Compare commits
5 Commits
8069017a0f
...
0499585ffe
Author | SHA1 | Date |
---|---|---|
Anita Zhang | 0499585ffe | |
Zbigniew Jędrzejewski-Szmek | 754499fab2 | |
Anita Zhang | 3e1db806b0 | |
Kevin Kuehler | 132e0b532c | |
Kevin Kuehler | 1f0f9f21c1 |
7
NEWS
7
NEWS
|
@ -33,10 +33,9 @@ CHANGES WITH 244 in spe:
|
|||
during early boot, so in practice this change has very little
|
||||
effect.)
|
||||
|
||||
* The special -.service.d dropin directory may be used to add
|
||||
configuration that affects all services. The "-.service" service name
|
||||
is now disallowed (though hopefully no one would use such a service
|
||||
name. -.mount gives us enough grief.)
|
||||
* Unit files now support top level dropin directories of the form
|
||||
<unit_type>.d/ (e.g. service.d/) that may be used to add configuration
|
||||
that affects all corresponding unit files.
|
||||
|
||||
* The RuntimeMaxSec= setting is now supported by scopes, not just
|
||||
.service units. This is particularly useful for PAM sessions which
|
||||
|
|
2
TODO
2
TODO
|
@ -491,8 +491,6 @@ Features:
|
|||
|
||||
* cache sd_event_now() result from before the first iteration...
|
||||
|
||||
* add systemctl stop --job-mode=triggering that follows TRIGGERED_BY deps and adds them to the same transaction
|
||||
|
||||
* PID1: find a way how we can reload unit file configuration for
|
||||
specific units only, without reloading the whole of systemd
|
||||
|
||||
|
|
|
@ -1601,8 +1601,9 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
|
|||
<literal>replace-irreversibly</literal>,
|
||||
<literal>isolate</literal>,
|
||||
<literal>ignore-dependencies</literal>,
|
||||
<literal>ignore-requirements</literal> or
|
||||
<literal>flush</literal>. Defaults to
|
||||
<literal>ignore-requirements</literal>,
|
||||
<literal>flush</literal>, or
|
||||
<literal>triggering</literal>. Defaults to
|
||||
<literal>replace</literal>, except when the
|
||||
<command>isolate</command> command is used which implies the
|
||||
<literal>isolate</literal> job mode.</para>
|
||||
|
@ -1647,6 +1648,13 @@ Jan 12 10:46:45 example.com bluetoothd[8900]: gatt-time-server: Input/output err
|
|||
dependencies will still be honored.</para>
|
||||
</listitem>
|
||||
|
||||
<para><literal>triggering</literal> may only be used with
|
||||
<command>systemctl stop</command>. In this mode, the specified
|
||||
unit and any active units that trigger it are stopped. See the
|
||||
discussion of
|
||||
<varname>Triggers=</varname> in <citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for more information about triggering units.</para>
|
||||
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
|
|
@ -63,19 +63,6 @@
|
|||
<para>The <citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
command allows creating <filename>.service</filename> and <filename>.scope</filename> units dynamically
|
||||
and transiently from the command line.</para>
|
||||
|
||||
<para>In addition to the various drop-in behaviors described in
|
||||
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
|
||||
services also support a top-level drop-in with <filename>-.service.d/</filename> that allows
|
||||
altering or adding to the settings of all services on the system.
|
||||
The formatting and precedence of applying drop-in configurations follow what is defined in
|
||||
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
|
||||
However, configurations in <filename>-.service.d/</filename> have the lowest precedence compared to settings
|
||||
in the service specific override directories. For example, for <filename>foo-bar-baz.service</filename>,
|
||||
drop-ins in <filename>foo-bar-baz.service.d/</filename> override the ones in
|
||||
<filename>foo-bar-.service.d/</filename>, which override the ones <filename>foo-.service.d/</filename>,
|
||||
which override the ones in <filename>-.service.d/</filename>.
|
||||
</para>
|
||||
</refsect1>
|
||||
|
||||
<refsect1>
|
||||
|
|
|
@ -119,15 +119,6 @@
|
|||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><filename>-.service</filename></term>
|
||||
<listitem>
|
||||
<para>This is a reserved unit name used to support top-level drop-ins for services. See
|
||||
<citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for details.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><filename>basic.target</filename></term>
|
||||
<listitem>
|
||||
|
|
|
@ -192,9 +192,14 @@
|
|||
over unit files wherever located. Multiple drop-in files with different names are applied in
|
||||
lexicographic order, regardless of which of the directories they reside in.</para>
|
||||
|
||||
<para>Service units also support a top-level drop-in directory for modifying the settings of all service units. See
|
||||
<citerefentry><refentrytitle>systemd.service</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for details.</para>
|
||||
<para>Units also support a top-level drop-in with <filename><replaceable>type</replaceable>.d/</filename>,
|
||||
where <replaceable>type</replaceable> may be e.g. <literal>service</literal> or <literal>socket</literal>,
|
||||
that allows altering or adding to the settings of all corresponding unit files on the system.
|
||||
The formatting and precedence of applying drop-in configurations follow what is defined above.
|
||||
Configurations in <filename><replaceable>type</replaceable>.d/</filename> have the lowest precedence
|
||||
compared to settings in the name specific override directories. So the contents of
|
||||
<filename>foo-.service.d/10-override.conf</filename> would override
|
||||
<filename>service.d/10-override.conf</filename>.</para>
|
||||
|
||||
<!-- Note that we do not document .include here, as we consider it mostly obsolete, and want
|
||||
people to use .d/ drop-ins instead. -->
|
||||
|
|
|
@ -15,6 +15,7 @@
|
|||
#include "io-util.h"
|
||||
#include "macro.h"
|
||||
#include "memfd-util.h"
|
||||
#include "missing_fcntl.h"
|
||||
#include "missing_syscall.h"
|
||||
#include "parse-util.h"
|
||||
#include "path-util.h"
|
||||
|
|
|
@ -14,6 +14,7 @@
|
|||
#include "locale-util.h"
|
||||
#include "log.h"
|
||||
#include "macro.h"
|
||||
#include "missing_fcntl.h"
|
||||
#include "missing_fs.h"
|
||||
#include "missing_syscall.h"
|
||||
#include "mkdir.h"
|
||||
|
|
|
@ -105,7 +105,3 @@
|
|||
|
||||
/* The root directory. */
|
||||
#define SPECIAL_ROOT_MOUNT "-.mount"
|
||||
|
||||
/* Used to apply settings to all services through drop-ins.
|
||||
* Should not exist as an actual service. */
|
||||
#define SPECIAL_ROOT_SERVICE "-.service"
|
||||
|
|
|
@ -669,36 +669,6 @@ good:
|
|||
return 0;
|
||||
}
|
||||
|
||||
bool service_unit_name_is_valid(const char *name) {
|
||||
_cleanup_free_ char *prefix = NULL, *s = NULL;
|
||||
const char *e, *service_name = name;
|
||||
|
||||
if (!unit_name_is_valid(name, UNIT_NAME_ANY))
|
||||
return false;
|
||||
|
||||
e = endswith(name, ".service");
|
||||
if (!e)
|
||||
return false;
|
||||
|
||||
/* If it's a template or instance, get the prefix as a service name. */
|
||||
if (unit_name_is_valid(name, UNIT_NAME_INSTANCE|UNIT_NAME_TEMPLATE)) {
|
||||
if (unit_name_to_prefix(name, &prefix) < 0)
|
||||
return false;
|
||||
|
||||
s = strjoin(prefix, ".service");
|
||||
if (!s)
|
||||
return false;
|
||||
|
||||
service_name = s;
|
||||
}
|
||||
|
||||
/* Reject reserved service name(s). */
|
||||
if (streq(service_name, SPECIAL_ROOT_SERVICE))
|
||||
return false;
|
||||
|
||||
return true;
|
||||
}
|
||||
|
||||
int slice_build_parent_slice(const char *slice, char **ret) {
|
||||
char *s, *dash;
|
||||
int r;
|
||||
|
|
|
@ -58,8 +58,6 @@ static inline int unit_name_mangle(const char *name, UnitNameMangle flags, char
|
|||
return unit_name_mangle_with_suffix(name, NULL, flags, ".service", ret);
|
||||
}
|
||||
|
||||
bool service_unit_name_is_valid(const char *name);
|
||||
|
||||
int slice_build_parent_slice(const char *slice, char **ret);
|
||||
int slice_build_subslice(const char *slice, const char *name, char **subslice);
|
||||
bool slice_name_is_valid(const char *name);
|
||||
|
|
|
@ -1610,6 +1610,7 @@ static const char* const job_mode_table[_JOB_MODE_MAX] = {
|
|||
[JOB_FLUSH] = "flush",
|
||||
[JOB_IGNORE_DEPENDENCIES] = "ignore-dependencies",
|
||||
[JOB_IGNORE_REQUIREMENTS] = "ignore-requirements",
|
||||
[JOB_TRIGGERING] = "triggering",
|
||||
};
|
||||
|
||||
DEFINE_STRING_TABLE_LOOKUP(job_mode, JobMode);
|
||||
|
|
|
@ -75,6 +75,7 @@ enum JobMode {
|
|||
JOB_FLUSH, /* Flush out all other queued jobs when queueing this one */
|
||||
JOB_IGNORE_DEPENDENCIES, /* Ignore both requirement and ordering dependencies */
|
||||
JOB_IGNORE_REQUIREMENTS, /* Ignore requirement dependencies */
|
||||
JOB_TRIGGERING, /* Adds TRIGGERED_BY dependencies to the same transaction */
|
||||
_JOB_MODE_MAX,
|
||||
_JOB_MODE_INVALID = -1
|
||||
};
|
||||
|
|
|
@ -1738,6 +1738,9 @@ int manager_add_job(
|
|||
if (mode == JOB_ISOLATE && !unit->allow_isolate)
|
||||
return sd_bus_error_setf(error, BUS_ERROR_NO_ISOLATION, "Operation refused, unit may not be isolated.");
|
||||
|
||||
if (mode == JOB_TRIGGERING && type != JOB_STOP)
|
||||
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "--job-mode=triggering is only valid for stop.");
|
||||
|
||||
log_unit_debug(unit, "Trying to enqueue job %s/%s/%s", unit->id, job_type_to_string(type), job_mode_to_string(mode));
|
||||
|
||||
type = job_type_collapse(type, unit);
|
||||
|
@ -1758,6 +1761,12 @@ int manager_add_job(
|
|||
goto tr_abort;
|
||||
}
|
||||
|
||||
if (mode == JOB_TRIGGERING) {
|
||||
r = transaction_add_triggering_jobs(tr, unit);
|
||||
if (r < 0)
|
||||
goto tr_abort;
|
||||
}
|
||||
|
||||
r = transaction_activate(tr, m, mode, affected_jobs, error);
|
||||
if (r < 0)
|
||||
goto tr_abort;
|
||||
|
|
|
@ -549,11 +549,6 @@ static int service_verify(Service *s) {
|
|||
assert(s);
|
||||
assert(UNIT(s)->load_state == UNIT_LOADED);
|
||||
|
||||
if (!service_unit_name_is_valid(UNIT(s)->id)) {
|
||||
log_unit_error(UNIT(s), "Service name is invalid or reserved. Refusing.");
|
||||
return -EINVAL;
|
||||
}
|
||||
|
||||
if (!s->exec_command[SERVICE_EXEC_START] && !s->exec_command[SERVICE_EXEC_STOP]
|
||||
&& UNIT(s)->success_action == EMERGENCY_ACTION_NONE) {
|
||||
/* FailureAction= only makes sense if one of the start or stop commands is specified.
|
||||
|
|
|
@ -1141,6 +1141,32 @@ int transaction_add_isolate_jobs(Transaction *tr, Manager *m) {
|
|||
return 0;
|
||||
}
|
||||
|
||||
int transaction_add_triggering_jobs(Transaction *tr, Unit *u) {
|
||||
Iterator i;
|
||||
void *v;
|
||||
Unit *trigger;
|
||||
int r;
|
||||
|
||||
assert(tr);
|
||||
assert(u);
|
||||
|
||||
HASHMAP_FOREACH_KEY(v, trigger, u->dependencies[UNIT_TRIGGERED_BY], i) {
|
||||
/* No need to stop inactive jobs */
|
||||
if (UNIT_IS_INACTIVE_OR_FAILED(unit_active_state(trigger)) && !trigger->job)
|
||||
continue;
|
||||
|
||||
/* Is there already something listed for this? */
|
||||
if (hashmap_get(tr->jobs, trigger))
|
||||
continue;
|
||||
|
||||
r = transaction_add_job_and_dependencies(tr, JOB_STOP, trigger, tr->anchor_job, true, false, false, false, NULL);
|
||||
if (r < 0)
|
||||
log_unit_warning_errno(u, r, "Cannot add triggered by job, ignoring: %m");
|
||||
}
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
Transaction *transaction_new(bool irreversible) {
|
||||
Transaction *tr;
|
||||
|
||||
|
|
|
@ -31,4 +31,5 @@ int transaction_add_job_and_dependencies(
|
|||
sd_bus_error *e);
|
||||
int transaction_activate(Transaction *tr, Manager *m, JobMode mode, Set *affected, sd_bus_error *e);
|
||||
int transaction_add_isolate_jobs(Transaction *tr, Manager *m);
|
||||
int transaction_add_triggering_jobs(Transaction *tr, Unit *u);
|
||||
void transaction_abort(Transaction *tr);
|
||||
|
|
|
@ -17,6 +17,7 @@
|
|||
#include "fd-util.h"
|
||||
#include "fs-util.h"
|
||||
#include "import-common.h"
|
||||
#include "missing_fcntl.h"
|
||||
#include "ratelimit.h"
|
||||
#include "stat-util.h"
|
||||
#include "string-util.h"
|
||||
|
|
|
@ -19,7 +19,6 @@
|
|||
#include "mkdir.h"
|
||||
#include "path-util.h"
|
||||
#include "set.h"
|
||||
#include "special.h"
|
||||
#include "string-util.h"
|
||||
#include "strv.h"
|
||||
#include "unit-name.h"
|
||||
|
@ -164,6 +163,10 @@ static int unit_file_find_dirs(
|
|||
return r;
|
||||
}
|
||||
|
||||
/* Return early for top level drop-ins. */
|
||||
if (unit_type_from_string(name) >= 0)
|
||||
return 0;
|
||||
|
||||
/* Let's see if there's a "-" prefix for this unit name. If so, let's invoke ourselves for it. This will then
|
||||
* recursively do the same for all our prefixes. i.e. this means given "foo-bar-waldo.service" we'll also
|
||||
* search "foo-bar-.service" and "foo-.service".
|
||||
|
@ -244,14 +247,13 @@ int unit_file_find_dropin_paths(
|
|||
name);
|
||||
}
|
||||
|
||||
/* Special drop in for -.service. Add this first as it's the most generic
|
||||
/* Special top level drop in for "<unit type>.<suffix>". Add this first as it's the most generic
|
||||
* and should be able to be overridden by more specific drop-ins. */
|
||||
if (type == UNIT_SERVICE)
|
||||
STRV_FOREACH(p, lookup_path)
|
||||
(void) unit_file_find_dirs(original_root,
|
||||
unit_path_cache,
|
||||
*p,
|
||||
SPECIAL_ROOT_SERVICE,
|
||||
unit_type_to_string(type),
|
||||
dir_suffix,
|
||||
&dirs);
|
||||
|
||||
|
|
|
@ -353,24 +353,6 @@ static void test_unit_name_build(void) {
|
|||
free(t);
|
||||
}
|
||||
|
||||
static void test_service_unit_name_is_valid(void) {
|
||||
assert_se(service_unit_name_is_valid("foo.service"));
|
||||
assert_se(service_unit_name_is_valid("foo@bar.service"));
|
||||
assert_se(service_unit_name_is_valid("foo@bar@bar.service"));
|
||||
assert_se(service_unit_name_is_valid("--.service"));
|
||||
assert_se(service_unit_name_is_valid(".-.service"));
|
||||
assert_se(service_unit_name_is_valid("-foo-bar.service"));
|
||||
assert_se(service_unit_name_is_valid("-foo-bar-.service"));
|
||||
assert_se(service_unit_name_is_valid("foo-bar-.service"));
|
||||
|
||||
assert_se(!service_unit_name_is_valid("-.service"));
|
||||
assert_se(!service_unit_name_is_valid(""));
|
||||
assert_se(!service_unit_name_is_valid("foo.slice"));
|
||||
assert_se(!service_unit_name_is_valid("@.service"));
|
||||
assert_se(!service_unit_name_is_valid("@bar.service"));
|
||||
assert_se(!service_unit_name_is_valid("-@.service"));
|
||||
}
|
||||
|
||||
static void test_slice_name_is_valid(void) {
|
||||
assert_se( slice_name_is_valid(SPECIAL_ROOT_SLICE));
|
||||
assert_se( slice_name_is_valid("foo.slice"));
|
||||
|
@ -856,7 +838,6 @@ int main(int argc, char* argv[]) {
|
|||
test_unit_prefix_is_valid();
|
||||
test_unit_name_change_suffix();
|
||||
test_unit_name_build();
|
||||
test_service_unit_name_is_valid();
|
||||
test_slice_name_is_valid();
|
||||
test_build_subslice();
|
||||
test_build_parent_slice();
|
||||
|
|
|
@ -101,18 +101,18 @@ test_basic_dropins () {
|
|||
check_ok b Wants c.service
|
||||
systemctl stop a c
|
||||
|
||||
echo "*** test -.service.d/ top level drop-in"
|
||||
echo "*** test service.d/ top level drop-in"
|
||||
create_services a b
|
||||
check_ko a ExecCondition "/bin/echo a"
|
||||
check_ko b ExecCondition "/bin/echo b"
|
||||
mkdir -p /usr/lib/systemd/system/-.service.d
|
||||
cat >/usr/lib/systemd/system/-.service.d/override.conf <<EOF
|
||||
mkdir -p /usr/lib/systemd/system/service.d
|
||||
cat >/usr/lib/systemd/system/service.d/override.conf <<EOF
|
||||
[Service]
|
||||
ExecCondition=/bin/echo %n
|
||||
EOF
|
||||
check_ok a ExecCondition "/bin/echo a"
|
||||
check_ok b ExecCondition "/bin/echo b"
|
||||
rm -rf /usr/lib/systemd/system/-.service.d
|
||||
rm -rf /usr/lib/systemd/system/service.d
|
||||
|
||||
clear_services a b c
|
||||
}
|
||||
|
|
Loading…
Reference in New Issue