Commit f5e65279 authored by Michael Biebl's avatar Michael Biebl
Browse files

New upstream version 235

parent 81c58355
......@@ -18,3 +18,7 @@ charset = utf-8
[*.{c,h}]
indent_style = space
indent_size = 8
[meson.build]
indent_style = space
indent_size = 8
......@@ -26,7 +26,7 @@ If you discover a security vulnerability, we'd appreciate a non-public disclosur
* Make sure to post PRs only relative to a very recent git master.
* Follow our [Coding Style](https://raw.githubusercontent.com/systemd/systemd/master/CODING_STYLE) when contributing code. This is a requirement for all code we merge.
* Please make sure to test your change before submitting the PR. See [HACKING](https://raw.githubusercontent.com/systemd/systemd/master/HACKING) for details how to do this.
* Make sure to run "make check" locally, before posting your PR. We use a CI system, meaning we don't even look at your PR, if the build and tests don't pass.
* Make sure to run the test suite locally, before posting your PR. We use a CI system, meaning we don't even look at your PR, if the build and tests don't pass.
* If you need to update the code in an existing PR, force-push into the same branch, overriding old commits with new versions.
* After you have pushed a new version, add a comment about the new version (no notification is sent just for the commits, so it's easy to miss the update without an explicit comment). If you are a member of the systemd project on github, remove the `reviewed/needs-rework` label.
......
*.a
*.cache
*.gch
*.la
*.lo
*.log
*.o
*.plist
*.py[co]
*.stamp
*.swp
*.trs
*~
.config.args
.deps/
.dirstamp
.libs/
/*.gcda
/*.gcno
/*.tar.bz2
/*.tar.gz
/*.tar.xz
/30-systemd-environment-d-generator
/GPATH
/GRTAGS
/GSYMS
/GTAGS
/Makefile
/TAGS
/ata_id
/bootctl
/build*
/busctl
/cdrom_id
/collect
/coredumpctl
/coverage/
/defined
/exported
/exported-*
/hostnamectl
/image.raw
/image.raw.cache-pre-dev
/image.raw.cache-pre-inst
/install-tree
/journalctl
/libtool
/linuxx64.efi.stub
/localectl
/loginctl
/machinectl
/mtd_probe
/networkctl
/scsi_id
/systemctl
/systemd
/systemd-ac-power
/systemd-analyze
/systemd-ask-password
/systemd-backlight
/systemd-binfmt
/systemd-bootx64.efi
/systemd-cat
/systemd-cgls
/systemd-cgroups-agent
/systemd-cgtop
/systemd-coredump
/systemd-cryptsetup
/systemd-cryptsetup-generator
/systemd-dbus1-generator
/systemd-debug-generator
/systemd-delta
/systemd-detect-virt
/systemd-dissect
/systemd-escape
/systemd-export
/systemd-firstboot
/systemd-fsck
/systemd-fstab-generator
/systemd-getty-generator
/systemd-gpt-auto-generator
/systemd-hibernate-resume
/systemd-hibernate-resume-generator
/systemd-hostnamed
/systemd-hwdb
/systemd-import
/systemd-importd
/systemd-inhibit
/systemd-initctl
/systemd-journal-gatewayd
/systemd-journal-remote
/systemd-journal-upload
/systemd-journald
/systemd-localed
/systemd-logind
/systemd-machine-id-setup
/systemd-machined
/systemd-modules-load
/systemd-mount
/systemd-networkd
/systemd-networkd-wait-online
/systemd-notify
/systemd-nspawn
/systemd-path
/systemd-pull
/systemd-quotacheck
/systemd-random-seed
/systemd-rc-local-generator
/systemd-remount-fs
/systemd-reply-password
/systemd-resolve
/systemd-resolved
/systemd-rfkill
/systemd-run
/systemd-shutdown
/systemd-sleep
/systemd-socket-activate
/systemd-socket-proxyd
/systemd-stdio-bridge
/systemd-sysctl
/systemd-system-update-generator
/systemd-sysusers
/systemd-sysv-generator
/systemd-timedated
/systemd-timesyncd
/systemd-tmpfiles
/systemd-tty-ask-password-agent
/systemd-udevd
/systemd-update-done
/systemd-update-utmp
/systemd-user-sessions
/systemd-vconsole-setup
/systemd-veritysetup
/systemd-veritysetup-generator
/systemd-volatile-root
/mkosi.builddir/
/tags
/test-acd
/test-acl-util
/test-af-list
/test-alloc-util
/test-architecture
/test-arphrd-list
/test-ask-password-api
/test-async
/test-audit-type
/test-barrier
/test-bitmap
/test-boot-timestamps
/test-btrfs
/test-bus-benchmark
/test-bus-chat
/test-bus-cleanup
/test-bus-creds
/test-bus-error
/test-bus-gvariant
/test-bus-introspect
/test-bus-kernel
/test-bus-kernel-bloom
/test-bus-marshal
/test-bus-match
/test-bus-objects
/test-bus-policy
/test-bus-server
/test-bus-signature
/test-bus-track
/test-bus-vtable
/test-bus-vtable-cc
/test-bus-zero-copy
/test-calendarspec
/test-cap-list
/test-capability
/test-catalog
/test-cgroup
/test-cgroup-mask
/test-cgroup-util
/test-clock
/test-compress
/test-compress-benchmark
/test-condition
/test-conf-files
/test-conf-parser
/test-copy
/test-coredump-vacuum
/test-cpu-set-util
/test-daemon
/test-date
/test-device-nodes
/test-dnssec-complex
/test-dhcp-client
/test-dhcp-option
/test-dhcp-server
/test-dhcp6-client
/test-dissect-image
/test-dns-domain
/test-dns-packet
/test-dnssec
/test-efi-disk.img
/test-ellipsize
/test-engine
/test-env-util
/test-escape
/test-event
/test-exec-util
/test-execute
/test-extract-word
/test-fd-util
/test-fdset
/test-fileio
/test-firewall-util
/test-fs-util
/test-fstab-util
/test-glob-util
/test-hash
/test-hashmap
/test-hexdecoct
/test-hostname
/test-hostname-util
/test-id128
/test-inhibit
/test-install
/test-install-root
/test-io-util
/test-ipcrm
/test-ipv4ll
/test-ipv4ll-manual
/test-job-type
/test-journal
/test-journal-enum
/test-journal-flush
/test-journal-importer
/test-journal-init
/test-journal-interleaving
/test-journal-match
/test-journal-send
/test-journal-stream
/test-journal-syslog
/test-journal-verify
/test-keymap-util
/test-libsystemd-sym*
/test-libudev
/test-libudev-sym*
/test-list
/test-lldp
/test-local-addresses
/test-locale-util
/test-log
/test-login
/test-login-shared
/test-login-tables
/test-loopback
/test-machine-tables
/test-mmap-cache
/test-mount-util
/test-namespace
/test-ndisc-rs
/test-netlink
/test-netlink-manual
/test-networkd-conf
/test-network
/test-network-tables
/test-ns
/test-nss
/test-parse-util
/test-patch-uid
/test-path
/test-path-lookup
/test-path-util
/test-prioq
/test-proc-cmdline
/test-process-util
/test-pty
/test-qcow2
/test-random-util
/test-ratelimit
/test-replace-var
/test-resolve
/test-resolve-tables
/test-resolved-packet
/test-ring
/test-rlimit-util
/test-sched-prio
/test-sd-dhcp-lease
/test-seccomp
/test-selinux
/test-set
/test-sizeof
/test-sigbus
/test-signal-util
/test-siphash24
/test-sleep
/test-socket-util
/test-stat-util
/test-strbuf
/test-string-util
/test-strip-tab-ansi
/test-strv
/test-strxcpyx
/test-tables
/test-terminal-util
/test-time
/test-timesync
/test-tmpfiles
/test-udev
/test-uid-range
/test-unaligned
/test-unit-file
/test-unit-name
/test-user-util
/test-utf8
/test-util
/test-verbs
/test-watchdog
/test-web-util
/test-xattr-util
/test-xml
/timedatectl
/udevadm
/undefined
/v4l_id
Makefile.in
__pycache__/
*.py[co]
aclocal.m4
config.h
config.h.in
config.log
config.status
configure
stamp-*
......@@ -123,3 +123,12 @@ Federico Di Pierro <nierro92@gmail.com>
Josef Andersson <josef.andersson@fripost.org>
Josef Andersson <l10nl18nsweja@gmail.com>
Hendrik Westerberg <hendrik@gestorf.com>
Stefan Pietsch <mail.ipv4v6@gmail.com>
Jérémy Rosen <jeremy.rosen@enst-bretagne.fr>
Vasilis Liaskovitis <vliaskov@gmail.com>
Daniel Kahn Gillmor <dkg@fifthhorseman.net>
Tomasz Pala <gotar@polanet.pl>
Dmitriy Geels <dmitriy.geels@gmail.com>
Beniamino Galvani <bgalvani@redhat.com> <bengal@users.noreply.github.com>
Justin Capella <justincapella@gmail.com> <b1tninja@users.noreply.github.com>
Daniel Șerbănescu <dasj19@users.noreply.github.com>
../src/Makefile
\ No newline at end of file
......@@ -48,7 +48,7 @@ BuildPackages=
kmod
libcap
libgcrypt
libidn2
libidn
libmicrohttpd
libseccomp
libtool
......@@ -56,6 +56,7 @@ BuildPackages=
libxkbcommon
libxslt
lz4
m4
meson
pam
pkgconfig
......@@ -63,6 +64,7 @@ BuildPackages=
python-lxml
qrencode
xz
# TODO use libidn2 once it's available in official repositories
Packages=
libidn2
libidn
......@@ -65,6 +65,7 @@ BuildPackages=
libsmartcols-dev
libtool
libxkbcommon-dev
m4
meson
pkg-config
python3
......
......@@ -62,6 +62,7 @@ BuildPackages=
libxslt
lz4
lz4-devel
m4
meson
pam-devel
pkgconfig
......
......@@ -6,29 +6,29 @@ HOWTO:
1) Find the right configure parameters for:
--with-rootprefix=
--with-sysvinit-path=
--with-sysvrcnd-path=
--with-rc-local-script-path-start=
--with-rc-local-script-path-stop=
--with-kbd-loadkeys=
--with-kbd-setfont=
--with-tty-gid=
--with-ntp-servers=
--with-support-url=
-D rootprefix=
-D sysvinit-path=
-D sysvrcnd-path=
-D rc-local=
-D halt-local=
-D loadkeys-path=
-D setfont-path=
-D tty-gid=
-D ntp-servers=
-D dns-servers=
-D support-url=
2) Try it out. Play around (as an ordinary user) with
'/usr/lib/systemd/systemd --test --system' for a test run
of systemd without booting. This will read the unit files and
print the initial transaction it would execute during boot-up.
This will also inform you about ordering loops and suchlike
This will also inform you about ordering loops and suchlike.
NTP POOL:
By default, timesyncd uses the Google Public NTP servers
time[1-4].google.com. They serve time that uses a leap second
smear, and can be up to .5s off from servers that use stepped
leap seconds.
By default, systemd-timesyncd uses the Google Public NTP servers
time[1-4].google.com, if no other NTP configuration is available. They
serve time that uses a leap second smear, and can be up to .5s off from
servers that use stepped leap seconds.
https://developers.google.com/time/smear
......@@ -39,6 +39,17 @@ NTP POOL:
http://www.pool.ntp.org/en/vendors.html
Use -D ntp-servers= to direct systemd-timesyncd to different fallback
NTP servers.
DNS SERVERS:
By default, systemd-resolved uses the Google Public DNS servers
8.8.8.8, 8.8.4.4, 2001:4860:4860::8888, 2001:4860:4860::8844 as
fallback, if no other DNS configuration is available.
Use -D dns-servers= to direct systemd-resolved to different fallback
DNS servers.
PAM:
The default PAM config shipped by systemd is really bare bones.
It does not include many modules your distro might want to enable
......@@ -46,17 +57,15 @@ PAM:
/etc/security/limits.conf will not be read unless you load pam_limits.
Make sure you add modules your distro expects from user services.
Pass --with-pamconfdir=no to ./configure to avoid installing this file
and instead install your own.
Pass -D pamconfdir=no to meson to avoid installing this file and
instead install your own.
CONTRIBUTING UPSTREAM:
We generally do no longer accept distribution-specific
patches to systemd upstream. If you have to make changes to
systemd's source code to make it work on your distribution,
unless your code is generic enough to be generally useful, we
are unlikely to merge it. Please always consider adopting the
upstream defaults. If that is not possible, please maintain
the relevant patches downstream.
We generally do no longer accept distribution-specific patches to
systemd upstream. If you have to make changes to systemd's source code
to make it work on your distribution, unless your code is generic
enough to be generally useful, we are unlikely to merge it. Please
always consider adopting the upstream defaults. If that is not
possible, please maintain the relevant patches downstream.
Thank you for understanding.
......@@ -64,3 +64,17 @@ installed systemd tests:
* `$SYSTEMD_TEST_DATA` — override the location of test data. This is useful if
a test executable is moved to an arbitrary location.
nss-systemd:
* `$SYSTEMD_NSS_BYPASS_SYNTHETIC=1` — if set, `nss-systemd` won't synthesize
user/group records for the `root` and `nobody` users if they are missing from
`/etc/passwd`.
* `$SYSTEMD_NSS_DYNAMIC_BYPASS=1` — if set, `nss-systemd` won't return
user/group records for dynamically registered service users (i.e. users
registered through `DynamicUser=1`).
* `$SYSTEMD_NSS_BYPASS_BUS=1` — if set, `nss-systemd` won't use D-Bus to do
dynamic user lookups. This is primarily useful to make `nss-systemd` work
safely from within `dbus-daemon`.
......@@ -56,15 +56,17 @@ for systemd (this example is for Fedora):
$ git clone https://github.com/systemd/systemd.git
$ cd systemd
$ vim src/core/main.c # or wherever you'd like to make your changes
$ ./autogen.sh c # configure the source tree
$ make -j `nproc` # build it locally, see if everything compiles fine
$ make -j `nproc` check # run some simple regression tests
$ meson build # configure the build
$ ninja -C build # build it locally, see if everything compiles fine
$ ninja -C build test # run some simple regression tests
$ sudo mkosi # build a test image
$ sudo systemd-nspawn -bi image.raw # boot up the test image
$ git add -p # interactively put together your patch
$ git commit # commit it
$ ...
$ git push REMOTE HEAD:refs/heads/BRANCH
# where REMOTE is your "fork" on github
# and BRANCH is a branch name.
And after that, please submit your branch as PR to systemd via github.
And after that, head over to your repo on github and click "Compare & pull request"
Happy hacking!
all:
ninja -C build
install:
DESTDIR=$(DESTDIR) ninja -C build install
This diff is collapsed.
This diff is collapsed.
systemd System and Service Manager
CHANGES WITH 235:
* A new modprobe.d drop-in is now shipped by default that sets the
bonding module option max_bonds=0. This overrides the kernel default,
to avoid conflicts and ambiguity as to whether or not bond0 should be
managed by systemd-networkd or not. This resolves multiple issues
with bond0 properties not being applied, when bond0 is configured
with systemd-networkd. Distributors may choose to not package this,
however in that case users will be prevented from correctly managing
bond0 interface using systemd-networkd.
* systemd-analyze gained new verbs "get-log-level" and "get-log-target"
which print the logging level and target of the system manager. They
complement the existing "set-log-level" and "set-log-target" verbs
used to change those values.
* journald.conf gained a new boolean setting ReadKMsg= which defaults
to on. If turned off kernel log messages will not be read by
systemd-journald or included in the logs. It also gained a new
setting LineMax= for configuring the maximum line length in
STDOUT/STDERR log streams. The new default for this value is 48K, up
from the previous hardcoded 2048.
* A new unit setting RuntimeDirectoryPreserve= has been added, which
allows more detailed control of what to do with a runtime directory
configured with RuntimeDirectory= (i.e. a directory below /run or
$XDG_RUNTIME_DIR) after a unit is stopped.
* The RuntimeDirectory= setting for units gained support for creating
deeper subdirectories below /run or $XDG_RUNTIME_DIR, instead of just
one top-level directory.
* Units gained new options StateDirectory=, CacheDirectory=,
LogsDirectory= and ConfigurationDirectory= which are closely related
to RuntimeDirectory= but manage per-service directories below
/var/lib, /var/cache, /var/log and /etc. By making use of them it is
possible to write unit files which when activated automatically gain
properly owned service specific directories in these locations, thus
making unit files self-contained and increasing compatibility with
stateless systems and factory reset where /etc or /var are
unpopulated at boot. Matching these new settings there's also
StateDirectoryMode=, CacheDirectoryMode=, LogsDirectoryMode=,
ConfigurationDirectoryMode= for configuring the access mode of these
directories. These settings are particularly useful in combination
with DynamicUser=yes as they provide secure, properly-owned,
writable, and stateful locations for storage, excluded from the
sandbox that such services live in otherwise.
* Automake support has been removed from this release. systemd is now
Meson-only.
* systemd-journald will now aggressively cache client metadata during
runtime, speeding up log write performance under pressure. This comes
at a small price though: as much of the metadata is read
asynchronously from /proc/ (and isn't implicitly attached to log
datagrams by the kernel, like UID/GID/PID/SELinux are) this means the
metadata stored alongside a log entry might be slightly
out-of-date. Previously it could only be slightly newer than the log
message. The time window is small however, and given that the kernel
is unlikely to be improved anytime soon in this regard, this appears
acceptable to us.
* nss-myhostname/systemd-resolved will now by default synthesize an
A/AAAA resource record for the "_gateway" hostname, pointing to the
current default IP gateway. Previously it did that for the "gateway"
name, hampering adoption, as some distributions wanted to leave that
host name open for local use. The old behaviour may still be
requested at build time.
* systemd-networkd's [Address] section in .network files gained a new
Scope= setting for configuring the IP address scope. The [Network]
section gained a new boolean setting ConfigureWithoutCarrier= that
tells systemd-networkd to ignore link sensing when configuring the
device. The [DHCP] section gained a new Anonymize= boolean option for
turning on a number of options suggested in RFC 7844. A new
[RoutingPolicyRule] section has been added for configuring the IP
routing policy. The [Route] section has gained support for a new
Type= setting which permits configuring
blackhole/unreachable/prohibit routes.
* The [VRF] section in .netdev files gained a new Table= setting for
configuring the routing table to use. The [Tunnel] section gained a
new Independent= boolean field for configuring tunnels independent of
an underlying network interface. The [Bridge] section gained a new
GroupForwardMask= option for configuration of propagation of link
local frames between bridge ports.
* The WakeOnLan= setting in .link files gained support for a number of
new modes. A new TCP6SegmentationOffload= setting has been added for
configuring TCP/IPv6 hardware segmentation offload.
* The IPv6 RA sender implementation may now optionally send out RDNSS
and RDNSSL records to supply DNS configuration to peers.
* systemd-nspawn gained support for a new --system-call-filter= command
line option for adding and removing entries in the default system
call filter it applies. Moreover systemd-nspawn has been changed to
implement a system call whitelist instead of a blacklist.
* systemd-run gained support for a new --pipe command line option. If
used the STDIN/STDOUT/STDERR file descriptors passed to systemd-run