Compare commits
29 Commits
d5fc4bc9e2
...
cc4b926d52
Author | SHA1 | Date |
---|---|---|
Ivan Kruglov | cc4b926d52 | |
gerblesh | bbec1c87d3 | |
Yu Watanabe | f29a07f3fc | |
Luca Boccassi | 0566bd9643 | |
Lennart Poettering | 7b4b3a8f7b | |
Winterhuman | 5bed97dd57 | |
Luca Boccassi | c4d7a13c06 | |
Abderrahim Kitouni | 0ae6f4843e | |
Yu Watanabe | 1ea1a79aa1 | |
Luca Boccassi | 7a9d0abe4d | |
Yu Watanabe | 6046cc3660 | |
Ivan Kruglov | 028b710a62 | |
Ivan Kruglov | 81f57a5f27 | |
Ivan Kruglov | 22d696e9c5 | |
Ivan Kruglov | a29e6372f8 | |
Ivan Kruglov | 8a9c8cf9c9 | |
Ivan Kruglov | afee7cf9fb | |
Ivan Kruglov | 0ee37d25b6 | |
Ivan Kruglov | 7ce36166d8 | |
Ivan Kruglov | 42431acd53 | |
Ivan Kruglov | e544d9bd97 | |
Ivan Kruglov | 03364f5df8 | |
Ivan Kruglov | 52718e8d4f | |
Ivan Kruglov | 49236c1480 | |
Daan De Meyer | bf43cdb767 | |
Ivan Kruglov | a3fe412c35 | |
Ivan Kruglov | 53c95a9d53 | |
Ivan Kruglov | 3aa3f130c1 | |
Ivan Kruglov | df18408ac6 |
|
@ -684,6 +684,15 @@ fi</programlisting>
|
||||||
<citerefentry><refentrytitle>file-hierarchy</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
|
<citerefentry><refentrytitle>file-hierarchy</refentrytitle><manvolnum>7</manvolnum></citerefentry>.</para>
|
||||||
</refsect1>
|
</refsect1>
|
||||||
|
|
||||||
|
<refsect1>
|
||||||
|
<title>Notes</title>
|
||||||
|
|
||||||
|
<para>
|
||||||
|
All example codes in this page are licensed under <literal>MIT No Attribution</literal>
|
||||||
|
(SPDX-License-Identifier: MIT-0).
|
||||||
|
</para>
|
||||||
|
</refsect1>
|
||||||
|
|
||||||
<refsect1>
|
<refsect1>
|
||||||
<title>See Also</title>
|
<title>See Also</title>
|
||||||
<para><simplelist type="inline">
|
<para><simplelist type="inline">
|
||||||
|
|
|
@ -128,7 +128,8 @@
|
||||||
|
|
||||||
<para>If <option>-keep-download=yes</option> is specified the image will be downloaded and stored in
|
<para>If <option>-keep-download=yes</option> is specified the image will be downloaded and stored in
|
||||||
a read-only subvolume/directory in the image directory that is named after the specified URL and its
|
a read-only subvolume/directory in the image directory that is named after the specified URL and its
|
||||||
HTTP etag. A writable snapshot is then taken from this subvolume, and named after the specified local
|
HTTP etag (see <ulink url="https://en.wikipedia.org/wiki/HTTP_ETag">HTTP ETag</ulink> for more
|
||||||
|
information). A writable snapshot is then taken from this subvolume, and named after the specified local
|
||||||
name. This behavior ensures that creating multiple instances of the same URL is efficient, as
|
name. This behavior ensures that creating multiple instances of the same URL is efficient, as
|
||||||
multiple downloads are not necessary. In order to create only the read-only image, and avoid creating
|
multiple downloads are not necessary. In order to create only the read-only image, and avoid creating
|
||||||
its writable snapshot, specify <literal>-</literal> as local name.</para>
|
its writable snapshot, specify <literal>-</literal> as local name.</para>
|
||||||
|
|
|
@ -28,7 +28,9 @@
|
||||||
<title>Description</title>
|
<title>Description</title>
|
||||||
|
|
||||||
<para><command>pam_systemd_loadkey</command> reads a NUL-separated password list from the kernel keyring,
|
<para><command>pam_systemd_loadkey</command> reads a NUL-separated password list from the kernel keyring,
|
||||||
and sets the last password in the list as the PAM authtok.</para>
|
and sets the last password in the list as the PAM authtok, which can be used by e.g.
|
||||||
|
<citerefentry project='man-pages'><refentrytitle>pam_get_authtok</refentrytitle><manvolnum>3</manvolnum></citerefentry>.
|
||||||
|
</para>
|
||||||
|
|
||||||
<para>The password list is supposed to be stored in the "user" keyring of the root user,
|
<para>The password list is supposed to be stored in the "user" keyring of the root user,
|
||||||
by an earlier call to
|
by an earlier call to
|
||||||
|
|
|
@ -61,7 +61,10 @@
|
||||||
<literal>systemd-run0</literal> PAM stack.</para>
|
<literal>systemd-run0</literal> PAM stack.</para>
|
||||||
|
|
||||||
<para>Note that <command>run0</command> is implemented as an alternative multi-call invocation of
|
<para>Note that <command>run0</command> is implemented as an alternative multi-call invocation of
|
||||||
<citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry>.</para>
|
<citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry>. That is,
|
||||||
|
<command>run0</command> is a symbolic link to <command>systemd-run</command> executable file, and it
|
||||||
|
behaves as <command>run0</command> if it is invoked through the symbolic link, otherwise behaves as
|
||||||
|
<command>systemd-run</command>.</para>
|
||||||
</refsect1>
|
</refsect1>
|
||||||
|
|
||||||
<refsect1>
|
<refsect1>
|
||||||
|
|
|
@ -41,8 +41,10 @@
|
||||||
<refsect1>
|
<refsect1>
|
||||||
<title>Kernel Command Line</title>
|
<title>Kernel Command Line</title>
|
||||||
|
|
||||||
<para><filename>systemd-rfkill</filename> understands the
|
<para>
|
||||||
following kernel command line parameter:</para>
|
<command>systemd-rfkill</command> understands the following kernel command line parameter. See also
|
||||||
|
<citerefentry><refentrytitle>kernel-command-line</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
|
||||||
|
</para>
|
||||||
|
|
||||||
<variablelist class='kernel-commandline-options'>
|
<variablelist class='kernel-commandline-options'>
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
|
|
|
@ -302,7 +302,7 @@
|
||||||
and running in an initrd equivalent to true, otherwise false. This implements a restricted subset of
|
and running in an initrd equivalent to true, otherwise false. This implements a restricted subset of
|
||||||
the per-unit setting of the same name, see
|
the per-unit setting of the same name, see
|
||||||
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
|
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> for
|
||||||
details: currently, the <literal>full</literal> or <literal>struct</literal> values are not
|
details: currently, the <literal>full</literal> or <literal>strict</literal> values are not
|
||||||
supported.</para>
|
supported.</para>
|
||||||
|
|
||||||
<xi:include href="version-info.xml" xpointer="v256"/></listitem>
|
<xi:include href="version-info.xml" xpointer="v256"/></listitem>
|
||||||
|
|
|
@ -394,9 +394,9 @@
|
||||||
<listitem><para>SBAT metadata associated with the UKI or addon. SBAT policies are useful to revoke
|
<listitem><para>SBAT metadata associated with the UKI or addon. SBAT policies are useful to revoke
|
||||||
whole groups of UKIs or addons with a single, static policy update that does not take space in
|
whole groups of UKIs or addons with a single, static policy update that does not take space in
|
||||||
DBX/MOKX. If not specified manually, a default metadata entry consisting of
|
DBX/MOKX. If not specified manually, a default metadata entry consisting of
|
||||||
<literal>uki,1,UKI,uki,1,https://uapi-group.org/specifications/specs/unified_kernel_image/</literal>
|
<programlisting>uki,1,UKI,uki,1,https://uapi-group.org/specifications/specs/unified_kernel_image/</programlisting>
|
||||||
for UKIs and
|
for UKIs and
|
||||||
<literal>uki-addon,1,UKI Addon,addon,1,https://www.freedesktop.org/software/systemd/man/latest/systemd-stub.html</literal>
|
<programlisting>uki-addon,1,UKI Addon,addon,1,https://www.freedesktop.org/software/systemd/man/latest/systemd-stub.html</programlisting>
|
||||||
for addons will be used, to ensure it is always possible to revoke them. For more information on
|
for addons will be used, to ensure it is always possible to revoke them. For more information on
|
||||||
SBAT see <ulink url="https://github.com/rhboot/shim/blob/main/SBAT.md">Shim documentation</ulink>.
|
SBAT see <ulink url="https://github.com/rhboot/shim/blob/main/SBAT.md">Shim documentation</ulink>.
|
||||||
</para>
|
</para>
|
||||||
|
|
|
@ -27,6 +27,8 @@ conf = configuration_data()
|
||||||
conf.set_quoted('PROJECT_URL', 'https://systemd.io/')
|
conf.set_quoted('PROJECT_URL', 'https://systemd.io/')
|
||||||
conf.set('PROJECT_VERSION', project_major_version,
|
conf.set('PROJECT_VERSION', project_major_version,
|
||||||
description : 'Numerical project version (used where a simple number is expected)')
|
description : 'Numerical project version (used where a simple number is expected)')
|
||||||
|
conf.set_quoted('PROJECT_VERSION_STR', project_major_version,
|
||||||
|
description: 'Stringified project version (used where a simple string is expected)')
|
||||||
conf.set_quoted('PROJECT_VERSION_FULL', meson.project_version(), description : 'Full project version')
|
conf.set_quoted('PROJECT_VERSION_FULL', meson.project_version(), description : 'Full project version')
|
||||||
|
|
||||||
# This is to be used instead of meson.source_root(), as the latter will return
|
# This is to be used instead of meson.source_root(), as the latter will return
|
||||||
|
|
|
@ -289,7 +289,8 @@ int write_string_file_full(
|
||||||
const char *fn,
|
const char *fn,
|
||||||
const char *line,
|
const char *line,
|
||||||
WriteStringFileFlags flags,
|
WriteStringFileFlags flags,
|
||||||
const struct timespec *ts) {
|
const struct timespec *ts,
|
||||||
|
const char *label_fn) {
|
||||||
|
|
||||||
bool call_label_ops_post = false, made_file = false;
|
bool call_label_ops_post = false, made_file = false;
|
||||||
_cleanup_fclose_ FILE *f = NULL;
|
_cleanup_fclose_ FILE *f = NULL;
|
||||||
|
@ -321,7 +322,8 @@ int write_string_file_full(
|
||||||
mode_t mode = write_string_file_flags_to_mode(flags);
|
mode_t mode = write_string_file_flags_to_mode(flags);
|
||||||
|
|
||||||
if (FLAGS_SET(flags, WRITE_STRING_FILE_LABEL|WRITE_STRING_FILE_CREATE)) {
|
if (FLAGS_SET(flags, WRITE_STRING_FILE_LABEL|WRITE_STRING_FILE_CREATE)) {
|
||||||
r = label_ops_pre(dir_fd, fn, mode);
|
const char *lookup = label_fn ? label_fn : fn;
|
||||||
|
r = label_ops_pre(dir_fd, lookup, mode);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
goto fail;
|
goto fail;
|
||||||
|
|
||||||
|
|
|
@ -51,12 +51,13 @@ int write_string_stream_full(FILE *f, const char *line, WriteStringFileFlags fla
|
||||||
static inline int write_string_stream(FILE *f, const char *line, WriteStringFileFlags flags) {
|
static inline int write_string_stream(FILE *f, const char *line, WriteStringFileFlags flags) {
|
||||||
return write_string_stream_full(f, line, flags, /* ts= */ NULL);
|
return write_string_stream_full(f, line, flags, /* ts= */ NULL);
|
||||||
}
|
}
|
||||||
int write_string_file_full(int dir_fd, const char *fn, const char *line, WriteStringFileFlags flags, const struct timespec *ts);
|
|
||||||
|
int write_string_file_full(int dir_fd, const char *fn, const char *line, WriteStringFileFlags flags, const struct timespec *ts, const char *label_fn);
|
||||||
static inline int write_string_file(const char *fn, const char *line, WriteStringFileFlags flags) {
|
static inline int write_string_file(const char *fn, const char *line, WriteStringFileFlags flags) {
|
||||||
return write_string_file_full(AT_FDCWD, fn, line, flags, /* ts= */ NULL);
|
return write_string_file_full(AT_FDCWD, fn, line, flags, /* ts= */ NULL, /*label_fn=*/ NULL);
|
||||||
}
|
}
|
||||||
static inline int write_string_file_at(int dir_fd, const char *fn, const char *line, WriteStringFileFlags flags) {
|
static inline int write_string_file_at(int dir_fd, const char *fn, const char *line, WriteStringFileFlags flags) {
|
||||||
return write_string_file_full(dir_fd, fn, line, flags, /* ts= */ NULL);
|
return write_string_file_full(dir_fd, fn, line, flags, /* ts= */ NULL, /*label_fn=*/ NULL);
|
||||||
}
|
}
|
||||||
int write_string_filef(const char *fn, WriteStringFileFlags flags, const char *format, ...) _printf_(3, 4);
|
int write_string_filef(const char *fn, WriteStringFileFlags flags, const char *format, ...) _printf_(3, 4);
|
||||||
|
|
||||||
|
|
|
@ -1471,6 +1471,12 @@ int log_get_max_level(void) {
|
||||||
return log_max_level;
|
return log_max_level;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int log_get_target_max_level(LogTarget target) {
|
||||||
|
assert(target >= 0);
|
||||||
|
assert(target < _LOG_TARGET_SINGLE_MAX);
|
||||||
|
return log_target_max_level[target];
|
||||||
|
}
|
||||||
|
|
||||||
void log_show_color(bool b) {
|
void log_show_color(bool b) {
|
||||||
show_color = b;
|
show_color = b;
|
||||||
}
|
}
|
||||||
|
|
|
@ -59,6 +59,7 @@ void log_settle_target(void);
|
||||||
int log_set_max_level(int level);
|
int log_set_max_level(int level);
|
||||||
int log_set_max_level_from_string(const char *e);
|
int log_set_max_level_from_string(const char *e);
|
||||||
int log_get_max_level(void) _pure_;
|
int log_get_max_level(void) _pure_;
|
||||||
|
int log_get_target_max_level(LogTarget target);
|
||||||
int log_max_levels_to_string(int level, char **ret);
|
int log_max_levels_to_string(int level, char **ret);
|
||||||
|
|
||||||
void log_set_facility(int facility);
|
void log_set_facility(int facility);
|
||||||
|
|
|
@ -3,13 +3,19 @@
|
||||||
#include "sd-varlink.h"
|
#include "sd-varlink.h"
|
||||||
|
|
||||||
#include "core-varlink.h"
|
#include "core-varlink.h"
|
||||||
|
#include "format-util.h"
|
||||||
#include "json-util.h"
|
#include "json-util.h"
|
||||||
|
#include "manager-varlink.h"
|
||||||
#include "mkdir-label.h"
|
#include "mkdir-label.h"
|
||||||
#include "strv.h"
|
#include "strv.h"
|
||||||
|
#include "unit-varlink.h"
|
||||||
#include "user-util.h"
|
#include "user-util.h"
|
||||||
#include "varlink-internal.h"
|
#include "varlink-internal.h"
|
||||||
|
#include "varlink-serialize.h"
|
||||||
|
#include "varlink-io.systemd.Unit.h"
|
||||||
#include "varlink-io.systemd.UserDatabase.h"
|
#include "varlink-io.systemd.UserDatabase.h"
|
||||||
#include "varlink-io.systemd.ManagedOOM.h"
|
#include "varlink-io.systemd.ManagedOOM.h"
|
||||||
|
#include "varlink-io.systemd.Manager.h"
|
||||||
#include "varlink-util.h"
|
#include "varlink-util.h"
|
||||||
|
|
||||||
typedef struct LookupParameters {
|
typedef struct LookupParameters {
|
||||||
|
@ -579,34 +585,50 @@ int manager_setup_varlink_server(Manager *m) {
|
||||||
if (m->varlink_server)
|
if (m->varlink_server)
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
if (!MANAGER_IS_SYSTEM(m))
|
sd_varlink_server_flags_t flags = SD_VARLINK_SERVER_INHERIT_USERDATA;
|
||||||
return -EINVAL;
|
if (MANAGER_IS_SYSTEM(m))
|
||||||
|
flags |= SD_VARLINK_SERVER_ACCOUNT_UID;
|
||||||
|
|
||||||
r = sd_varlink_server_new(&s, SD_VARLINK_SERVER_ACCOUNT_UID|SD_VARLINK_SERVER_INHERIT_USERDATA);
|
r = sd_varlink_server_new(&s, flags);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_debug_errno(r, "Failed to allocate varlink server object: %m");
|
return log_debug_errno(r, "Failed to allocate varlink server object: %m");
|
||||||
|
|
||||||
sd_varlink_server_set_userdata(s, m);
|
sd_varlink_server_set_userdata(s, m);
|
||||||
|
|
||||||
r = sd_varlink_server_add_interface_many(
|
r = sd_varlink_server_add_interface_many(s,
|
||||||
s,
|
&vl_interface_io_systemd_Manager,
|
||||||
&vl_interface_io_systemd_UserDatabase,
|
&vl_interface_io_systemd_Unit);
|
||||||
&vl_interface_io_systemd_ManagedOOM);
|
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_debug_errno(r, "Failed to add interfaces to varlink server: %m");
|
return log_debug_errno(r, "Failed to add interfaces to varlink server: %m");
|
||||||
|
|
||||||
r = sd_varlink_server_bind_method_many(
|
r = sd_varlink_server_bind_method_many(
|
||||||
s,
|
s,
|
||||||
"io.systemd.UserDatabase.GetUserRecord", vl_method_get_user_record,
|
"io.systemd.Manager.Describe", vl_method_describe_manager,
|
||||||
"io.systemd.UserDatabase.GetGroupRecord", vl_method_get_group_record,
|
"io.systemd.Unit.List", vl_method_list_units);
|
||||||
"io.systemd.UserDatabase.GetMemberships", vl_method_get_memberships,
|
|
||||||
"io.systemd.ManagedOOM.SubscribeManagedOOMCGroups", vl_method_subscribe_managed_oom_cgroups);
|
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_debug_errno(r, "Failed to register varlink methods: %m");
|
return log_debug_errno(r, "Failed to register varlink methods: %m");
|
||||||
|
|
||||||
r = sd_varlink_server_bind_disconnect(s, vl_disconnect);
|
if (MANAGER_IS_SYSTEM(m)) {
|
||||||
if (r < 0)
|
r = sd_varlink_server_add_interface_many(
|
||||||
return log_debug_errno(r, "Failed to register varlink disconnect handler: %m");
|
s,
|
||||||
|
&vl_interface_io_systemd_UserDatabase,
|
||||||
|
&vl_interface_io_systemd_ManagedOOM);
|
||||||
|
if (r < 0)
|
||||||
|
return log_debug_errno(r, "Failed to add interfaces to varlink server: %m");
|
||||||
|
|
||||||
|
r = sd_varlink_server_bind_method_many(
|
||||||
|
s,
|
||||||
|
"io.systemd.UserDatabase.GetUserRecord", vl_method_get_user_record,
|
||||||
|
"io.systemd.UserDatabase.GetGroupRecord", vl_method_get_group_record,
|
||||||
|
"io.systemd.UserDatabase.GetMemberships", vl_method_get_memberships,
|
||||||
|
"io.systemd.ManagedOOM.SubscribeManagedOOMCGroups", vl_method_subscribe_managed_oom_cgroups);
|
||||||
|
if (r < 0)
|
||||||
|
return log_debug_errno(r, "Failed to register varlink methods: %m");
|
||||||
|
|
||||||
|
r = sd_varlink_server_bind_disconnect(s, vl_disconnect);
|
||||||
|
if (r < 0)
|
||||||
|
return log_debug_errno(r, "Failed to register varlink disconnect handler: %m");
|
||||||
|
}
|
||||||
|
|
||||||
r = sd_varlink_server_attach_event(s, m->event, EVENT_PRIORITY_IPC);
|
r = sd_varlink_server_attach_event(s, m->event, EVENT_PRIORITY_IPC);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
@ -630,22 +652,22 @@ static int manager_varlink_init_system(Manager *m) {
|
||||||
bool fresh = r > 0;
|
bool fresh = r > 0;
|
||||||
|
|
||||||
if (!MANAGER_IS_TEST_RUN(m)) {
|
if (!MANAGER_IS_TEST_RUN(m)) {
|
||||||
(void) mkdir_p_label("/run/systemd/userdb", 0755);
|
FOREACH_STRING(dir,
|
||||||
|
"/run/systemd/userdb",
|
||||||
|
"/run/systemd/unit") {
|
||||||
|
r = mkdir_p_label(dir, 0755);
|
||||||
|
if (r < 0)
|
||||||
|
log_debug_errno(r, "Failed to create dir '%s', ignoring: %m", dir);
|
||||||
|
}
|
||||||
|
|
||||||
FOREACH_STRING(address, "/run/systemd/userdb/io.systemd.DynamicUser", VARLINK_ADDR_PATH_MANAGED_OOM_SYSTEM) {
|
FOREACH_STRING(address,
|
||||||
if (!fresh) {
|
"/run/systemd/userdb/io.systemd.DynamicUser",
|
||||||
/* We might have got sockets through deserialization. Do not bind to them twice. */
|
VARLINK_ADDR_PATH_MANAGED_OOM_SYSTEM,
|
||||||
|
"/run/systemd/io.systemd.Manager",
|
||||||
bool found = false;
|
"/run/systemd/unit/io.systemd.Unit") {
|
||||||
LIST_FOREACH(sockets, ss, m->varlink_server->sockets)
|
/* We might have got sockets through deserialization. Do not bind to them twice. */
|
||||||
if (path_equal(ss->address, address)) {
|
if (!fresh && varlink_server_contains_socket(m->varlink_server, address))
|
||||||
found = true;
|
continue;
|
||||||
break;
|
|
||||||
}
|
|
||||||
|
|
||||||
if (found)
|
|
||||||
continue;
|
|
||||||
}
|
|
||||||
|
|
||||||
r = sd_varlink_server_listen_address(m->varlink_server, address, 0666);
|
r = sd_varlink_server_listen_address(m->varlink_server, address, 0666);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
@ -657,6 +679,8 @@ static int manager_varlink_init_system(Manager *m) {
|
||||||
}
|
}
|
||||||
|
|
||||||
static int manager_varlink_init_user(Manager *m) {
|
static int manager_varlink_init_user(Manager *m) {
|
||||||
|
int r;
|
||||||
|
|
||||||
assert(m);
|
assert(m);
|
||||||
|
|
||||||
if (!MANAGER_IS_USER(m))
|
if (!MANAGER_IS_USER(m))
|
||||||
|
@ -665,6 +689,34 @@ static int manager_varlink_init_user(Manager *m) {
|
||||||
if (MANAGER_IS_TEST_RUN(m))
|
if (MANAGER_IS_TEST_RUN(m))
|
||||||
return 0;
|
return 0;
|
||||||
|
|
||||||
|
r = manager_setup_varlink_server(m);
|
||||||
|
if (r < 0)
|
||||||
|
return log_error_errno(r, "Failed to set up varlink server: %m");
|
||||||
|
bool fresh = r > 0;
|
||||||
|
|
||||||
|
FOREACH_STRING(a,
|
||||||
|
"systemd/io.systemd.Manager",
|
||||||
|
"systemd/unit/io.systemd.Unit") {
|
||||||
|
_cleanup_free_ char *address = NULL, *dir = NULL;
|
||||||
|
address = path_join(m->prefix[EXEC_DIRECTORY_RUNTIME], a);
|
||||||
|
if (!address)
|
||||||
|
return -ENOMEM;
|
||||||
|
/* We might have got sockets through deserialization. Do not bind to them twice. */
|
||||||
|
if (fresh || !varlink_server_contains_socket(m->varlink_server, address)) {
|
||||||
|
r = path_extract_directory(address, &dir);
|
||||||
|
if (r < 0)
|
||||||
|
log_debug_errno(r, "Failed to extract directory from path '%s', ignoring: %m", address);
|
||||||
|
|
||||||
|
r = mkdir_p_label(dir, 0755);
|
||||||
|
if (r < 0)
|
||||||
|
log_debug_errno(r, "Failed to create dir '%s', ignoring: %m", dir);
|
||||||
|
|
||||||
|
r = sd_varlink_server_listen_address(m->varlink_server, address, 0666);
|
||||||
|
if (r < 0)
|
||||||
|
return log_error_errno(r, "Failed to bind to varlink socket '%s': %m", address);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
return manager_varlink_managed_oom_connect(m);
|
return manager_varlink_managed_oom_connect(m);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -497,7 +497,7 @@ int manager_deserialize(Manager *m, FILE *f, FDSet *fds) {
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
} else if ((val = startswith(l, "varlink-server-socket-address="))) {
|
} else if ((val = startswith(l, "varlink-server-socket-address="))) {
|
||||||
if (!m->varlink_server && MANAGER_IS_SYSTEM(m)) {
|
if (!m->varlink_server) {
|
||||||
r = manager_setup_varlink_server(m);
|
r = manager_setup_varlink_server(m);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_warning_errno(r, "Failed to setup varlink server, ignoring: %m");
|
log_warning_errno(r, "Failed to setup varlink server, ignoring: %m");
|
||||||
|
|
|
@ -0,0 +1,203 @@
|
||||||
|
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||||
|
|
||||||
|
#include <sys/prctl.h>
|
||||||
|
|
||||||
|
#include "build.h"
|
||||||
|
#include "confidential-virt.h"
|
||||||
|
#include "json-util.h"
|
||||||
|
#include "manager-varlink.h"
|
||||||
|
#include "manager.h"
|
||||||
|
#include "syslog-util.h"
|
||||||
|
#include "taint.h"
|
||||||
|
#include "version.h"
|
||||||
|
#include "varlink-common.h"
|
||||||
|
#include "virt.h"
|
||||||
|
#include "watchdog.h"
|
||||||
|
|
||||||
|
static int manager_environment_build_json(sd_json_variant **ret, const char *name, void *userdata) {
|
||||||
|
_cleanup_strv_free_ char **l = NULL;
|
||||||
|
Manager *m = ASSERT_PTR(userdata);
|
||||||
|
int r;
|
||||||
|
|
||||||
|
assert(ret);
|
||||||
|
|
||||||
|
r = manager_get_effective_environment(m, &l);
|
||||||
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
|
||||||
|
if (strv_isempty(l))
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
return sd_json_variant_new_array_strv(ret, l);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int log_level_build_json(sd_json_variant **ret, const char *name, void *userdata, int log_max_level) {
|
||||||
|
_cleanup_(sd_json_variant_unrefp) sd_json_variant *v = NULL;
|
||||||
|
int r;
|
||||||
|
|
||||||
|
assert(ret);
|
||||||
|
assert(log_max_level >= 0);
|
||||||
|
|
||||||
|
for (int log_target = 0; log_target < _LOG_TARGET_SINGLE_MAX; log_target++) {
|
||||||
|
_cleanup_free_ char *log_level_string = NULL;
|
||||||
|
|
||||||
|
int target_max_level = log_get_target_max_level(log_target);
|
||||||
|
const char *log_target_string = log_target_to_string(log_target);
|
||||||
|
|
||||||
|
int log_level = MIN(log_max_level, target_max_level);
|
||||||
|
r = log_level_to_string_alloc(log_level, &log_level_string);
|
||||||
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
|
||||||
|
r = sd_json_variant_set_field_string(&v, log_target_string, log_level_string);
|
||||||
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
*ret = TAKE_PTR(v);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
static int log_level_build_context_json(sd_json_variant **ret, const char *name, void *userdata) {
|
||||||
|
Manager *m = ASSERT_PTR(userdata);
|
||||||
|
int log_level = m->log_level_overridden ? m->original_log_level : log_get_max_level();
|
||||||
|
return log_level_build_json(ret, name, userdata, log_level);
|
||||||
|
}
|
||||||
|
|
||||||
|
static int log_level_build_runtime_json(sd_json_variant **ret, const char *name, void *userdata) {
|
||||||
|
Manager *m = ASSERT_PTR(userdata);
|
||||||
|
if (!m->log_level_overridden)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
return log_level_build_json(ret, name, userdata, log_get_max_level());
|
||||||
|
}
|
||||||
|
|
||||||
|
static int manager_context_build_json(sd_json_variant **ret, const char *name, void *userdata) {
|
||||||
|
Manager *m = ASSERT_PTR(userdata);
|
||||||
|
|
||||||
|
return sd_json_buildo(ASSERT_PTR(ret),
|
||||||
|
SD_JSON_BUILD_PAIR_STRING("Version", GIT_VERSION),
|
||||||
|
SD_JSON_BUILD_PAIR_STRING("Architecture", architecture_to_string(uname_architecture())),
|
||||||
|
SD_JSON_BUILD_PAIR_STRING("Features", systemd_features),
|
||||||
|
SD_JSON_BUILD_PAIR_BOOLEAN("ShowStatus", show_status_on(MANAGER_IS_USER(m) ? _SHOW_STATUS_INVALID : m->show_status)),
|
||||||
|
SD_JSON_BUILD_PAIR_STRV("UnitPath", m->lookup_paths.search_path),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("LogLevel", log_level_build_context_json, m),
|
||||||
|
SD_JSON_BUILD_PAIR_STRING("LogTarget", log_target_to_string(m->log_target_overridden ? m->original_log_target : log_get_target())),
|
||||||
|
JSON_BUILD_PAIR_STRV_NON_EMPTY("Environment", m->transient_environment),
|
||||||
|
SD_JSON_BUILD_PAIR_STRING("DefaultStandardOutput", exec_output_to_string(m->defaults.std_output)),
|
||||||
|
SD_JSON_BUILD_PAIR_STRING("DefaultStandardError", exec_output_to_string(m->defaults.std_error)),
|
||||||
|
JSON_BUILD_PAIR_FINITE_USEC("RuntimeWatchdogUSec", manager_get_watchdog(m, WATCHDOG_RUNTIME)),
|
||||||
|
JSON_BUILD_PAIR_FINITE_USEC("RuntimeWatchdogPreUSec", manager_get_watchdog(m, WATCHDOG_PRETIMEOUT)),
|
||||||
|
JSON_BUILD_PAIR_STRING_NON_EMPTY("RuntimeWatchdogPreGovernor", m->watchdog_pretimeout_governor),
|
||||||
|
JSON_BUILD_PAIR_FINITE_USEC("RebootWatchdogUSec", manager_get_watchdog(m, WATCHDOG_REBOOT)),
|
||||||
|
JSON_BUILD_PAIR_FINITE_USEC("KExecWatchdogUSec", manager_get_watchdog(m, WATCHDOG_KEXEC)),
|
||||||
|
SD_JSON_BUILD_PAIR_BOOLEAN("ServiceWatchdogs", m->service_watchdogs),
|
||||||
|
JSON_BUILD_PAIR_FINITE_USEC("DefaultTimerAccuracyUSec", m->defaults.timer_accuracy_usec),
|
||||||
|
JSON_BUILD_PAIR_FINITE_USEC("DefaultTimeoutStartUSec", m->defaults.timeout_start_usec),
|
||||||
|
JSON_BUILD_PAIR_FINITE_USEC("DefaultTimeoutStopUSec", m->defaults.timeout_stop_usec),
|
||||||
|
JSON_BUILD_PAIR_FINITE_USEC("DefaultTimeoutAbortUSec", manager_default_timeout_abort_usec(m)),
|
||||||
|
JSON_BUILD_PAIR_FINITE_USEC("DefaultDeviceTimeoutUSec", m->defaults.device_timeout_usec),
|
||||||
|
JSON_BUILD_PAIR_FINITE_USEC("DefaultRestartUSec", m->defaults.restart_usec),
|
||||||
|
JSON_BUILD_PAIR_RATELIMIT("DefaultStartLimit", &m->defaults.start_limit),
|
||||||
|
SD_JSON_BUILD_PAIR_BOOLEAN("DefaultCPUAccounting", m->defaults.cpu_accounting),
|
||||||
|
SD_JSON_BUILD_PAIR_BOOLEAN("DefaultBlockIOAccounting", m->defaults.blockio_accounting),
|
||||||
|
SD_JSON_BUILD_PAIR_BOOLEAN("DefaultIOAccounting", m->defaults.io_accounting),
|
||||||
|
SD_JSON_BUILD_PAIR_BOOLEAN("DefaultIPAccounting", m->defaults.ip_accounting),
|
||||||
|
SD_JSON_BUILD_PAIR_BOOLEAN("DefaultMemoryAccounting", m->defaults.memory_accounting),
|
||||||
|
SD_JSON_BUILD_PAIR_BOOLEAN("DefaultTasksAccounting", m->defaults.tasks_accounting),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitCPU", rlimit_build_json, m->defaults.rlimit[RLIMIT_CPU]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitFSIZE", rlimit_build_json, m->defaults.rlimit[RLIMIT_FSIZE]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitDATA", rlimit_build_json, m->defaults.rlimit[RLIMIT_DATA]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitSTACK", rlimit_build_json, m->defaults.rlimit[RLIMIT_STACK]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitCORE", rlimit_build_json, m->defaults.rlimit[RLIMIT_CORE]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitRSS", rlimit_build_json, m->defaults.rlimit[RLIMIT_RSS]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitNOFILE", rlimit_build_json, m->defaults.rlimit[RLIMIT_NOFILE]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitAS", rlimit_build_json, m->defaults.rlimit[RLIMIT_AS]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitNPROC", rlimit_build_json, m->defaults.rlimit[RLIMIT_NPROC]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitMEMLOCK", rlimit_build_json, m->defaults.rlimit[RLIMIT_MEMLOCK]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitLOCKS", rlimit_build_json, m->defaults.rlimit[RLIMIT_LOCKS]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitSIGPENDING", rlimit_build_json, m->defaults.rlimit[RLIMIT_SIGPENDING]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitMSGQUEUE", rlimit_build_json, m->defaults.rlimit[RLIMIT_MSGQUEUE]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitNICE", rlimit_build_json, m->defaults.rlimit[RLIMIT_NICE]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitRTPRIO", rlimit_build_json, m->defaults.rlimit[RLIMIT_RTPRIO]),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("DefaultLimitRTTIME", rlimit_build_json, m->defaults.rlimit[RLIMIT_RTTIME]),
|
||||||
|
SD_JSON_BUILD_PAIR_UNSIGNED("DefaultTasksMax", cgroup_tasks_max_resolve(&m->defaults.tasks_max)),
|
||||||
|
JSON_BUILD_PAIR_FINITE_USEC("DefaultMemoryPressureThresholdUSec", m->defaults.memory_pressure_threshold_usec),
|
||||||
|
SD_JSON_BUILD_PAIR_STRING("DefaultMemoryPressureWatch", cgroup_pressure_watch_to_string(m->defaults.memory_pressure_watch)),
|
||||||
|
JSON_BUILD_PAIR_FINITE_USEC("TimerSlackNSec", (uint64_t) prctl(PR_GET_TIMERSLACK)),
|
||||||
|
SD_JSON_BUILD_PAIR_STRING("DefaultOOMPolicy", oom_policy_to_string(m->defaults.oom_policy)),
|
||||||
|
SD_JSON_BUILD_PAIR_INTEGER("DefaultOOMScoreAdjust", m->defaults.oom_score_adjust),
|
||||||
|
SD_JSON_BUILD_PAIR_STRING("CtrlAltDelBurstAction", emergency_action_to_string(m->cad_burst_action)));
|
||||||
|
}
|
||||||
|
|
||||||
|
static int manager_runtime_build_json(sd_json_variant **ret, const char *name, void *userdata) {
|
||||||
|
Manager *m = ASSERT_PTR(userdata);
|
||||||
|
dual_timestamp watchdog_last_ping = {
|
||||||
|
.monotonic = watchdog_get_last_ping(CLOCK_MONOTONIC),
|
||||||
|
.realtime = watchdog_get_last_ping(CLOCK_REALTIME),
|
||||||
|
};
|
||||||
|
_cleanup_strv_free_ char **taints = NULL;
|
||||||
|
|
||||||
|
taints = taint_strv();
|
||||||
|
if (!taints)
|
||||||
|
return -ENOMEM;
|
||||||
|
|
||||||
|
return sd_json_buildo(ASSERT_PTR(ret),
|
||||||
|
SD_JSON_BUILD_PAIR_STRING("Virtualization", virtualization_to_string(detect_virtualization())),
|
||||||
|
SD_JSON_BUILD_PAIR_STRING("ConfidentialVirtualization", confidential_virtualization_to_string(detect_confidential_virtualization())),
|
||||||
|
SD_JSON_BUILD_PAIR_STRV("Taints", taints),
|
||||||
|
JSON_BUILD_PAIR_STRING_NON_EMPTY("ConfirmSpawn", manager_get_confirm_spawn(m)),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("FirmwareTimestamp", &m->timestamps[MANAGER_TIMESTAMP_FIRMWARE]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("LoaderTimestamp", &m->timestamps[MANAGER_TIMESTAMP_LOADER]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("KernelTimestamp", &m->timestamps[MANAGER_TIMESTAMP_KERNEL]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("InitRDTimestamp", &m->timestamps[MANAGER_TIMESTAMP_INITRD]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("UserspaceTimestamp", &m->timestamps[MANAGER_TIMESTAMP_USERSPACE]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("FinishTimestamp", &m->timestamps[MANAGER_TIMESTAMP_FINISH]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("SecurityStartTimestamp", &m->timestamps[MANAGER_TIMESTAMP_SECURITY_START]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("SecurityFinishTimestamp", &m->timestamps[MANAGER_TIMESTAMP_SECURITY_FINISH]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("GeneratorsStartTimestamp", &m->timestamps[MANAGER_TIMESTAMP_GENERATORS_START]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("GeneratorsFinishTimestamp", &m->timestamps[MANAGER_TIMESTAMP_GENERATORS_FINISH]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("UnitsLoadStartTimestamp", &m->timestamps[MANAGER_TIMESTAMP_UNITS_LOAD_START]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("UnitsLoadFinishTimestamp", &m->timestamps[MANAGER_TIMESTAMP_UNITS_LOAD_FINISH]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("UnitsLoadTimestamp", &m->timestamps[MANAGER_TIMESTAMP_UNITS_LOAD]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("InitRDSecurityStartTimestamp", &m->timestamps[MANAGER_TIMESTAMP_INITRD_SECURITY_START]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("InitRDSecurityFinishTimestamp", &m->timestamps[MANAGER_TIMESTAMP_INITRD_SECURITY_FINISH]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("InitRDGeneratorsStartTimestamp", &m->timestamps[MANAGER_TIMESTAMP_INITRD_GENERATORS_START]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("InitRDGeneratorsFinishTimestamp", &m->timestamps[MANAGER_TIMESTAMP_INITRD_GENERATORS_FINISH]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("InitRDUnitsLoadStartTimestamp", &m->timestamps[MANAGER_TIMESTAMP_INITRD_UNITS_LOAD_START]),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("InitRDUnitsLoadFinishTimestamp", &m->timestamps[MANAGER_TIMESTAMP_INITRD_UNITS_LOAD_FINISH]),
|
||||||
|
SD_JSON_BUILD_PAIR_CONDITION(m->show_status_overridden != _SHOW_STATUS_INVALID, "ShowStatus", SD_JSON_BUILD_BOOLEAN(manager_get_show_status_on(m))),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("LogLevel", log_level_build_runtime_json, m),
|
||||||
|
SD_JSON_BUILD_PAIR_CONDITION(m->log_target_overridden, "LogTarget", SD_JSON_BUILD_STRING(log_target_to_string(log_get_target()))),
|
||||||
|
SD_JSON_BUILD_PAIR_UNSIGNED("NNames", hashmap_size(m->units)),
|
||||||
|
SD_JSON_BUILD_PAIR_UNSIGNED("NFailedUnits", set_size(m->failed_units)),
|
||||||
|
SD_JSON_BUILD_PAIR_UNSIGNED("NJobs", hashmap_size(m->jobs)),
|
||||||
|
SD_JSON_BUILD_PAIR_UNSIGNED("NInstalledJobs", m->n_installed_jobs),
|
||||||
|
SD_JSON_BUILD_PAIR_UNSIGNED("NFailedJobs", m->n_failed_jobs),
|
||||||
|
SD_JSON_BUILD_PAIR_REAL("Progress", manager_get_progress(m)),
|
||||||
|
JSON_BUILD_PAIR_CALLBACK_NON_NULL("Environment", manager_environment_build_json, m),
|
||||||
|
JSON_BUILD_PAIR_STRING_NON_EMPTY("WatchdogDevice", watchdog_get_device()),
|
||||||
|
JSON_BUILD_PAIR_DUAL_TIMESTAMP_NON_NULL("WatchdogLastPingTimestamp", &watchdog_last_ping),
|
||||||
|
JSON_BUILD_PAIR_STRING_NON_EMPTY("ControlGroup", m->cgroup_root),
|
||||||
|
SD_JSON_BUILD_PAIR_STRING("SystemState", manager_state_to_string(manager_state(m))),
|
||||||
|
SD_JSON_BUILD_PAIR_UNSIGNED("ExitCode", m->return_value));
|
||||||
|
}
|
||||||
|
|
||||||
|
int vl_method_describe_manager(sd_varlink *link, sd_json_variant *parameters, sd_varlink_method_flags_t flags, void *userdata) {
|
||||||
|
_cleanup_(sd_json_variant_unrefp) sd_json_variant *v = NULL;
|
||||||
|
Manager *manager = ASSERT_PTR(userdata);
|
||||||
|
int r;
|
||||||
|
|
||||||
|
assert(parameters);
|
||||||
|
|
||||||
|
if (sd_json_variant_elements(parameters) > 0)
|
||||||
|
return sd_varlink_error_invalid_parameter(link, parameters);
|
||||||
|
|
||||||
|
r = sd_json_buildo(&v,
|
||||||
|
SD_JSON_BUILD_PAIR_CALLBACK("Context", manager_context_build_json, manager),
|
||||||
|
SD_JSON_BUILD_PAIR_CALLBACK("Runtime", manager_runtime_build_json, manager));
|
||||||
|
if (r < 0)
|
||||||
|
return log_error_errno(r, "Failed to build manager JSON data: %m");
|
||||||
|
|
||||||
|
return sd_varlink_reply(link, v);
|
||||||
|
}
|
|
@ -0,0 +1,7 @@
|
||||||
|
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||||
|
#pragma once
|
||||||
|
|
||||||
|
#include "sd-json.h"
|
||||||
|
#include "sd-varlink.h"
|
||||||
|
|
||||||
|
int vl_method_describe_manager(sd_varlink *link, sd_json_variant *parameters, sd_varlink_method_flags_t flags, void *userdata);
|
|
@ -45,6 +45,7 @@ libcore_sources = files(
|
||||||
'load-fragment.c',
|
'load-fragment.c',
|
||||||
'manager-dump.c',
|
'manager-dump.c',
|
||||||
'manager-serialize.c',
|
'manager-serialize.c',
|
||||||
|
'manager-varlink.c',
|
||||||
'manager.c',
|
'manager.c',
|
||||||
'mount.c',
|
'mount.c',
|
||||||
'namespace.c',
|
'namespace.c',
|
||||||
|
@ -63,7 +64,9 @@ libcore_sources = files(
|
||||||
'unit-dependency-atom.c',
|
'unit-dependency-atom.c',
|
||||||
'unit-printf.c',
|
'unit-printf.c',
|
||||||
'unit-serialize.c',
|
'unit-serialize.c',
|
||||||
|
'unit-varlink.c',
|
||||||
'unit.c',
|
'unit.c',
|
||||||
|
'varlink-common.c',
|
||||||
)
|
)
|
||||||
|
|
||||||
if conf.get('BPF_FRAMEWORK') == 1
|
if conf.get('BPF_FRAMEWORK') == 1
|
||||||
|
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,6 @@
|
||||||
|
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||||
|
#pragma once
|
||||||
|
|
||||||
|
#include "sd-varlink.h"
|
||||||
|
|
||||||
|
int vl_method_list_units(sd_varlink *link, sd_json_variant *parameters, sd_varlink_method_flags_t flags, void *userdata);
|
|
@ -0,0 +1,42 @@
|
||||||
|
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||||
|
|
||||||
|
#include "json-util.h"
|
||||||
|
#include "rlimit-util.h"
|
||||||
|
#include "varlink-common.h"
|
||||||
|
|
||||||
|
int rlimit_build_json(sd_json_variant **ret, const char *name, void *userdata) {
|
||||||
|
const struct rlimit *rl = userdata;
|
||||||
|
struct rlimit buf = {};
|
||||||
|
int r;
|
||||||
|
|
||||||
|
assert(ret);
|
||||||
|
assert(name);
|
||||||
|
|
||||||
|
if (!rl) {
|
||||||
|
const char *p;
|
||||||
|
int z;
|
||||||
|
|
||||||
|
/* Skip over any prefix, such as "Default" */
|
||||||
|
assert_se(p = strstrafter(name, "Limit"));
|
||||||
|
|
||||||
|
z = rlimit_from_string(p);
|
||||||
|
assert(z >= 0 && z < _RLIMIT_MAX);
|
||||||
|
|
||||||
|
r = getrlimit(z, &buf);
|
||||||
|
if (r < 0) {
|
||||||
|
log_debug_errno(errno, "Failed to getrlimit(%s), ignoring: %m", name);
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
rl = &buf;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (rl->rlim_cur == RLIM_INFINITY && rl->rlim_max == RLIM_INFINITY)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
/* rlim_t might have different sizes, let's map RLIMIT_INFINITY to UINT64_MAX, so that it is the same
|
||||||
|
* on all archs */
|
||||||
|
return sd_json_buildo(ret,
|
||||||
|
JSON_BUILD_PAIR_UNSIGNED_NOT_EQUAL("soft", rl->rlim_cur, RLIM_INFINITY),
|
||||||
|
JSON_BUILD_PAIR_UNSIGNED_NOT_EQUAL("hard", rl->rlim_max, RLIM_INFINITY));
|
||||||
|
}
|
|
@ -0,0 +1,7 @@
|
||||||
|
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||||
|
#pragma once
|
||||||
|
|
||||||
|
#include "sd-json.h"
|
||||||
|
#include "sd-varlink.h"
|
||||||
|
|
||||||
|
int rlimit_build_json(sd_json_variant **ret, const char *name, void *userdata);
|
|
@ -16,6 +16,7 @@
|
||||||
#include "fileio.h"
|
#include "fileio.h"
|
||||||
#include "format-util.h"
|
#include "format-util.h"
|
||||||
#include "hexdecoct.h"
|
#include "hexdecoct.h"
|
||||||
|
#include "iovec-util.h"
|
||||||
#include "macro.h"
|
#include "macro.h"
|
||||||
#include "memory-util.h"
|
#include "memory-util.h"
|
||||||
#include "parse-util.h"
|
#include "parse-util.h"
|
||||||
|
@ -31,8 +32,7 @@ int decrypt_pkcs11_key(
|
||||||
const char *key_file, /* We either expect key_file and associated parameters to be set (for file keys) … */
|
const char *key_file, /* We either expect key_file and associated parameters to be set (for file keys) … */
|
||||||
size_t key_file_size,
|
size_t key_file_size,
|
||||||
uint64_t key_file_offset,
|
uint64_t key_file_offset,
|
||||||
const void *key_data, /* … or key_data and key_data_size (for literal keys) */
|
const struct iovec *key_data, /* … or literal keys via key_data */
|
||||||
size_t key_data_size,
|
|
||||||
usec_t until,
|
usec_t until,
|
||||||
AskPasswordFlags askpw_flags,
|
AskPasswordFlags askpw_flags,
|
||||||
void **ret_decrypted_key,
|
void **ret_decrypted_key,
|
||||||
|
@ -47,15 +47,15 @@ int decrypt_pkcs11_key(
|
||||||
|
|
||||||
assert(friendly_name);
|
assert(friendly_name);
|
||||||
assert(pkcs11_uri);
|
assert(pkcs11_uri);
|
||||||
assert(key_file || key_data);
|
assert(key_file || iovec_is_set(key_data));
|
||||||
assert(ret_decrypted_key);
|
assert(ret_decrypted_key);
|
||||||
assert(ret_decrypted_key_size);
|
assert(ret_decrypted_key_size);
|
||||||
|
|
||||||
/* The functions called here log about all errors, except for EAGAIN which means "token not found right now" */
|
/* The functions called here log about all errors, except for EAGAIN which means "token not found right now" */
|
||||||
|
|
||||||
if (key_data) {
|
if (iovec_is_set(key_data)) {
|
||||||
data.encrypted_key = (void*) key_data;
|
data.encrypted_key = (void*) key_data->iov_base;
|
||||||
data.encrypted_key_size = key_data_size;
|
data.encrypted_key_size = key_data->iov_len;
|
||||||
|
|
||||||
data.free_encrypted_key = false;
|
data.free_encrypted_key = false;
|
||||||
} else {
|
} else {
|
||||||
|
|
|
@ -16,8 +16,7 @@ int decrypt_pkcs11_key(
|
||||||
const char *key_file,
|
const char *key_file,
|
||||||
size_t key_file_size,
|
size_t key_file_size,
|
||||||
uint64_t key_file_offset,
|
uint64_t key_file_offset,
|
||||||
const void *key_data,
|
const struct iovec *key_data,
|
||||||
size_t key_data_size,
|
|
||||||
usec_t until,
|
usec_t until,
|
||||||
AskPasswordFlags askpw_flags,
|
AskPasswordFlags askpw_flags,
|
||||||
void **ret_decrypted_key,
|
void **ret_decrypted_key,
|
||||||
|
@ -39,8 +38,7 @@ static inline int decrypt_pkcs11_key(
|
||||||
const char *key_file,
|
const char *key_file,
|
||||||
size_t key_file_size,
|
size_t key_file_size,
|
||||||
uint64_t key_file_offset,
|
uint64_t key_file_offset,
|
||||||
const void *key_data,
|
const struct iovec *key_data,
|
||||||
size_t key_data_size,
|
|
||||||
usec_t until,
|
usec_t until,
|
||||||
AskPasswordFlags askpw_flags,
|
AskPasswordFlags askpw_flags,
|
||||||
void **ret_decrypted_key,
|
void **ret_decrypted_key,
|
||||||
|
|
|
@ -1471,8 +1471,7 @@ static int attach_luks_or_plain_or_bitlk_by_fido2(
|
||||||
struct crypt_device *cd,
|
struct crypt_device *cd,
|
||||||
const char *name,
|
const char *name,
|
||||||
const char *key_file,
|
const char *key_file,
|
||||||
const void *key_data,
|
const struct iovec *key_data,
|
||||||
size_t key_data_size,
|
|
||||||
usec_t until,
|
usec_t until,
|
||||||
uint32_t flags,
|
uint32_t flags,
|
||||||
bool pass_volume_key) {
|
bool pass_volume_key) {
|
||||||
|
@ -1489,7 +1488,7 @@ static int attach_luks_or_plain_or_bitlk_by_fido2(
|
||||||
assert(name);
|
assert(name);
|
||||||
assert(arg_fido2_device || arg_fido2_device_auto);
|
assert(arg_fido2_device || arg_fido2_device_auto);
|
||||||
|
|
||||||
if (arg_fido2_cid && !key_file && !key_data)
|
if (arg_fido2_cid && !key_file && !iovec_is_set(key_data))
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL),
|
||||||
"FIDO2 mode with manual parameters selected, but no keyfile specified, refusing.");
|
"FIDO2 mode with manual parameters selected, but no keyfile specified, refusing.");
|
||||||
|
|
||||||
|
@ -1513,7 +1512,7 @@ static int attach_luks_or_plain_or_bitlk_by_fido2(
|
||||||
arg_fido2_rp_id,
|
arg_fido2_rp_id,
|
||||||
arg_fido2_cid, arg_fido2_cid_size,
|
arg_fido2_cid, arg_fido2_cid_size,
|
||||||
key_file, arg_keyfile_size, arg_keyfile_offset,
|
key_file, arg_keyfile_size, arg_keyfile_offset,
|
||||||
key_data, key_data_size,
|
key_data,
|
||||||
until,
|
until,
|
||||||
arg_fido2_manual_flags,
|
arg_fido2_manual_flags,
|
||||||
"cryptsetup.fido2-pin",
|
"cryptsetup.fido2-pin",
|
||||||
|
@ -1623,8 +1622,7 @@ static int attach_luks_or_plain_or_bitlk_by_pkcs11(
|
||||||
struct crypt_device *cd,
|
struct crypt_device *cd,
|
||||||
const char *name,
|
const char *name,
|
||||||
const char *key_file,
|
const char *key_file,
|
||||||
const void *key_data,
|
const struct iovec *key_data,
|
||||||
size_t key_data_size,
|
|
||||||
usec_t until,
|
usec_t until,
|
||||||
uint32_t flags,
|
uint32_t flags,
|
||||||
bool pass_volume_key) {
|
bool pass_volume_key) {
|
||||||
|
@ -1635,6 +1633,7 @@ static int attach_luks_or_plain_or_bitlk_by_pkcs11(
|
||||||
_cleanup_(erase_and_freep) void *decrypted_key = NULL;
|
_cleanup_(erase_and_freep) void *decrypted_key = NULL;
|
||||||
_cleanup_(sd_event_unrefp) sd_event *event = NULL;
|
_cleanup_(sd_event_unrefp) sd_event *event = NULL;
|
||||||
_cleanup_free_ void *discovered_key = NULL;
|
_cleanup_free_ void *discovered_key = NULL;
|
||||||
|
struct iovec discovered_key_data = {};
|
||||||
int keyslot = arg_key_slot, r;
|
int keyslot = arg_key_slot, r;
|
||||||
const char *uri = NULL;
|
const char *uri = NULL;
|
||||||
bool use_libcryptsetup_plugin = use_token_plugins();
|
bool use_libcryptsetup_plugin = use_token_plugins();
|
||||||
|
@ -1653,13 +1652,13 @@ static int attach_luks_or_plain_or_bitlk_by_pkcs11(
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
uri = discovered_uri;
|
uri = discovered_uri;
|
||||||
key_data = discovered_key;
|
discovered_key_data = IOVEC_MAKE(discovered_key, discovered_key_size);
|
||||||
key_data_size = discovered_key_size;
|
key_data = &discovered_key_data;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
uri = arg_pkcs11_uri;
|
uri = arg_pkcs11_uri;
|
||||||
|
|
||||||
if (!key_file && !key_data)
|
if (!key_file && !iovec_is_set(key_data))
|
||||||
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "PKCS#11 mode selected but no key file specified, refusing.");
|
return log_error_errno(SYNTHETIC_ERRNO(EINVAL), "PKCS#11 mode selected but no key file specified, refusing.");
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -1682,7 +1681,7 @@ static int attach_luks_or_plain_or_bitlk_by_pkcs11(
|
||||||
friendly,
|
friendly,
|
||||||
uri,
|
uri,
|
||||||
key_file, arg_keyfile_size, arg_keyfile_offset,
|
key_file, arg_keyfile_size, arg_keyfile_offset,
|
||||||
key_data, key_data_size,
|
key_data,
|
||||||
until,
|
until,
|
||||||
arg_ask_password_flags,
|
arg_ask_password_flags,
|
||||||
&decrypted_key, &decrypted_key_size);
|
&decrypted_key, &decrypted_key_size);
|
||||||
|
@ -2231,9 +2230,9 @@ static int attach_luks_or_plain_or_bitlk(
|
||||||
if (token_type == TOKEN_TPM2)
|
if (token_type == TOKEN_TPM2)
|
||||||
return attach_luks_or_plain_or_bitlk_by_tpm2(cd, name, key_file, key_data, until, flags, pass_volume_key);
|
return attach_luks_or_plain_or_bitlk_by_tpm2(cd, name, key_file, key_data, until, flags, pass_volume_key);
|
||||||
if (token_type == TOKEN_FIDO2)
|
if (token_type == TOKEN_FIDO2)
|
||||||
return attach_luks_or_plain_or_bitlk_by_fido2(cd, name, key_file, key_data->iov_base, key_data->iov_len, until, flags, pass_volume_key);
|
return attach_luks_or_plain_or_bitlk_by_fido2(cd, name, key_file, key_data, until, flags, pass_volume_key);
|
||||||
if (token_type == TOKEN_PKCS11)
|
if (token_type == TOKEN_PKCS11)
|
||||||
return attach_luks_or_plain_or_bitlk_by_pkcs11(cd, name, key_file, key_data->iov_base, key_data->iov_len, until, flags, pass_volume_key);
|
return attach_luks_or_plain_or_bitlk_by_pkcs11(cd, name, key_file, key_data, until, flags, pass_volume_key);
|
||||||
if (key_data)
|
if (key_data)
|
||||||
return attach_luks_or_plain_or_bitlk_by_key_data(cd, name, key_data, flags, pass_volume_key);
|
return attach_luks_or_plain_or_bitlk_by_key_data(cd, name, key_data, flags, pass_volume_key);
|
||||||
if (key_file)
|
if (key_file)
|
||||||
|
|
|
@ -1698,7 +1698,8 @@ _public_ int sd_varlink_get_events(sd_varlink *v) {
|
||||||
ret |= EPOLLIN;
|
ret |= EPOLLIN;
|
||||||
|
|
||||||
if (!v->write_disconnected &&
|
if (!v->write_disconnected &&
|
||||||
v->output_buffer_size > 0)
|
(v->output_queue ||
|
||||||
|
v->output_buffer_size > 0))
|
||||||
ret |= EPOLLOUT;
|
ret |= EPOLLOUT;
|
||||||
|
|
||||||
return ret;
|
return ret;
|
||||||
|
|
|
@ -24,8 +24,7 @@ int acquire_fido2_key(
|
||||||
const char *key_file,
|
const char *key_file,
|
||||||
size_t key_file_size,
|
size_t key_file_size,
|
||||||
uint64_t key_file_offset,
|
uint64_t key_file_offset,
|
||||||
const void *key_data,
|
const struct iovec *key_data,
|
||||||
size_t key_data_size,
|
|
||||||
usec_t until,
|
usec_t until,
|
||||||
Fido2EnrollFlags required,
|
Fido2EnrollFlags required,
|
||||||
const char *askpw_credential,
|
const char *askpw_credential,
|
||||||
|
@ -45,10 +44,10 @@ int acquire_fido2_key(
|
||||||
"Local verification is required to unlock this volume, but the 'headless' parameter was set.");
|
"Local verification is required to unlock this volume, but the 'headless' parameter was set.");
|
||||||
|
|
||||||
assert(cid);
|
assert(cid);
|
||||||
assert(key_file || key_data);
|
assert(key_file || iovec_is_set(key_data));
|
||||||
|
|
||||||
if (key_data)
|
if (iovec_is_set(key_data))
|
||||||
salt = IOVEC_MAKE(key_data, key_data_size);
|
salt = *key_data;
|
||||||
else {
|
else {
|
||||||
if (key_file_size > 0)
|
if (key_file_size > 0)
|
||||||
log_debug("Ignoring 'keyfile-size=' option for a FIDO2 salt file.");
|
log_debug("Ignoring 'keyfile-size=' option for a FIDO2 salt file.");
|
||||||
|
@ -252,7 +251,7 @@ int acquire_fido2_key_auto(
|
||||||
/* key_file= */ NULL, /* salt is read from LUKS header instead of key_file */
|
/* key_file= */ NULL, /* salt is read from LUKS header instead of key_file */
|
||||||
/* key_file_size= */ 0,
|
/* key_file_size= */ 0,
|
||||||
/* key_file_offset= */ 0,
|
/* key_file_offset= */ 0,
|
||||||
salt, salt_size,
|
&IOVEC_MAKE(salt, salt_size),
|
||||||
until,
|
until,
|
||||||
required,
|
required,
|
||||||
"cryptsetup.fido2-pin",
|
"cryptsetup.fido2-pin",
|
||||||
|
|
|
@ -20,8 +20,7 @@ int acquire_fido2_key(
|
||||||
const char *key_file,
|
const char *key_file,
|
||||||
size_t key_file_size,
|
size_t key_file_size,
|
||||||
uint64_t key_file_offset,
|
uint64_t key_file_offset,
|
||||||
const void *key_data,
|
const struct iovec *key_data,
|
||||||
size_t key_data_size,
|
|
||||||
usec_t until,
|
usec_t until,
|
||||||
Fido2EnrollFlags required,
|
Fido2EnrollFlags required,
|
||||||
const char *askpw_credential,
|
const char *askpw_credential,
|
||||||
|
@ -52,8 +51,7 @@ static inline int acquire_fido2_key(
|
||||||
const char *key_file,
|
const char *key_file,
|
||||||
size_t key_file_size,
|
size_t key_file_size,
|
||||||
uint64_t key_file_offset,
|
uint64_t key_file_offset,
|
||||||
const void *key_data,
|
const struct iovec *key_data,
|
||||||
size_t key_data_size,
|
|
||||||
usec_t until,
|
usec_t until,
|
||||||
Fido2EnrollFlags required,
|
Fido2EnrollFlags required,
|
||||||
const char *askpw_credential,
|
const char *askpw_credential,
|
||||||
|
|
|
@ -185,6 +185,7 @@ shared_sources = files(
|
||||||
'varlink-io.systemd.Machine.c',
|
'varlink-io.systemd.Machine.c',
|
||||||
'varlink-io.systemd.MachineImage.c',
|
'varlink-io.systemd.MachineImage.c',
|
||||||
'varlink-io.systemd.ManagedOOM.c',
|
'varlink-io.systemd.ManagedOOM.c',
|
||||||
|
'varlink-io.systemd.Manager.c',
|
||||||
'varlink-io.systemd.MountFileSystem.c',
|
'varlink-io.systemd.MountFileSystem.c',
|
||||||
'varlink-io.systemd.NamespaceResource.c',
|
'varlink-io.systemd.NamespaceResource.c',
|
||||||
'varlink-io.systemd.Network.c',
|
'varlink-io.systemd.Network.c',
|
||||||
|
@ -192,6 +193,7 @@ shared_sources = files(
|
||||||
'varlink-io.systemd.PCRLock.c',
|
'varlink-io.systemd.PCRLock.c',
|
||||||
'varlink-io.systemd.Resolve.c',
|
'varlink-io.systemd.Resolve.c',
|
||||||
'varlink-io.systemd.Resolve.Monitor.c',
|
'varlink-io.systemd.Resolve.Monitor.c',
|
||||||
|
'varlink-io.systemd.Unit.c',
|
||||||
'varlink-io.systemd.UserDatabase.c',
|
'varlink-io.systemd.UserDatabase.c',
|
||||||
'varlink-io.systemd.oom.c',
|
'varlink-io.systemd.oom.c',
|
||||||
'varlink-io.systemd.service.c',
|
'varlink-io.systemd.service.c',
|
||||||
|
|
|
@ -7,6 +7,7 @@
|
||||||
#include "namespace-util.h"
|
#include "namespace-util.h"
|
||||||
#include "nsflags.h"
|
#include "nsflags.h"
|
||||||
#include "string-util.h"
|
#include "string-util.h"
|
||||||
|
#include "strv.h"
|
||||||
|
|
||||||
int namespace_flags_from_string(const char *name, unsigned long *ret) {
|
int namespace_flags_from_string(const char *name, unsigned long *ret) {
|
||||||
unsigned long flags = 0;
|
unsigned long flags = 0;
|
||||||
|
@ -42,18 +43,20 @@ int namespace_flags_from_string(const char *name, unsigned long *ret) {
|
||||||
}
|
}
|
||||||
|
|
||||||
int namespace_flags_to_string(unsigned long flags, char **ret) {
|
int namespace_flags_to_string(unsigned long flags, char **ret) {
|
||||||
|
_cleanup_strv_free_ char **l = NULL;
|
||||||
_cleanup_free_ char *s = NULL;
|
_cleanup_free_ char *s = NULL;
|
||||||
unsigned i;
|
int r;
|
||||||
|
|
||||||
for (i = 0; namespace_info[i].proc_name; i++) {
|
r = namespace_flags_to_strv(flags, &l);
|
||||||
if ((flags & namespace_info[i].clone_flag) != namespace_info[i].clone_flag)
|
if (r < 0)
|
||||||
continue;
|
return r;
|
||||||
|
|
||||||
if (!strextend_with_separator(&s, " ", namespace_info[i].proc_name))
|
s = strv_join(l, NULL);
|
||||||
return -ENOMEM;
|
if (!s)
|
||||||
}
|
return -ENOMEM;
|
||||||
|
|
||||||
*ret = TAKE_PTR(s);
|
if (ret)
|
||||||
|
*ret = TAKE_PTR(s);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
@ -65,3 +68,23 @@ const char* namespace_single_flag_to_string(unsigned long flag) {
|
||||||
|
|
||||||
return NULL;
|
return NULL;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int namespace_flags_to_strv(unsigned long flags, char ***ret) {
|
||||||
|
_cleanup_strv_free_ char **s = NULL;
|
||||||
|
unsigned i;
|
||||||
|
int r;
|
||||||
|
|
||||||
|
for (i = 0; namespace_info[i].proc_name; i++) {
|
||||||
|
if ((flags & namespace_info[i].clone_flag) != namespace_info[i].clone_flag)
|
||||||
|
continue;
|
||||||
|
|
||||||
|
r = strv_extend(&s, namespace_info[i].proc_name);
|
||||||
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
}
|
||||||
|
|
||||||
|
if (ret)
|
||||||
|
*ret = TAKE_PTR(s);
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
}
|
||||||
|
|
|
@ -20,4 +20,5 @@
|
||||||
|
|
||||||
int namespace_flags_from_string(const char *name, unsigned long *ret);
|
int namespace_flags_from_string(const char *name, unsigned long *ret);
|
||||||
int namespace_flags_to_string(unsigned long flags, char **ret);
|
int namespace_flags_to_string(unsigned long flags, char **ret);
|
||||||
|
int namespace_flags_to_strv(unsigned long flags, char ***ret);
|
||||||
const char* namespace_single_flag_to_string(unsigned long flag);
|
const char* namespace_single_flag_to_string(unsigned long flag);
|
||||||
|
|
|
@ -19,3 +19,17 @@ SD_VARLINK_DEFINE_STRUCT_TYPE(
|
||||||
SD_VARLINK_DEFINE_FIELD(pidfdId, SD_VARLINK_INT, SD_VARLINK_NULLABLE),
|
SD_VARLINK_DEFINE_FIELD(pidfdId, SD_VARLINK_INT, SD_VARLINK_NULLABLE),
|
||||||
SD_VARLINK_FIELD_COMMENT("Boot ID of the system the inode number belongs to"),
|
SD_VARLINK_FIELD_COMMENT("Boot ID of the system the inode number belongs to"),
|
||||||
SD_VARLINK_DEFINE_FIELD(bootId, SD_VARLINK_INT, SD_VARLINK_NULLABLE));
|
SD_VARLINK_DEFINE_FIELD(bootId, SD_VARLINK_INT, SD_VARLINK_NULLABLE));
|
||||||
|
|
||||||
|
SD_VARLINK_DEFINE_STRUCT_TYPE(
|
||||||
|
RateLimit,
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The ratelimit interval"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(intervalUSec, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The ratelimit burst"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(burst, SD_VARLINK_INT, 0));
|
||||||
|
|
||||||
|
SD_VARLINK_DEFINE_STRUCT_TYPE(
|
||||||
|
ResourceLimit,
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The soft resource limit"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(soft, SD_VARLINK_INT, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The hard resource limit"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(hard, SD_VARLINK_INT, SD_VARLINK_NULLABLE));
|
||||||
|
|
|
@ -5,3 +5,5 @@
|
||||||
|
|
||||||
extern const sd_varlink_symbol vl_type_Timestamp;
|
extern const sd_varlink_symbol vl_type_Timestamp;
|
||||||
extern const sd_varlink_symbol vl_type_ProcessId;
|
extern const sd_varlink_symbol vl_type_ProcessId;
|
||||||
|
extern const sd_varlink_symbol vl_type_RateLimit;
|
||||||
|
extern const sd_varlink_symbol vl_type_ResourceLimit;
|
||||||
|
|
|
@ -0,0 +1,224 @@
|
||||||
|
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||||
|
|
||||||
|
#include "build.h"
|
||||||
|
#include "varlink-idl-common.h"
|
||||||
|
#include "varlink-io.systemd.Manager.h"
|
||||||
|
|
||||||
|
static SD_VARLINK_DEFINE_STRUCT_TYPE(
|
||||||
|
LogLevelStruct,
|
||||||
|
SD_VARLINK_FIELD_COMMENT("'console' target log level"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(console, SD_VARLINK_STRING, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("'kmsg' target log level"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(kmsg, SD_VARLINK_STRING, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("'syslog' target log level"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(syslog, SD_VARLINK_STRING, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("'journal' target log level"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(journal, SD_VARLINK_STRING, 0));
|
||||||
|
|
||||||
|
/* The split between ManagerContext and ManagerRuntime follows the rule:
|
||||||
|
* - Context is what cannot change once configuration is loaded. You can think about context settings as constants.
|
||||||
|
* - Runtime is changable settings at runtime, in other words - variables. */
|
||||||
|
|
||||||
|
static SD_VARLINK_DEFINE_STRUCT_TYPE(
|
||||||
|
ManagerContext,
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The version string of the running systemd instance"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(Version, SD_VARLINK_STRING, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("A short ID string describing the architecture the systemd instance is running on"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(Architecture, SD_VARLINK_STRING, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The features that have been enabled and disabled for this build"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(Features, SD_VARLINK_STRING, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Whether systemd will show status messages on the system console"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(ShowStatus, SD_VARLINK_BOOL, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The unit search path"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(UnitPath, SD_VARLINK_STRING, SD_VARLINK_ARRAY),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#LogColor="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(LogLevel, LogLevelStruct, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/latest/systemd-system.conf.html#LogColor="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(LogTarget, SD_VARLINK_STRING, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/latest/systemd-system.conf.html#ManagerEnvironment="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(Environment, SD_VARLINK_STRING, SD_VARLINK_ARRAY|SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultStandardOutput="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultStandardOutput, SD_VARLINK_STRING, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultStandardError="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultStandardError, SD_VARLINK_STRING, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#RuntimeWatchdogSec="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(RuntimeWatchdogUSec, SD_VARLINK_INT, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#RuntimeWatchdogPreSec="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(RuntimeWatchdogPreUSec, SD_VARLINK_INT, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#RuntimeWatchdogPreGovernor="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(RuntimeWatchdogPreGovernor, SD_VARLINK_STRING, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#RebootWatchdogSec="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(RebootWatchdogUSec, SD_VARLINK_INT, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#KExecWatchdogSec="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(KExecWatchdogUSec, SD_VARLINK_INT, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#ServiceWatchdogs="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(ServiceWatchdogs, SD_VARLINK_BOOL, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultTimerAccuracySec="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultTimerAccuracyUSec, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultTimeoutStartSec="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultTimeoutStartUSec, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultTimeoutStopSec="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultTimeoutStopUSec, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultTimeoutAbortSec="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultTimeoutAbortUSec, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultDeviceTimeoutSec="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultDeviceTimeoutUSec, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultRestartSec="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultRestartUSec, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultStartLimit="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultStartLimit, RateLimit, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultCPUAccounting="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultCPUAccounting, SD_VARLINK_BOOL, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultBlockIOAccounting="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultBlockIOAccounting, SD_VARLINK_BOOL, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultIOAccounting="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultIOAccounting, SD_VARLINK_BOOL, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultIPAccounting="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultIPAccounting, SD_VARLINK_BOOL, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultMemoryAccounting="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultMemoryAccounting, SD_VARLINK_BOOL, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultTasksAccounting="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultTasksAccounting, SD_VARLINK_BOOL, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitCPU="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitCPU, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitFSIZE="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitFSIZE, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitDATA="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitDATA, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitSTACK="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitSTACK, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitCORE="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitCORE, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitRSS="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitRSS, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitNOFILE="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitNOFILE, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitAS="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitAS, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitNPROC="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitNPROC, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitMEMLOCK="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitMEMLOCK, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitLOCKS="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitLOCKS, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitSIGPENDING="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitSIGPENDING, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitMSGQUEUE="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitMSGQUEUE, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitNICE="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitNICE, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitRTPRIO="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitRTPRIO, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultLimitRTTIME="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(DefaultLimitRTTIME, ResourceLimit, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultTasksMax="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultTasksMax, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultMemoryPressureThresholdUSec="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultMemoryPressureThresholdUSec, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultMemoryPressureWatch="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultMemoryPressureWatch, SD_VARLINK_STRING, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#TimerSlackNSec="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(TimerSlackNSec, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultOOMPolicy="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultOOMPolicy, SD_VARLINK_STRING, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#DefaultOOMScoreAdjust="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(DefaultOOMScoreAdjust, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("https://www.freedesktop.org/software/systemd/man/"PROJECT_VERSION_STR"/systemd-system.conf.html#CtrlAltDelBurstAction="),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(CtrlAltDelBurstAction, SD_VARLINK_STRING, 0));
|
||||||
|
|
||||||
|
static SD_VARLINK_DEFINE_STRUCT_TYPE(
|
||||||
|
ManagerRuntime,
|
||||||
|
SD_VARLINK_FIELD_COMMENT("A short ID string describing the virtualization technology the system runs in"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(Virtualization, SD_VARLINK_STRING, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("A short ID string describing the confidential virtualization technology the system runs in"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(ConfidentialVirtualization, SD_VARLINK_STRING, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("An array of strings describing the taints applied to the running system"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(Taints, SD_VARLINK_STRING, SD_VARLINK_ARRAY),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The console on which systemd asks for confirmation when spawning processes"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(ConfirmSpawn, SD_VARLINK_STRING, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the firmware first began execution"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(FirmwareTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the boot loader first began execution"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(LoaderTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the kernel first began execution"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(KernelTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the initrd first began execution"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(InitRDTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the initrd first began execution"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(UserspaceTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the system finished booting up"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(FinishTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the manager started uploading security policies to the kernel"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(SecurityStartTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the manager finished uploading security policies to the kernel"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(SecurityFinishTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the manager started executing generators"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(GeneratorsStartTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the manager finished executing generators"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(GeneratorsFinishTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the manager first started loading units"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(UnitsLoadStartTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the manager first finished loading units"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(UnitsLoadFinishTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the manager last started loading units"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(UnitsLoadTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the manager started uploading security policies to the kernel in the initrd"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(InitRDSecurityStartTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the manager finished uploading security policies to the kernel in the initrd"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(InitRDSecurityFinishTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the manager started executing generators in the initrd"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(InitRDGeneratorsStartTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the manager finished executing generators in the initrd"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(InitRDGeneratorsFinishTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the manager first started loading units in the initrd"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(InitRDUnitsLoadStartTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the manager first finished loading units in the initrd"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(InitRDUnitsLoadFinishTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The current show status of the manager"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(ShowStatus, SD_VARLINK_BOOL, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The current log level of the manager"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(LogLevel, LogLevelStruct, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The current log target of the manager"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(LogTarget, SD_VARLINK_STRING, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The amount of unique unit names currently loaded"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(NNames, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The amount of failed units"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(NFailedUnits, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The amount of currently queued jobs"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(NJobs, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The total amount of queued jobs"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(NInstalledJobs, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The total amount of failed jobs"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(NFailedJobs, SD_VARLINK_INT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Boot progress as a floating point value between 0.0 and 1.0"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(Progress, SD_VARLINK_FLOAT, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The manager environment variables"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(Environment, SD_VARLINK_STRING, SD_VARLINK_ARRAY),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("The hardware watchdog device currently in use"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(WatchdogDevice, SD_VARLINK_STRING, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Timestamp when the hardware watchdog was last pinged"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD_BY_TYPE(WatchdogLastPingTimestamp, Timestamp, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Root of the control group hierarchy that the manager is running in"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(ControlGroup, SD_VARLINK_STRING, SD_VARLINK_NULLABLE),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Current state of the system"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(SystemState, SD_VARLINK_STRING, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Exit code of the manager"),
|
||||||
|
SD_VARLINK_DEFINE_FIELD(ExitCode, SD_VARLINK_INT, 0));
|
||||||
|
|
||||||
|
static SD_VARLINK_DEFINE_METHOD(
|
||||||
|
Describe,
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Configuration of the manager"),
|
||||||
|
SD_VARLINK_DEFINE_OUTPUT_BY_TYPE(Context, ManagerContext, 0),
|
||||||
|
SD_VARLINK_FIELD_COMMENT("Runtime information of the manager"),
|
||||||
|
SD_VARLINK_DEFINE_OUTPUT_BY_TYPE(Runtime, ManagerRuntime, 0));
|
||||||
|
|
||||||
|
SD_VARLINK_DEFINE_INTERFACE(
|
||||||
|
io_systemd_Manager,
|
||||||
|
"io.systemd.Manager",
|
||||||
|
&vl_method_Describe,
|
||||||
|
&vl_type_ManagerContext,
|
||||||
|
&vl_type_ManagerRuntime,
|
||||||
|
&vl_type_Timestamp,
|
||||||
|
&vl_type_ResourceLimit,
|
||||||
|
&vl_type_RateLimit,
|
||||||
|
&vl_type_LogLevelStruct);
|
|
@ -0,0 +1,6 @@
|
||||||
|
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||||
|
#pragma once
|
||||||
|
|
||||||
|
#include "sd-varlink-idl.h"
|
||||||
|
|
||||||
|
extern const sd_varlink_interface vl_interface_io_systemd_Manager;
|
File diff suppressed because it is too large
Load Diff
|
@ -0,0 +1,6 @@
|
||||||
|
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||||
|
#pragma once
|
||||||
|
|
||||||
|
#include "sd-varlink-idl.h"
|
||||||
|
|
||||||
|
extern const sd_varlink_interface vl_interface_io_systemd_Unit;
|
|
@ -1,6 +1,7 @@
|
||||||
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||||
|
|
||||||
#include "parse-util.h"
|
#include "parse-util.h"
|
||||||
|
#include "path-util.h"
|
||||||
#include "varlink-internal.h"
|
#include "varlink-internal.h"
|
||||||
#include "varlink-serialize.h"
|
#include "varlink-serialize.h"
|
||||||
|
|
||||||
|
@ -83,3 +84,14 @@ int varlink_server_deserialize_one(sd_varlink_server *s, const char *value, FDSe
|
||||||
LIST_PREPEND(sockets, s->sockets, TAKE_PTR(ss));
|
LIST_PREPEND(sockets, s->sockets, TAKE_PTR(ss));
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
int varlink_server_contains_socket(sd_varlink_server *s, const char *address) {
|
||||||
|
assert(s);
|
||||||
|
assert(address);
|
||||||
|
|
||||||
|
LIST_FOREACH(sockets, ss, s->sockets)
|
||||||
|
if (path_equal(ss->address, address))
|
||||||
|
return true;
|
||||||
|
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
|
@ -9,3 +9,5 @@
|
||||||
|
|
||||||
int varlink_server_serialize(sd_varlink_server *s, FILE *f, FDSet *fds);
|
int varlink_server_serialize(sd_varlink_server *s, FILE *f, FDSet *fds);
|
||||||
int varlink_server_deserialize_one(sd_varlink_server *s, const char *value, FDSet *fds);
|
int varlink_server_deserialize_one(sd_varlink_server *s, const char *value, FDSet *fds);
|
||||||
|
|
||||||
|
int varlink_server_contains_socket(sd_varlink_server *s, const char *address);
|
||||||
|
|
|
@ -1,5 +1,6 @@
|
||||||
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
/* SPDX-License-Identifier: LGPL-2.1-or-later */
|
||||||
|
|
||||||
|
#include <errno.h>
|
||||||
#include <fcntl.h>
|
#include <fcntl.h>
|
||||||
#include <getopt.h>
|
#include <getopt.h>
|
||||||
#include <linux/loop.h>
|
#include <linux/loop.h>
|
||||||
|
@ -45,6 +46,7 @@
|
||||||
#include "process-util.h"
|
#include "process-util.h"
|
||||||
#include "rm-rf.h"
|
#include "rm-rf.h"
|
||||||
#include "sort-util.h"
|
#include "sort-util.h"
|
||||||
|
#include "selinux-util.h"
|
||||||
#include "string-table.h"
|
#include "string-table.h"
|
||||||
#include "string-util.h"
|
#include "string-util.h"
|
||||||
#include "terminal-util.h"
|
#include "terminal-util.h"
|
||||||
|
@ -899,6 +901,7 @@ static int resolve_mutable_directory(
|
||||||
_cleanup_free_ char *path = NULL, *resolved_path = NULL, *dir_name = NULL;
|
_cleanup_free_ char *path = NULL, *resolved_path = NULL, *dir_name = NULL;
|
||||||
const char *root = arg_root, *base = MUTABLE_EXTENSIONS_BASE_DIR;
|
const char *root = arg_root, *base = MUTABLE_EXTENSIONS_BASE_DIR;
|
||||||
int r;
|
int r;
|
||||||
|
_cleanup_close_ int atfd = -EBADF;
|
||||||
|
|
||||||
assert(hierarchy);
|
assert(hierarchy);
|
||||||
assert(ret_resolved_mutable_directory);
|
assert(ret_resolved_mutable_directory);
|
||||||
|
@ -943,6 +946,14 @@ static int resolve_mutable_directory(
|
||||||
r = mkdir_p(path_in_root, 0700);
|
r = mkdir_p(path_in_root, 0700);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to create a directory '%s': %m", path_in_root);
|
return log_error_errno(r, "Failed to create a directory '%s': %m", path_in_root);
|
||||||
|
|
||||||
|
atfd = open(path_in_root, O_DIRECTORY|O_CLOEXEC);
|
||||||
|
if (atfd < 0)
|
||||||
|
return log_error_errno(errno, "Failed to open directory '%s': %m", path_in_root);
|
||||||
|
|
||||||
|
r = mac_selinux_fix_full(atfd, NULL, hierarchy, 0);
|
||||||
|
if (r < 0)
|
||||||
|
return log_error_errno(r, "Failed to fix SELinux label for '%s': %m", path_in_root);
|
||||||
}
|
}
|
||||||
|
|
||||||
r = chase(path, root, CHASE_PREFIX_ROOT, &resolved_path, NULL);
|
r = chase(path, root, CHASE_PREFIX_ROOT, &resolved_path, NULL);
|
||||||
|
@ -1289,6 +1300,7 @@ static int mount_overlayfs_with_op(
|
||||||
|
|
||||||
int r;
|
int r;
|
||||||
const char *top_layer = NULL;
|
const char *top_layer = NULL;
|
||||||
|
_cleanup_close_ int atfd = -EBADF;
|
||||||
|
|
||||||
assert(op);
|
assert(op);
|
||||||
assert(overlay_path);
|
assert(overlay_path);
|
||||||
|
@ -1301,10 +1313,28 @@ static int mount_overlayfs_with_op(
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to make directory '%s': %m", meta_path);
|
return log_error_errno(r, "Failed to make directory '%s': %m", meta_path);
|
||||||
|
|
||||||
|
atfd = open(meta_path, O_DIRECTORY|O_CLOEXEC);
|
||||||
|
if (atfd < 0)
|
||||||
|
return log_error_errno(errno, "Failed to open directory '%s': %m", meta_path);
|
||||||
|
|
||||||
|
r = mac_selinux_fix_full(atfd, NULL, op->hierarchy, 0);
|
||||||
|
if (r < 0)
|
||||||
|
return log_error_errno(r, "Failed to fix SELinux label for '%s': %m", meta_path);
|
||||||
|
|
||||||
if (op->upper_dir && op->work_dir) {
|
if (op->upper_dir && op->work_dir) {
|
||||||
r = mkdir_p(op->work_dir, 0700);
|
r = mkdir_p(op->work_dir, 0700);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to make directory '%s': %m", op->work_dir);
|
return log_error_errno(r, "Failed to make directory '%s': %m", op->work_dir);
|
||||||
|
_cleanup_close_ int dfd = -EBADF;
|
||||||
|
|
||||||
|
dfd = open(op->work_dir, O_DIRECTORY|O_CLOEXEC);
|
||||||
|
if (dfd < 0)
|
||||||
|
return log_error_errno(errno, "Failed to open directory '%s': %m", op->work_dir);
|
||||||
|
|
||||||
|
r = mac_selinux_fix_full(dfd, NULL, op->hierarchy, 0);
|
||||||
|
if (r < 0)
|
||||||
|
return log_error_errno(r, "Failed to fix SELinux label for '%s': %m", op->work_dir);
|
||||||
|
|
||||||
top_layer = op->upper_dir;
|
top_layer = op->upper_dir;
|
||||||
} else {
|
} else {
|
||||||
assert(!strv_isempty(op->lower_dirs));
|
assert(!strv_isempty(op->lower_dirs));
|
||||||
|
@ -1325,7 +1355,7 @@ static int mount_overlayfs_with_op(
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int write_extensions_file(ImageClass image_class, char **extensions, const char *meta_path) {
|
static int write_extensions_file(ImageClass image_class, char **extensions, const char *meta_path, const char *hierarchy) {
|
||||||
_cleanup_free_ char *f = NULL, *buf = NULL;
|
_cleanup_free_ char *f = NULL, *buf = NULL;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
|
@ -1343,14 +1373,15 @@ static int write_extensions_file(ImageClass image_class, char **extensions, cons
|
||||||
if (!buf)
|
if (!buf)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
|
||||||
r = write_string_file(f, buf, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_MKDIR_0755);
|
const char *hierarchy_path = path_join(hierarchy, image_class_info[image_class].dot_directory_name, image_class_info[image_class].short_identifier_plural);
|
||||||
|
r = write_string_file_full(AT_FDCWD,f, buf, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_MKDIR_0755|WRITE_STRING_FILE_LABEL, NULL, hierarchy_path);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to write extension meta file '%s': %m", f);
|
return log_error_errno(r, "Failed to write extension meta file '%s': %m", f);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int write_dev_file(ImageClass image_class, const char *meta_path, const char *overlay_path) {
|
static int write_dev_file(ImageClass image_class, const char *meta_path, const char *overlay_path, const char *hierarchy) {
|
||||||
_cleanup_free_ char *f = NULL;
|
_cleanup_free_ char *f = NULL;
|
||||||
struct stat st;
|
struct stat st;
|
||||||
int r;
|
int r;
|
||||||
|
@ -1372,14 +1403,15 @@ static int write_dev_file(ImageClass image_class, const char *meta_path, const c
|
||||||
/* Modifying the underlying layers while the overlayfs is mounted is technically undefined, but at
|
/* Modifying the underlying layers while the overlayfs is mounted is technically undefined, but at
|
||||||
* least it won't crash or deadlock, as per the kernel docs about overlayfs:
|
* least it won't crash or deadlock, as per the kernel docs about overlayfs:
|
||||||
* https://www.kernel.org/doc/html/latest/filesystems/overlayfs.html#changes-to-underlying-filesystems */
|
* https://www.kernel.org/doc/html/latest/filesystems/overlayfs.html#changes-to-underlying-filesystems */
|
||||||
r = write_string_file(f, FORMAT_DEVNUM(st.st_dev), WRITE_STRING_FILE_CREATE);
|
const char *hierarchy_path = path_join(hierarchy, image_class_info[image_class].dot_directory_name, image_class_info[image_class].short_identifier_plural);
|
||||||
|
r = write_string_file_full(AT_FDCWD, f, FORMAT_DEVNUM(st.st_dev), WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_LABEL, NULL, hierarchy_path);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to write '%s': %m", f);
|
return log_error_errno(r, "Failed to write '%s': %m", f);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
static int write_work_dir_file(ImageClass image_class, const char *meta_path, const char *work_dir) {
|
static int write_work_dir_file(ImageClass image_class, const char *meta_path, const char *work_dir, const char* hierarchy) {
|
||||||
_cleanup_free_ char *escaped_work_dir_in_root = NULL, *f = NULL;
|
_cleanup_free_ char *escaped_work_dir_in_root = NULL, *f = NULL;
|
||||||
char *work_dir_in_root = NULL;
|
char *work_dir_in_root = NULL;
|
||||||
int r;
|
int r;
|
||||||
|
@ -1406,7 +1438,8 @@ static int write_work_dir_file(ImageClass image_class, const char *meta_path, co
|
||||||
escaped_work_dir_in_root = cescape(work_dir_in_root);
|
escaped_work_dir_in_root = cescape(work_dir_in_root);
|
||||||
if (!escaped_work_dir_in_root)
|
if (!escaped_work_dir_in_root)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
r = write_string_file(f, escaped_work_dir_in_root, WRITE_STRING_FILE_CREATE);
|
const char *hierarchy_path = path_join(hierarchy, image_class_info[image_class].dot_directory_name, "work_dir");
|
||||||
|
r = write_string_file_full(AT_FDCWD, f, escaped_work_dir_in_root, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_LABEL, NULL, hierarchy_path);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return log_error_errno(r, "Failed to write '%s': %m", f);
|
return log_error_errno(r, "Failed to write '%s': %m", f);
|
||||||
|
|
||||||
|
@ -1418,8 +1451,10 @@ static int store_info_in_meta(
|
||||||
char **extensions,
|
char **extensions,
|
||||||
const char *meta_path,
|
const char *meta_path,
|
||||||
const char *overlay_path,
|
const char *overlay_path,
|
||||||
const char *work_dir) {
|
const char *work_dir,
|
||||||
|
const char *hierarchy) {
|
||||||
|
_cleanup_free_ char *f = NULL;
|
||||||
|
_cleanup_close_ int atfd = -EBADF;
|
||||||
int r;
|
int r;
|
||||||
|
|
||||||
assert(extensions);
|
assert(extensions);
|
||||||
|
@ -1427,15 +1462,32 @@ static int store_info_in_meta(
|
||||||
assert(overlay_path);
|
assert(overlay_path);
|
||||||
/* work_dir may be NULL */
|
/* work_dir may be NULL */
|
||||||
|
|
||||||
r = write_extensions_file(image_class, extensions, meta_path);
|
f = path_join(meta_path, image_class_info[image_class].dot_directory_name);
|
||||||
|
if (!f)
|
||||||
|
return log_oom();
|
||||||
|
|
||||||
|
r = mkdir_p(f, 0755);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
r = write_dev_file(image_class, meta_path, overlay_path);
|
atfd = open(f, O_DIRECTORY|O_CLOEXEC);
|
||||||
|
if (atfd < 0)
|
||||||
|
return log_error_errno(errno, "Failed to open directory '%s': %m", f);
|
||||||
|
|
||||||
|
r = mac_selinux_fix_full(atfd, NULL, hierarchy, 0);
|
||||||
|
|
||||||
|
if (r < 0)
|
||||||
|
return log_error_errno(r, "Failed to fix SELinux label for '%s': %m", hierarchy);
|
||||||
|
|
||||||
|
r = write_extensions_file(image_class, extensions, meta_path, hierarchy);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
r = write_work_dir_file(image_class, meta_path, work_dir);
|
r = write_dev_file(image_class, meta_path, overlay_path, hierarchy);
|
||||||
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
|
||||||
|
r = write_work_dir_file(image_class, meta_path, work_dir, hierarchy);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
|
@ -1501,6 +1553,8 @@ static int merge_hierarchy(
|
||||||
assert(overlay_path);
|
assert(overlay_path);
|
||||||
assert(workspace_path);
|
assert(workspace_path);
|
||||||
|
|
||||||
|
mac_selinux_init();
|
||||||
|
|
||||||
r = determine_used_extensions(hierarchy, paths, &used_paths, &extensions_used);
|
r = determine_used_extensions(hierarchy, paths, &used_paths, &extensions_used);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
@ -1528,7 +1582,7 @@ static int merge_hierarchy(
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
r = store_info_in_meta(image_class, extensions, meta_path, overlay_path, op->work_dir);
|
r = store_info_in_meta(image_class, extensions, meta_path, overlay_path, op->work_dir, op->hierarchy);
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
return r;
|
return r;
|
||||||
|
|
||||||
|
|
|
@ -1414,7 +1414,7 @@ static int verb_enable(int argc, char **argv, void *userdata) {
|
||||||
"SetFeatureEnabled",
|
"SetFeatureEnabled",
|
||||||
&error,
|
&error,
|
||||||
/* reply= */ NULL,
|
/* reply= */ NULL,
|
||||||
"sbt",
|
"sit",
|
||||||
*feature,
|
*feature,
|
||||||
(int) enable,
|
(int) enable,
|
||||||
UINT64_C(0));
|
UINT64_C(0));
|
||||||
|
|
|
@ -16,6 +16,7 @@
|
||||||
#include "varlink-io.systemd.Journal.h"
|
#include "varlink-io.systemd.Journal.h"
|
||||||
#include "varlink-io.systemd.Machine.h"
|
#include "varlink-io.systemd.Machine.h"
|
||||||
#include "varlink-io.systemd.MachineImage.h"
|
#include "varlink-io.systemd.MachineImage.h"
|
||||||
|
#include "varlink-io.systemd.Manager.h"
|
||||||
#include "varlink-io.systemd.ManagedOOM.h"
|
#include "varlink-io.systemd.ManagedOOM.h"
|
||||||
#include "varlink-io.systemd.MountFileSystem.h"
|
#include "varlink-io.systemd.MountFileSystem.h"
|
||||||
#include "varlink-io.systemd.NamespaceResource.h"
|
#include "varlink-io.systemd.NamespaceResource.h"
|
||||||
|
@ -24,6 +25,7 @@
|
||||||
#include "varlink-io.systemd.PCRLock.h"
|
#include "varlink-io.systemd.PCRLock.h"
|
||||||
#include "varlink-io.systemd.Resolve.h"
|
#include "varlink-io.systemd.Resolve.h"
|
||||||
#include "varlink-io.systemd.Resolve.Monitor.h"
|
#include "varlink-io.systemd.Resolve.Monitor.h"
|
||||||
|
#include "varlink-io.systemd.Unit.h"
|
||||||
#include "varlink-io.systemd.UserDatabase.h"
|
#include "varlink-io.systemd.UserDatabase.h"
|
||||||
#include "varlink-io.systemd.oom.h"
|
#include "varlink-io.systemd.oom.h"
|
||||||
#include "varlink-io.systemd.service.h"
|
#include "varlink-io.systemd.service.h"
|
||||||
|
@ -193,6 +195,10 @@ TEST(parse_format) {
|
||||||
print_separator();
|
print_separator();
|
||||||
test_parse_format_one(&vl_interface_io_systemd_MachineImage);
|
test_parse_format_one(&vl_interface_io_systemd_MachineImage);
|
||||||
print_separator();
|
print_separator();
|
||||||
|
test_parse_format_one(&vl_interface_io_systemd_Manager);
|
||||||
|
print_separator();
|
||||||
|
test_parse_format_one(&vl_interface_io_systemd_Unit);
|
||||||
|
print_separator();
|
||||||
test_parse_format_one(&vl_interface_xyz_test);
|
test_parse_format_one(&vl_interface_xyz_test);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -292,7 +292,7 @@ int udev_ctrl_start(UdevCtrl *uctrl, udev_ctrl_handler_t callback, void *userdat
|
||||||
|
|
||||||
int udev_ctrl_send(UdevCtrl *uctrl, UdevCtrlMessageType type, const void *data) {
|
int udev_ctrl_send(UdevCtrl *uctrl, UdevCtrlMessageType type, const void *data) {
|
||||||
UdevCtrlMessageWire ctrl_msg_wire = {
|
UdevCtrlMessageWire ctrl_msg_wire = {
|
||||||
.version = "udev-" STRINGIFY(PROJECT_VERSION),
|
.version = "udev-" PROJECT_VERSION_STR,
|
||||||
.magic = UDEV_CTRL_MAGIC,
|
.magic = UDEV_CTRL_MAGIC,
|
||||||
.type = type,
|
.type = type,
|
||||||
};
|
};
|
||||||
|
|
|
@ -19,6 +19,6 @@ int lock_main(int argc, char *argv[], void *userdata);
|
||||||
|
|
||||||
static inline int print_version(void) {
|
static inline int print_version(void) {
|
||||||
/* Dracut relies on the version being a single integer */
|
/* Dracut relies on the version being a single integer */
|
||||||
puts(STRINGIFY(PROJECT_VERSION));
|
puts(PROJECT_VERSION_STR);
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
|
@ -29,7 +29,7 @@ static int apply_timestamp(const char *path, struct timespec *ts) {
|
||||||
timespec_load_nsec(ts)) < 0)
|
timespec_load_nsec(ts)) < 0)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
|
|
||||||
r = write_string_file_full(AT_FDCWD, path, message, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC|WRITE_STRING_FILE_LABEL, ts);
|
r = write_string_file_full(AT_FDCWD, path, message, WRITE_STRING_FILE_CREATE|WRITE_STRING_FILE_ATOMIC|WRITE_STRING_FILE_LABEL, ts, NULL);
|
||||||
if (r == -EROFS)
|
if (r == -EROFS)
|
||||||
log_debug_errno(r, "Cannot create \"%s\", file system is read-only.", path);
|
log_debug_errno(r, "Cannot create \"%s\", file system is read-only.", path);
|
||||||
else if (r < 0)
|
else if (r < 0)
|
||||||
|
|
|
@ -22,6 +22,11 @@ trap at_exit EXIT
|
||||||
|
|
||||||
systemctl service-log-level systemd-machined debug
|
systemctl service-log-level systemd-machined debug
|
||||||
systemctl service-log-level systemd-importd debug
|
systemctl service-log-level systemd-importd debug
|
||||||
|
# per request in https://github.com/systemd/systemd/pull/35117
|
||||||
|
systemctl edit --runtime --stdin 'systemd-nspawn@.service' --drop-in=debug.conf <<EOF
|
||||||
|
[Service]
|
||||||
|
Environment=SYSTEMD_LOG_LEVEL=debug
|
||||||
|
EOF
|
||||||
|
|
||||||
# Mount temporary directory over /var/lib/machines to not pollute the image
|
# Mount temporary directory over /var/lib/machines to not pollute the image
|
||||||
mkdir -p /var/lib/machines
|
mkdir -p /var/lib/machines
|
||||||
|
@ -278,13 +283,13 @@ varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.List
|
||||||
# sending TRAP signal
|
# sending TRAP signal
|
||||||
rm -f /var/lib/machines/long-running/trap
|
rm -f /var/lib/machines/long-running/trap
|
||||||
varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.Kill '{"name":"long-running", "whom": "leader", "signal": 5}'
|
varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.Kill '{"name":"long-running", "whom": "leader", "signal": 5}'
|
||||||
timeout 30 bash -c "until test -e /var/lib/machines/long-running/trap; do sleep .5; done"
|
timeout 120 bash -c "until test -e /var/lib/machines/long-running/trap; do sleep .5; done"
|
||||||
|
|
||||||
# test io.systemd.Machine.Terminate
|
# test io.systemd.Machine.Terminate
|
||||||
long_running_machine_start
|
long_running_machine_start
|
||||||
rm -f /var/lib/machines/long-running/terminate
|
rm -f /var/lib/machines/long-running/terminate
|
||||||
varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.Terminate '{"name":"long-running"}'
|
varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.Terminate '{"name":"long-running"}'
|
||||||
timeout 10 bash -c "until test -e /var/lib/machines/long-running/terminate; do sleep .5; done"
|
timeout 30 bash -c "until test -e /var/lib/machines/long-running/terminate; do sleep .5; done"
|
||||||
timeout 30 bash -c "while varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.List '{\"name\":\"long-running\"}'; do sleep 0.5; done"
|
timeout 30 bash -c "while varlinkctl call /run/systemd/machine/io.systemd.Machine io.systemd.Machine.List '{\"name\":\"long-running\"}'; do sleep 0.5; done"
|
||||||
|
|
||||||
# test io.systemd.Machine.Register
|
# test io.systemd.Machine.Register
|
||||||
|
@ -356,7 +361,7 @@ journalctl --sync
|
||||||
machinectl terminate container-without-os-release
|
machinectl terminate container-without-os-release
|
||||||
machinectl terminate long-running
|
machinectl terminate long-running
|
||||||
# wait for the container being stopped, otherwise acquiring image metadata by io.systemd.MachineImage.List may fail in the below.
|
# wait for the container being stopped, otherwise acquiring image metadata by io.systemd.MachineImage.List may fail in the below.
|
||||||
timeout 10 bash -c "while machinectl status long-running &>/dev/null; do sleep .5; done"
|
timeout 30 bash -c "while machinectl status long-running &>/dev/null; do sleep .5; done"
|
||||||
systemctl kill --signal=KILL systemd-nspawn@long-running.service || :
|
systemctl kill --signal=KILL systemd-nspawn@long-running.service || :
|
||||||
|
|
||||||
(ip addr show lo | grep -q 192.168.1.100) || ip address add 192.168.1.100/24 dev lo
|
(ip addr show lo | grep -q 192.168.1.100) || ip address add 192.168.1.100/24 dev lo
|
||||||
|
|
|
@ -160,3 +160,24 @@ done
|
||||||
varlinkctl info /run/systemd/io.systemd.Hostname
|
varlinkctl info /run/systemd/io.systemd.Hostname
|
||||||
varlinkctl introspect /run/systemd/io.systemd.Hostname io.systemd.Hostname
|
varlinkctl introspect /run/systemd/io.systemd.Hostname io.systemd.Hostname
|
||||||
varlinkctl call /run/systemd/io.systemd.Hostname io.systemd.Hostname.Describe '{}'
|
varlinkctl call /run/systemd/io.systemd.Hostname io.systemd.Hostname.Describe '{}'
|
||||||
|
|
||||||
|
# test io.systemd.Manager
|
||||||
|
varlinkctl info /run/systemd/io.systemd.Manager
|
||||||
|
varlinkctl introspect /run/systemd/io.systemd.Manager io.systemd.Manager
|
||||||
|
varlinkctl call /run/systemd/io.systemd.Manager io.systemd.Manager.Describe '{}'
|
||||||
|
|
||||||
|
# test io.system.Unit
|
||||||
|
varlinkctl info /run/systemd/unit/io.systemd.Unit
|
||||||
|
varlinkctl introspect /run/systemd/unit/io.systemd.Unit io.systemd.Unit
|
||||||
|
varlinkctl --more call /run/systemd/unit/io.systemd.Unit io.systemd.Unit.List '{}'
|
||||||
|
|
||||||
|
# test io.systemd.Manager in user manager
|
||||||
|
systemctl start user@4711
|
||||||
|
varlinkctl info /run/user/4711/systemd/io.systemd.Manager
|
||||||
|
varlinkctl introspect /run/user/4711/systemd/io.systemd.Manager
|
||||||
|
varlinkctl call /run/user/4711/systemd/io.systemd.Manager io.systemd.Manager.Describe '{}'
|
||||||
|
|
||||||
|
# test io.systemd.Unit in user manager
|
||||||
|
varlinkctl info /run/user/4711/systemd/unit/io.systemd.Unit
|
||||||
|
varlinkctl introspect /run/user/4711/systemd/unit/io.systemd.Unit
|
||||||
|
varlinkctl --more call /run/user/4711/systemd/unit/io.systemd.Unit io.systemd.Unit.List '{}'
|
||||||
|
|
Loading…
Reference in New Issue