On Wed, May 15, 2024 at 4:38 PM Michal Sekletar wrote:
>
> On Wed, May 15, 2024 at 2:59 PM Michal Sekletar
wrote:
>>
>> Hi everyone,
>>
>> I am currently struggling to understand why I am running into D-Bus
related timeout on PID 1 API bus, which in turn causes
On Wed, May 15, 2024 at 2:59 PM Michal Sekletar wrote:
> Hi everyone,
>
> I am currently struggling to understand why I am running into D-Bus
> related timeout on PID 1 API bus, which in turn causes systemd to
> transition the bus to BUS_CLOSING state and stop all Type=dbus s
On Wed, May 15, 2024 at 2:59 PM Michal Sekletar wrote:
> Hi everyone,
>
> I am currently struggling to understand why I am running into D-Bus
> related timeout on PID 1 API bus, which in turn causes systemd to
> transition the bus to BUS_CLOSING state and stop all Type=dbus s
Hi everyone,
I am currently struggling to understand why I am running into D-Bus related
timeout on PID 1 API bus, which in turn causes systemd to transition the
bus to BUS_CLOSING state and stop all Type=dbus services. Here is a
reproducer that was put together by Frantisek.
#/bin/bash
set -eux
On Wed, Oct 14, 2020 at 11:21 AM Srijan Sivakumar
wrote:
> Hello there SMEs,
>
> I'm contributing to glusterfs project and found the service to be in the
> state of
> *Active: active (running) (thawing) *sometimes.
>
> Now, I tried looking up what is the thawing state but couldn't get
> anything
On Wed, Aug 5, 2020 at 4:12 PM Thomas HUMMEL
wrote:
>
>
> What I understand here in my case is that NAME is not empty (because of
> biosdevname step) so I don't understand why I don't end up with em1
> instead of the
> onboard style name. This would mean ID_NET_NAME has been set in a
> previous
On Fri, Nov 22, 2019 at 4:09 PM Mathew Robinson wrote:
>
> Hey all,
>
> With the new NUMAPolicy/NUMAMask options as a service author I want to
> specify a NUMAPolicy=interleave what mask can I apply for NUMAMask that is
> equivalent to all? We tried blank but this appears to not work and you
On Fri, Nov 1, 2019 at 1:49 AM Paul Davey
wrote:
> What is the best way to fix this issue? I have locally had success
> just calling the on_spawn_io callback in the process success branch of
> on_spawn_sigchld, but I am unsure if this is an acceptable fix.
In the callback, we call read() only
On Wed, Jul 25, 2018 at 5:25 AM George Xie wrote:
>
> thanks for your reply.
>
> odds enough, on both aforementioned boxes, MemoryAccounting is set to no:
There is probably some other service that had MemoryAccounting=yes
which in turn effectively (even though dbus property doesn't reflect
that)
On Tue, Jul 24, 2018 at 5:04 PM Mark Huggins wrote:
> Question:
> Is there way to modify the template file: tomcat.service.erb to include
> creating ‘/opt/tomcat/logs/catalina.out' file prior to execution of the 'sudo
> systemctl daemon-reload'command? Also, I'm unsure how long the command:
>
On Wed, May 9, 2018 at 9:42 PM, Uoti Urpala wrote:
> What information would the graph contain? The basic structure of a
> cycle is always just a simple ring, and I don't see what benefit making
> a graph of that would give over just listing the nodes in order.
The
On Fri, Apr 27, 2018 at 6:01 AM, Andrei Borzenkov wrote:
> апр 27 06:54:14 bor-Latitude-E5450 systemd[1582]: foo.service: Found
> ordering cycle on foo.service/start
> апр 27 06:54:14 bor-Latitude-E5450 systemd[1582]: foo.service: Found
> dependency on bar.service/start
>
On Mon, Feb 26, 2018 at 10:24 AM, 林自均 wrote:
> However, it is a little bit tedious to write drop-ins for each service
> units. Is there a directive for "my-apps.target" to propagate "stop"
> operation to the 3 services? I was expecting something like
>
On Thu, Jan 4, 2018 at 9:50 PM, Mircea Husz wrote:
> Migrating an init script to systemd, and need to archive logs only if the
> service exited normally with a return code 0. I found $SERVICE_RESULT,
> $EXIT_CODE, and $EXIT_STATUS but they are in a newer version of systemd,
On Thu, Oct 12, 2017 at 6:01 PM, Akira Hayakawa wrote:
> And I want to stop the read request because it makes it difficult to test
> kernel code.
> So the second question is: how can I stop the read request?
You can install local udev rule that will disable udev's
Hi,
For RHEL7 we have received complains from users that network
filesystems are not unmounted before entering rescue mode. I guess
this is because mount units have IgnoreOnIsolate=yes set by default. I
think this is fine and actually desired for local filesystems, but
there is little sense in
On Wed, May 31, 2017 at 3:43 PM, Moravec, Stanislav (ERT)
wrote:
> FYI:
> I tried to simply bypass the pending job check:
> +int ignore_stop_pending = true;
> static void socket_enter_running(Socket *s, int cfd) {
> ...
> -if (unit_stop_pending(UNIT(s))) {
> +
On Mon, May 29, 2017 at 5:44 PM, Lennart Poettering
wrote:
> This is indeed a shortcoming in systemd's model right now: we don't
> permit a start and a stop job to be enqueued for the same unit at the
> same time. But to do what you want to do we'd need to permit that:
On Fri, Apr 28, 2017 at 11:05 AM, Julian Andres Klode wrote:
> From my testing, if B has After=A, and A is already started, the
> startup of B is delayed until A has completed - do you mean that
> with run queue, or is that merely by accident somehow?
Like I said, we can't do
Hi,
On big setups (read: a lot of multipathed disks), probing and
assembling storage may take significant amount of time. However, by
default systemd waits only 90s (DefaultTimeoutStartSec) for
"top-level" device unit to show up, i.e. one that is referenced in
/etc/fstab.
One possible solution
On Thu, Apr 27, 2017 at 11:30 PM, Julian Andres Klode wrote:
> Now, we seem to be missing one bit: If daily-upgrade is already
> running, and daily is about to start, daily should wait for
> daily-upgrade to finish. I had hoped that maybe that works
> automatically given that
Hi everyone,
I was asked today about $subject. I quickly skimmed trough the
relevant parts of the code and current default looks like an
oversight. I think there are no processes other than journald involved
in notification handling. I think it would be nice if drop the setting
and rely on
On Sat, Apr 1, 2017 at 6:46 AM, Andrei Borzenkov wrote:
> As far as I can tell, current systemd should behave as you want since
> commit 9d06297. If you want this commit to be backported, you need to
> contact your distribution.
9d06297 changed behavior only for mount units
On Thu, Mar 16, 2017 at 4:29 PM, Reindl Harald wrote:
> with systemd-229-18.fc24.x86_64 no problem at all - after upgrade to F25
> "/usr/bin/vmware-networks" while this is just a phyiscal file and was not
> touched
>
> [root@rh:~]$ rpm -q systemd
>
On Sun, Mar 5, 2017 at 3:59 PM, Pascal Kolijn wrote:
> Peace,
>
> On 28/02/2017 16:00, Lennart Poettering wrote:
>> On Tue, 28.02.17 13:26, Pascal kolijn (p.kol...@vu.nl) wrote:
>>
>>> Hi List,
>>>
>>> I've subscribed to this list to ask for help in debugging a problem we
>>> seem
On Fri, Mar 3, 2017 at 4:09 PM, Lennart Poettering
wrote:
> On Sat, 04.03.17 01:38, Daurnimator (q...@daurnimator.com) wrote:
>
>> On 3 March 2017 at 20:58, Lennart Poettering wrote:
>> > On Fri, 03.03.17 12:34, Daurnimator (q...@daurnimator.com)
On Thu, Mar 9, 2017 at 4:53 PM, Jonathan Dowland
wrote:
> Hey,
>
> I have some backup services which depend on mounts. I want those
> filesystems unmounted when the backup jobs are not running. This is
> easily achieved with StopWhenUnneeded.
>
> I also want to
On Fri, Feb 24, 2017 at 10:56 AM, Viktor Mihajlovski
wrote:
> On 20.02.2017 17:00, Cornelia Huck wrote:
>> On Mon, 20 Feb 2017 15:34:49 +0100
>> Viktor Mihajlovski wrote:
>>
>>> Hi,
>>>
>>> with systemd > v229 all virtio block devices
On Fri, Nov 11, 2016 at 2:20 PM, Daniel P. Berrange wrote:
> What kind of issues ?
General problem with manually created device nodes is that udev and
systemd do not know about them. Device units do not exist for these
device nodes. Hence these device units can not be a
On Mon, Nov 7, 2016 at 1:20 PM, Daniel P. Berrange wrote:
> So if libvirt creates a private mount namespace for each QEMU and mounts
> a custom /dev there, this is invisible to udev, and thus udev won't/can't
> mess with permissions we set in our private /dev.
>
> For
On Tue, Sep 27, 2016 at 5:05 PM, Lokesh Mandvekar
wrote:
> Now, I can mount these partitions with:
>
> # lvm vgchange -ay
>
> but this still doesn't automount succesfully on a reboot.
>
> Did I miss something here?
I'd check from emergency shell whether
On Sat, May 21, 2016 at 10:43 PM, Jamie Kitson wrote:
> if I power off my computer at the dm-crypt boot password prompt my UEFI
> menu entries get wiped from the BIOS and reset to the single default
> Windows option.
What do you exactly mean by "menu entries get wiped from
On Thu, Mar 10, 2016 at 10:11 PM, Orion Poplawski wrote:
> Can't the stop of iptables be dropped because the service is already stopped
> (or more likely not even present)?
Isn't this the case already? I simplified your scenario, i.e. A
conflicts B and C is part of both A
On Tue, Apr 12, 2016 at 5:58 PM, Lennart Poettering
wrote:
> The rhel-ci people offered us to use their spare machines, that's
> all. And Daniel took them up on it, and is now working on getting this
> hooked up.
It is not even rhel-ci (as in Red Hat internal), rather
On Thu, Mar 31, 2016 at 11:10 AM, Jóhann B. Guðmundsson
<johan...@gmail.com> wrote:
>
>
> On 03/30/2016 03:49 PM, Michal Sekletar wrote:
>>
>> On Mon, Mar 21, 2016 at 1:42 PM, Vasiliy Tolstov <v.tols...@selfip.ru>
>> wrote:
>>
>>> Now i
On Thu, Mar 24, 2016 at 3:52 PM, Ian Pilcher wrote:
> I haven't been able to figure out a way to get systemd-networkd to do
> this. I tried creating /etc/systemd/network/ovs1.link, but it had no
> effect:
>
> [Match]
> OriginalName=ovs1
>
> [Link]
> MTUBytes=9000
>
On Mon, Mar 21, 2016 at 1:42 PM, Vasiliy Tolstov wrote:
> Now i want to have two entries and assign priority to it via systemd,
> in my use-case i want to know last succeseful boot entry and use it.
> After upgrade i want to boot from new antry and if it fails - change
>
On Tue, Mar 15, 2016 at 5:42 PM, Mrunal Patel wrote:
>
>
>
>> >
>> > docker.io did that too three weeks ago:
>> >
>> > https://github.com/docker/docker/commit/65820132
>>
>> This seems odd. I thought you primarily want to enable delegation for
>> scope units wrapping
On Tue, Mar 15, 2016 at 4:56 PM, Martin Pitt <martin.p...@ubuntu.com> wrote:
> Michal Sekletar [2016-03-15 16:06 +0100]:
>> We had similar problem in the past with libvirtd and it got solved by
>> introducing Delegate option (man systemd.resource-control).
>
> docker.
On Mon, Mar 14, 2016 at 6:42 PM, Daniel J Walsh wrote:
>> To see the code you can refer to
>> https://github.com/projectatomic/docker/pull/71/files (In this PR, I made
>> the change to always join all the subsystems after creating the scope to
>> help with first issue below).
On Fri, Feb 19, 2016 at 1:49 PM, Zbigniew Jędrzejewski-Szmek
wrote:
> I don't think there's a way around the issue short of allowing
> watchdog during startup. Databases which do long recovery are a bit
> special, most programs don't exhibit this kind of behaviour, but maybe
>
On Wed, Feb 17, 2016 at 1:35 PM, Avi Kivity wrote:
> 3. watchdog during startup
>
> Sometimes we need to perform expensive operations during startup (log
> replay, rebuild from network replica) before we can start serving. Rather
> than configure a huge start timeout, I'd
On Thu, Feb 11, 2016 at 2:48 PM, Daniel J Walsh wrote:
> I am now masking nothing, just removing /etc/fstab. We will probably
> need to back port the dev-hugepages.mount fix
> to rhel7 at some point.
On RHEL-7.2 dev-hugepages.mount already has
On Wed, Nov 11, 2015 at 11:52 AM, Jóhann B. Guðmundsson
wrote:
>
> I thought the conscious was not recommending downstream to split systemd
> into subpackages?
>
This decision was recently (at systemd.conf) reevaluated :)
Michal
Right now it is difficult for distros to ship convenience/compat alias for some
service, e.g. mariadb aliased to mysql or nfs-server to nfs. If service which
comes with alias is not enabled by default then user must refer to its new unit
file name when trying to enable the service. Contrary, using
On Thu, Apr 09, 2015 at 02:44:38PM +, Zbigniew Jędrzejewski-Szmek wrote:
On Thu, Apr 09, 2015 at 04:35:53PM +0200, Michal Sekletar wrote:
On Thu, Apr 09, 2015 at 02:10:14PM +, Zbigniew Jędrzejewski-Szmek wrote:
On Thu, Apr 09, 2015 at 03:20:02PM +0200, Michal Sekletar wrote
On Thu, Apr 09, 2015 at 02:10:14PM +, Zbigniew Jędrzejewski-Szmek wrote:
On Thu, Apr 09, 2015 at 03:20:02PM +0200, Michal Sekletar wrote:
Users might have hard time figuring out why exactly their systemctl request
failed. If dbus job fails try to figure out more details about failure
Users might have hard time figuring out why exactly their systemctl request
failed. If dbus job fails try to figure out more details about failure by
examining Result property of the service.
https://bugzilla.redhat.com/show_bug.cgi?id=1016680
---
src/libsystemd/sd-bus/bus-util.c | 41
Users might have hard time figuring out that they need to call systemctl
reset-failed, before they are allowed to start the service again, after service
ended up in failed state because start job rate limiting. Let's be nice and
print better error message.
On Thu, Mar 05, 2015 at 05:41:55AM +0100, Branko wrote:
I have a need to put my NICs in RAID0 so to speak, but according
to materials I have found on net I can't use NIC bonding driver
because I would need LACP (IEEE whatever) aware L2 switch, so I was
refered to teaming driver, which should
of the
possible use cases for SR-IOV and MR-IOV, which hopefully shares
the interface; adding Dan back to CC as he is the one to speak for network.
I have added b) to our TODO list for networkd/udev .link files.
I discussed this with Michal Sekletar who has been looking at this. It
appears
On Tue, Jan 13, 2015 at 03:37:35PM -0500, Steve Dickson wrote:
Since rpc.idmapd is only used by the nfs server, to do
its id mapping, bind the nfs-idmapd service to the
nfs-server service so rpc.idmapd will be started
and stopped with the nfs server.
Signed-off-by: Steve Dickson
On Mon, Dec 01, 2014 at 12:06:03PM +0100, Martin Pitt wrote:
Hello all,
In my efforts to make user LXC containers work I noticed that under a
real desktop (not just nspawn with VT login or ssh logins) my
carefully set up cgroups in the non-systemd controllers get reverted.
I. e. I put the
We need original socket_fd around otherwise mac_selinux_get_child_mls_label
fails with -EINVAL return code. Also don't call setexeccon twice but rather pass
context value of SELinuxContext option as an extra argument.
---
src/core/execute.c| 31 ++-
---
units/dev-hugepages.mount | 1 +
1 file changed, 1 insertion(+)
diff --git a/units/dev-hugepages.mount b/units/dev-hugepages.mount
index d711fae..882adb4 100644
--- a/units/dev-hugepages.mount
+++ b/units/dev-hugepages.mount
@@ -12,6 +12,7 @@
On Tue, Oct 21, 2014 at 09:16:16PM +0200, Lennart Poettering wrote:
On Fri, 19.09.14 17:14, Michal Sekletar (msekl...@redhat.com) wrote:
snip
I do see the usecase though for those projects. I'd probably suggest
not to merge it for RHEL either. But instead I'd propose a different
solution
On Tue, Oct 21, 2014 at 07:29:31PM +0200, Lennart Poettering wrote:
On Tue, 21.10.14 18:32, Michal Sekletar (msekl...@redhat.com) wrote:
snip
Go ahead and commit. Ideally with those two nitpicks fixed, but even
if you don't it's OK.
sethostname_idempotent now returns 1 when hostname
On Wed, Oct 08, 2014 at 04:54:59PM +0200, Lennart Poettering wrote:
On Wed, 08.10.14 16:49, Michal Sekletar (msekl...@redhat.com) wrote:
Hmm, I think we should just do need_umount = !in_container, like we
do for the other things like loopback detaching, dm detaching or
swapoff
Function queries system hostname and applies changes only when necessary. Also,
migrate all client of sethostname to sethostname_idempotent while at it.
---
src/core/hostname-setup.c | 2 +-
src/hostname/hostnamed.c | 2 +-
src/nspawn/nspawn.c | 2 +-
src/shared/util.c | 20
On Tue, Oct 14, 2014 at 09:04:56AM +0200, Jan Synacek wrote:
Michal Sekletar msekl...@redhat.com writes:
On Mon, Oct 13, 2014 at 09:36:16AM +0200, Jan Synacek wrote:
Hello,
currently, unicode characters are not correctly displayed in the
console. After login, when I run /usr/bin
On Tue, Oct 21, 2014 at 09:39:46PM +0400, Ivan Shapovalov wrote:
On Tuesday 21 October 2014 at 19:03:17, Michal Sekletar wrote:
On Tue, Oct 14, 2014 at 09:04:56AM +0200, Jan Synacek wrote:
Michal Sekletar msekl...@redhat.com writes:
On Mon, Oct 13, 2014 at 09:36:16AM +0200, Jan
On Mon, Oct 13, 2014 at 05:14:24PM +0200, Zbigniew Jędrzejewski-Szmek wrote:
On Mon, Oct 13, 2014 at 04:57:12PM +0200, Michal Sekletar wrote:
Before returning from function we should reset ret to NULL, thus cleanup
function is nop.
Also context_str() returns pointer to a string
On Mon, Oct 13, 2014 at 09:36:16AM +0200, Jan Synacek wrote:
Hello,
currently, unicode characters are not correctly displayed in the
console. After login, when I run /usr/bin/unicode_start, unicode works
fine. I tried to create a service file that runs this script, linking
tty to stdout and
Before returning from function we should reset ret to NULL, thus cleanup
function is nop.
Also context_str() returns pointer to a string containing context but not a
copy, hence we must make copy it explicitly.
---
src/shared/label.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff
We need original socket_fd around otherwise label_get_child_mls_label fails with
-EINVAL return code.
---
src/core/execute.c | 58 --
1 file changed, 30 insertions(+), 28 deletions(-)
diff --git a/src/core/execute.c b/src/core/execute.c
index
On Wed, Oct 08, 2014 at 01:41:16PM +0200, Lennart Poettering wrote:
On Tue, 07.10.14 14:17, Michal Sekletar (msekl...@redhat.com) wrote:
On Thu, Oct 02, 2014 at 12:04:02PM +0200, Lennart Poettering wrote:
On Thu, 02.10.14 09:57, Michal Sekletar (msekl...@redhat.com) wrote:
#define
On Thu, Oct 02, 2014 at 11:43:22AM +0200, Lennart Poettering wrote:
On Thu, 02.10.14 09:57, Michal Sekletar (msekl...@redhat.com) wrote:
In cases when we are running as system manager, but we don't have the
capability to mount filesystems don't call mount_setup(). However we
assume
On Thu, Oct 02, 2014 at 12:04:02PM +0200, Lennart Poettering wrote:
On Thu, 02.10.14 09:57, Michal Sekletar (msekl...@redhat.com) wrote:
#define FINALIZE_ATTEMPTS 50
@@ -207,7 +208,11 @@ int main(int argc, char *argv[]) {
in_container = detect_container(NULL) 0
On Thu, Oct 02, 2014 at 02:39:10PM +0200, Lennart Poettering wrote:
On Wed, 24.09.14 17:18, Michal Sekletar (msekl...@redhat.com) wrote:
Heya,
+for (j = VARIABLE_LANG; j _VARIABLE_LC_MAX; j++)
I think it is much nicer to count from an explicit 0 on here,
instead
---
src/shared/virt.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/src/shared/virt.c b/src/shared/virt.c
index b436895..f9c4e67 100644
--- a/src/shared/virt.c
+++ b/src/shared/virt.c
@@ -310,6 +310,8 @@ int detect_container(const char **id) {
_id = lxc-libvirt;
In cases when we are running as system manager, but we don't have the
capability to mount filesystems don't call mount_setup(). However we
assume that some directories (e.g. /run/systemd) are always
around. Hence don't create those directories in mount_setup().
---
src/core/main.c| 7
---
Makefile.am | 3 ++-
src/core/shutdown.c | 7 ++-
2 files changed, 8 insertions(+), 2 deletions(-)
diff --git a/Makefile.am b/Makefile.am
index 5033028..f8104bc 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -1925,7 +1925,8 @@ systemd_shutdown_SOURCES = \
systemd_shutdown_LDADD =
When a system already has hostname set to the configured value
don't try to set it again. This will prevent an error being reported when
running inside an unprivileged container, i.e. in an environment where we
don't have CAP_SYS_ADMIN capability and therefore the container manager is
responsible
On Thu, Sep 25, 2014 at 04:47:58AM +0200, Zbigniew Jędrzejewski-Szmek wrote:
On Wed, Sep 24, 2014 at 05:18:47PM +0200, Michal Sekletar wrote:
---
src/core/locale-setup.c | 47 +
src/locale/localectl.c | 50
This commit introduces possibility to call parse_env_file_internal() and hand
over extra argument where we will accumulate how many items were successfully
parsed and pushed by callback. We make use of this in parse_env_file() and
return number of parsed items on success instead of always
---
src/core/locale-setup.c | 47 +
src/locale/localectl.c | 50
src/shared/locale-util.c | 20 +++
src/shared/locale-util.h | 25
4 files changed, 100
On Fri, Sep 19, 2014 at 12:13:18PM +0200, Tom Gundersen wrote:
On Mon, Sep 8, 2014 at 3:42 PM, Michal Sekletar msekl...@redhat.com wrote:
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided
In cases when there is a cgroup tree in a controller hierarchy which was
not created by us, but it looks like it was (i.e. cgroup path is the
same as the one in systemd's named hierarchy) we shouldn't delete it.
---
Reproducer:
1) start qemu-kvm VM via virsh/virt-manager
2) ls
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.
Implementation of label_get_child_mls_label derived from xinetd.
Reviewed-by: Paul Moore pmo...@redhat.com
---
Changes in v5:
On Wed, Aug 27, 2014 at 04:45:32AM +0200, Zbigniew Jędrzejewski-Szmek wrote:
On Mon, Aug 25, 2014 at 10:02:58AM +0200, Michal Sekletar wrote:
varlistentry
+
termvarnameSELinuxContextFromNet=/varname/term
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.
Implementation of label_get_child_mls_label derived from xinetd.
Reviewed-by: Paul Moore pmo...@redhat.com
---
Changes in v4:
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.
Implementation of label_get_child_mls_label derived from xinetd.
Reviewed-by: Paul Moore pmo...@redhat.com
---
Changes in v3:
We use libselinux which exports context_free function. To prevent name
clashes rename our internal APIs and don't use context_* but rather
appropriately prefixed names.
---
src/hostname/hostnamed.c | 72 +--
src/journal/mmap-cache.c | 102
On Thu, Aug 21, 2014 at 12:38:08PM +0200, Michael Olbrich wrote:
BPF_XOR was introduced in kernel 3.7
---
This fixes compiling systemd for me. I'm not sure about the implications of
this. I'm not sure what happens if the code using it is executed on a linux
kernel 3.7
I don't think that
On Wed, Aug 13, 2014 at 09:42:14PM +0200, Lennart Poettering wrote:
On Tue, 05.08.14 13:46, Michal Sekletar (msekl...@redhat.com) wrote:
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided
On Wed, Aug 20, 2014 at 03:29:37PM +0200, Lennart Poettering wrote:
On Wed, 20.08.14 12:01, Michal Sekletar (msekl...@redhat.com) wrote:
+if (context-selinux_labeled_net
use_selinux()) {
+_cleanup_free_ char *label = NULL
On Wed, Aug 13, 2014 at 09:42:14PM +0200, Lennart Poettering wrote:
snip
@@ -1773,6 +1782,9 @@ static void socket_enter_running(Socket *s, int cfd) {
cfd = -1;
s-n_connections ++;
+if (s-selinux_labeled_net)
+
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.
Implementation of label_get_child_label derived from xinetd.
Reviewed-by: Paul Moore pmo...@redhat.com
---
Changes in v2:
*
On Thu, Aug 07, 2014 at 01:23:34PM +0200, Peter Mattern wrote:
If one of these options gets stated more than once the different
instances seem to be linked by a logical AND, too. This prevents
overwriting these options via snippets in /etc, e. g.
systemd-timesyncd.service still won't run in
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.
Implementation of label_get_socket_label derived from xinetd.
---
man/systemd.socket.xml| 11 ++
On Wed, Jul 30, 2014 at 11:26:38AM +, Jóhann B. Guðmundsson wrote:
On 07/30/2014 10:22 AM, Ansgar Burchardt wrote:
Hi,
while looking at how to convert sysvinit scripts to service files in
Debian, I noticed that some scripts do an additional sanity check during
the restart action. That
On Sun, Jul 27, 2014 at 07:57:47PM +0200, Zbigniew Jędrzejewski-Szmek wrote:
On Sun, Jul 27, 2014 at 01:11:07PM +0200, Michal Sekletar wrote:
On Sat, Jul 26, 2014 at 09:11:47PM +0200, Zbigniew Jędrzejewski-Szmek wrote:
Hm, what was wrong with the facility before?
I think that we should
SYSLOG_FACILITY field confuses some tools, most notably
rsyslog, thus rsyslog filters like kern.* /var/log/kernel.log doesn't work and
rsyslog don't output kernel log messages to /var/log/kernel.log.
Michal
Zbyszek
On Fri, Jul 25, 2014 at 03:04:44PM +0200, Michal Sekletar wrote:
---
src
---
src/journal/journald-kmsg.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/journal/journald-kmsg.c b/src/journal/journald-kmsg.c
index 12992e7..8d24344 100644
--- a/src/journal/journald-kmsg.c
+++ b/src/journal/journald-kmsg.c
@@ -274,6 +274,9 @@ static void
If there are no further objections I will push the patch as is.
Michal
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Currently after exiting rescue shell we isolate default target. User
might want to isolate to some other target than default one. However
issuing systemctl isolate command to desired target would bring system
to default target as a consequence of running ExecStopPost action.
Having common
On Tue, Jun 24, 2014 at 03:54:54PM +0200, Tom Gundersen wrote:
On Tue, Jun 24, 2014 at 12:58 PM, Michal Sekletar msekl...@redhat.com wrote:
On Thu, Jun 19, 2014 at 12:02:39PM -0500, Dan Williams wrote:
On Thu, 2014-06-19 at 18:59 +0200, Michal Sekletar wrote:
Check that received DHCP
We already ignore IP fragments, because we expect that Fragment
offset (FO) field is not set. However first fragment in a fragmented IP
flow will have all zeroes in FO field. We should ignore such packet as
well, thus we need to look at MF flag in the IP header. Checking MF flag
will filter out
On Wed, Jul 02, 2014 at 03:05:36AM +0200, Zbigniew Jędrzejewski-Szmek wrote:
On Tue, Jul 01, 2014 at 04:36:47PM +0200, Lennart Poettering wrote:
On Tue, 01.07.14 16:47, microcai (micro...@fedoraproject.org) wrote:
Maybe another option is to improve localectl on the client side to
On Thu, Jun 19, 2014 at 12:02:39PM -0500, Dan Williams wrote:
On Thu, 2014-06-19 at 18:59 +0200, Michal Sekletar wrote:
Check that received DHCP packets actually include our MAC address in
chaddr field. BPF interpreter has 32 bit wide registers but MAC address
is 48 bits long so we have
1 - 100 of 188 matches
Mail list logo