Compare commits
No commits in common. "bdf2357c12e775ca2c9491d4117227dfc992881c" and "351de38e4b4e6ca324346e6dbcefd224bbb3b190" have entirely different histories.
bdf2357c12
...
351de38e4b
3
.mailmap
3
.mailmap
|
|
@ -14,7 +14,6 @@ Arnd Bergmann <arnd@arndb.de>
|
|||
Atul Sabharwal <atul.sabharwal@intel.com>
|
||||
Bart Rulon <barron@lexmark.com>
|
||||
Bastien Nocera <hadess@hadess.net> <hadess@users.noreply.github.com>
|
||||
Baybal Ni <nikulinpi@gmail.com>
|
||||
Beniamino Galvani <bgalvani@redhat.com> <bengal@users.noreply.github.com>
|
||||
Bill Yodlowsky <bill@redhat.com> <itsbill@users.noreply.github.com>
|
||||
Brian Boylston <brian.boylston@hpe.com>
|
||||
|
|
@ -23,7 +22,6 @@ Chen Qi <Qi.Chen@windriver.com> <40684930+ChenQi1989@users.noreply.github.com>
|
|||
Christophe Varoqui <christophe.varoqui@free.fr>
|
||||
Colin Guthrie <ColinGuthrie@web>
|
||||
Daniel Elstner <daniel.kitta@gmail.com> <danielk@openismus.com>
|
||||
Daniel Gorbea <danielgorbea@hotmail.com>
|
||||
Daniel J Walsh <dwalsh@redhat.com>
|
||||
Daniel Kahn Gillmor <dkg@fifthhorseman.net>
|
||||
Daniel Machon <Danielmachon@live.dk>
|
||||
|
|
@ -87,7 +85,6 @@ Kay Sievers <kay@vrfy.org> <kay.sievers@vrfy.org>
|
|||
Kay Sievers <kay@vrfy.org> <kay@pim.off.vrfy.org>
|
||||
Kay Sievers <kay@vrfy.org> <kay@pim>
|
||||
Kay Sievers <kay@vrfy.org> <kay@yik.fritz.box>
|
||||
Kevin Becker <kevin@kevinbecker.org>
|
||||
Krzysztof Jackiewicz <k.jackiewicz@samsung.com> <kjackiewicz@users.noreply.github.com>
|
||||
Larry Bernstone <lbernstone@gmail.com>
|
||||
Lennart Poettering <lennart@poettering.net> <LennartPoettering@web>
|
||||
|
|
|
|||
26
NEWS
26
NEWS
|
|
@ -1,6 +1,6 @@
|
|||
systemd System and Service Manager
|
||||
|
||||
CHANGES WITH 244:
|
||||
CHANGES WITH 244 in spe:
|
||||
|
||||
* Support for the cpuset cgroups v2 controller has been added.
|
||||
Processes may be restricted to specific CPUs using the new
|
||||
|
|
@ -200,30 +200,6 @@ CHANGES WITH 244:
|
|||
for all services that should not be able to read from or write to the
|
||||
kernel log buffer, which are probably almost all.
|
||||
|
||||
Contributions from: Aaron Plattner, Alcaro, Anita Zhang, Balint Reczey,
|
||||
Bastien Nocera, Baybal Ni, Benjamin Bouvier, Benjamin Gilbert, cbzxt,
|
||||
Chen Qi, Chris Down, Christian Rebischke, Claudio Zumbo, ClydeByrdIII,
|
||||
crashfistfight, Cyprien Laplace, Daniel Gorbea, Daniel Edgecumbe,
|
||||
Daniel Rusek, Daniel Stuart, Dan Streetman, David Pedersen, David
|
||||
Tardon, Dimitri John Ledkov, Dominique Martinet, Donald A. Cupp Jr,
|
||||
Evgeny Vereshchagin, Fabian Henneke, Filipe Brandenburger, Franck Bui,
|
||||
Frantisek Sumsal, Georg Müller, Hans de Goede, HATAYAMA Daisuke, Iwan
|
||||
Timmer, Jan Janssen, Jan Kundrát, Jan Synacek, Jay Strict, Jérémy
|
||||
Rosen, Jóhann B. Guðmundsson, Jonas Jelten, Jonas Thelemann, Justin
|
||||
Trudell, Kai-Heng Feng, Kenneth D'souza, Kevin Kuehler, Kevin Becker,
|
||||
Lennart Poettering, Léonard Gérard, Lorenz Bauer, Luca Boccassi, Maciej
|
||||
Stanczew, Mario Limonciello, Marko Myllynen, Mark Stosberg, Martin
|
||||
Wilck, matthiasroos, Michael Biebl, Michael Olbrich, Michael Tretter,
|
||||
Michal Sekletar, Michal Suchanek, Mike Kazantsev, Nicolas Douma,
|
||||
Norbert Lange, pan93412, Pavel Hrdina, Peter Wu, Philip Withnall, Piotr
|
||||
Drąg, Rafael Fontenelle, Renaud Métrich, Riccardo Schirone,
|
||||
RoadrunnerWMC, Ronan Pigott, Ryan Attard, Sebastian Wick, Serge,
|
||||
Siddharth Chandrasekara, Steve Traylen, Susant Sahani, Thibault Nélis,
|
||||
Tim Teichmann, Tom Fitzhenry, Tommy J, Torsten Hilbrich, Vito Caputo,
|
||||
ypf791, Yu Watanabe, Zach Smith, Zbigniew Jędrzejewski-Szmek
|
||||
|
||||
– Somewhere, 2019-11-22
|
||||
|
||||
CHANGES WITH 243:
|
||||
|
||||
* This release enables unprivileged programs (i.e. requiring neither
|
||||
|
|
|
|||
|
|
@ -235,10 +235,6 @@ sensor:modalias:acpi:*KIOX000A*:dmi:*svn*CytrixTechnology:*pn*Complex11t*
|
|||
sensor:modalias:platform:HID-SENSOR-200073:dmi:*svnDell*:pnVostro5581:*
|
||||
ACCEL_LOCATION=base
|
||||
|
||||
# Dell Venue 10 Pro 5055
|
||||
sensor:modalias:acpi:INVN6500*:dmi:*svnDell*:pnVenue10Pro5055*
|
||||
ACCEL_MOUNT_MATRIX=0, -1, 0; 1, 0, 0; 0, 0, 1
|
||||
|
||||
#########################################
|
||||
# DEXP
|
||||
#########################################
|
||||
|
|
|
|||
|
|
@ -321,7 +321,7 @@
|
|||
|
||||
<example>
|
||||
<title>Extract the last core dump of /usr/bin/bar to a file named
|
||||
<filename index="false">bar.coredump</filename></title>
|
||||
<filename noindex="true">bar.coredump</filename></title>
|
||||
|
||||
<programlisting># coredumpctl -o bar.coredump dump /usr/bin/bar</programlisting>
|
||||
</example>
|
||||
|
|
|
|||
|
|
@ -102,7 +102,7 @@
|
|||
|
||||
<listitem><para>In the daemon process, write the daemon PID
|
||||
(as returned by <function>getpid()</function>) to a PID file,
|
||||
for example <filename index='false'>/run/foobar.pid</filename> (for a
|
||||
for example <filename>/run/foobar.pid</filename> (for a
|
||||
hypothetical daemon "foobar") to ensure that the daemon cannot
|
||||
be started more than once. This must be implemented in
|
||||
race-free fashion so that the PID file is only updated when it
|
||||
|
|
|
|||
|
|
@ -75,7 +75,7 @@
|
|||
<title>Example</title>
|
||||
<example>
|
||||
<title>Setup environment to allow access to a program installed in
|
||||
<filename index="false">/opt/foo</filename></title>
|
||||
<filename noindex='true'>/opt/foo</filename></title>
|
||||
|
||||
<para><filename>/etc/environment.d/60-foo.conf</filename>:
|
||||
</para>
|
||||
|
|
|
|||
|
|
@ -50,7 +50,7 @@
|
|||
<term><varname>URL=</varname></term>
|
||||
|
||||
<listitem><para>The URL to upload the journal entries to. See the description
|
||||
of <option>--url=</option> option in
|
||||
of <varname>--url=</varname> option in
|
||||
<citerefentry><refentrytitle>systemd-journal-upload</refentrytitle><manvolnum>8</manvolnum></citerefentry>
|
||||
for the description of possible values. There is no default value, so either this
|
||||
option or the command-line option must be always present to make an upload.</para></listitem>
|
||||
|
|
|
|||
|
|
@ -27,7 +27,7 @@
|
|||
|
||||
<para>Users might want to change two options in particular:</para>
|
||||
|
||||
<variablelist>
|
||||
<variablelist class='environment-variables'>
|
||||
<varlistentry>
|
||||
<term><option>K</option></term>
|
||||
|
||||
|
|
|
|||
|
|
@ -53,15 +53,13 @@
|
|||
<variablelist>
|
||||
|
||||
<varlistentry>
|
||||
<term><command>query</command> <replaceable>HOSTNAME|ADDRESS</replaceable>…</term>
|
||||
<term><option>query <replaceable>HOSTNAME|ADDRESS</replaceable>…</option></term>
|
||||
|
||||
<listitem><para>Resolve domain names, IPv4 and IPv6 addresses.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><command>service</command>
|
||||
[[<replaceable>NAME</replaceable>] <replaceable>TYPE</replaceable>]
|
||||
<replaceable>DOMAIN</replaceable></term>
|
||||
<term><option>service [[<replaceable>NAME</replaceable>] <replaceable>TYPE</replaceable>] <replaceable>DOMAIN</replaceable></option></term>
|
||||
|
||||
<listitem><para>Resolve <ulink url="https://tools.ietf.org/html/rfc6763">DNS-SD</ulink> and
|
||||
<ulink url="https://tools.ietf.org/html/rfc2782">SRV</ulink> services, depending on the specified list of parameters.
|
||||
|
|
@ -73,7 +71,7 @@
|
|||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><command>openpgp</command> <replaceable>EMAIL@DOMAIN</replaceable>…</term>
|
||||
<term><option>openpgp <replaceable>EMAIL@DOMAIN</replaceable>…</option></term>
|
||||
|
||||
<listitem><para>Query PGP keys stored as <ulink url="https://tools.ietf.org/html/rfc7929">OPENPGPKEY</ulink>
|
||||
resource records. Specified e-mail addresses are converted to the corresponding DNS domain name, and any
|
||||
|
|
@ -81,9 +79,7 @@
|
|||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><command>tlsa</command>
|
||||
[<replaceable>FAMILY</replaceable>]
|
||||
<replaceable>DOMAIN</replaceable>[:<replaceable>PORT</replaceable>]…</term>
|
||||
<term><option>tlsa [<replaceable>FAMILY</replaceable>] <replaceable>DOMAIN</replaceable>[:<replaceable>PORT</replaceable>]…</option></term>
|
||||
|
||||
<listitem><para>Query TLS public keys stored as <ulink url="https://tools.ietf.org/html/rfc6698">TLSA</ulink>
|
||||
resource records. A query will be performed for each of the specified names prefixed with the port and family
|
||||
|
|
@ -93,28 +89,28 @@
|
|||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><command>status</command> [<replaceable>LINK</replaceable>…]</term>
|
||||
<term><option>status [<replaceable>LINK</replaceable>…]</option></term>
|
||||
|
||||
<listitem><para>Shows the global and per-link DNS settings currently in effect. If no command is specified,
|
||||
this is the implied default.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><command>statistics</command></term>
|
||||
<term><option>statistics</option></term>
|
||||
|
||||
<listitem><para>Shows general resolver statistics, including information whether DNSSEC is
|
||||
enabled and available, as well as resolution and validation statistics.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><command>reset-statistics</command></term>
|
||||
<term><option>reset-statistics</option></term>
|
||||
|
||||
<listitem><para>Resets the statistics counters shown in <command>statistics</command> to zero.
|
||||
<listitem><para>Resets the statistics counters shown in <option>statistics</option> to zero.
|
||||
This operation requires root privileges.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><command>flush-caches</command></term>
|
||||
<term><option>flush-caches</option></term>
|
||||
|
||||
<listitem><para>Flushes all DNS resource record caches the service maintains locally. This is mostly equivalent
|
||||
to sending the <constant>SIGUSR2</constant> to the <command>systemd-resolved</command>
|
||||
|
|
@ -122,7 +118,7 @@
|
|||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><command>reset-server-features</command></term>
|
||||
<term><option>reset-server-features</option></term>
|
||||
|
||||
<listitem><para>Flushes all feature level information the resolver learnt about specific servers, and ensures
|
||||
that the server feature probing logic is started from the beginning with the next look-up request. This is
|
||||
|
|
@ -131,48 +127,46 @@
|
|||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><command>dns</command> [<replaceable>LINK</replaceable> [<replaceable>SERVER</replaceable>…]]</term>
|
||||
<term><command>domain</command> [<replaceable>LINK</replaceable> [<replaceable>DOMAIN</replaceable>…]]</term>
|
||||
<term><command>default-route</command> [<replaceable>LINK</replaceable> [<replaceable>BOOL</replaceable>…]]</term>
|
||||
<term><command>llmnr</command> [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</term>
|
||||
<term><command>mdns</command> [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</term>
|
||||
<term><command>dnssec</command> [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</term>
|
||||
<term><command>dnsovertls</command> [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</term>
|
||||
<term><command>nta</command> [<replaceable>LINK</replaceable> [<replaceable>DOMAIN</replaceable>…]]</term>
|
||||
<term><option>dns [<replaceable>LINK</replaceable> [<replaceable>SERVER</replaceable>…]]</option></term>
|
||||
<term><option>domain [<replaceable>LINK</replaceable> [<replaceable>DOMAIN</replaceable>…]]</option></term>
|
||||
<term><option>default-route [<replaceable>LINK</replaceable> [<replaceable>BOOL</replaceable>…]]</option></term>
|
||||
<term><option>llmnr [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</option></term>
|
||||
<term><option>mdns [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</option></term>
|
||||
<term><option>dnssec [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</option></term>
|
||||
<term><option>dnsovertls [<replaceable>LINK</replaceable> [<replaceable>MODE</replaceable>]]</option></term>
|
||||
<term><option>nta [<replaceable>LINK</replaceable> [<replaceable>DOMAIN</replaceable>…]]</option></term>
|
||||
|
||||
<listitem>
|
||||
<para>Get/set per-interface DNS configuration. These commands may be used to configure various DNS
|
||||
settings for network interfaces. These commands may be used to inform
|
||||
<command>systemd-resolved</command> or <command>systemd-networkd</command> about per-interface DNS
|
||||
configuration determined through external means. The <command>dns</command> command expects IPv4 or
|
||||
IPv6 address specifications of DNS servers to use. The <command>domain</command> command expects
|
||||
valid DNS domains, possibly prefixed with <literal>~</literal>, and configures a per-interface
|
||||
search or route-only domain. The <command>default-route</command> command expects a boolean
|
||||
parameter, and configures whether the link may be used as default route for DNS lookups, i.e. if it
|
||||
is suitable for lookups on domains no other link explicitly is configured for. The
|
||||
<command>llmnr</command>, <command>mdns</command>, <command>dnssec</command> and
|
||||
<command>dnsovertls</command> commands may be used to configure the per-interface LLMNR,
|
||||
MulticastDNS, DNSSEC and DNSOverTLS settings. Finally, <command>nta</command> command may be used
|
||||
to configure additional per-interface DNSSEC NTA domains.</para>
|
||||
<para>Get/set per-interface DNS configuration. These commands may be used to configure various DNS settings
|
||||
for network interfaces. These commands may be used to inform <command>systemd-resolved</command> or
|
||||
<command>systemd-networkd</command> about per-interface DNS configuration determined
|
||||
through external means. The <option>dns</option> command expects IPv4 or IPv6 address specifications of DNS
|
||||
servers to use. The <option>domain</option> command expects valid DNS domains, possibly prefixed with
|
||||
<literal>~</literal>, and configures a per-interface search or route-only domain. The
|
||||
<option>default-route</option> command expects a boolean parameter, and configures whether the link may be
|
||||
used as default route for DNS lookups, i.e. if it is suitable for lookups on domains no other link explicitly
|
||||
is configured for. The <option>llmnr</option>, <option>mdns</option>, <option>dnssec</option> and
|
||||
<option>dnsovertls</option> commands may be used to configure the per-interface LLMNR, MulticastDNS, DNSSEC
|
||||
and DNSOverTLS settings. Finally, <option>nta</option> command may be used to configure additional
|
||||
per-interface DNSSEC NTA domains.</para>
|
||||
|
||||
<para>Commands <command>dns</command>, <command>domain</command> and <command>nta</command> can take
|
||||
<para>Options <option>dns</option>, <option>domain</option> and <option>nta</option> can take
|
||||
a single empty string argument to clear their respective value lists.</para>
|
||||
|
||||
<para>For details about these settings, their possible values and their effect, see the
|
||||
corresponding settings in
|
||||
<para>For details about these settings, their possible values and their effect, see the corresponding options in
|
||||
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term><command>revert <replaceable>LINK</replaceable></command></term>
|
||||
<term><option>revert <replaceable>LINK</replaceable></option></term>
|
||||
|
||||
<listitem><para>Revert the per-interface DNS configuration. If the DNS configuration is reverted all
|
||||
per-interface DNS setting are reset to their defaults, undoing all effects of <command>dns</command>,
|
||||
<command>domain</command>, <command>default-route</command>, <command>llmnr</command>,
|
||||
<command>mdns</command>, <command>dnssec</command>, <command>dnsovertls</command>,
|
||||
<command>nta</command>. Note that when a network interface disappears all configuration is lost
|
||||
automatically, an explicit reverting is not necessary in that case.</para></listitem>
|
||||
per-interface DNS setting are reset to their defaults, undoing all effects of <option>dns</option>,
|
||||
<option>domain</option>, <option>default-route</option>, <option>llmnr</option>, <option>mdns</option>,
|
||||
<option>dnssec</option>, <option>dnsovertls</option>, <option>nta</option>. Note that when a network interface
|
||||
disappears all configuration is lost automatically, an explicit reverting is not necessary in that
|
||||
case.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
</variablelist>
|
||||
|
|
|
|||
|
|
@ -348,8 +348,8 @@ DATAERR 65 BSD
|
|||
<refsect2>
|
||||
<title><command>systemd-analyze condition <replaceable>CONDITION</replaceable>...</command></title>
|
||||
|
||||
<para>This command will evaluate <varname index="false">Condition*=...</varname> and
|
||||
<varname index="false">Assert*=...</varname> assignments, and print their values, and
|
||||
<para>This command will evaluate <varname noindex='true'>Condition*=...</varname> and
|
||||
<varname noindex='true'>Assert*=...</varname> assignments, and print their values, and
|
||||
the resulting value of the combined condition set. See
|
||||
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for a list of available conditions and asserts.</para>
|
||||
|
|
@ -602,7 +602,7 @@ Service b@0.service not loaded, b.socket cannot be started.
|
|||
policy is not validated too.</para>
|
||||
|
||||
<example>
|
||||
<title>Analyze <filename index="false">systemd-logind.service</filename></title>
|
||||
<title>Analyze <filename noindex="true">systemd-logind.service</filename></title>
|
||||
|
||||
<programlisting>$ systemd-analyze security --no-pager systemd-logind.service
|
||||
NAME DESCRIPTION EXPOSURE
|
||||
|
|
|
|||
|
|
@ -140,7 +140,7 @@
|
|||
<example>
|
||||
<title>Invoke a program</title>
|
||||
|
||||
<para>This calls <filename index="false">/bin/ls</filename>
|
||||
<para>This calls <filename noindex='true'>/bin/ls</filename>
|
||||
with standard output and error connected to the journal:</para>
|
||||
|
||||
<programlisting># systemd-cat ls</programlisting>
|
||||
|
|
|
|||
|
|
@ -42,7 +42,7 @@
|
|||
|
||||
<para>If <command>systemd-cgtop</command> is not connected to a
|
||||
tty, no column headers are printed and the default is to only run
|
||||
one iteration. The <option>--iterations=</option> argument, if
|
||||
one iteration. The <varname>--iterations=</varname> argument, if
|
||||
given, is honored. This mode is suitable for scripting.</para>
|
||||
|
||||
<para>Resource usage is only accounted for control groups in the
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@
|
|||
<para><filename>systemd-fsck</filename> does not know any details
|
||||
about specific filesystems, and simply executes file system
|
||||
checkers specific to each filesystem type
|
||||
(<filename>/sbin/fsck.<replaceable>type</replaceable></filename>). These checkers will decide if
|
||||
(<filename>/sbin/fsck.*</filename>). These checkers will decide if
|
||||
the filesystem should actually be checked based on the time since
|
||||
last check, number of mounts, unclean unmount, etc.</para>
|
||||
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@
|
|||
<para><filename>systemd-makefs</filename> knows very little about specific file
|
||||
systems and swap devices, and after checking that the block device does not already
|
||||
contain a file system or other content, it will execute binaries specific to
|
||||
each filesystem type (<filename>/sbin/mkfs.<replaceable>type</replaceable></filename>).</para>
|
||||
each filesystem type (<filename>/sbin/mkfs.*</filename>).</para>
|
||||
|
||||
<para><filename>systemd-growfs</filename> knows very little about specific file
|
||||
systems and swap devices, and will instruct the kernel to grow the mounted
|
||||
|
|
|
|||
|
|
@ -1366,7 +1366,7 @@
|
|||
# systemd-nspawn -bD /var/lib/machines/f&fedora_latest_version;</programlisting>
|
||||
|
||||
<para>This installs a minimal Fedora distribution into the
|
||||
directory <filename index="false">/var/lib/machines/f&fedora_latest_version;</filename>
|
||||
directory <filename noindex='true'>/var/lib/machines/f&fedora_latest_version;</filename>
|
||||
and then boots an OS in a namespace container in it. Because the installation
|
||||
is located underneath the standard <filename>/var/lib/machines/</filename>
|
||||
directory, it is also possible to start the machine using
|
||||
|
|
|
|||
|
|
@ -40,7 +40,7 @@
|
|||
are configured in the <literal>[Automount]</literal> section.</para>
|
||||
|
||||
<para>Automount units must be named after the automount directories they control. Example: the automount point
|
||||
<filename index="false">/home/lennart</filename> must be configured in a unit file
|
||||
<filename noindex='true'>/home/lennart</filename> must be configured in a unit file
|
||||
<filename>home-lennart.automount</filename>. For details about the escaping logic used to convert a file system
|
||||
path to a unit name see
|
||||
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Note that
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@
|
|||
|
||||
<para>Device units are named after the <filename>/sys</filename>
|
||||
and <filename>/dev</filename> paths they control. Example: the
|
||||
device <filename index="false">/dev/sda5</filename> is exposed in
|
||||
device <filename noindex='true'>/dev/sda5</filename> is exposed in
|
||||
systemd as <filename>dev-sda5.device</filename>. For details about
|
||||
the escaping logic used to convert a file system path to a unit
|
||||
name see
|
||||
|
|
|
|||
|
|
@ -356,12 +356,11 @@
|
|||
<para>Example: if a unit has the following,
|
||||
<programlisting>CapabilityBoundingSet=CAP_A CAP_B
|
||||
CapabilityBoundingSet=CAP_B CAP_C</programlisting>
|
||||
then <constant index='false'>CAP_A</constant>, <constant index='false'>CAP_B</constant>, and
|
||||
<constant index='false'>CAP_C</constant> are set. If the second line is prefixed with
|
||||
<literal>~</literal>, e.g.,
|
||||
then <constant>CAP_A</constant>, <constant>CAP_B</constant>, and <constant>CAP_C</constant> are set.
|
||||
If the second line is prefixed with <literal>~</literal>, e.g.,
|
||||
<programlisting>CapabilityBoundingSet=CAP_A CAP_B
|
||||
CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
|
||||
then, only <constant index='false'>CAP_A</constant> is set.</para></listitem>
|
||||
then, only <constant>CAP_A</constant> is set.</para></listitem>
|
||||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
|
|
@ -995,10 +994,8 @@ CapabilityBoundingSet=~CAP_B CAP_C</programlisting>
|
|||
<para>Example: if a system service unit has the following,
|
||||
<programlisting>RuntimeDirectory=foo/bar baz</programlisting>
|
||||
the service manager creates <filename>/run/foo</filename> (if it does not exist),
|
||||
|
||||
<filename index='false'>/run/foo/bar</filename>, and <filename index='false'>/run/baz</filename>. The
|
||||
directories <filename index='false'>/run/foo/bar</filename> and
|
||||
<filename index='false'>/run/baz</filename> except <filename index='false'>/run/foo</filename> are
|
||||
<filename>/run/foo/bar</filename>, and <filename>/run/baz</filename>. The directories
|
||||
<filename>/run/foo/bar</filename> and <filename>/run/baz</filename> except <filename>/run/foo</filename> are
|
||||
owned by the user and group specified in <varname>User=</varname> and <varname>Group=</varname>, and removed
|
||||
when the service is stopped.</para>
|
||||
|
||||
|
|
|
|||
|
|
@ -24,7 +24,7 @@
|
|||
|
||||
<refsynopsisdiv>
|
||||
<cmdsynopsis>
|
||||
<command index='false'>/path/to/generator</command>
|
||||
<command>/path/to/generator</command>
|
||||
<arg choice="plain"><replaceable>normal-dir</replaceable></arg>
|
||||
<arg choice="plain"><replaceable>early-dir</replaceable></arg>
|
||||
<arg choice="plain"><replaceable>late-dir</replaceable></arg>
|
||||
|
|
|
|||
|
|
@ -709,7 +709,7 @@ ID_NET_LINK_FILE=/usr/lib/systemd/network/99-default.link
|
|||
</programlisting>
|
||||
|
||||
<para>In this case, the interface was already renamed, so the <option>keep</option> policy specified as
|
||||
the first option in <filename index="false">99-default.link</filename> means that the existing name is
|
||||
the first option in <filename noindex='true'>99-default.link</filename> means that the existing name is
|
||||
preserved. If <option>keep</option> was removed, or if were in boot before the renaming has happened,
|
||||
we might get the following instead:</para>
|
||||
|
||||
|
|
|
|||
|
|
@ -60,7 +60,7 @@
|
|||
must be run as UID 0.</para>
|
||||
|
||||
<para>Mount units must be named after the mount point directories they control. Example: the mount point <filename
|
||||
index="false">/home/lennart</filename> must be configured in a unit file <filename>home-lennart.mount</filename>.
|
||||
noindex='true'>/home/lennart</filename> must be configured in a unit file <filename>home-lennart.mount</filename>.
|
||||
For details about the escaping logic used to convert a file system path to a unit name, see
|
||||
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Note that mount
|
||||
units cannot be templated, nor is possible to add multiple names to a mount unit by creating additional symlinks to
|
||||
|
|
|
|||
|
|
@ -300,7 +300,7 @@
|
|||
again. Previously, this naming policy applied implicitly, and now it must be explicitly
|
||||
requested. Effectively, this means that network devices will be renamed according to the
|
||||
configuration, even if they have been renamed already, if <constant>keep</constant> is not
|
||||
specified as the naming policy in the <filename index="false">.link</filename> file. See
|
||||
specified as the naming policy in the <filename noindex='true'>.link</filename> file. See
|
||||
<citerefentry><refentrytitle>systemd.link</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for a description of <varname>NamePolicy=</varname>.</para></listitem>
|
||||
</varlistentry>
|
||||
|
|
@ -310,7 +310,7 @@
|
|||
|
||||
<listitem><para><option>MACAddressPolicy=persistent</option> was extended to set MAC addresses
|
||||
based on the device name. Previously addresses were only based on the
|
||||
<varname index="false">ID_NET_NAME_*</varname> attributes, which meant that interface names would
|
||||
<varname noindex='true'>ID_NET_NAME_*</varname> attributes, which meant that interface names would
|
||||
never be generated for virtual devices. Now a persistent address will be generated for most
|
||||
devices, including in particular bridges.</para>
|
||||
|
||||
|
|
|
|||
|
|
@ -35,13 +35,13 @@
|
|||
<listitem>
|
||||
<para>The package manager prepares system updates by downloading all (RPM or DEB or
|
||||
whatever) packages to update off-line in a special directory
|
||||
<filename index="false">/var/lib/system-update</filename> (or
|
||||
<filename noindex="true">/var/lib/system-update</filename> (or
|
||||
another directory of the package/upgrade manager's choice).</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
<para>When the user OK'ed the update, the symlink <filename>/system-update</filename> is
|
||||
created that points to <filename index="false">/var/lib/system-update</filename> (or
|
||||
created that points to <filename noindex="true">/var/lib/system-update</filename> (or
|
||||
wherever the directory with the upgrade files is located) and the system is rebooted. This
|
||||
symlink is in the root directory, since we need to check for it very early at boot, at a
|
||||
time where <filename>/var</filename> is not available yet.</para>
|
||||
|
|
@ -106,12 +106,12 @@
|
|||
<orderedlist>
|
||||
<listitem>
|
||||
<para>To make things a bit more robust we recommend hooking the update script into
|
||||
<filename>system-update.target</filename> via a <filename index="false">.wants/</filename>
|
||||
<filename>system-update.target</filename> via a <filename noindex='true'>.wants/</filename>
|
||||
symlink in the distribution package, rather than depending on <command>systemctl
|
||||
enable</command> in the postinst scriptlets of your package. More specifically, for your
|
||||
update script create a .service file, without [Install] section, and then add a symlink like
|
||||
<filename index="false">/usr/lib/systemd/system-update.target.wants/foobar.service</filename>
|
||||
→ <filename index="false">../foobar.service</filename> to your package.</para>
|
||||
<filename noindex='true'>/usr/lib/systemd/system-update.target.wants/foobar.service</filename>
|
||||
→ <filename noindex='true'>../foobar.service</filename> to your package.</para>
|
||||
</listitem>
|
||||
|
||||
<listitem>
|
||||
|
|
@ -144,7 +144,7 @@
|
|||
<varname>Wants=system-update-pre.target</varname> and
|
||||
<varname>Before=system-update-pre.target</varname> and add a symlink
|
||||
to that file under
|
||||
<filename index="false">/usr/lib/systemd/system-update.target.wants</filename>
|
||||
<filename noindex='true'>/usr/lib/systemd/system-update.target.wants</filename>
|
||||
.</para>
|
||||
</listitem>
|
||||
</orderedlist>
|
||||
|
|
|
|||
|
|
@ -91,7 +91,7 @@
|
|||
<variablelist>
|
||||
|
||||
<varlistentry>
|
||||
<term>CPU</term>
|
||||
<term><option>CPU</option></term>
|
||||
<listitem>
|
||||
<para><varname>CPUWeight=</varname> and <varname>StartupCPUWeight=</varname> replace
|
||||
<varname>CPUShares=</varname> and <varname>StartupCPUShares=</varname>, respectively.</para>
|
||||
|
|
@ -101,7 +101,7 @@
|
|||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>Memory</term>
|
||||
<term><option>Memory</option></term>
|
||||
<listitem>
|
||||
<para><varname>MemoryMax=</varname> replaces <varname>MemoryLimit=</varname>. <varname>MemoryLow=</varname>
|
||||
and <varname>MemoryHigh=</varname> are effective only on unified hierarchy.</para>
|
||||
|
|
@ -109,11 +109,10 @@
|
|||
</varlistentry>
|
||||
|
||||
<varlistentry>
|
||||
<term>IO</term>
|
||||
<term><option>IO</option></term>
|
||||
<listitem>
|
||||
<para><literal>IO</literal>-prefixed settings are a superset of and replace
|
||||
<literal>BlockIO</literal>-prefixed ones. On unified hierarchy, IO resource control also applies
|
||||
to buffered writes.</para>
|
||||
<para><varname>IO</varname> prefixed settings are a superset of and replace <varname>BlockIO</varname>
|
||||
prefixed ones. On unified hierarchy, IO resource control also applies to buffered writes.</para>
|
||||
</listitem>
|
||||
</varlistentry>
|
||||
|
||||
|
|
|
|||
|
|
@ -574,8 +574,8 @@
|
|||
<varlistentry>
|
||||
<term><varname>TimeoutStopSec=</varname></term>
|
||||
<listitem><para>This option serves two purposes. First, it configures the time to wait for each
|
||||
<varname>ExecStop=</varname> command. If any of them times out, subsequent <varname>ExecStop=</varname> commands
|
||||
are skipped and the service will be terminated by <constant>SIGTERM</constant>. If no <varname>ExecStop=</varname>
|
||||
<constant>ExecStop=</constant> command. If any of them times out, subsequent <constant>ExecStop=</constant> commands
|
||||
are skipped and the service will be terminated by <constant>SIGTERM</constant>. If no <constant>ExecStop=</constant>
|
||||
commands are specified, the service gets the <constant>SIGTERM</constant> immediately. Second, it configures the time
|
||||
to wait for the service itself to stop. If it doesn't terminate in the specified time, it will be forcibly terminated
|
||||
by <constant>SIGKILL</constant> (see <varname>KillMode=</varname> in
|
||||
|
|
@ -1329,8 +1329,8 @@ WantedBy=multi-user.target</programlisting>
|
|||
<para><varname>Type=</varname><option>oneshot</option> are the
|
||||
only service units that may have more than one
|
||||
<varname>ExecStart=</varname> specified. For units with multiple
|
||||
commands (<varname index="false">Type=oneshot</varname>), all commands will be run again.</para>
|
||||
<para> For <varname index="false">Type=oneshot</varname>, <varname>Restart=</varname><option>always</option>
|
||||
commands (<varname noindex="true">Type=oneshot</varname>), all commands will be run again.</para>
|
||||
<para> For <varname noindex="true">Type=oneshot</varname>, <varname>Restart=</varname><option>always</option>
|
||||
and <varname>Restart=</varname><option>on-success</option> are <emphasis>not</emphasis> allowed.</para>
|
||||
</example>
|
||||
|
||||
|
|
|
|||
|
|
@ -54,7 +54,7 @@
|
|||
unit.</para>
|
||||
|
||||
<para>Swap units must be named after the devices or files they control. Example: the swap device <filename
|
||||
index="false">/dev/sda5</filename> must be configured in a unit file <filename>dev-sda5.swap</filename>. For
|
||||
noindex='true'>/dev/sda5</filename> must be configured in a unit file <filename>dev-sda5.swap</filename>. For
|
||||
details about the escaping logic used to convert a file system path to a unit name, see
|
||||
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>. Note that swap
|
||||
units cannot be templated, nor is possible to add multiple names to a swap unit by creating additional symlinks to
|
||||
|
|
|
|||
|
|
@ -48,7 +48,7 @@
|
|||
<filename>/run/systemd/system/*</filename>
|
||||
<filename>/run/systemd/systemd.attached/*</filename>
|
||||
<filename>/run/systemd/generator/*</filename>
|
||||
<filename index='false'>…</filename>
|
||||
<filename>…</filename>
|
||||
<filename>/usr/lib/systemd/system/*</filename>
|
||||
<filename>/run/systemd/generator.late/*</filename></literallayout></para>
|
||||
</refsect2>
|
||||
|
|
@ -65,7 +65,7 @@
|
|||
<filename>/run/systemd/user/*</filename>
|
||||
<filename>$XDG_RUNTIME_DIR/systemd/generator/*</filename>
|
||||
<filename>~/.local/share/systemd/user/*</filename>
|
||||
<filename index='false'>…</filename>
|
||||
<filename>…</filename>
|
||||
<filename>/usr/lib/systemd/user/*</filename>
|
||||
<filename>$XDG_RUNTIME_DIR/systemd/generator.late/*</filename></literallayout></para>
|
||||
</refsect2>
|
||||
|
|
@ -246,7 +246,7 @@
|
|||
escaping is used, in order to map strings containing arbitrary byte values (except NUL) into valid unit names and
|
||||
their restricted character set. A common special case are unit names that reflect paths to objects in the file
|
||||
system hierarchy. Example: a device unit <filename>dev-sda.device</filename> refers to a device with the device
|
||||
node <filename index="false">/dev/sda</filename> in the file system.</para>
|
||||
node <filename noindex='true'>/dev/sda</filename> in the file system.</para>
|
||||
|
||||
<para>The escaping algorithm operates as follows: given a string, any <literal>/</literal> character is replaced by
|
||||
<literal>-</literal>, and all other characters which are not ASCII alphanumerics or <literal>_</literal> are
|
||||
|
|
@ -435,7 +435,7 @@
|
|||
<entry>Units of packages that have been installed in the home directory (<varname>$XDG_DATA_HOME</varname> is used if set, <filename>~/.local/share</filename> otherwise)</entry>
|
||||
</row>
|
||||
<row>
|
||||
<entry><filename>$dir/systemd/user</filename> for each <varname index="false">$dir</varname> in <varname>$XDG_DATA_DIRS</varname></entry>
|
||||
<entry><filename>$dir/systemd/user</filename> for each <varname noindex='true'>$dir</varname> in <varname>$XDG_DATA_DIRS</varname></entry>
|
||||
<entry>Additional locations for installed user units, one for each entry in <varname>$XDG_DATA_DIRS</varname></entry>
|
||||
</row>
|
||||
<row>
|
||||
|
|
@ -1026,8 +1026,8 @@
|
|||
<refsect2>
|
||||
<title>Conditions and Asserts</title>
|
||||
|
||||
<para>Unit files may also include a number of <varname index="false">Condition…=</varname> and
|
||||
<varname index="false">Assert…=</varname> settings. Before the unit is started, systemd will verify
|
||||
<para>Unit files may also include a number of <varname noindex="true">Condition…=</varname> and
|
||||
<varname noindex="true">Assert…=</varname> settings. Before the unit is started, systemd will verify
|
||||
that the specified conditions are true. If not, the starting of the unit will be (mostly silently)
|
||||
skipped. Failing conditions will not result in the unit being moved into the <literal>failed</literal>
|
||||
state. The conditions are checked at the time the queued start job is to be executed. The ordering
|
||||
|
|
@ -1731,7 +1731,7 @@ Note that this setting is <emphasis>not</emphasis> influenced by the <varname>Us
|
|||
<row>
|
||||
<entry><literal>%L</literal></entry>
|
||||
<entry>Log directory root</entry>
|
||||
<entry>This is either <filename>/var/log</filename> (for the system manager) or the path <literal>$XDG_CONFIG_HOME</literal> resolves to with <filename index="false">/log</filename> appended (for user managers).</entry>
|
||||
<entry>This is either <filename>/var/log</filename> (for the system manager) or the path <literal>$XDG_CONFIG_HOME</literal> resolves to with <filename noindex='true'>/log</filename> appended (for user managers).</entry>
|
||||
</row>
|
||||
<row>
|
||||
<entry><literal>%m</literal></entry>
|
||||
|
|
|
|||
|
|
@ -33,7 +33,7 @@
|
|||
<para><literallayout><filename>~/.config/user-tmpfiles.d/*.conf</filename>
|
||||
<filename>$XDG_RUNTIME_DIR/user-tmpfiles.d/*.conf</filename>
|
||||
<filename>~/.local/share/user-tmpfiles.d/*.conf</filename>
|
||||
<filename index='false'>…</filename>
|
||||
<filename>…</filename>
|
||||
<filename>/usr/share/user-tmpfiles.d/*.conf</filename>
|
||||
</literallayout></para>
|
||||
|
||||
|
|
@ -654,7 +654,7 @@ w- /proc/sys/vm/swappiness - - - - 10</programlisting></para>
|
|||
<row>
|
||||
<entry><literal>%L</literal></entry>
|
||||
<entry>System or user log directory</entry>
|
||||
<entry>In <option>--user</option> mode, this is the same as <varname>$XDG_CONFIG_HOME</varname> with <filename index="false">/log</filename> appended, and <filename>/var/log</filename> otherwise.</entry>
|
||||
<entry>In <option>--user</option> mode, this is the same as <varname>$XDG_CONFIG_HOME</varname> with <filename noindex='true'>/log</filename> appended, and <filename>/var/log</filename> otherwise.</entry>
|
||||
</row>
|
||||
<row>
|
||||
<entry><literal>%m</literal></entry>
|
||||
|
|
|
|||
|
|
@ -68,16 +68,16 @@
|
|||
different levels. As described in the previous section, <filename>user.slice</filename> contains
|
||||
processes of all users, so any resource limits on that slice apply to all users together. The
|
||||
usual way to configure them would be through drop-ins, e.g. <filename
|
||||
index="false">/etc/systemd/system/user.slice.d/resources.conf</filename>.
|
||||
noindex='true'>/etc/systemd/system/user.slice.d/resources.conf</filename>.
|
||||
</para>
|
||||
|
||||
<para>The processes of a single user are collected under
|
||||
<filename>user-<replaceable>UID</replaceable>.slice</filename>. Resource limits for that user
|
||||
can be configured through drop-ins for that unit, e.g. <filename
|
||||
index="false">/etc/systemd/system/user-1000.slice.d/resources.conf</filename>. If the limits
|
||||
noindex='true'>/etc/systemd/system/user-1000.slice.d/resources.conf</filename>. If the limits
|
||||
should apply to all users instead, they may be configured through drop-ins for the truncated
|
||||
unit name, <filename>user-.slice</filename>. For example, configuration in <filename
|
||||
index="false">/etc/systemd/system/user-.slice.d/resources.conf</filename> is included in all
|
||||
noindex='true'>/etc/systemd/system/user-.slice.d/resources.conf</filename> is included in all
|
||||
<filename>user-<replaceable>UID</replaceable>.slice</filename> units, see
|
||||
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||
for a discussion of the drop-in mechanism.</para>
|
||||
|
|
@ -141,20 +141,20 @@ Control group /:
|
|||
│ └─6706 /usr/bin/sleep 30
|
||||
…</programlisting>
|
||||
<para>User with UID 1000 is logged in using <command>gdm</command> (<filename
|
||||
index="false">session-4.scope</filename>) and
|
||||
noindex='true'>session-4.scope</filename>) and
|
||||
<citerefentry><refentrytitle>ssh</refentrytitle><manvolnum>1</manvolnum></citerefentry>
|
||||
(<filename index="false">session-19.scope</filename>), and also has a user manager instance
|
||||
running (<filename index="false">user@1000.service</filename>). User with UID 1001 is logged
|
||||
in using <command>ssh</command> (<filename index="false">session-20.scope</filename>) and
|
||||
(<filename noindex='true'>session-19.scope</filename>), and also has a user manager instance
|
||||
running (<filename noindex='true'>user@1000.service</filename>). User with UID 1001 is logged
|
||||
in using <command>ssh</command> (<filename noindex='true'>session-20.scope</filename>) and
|
||||
also has a user manager instance running (<filename
|
||||
index="false">user@1001.service</filename>). Those are all (leaf) system units, and form
|
||||
part of the slice hierarchy, with <filename index="false">user-1000.slice</filename> and
|
||||
<filename index="false">user-1001.slice</filename> below <filename
|
||||
index="false">user.slice</filename>. User units are visible below the
|
||||
noindex='true'>user@1001.service</filename>). Those are all (leaf) system units, and form
|
||||
part of the slice hierarchy, with <filename noindex='true'>user-1000.slice</filename> and
|
||||
<filename noindex='true'>user-1001.slice</filename> below <filename
|
||||
noindex='true'>user.slice</filename>. User units are visible below the
|
||||
<filename>user@.service</filename> instances (<filename
|
||||
index="false">pulseaudio.service</filename>, <filename
|
||||
index="false">gnome-terminal-server.service</filename>, <filename
|
||||
index="false">init.scope</filename>, <filename index="false">sleep.service</filename>).
|
||||
noindex='true'>pulseaudio.service</filename>, <filename
|
||||
noindex='true'>gnome-terminal-server.service</filename>, <filename
|
||||
noindex='true'>init.scope</filename>, <filename noindex='true'>sleep.service</filename>).
|
||||
</para>
|
||||
</example>
|
||||
|
||||
|
|
|
|||
|
|
@ -20,7 +20,6 @@
|
|||
#include "macro.h"
|
||||
#include "missing_syscall.h"
|
||||
#include "mountpoint-util.h"
|
||||
#include "nulstr-util.h"
|
||||
#include "stat-util.h"
|
||||
#include "string-util.h"
|
||||
#include "strv.h"
|
||||
|
|
@ -914,28 +913,63 @@ int copy_times(int fdf, int fdt, CopyFlags flags) {
|
|||
}
|
||||
|
||||
int copy_xattr(int fdf, int fdt) {
|
||||
_cleanup_free_ char *names = NULL;
|
||||
int ret = 0, r;
|
||||
_cleanup_free_ char *bufa = NULL, *bufb = NULL;
|
||||
size_t sza = 100, szb = 100;
|
||||
ssize_t n;
|
||||
int ret = 0;
|
||||
const char *p;
|
||||
|
||||
r = flistxattr_malloc(fdf, &names);
|
||||
if (r < 0)
|
||||
return r;
|
||||
for (;;) {
|
||||
bufa = malloc(sza);
|
||||
if (!bufa)
|
||||
return -ENOMEM;
|
||||
|
||||
NULSTR_FOREACH(p, names) {
|
||||
_cleanup_free_ char *value = NULL;
|
||||
n = flistxattr(fdf, bufa, sza);
|
||||
if (n == 0)
|
||||
return 0;
|
||||
if (n > 0)
|
||||
break;
|
||||
if (errno != ERANGE)
|
||||
return -errno;
|
||||
|
||||
if (!startswith(p, "user."))
|
||||
continue;
|
||||
sza *= 2;
|
||||
|
||||
r = fgetxattr_malloc(fdf, p, &value);
|
||||
if (r == -ENODATA)
|
||||
continue; /* gone by now */
|
||||
if (r < 0)
|
||||
return r;
|
||||
bufa = mfree(bufa);
|
||||
}
|
||||
|
||||
if (fsetxattr(fdt, p, value, r, 0) < 0)
|
||||
ret = -errno;
|
||||
p = bufa;
|
||||
while (n > 0) {
|
||||
size_t l;
|
||||
|
||||
l = strlen(p);
|
||||
assert(l < (size_t) n);
|
||||
|
||||
if (startswith(p, "user.")) {
|
||||
ssize_t m;
|
||||
|
||||
if (!bufb) {
|
||||
bufb = malloc(szb);
|
||||
if (!bufb)
|
||||
return -ENOMEM;
|
||||
}
|
||||
|
||||
m = fgetxattr(fdf, p, bufb, szb);
|
||||
if (m < 0) {
|
||||
if (errno == ERANGE) {
|
||||
szb *= 2;
|
||||
bufb = mfree(bufb);
|
||||
continue;
|
||||
}
|
||||
|
||||
return -errno;
|
||||
}
|
||||
|
||||
if (fsetxattr(fdt, p, bufb, m, 0) < 0)
|
||||
ret = -errno;
|
||||
}
|
||||
|
||||
p += l + 1;
|
||||
n -= l + 1;
|
||||
}
|
||||
|
||||
return ret;
|
||||
|
|
|
|||
|
|
@ -17,23 +17,17 @@
|
|||
#include "time-util.h"
|
||||
#include "xattr-util.h"
|
||||
|
||||
int getxattr_malloc(
|
||||
const char *path,
|
||||
const char *name,
|
||||
char **ret,
|
||||
bool allow_symlink) {
|
||||
|
||||
size_t l = 100;
|
||||
int getxattr_malloc(const char *path, const char *name, char **value, bool allow_symlink) {
|
||||
char *v;
|
||||
size_t l;
|
||||
ssize_t n;
|
||||
|
||||
assert(path);
|
||||
assert(name);
|
||||
assert(ret);
|
||||
assert(value);
|
||||
|
||||
for(;;) {
|
||||
_cleanup_free_ char *v = NULL;
|
||||
ssize_t n;
|
||||
|
||||
v = new0(char, l+1);
|
||||
for (l = 100; ; l = (size_t) n + 1 /* extra byte to make sure this remains NUL suffixed */) {
|
||||
v = new0(char, l);
|
||||
if (!v)
|
||||
return -ENOMEM;
|
||||
|
||||
|
|
@ -41,64 +35,53 @@ int getxattr_malloc(
|
|||
n = lgetxattr(path, name, v, l);
|
||||
else
|
||||
n = getxattr(path, name, v, l);
|
||||
if (n < 0) {
|
||||
if (errno != ERANGE)
|
||||
return -errno;
|
||||
} else {
|
||||
v[n] = 0; /* NUL terminate */
|
||||
*ret = TAKE_PTR(v);
|
||||
return (int) n;
|
||||
if (n >= 0 && (size_t) n < l) {
|
||||
*value = v;
|
||||
return n;
|
||||
}
|
||||
|
||||
free(v);
|
||||
|
||||
if (n < 0 && errno != ERANGE)
|
||||
return -errno;
|
||||
|
||||
if (allow_symlink)
|
||||
n = lgetxattr(path, name, NULL, 0);
|
||||
else
|
||||
n = getxattr(path, name, NULL, 0);
|
||||
if (n < 0)
|
||||
return -errno;
|
||||
if (n > INT_MAX) /* We couldn't return this as 'int' anymore */
|
||||
return -E2BIG;
|
||||
|
||||
l = (size_t) n;
|
||||
}
|
||||
}
|
||||
|
||||
int fgetxattr_malloc(
|
||||
int fd,
|
||||
const char *name,
|
||||
char **ret) {
|
||||
|
||||
size_t l = 100;
|
||||
int fgetxattr_malloc(int fd, const char *name, char **value) {
|
||||
char *v;
|
||||
size_t l;
|
||||
ssize_t n;
|
||||
|
||||
assert(fd >= 0);
|
||||
assert(name);
|
||||
assert(ret);
|
||||
assert(value);
|
||||
|
||||
for (;;) {
|
||||
_cleanup_free_ char *v = NULL;
|
||||
ssize_t n;
|
||||
|
||||
v = new(char, l+1);
|
||||
for (l = 100;; l = (size_t) n + 1 /* extra byte to make sure this remains NUL suffixed */) {
|
||||
v = new0(char, l);
|
||||
if (!v)
|
||||
return -ENOMEM;
|
||||
|
||||
n = fgetxattr(fd, name, v, l);
|
||||
if (n < 0) {
|
||||
if (errno != ERANGE)
|
||||
return -errno;
|
||||
} else {
|
||||
v[n] = 0; /* NUL terminate */
|
||||
*ret = TAKE_PTR(v);
|
||||
return (int) n;
|
||||
if (n >= 0 && (size_t) n < l) {
|
||||
*value = v;
|
||||
return n;
|
||||
}
|
||||
|
||||
free(v);
|
||||
|
||||
if (n < 0 && errno != ERANGE)
|
||||
return -errno;
|
||||
|
||||
n = fgetxattr(fd, name, NULL, 0);
|
||||
if (n < 0)
|
||||
return -errno;
|
||||
if (n > INT_MAX) /* We couldn't return this as 'int' anymore */
|
||||
return -E2BIG;
|
||||
|
||||
l = (size_t) n;
|
||||
}
|
||||
}
|
||||
|
||||
|
|
@ -234,37 +217,3 @@ int fd_setcrtime(int fd, usec_t usec) {
|
|||
|
||||
return 0;
|
||||
}
|
||||
|
||||
int flistxattr_malloc(int fd, char **ret) {
|
||||
size_t l = 100;
|
||||
|
||||
assert(fd >= 0);
|
||||
assert(ret);
|
||||
|
||||
for (;;) {
|
||||
_cleanup_free_ char *v = NULL;
|
||||
ssize_t n;
|
||||
|
||||
v = new(char, l+1);
|
||||
if (!v)
|
||||
return -ENOMEM;
|
||||
|
||||
n = flistxattr(fd, v, l);
|
||||
if (n < 0) {
|
||||
if (errno != ERANGE)
|
||||
return -errno;
|
||||
} else {
|
||||
v[n] = 0; /* NUL terminate */
|
||||
*ret = TAKE_PTR(v);
|
||||
return (int) n;
|
||||
}
|
||||
|
||||
n = flistxattr(fd, NULL, 0);
|
||||
if (n < 0)
|
||||
return -errno;
|
||||
if (n > INT_MAX) /* We couldn't return this as 'int' anymore */
|
||||
return -E2BIG;
|
||||
|
||||
l = (size_t) n;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -23,5 +23,3 @@ int fd_setcrtime(int fd, usec_t usec);
|
|||
int fd_getcrtime(int fd, usec_t *usec);
|
||||
int path_getcrtime(const char *p, usec_t *usec);
|
||||
int fd_getcrtime_at(int dirfd, const char *name, usec_t *usec, int flags);
|
||||
|
||||
int flistxattr_malloc(int fd, char **ret);
|
||||
|
|
|
|||
|
|
@ -1,6 +1,5 @@
|
|||
/* SPDX-License-Identifier: LGPL-2.1+ */
|
||||
|
||||
#include <sys/xattr.h>
|
||||
#include <unistd.h>
|
||||
|
||||
#include "alloc-util.h"
|
||||
|
|
@ -8,7 +7,6 @@
|
|||
#include "fd-util.h"
|
||||
#include "fileio.h"
|
||||
#include "fs-util.h"
|
||||
#include "hexdecoct.h"
|
||||
#include "log.h"
|
||||
#include "macro.h"
|
||||
#include "mkdir.h"
|
||||
|
|
@ -20,7 +18,6 @@
|
|||
#include "tmpfile-util.h"
|
||||
#include "user-util.h"
|
||||
#include "util.h"
|
||||
#include "xattr-util.h"
|
||||
|
||||
static void test_copy_file(void) {
|
||||
_cleanup_free_ char *buf = NULL;
|
||||
|
|
@ -78,16 +75,14 @@ static void test_copy_file_fd(void) {
|
|||
}
|
||||
|
||||
static void test_copy_tree(void) {
|
||||
char original_dir[] = "/var/tmp/test-copy_tree/";
|
||||
char copy_dir[] = "/var/tmp/test-copy_tree-copy/";
|
||||
char original_dir[] = "/tmp/test-copy_tree/";
|
||||
char copy_dir[] = "/tmp/test-copy_tree-copy/";
|
||||
char **files = STRV_MAKE("file", "dir1/file", "dir1/dir2/file", "dir1/dir2/dir3/dir4/dir5/file");
|
||||
char **links = STRV_MAKE("link", "file",
|
||||
"link2", "dir1/file");
|
||||
const char *unixsockp;
|
||||
char **p, **link;
|
||||
const char *unixsockp;
|
||||
struct stat st;
|
||||
int xattr_worked = -1; /* xattr support is optional in temporary directories, hence use it if we can,
|
||||
* but don't fail if we can't */
|
||||
|
||||
log_info("%s", __func__);
|
||||
|
||||
|
|
@ -95,19 +90,12 @@ static void test_copy_tree(void) {
|
|||
(void) rm_rf(original_dir, REMOVE_ROOT|REMOVE_PHYSICAL);
|
||||
|
||||
STRV_FOREACH(p, files) {
|
||||
_cleanup_free_ char *f, *c;
|
||||
int k;
|
||||
_cleanup_free_ char *f;
|
||||
|
||||
assert_se(f = path_join(original_dir, *p));
|
||||
|
||||
assert_se(mkdir_parents(f, 0755) >= 0);
|
||||
assert_se(write_string_file(f, "file", WRITE_STRING_FILE_CREATE) == 0);
|
||||
|
||||
assert_se(base64mem(*p, strlen(*p), &c) >= 0);
|
||||
|
||||
k = setxattr(f, "user.testxattr", c, strlen(c), 0);
|
||||
assert_se(xattr_worked < 0 || ((k >= 0) == !!xattr_worked));
|
||||
xattr_worked = k >= 0;
|
||||
}
|
||||
|
||||
STRV_FOREACH_PAIR(link, p, links) {
|
||||
|
|
@ -126,25 +114,14 @@ static void test_copy_tree(void) {
|
|||
assert_se(copy_tree(original_dir, copy_dir, UID_INVALID, GID_INVALID, COPY_REFLINK|COPY_MERGE) == 0);
|
||||
|
||||
STRV_FOREACH(p, files) {
|
||||
_cleanup_free_ char *buf, *f, *c = NULL;
|
||||
_cleanup_free_ char *buf, *f;
|
||||
size_t sz;
|
||||
int k;
|
||||
|
||||
assert_se(f = path_join(copy_dir, *p));
|
||||
|
||||
assert_se(access(f, F_OK) == 0);
|
||||
assert_se(read_full_file(f, &buf, &sz) == 0);
|
||||
assert_se(streq(buf, "file\n"));
|
||||
|
||||
k = getxattr_malloc(f, "user.testxattr", &c, false);
|
||||
assert_se(xattr_worked < 0 || ((k >= 0) == !!xattr_worked));
|
||||
|
||||
if (k >= 0) {
|
||||
_cleanup_free_ char *d = NULL;
|
||||
|
||||
assert_se(base64mem(*p, strlen(*p), &d) >= 0);
|
||||
assert_se(streq(d, c));
|
||||
}
|
||||
}
|
||||
|
||||
STRV_FOREACH_PAIR(link, p, links) {
|
||||
|
|
|
|||
|
|
@ -187,13 +187,10 @@ def _extract_directives(directive_groups, formatting, page):
|
|||
storvar if klass else storopt)):
|
||||
for name in variablelist.iterfind(xpath):
|
||||
text = re.sub(r'([= ]).*', r'\1', name.text).rstrip()
|
||||
if text.startswith('-'):
|
||||
# for options, merge options with and without mandatory arg
|
||||
text = text.partition('=')[0]
|
||||
stor[text].append((pagename, section))
|
||||
if text not in formatting:
|
||||
# use element as formatted display
|
||||
if name.text[-1] in "= '":
|
||||
if name.text[-1] in '= ':
|
||||
name.clear()
|
||||
else:
|
||||
name.tail = ''
|
||||
|
|
@ -207,7 +204,7 @@ def _extract_directives(directive_groups, formatting, page):
|
|||
for name in t.iterfind(xpath):
|
||||
if absolute_only and not (name.text and name.text.startswith('/')):
|
||||
continue
|
||||
if name.attrib.get('index') == 'false':
|
||||
if name.attrib.get('noindex'):
|
||||
continue
|
||||
name.tail = ''
|
||||
if name.text:
|
||||
|
|
@ -231,7 +228,7 @@ def _extract_directives(directive_groups, formatting, page):
|
|||
|
||||
storfile = directive_groups['constants']
|
||||
for name in t.iterfind('.//constant'):
|
||||
if name.attrib.get('index') == 'false':
|
||||
if name.attrib.get('noindex'):
|
||||
continue
|
||||
name.tail = ''
|
||||
if name.text.startswith('('): # a cast, strip it
|
||||
|
|
|
|||
Loading…
Reference in New Issue