Compare commits
7 Commits
2f2c60d7fe
...
ae366f3acb
| Author | SHA1 | Date |
|---|---|---|
Zbigniew Jędrzejewski-Szmek
|
ae366f3acb | |
|
Lennart Poettering
|
cae1e8fb88 | |
|
Zbigniew Jędrzejewski-Szmek
|
3660da17b0 | |
|
Amitanand.Chikorde
|
e7e954243a | |
|
Zbigniew Jędrzejewski-Szmek
|
b67ec8e5b2 | |
|
Zbigniew Jędrzejewski-Szmek
|
5919bd3df3 | |
|
Yu Watanabe
|
94ec163ad2 |
78
NEWS
78
NEWS
|
|
@ -114,7 +114,7 @@ CHANGES WITH 246:
|
|||
|
||||
* tmpfs mounts automatically created by systemd (/tmp, /run, /dev/shm,
|
||||
and others) now have a size and inode limits applied (50% of RAM for
|
||||
/tmp, 10% of RAM for /dev/shm, etc.)
|
||||
/tmp and /dev/shm, 10% of RAM for other mounts, etc.)
|
||||
|
||||
* nss-mymachines lost support for resolution of users and groups, and
|
||||
now only does resolution of hostnames. This functionality is now
|
||||
|
|
@ -564,45 +564,45 @@ CHANGES WITH 246:
|
|||
distribution-specific defaults in .mkosi/ based on your preference.
|
||||
|
||||
Contributions from: 24bisquitz, Adam Nielsen, Alan Perry, Alexander
|
||||
Malafeev, Alin Popa, Alvin Šipraga, Amos Bird, Andreas Rammhold,
|
||||
AndreRH, Andrew Doran, Anita Zhang, Ankit Jain, antznin, Arnaud
|
||||
Ferraris, Arthur Moraes do Lago, Arusekk, Balaji Punnuru, Balint
|
||||
Reczey, Bastien Nocera, bemarek, Benjamin Berg, Benjamin Dahlhoff,
|
||||
Benjamin Robin, Chris Down, Chris Kerr, Christian Göttsche, Christian
|
||||
Hesse, Christian Oder, Ciprian Hacman, Clinton Roy, codicodi, Corey
|
||||
Hinshaw, Daan De Meyer, Dana Olson, Dan Callaghan, Daniel Fullmer,
|
||||
Daniel Rusek, Dan Streetman, Dave Reisner, David Edmundson, David Wood,
|
||||
Denis Pronin, Diego Escalante Urrelo, Dimitri John Ledkov,
|
||||
dolphrundgren, duguxy, Einsler Lee, Elisei Roca, Emmanuel Garette, Eric
|
||||
Anderson, Eric DeVolder, Evgeny Vereshchagin, ExtinctFire, fangxiuning,
|
||||
Ferran Pallarès Roca, Filipe Brandenburger, Filippo Falezza, Finn,
|
||||
Florian Klink, Florian Mayer, Franck Bui, Frantisek Sumsal, gaurav,
|
||||
Georg Müller, Gergely Polonkai, Giedrius Statkevičius, Gigadoc2,
|
||||
gogogogi, gzjsgdsb, Hans de Goede, Haochen Tong, ianhi, ignapk, Jakov
|
||||
Smolic, James T. Lee, Jan Janssen, Jan Klötzke, Jan Palus, Jay Burger,
|
||||
Jeremy Cline, Jérémy Rosen, Jian-Hong Pan, Jiri Slaby, Joel Shapiro,
|
||||
Joerg Behrmann, Jörg Thalheim, Jouke Witteveen, Kai-Heng Feng, Kenny
|
||||
Levinsen, Kevin Kuehler, Kumar Kartikeya Dwivedi, layderv, laydervus,
|
||||
Lénaïc Huard, Lennart Poettering, Lidong Zhong, Luca Boccassi, Luca
|
||||
BRUNO, Lucas Werkmeister, Lukas Klingsbo, Lukáš Nykrýn, Łukasz
|
||||
Stelmach, Maciej S. Szmigiero, MadMcCrow, Marc-André Lureau, Marcel
|
||||
Holtmann, Marc Kleine-Budde, Martin Hundebøll, Matthew Leeds, Matt
|
||||
Ranostay, Maxim Fomin, MaxVerevkin, Michael Biebl, Michael Chapman,
|
||||
Michael Gubbels, Michael Marley, Michał Bartoszkiewicz, Michal Koutný,
|
||||
Michal Sekletár, Mike Gilbert, Mike Kazantsev, Mikhail Novosyolov, ml,
|
||||
Motiejus Jakštys, nabijaczleweli, nerdopolis, Niccolò Maggioni, Niklas
|
||||
Hambüchen, Norbert Lange, Paul Cercueil, pelzvieh, Peter Hutterer,
|
||||
Piero La Terza, Pieter Lexis, Piotr Drąg, Rafael Fontenelle, Richard
|
||||
Petri, Ronan Pigott, Ross Lagerwall, Rubens Figueiredo, satmandu,
|
||||
Sean-StarLabs, Sebastian Jennen, sterlinghughes, Surhud More, Susant
|
||||
Sahani, szb512, Thomas Haller, Tobias Hunger, Tom, Tomáš Pospíšek,
|
||||
Tomer Shechner, Tom Hughes, Topi Miettinen, Tudor Roman, Uwe
|
||||
Kleine-König, Valery0xff, Vito Caputo, Vladimir Panteleev, Vladyslav
|
||||
Tronko, Wen Yang, Yegor Vialov, Yigal Korman, Yi Gao, YmrDtnJu, Yuri
|
||||
Chornoivan, Yu Watanabe, Zbigniew Jędrzejewski-Szmek, Zhu Li, Дамјан
|
||||
Георгиевски, наб
|
||||
Malafeev, Amitanand.Chikorde, Alin Popa, Alvin Šipraga, Amos Bird,
|
||||
Andreas Rammhold, AndreRH, Andrew Doran, Anita Zhang, Ankit Jain,
|
||||
antznin, Arnaud Ferraris, Arthur Moraes do Lago, Arusekk, Balaji
|
||||
Punnuru, Balint Reczey, Bastien Nocera, bemarek, Benjamin Berg,
|
||||
Benjamin Dahlhoff, Benjamin Robin, Chris Down, Chris Kerr, Christian
|
||||
Göttsche, Christian Hesse, Christian Oder, Ciprian Hacman, Clinton Roy,
|
||||
codicodi, Corey Hinshaw, Daan De Meyer, Dana Olson, Dan Callaghan,
|
||||
Daniel Fullmer, Daniel Rusek, Dan Streetman, Dave Reisner, David
|
||||
Edmundson, David Wood, Denis Pronin, Diego Escalante Urrelo, Dimitri
|
||||
John Ledkov, dolphrundgren, duguxy, Einsler Lee, Elisei Roca, Emmanuel
|
||||
Garette, Eric Anderson, Eric DeVolder, Evgeny Vereshchagin,
|
||||
ExtinctFire, fangxiuning, Ferran Pallarès Roca, Filipe Brandenburger,
|
||||
Filippo Falezza, Finn, Florian Klink, Florian Mayer, Franck Bui,
|
||||
Frantisek Sumsal, gaurav, Georg Müller, Gergely Polonkai, Giedrius
|
||||
Statkevičius, Gigadoc2, gogogogi, Gaurav Singh, gzjsgdsb, Hans de
|
||||
Goede, Haochen Tong, ianhi, ignapk, Jakov Smolic, James T. Lee, Jan
|
||||
Janssen, Jan Klötzke, Jan Palus, Jay Burger, Jeremy Cline, Jérémy
|
||||
Rosen, Jian-Hong Pan, Jiri Slaby, Joel Shapiro, Joerg Behrmann, Jörg
|
||||
Thalheim, Jouke Witteveen, Kai-Heng Feng, Kenny Levinsen, Kevin
|
||||
Kuehler, Kumar Kartikeya Dwivedi, layderv, laydervus, Lénaïc Huard,
|
||||
Lennart Poettering, Lidong Zhong, Luca Boccassi, Luca BRUNO, Lucas
|
||||
Werkmeister, Lukas Klingsbo, Lukáš Nykrýn, Łukasz Stelmach, Maciej
|
||||
S. Szmigiero, MadMcCrow, Marc-André Lureau, Marcel Holtmann, Marc
|
||||
Kleine-Budde, Martin Hundebøll, Matthew Leeds, Matt Ranostay, Maxim
|
||||
Fomin, MaxVerevkin, Michael Biebl, Michael Chapman, Michael Gubbels,
|
||||
Michael Marley, Michał Bartoszkiewicz, Michal Koutný, Michal Sekletár,
|
||||
Mike Gilbert, Mike Kazantsev, Mikhail Novosyolov, ml, Motiejus Jakštys,
|
||||
nabijaczleweli, nerdopolis, Niccolò Maggioni, Niklas Hambüchen, Norbert
|
||||
Lange, Paul Cercueil, pelzvieh, Peter Hutterer, Piero La Terza, Pieter
|
||||
Lexis, Piotr Drąg, Rafael Fontenelle, Richard Petri, Ronan Pigott, Ross
|
||||
Lagerwall, Rubens Figueiredo, satmandu, Sean-StarLabs, Sebastian
|
||||
Jennen, sterlinghughes, Surhud More, Susant Sahani, szb512, Thomas
|
||||
Haller, Tobias Hunger, Tom, Tomáš Pospíšek, Tomer Shechner, Tom Hughes,
|
||||
Topi Miettinen, Tudor Roman, Uwe Kleine-König, Valery0xff, Vito Caputo,
|
||||
Vladimir Panteleev, Vladyslav Tronko, Wen Yang, Yegor Vialov, Yigal
|
||||
Korman, Yi Gao, YmrDtnJu, Yuri Chornoivan, Yu Watanabe, Zbigniew
|
||||
Jędrzejewski-Szmek, Zhu Li, Дамјан Георгиевски, наб
|
||||
|
||||
– Warsaw, 2020-07-24
|
||||
– Warsaw, 2020-07-30
|
||||
|
||||
CHANGES WITH 245:
|
||||
|
||||
|
|
|
|||
|
|
@ -72,10 +72,10 @@ static const MountPoint mount_table[] = {
|
|||
#if ENABLE_SMACK
|
||||
{ "smackfs", "/sys/fs/smackfs", "smackfs", "smackfsdef=*", MS_NOSUID|MS_NOEXEC|MS_NODEV,
|
||||
mac_smack_use, MNT_FATAL },
|
||||
{ "tmpfs", "/dev/shm", "tmpfs", "mode=1777,smackfsroot=*" TMPFS_LIMITS_DEV_SHM, MS_NOSUID|MS_NODEV|MS_STRICTATIME,
|
||||
{ "tmpfs", "/dev/shm", "tmpfs", "mode=1777,smackfsroot=*", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
|
||||
mac_smack_use, MNT_FATAL },
|
||||
#endif
|
||||
{ "tmpfs", "/dev/shm", "tmpfs", "mode=1777" TMPFS_LIMITS_DEV_SHM, MS_NOSUID|MS_NODEV|MS_STRICTATIME,
|
||||
{ "tmpfs", "/dev/shm", "tmpfs", "mode=1777", MS_NOSUID|MS_NODEV|MS_STRICTATIME,
|
||||
NULL, MNT_FATAL|MNT_IN_CONTAINER },
|
||||
{ "devpts", "/dev/pts", "devpts", "mode=620,gid=" STRINGIFY(TTY_GID), MS_NOSUID|MS_NOEXEC,
|
||||
NULL, MNT_IN_CONTAINER },
|
||||
|
|
|
|||
|
|
@ -326,23 +326,21 @@ static int append_bind_mounts(MountEntry **p, const BindMount *binds, size_t n)
|
|||
}
|
||||
|
||||
static int append_tmpfs_mounts(MountEntry **p, const TemporaryFileSystem *tmpfs, size_t n) {
|
||||
size_t i;
|
||||
int r;
|
||||
|
||||
assert(p);
|
||||
|
||||
for (i = 0; i < n; i++) {
|
||||
for (size_t i = 0; i < n; i++) {
|
||||
const TemporaryFileSystem *t = tmpfs + i;
|
||||
_cleanup_free_ char *o = NULL, *str = NULL;
|
||||
unsigned long flags;
|
||||
bool ro = false;
|
||||
int r;
|
||||
|
||||
if (!path_is_absolute(t->path))
|
||||
return log_debug_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||
"Path is not absolute: %s",
|
||||
t->path);
|
||||
|
||||
str = strjoin("mode=0755" TMPFS_LIMITS_TEMPORARY_FS ",", t->options);
|
||||
str = strjoin("mode=0755" NESTED_TMPFS_LIMITS ",", t->options);
|
||||
if (!str)
|
||||
return -ENOMEM;
|
||||
|
||||
|
|
|
|||
|
|
@ -549,7 +549,7 @@ int mount_all(const char *dest,
|
|||
MOUNT_IN_USERNS|MOUNT_MKDIR },
|
||||
|
||||
/* Then we list outer child mounts (i.e. mounts applied *before* entering user namespacing) */
|
||||
{ "tmpfs", "/tmp", "tmpfs", "mode=1777" TMPFS_LIMITS_TMP, MS_NOSUID|MS_NODEV|MS_STRICTATIME,
|
||||
{ "tmpfs", "/tmp", "tmpfs", "mode=1777" NESTED_TMPFS_LIMITS, MS_NOSUID|MS_NODEV|MS_STRICTATIME,
|
||||
MOUNT_FATAL|MOUNT_APPLY_TMPFS_TMP|MOUNT_MKDIR },
|
||||
{ "tmpfs", "/sys", "tmpfs", "mode=555" TMPFS_LIMITS_SYS, MS_NOSUID|MS_NOEXEC|MS_NODEV,
|
||||
MOUNT_FATAL|MOUNT_APPLY_APIVFS_NETNS|MOUNT_MKDIR },
|
||||
|
|
@ -559,7 +559,7 @@ int mount_all(const char *dest,
|
|||
MOUNT_FATAL|MOUNT_MKDIR }, /* skipped if above was mounted */
|
||||
{ "tmpfs", "/dev", "tmpfs", "mode=755" TMPFS_LIMITS_DEV, MS_NOSUID|MS_STRICTATIME,
|
||||
MOUNT_FATAL|MOUNT_MKDIR },
|
||||
{ "tmpfs", "/dev/shm", "tmpfs", "mode=1777" TMPFS_LIMITS_DEV_SHM, MS_NOSUID|MS_NODEV|MS_STRICTATIME,
|
||||
{ "tmpfs", "/dev/shm", "tmpfs", "mode=1777" NESTED_TMPFS_LIMITS, MS_NOSUID|MS_NODEV|MS_STRICTATIME,
|
||||
MOUNT_FATAL|MOUNT_MKDIR },
|
||||
{ "tmpfs", "/run", "tmpfs", "mode=755" TMPFS_LIMITS_RUN, MS_NOSUID|MS_NODEV|MS_STRICTATIME,
|
||||
MOUNT_FATAL|MOUNT_MKDIR },
|
||||
|
|
|
|||
|
|
@ -191,6 +191,10 @@ LoopDevice* loop_device_unref(LoopDevice *d) {
|
|||
return NULL;
|
||||
|
||||
if (d->fd >= 0) {
|
||||
/* Implicitly sync the device, since otherwise in-flight blocks might not get written */
|
||||
if (fsync(d->fd) < 0)
|
||||
log_debug_errno(errno, "Failed to sync loop block device, ignoring: %m");
|
||||
|
||||
if (d->nr >= 0 && !d->relinquished) {
|
||||
if (ioctl(d->fd, LOOP_CLR_FD) < 0)
|
||||
log_debug_errno(errno, "Failed to clear loop device: %m");
|
||||
|
|
@ -216,7 +220,7 @@ LoopDevice* loop_device_unref(LoopDevice *d) {
|
|||
log_warning_errno(errno, "Failed to remove device %s: %m", strna(d->node));
|
||||
break;
|
||||
}
|
||||
usleep(50 * USEC_PER_MSEC);
|
||||
(void) usleep(50 * USEC_PER_MSEC);
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
|||
|
|
@ -21,13 +21,11 @@
|
|||
* PID1 because 16MB of free space is required. */
|
||||
#define TMPFS_LIMITS_RUN ",size=20%,nr_inodes=800k"
|
||||
|
||||
/* The limit used for various tmpfs mounts, but not /tmp itself.
|
||||
/* The limit used for various nested tmpfs mounts, in paricular for guests started by systemd-nspawn.
|
||||
* 10% of RAM (using 16GB of RAM as a baseline) translates to 400k inodes (assuming 4k each) and 25%
|
||||
* translates to 1M inodes.
|
||||
* /tmp is configured through a .mount unit file. */
|
||||
#define TMPFS_LIMITS_TMP ",size=10%,nr_inodes=400k"
|
||||
#define TMPFS_LIMITS_DEV_SHM TMPFS_LIMITS_TMP
|
||||
#define TMPFS_LIMITS_TEMPORARY_FS TMPFS_LIMITS_TMP
|
||||
* (On the host, /tmp is configured through a .mount unit file.) */
|
||||
#define NESTED_TMPFS_LIMITS ",size=10%,nr_inodes=400k"
|
||||
|
||||
/* More space for volatile root and /var */
|
||||
#define TMPFS_LIMITS_VAR ",size=25%,nr_inodes=1m"
|
||||
|
|
|
|||
|
|
@ -409,7 +409,7 @@ static int print_ntp_status_info(NTPStatusInfo *i) {
|
|||
if (r < 0)
|
||||
return table_log_add_error(r);
|
||||
|
||||
r = table_add_cell_stringf(table, NULL, "%s (%s)", i->server_address, i->server_name);
|
||||
r = table_add_cell_stringf(table, NULL, "%s (%s)", strna(i->server_address), strna(i->server_name));
|
||||
if (r < 0)
|
||||
return table_log_add_error(r);
|
||||
|
||||
|
|
|
|||
|
|
@ -137,11 +137,10 @@ static int manager_send_request(Manager *m) {
|
|||
}
|
||||
|
||||
/* re-arm timer with increasing timeout, in case the packets never arrive back */
|
||||
if (m->retry_interval > 0) {
|
||||
if (m->retry_interval < m->poll_interval_max_usec)
|
||||
m->retry_interval *= 2;
|
||||
} else
|
||||
m->retry_interval = m->poll_interval_min_usec;
|
||||
if (m->retry_interval == 0)
|
||||
m->retry_interval = NTP_RETRY_INTERVAL_MIN_USEC;
|
||||
else
|
||||
m->retry_interval = MIN(m->retry_interval * 4/3, NTP_RETRY_INTERVAL_MAX_USEC);
|
||||
|
||||
r = manager_arm_timer(m, m->retry_interval);
|
||||
if (r < 0)
|
||||
|
|
|
|||
|
|
@ -24,6 +24,9 @@ typedef struct Manager Manager;
|
|||
#define NTP_POLL_INTERVAL_MIN_USEC (32 * USEC_PER_SEC)
|
||||
#define NTP_POLL_INTERVAL_MAX_USEC (2048 * USEC_PER_SEC)
|
||||
|
||||
#define NTP_RETRY_INTERVAL_MIN_USEC (15 * USEC_PER_SEC)
|
||||
#define NTP_RETRY_INTERVAL_MAX_USEC (6 * 60 * USEC_PER_SEC) /* 6 minutes */
|
||||
|
||||
struct Manager {
|
||||
sd_bus *bus;
|
||||
sd_event *event;
|
||||
|
|
|
|||
|
|
@ -100,7 +100,7 @@ static int print_all_attributes(sd_device *device, bool is_parent) {
|
|||
|
||||
/* skip nonprintable attributes */
|
||||
len = strlen(value);
|
||||
while (len > 0 && isprint(value[len-1]))
|
||||
while (len > 0 && isprint((unsigned char) value[len-1]))
|
||||
len--;
|
||||
if (len > 0)
|
||||
continue;
|
||||
|
|
|
|||
Loading…
Reference in New Issue