlim type (size, sec,
usec, etc.) specific parsers. No code is duplicated now.
The patch also sync docs for DefaultLimitXXX= and LimitXXX=.
References: https://github.com/systemd/systemd/issues/1769 |
5c019cf2602c035bb47bc59f71939ad53d6a9294 |
|
19-Nov-2015 |
Evgeny Vereshchagin <evvers@ya.ru> |
man: systemd.exec: add missing variables |
c129bd5df3ca08eb352cf69d01d2f374552624ae |
|
11-Nov-2015 |
Lennart Poettering <lennart@poettering.net> |
man: document automatic dependencies
For all units ensure there's an "Automatic Dependencies" section in the
man page, and explain which dependencies are automatically added in all
cases, and which ones are added on top if DefaultDependencies=yes is
set.
This is also done for systemd.exec(5), systemd.resource-control(5) and
systemd.unit(5) as these pages describe common behaviour of various unit
types. |
b4c14404b3e8753c41bac0b1d49369230a15c544 |
|
11-Nov-2015 |
Filipe Brandenburger <filbranden@google.com> |
execute: Add new PassEnvironment= directive
This directive allows passing environment variables from the system
manager to spawned services. Variables in the system manager can be set
inside a container by passing `--set-env=...` options to systemd-spawn.
Tested with an on-disk test.service unit. Tested using multiple variable
names on a single line, with an empty setting to clear the current list
of variables, with non-existing variables.
Tested using `systemd-run -p PassEnvironment=VARNAME` to confirm it
works with transient units.
Confirmed that `systemctl show` will display the PassEnvironment
settings.
Checked that man pages are generated correctly.
No regressions in `make check`. |
a4c1800284e3546bbfab2dc19eb59bcb91c4a2ca |
|
10-Nov-2015 |
Lennart Poettering <lennart@poettering.net> |
core: accept time units for time-based resource limits
Let's make sure "LimitCPU=30min" can be parsed properly, following the
usual logic how we parse time values. Similar for LimitRTTIME=.
While we are at it, extend a bit on the man page section about resource
limits.
Fixes: #1772 |
a8eaaee72a2f06e0fb64fb71de3b71ecba31dafb |
|
06-Nov-2015 |
Jan Engelhardt <jengelh@inai.de> |
doc: correct orthography, word forms and missing/extraneous words |
b938cb902c3b5bca807a94b277672c64d6767886 |
|
06-Nov-2015 |
Jan Engelhardt <jengelh@inai.de> |
doc: correct punctuation and improve typography in documentation |
412ea7a936ebaa5342a4c2abf48b9e408e6ba5dc |
|
06-Nov-2015 |
Karel Zak <kzak@redhat.com> |
core: support IEC suffixes for RLIMIT stuff
Let's make things more user-friendly and support for example
LimitAS=16G
rather than force users to always use LimitAS=16106127360.
The change is relevant for options:
[Default]Limit{FSIZE,DATA,STACK,CORE,RSS,AS,MEMLOCK,MSGQUEUE}
The patch introduces config_parse_bytes_limit(), it's the same as
config_parse_limit() but uses parse_size() tu support the suffixes.
Addresses: https://github.com/systemd/systemd/issues/1772 |
f2c624cb8b096686e94b2997a9dc95e13d865744 |
|
02-Nov-2015 |
Thomas Hindoe Paaboel Andersen <phomes@gmail.com> |
man: various typos |
71b1c27a406271b71f64487ae70b58f44a4a37f0 |
|
28-Oct-2015 |
Filipe Brandenburger <filbranden@google.com> |
man: Update man page documentation for CPUAffinity
Document support for commas as a separator and possibility of specifying
ranges of CPU indices.
Tested by regenerating the manpages locally and reading them on man. |
5f5d8eab1f2f5f5e088bc301533b3e4636de96c7 |
|
29-Sep-2015 |
Lennart Poettering <lennart@poettering.net> |
core: allow setting WorkingDirectory= to the special value ~
If set to ~ the working directory is set to the home directory of the
user configured in User=.
This change also exposes the existing switch for the working directory
that allowed making missing working directories non-fatal.
This also changes "machinectl shell" to make use of this to ensure that
the invoked shell is by default in the user's home directory.
Fixes #1268. |
6cd16034fc7d7dff3551a9a010d44589ae377a88 |
|
25-Aug-2015 |
Lennart Poettering <lennart@poettering.net> |
man: add hyphen to improve man text |
023a4f67011f24d4b085995a4a3a02661c4794a2 |
|
24-Aug-2015 |
Lennart Poettering <lennart@poettering.net> |
core: optionally create LOGIN_PROCESS or USER_PROCESS utmp entries
When generating utmp/wtmp entries, optionally add both LOGIN_PROCESS and
INIT_PROCESS entries or even all three of LOGIN_PROCESS, INIT_PROCESS
and USER_PROCESS entries, instead of just a single INIT_PROCESS entry.
With this change systemd may be used to not only invoke a getty directly
in a SysV-compliant way but alternatively also a login(1) implementation
or even forego getty and login entirely, and invoke arbitrary shells in
a way that they appear in who(1) or w(1).
This is preparation for a later commit that adds a "machinectl shell"
operation to invoke a shell in a container, in a way that is compatible
with who(1) and w(1). |
8f0d2981ca2f0335426381416bd583c08c290f04 |
|
04-Aug-2015 |
Richard Maw <richard.maw@codethink.co.uk> |
man: Document invalid lines in EnvironmentFile
If a line doesn't contain an = separator, it is skipped, rather than
raising an error.
This is potentially useful, so let's document this behaviour. |
5833143708733a3fc9e6935922bf11d7d27cb768 |
|
30-Jun-2015 |
Christian Hesse <mail@eworm.de> |
man: ProtectHome= protects /root as well |
12b42c76672a66c2d4ea7212c14f8f1b5a62b78d |
|
18-Jun-2015 |
Tom Gundersen <teg@jklm.no> |
man: revert dynamic paths for split-usr setups
This did not really work out as we had hoped. Trying to do this upstream
introduced several problems that probably makes it better suited as a
downstream patch after all. At any rate, it is not releaseable in the
current state, so we at least need to revert this before the release.
* by adjusting the path to binaries, but not do the same thing to the
search path we end up with inconsistent man-pages. Adjusting the search
path too would be quite messy, and it is not at all obvious that this is
worth the effort, but at any rate it would have to be done before we
could ship this.
* this means that distributed man-pages does not make sense as they depend
on config options, and for better or worse we are still distributing
man pages, so that is something that definitely needs sorting out before
we could ship with this patch.
* we have long held that split-usr is only minimally supported in order
to boot, and something we hope will eventually go away. So before we start
adding even more magic/effort in order to make this work nicely, we should
probably question if it makes sense at all. |
681eb9cf2b831293a4f3d4c48a748d2e4a25d69e |
|
28-May-2015 |
Filipe Brandenburger <filbranden@google.com> |
man: generate configured paths in manpages
In particular, use /lib/systemd instead of /usr/lib/systemd in distributions
like Debian which still have not adopted a /usr merge setup.
Use XML entities from man/custom-entities.ent to replace configured paths while
doing XSLT processing of the original XML files. There was precedent of some
files (such as systemd.generator.xml) which were already using this approach.
This addresses most of the (manual) fixes from this patch:
http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/tree/debian/patches/Fix-paths-in-man-pages.patch?h=experimental-220
The idea of using generic XML entities was presented here:
http://lists.freedesktop.org/archives/systemd-devel/2015-May/032240.html
This patch solves almost all the issues, with the exception of:
- Path to /bin/mount and /bin/umount.
- Generic statements about preference of /lib over /etc.
These will be handled separately by follow up patches.
Tested:
- With default configure settings, ran "make install" to two separate
directories and compared the output to confirm they matched exactly.
- Used a set of configure flags including $CONFFLAGS from Debian:
http://anonscm.debian.org/cgit/pkg-systemd/systemd.git/tree/debian/rules
Installed the tree and confirmed the paths use /lib/systemd instead of
/usr/lib/systemd and that no other unexpected differences exist.
- Confirmed that `make distcheck` still passes. |
b5c7d097ec7d16facaaeb0da5ba2abb2b1fc230b |
|
14-Mar-2015 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: link to freebsd.org for inetd(8) |
3ba3a79df4ae094d1008c04a9af8d1ff970124c4 |
|
14-Mar-2015 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: fix a bunch of links
All hail linkchecker! |
f407824d751a9cb31abfdf0343fe179e0efef259 |
|
12-Mar-2015 |
David Herrmann <dh.herrmann@gmail.com> |
man: split paragraph
Explicitly put the "multiple EnvironmentFile=" description into its own
paragraph to make it much easier to find. |
b975b0d514321f169b3c4599a8ea92e13741b4e4 |
|
11-Feb-2015 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: boilerplate unification |
798d3a524ea57aaf40cb53858aaa45ec702f012d |
|
04-Feb-2015 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
Reindent man pages to 2ch |
c51cbfdcc7f38438553e4c2c60499f6aea7cc504 |
|
27-Jan-2015 |
Lennart Poettering <lennart@poettering.net> |
man: document that ProtectSystem= also covers /boot |
6067b34a1f770f845157f15b0c85b2f1140a2351 |
|
30-Nov-2014 |
Ronny Chevalier <chevalier.ronny@gmail.com> |
man: document that we set both soft and hard limits for Limit directives
See
http://cgit.freedesktop.org/systemd/systemd/tree/src/core/load-fragment.c#n1100 |
536256fc913f20ab09809fac7fdea96577704191 |
|
30-Nov-2014 |
Ronny Chevalier <chevalier.ronny@gmail.com> |
man: fix typos |
b8825fff7bf153ea9f17c46a40278df2e780829d |
|
30-Nov-2014 |
Ronny Chevalier <chevalier.ronny@gmail.com> |
man: document equivalence between Limit directives and ulimit
See https://bugs.freedesktop.org/show_bug.cgi?id=80341 |
2ca620c4ed28c01f285d869d0b22f22a360957da |
|
24-Nov-2014 |
WaLyong Cho <walyong.cho@samsung.com> |
smack: introduce new SmackProcessLabel option
In service file, if the file has some of special SMACK label in
ExecStart= and systemd has no permission for the special SMACK label
then permission error will occurred. To resolve this, systemd should
be able to set its SMACK label to something accessible of ExecStart=.
So introduce new SmackProcessLabel. If label is specified with
SmackProcessLabel= then the child systemd will set its label to
that. To successfully execute the ExecStart=, accessible label should
be specified with SmackProcessLabel=.
Additionally, by SMACK policy, if the file in ExecStart= has no
SMACK64EXEC then the executed process will have given label by
SmackProcessLabel=. But if the file has SMACK64EXEC then the
SMACK64EXEC label will be overridden.
[zj: reword man page] |
2134b5ef6b5c944036d051381f4bd7b7e61ef373 |
|
09-Oct-2014 |
Lennart Poettering <lennart@poettering.net> |
man: SyslogIdentifier= has an effect on journal logging too |
e060073a8f05cfdfad621b1bb59abe944b17d5f9 |
|
04-Oct-2014 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: say that SecureBits= are space separated |
67826132adfdf626413f08fb664debd4a7ec35b7 |
|
06-Sep-2014 |
Michael Biebl <biebl@debian.org> |
man: fix references to systemctl man page which is now in section 1
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760613 |
06b643e7f5a3b79005dd57497897ab7255fe3659 |
|
30-Aug-2014 |
Ruben Kerkhof <ruben@rubenkerkhof.com> |
Fix a few more typos |
8257df2767fe2eb535fb83966d92f3074c522150 |
|
18-Aug-2014 |
Ronny Chevalier <chevalier.ronny@gmail.com> |
man: fix typo |
79c1afc67f973eaece8f1b7016e016bb33c256a7 |
|
11-Aug-2014 |
Lennart Poettering <lennart@poettering.net> |
man: improve documentation for StandardOutput= and StandardInput= |
ef392da6c56cdfff35265403192f051af257b3f8 |
|
04-Aug-2014 |
Ansgar Burchardt <ansgar@debian.org> |
Correct references to ProtectSystem and ProtectHome in documentation |
8e8ba962c73310d40e74f62cf0184f74ccff0ca1 |
|
11-Jul-2014 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: proper link for dmesg |
5aded369782f28255bc6b494ca905d7acaea7a56 |
|
08-Jul-2014 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: add a mapping for external manpages
It is annoying when we have dead links on fd.o.
Add project='man-pages|die-net|archlinux' to <citerefentry>-ies.
In generated html, add external links to
http://man7.org/linux/man-pages/man, http://linux.die.net/man/,
https://www.archlinux.org/.
By default, pages in sections 2 and 4 go to man7, since Michael
Kerrisk is the autorative source on kernel related stuff.
The rest of links goes to linux.die.net, because they have the
manpages.
Except for the pacman stuff, since it seems to be only available from
archlinux.org.
Poor gummiboot gets no link, because gummitboot(8) ain't to be found
on the net. According to common wisdom, that would mean that it does
not exist. But I have seen Kay using it, so I know it does, and
deserves to be found. Can somebody be nice and put it up somewhere? |
8d0e0ddda6501479eb69164687c83c1a7667b33a |
|
28-Jun-2014 |
Jan Engelhardt <jengelh@inai.de> |
doc: grammatical corrections |
d6797c920e9eb70f46a893c00fdd9ecb86d15f84 |
|
06-Jun-2014 |
Lennart Poettering <lennart@poettering.net> |
namespace: beef up read-only bind mount logic
Instead of blindly creating another bind mount for read-only mounts,
check if there's already one we can use, and if so, use it. Also,
recursively mark all submounts read-only too. Also, ignore autofs mounts
when remounting read-only unless they are already triggered. |
5331194c120520579eede9dba4bd9c3329629601 |
|
05-Jun-2014 |
Lennart Poettering <lennart@poettering.net> |
core: don't include /boot in effect of ProtectSystem=
This would otherwise unconditionally trigger any /boot autofs mount,
which we probably should avoid.
ProtectSystem= will now only cover /usr and (optionally) /etc, both of
which cannot be autofs anyway.
ProtectHome will continue to cover /run/user and /home. The former
cannot be autofs either. /home could be, however is frequently enough
used (unlikey /boot) so that it isn't too problematic to simply trigger
it unconditionally via ProtectHome=. |
1b8689f94983b47bf190e77ddb03a8fc6af15fb3 |
|
04-Jun-2014 |
Lennart Poettering <lennart@poettering.net> |
core: rename ReadOnlySystem= to ProtectSystem= and add a third value for also mounting /etc read-only
Also, rename ProtectedHome= to ProtectHome=, to simplify things a bit.
With this in place we now have two neat options ProtectSystem= and
ProtectHome= for protecting the OS itself (and optionally its
configuration), and for protecting the user's data. |
417116f23432073162ebfcb286a7800846482eed |
|
03-Jun-2014 |
Lennart Poettering <lennart@poettering.net> |
core: add new ReadOnlySystem= and ProtectedHome= settings for service units
ReadOnlySystem= uses fs namespaces to mount /usr and /boot read-only for
a service.
ProtectedHome= uses fs namespaces to mount /home and /run/user
inaccessible or read-only for a service.
This patch also enables these settings for all our long-running services.
Together they should be good building block for a minimal service
sandbox, removing the ability for services to modify the operating
system or access the user's private data. |
f1721625e7145977ba705e169580f2eb0002600c |
|
18-May-2014 |
Nis Martensen <nis.martensen@web.de> |
fix spelling of privilege |
b8bde11658366290521e3d03316378b482600323 |
|
08-May-2014 |
Jan Engelhardt <jengelh@inai.de> |
doc: comma placement corrections and word order
Set commas where there should be some.
Some improvements to word order. |
dca348bcbb462305864526c587495a14a76bfcde |
|
08-May-2014 |
Jan Engelhardt <jengelh@inai.de> |
doc: corrections to words and forms
This patch exchange words which are inappropriate for a situation,
deletes duplicated words, and adds particles where needed. |
70a44afee385c4afadaab9a002b3f9dd44aedf4a |
|
06-May-2014 |
Jan Engelhardt <jengelh@inai.de> |
doc: typographical fine tuning |
905826156de95d173b26e7a57df29188a1020cd0 |
|
25-Mar-2014 |
Lennart Poettering <lennart@poettering.net> |
man: be more specific when EnvironmentFile= is read
http://lists.freedesktop.org/archives/systemd-devel/2014-March/018004.html |
7f8aa67131cfc03ddcbd31c0420754864fc122f0 |
|
24-Mar-2014 |
Lennart Poettering <lennart@poettering.net> |
core: remove tcpwrap support
tcpwrap is legacy code, that is barely maintained upstream. It's APIs
are awful, and the feature set it exposes (such as DNS and IDENT
access control) questionnable. We should not support this natively in
systemd.
Hence, let's remove the code. If people want to continue making use of
this, they can do so by plugging in "tcpd" for the processes they start.
With that scheme things are as well or badly supported as they were from
traditional inetd, hence no functionality is really lost. |
c2c13f2df42e0691aecabe3979ea81cd7faa35c7 |
|
20-Mar-2014 |
Lennart Poettering <lennart@poettering.net> |
unit: turn off mount propagation for udevd
Keep mounts done by udev rules private to udevd. Also, document how
MountFlags= may be used for this. |
907afa0682c8d6f00937b11b04be6b8a26a3cd41 |
|
19-Mar-2014 |
Lennart Poettering <lennart@poettering.net> |
man: improve documentation of fs namespace related settings |
f1660f96f59dad860d39f148c3a747050d112763 |
|
18-Mar-2014 |
Lennart Poettering <lennart@poettering.net> |
core: drop CAP_MKNOD when PrivateDevices= is set |
e66cf1a3f94fff48a572f6dbd19b43c9bcf7b8c7 |
|
03-Mar-2014 |
Lennart Poettering <lennart@poettering.net> |
core: introduce new RuntimeDirectory= and RuntimeDirectoryMode= unit settings
As discussed on the ML these are useful to manage runtime directories
below /run for services. |
f513e420c8b1a1d4c13092cd378f048b69793497 |
|
26-Feb-2014 |
Lennart Poettering <lennart@poettering.net> |
exec: imply NoNewPriviliges= only when seccomp filters are used in user mode |
4298d0b5128326621c8f537107c4c8b459490721 |
|
26-Feb-2014 |
Lennart Poettering <lennart@poettering.net> |
core: add new RestrictAddressFamilies= switch
This new unit settings allows restricting which address families are
available to processes. This is an effective way to minimize the attack
surface of services, by turning off entire network stacks for them.
This is based on seccomp, and does not work on x86-32, since seccomp
cannot filter socketcall() syscalls on that platform. |
eef65bf3ee6f73afa4a5de23ae3a794a279f30c0 |
|
21-Feb-2014 |
Michael Scherer <misc@zarb.org> |
core: Add AppArmor profile switching
This permit to switch to a specific apparmor profile when starting a daemon. This
will result in a non operation if apparmor is disabled.
It also add a new build requirement on libapparmor for using this feature. |
b67f562c9cac44bd78b24f5aae78a1797c5d4182 |
|
19-Feb-2014 |
Lennart Poettering <lennart@poettering.net> |
man: document $MAINPID |
ac45f971a12280de55b834a65237f72dcacfc099 |
|
19-Feb-2014 |
Lennart Poettering <lennart@poettering.net> |
core: add Personality= option for units to set the personality for spawned processes |
e9642be2cce7f5e90406980092a6f71f504a16af |
|
18-Feb-2014 |
Lennart Poettering <lennart@poettering.net> |
seccomp: add helper call to add all secondary archs to a seccomp filter
And make use of it where appropriate for executing services and for
nspawn. |
66f756d437658cc464bfb5647c97efd0cf77f933 |
|
18-Feb-2014 |
Jan Engelhardt <jengelh@inai.de> |
doc: resolve missing/extraneous words or inappropriate forms
Issues fixed:
* missing words required by grammar
* duplicated or extraneous words
* inappropriate forms (e.g. singular/plural), and declinations
* orthographic misspellings |
73e231abde39f22097df50542c745e01de879836 |
|
18-Feb-2014 |
Jan Engelhardt <jengelh@inai.de> |
doc: update punctuation
Resolve spotted issues related to missing or extraneous commas, dashes. |
6db2742802b70938f0f2d373110ed734d4fb9813 |
|
15-Feb-2014 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: replace STDOUT with standard output, etc.
Actually 'STDOUT' is something that doesn't appear anywhere: in the
stdlib we have 'stdin', and there's only the constant STDOUT_FILENO,
so there's no reason to use capitals. When refering to code,
STDOUT/STDOUT/STDERR are replaced with stdin/stdout/stderr, and in
other places they are replaced with normal phrases like standard
output, etc. |
bcddd5bf8033b0c9cb15a9d017b7714ebe21473a |
|
15-Feb-2014 |
Jason St. John <jstjohn@purdue.edu> |
man: fix grammatical errors and other formatting issues
* standardize capitalization of STDIN, STDOUT, and STDERR
* reword some sentences for clarity
* reflow some very long lines to be shorter than ~80 characters
* add some missing <literal>, <constant>, <varname>, <option>, and <filename> tags |
57183d117a1d6a96d71ce99d648beb0d2b36228d |
|
13-Feb-2014 |
Lennart Poettering <lennart@poettering.net> |
core: add SystemCallArchitectures= unit setting to allow disabling of non-native
architecture support for system calls
Also, turn system call filter bus properties into complex types instead
of concatenated strings. |
17df7223be064b1542dbe868e3b35cca977ee639 |
|
12-Feb-2014 |
Lennart Poettering <lennart@poettering.net> |
core: rework syscall filter
- Allow configuration of an errno error to return from blacklisted
syscalls, instead of immediately terminating a process.
- Fix parsing logic when libseccomp support is turned off
- Only keep the actual syscall set in the ExecContext, and generate the
string version only on demand. |
c0467cf387548dc98c0254f63553d862b35a84e5 |
|
12-Feb-2014 |
Ronny Chevalier <chevalier.ronny@gmail.com> |
syscallfilter: port to libseccomp |
82adf6af7c72b852449346835f33184a841b4796 |
|
10-Feb-2014 |
Lennart Poettering <lennart@poettering.net> |
nspawn,man: use a common vocabulary when referring to selinux security contexts
Let's always call the security labels the same way:
SMACK: "Smack Label"
SELINUX: "SELinux Security Context"
And the low-level encapsulation is called "seclabel". Now let's hope we
stick to this vocabulary in future, too, and don't mix "label"s and
"security contexts" and so on wildly. |
0d3f7bb3a5bc6d5c0712f88a080fed388981bca3 |
|
10-Feb-2014 |
Michael Scherer <misc@zarb.org> |
exec: Add support for ignoring errors on SELinuxContext by prefixing it with -, like for others settings.
Also remove call to security_check_context, as this doesn't serve anything, since
setexeccon will fail anyway. |
7b52a628f8b43ba521c302a7f32bccf9d0dc8bfd |
|
10-Feb-2014 |
Michael Scherer <misc@zarb.org> |
exec: Add SELinuxContext configuration item
This permit to let system administrators decide of the domain of a service.
This can be used with templated units to have each service in a différent
domain ( for example, a per customer database, using MLS or anything ),
or can be used to force a non selinux enabled system (jvm, erlang, etc)
to start in a different domain for each service. |
7f112f50fea585411ea2d493b3582bea77eb4d6e |
|
20-Jan-2014 |
Lennart Poettering <lennart@poettering.net> |
exec: introduce PrivateDevices= switch to provide services with a private /dev
Similar to PrivateNetwork=, PrivateTmp= introduce PrivateDevices= that
sets up a private /dev with only the API pseudo-devices like /dev/null,
/dev/zero, /dev/random, but not any physical devices in them. |
c5b37953b7835562348d71ad5514faefa4cfb10b |
|
10-Jan-2014 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: mention which variables will be expanded in ExecStart |
e0e009c067aa7237f9683c46e5845bbb11ec67c2 |
|
26-Dec-2013 |
Jan Engelhardt <jengelh@inai.de> |
man: grammar and wording improvements
This is a recurring submission and includes corrections to:
- missing words, preposition choice.
- change of /lib to /usr/lib, because that is what most distros are
using as the system-wide location for systemd/udev files. |
b040723ea412209e0edf54647fa5aa4287411507 |
|
26-Dec-2013 |
Jan Engelhardt <jengelh@inai.de> |
man: improvements to comma placement
This is a recurring submission and includes corrections to:
comma placement. |
613b411c947635136637f8cdd66b94512f761eab |
|
27-Nov-2013 |
Lennart Poettering <lennart@poettering.net> |
service: add the ability for units to join other unit's PrivateNetwork= and PrivateTmp= namespaces |
72f4d9669c253d5bd7c126bf2e7a0db0198cf2eb |
|
15-Oct-2013 |
Jan Engelhardt <jengelh@inai.de> |
man: wording and grammar updates
This is a recurring submission and includes corrections to various
issue spotted. I guess I can just skip over reporting ubiquitous comma
placement fixes… |
59fccd82117cf9a84454f41867a882f872916dc5 |
|
02-Oct-2013 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
execute.c: always set $SHELL
In e6dca81 $SHELL was added to user@.service. Let's
instead provide it to all units which have a user. |
3fde5f30bda2a70d97f3dc8fa918e42e1c07cc2c |
|
27-Sep-2013 |
Lennart Poettering <lennart@poettering.net> |
man: drop references to "cgroup" wher appropriate
Since cgroups are mostly now an implementation detail of systemd lets
deemphasize it a bit in the man pages. This renames systemd.cgroup(5) to
systemd.resource-control(5) and uses the term "resource control" rather
than "cgroup" where appropriate.
This leaves the word "cgroup" in at a couple of places though, like for
example systemd-cgtop and systemd-cgls where cgroup stuff is at the core
of what is happening. |
43638332c4236ac2db44b0524ea5ade4f918e602 |
|
17-Sep-2013 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: add a list of environment variables |
79640424059328268b9fb6c5fa8eb777b27a177e |
|
12-Sep-2013 |
Jan Engelhardt <jengelh@inai.de> |
man: wording and grammar updates
This is a recurring submission and includes corrections to various
issue spotted. I guess I can just skip over reporting ubiquitous
comma placement fixes…
Highligts in this particular commit:
- the "unsigned" type qualifier is completed to form a full type
"unsigned int"
- alphabetic -> lexicographic (that way we automatically define how
numbers get sorted) |
f4ae69117ba47e75ff89c7d847e180af9af7436a |
|
12-Sep-2013 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: Add a note about what environment variables are available by default |
6b4991cfde6c0a0b62e836ca75ae362779c474d4 |
|
10-Sep-2013 |
Jan Engelhardt <jengelh@inai.de> |
man: wording and grammar updates
This includes regularly-submitted corrections to comma setting and
orthographical mishaps that appeared in man/ in recent commits.
In this particular commit:
- the usual comma fixes
- expand contractions (this is prose) |
ea92ae33e0fbbf8a98cd2e08ca5a850d83d57fae |
|
23-Aug-2013 |
Maciej Wereski <m.wereski@partner.samsung.com> |
"-" prefix for InaccessibleDirectories and ReadOnlyDirectories |
dc7adf202b82fc0054c457ce6ca3bcedb88dde57 |
|
19-Jul-2013 |
Lennart Poettering <lennart@poettering.net> |
man: drop the old cgroup settings from the man pages |
6ed80a4e346883b99263a1a13505ef6afcbc09c3 |
|
16-Jul-2013 |
Jason St. John <jstjohn@purdue.edu> |
man: use HTTPS links for links that support it |
6a75304e41e4487d840057a0e5f9972e141e4540 |
|
13-Jul-2013 |
Jan Engelhardt <jengelh@inai.de> |
man: wording and grammar update |
d868475ad62547f0a034dfaf038aff31b3d05372 |
|
12-Jul-2013 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: document the slice and scope units, add systemd.cgroup(5) |
05cc726731c5cec952722f1c14acb08e3d4d5e98 |
|
03-Jul-2013 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: add more formatting markup |
e9dd9f9547350c7dc0473583b5c2228dc8f0ab76 |
|
03-Jul-2013 |
Jason St. John <jstjohn@purdue.edu> |
man: improve grammar and word formatting in numerous man pages
Use proper grammar, word usage, adjective hyphenation, commas,
capitalization, spelling, etc.
To improve readability, some run-on sentences or sentence fragments were
revised.
[zj: remove the space from 'file name', 'host name', and 'time zone'.] |
74d005783e355acc784d123024e33bbb66ef9ef1 |
|
27-Jun-2013 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: use <constant> for various constants which look ugly with quotes |
97d0e5f83ba4dd713170f802b90149b7325bc992 |
|
20-Jun-2013 |
Umut Tezduyar <umut@tezduyar.com> |
manager: add DefaultEnvironment option
This complements existing functionality of setting variables
through 'systemctl set-environment', the kernel command line,
and through normal environment variables for systemd in session
mode. |
12f25b6e741bc8394f63778598fc203e3f6d4ae6 |
|
18-May-2013 |
David Strauss <david@davidstrauss.net> |
Standardize on 'file system' and 'namespace' in man pages.
This change is based on existing usage in systemd and online.
'File-system' may make sense in adjectival form, but man pages
seem to prefer 'file system' even in those situations. |
845c53246f73a505f12bb7f685a530045fa60a40 |
|
03-May-2013 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: add various filenames to the index
Everything which is an absolute filename marked with <filename></filename>
lands in the index, unless noindex= attribute is present. Should make
it easier for people to find stuff when they are looking at a file on
disk.
Various formatting errors in manpages are fixed, kernel-install(1) is
restored to formatting sanity. |
fbc15b7663730fd8c8c5cfcd54878a2e764c46ea |
|
08-Apr-2013 |
Lennart Poettering <lennart@poettering.net> |
man: be clearer that it's not OK to manipulate systemd's own cgroup hirearchy |
d91c34f21ff7445dcee3efe2368aebe2d6c266db |
|
22-Mar-2013 |
Lennart Poettering <lennart@poettering.net> |
exec: Assigning the empty string to CapabilityBoundSet= should drop all caps
Previously, it would set all caps, but it should drop them all, anything
else makes little sense.
Also, document that this works as it does, and what to do in order to
assign all caps to the bounding set.
https://bugzilla.redhat.com/show_bug.cgi?id=914705 |
c17ec25e4d9bd6c8e8617416f813e25b2ebbafc5 |
|
16-Mar-2013 |
Michal Sekletar <msekleta@redhat.com> |
core: reuse the same /tmp, /var/tmp and inaccessible dir
All Execs within the service, will get mounted the same
/tmp and /var/tmp directories, if service is configured with
PrivateTmp=yes. Temporary directories are cleaned up by service
itself in addition to systemd-tmpfiles. Directory which is mounted
as inaccessible is created at runtime in /run/systemd. |
e670b166a08b7c1031a9e7d7675fa9a29c3e19c9 |
|
14-Feb-2013 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: use <replaceable> in various places |
5f9cfd4c3877fdc68618faf9ae5efb5948e002b6 |
|
13-Feb-2013 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: rename systemd.conf to systemd-system.conf
Alias as systemd-user.conf is also provided. This should help
users running systemd in session mode.
https://bugzilla.redhat.com/show_bug.cgi?id=690868 |
ccc9a4f9ffdab069b0b785627c48962fdadf6d46 |
|
26-Jan-2013 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: extend systemd.directives(7) to all manual pages
New sections are added: PAM options, crypttab options, commandline
options, miscellaneous. The last category will be used for all
untagged <varname> elements.
Commandline options sections is meant to be a developer tool: when
adding an option it is sometimes useful to be able to check if
similarly named options exist elsewhere. |
652d0dd7097984801fca0378b762bf96e8fda029 |
|
26-Jan-2013 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: mention that PrivateTmp means /var/tmp too |
0ae9c92a933869d5695396d067aa555dacbbba08 |
|
25-Jan-2013 |
Frederic Crozat <fcrozat@suse.com> |
man: systemd.exec - explicit Environment assignment
Hi all,
while working on another bug, I discovered the "strange" way systemd is
parsing Environment= in .service and thought it was worth documenting
(because I don't expect people to find this syntax by themselves unless
they read the parsing code ;)
Be more verbose about using space in Environment field and not
using value of other variables
Fixes https://bugzilla.redhat.com/show_bug.cgi?id=840260
[zj: expand and reformat the example a bit] |
565d91fdf198b88f7c2d72c67cfc6c30341a3596 |
|
18-Jan-2013 |
Michal Vyskocil <mvyskocil@suse.cz> |
util: continuation support for load_env_file
Variable definitions can be written on more than one line - if each ends
with a backslash, then is concatenated with a previous one. Only
backslash and unix end of line (\n) are treated as a continuation.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=58083
[zj: squashed two patches together; cleaned up grammar; removed
comment about ignoring trailing backslash -- it is not ignored.]
Document continuation support in systemd.exec |
74051b9b5865586bf4d30b9075649af838fb92bd |
|
17-Jan-2013 |
Lennart Poettering <lennart@poettering.net> |
units: for all unit settings that take lists, allow the empty string for resetting the lists
https://bugzilla.redhat.com/show_bug.cgi?id=756787 |
9cc2c8b763fb4b9ddda95756a727a438a0d2a012 |
|
15-Jan-2013 |
Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> |
man: add links to directive index to see-alsos
systemd.directives(5) is renamed to systemd.directives(7).
Section 7 is "Miscellaneous". |
2bef10ab3648db144c421f7765d20dbdf1afe074 |
|
04-Jan-2013 |
Pekka Lundstrom <pekka.lundstrom@jollamobile.com> |
Added globbing support to EnvironmentFile
This patch allows globbing to be used with EnvironmentFile option.
Example:
EnvironmentFile=/etc/foo.d/*.conf
t. Pekka |
8050c22151aeaa8a0029e57bd28fc84d25077e4f |
|
27-Nov-2012 |
Kay Sievers <kay@vrfy.org> |
man: systemd.exec - mention mount(2)
https://bugzilla.redhat.com/show_bug.cgi?id=880552 |
bb11271068ff34434f5b8cefd0c2c0bae5ed7fd1 |
|
15-Nov-2012 |
Holger Hans Peter Freyther <holger@moiji-mobile.com> |
sched: Only setting CPUSchedulingPriority=rr doesn't work
A service that only sets the scheduling policy to round-robin
fails to be started. This is because the cpu_sched_priority is
initialized to 0 and is not adjusted when the policy is changed.
Clamp the cpu_sched_priority when the scheduler policy is set. Use
the current policy to validate the new priority.
Change the manual page to state that the given range only applies
to the real-time scheduling policies.
Add a testcase that verifies this change:
$ make test-sched-prio; ./test-sched-prio
[test/sched_idle_bad.service:6] CPU scheduling priority is out of range, ignoring: 1
[test/sched_rr_bad.service:7] CPU scheduling priority is out of range, ignoring: 0
[test/sched_rr_bad.service:8] CPU scheduling priority is out of range, ignoring: 100 |
df688b23daff9382b8fa2609cfcf73315a3b896e |
|
26-Oct-2012 |
Lennart Poettering <lennart@poettering.net> |
man: minor updates |
16dad32e437fdf2ffca03cc60a083d84bd31886f |
|
16-Oct-2012 |
Andrew Eikum <aeikum@codeweavers.com> |
Reword sentences that contain psuedo-English "resp."
As you likely know, Arch Linux is in the process of moving to systemd.
So I was reading through the various systemd docs and quickly became
baffled by this new abbreviation "resp.", which I've never seen before
in my English-mother-tongue life.
Some quick Googling turned up a reference:
<http://www.transblawg.eu/index.php?/archives/870-Resp.-and-other-non-existent-English-wordsNicht-existente-englische-Woerter.html>
I guess it's a literal translation of the German "Beziehungsweise", but
English doesn't work the same way. The word "respectively" is used
exclusively to provide an ordering connection between two lists. E.g.
"the prefixes k, M, and G refer to kilo-, mega-, and giga-,
respectively." It is also never abbreviated to "resp." So the sentence
"Sets the default output resp. error output for all services and
sockets" makes no sense to a natural English speaker.
This patch removes all instances of "resp." in the man pages and
replaces them with sentences which are much more clear and, hopefully,
grammatically valid. In almost all instances, it was simply replacing
"resp." with "or," which the original author (Lennart?) could probably
just do in the future.
The only other instances of "resp." are in the src/ subtree, which I
don't feel privileged to correct.
Signed-off-by: Andrew Eikum <aeikum@codeweavers.com> |
c53158818d8cdaf46b3f1b5299b9bda118a1043f |
|
13-Sep-2012 |
Thomas Hindoe Paaboel Andersen <phomes@gmail.com> |
man: fix a bunch of typos in docs
https://bugs.freedesktop.org/show_bug.cgi?id=54501 |
ac0930c892bc7979b4c9bc2a52e5e844650b025d |
|
13-Aug-2012 |
Lennart Poettering <lennart@poettering.net> |
namespace: rework namespace support
- don't use pivot_root() anymore, just reuse root hierarchy
- first create all mounts, then mark them read-only so that we get the
right behaviour when people want writable mounts inside of
read-only mounts
- don't pass invalid combinations of MS_ constants to the kernel |
4819ff0358b6317c195fd4b1768e03d09c871070 |
|
20-Jul-2012 |
Lennart Poettering <lennart@poettering.net> |
unit: split off KillContext from ExecContext containing only kill definitions |
8351ceaea9480d9c2979aa2ff0f4982cfdfef58d |
|
17-Jul-2012 |
Lennart Poettering <lennart@poettering.net> |
execute: support syscall filtering using seccomp filters |
34511ca7b166b0e89d08ff9870b0cf2624a7815f |
|
16-Jul-2012 |
Lennart Poettering <lennart@poettering.net> |
man: reword man page titles
Make sure the man page titles are similar in style and capitalization so
that our man page index looks pretty. |
e06c73cc91e02a1a3dffdb0976fef754f1109e74 |
|
16-Jul-2012 |
Lennart Poettering <lennart@poettering.net> |
unit: set default working directory to the user's home directory when running in user mode |
49f43d5f91a99b23f745726aa351d8f159774357 |
|
16-Jul-2012 |
Ville Skyttä <ville.skytta@iki.fi> |
Spelling fixes. |
cb07866b1b7c11e687a322d70dd9f9d73bbbe488 |
|
13-Jul-2012 |
Lennart Poettering <lennart@poettering.net> |
man: move header file man pages from section 7 to 3
This way we can include documentation about minor macros/inline function
within the introducionary man page in a sane way. |
d88a251b125f6e9178b9ca9ea47ab7da3234cb58 |
|
31-May-2012 |
Lennart Poettering <lennart@poettering.net> |
util: introduce a proper nsec_t and make use of it where appropriate |
ec8927ca5940e809f0b72f530582c76f1db4f065 |
|
24-May-2012 |
Lennart Poettering <lennart@poettering.net> |
main: add configuration option to alter capability bounding set for PID 1
This also ensures that caps dropped from the bounding set are also
dropped from the inheritable set, to be extra-secure. Usually that should
change very little though as the inheritable set is empty for all our uses
anyway. |
5430f7f2bc7330f3088b894166bf3524a067e3d8 |
|
12-Apr-2012 |
Lennart Poettering <lennart@poettering.net> |
relicense to LGPLv2.1 (with exceptions)
We finally got the OK from all contributors with non-trivial commits to
relicense systemd from GPL2+ to LGPL2.1+.
Some udev bits continue to be GPL2+ for now, but we are looking into
relicensing them too, to allow free copy/paste of all code within
systemd.
The bits that used to be MIT continue to be MIT.
The big benefit of the relicensing is that closed source code may now
link against libsystemd-login.so and friends. |
169c4f65131fbc7bcb51e7d5487a715cdcd0e0eb |
|
26-Mar-2012 |
Lennart Poettering <lennart@poettering.net> |
journalctl,loginctl: drop systemd- prefix in binary names
Let's make things a bit easier to type, drop the systemd- prefix for
journalctl and loginctl, but provide the old names for compat.
All systemd binaries are hence now prefixed with "systemd-" with the
exception of the three primary user interface binaries:
systemctl
loginctl
journalctl
For those three we do provide systemd-xyz names as well, via symlinks:
systemd-systemctl → systemctl
systemd-loginctl → loginctl
systemd-journalctl → journalctl
We do this only for the *primary* user tools, in order to avoid
unnecessary namespace problems. That means tools like systemd-notify
stay the way they are. |
353e12c2f4a9e96a47eb80b80d2ffb7bc1d44a1b |
|
09-Feb-2012 |
Lennart Poettering <lennart@poettering.net> |
service: ignore SIGPIPE by default |
9f056f4087b9b0c88decc33c32078f8503efa46e |
|
02-Feb-2012 |
Lennart Poettering <lennart@poettering.net> |
man: document that we support tcpwrappers only for access control
We do not support, and explicitly never want to support environment
variable settings and suchlike in tcpwrappers.
https://bugs.freedesktop.org/show_bug.cgi?id=45143 |
891703e1eef9f9850c7bd34b6d9df0e6c2c8a939 |
|
18-Jan-2012 |
Kay Sievers <kay.sievers@vrfy.org> |
persistant -> persistent |
8d53b4534a5923721b5f1e9dd7e8f4a903d02d51 |
|
18-Jan-2012 |
Lennart Poettering <lennart@poettering.net> |
exec: introduce ControlGroupPersistant= to make cgroups persistant |
706343f492725fe430879c5d4a3485d7c49b0601 |
|
06-Jan-2012 |
Lennart Poettering <lennart@poettering.net> |
journal: introduce log target 'journal' for executed processes |
7734f77373a871ffb755a99b381fd93682052b8c |
|
11-Oct-2011 |
Barry Scott <barry.scott@onelan.co.uk> |
man: for ExecStart= provide more details on env var substitution and how that turns into arguments.
For EnvironmentFile= explain that double quotes can be used
to protect whitespace. |
de6c78f8795743894431a099d26ec562a8acf3df |
|
30-Aug-2011 |
Lennart Poettering <lennart@poettering.net> |
service: change default stdout/stderr to syslog |
346bce1f4cff0096177c613987cdc80fa4ec134e |
|
30-Aug-2011 |
Lennart Poettering <lennart@poettering.net> |
stdout-bridge: rename logger to stdout-syslog-bridge to make it more descriptive |
3377af3e2232af58091f664a3223528a1017af72 |
|
29-Aug-2011 |
Lennart Poettering <lennart@poettering.net> |
man: fix securebits docs |
94959f0fa0c19ae1db0e63d9a5dfc94c660825ba |
|
21-Aug-2011 |
Lennart Poettering <lennart@poettering.net> |
exec: allow passing arbitrary path names to blkio cgroup attributes
If a device node is specified, then adjust the bandwidth/weight of it,
otherwise find the backing block device of the file system the path
refers to and adjust its bandwidth/weight. |
9e37286844f67ca7c59e923dd27ad193dfdda7eb |
|
21-Aug-2011 |
Lennart Poettering <lennart@poettering.net> |
exec: add high-level controls for blkio cgroup attributes |
ab1f063390f55e14a8de87f21c4fad199eb908a6 |
|
20-Aug-2011 |
Lennart Poettering <lennart@poettering.net> |
exec: optionally apply cgroup attributes to the cgroups we create |
ff01d048b4c1455241c894cf7982662c9d28fd34 |
|
02-Aug-2011 |
Lennart Poettering <lennart@poettering.net> |
exec: introduce PrivateNetwork= process option to turn off network access to specific services |
260d370833ba5449f77d4184a8eb80e5501be900 |
|
01-Aug-2011 |
Lennart Poettering <lennart@poettering.net> |
man: document that we default to 022 as umask |
64747e2d4b6feb61e9f9e70d36ffcf5a972e168a |
|
30-Jun-2011 |
Lennart Poettering <lennart@poettering.net> |
exec: add ControlGroupModify= switch to allow changing access mode to cgroups fs |
5f4b19f4bc4b6e747ca19f53ef33a167ecf9ac0b |
|
21-Jun-2011 |
Lennart Poettering <lennart@poettering.net> |
service: check whether sysv scripts where changed |
9f7dad774ebfad23269800b7096eaad087481deb |
|
20-Jun-2011 |
Ville Skyttä <ville.skytta@iki.fi> |
man: Documentation spelling fixes |
9a66640832d103f906c2ef609a1d19d43fc542f6 |
|
27-May-2011 |
Ozan Çağlayan < <ozan@pardus.org.tr> |
exec: Fix number of unit types
There are four unit types mentioned in here, not three |
6ea832a20700f5282c08c70f38422c6ab290a0b5 |
|
18-May-2011 |
Lennart Poettering <lennart@poettering.net> |
exec: hangup/reset/deallocate VTs in gettys
Explicitly disconnect all clients from a VT when a getty starts/finishes
(requires TIOCVHANGUP, available in 2.6.29).
Explicitly deallocate getty VTs in order to flush scrollback buffer.
Explicitly reset terminals to a defined state before spawning getty. |
3d57c6ab801f4437f12948e29589e3d00c3ad9db |
|
04-Apr-2011 |
Lennart Poettering <lennart@poettering.net> |
exec: support unlimited resources |
260abb780a135e4cae8c10715c7e85675efc345a |
|
18-Mar-2011 |
Lennart Poettering <lennart@poettering.net> |
exec: properly apply capability bounding set, add inverted bounding sets |
f1779fd27b49d7ac9e04e0e83daf5f5f3efd9d8a |
|
04-Mar-2011 |
Lennart Poettering <lennart@poettering.net> |
man: document changed EnvironmentFile= behaviour |
48c4fad9504a0449fc0ae6c230019b2f1116e9bc |
|
19-Feb-2011 |
Mike Kazantsev <mk.fraggod@gmail.com> |
man: fixed typo in SyslogIdentifier= |
28dbc1e80b0db09313f11e44f218138aefd646c8 |
|
15-Feb-2011 |
Lennart Poettering <lennart@poettering.net> |
execute: optionally forward program output to /dev/console in addition to syslog/kmsg |
2292707df5dda00662d0b4905c14aa4fa8d1f1fa |
|
18-Jan-2011 |
Lennart Poettering <lennart@poettering.net> |
man: document missing KillSignal= and swap options |
afe4bfe2c1ed28a3e75c627edf458d2f40ff16f8 |
|
06-Jan-2011 |
Lennart Poettering <lennart@poettering.net> |
fragment: allow prefixing of the EnvironmentFile= path with - to ignore errors |
5471472d441d9ac48640f11a3b07e6a1fd6d1b63 |
|
01-Jan-2011 |
Miklos Vajna <vmiklos@frugalware.org> |
man: remaining spelling fixes |
f8553ccbb3b774ab39acfc5b4dc1564bb31ef801 |
|
11-Nov-2010 |
Andrew Edmunds <Andrew.Edmunds@yahoo.com.au> |
man: Fix various typos |
169c1bda807d183a362b47efe0b5b56e9320e430 |
|
08-Oct-2010 |
Lennart Poettering <lennart@poettering.net> |
service: optionally, create INIT_PROCESS/DEAD_PROCESS entries for a service
This should fix accounting for pam_limits and suchlike.
https://bugzilla.redhat.com/show_bug.cgi?id=636036 |
96d4ce01103ebebe9335fb321667043bb620c06b |
|
06-Sep-2010 |
Michael Biebl <biebl@debian.org> |
man: Fix small typo: s/seperate/separate/ |
dd6c17b1595ff8a78ebae6cf571fd222c80bfd17 |
|
31-Aug-2010 |
Lennart Poettering <lennart@poettering.net> |
exec: replace OOMAdjust= by OOMScoreAdjust= to follow new kernel interface
This replaces OOMAdjust= by OOMScoreAdjust= in the config files,
breaking compatibility with older unit files. However, this keeps compat
with older kernels which lack the new OOM rework. |
ad678a066b4ba5d8914dd7d5a4093572841205cf |
|
07-Jul-2010 |
Conrad Meyer <cemeyer@cs.washington.edu> |
man: minor edits to daemon, sd_listen_fds, sd_notify, systemctl, systemd.exec, systemd, and systemd.timer pages
Just some minor grammar fixes. |
f3e219a238c716ffa06fab7b0618197c090dfd5a |
|
07-Jul-2010 |
Lennart Poettering <lennart@poettering.net> |
update man pages for recent changes |
74922904348e53a992af63c581d4ccd3317ccce0 |
|
05-Jul-2010 |
Lennart Poettering <lennart@poettering.net> |
turn negative options into positive options |
03fae01822b5275a2940458f65644796283a8a23 |
|
04-Jul-2010 |
Lennart Poettering <lennart@poettering.net> |
uniformly suffix time span properties with their unit |
dd1eb43ba771d4d56b20b4c93ba3acc59475f642 |
|
02-Jul-2010 |
Lennart Poettering <lennart@poettering.net> |
man: document execution context related settings |