tree-wide: remove Emacs lines from all files This should be handled fine now by .dir-locals.el, so need to carry that stuff in every file.

logind: load SELinux labelling system systemd-logind uses mkdir_label and label_fix functions without calling first mac_selinux_init. This makes /run/user/$UID/ directories not labelled correctly on an Arch Linux system using SELinux. Fix this by calling mac_selinux_init("/run") early in systemd-logind. This makes files created in /etc/udev/rules.d and /var/lib/systemd to be labelled through transitions in the SELinux policy instead of using setfscreatecon (with mac_selinux_create_file_prepare).

logind,machined: bump TasksMax= Issue #2388 suggests the current TasksMax= setting for user processes is to low. Bump it to 12K. Also, bump the container TasksMax= from 8K to 16K, so that it remains higher than the one for user processes. (Compare: the kernel default limit for processes system-wide is 32K). Fixes #2388

tree-wide: expose "p"-suffix unref calls in public APIs to make gcc cleanup easy GLIB has recently started to officially support the gcc cleanup attribute in its public API, hence let's do the same for our APIs. With this patch we'll define an xyz_unrefp() call for each public xyz_unref() call, to make it easy to use inside a __attribute__((cleanup())) expression. Then, all code is ported over to make use of this. The new calls are also documented in the man pages, with examples how to use them (well, I only added docs where the _unref() call itself already had docs, and the examples, only cover sd_bus_unrefp() and sd_event_unrefp()). This also renames sd_lldp_free() to sd_lldp_unref(), since that's how we tend to call our destructors these days. Note that this defines no public macro that wraps gcc's attribute and makes it easier to use. While I think it's our duty in the library to make our stuff easy to use, I figure it's not our duty to make gcc's own features easy to use on its own. Most likely, client code which wants to make use of this should define its own: #define _cleanup_(function) __attribute__((cleanup(function))) Or similar, to make the gcc feature easier to use. Making this logic public has the benefit that we can remove three header files whose only purpose was to define these functions internally. See #2008.

tree-wide: group include of libudev.h with sd-*

tree-wide: sort includes Sort the includes accoding to the new coding style.

logind: change default to UserTasksMax= to 4096

logind: add a new UserTasksMax= setting to logind.conf This new setting configures the TasksMax= field for the slice objects we create for each user. This alters logind to create the slice unit as transient unit explicitly instead of relying on implicit generation of slice units by simply starting them. This also enables us to set a friendly description for slice units that way.

defs: rework CONF_DIRS_NULSTR() macro The macro is generically useful for putting together search paths, hence let's make it truly generic, by dropping the implicit ".d" appending it does, and leave that to the caller. Also rename it from CONF_DIRS_NULSTR() to CONF_PATHS_NULSTR(), since it's not strictly about dirs that way, but any kind of file system path. Also, mark CONF_DIR_SPLIT_USR() as internal macro by renaming it to _CONF_PATHS_SPLIT_USR() so that the leading underscore indicates that it's internal.

treewide: apply errno.cocci with small manual cleanups for style.

util-lib: move CONF_DIRS_NULSTR definition to def.h After all, this is not some compiler or C magic, but something very specific to how systemd works, hence let's move it into def.h, and out of macro.h

util-lib: split out allocation calls into alloc-util.[ch]

util-lib: introduce dirent-util.[ch] for directory entry calls Also, move a couple of more path-related functions to path-util.c.

util-lib: split out fd-related operations into fd-util.[ch] There are more than enough to deserve their own .c file, hence move them over.

util-lib: split our string related calls from util.[ch] into its own file string-util.[ch] There are more than enough calls doing string manipulations to deserve its own files, hence do something about it. This patch also sorts the #include blocks of all files that needed to be updated, according to the sorting suggestions from CODING_STYLE. Since pretty much every file needs our string manipulation functions this effectively means that most files have sorted #include blocks now. Also touches a few unrelated include files.

Bug #944: Deletion of unnecessary checks before a few calls of systemd functions The following functions return immediately if a null pointer was passed. * calendar_spec_free * link_address_free * manager_free * sd_bus_unref * sd_journal_close * udev_monitor_unref * udev_unref It is therefore not needed that a function caller repeats a corresponding check. This issue was fixed by using the software Coccinelle 1.0.1.

logind,machined: various smaller cleanups Use mfree() where we can. Drop unnecessary {}. Drop unnecessary variable declarations. Cast syscall invocations where explicitly don't care for the return value to (void). Reword a comment.

logind: switch to sd_bus_track helper Let logind use the sd_bus_track helper object to track the controllers of sessions. This does not only remove quite some code but also kills the unconditional matches for all NameOwnerChanged signals. The latter is something we should never ever do, as it wakes up the daemon every time a client connects, which doesn't scale.

logind: fix delayed execution regression Commit c0f32805 ("logind: use sd_event timer source for inhibitor logic") reworked the main loop logic of logind so that it uses a real timeout callback handler to execute delayed functions. What the old code did, however, was to call those functions on every iteration in the main loop, not only when the timeout expired. Restore that behavior by bringing back manager_dispatch_delayed(), and call it from manager_run(). The internal event source callback manager_inhibit_timeout_handler() was turned into a wrapper of manager_dispatch_delayed() now.

everywhere: port everything to sigprocmask_many() and friends This ports a lot of manual code over to sigprocmask_many() and friends. Also, we now consistly check for sigprocmask() failures with assert_se(), since the call cannot realistically fail unless there's a programming error. Also encloses a few sd_event_add_signal() calls with (void) when we ignore the return values for it knowingly.

util: split out signal-util.[ch] from util.[ch] No functional changes.

logind: prefix some calls to unlink with (void) Make Coverity happy and tell it we're not interested in the return value of these two calls.

logind: add support for /run/nologin and /run/systemd/shutdown/scheduled Port over more code from shutdownd and teach logind to write /run/nologin at least 5 minutes before the system is going down, and /run/systemd/shutdown/scheduled when a shutdown is scheduled.

logind: add code for UTMP wall messages Add a timer to print UTMP wall messages so that it repeatedly informs users about a scheduled shutdown: * every 1 minute with less than 10 minutes to go * every 15 minutes with less than 60 minutes to go * every 30 minutes with less than 180 minutes (3 hours) to go * every 60 minutes if more than that to go This functionality only active if the .EnableWallMessages DBus property is set to true. Also, a custom string can be added to the wall message, set through the WallMessagePrefix property.

logind: add .ScheduleShutdown and .CancelScheduledShutdown methods Add a method called ScheduleShutdown in org.freedesktop.login1.Manager which adds a timer to shut down the system at a later point in time. The first argument holds the type of the schedule that is about to happen, and must be one of 'reboot', 'halt' or 'poweroff'. The second argument specifies the absolute time, based on CLOCK_REALTIME in nanoseconds, at which the the operation should be executed. To cancel a previously scheduled shutdown, the CancelScheduledShutdown() can be called, which returns a bool, indicating whether a scheduled timeout was cancelled. Also add a new property called ScheduledShutdown which returns the equivalent to what was passed in via ScheduleShutdown, as '(st)' type.

logind: make local functions static make manager_gc(), manager_startup(), manager_new(), manager_free() and manager_run() static, and kill their forward declarations.

logind: use sd_event timer source for inhibitor logic Instead of open-coding the delayed action and inhibit timeout logic, switch over to a real sd_event_source based implementation. This is not only easier to read but also allows us to add more timers in the future.

shared: add formats-util.h

login: make hold-off timeout configurable This introduces 'HoldoffTimeoutSec' to logind.conf to make IGNORE_LID_SWITCH_{SUSPEND,STARTUP}_USEC configurable. Background: If an external monitor is connected, or if the system is docked, we want to ignore LID events. This is required to support setups where a laptop is used with external peripherals while the LID is closed. However, this requires us to probe all hot-plugged devices before reacting to LID events. But with modern buses like USB, the standards do not impose any timeout on the slots, so we have no chance to know whether a given slot is used or not. Hence, after resume and startup, we have to wait a fixed timeout to give the kernel a chance to probe devices. Our timeout has always been generous enough to support even the slowest devices. However, a lot of people didn't use these features and wanted to disable the hold-off timer. Now we provide a knob to do that.

remove unused includes This patch removes includes that are not used. The removals were found with include-what-you-use which checks if any of the symbols from a header is in use.

treewide: use log_*_errno whenever %m is in the format string If the format string contains %m, clearly errno must have a meaningful value, so we might as well use log_*_errno to have ERRNO= logged. Using: find . -name '*.[ch]' | xargs sed -r -i -e \ 's/log_(debug|info|notice|warning|error|emergency)\((".*%m.*")/log_\1_errno(errno, \2/' Plus some whitespace, linewrap, and indent adjustments.

treewide: yet more log_*_errno + return simplifications Using: find . -name '*.[ch]' | while read f; do perl -i.mmm -e \ 'local $/; local $_=<>; s/(if\s*\([^\n]+\))\s*{\n(\s*)(log_[a-z_]*_errno\(\s*([->a-zA-Z_]+)\s*,[^;]+);\s*return\s+\g4;\s+}/\1\n\2return \3;/msg; print;' $f done And a couple of manual whitespace fixups.

treewide: no need to negate errno for log_*_errno() It corrrectly handles both positive and negative errno values.

treewide: auto-convert the simple cases to log_*_errno() As a followup to 086891e5c1 "log: add an "error" parameter to all low-level logging calls and intrdouce log_error_errno() as log calls that take error numbers", use sed to convert the simple cases to use the new macros: find . -name '*.[ch]' | xargs sed -r -i -e \ 's/log_(debug|info|notice|warning|error|emergency)\("(.*)%s"(.*), strerror\(-([a-zA-Z_]+)\)\);/log_\1_errno(-\4, "\2%m"\3);/' Multi-line log_*() invocations are not covered. And we also should add log_unit_*_errno().

logind: Support logind.conf.d directories in the usual search paths This makes it possible to drop in logind configuration snippets from a package or other configuration management mechanism. Add documentation to the header of /etc/logind.conf pointing the user at /etc/logind.conf.d/*.conf. Introduce a new helper, conf_parse_many, to parse configuration files in a search path.

login: pause devices before acknowledging VT switches If a session controller does not need synchronous VT switches, we allow them to pass VT control to logind, which acknowledges all VT switches unconditionally. This works fine with all sessions using the dbus API, but causes out-of-sync device use if we switch to legacy sessions that are notified via VT signals. Those are processed before logind notices the session-switch via sysfs. Therefore, leaving the old session still active for a short amount of time. This, in fact, may cause the legacy session to prepare graphics devices before the old session was deactivated, and thus, maybe causing the old session to interfer with graphics device usage. Fix this by releasing devices immediately before acknowledging VT switches. This way, sessions without VT handlers are required to support async session switching (which they do in that case, anyway).

hashmap: introduce hash_ops to make struct Hashmap smaller It is redundant to store 'hash' and 'compare' function pointers in struct Hashmap separately. The functions always comprise a pair. Store a single pointer to struct hash_ops instead. systemd keeps hundreds of hashmaps, so this saves a little bit of memory.

logind: add HandleLidSwitchDocked= option to logind.conf + documentation https://bugs.freedesktop.org/show_bug.cgi?id=82485

notify: send STOPPING=1 from our daemons

sd-bus: Remove bus arg from bus_verify_polkit_async_registry_free() It's unneccessary, not used, and complicates callers of the function.

login: share VT-signal handler between sessions sd-event does not allow multiple handlers for a single signal. However, logind sets up signal handlers for each session with VT_PROCESS set (that is, it has an active controller). Therefore, registering multiple such controllers will fail. Lets make the VT-handler global, as it's mostly trivial, anyway. This way, the sessions don't have to take care of that and we can simply acknowledge all VT-switch requests as we always did.

Let config_parse open file where applicable Special care is needed so that we get an error message if the file failed to parse, but not when it is missing. To avoid duplicating the same error check in every caller, add an additional 'warn' boolean to tell config_parse whether a message should be issued. This makes things both shorter and more robust wrt. to error reporting.

Constify ConfigTableItem tables

Remove unnecessary casts in printfs No functional change expected :)

sd-bus: introduce sd_bus_slot objects encapsulating callbacks or vtables attached to a bus connection This makes callback behaviour more like sd-event or sd-resolve, and creates proper object for unregistering callbacks. Taking the refernce to the slot is optional. If not taken life time of the slot will be bound to the underlying bus object (or in the case of an async call until the reply has been recieved).

sd-event: rework API to support CLOCK_REALTIME_ALARM and CLOCK_BOOTTIME_ALARM, too

util: replace close_nointr_nofail() by a more useful safe_close() safe_close() automatically becomes a NOP when a negative fd is passed, and returns -1 unconditionally. This makes it easy to write lines like this: fd = safe_close(fd); Which will close an fd if it is open, and reset the fd variable correctly. By making use of this new scheme we can drop a > 200 lines of code that was required to test for non-negative fds or to reset the closed fd variable afterwards.

logind: automatically remove SysV + POSIX IPC objects when the users owning them fully log out

logind: move lid switch handling from logind-main to logind-core ../src/login/logind-dbus.c:1352: error: undefined reference to 'manager_set_lid_switch_ignore' collect2: error: ld returned 1 exit status make[2]: *** [test-login-tables]

logind: make $XDG_RUNTIME_DIR a per-user tmpfs This way each user allocates from his own pool, with its own size limit. This puts the size limit by default to 10% of the physical RAM size but makes it configurable in logind.conf.

logind: ignore lid switch events for 30s after each suspend and 3min after startup This is needed to give USB docking stations and suchlike time to settle, so that a display connected to an USB docking station can actually act as a lid swith inhibitor correctly. With this change we should have somewhat reliable docking station support in place.

Remove dead lines in various places As pointed-out by clang -Wunreachable-code. No behaviour changes.

logind: detect whether the system is docked, and if it is inhibit lid switch processing This should make operation nicer with docking stations, but will not cover anything that does not implement SW_DOCK.

logind: when we wake up from suspend and the lid is still closed, go to sleep immediately again This is quite useful on laptops such as the Lenovo Yoga, where the power button is placed on the front side of the laptop and can be pressed by accident even if the lid is closed. This reworks a bit of the logind logic to repeatedly try to suspend the system as long as a lid is closed. We use the new "post" event source for this, so that we don't keep things busy. This also adds some code to check the lid status on boot, so that a powered-off machine that is accidentaly powered on goes into suspend immediately. Yay! From now on I can put my Yoga safely in my backpack without fearing that it might turn itself on and drain the battery.

api: in constructor function calls, always put the returned object pointer first (or second) Previously the returned object of constructor functions where sometimes returned as last, sometimes as first and sometimes as second parameter. Let's clean this up a bit. Here are the new rules: 1. The object the new object is derived from is put first, if there is any 2. The object we are creating will be returned in the next arguments 3. This is followed by any additional arguments Rationale: For functions that operate on an object we always put that object first. Constructors should probably not be too different in this regard. Also, if the additional parameters might want to use varargs which suggests to put them last. Note that this new scheme only applies to constructor functions, not to all other functions. We do give a lot of freedom for those. Note that this commit only changes the order of the new functions we added, for old ones we accept the wrong order and leave it like that.

logind: remove redundant check in manager_new()

logind: make sure to terminate systemd user on logouts Currently if the user logs out, the GC may never call user_stop(), this will not terminate the systemd user and (sd-pam) of that user. To fix this, remove the USER_CLOSING state check that is blocking the GC from calling user_stop(). Since if user_check_gc() returns false this means that all the sessions of the user were removed which will make user_get_state() return USER_CLOSING. Conclusion: that test will never be statisfied. So we remove the USER_CLOSING check and replace it with a check inside user_stop() this way we know that user_stop() has already queued stop jobs, no need to redo. This ensures that the GC will get its two steps correctly as pointed out by Lennart: http://lists.freedesktop.org/archives/systemd-devel/2014-February/016825.html Note: this also fixes another bug that prevents creating the user private dbus socket which will break communications with the user manager.

logind: always kill session when termination is requested KillUserProcesses=yes/no should be ignored when termination is explicitly requested.

logind: rework session shutdown logic Simplify the shutdown logic a bit: - Keep the session FIFO around in the PAM module, even after the session shutdown hook has been finished. This allows logind to track precisely when the PAM handler goes away. - In the ReleaseSession() call start a timer, that will stop terminate the session when elapsed. - Never fiddle with the KillMode of scopes to configure whether user processes should be killed or not. Instead, simply leave the scope units around when we terminate a session whose processes should not be killed. - When killing is enabled, stop the session scope on FIFO EOF or after the ReleaseSession() timeout. When killing is disabled, simply tell PID 1 to abandon the scope. Because the scopes stay around and hence all processes are always member of a scope, the system shutdown logic should be more robust, as the scopes can be shutdown as part of the usual shutdown logic.

core,logind,networkd: check for udev device initialization via enumeration matches Instead of checking each device after we got it, check wuth an enumeration filter instead, to make it more efficient.

core,logind,networkd: don't pick up devices from udev before they finished udev initialization Managers shouldn't pick up the devices the manage before udev finished initialization, hence check explicitly for that.

event: be more conservative when returning errors from event handler callbacks We really should return errors from event handlers if we have a continous problem and don't know any other solution.

bus: remove explicit activator-specific flags, the kdbus supports it now

bus: add SD_BUS_NAME_REPLACE_EXISTING to all activatable services, fix one flags conversion

bus: instead of exposing the dbus1 flags when acquiring a name use our own that are closer to kdbus This turns around DO_NOT_QUEUE into QUEUE which implies a more useful default. (And negative options are awful anyway.)

event: hook up sd-event with the service watchdog logic Adds a new call sd_event_set_watchdog() that can be used to hook up the event loop with the watchdog supervision logic of systemd. If enabled and $WATCHDOG_USEC is set the event loop will ping the invoking systemd daemon right after coming back from epoll_wait() but not more often than $WATCHDOG_USEC/4. The epoll_wait() will sleep no longer than $WATCHDOG_USEC/4*3, to make sure the service manager is called in time. This means that setting WatchdogSec= in a .service file and calling sd_event_set_watchdog() in your daemon is enough to hook it up with the watchdog logic.

bus: make sd_bus_request_name() and sd_bus_release_name() behave more like other calls Instead of returning an enum of return codes, make them return error codes like kdbus does internally. Also, document this behaviour so that clients can stick to it. (Also rework bus-control.c to always have to functions for dbus1 vs. kernel implementation of the various calls.)

core: convert PID 1 to libsystemd-bus This patch converts PID 1 to libsystemd-bus and thus drops the dependency on libdbus. The only remaining code using libdbus is a test case that validates our bus marshalling against libdbus' marshalling, and this dependency can be turned off. This patch also adds a couple of things to libsystem-bus, that are necessary to make the port work: - Synthesizing of "Disconnected" messages when bus connections are severed. - Support for attaching multiple vtables for the same interface on the same path. This patch also fixes the SetDefaultTarget() and GetDefaultTarget() bus calls which used an inappropriate signature. As a side effect we will now generate PropertiesChanged messages which carry property contents, rather than just invalidation information.

bus: introduce concept of a default bus for each thread and make use of it everywhere We want to emphasize bus connections as per-thread communication primitives, hence introduce a concept of a per-thread default bus, and make use of it everywhere.

bus: introduce concept of a "default" event loop per-thread and make use of it everywhere Try to emphasize a bit that there should be a mapping between event loops and threads, hence introduce a logic that there's one "default" event loop for each thread, that can be queried via "sd_event_default()".

Remove dead code and unexport some calls "make check-api-unused" informs us about code that is not used anymore or that is exported but only used internally. Fix these all over the place.

logind: port logind to libsystemd-bus

list: make our list macros a bit easier to use by not requring type spec on each invocation We can determine the list entry type via the typeof() gcc construct, and so we should to make the macros much shorter to use.

Move part of logind.c into a separate file liblogind-core.la was underlinked, missing a few functions defined in logind.c. They are moved to a new file, logind-core.c, and this file is linked into liblogind-core.la. In addition, logind-acl.c is attached to the liblogind-core.la, instead of systemd-logind directly.

logind: return -EINVAL when PID is wrong dbus-send --print-reply --system --dest=org.freedesktop.login1 /org/freedesktop/login1 org.freedesktop.login1.Manager.GetUserByPID uint32:0 causes systemd-logind[29843]: Assertion 'pid >= 1' failed at src/login/logind.c:938, function manager_get_user_by_pid(). Aborting.

logind: rename vtconsole to seat0 The seat->vtconsole member always points to the default seat seat0. Even if VTs are disabled, it's used as default seat. Therefore, rename it to seat0 to correctly state what it is. This also changes the seat files in /run from IS_VTCONSOLE to IS_SEAT0. It wasn't used by any code, yet, so this seems fine. While we are at it, we also remove every "if (s->vtconsole)" as this pointer is always valid!

logind: add session controllers A session usually has only a single compositor or other application that controls graphics and input devices on it. To avoid multiple applications from hijacking each other's devices or even using the devices in parallel, we add session controllers. A session controller is an application that manages a session. Specific API calls may be limited to controllers to avoid others from getting unprivileged access to restricted resources. A session becomes a controller by calling the RequestControl() dbus API call. It can drop it via ReleaseControl(). logind tracks bus-names to release the controller once an application closes the bus. We use the new bus-name tracking to do that. Note that during ReleaseControl() we need to check whether some other session also tracks the name before we remove it from the bus-name tracking list. Currently, we only allow one controller at a time. However, the public API does not enforce this restriction. So if it makes sense, we can allow multiple controllers in parallel later. Or we can add a "scope" parameter, which allows a different controller for graphics-devices, sound-devices and whatever you want. Note that currently you get -EBUSY if there is already a controller. You can force the RequestControl() call (root-only) to drop the current controller and recover the session during an emergency. To recover a seat, this is not needed, though. You can simply create a new session or force-activate it. To become a session controller, a dbus caller must either be root or the same user as the user of the session. This allows us to run a session compositor as user and we no longer need any CAP_SYS_ADMIN.

logind: add infrastructure to watch busnames If we want to track bus-names to allow exclusive resource-access, we need a way to get notified when a bus-name is gone. We make logind watch for NameOwnerChanged dbus events and check whether the name is currently watched. If it is, we remove it from the watch-list (notification for other objects can be added in follow-up patches).

logind: listen actively for session devices Session compositors need access to fbdev, DRM and evdev devices if they control a session. To make logind pass them to sessions, we need to listen for them actively. However, we avoid creating new seats for non master-of-seat devices. Only once a seat is created, we start remembering all other session devices. If the last master-device is removed (even if there are other non-master devices still available), we destroy the seat. This is the current behavior, but we need to explicitly implement it now as there may be non-master devices in the seat->devices list. Unlike master devices, we don't care whether our list of non-master devices is complete. We don't export this list but use it only as cache if sessions request these devices. Hence, if a session requests a device that is not in the list, we will simply look it up. However, once a session requested a device, we must be notified of "remove" udev events. So we must link the devices somehow into the device-list. Regarding the implementation, we now sort the device list by the "master" flag. This guarantees that master devices are at the front and non-master devices at the tail of the list. Thus, we can easily test whether a seat has a master device attached.

Verify validity of session name when received from outside Only ASCII letters and digits are allowed.

logind: be more verbose on errors

logind: restore logic to kill user processes when session ends

logind: don't misunderstand UnitRemoved signals during reloading When PID 1 reloads the units logind/machined will see UnitRemoved signals for all units. Instead of trusting these immediately, let's check the actual unit state before considering a unit gone, so that reloading PID 1 is not mistaken as the end of all sessions.

logind/machined: properly notice when units are gc'ed

machined: split out machine registration stuff from logind Embedded folks don't need the machine registration stuff, hence it's nice to make this optional. Also, I'd expect that machinectl will grow additional commands quickly, for example to join existing containers and suchlike, hence it's better keeping that separate from loginctl.

logind: port over to use scopes+slices for all cgroup stuff In order to prepare things for the single-writer cgroup scheme, let's make logind use systemd's own primitives for cgroup management. Every login user now gets his own private slice unit, in which his sessions live in a scope unit each. Also, add user@$UID.service to the same slice, and implicitly start it on first login.

logind: uninitialized variable

logind: add infrastructure to keep track of machines, and move to slices - This changes all logind cgroup objects to use slice objects rather than fixed croup locations. - logind can now collect minimal information about running VMs/containers. As fixed cgroup locations can no longer be used we need an entity that keeps track of machine cgroups in whatever slice they might be located. Since logind already keeps track of users, sessions and seats this is a trivial addition. - nspawn will now register with logind and pass various bits of metadata along. A new option "--slice=" has been added to place the container in a specific slice. - loginctl gained commands to list, introspect and terminate machines. - user.slice and machine.slice will now be pulled in by logind.service, since only logind.service requires this slice.

conf-parser: restrict .include usage Disallow recursive .include, and make it unavailable in anything but unit files.

logind: don't busy loop if a job is still running but the delay timeout expires

logind: properly enumerate user/session cgroups under their new suffixed names

Report about syntax errors with metadata The information about the unit for which files are being parsed is passed all the way down. This way messages land in the journal with proper UNIT=... or USER_UNIT=... attribution. 'systemctl status' and 'journalctl -u' not displaying those messages has been a source of confusion for users, since the journal entry for a misspelt setting was often logged quite a bit earlier than the failure to start a unit. Based-on-a-patch-by: Oleksii Shevchuk <alxchk@gmail.com>

nspawn: introduce the new /machine/ tree in the cgroup tree and move containers there Containers will now carry a label (normally derived from the root directory name, but configurable by the user), and the container's root cgroup is /machine/<label>. This label is called "machine name", and can cover both containers and VMs (as soon as libvirt also makes use of /machine/). libsystemd-login can be used to query the machine name from a process. This patch also includes numerous clean-ups for the cgroup code.

logind: when looking for cgroup prefixes, allocate from stack

Fix spelling errors using 'codespell' tool

Use initalization instead of explicit zeroing Before, we would initialize many fields twice: first by filling the structure with zeros, and then a second time with the real values. We can let the compiler do the job for us, avoiding one copy. A downside of this patch is that text gets slightly bigger. This is because all zero() calls are effectively inlined: $ size build/.libs/systemd text data bss dec hex filename before 897737 107300 2560 1007597 f5fed build/.libs/systemd after 897873 107300 2560 1007733 f6075 build/.libs/systemd … actually less than 1‰. A few asserts that the parameter is not null had to be removed. I don't think this changes much, because first, it is quite unlikely for the assert to fail, and second, an immediate SEGV is almost as good as an assert.

logind: explicitly create state directories during early initialization Strictly speaking this isn't necessary for the /run/systemd/seats/ directory, since that is created anyway as the first seat is found, and seat0 is always found. But let's be explicit here, and also create the sessions/ and users/ directories, so that people can always install inotify watches from very early on, even when nobody logged in yet.

update TODO

logind: rename "seat-master" tag to "master-of-seat" We currently enforce that seats are to be named in the form of "seatXXX", i.e. need to begin with the 4 characters "seat". Thus, "seat-master" would qualify as a seat name. As seat names are frequently used as tags on devices, the "seat-master" tag might hence confuse logind if the user decides to name a seat "seat-master". Hence, avoid any ambuigity: let's rename the "seat-master" tag to "master-of-seat".

logind: rework delay inhibition logic - Don't allow any locks to be taken while we are in the process of executing the specific operation, so that apps are not surprised if a suspend/shutdown happens while they rely on their inhibitor. - Get rid of the Resumed signal, it was a bad idea, and redundant due to PrepareForSleep(false), see below. - Always send out PrepareFor{Shutdown,Sleep} signals, instead of only if a delay lock is taken. - Move PrepareForSleep(false) after we come back from the suspend, so that apps can use this as "Resumed" notification. This also has the benefit that apps know when to take a new lock.

logind: only allow one shutdown/sleep action to be queued at the same time This should make sure that closing the lid while shutting down won't suspend the machine but will simply cause the shutdown to complete.

logind: Capability of making seats without framebuffer devices file logind.c: The seat is now activated by any device with udev tag "seat-master" file 71-seat.rules.in: All framebuffer devices have this tag

logind: add support for automatic suspend/hibernate/shutdown on idle

logind: split up HandleSleepKey= into HandleSuspendKey= and HandleHibernateKey= The kernel and X11 distuingish these two, and Thinkpad keys have both, hence we really should distinguish them too.

logind: allow users to override their own suspend/sleep inhibitors

logind: if a lid-switch lock was taken while the lid was closed, recheck lid status when the lock is released

logind: rework power key/suspend key/lid switch handling http://lists.freedesktop.org/archives/systemd-devel/2012-September/006604.html https://bugzilla.gnome.org/show_bug.cgi?id=680689 This changes the meaning of the HandlePowerKey=/HandleSleepKey=/HandleLidSwitch= setting of logind.conf

logind: make VT reservation logic compatible with containers

logind: make sure there's always a getty available on TTY6 Previously, if X allocated all 6 TTYs (for multi-session for example) no getty would be available anymore to guarantee console-based logins. With the new ReserveVT= switch in logind.conf we can now choose one VT (6 by default) that will always be subject to autovt-style activation, i.e. we'll always have a getty on TTY6, and X will never take possession of it.

logind: use bus_method_call_with_reply() where posible

log.h: new log_oom() -> int -ENOMEM, use it also a number of minor fixups and bug fixes: spelling, oom errors that didn't print errors, not properly forwarding error codes, few more consistency issues, et cetera

use "Out of memory." consistantly (or with "\n") glibc/glib both use "out of memory" consistantly so maybe we should consider that instead of this. Eliminates one string out of a number of binaries. Also fixes extra newline in udev/scsi_id

unit: introduce %s specifier for the user shell

logind: more robust handling of VT-less systems Restore the check that was removed in commit 74afee9c. Its removal caused a regression on some s390x systems where for whatever reason the device node /dev/tty0 exists and makes the preceding access() check pass.

logind: properly clean up user cgroups when they run empty

logind: rework button setting semantics If a graphical session without full DE that handles power/suspend events is used this can now be controlled by logind instead, optionally.

logind: optionally handle power, sleep and lid switch events This takes handling of chassis power and sleep keys as well as the lid switch over from acpid. This logic is enabled by default for power and sleep keys, but not for the lid switch. If a graphical session is in the foreground no action is taken under the assumption that the graphical session does this.

logind: implement suspend/hibernate calls with inhibition logic

logind: implement delay inhibitor locks in addition to block inhibitor locks This is useful to allow applications to synchronously save data before the system is suspended or shut down.

logind: remove redundant entries from logind's default controller lists too

logind: hook up inhibit logic with idle hint logic

logind: add shutdown/suspend/idle inhibition framework

logind: explicitly check for /dev/tty0

relicense to LGPLv2.1 (with exceptions) We finally got the OK from all contributors with non-trivial commits to relicense systemd from GPL2+ to LGPL2.1+. Some udev bits continue to be GPL2+ for now, but we are looking into relicensing them too, to allow free copy/paste of all code within systemd. The bits that used to be MIT continue to be MIT. The big benefit of the relicensing is that closed source code may now link against libsystemd-login.so and friends.

logind: log with AUTH facility

rename /etc/systemd/systemd-{login,journal}d.conf to {login,journal}d.conf

cgroup: when getting cgroup empty notifications, always search up the tree

logind: if we have to stop a session, kill at least its leader

build-sys: move public header files into a dir of their own

logind: add needed include for sd_notify()

journald: parse configuration file

logind: don't watch vcsa if nobody cares

logind: if we can't open /dev/tty0, assume there is no VT subsystem and don't pretend we could do VT switching

logind: move logind into its own subdirectory