mirror of
https://github.com/systemd/systemd
synced 2024-10-01 13:55:20 +00:00
tree-wide: replace "plural(s)" by "plurals"
(s) is just ugly with a vibe of DOS. In most cases just using the normal plural form is more natural and gramatically correct. There are some log_debug() statements left, and texts in foreign licenses or headers. Those are not touched on purpose.
This commit is contained in:
parent
f6e88aac2c
commit
0923b4253c
4
NEWS
4
NEWS
|
@ -2477,9 +2477,9 @@ CHANGES WITH 249:
|
||||||
unit, which will be instantiated using the same instance name.
|
unit, which will be instantiated using the same instance name.
|
||||||
|
|
||||||
* A new MemoryAvailable property is available for units. If the unit,
|
* A new MemoryAvailable property is available for units. If the unit,
|
||||||
or the slice(s) it is part of, have a memory limit set via MemoryMax=/
|
or the slices it is part of, have a memory limit set via MemoryMax=/
|
||||||
MemoryHigh=, MemoryAvailable will indicate how much more memory the
|
MemoryHigh=, MemoryAvailable will indicate how much more memory the
|
||||||
unit can claim before hitting the limit(s).
|
unit can claim before hitting the limits.
|
||||||
|
|
||||||
* systemd-coredump will now try to stay below the cgroup memory limit
|
* systemd-coredump will now try to stay below the cgroup memory limit
|
||||||
placed on itself or one of the slices it runs under, if the storage
|
placed on itself or one of the slices it runs under, if the storage
|
||||||
|
|
|
@ -275,17 +275,17 @@ following must be also be observed:
|
||||||
1. The base/OS image must contain an `os-release file`, either in `/etc/os-release`
|
1. The base/OS image must contain an `os-release file`, either in `/etc/os-release`
|
||||||
or `/usr/lib/os-release`, in the standard format.
|
or `/usr/lib/os-release`, in the standard format.
|
||||||
|
|
||||||
2. The upper extension(s) image(s) must contain an extension-release file in
|
2. The upper extension images must contain an extension-release file in
|
||||||
`/usr/lib/extension-release.d/`, with an `ID=` and `SYSEXT_LEVEL=`/`VERSION_ID=`
|
`/usr/lib/extension-release.d/`, with an `ID=` and `SYSEXT_LEVEL=`/`VERSION_ID=`
|
||||||
matching the base image.
|
matching the base image.
|
||||||
|
|
||||||
3. The base/OS image does not need to have any unit files.
|
3. The base/OS image does not need to have any unit files.
|
||||||
|
|
||||||
4. The upper extension(s) image(s) must at least contain one matching unit file each,
|
4. The upper extension images must contain at least one matching unit file
|
||||||
with the right name prefix and suffix (see above).
|
each, with the right name prefix and suffix (see above).
|
||||||
|
|
||||||
5. As with the base/OS image, the upper extension(s) image(s) must be a plain
|
5. As with the base/OS image, each upper extension image must be a plain
|
||||||
sub-directory, a btrfs subvolume or a raw disk image.
|
sub-directory, btrfs subvolume, or a raw disk image.
|
||||||
|
|
||||||
```
|
```
|
||||||
# portablectl attach --extension foobar_0.7.23.raw debian-runtime_11.1.raw foobar
|
# portablectl attach --extension foobar_0.7.23.raw debian-runtime_11.1.raw foobar
|
||||||
|
|
|
@ -94,7 +94,7 @@
|
||||||
<orderedlist>
|
<orderedlist>
|
||||||
|
|
||||||
<listitem><para>Most prominently, the user may be queried interactively during volume activation
|
<listitem><para>Most prominently, the user may be queried interactively during volume activation
|
||||||
(i.e. typically at boot), asking them to type in the necessary passphrase(s).</para></listitem>
|
(i.e. typically at boot), asking them to type in the necessary passphrases.</para></listitem>
|
||||||
|
|
||||||
<listitem><para>The (unencrypted) key may be read from a file on disk, possibly on removable media. The third field
|
<listitem><para>The (unencrypted) key may be read from a file on disk, possibly on removable media. The third field
|
||||||
of each line encodes the location, for details see above.</para></listitem>
|
of each line encodes the location, for details see above.</para></listitem>
|
||||||
|
|
|
@ -175,7 +175,7 @@
|
||||||
<listitem><para>If <command>status</command> is invoked (or no explicit command is given) and one of these
|
<listitem><para>If <command>status</command> is invoked (or no explicit command is given) and one of these
|
||||||
switches is specified, <command>hostnamectl</command> will print out just this selected hostname.</para>
|
switches is specified, <command>hostnamectl</command> will print out just this selected hostname.</para>
|
||||||
|
|
||||||
<para>If used with <command>set-hostname</command>, only the selected hostname(s) will be updated. When more
|
<para>If used with <command>set-hostname</command>, only the selected hostnames will be updated. When more
|
||||||
than one of these switches are specified, all the specified hostnames will be updated. </para></listitem>
|
than one of these switches are specified, all the specified hostnames will be updated. </para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
|
|
@ -48,7 +48,7 @@
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><command>dump</command></term>
|
<term><command>dump</command></term>
|
||||||
|
|
||||||
<listitem><para>Show the current state of the cgroup(s) and system context(s) stored by
|
<listitem><para>Show the current state of the cgroups and system contexts stored by
|
||||||
<command>systemd-oomd</command>.</para></listitem>
|
<command>systemd-oomd</command>.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
|
||||||
|
|
|
@ -135,7 +135,7 @@
|
||||||
when <option>--no-reload</option> is specified (see below). This ensures that the new units made available to
|
when <option>--no-reload</option> is specified (see below). This ensures that the new units made available to
|
||||||
the service manager are seen by it.</para>
|
the service manager are seen by it.</para>
|
||||||
|
|
||||||
<para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are
|
<para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable services are
|
||||||
immediately started (blocking operation unless <option>--no-block</option> is passed) and/or enabled after
|
immediately started (blocking operation unless <option>--no-block</option> is passed) and/or enabled after
|
||||||
attaching the image.</para>
|
attaching the image.</para>
|
||||||
</listitem>
|
</listitem>
|
||||||
|
@ -151,7 +151,7 @@
|
||||||
files. This is a convenience feature to allow all arguments passed as <command>attach</command> also to
|
files. This is a convenience feature to allow all arguments passed as <command>attach</command> also to
|
||||||
<command>detach</command>.</para></listitem>
|
<command>detach</command>.</para></listitem>
|
||||||
|
|
||||||
<para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are
|
<para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable services are
|
||||||
immediately stopped (blocking operation) and/or disabled before detaching the image. Prefix(es) are also accepted,
|
immediately stopped (blocking operation) and/or disabled before detaching the image. Prefix(es) are also accepted,
|
||||||
to be used in case the unit names do not match the image name as described in the <command>attach</command>.</para>
|
to be used in case the unit names do not match the image name as described in the <command>attach</command>.</para>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
@ -165,7 +165,7 @@
|
||||||
character has to match. If the new image doesn't exist, the existing one will not be detached. The parameters
|
character has to match. If the new image doesn't exist, the existing one will not be detached. The parameters
|
||||||
follow the same syntax as the <command>attach</command> command.</para></listitem>
|
follow the same syntax as the <command>attach</command> command.</para></listitem>
|
||||||
|
|
||||||
<para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable service(s) are
|
<para>If <option>--now</option> and/or <option>--enable</option> are passed, the portable services are
|
||||||
immediately stopped if removed, started and/or enabled if added, or restarted if updated. Prefixes are also
|
immediately stopped if removed, started and/or enabled if added, or restarted if updated. Prefixes are also
|
||||||
accepted, in the same way as described in the <command>attach</command> case.</para>
|
accepted, in the same way as described in the <command>attach</command> case.</para>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
@ -362,7 +362,7 @@
|
||||||
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>
|
||||||
for the <varname>ExtensionImages=</varname> directive and for the
|
for the <varname>ExtensionImages=</varname> directive and for the
|
||||||
<citerefentry><refentrytitle>systemd-sysext</refentrytitle><manvolnum>8</manvolnum></citerefentry> tool.
|
<citerefentry><refentrytitle>systemd-sysext</refentrytitle><manvolnum>8</manvolnum></citerefentry> tool.
|
||||||
The image(s) must contain an <filename>extension-release</filename> file with metadata that matches
|
The images must contain an <filename>extension-release</filename> file with metadata that matches
|
||||||
what is defined in the <filename>os-release</filename> of <replaceable>IMAGE</replaceable>. See:
|
what is defined in the <filename>os-release</filename> of <replaceable>IMAGE</replaceable>. See:
|
||||||
<citerefentry><refentrytitle>os-release</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
|
<citerefentry><refentrytitle>os-release</refentrytitle><manvolnum>5</manvolnum></citerefentry>.
|
||||||
Images can be block images, btrfs subvolumes or directories. For more information on portable
|
Images can be block images, btrfs subvolumes or directories. For more information on portable
|
||||||
|
|
|
@ -742,7 +742,7 @@ $ systemd-analyze verify /tmp/source:alias.service
|
||||||
<refsect2>
|
<refsect2>
|
||||||
<title><command>systemd-analyze inspect-elf <replaceable>FILE</replaceable>...</command></title>
|
<title><command>systemd-analyze inspect-elf <replaceable>FILE</replaceable>...</command></title>
|
||||||
|
|
||||||
<para>This command will load the specified file(s), and if they are ELF objects (executables,
|
<para>This command will load the specified files, and if they are ELF objects (executables,
|
||||||
libraries, core files, etc.) it will parse the embedded packaging metadata, if any, and print
|
libraries, core files, etc.) it will parse the embedded packaging metadata, if any, and print
|
||||||
it in a table or json format. See the <ulink url="https://systemd.io/COREDUMP_PACKAGE_METADATA/">
|
it in a table or json format. See the <ulink url="https://systemd.io/COREDUMP_PACKAGE_METADATA/">
|
||||||
Packaging Metadata</ulink> documentation for more information.</para>
|
Packaging Metadata</ulink> documentation for more information.</para>
|
||||||
|
@ -902,7 +902,7 @@ $ systemd-analyze verify /tmp/source:alias.service
|
||||||
<term><option>--offline=<replaceable>BOOL</replaceable></option></term>
|
<term><option>--offline=<replaceable>BOOL</replaceable></option></term>
|
||||||
|
|
||||||
<listitem><para>With <command>security</command>, perform an offline security review
|
<listitem><para>With <command>security</command>, perform an offline security review
|
||||||
of the specified unit file(s), i.e. does not have to rely on PID 1 to acquire security
|
of the specified unit files, i.e. does not have to rely on PID 1 to acquire security
|
||||||
information for the files like the <command>security</command> verb when used by itself does.
|
information for the files like the <command>security</command> verb when used by itself does.
|
||||||
This means that <option>--offline=</option> can be used with <option>--root=</option> and
|
This means that <option>--offline=</option> can be used with <option>--root=</option> and
|
||||||
<option>--image=</option> as well. If a unit's overall exposure level is above that set by
|
<option>--image=</option> as well. If a unit's overall exposure level is above that set by
|
||||||
|
@ -914,7 +914,7 @@ $ systemd-analyze verify /tmp/source:alias.service
|
||||||
<term><option>--profile=<replaceable>PATH</replaceable></option></term>
|
<term><option>--profile=<replaceable>PATH</replaceable></option></term>
|
||||||
|
|
||||||
<listitem><para>With <command>security</command> <option>--offline=</option>, takes into
|
<listitem><para>With <command>security</command> <option>--offline=</option>, takes into
|
||||||
consideration the specified portable profile when assessing the unit(s) settings.
|
consideration the specified portable profile when assessing unit settings.
|
||||||
The profile can be passed by name, in which case the well-known system locations will
|
The profile can be passed by name, in which case the well-known system locations will
|
||||||
be searched, or it can be the full path to a specific drop-in file.</para></listitem>
|
be searched, or it can be the full path to a specific drop-in file.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
|
@ -923,7 +923,7 @@ $ systemd-analyze verify /tmp/source:alias.service
|
||||||
<term><option>--threshold=<replaceable>NUMBER</replaceable></option></term>
|
<term><option>--threshold=<replaceable>NUMBER</replaceable></option></term>
|
||||||
|
|
||||||
<listitem><para>With <command>security</command>, allow the user to set a custom value
|
<listitem><para>With <command>security</command>, allow the user to set a custom value
|
||||||
to compare the overall exposure level with, for the specified unit file(s). If a unit's
|
to compare the overall exposure level with, for the specified unit files. If a unit's
|
||||||
overall exposure level, is greater than that set by the user, <command>security</command>
|
overall exposure level, is greater than that set by the user, <command>security</command>
|
||||||
will return an error. <option>--threshold=</option> can be used with <option>--offline=</option>
|
will return an error. <option>--threshold=</option> can be used with <option>--offline=</option>
|
||||||
as well and its default value is 100.</para></listitem>
|
as well and its default value is 100.</para></listitem>
|
||||||
|
|
|
@ -29,7 +29,7 @@
|
||||||
<title>Description</title>
|
<title>Description</title>
|
||||||
|
|
||||||
<para><filename>systemd-getty-generator</filename> is a generator that automatically instantiates
|
<para><filename>systemd-getty-generator</filename> is a generator that automatically instantiates
|
||||||
<filename>serial-getty@.service</filename> on the kernel console(s), if they can function as ttys and are
|
<filename>serial-getty@.service</filename> on the kernel consoles, if they can function as ttys and are
|
||||||
not provided by the virtual console subsystem. It will also instantiate
|
not provided by the virtual console subsystem. It will also instantiate
|
||||||
<filename>serial-getty@.service</filename> instances for virtualizer consoles, if execution in a
|
<filename>serial-getty@.service</filename> instances for virtualizer consoles, if execution in a
|
||||||
virtualized environment is detected. If execution in a container environment is detected, it will instead
|
virtualized environment is detected. If execution in a container environment is detected, it will instead
|
||||||
|
|
|
@ -162,7 +162,7 @@
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><option>--phase=</option><replaceable>PHASE</replaceable></term>
|
<term><option>--phase=</option><replaceable>PHASE</replaceable></term>
|
||||||
|
|
||||||
<listitem><para>Controls which boot phase(s) to calculate expected PCR 11 values for. This takes a
|
<listitem><para>Controls which boot phases to calculate expected PCR 11 values for. This takes a
|
||||||
series of colon-separated strings that encode boot "paths" for entering a specific phase of the boot
|
series of colon-separated strings that encode boot "paths" for entering a specific phase of the boot
|
||||||
process. Each of the specified strings is measured by the
|
process. Each of the specified strings is measured by the
|
||||||
<filename>systemd-pcrphase-initrd.service</filename> and
|
<filename>systemd-pcrphase-initrd.service</filename> and
|
||||||
|
|
|
@ -198,7 +198,7 @@
|
||||||
details on the various time units understood. The <varname>TriggerLimitBurst=</varname> setting takes
|
details on the various time units understood. The <varname>TriggerLimitBurst=</varname> setting takes
|
||||||
a positive integer value and specifies the number of permitted activations per time interval, and
|
a positive integer value and specifies the number of permitted activations per time interval, and
|
||||||
defaults to 200. Set either to 0 to disable any form of trigger rate limiting. If the limit is hit,
|
defaults to 200. Set either to 0 to disable any form of trigger rate limiting. If the limit is hit,
|
||||||
the unit is placed into a failure mode, and will not watch the path(s) anymore until restarted. Note
|
the unit is placed into a failure mode, and will not watch the paths anymore until restarted. Note
|
||||||
that this limit is enforced before the service activation is enqueued.</para></listitem>
|
that this limit is enforced before the service activation is enqueued.</para></listitem>
|
||||||
</varlistentry>
|
</varlistentry>
|
||||||
</variablelist>
|
</variablelist>
|
||||||
|
|
|
@ -852,7 +852,7 @@ RestrictNetworkInterfaces=~eth1</programlisting>
|
||||||
<para>Control access to specific device nodes by the executed processes. Takes two space-separated
|
<para>Control access to specific device nodes by the executed processes. Takes two space-separated
|
||||||
strings: a device node specifier followed by a combination of <constant>r</constant>,
|
strings: a device node specifier followed by a combination of <constant>r</constant>,
|
||||||
<constant>w</constant>, <constant>m</constant> to control <emphasis>r</emphasis>eading,
|
<constant>w</constant>, <constant>m</constant> to control <emphasis>r</emphasis>eading,
|
||||||
<emphasis>w</emphasis>riting, or creation of the specific device node(s) by the unit
|
<emphasis>w</emphasis>riting, or creation of the specific device nodes by the unit
|
||||||
(<emphasis>m</emphasis>knod), respectively. This functionality is implemented using eBPF
|
(<emphasis>m</emphasis>knod), respectively. This functionality is implemented using eBPF
|
||||||
filtering.</para>
|
filtering.</para>
|
||||||
|
|
||||||
|
|
|
@ -467,7 +467,7 @@
|
||||||
|
|
||||||
<varlistentry>
|
<varlistentry>
|
||||||
<term><varname>ExecCondition=</varname></term>
|
<term><varname>ExecCondition=</varname></term>
|
||||||
<listitem><para>Optional commands that are executed before the command(s) in <varname>ExecStartPre=</varname>.
|
<listitem><para>Optional commands that are executed before the commands in <varname>ExecStartPre=</varname>.
|
||||||
Syntax is the same as for <varname>ExecStart=</varname>, except that multiple command lines are allowed and the
|
Syntax is the same as for <varname>ExecStart=</varname>, except that multiple command lines are allowed and the
|
||||||
commands are executed one after the other, serially.</para>
|
commands are executed one after the other, serially.</para>
|
||||||
|
|
||||||
|
@ -476,7 +476,7 @@
|
||||||
commands are skipped and the unit is <emphasis>not</emphasis> marked as failed. However, if an
|
commands are skipped and the unit is <emphasis>not</emphasis> marked as failed. However, if an
|
||||||
<varname>ExecCondition=</varname> command exits with 255 or abnormally (e.g. timeout, killed by a
|
<varname>ExecCondition=</varname> command exits with 255 or abnormally (e.g. timeout, killed by a
|
||||||
signal, etc.), the unit will be considered failed (and remaining commands will be skipped). Exit code of 0 or
|
signal, etc.), the unit will be considered failed (and remaining commands will be skipped). Exit code of 0 or
|
||||||
those matching <varname>SuccessExitStatus=</varname> will continue execution to the next command(s).</para>
|
those matching <varname>SuccessExitStatus=</varname> will continue execution to the next commands.</para>
|
||||||
|
|
||||||
<para>The same recommendations about not running long-running processes in <varname>ExecStartPre=</varname>
|
<para>The same recommendations about not running long-running processes in <varname>ExecStartPre=</varname>
|
||||||
also applies to <varname>ExecCondition=</varname>. <varname>ExecCondition=</varname> will also run the commands
|
also applies to <varname>ExecCondition=</varname>. <varname>ExecCondition=</varname> will also run the commands
|
||||||
|
|
|
@ -220,9 +220,8 @@ tomorrow Pacific/Auckland → Thu 2012-11-23 19:00:00
|
||||||
times starting with the start value, and continuing with all multiples of the repetition value relative
|
times starting with the start value, and continuing with all multiples of the repetition value relative
|
||||||
to the start value, ending at the end value the latest.</para>
|
to the start value, ending at the end value the latest.</para>
|
||||||
|
|
||||||
<para>A date specification may use <literal>~</literal> to indicate the
|
<para>A date specification may use <literal>~</literal> to indicate the last day in a month. For example,
|
||||||
last day(s) in a month. For example, <literal>*-02~03</literal> means
|
<literal>*-02~03</literal> means "the third last day in February," and <literal>Mon *-05~07/1</literal>
|
||||||
"the third last day in February," and <literal>Mon *-05~07/1</literal>
|
|
||||||
means "the last Monday in May."</para>
|
means "the last Monday in May."</para>
|
||||||
|
|
||||||
<para>The seconds component may contain decimal fractions both in
|
<para>The seconds component may contain decimal fractions both in
|
||||||
|
|
|
@ -418,8 +418,8 @@ L /tmp/foobar - - - - /dev/null</programlisting>
|
||||||
place of normal path names.</para>
|
place of normal path names.</para>
|
||||||
|
|
||||||
<para>The format of the argument field is <varname>[+-=][aAcCdDeijPsStTu]</varname>. The prefix
|
<para>The format of the argument field is <varname>[+-=][aAcCdDeijPsStTu]</varname>. The prefix
|
||||||
<varname>+</varname> (the default one) causes the attribute(s) to be added; <varname>-</varname>
|
<varname>+</varname> (the default one) causes the attributes to be added; <varname>-</varname>
|
||||||
causes the attribute(s) to be removed; <varname>=</varname> causes the attributes to be set exactly
|
causes the attributes to be removed; <varname>=</varname> causes the attributes to be set exactly
|
||||||
as the following letters. The letters <literal>aAcCdDeijPsStTu</literal> select the new attributes
|
as the following letters. The letters <literal>aAcCdDeijPsStTu</literal> select the new attributes
|
||||||
for the files, see <citerefentry project='man-pages'><refentrytitle>chattr</refentrytitle>
|
for the files, see <citerefentry project='man-pages'><refentrytitle>chattr</refentrytitle>
|
||||||
<manvolnum>1</manvolnum></citerefentry> for further information.
|
<manvolnum>1</manvolnum></citerefentry> for further information.
|
||||||
|
|
|
@ -800,9 +800,9 @@
|
||||||
…
|
…
|
||||||
</title>
|
</title>
|
||||||
|
|
||||||
<para><command>udevadm lock</command> takes an (advisory) exclusive lock(s) on a block device (or
|
<para><command>udevadm lock</command> takes an (advisory) exclusive lock on a block device (or all
|
||||||
multiple thereof), as per <ulink url="https://systemd.io/BLOCK_DEVICE_LOCKING">Locking Block Device
|
specified devices), as per <ulink url="https://systemd.io/BLOCK_DEVICE_LOCKING">Locking Block Device
|
||||||
Access</ulink> and invokes a program with the lock(s) taken. When the invoked program exits the lock(s)
|
Access</ulink> and invokes a program with the locks taken. When the invoked program exits the locks
|
||||||
are automatically released and its return value is propagated as exit code of <command>udevadm
|
are automatically released and its return value is propagated as exit code of <command>udevadm
|
||||||
lock</command>.</para>
|
lock</command>.</para>
|
||||||
|
|
||||||
|
@ -861,8 +861,8 @@
|
||||||
<term><option>--print</option></term>
|
<term><option>--print</option></term>
|
||||||
<term><option>-p</option></term>
|
<term><option>-p</option></term>
|
||||||
|
|
||||||
<listitem><para>Instead of locking the specified device(s) and executing a command, just print the
|
<listitem><para>Instead of locking the specified devices and executing a command, just print the
|
||||||
device path(s) that would be locked, and execute no command. This command is useful to determine
|
device paths that would be locked, and execute no command. This command is useful to determine
|
||||||
the "whole" block device in case a partition block device is specified. The devices will be sorted
|
the "whole" block device in case a partition block device is specified. The devices will be sorted
|
||||||
by their device node major number as primary ordering key and the minor number as secondary
|
by their device node major number as primary ordering key and the minor number as secondary
|
||||||
ordering key (i.e. they are shown in the order they'd be locked). Note that the number of lines
|
ordering key (i.e. they are shown in the order they'd be locked). Note that the number of lines
|
||||||
|
|
|
@ -5,7 +5,7 @@
|
||||||
{
|
{
|
||||||
local -a _oomctl_cmds
|
local -a _oomctl_cmds
|
||||||
_oomctl_cmds=(
|
_oomctl_cmds=(
|
||||||
"dump:Show the current state of the cgroup(s) and system context(s)"
|
"dump:Show the current state of cgroups and system contexts"
|
||||||
"help:Prints a short help text and exits."
|
"help:Prints a short help text and exits."
|
||||||
)
|
)
|
||||||
if (( CURRENT == 1 )); then
|
if (( CURRENT == 1 )); then
|
||||||
|
|
|
@ -96,9 +96,9 @@ _arguments \
|
||||||
'--recursive-errors=[When verifying a unit, control dependency verification]:MODE' \
|
'--recursive-errors=[When verifying a unit, control dependency verification]:MODE' \
|
||||||
'--offline=[Perform a security review of the specified unit files]:BOOL:(yes no)' \
|
'--offline=[Perform a security review of the specified unit files]:BOOL:(yes no)' \
|
||||||
'--threshold=[Set a value to compare the overall security exposure level with]: NUMBER' \
|
'--threshold=[Set a value to compare the overall security exposure level with]: NUMBER' \
|
||||||
'--security-policy=[Allow user to use customized requirements to compare unit file(s) against]: PATH' \
|
'--security-policy=[Use customized requirements to compare unit files against]: PATH' \
|
||||||
'--json=[Generate a JSON output of the security analysis table]:MODE:(pretty short off)' \
|
'--json=[Generate a JSON output of the security analysis table]:MODE:(pretty short off)' \
|
||||||
'--profile=[Include the specified profile in the security review of the unit(s)]: PATH' \
|
'--profile=[Include the specified profile in the security review of units]: PATH' \
|
||||||
'--no-pager[Do not pipe output into a pager]' \
|
'--no-pager[Do not pipe output into a pager]' \
|
||||||
'--man=[Do (not) check for existence of man pages]:BOOL:(yes no)' \
|
'--man=[Do (not) check for existence of man pages]:BOOL:(yes no)' \
|
||||||
'--generators=[Do (not) run unit generators]:BOOL:(yes no)' \
|
'--generators=[Do (not) run unit generators]:BOOL:(yes no)' \
|
||||||
|
|
|
@ -389,7 +389,7 @@ filesystem_includes = ['linux/magic.h',
|
||||||
check_filesystems = find_program('check-filesystems.sh')
|
check_filesystems = find_program('check-filesystems.sh')
|
||||||
r = run_command([check_filesystems, cpp, files('filesystems-gperf.gperf')] + filesystem_includes, check: false)
|
r = run_command([check_filesystems, cpp, files('filesystems-gperf.gperf')] + filesystem_includes, check: false)
|
||||||
if r.returncode() != 0
|
if r.returncode() != 0
|
||||||
error('found unknown filesystem(s) defined in kernel headers:\n\n' + r.stdout())
|
error('Unknown filesystems defined in kernel headers:\n\n' + r.stdout())
|
||||||
r.stdout()
|
r.stdout()
|
||||||
endif
|
endif
|
||||||
|
|
||||||
|
|
|
@ -821,7 +821,7 @@ static void timer_time_change(Unit *u) {
|
||||||
|
|
||||||
/* If we appear to have triggered in the future, the system clock must
|
/* If we appear to have triggered in the future, the system clock must
|
||||||
* have been set backwards. So let's rewind our own clock and allow
|
* have been set backwards. So let's rewind our own clock and allow
|
||||||
* the future trigger(s) to happen again :). Exactly the same as when
|
* the future triggers to happen again :). Exactly the same as when
|
||||||
* you start a timer unit with Persistent=yes. */
|
* you start a timer unit with Persistent=yes. */
|
||||||
ts = now(CLOCK_REALTIME);
|
ts = now(CLOCK_REALTIME);
|
||||||
if (t->last_trigger.realtime > ts)
|
if (t->last_trigger.realtime > ts)
|
||||||
|
|
|
@ -772,7 +772,7 @@ typedef struct UnitVTable {
|
||||||
/* True if queued jobs of this type should be GC'ed if no other job needs them anymore */
|
/* True if queued jobs of this type should be GC'ed if no other job needs them anymore */
|
||||||
bool gc_jobs;
|
bool gc_jobs;
|
||||||
|
|
||||||
/* True if systemd-oomd can monitor and act on this unit's recursive children's cgroup(s) */
|
/* True if systemd-oomd can monitor and act on this unit's recursive children's cgroups */
|
||||||
bool can_set_managed_oom;
|
bool can_set_managed_oom;
|
||||||
} UnitVTable;
|
} UnitVTable;
|
||||||
|
|
||||||
|
|
|
@ -608,7 +608,7 @@ static int lease_parse_6rd(sd_dhcp_lease *lease, const uint8_t *option, size_t l
|
||||||
memcpy(&prefix, option + 2, sizeof(struct in6_addr));
|
memcpy(&prefix, option + 2, sizeof(struct in6_addr));
|
||||||
(void) in6_addr_mask(&prefix, prefixlen);
|
(void) in6_addr_mask(&prefix, prefixlen);
|
||||||
|
|
||||||
/* 6rdBRIPv4Address: One or more IPv4 addresses of the 6rd Border Relay(s) for a given 6rd domain. */
|
/* 6rdBRIPv4Address: One or more IPv4 addresses of the 6rd Border Relays for a given 6rd domain. */
|
||||||
n_br_addresses = (len - 2 - sizeof(struct in6_addr)) / sizeof(struct in_addr);
|
n_br_addresses = (len - 2 - sizeof(struct in6_addr)) / sizeof(struct in_addr);
|
||||||
br_addresses = newdup(struct in_addr, option + 2 + sizeof(struct in6_addr), n_br_addresses);
|
br_addresses = newdup(struct in_addr, option + 2 + sizeof(struct in6_addr), n_br_addresses);
|
||||||
if (!br_addresses)
|
if (!br_addresses)
|
||||||
|
|
|
@ -123,10 +123,10 @@ int manager_genl_process_nl80211_config(sd_netlink *genl, sd_netlink_message *me
|
||||||
}
|
}
|
||||||
if (r >= 0) {
|
if (r >= 0) {
|
||||||
if (len == 0) {
|
if (len == 0) {
|
||||||
log_link_debug(link, "nl80211: received SSID has zero length, ignoring the received SSID: %m");
|
log_link_debug(link, "nl80211: received SSID has zero length, ignoring it: %m");
|
||||||
ssid = mfree(ssid);
|
ssid = mfree(ssid);
|
||||||
} else if (strlen_ptr(ssid) != len) {
|
} else if (strlen_ptr(ssid) != len) {
|
||||||
log_link_debug(link, "nl80211: received SSID contains NUL character(s), ignoring the received SSID.");
|
log_link_debug(link, "nl80211: received SSID contains NUL characters, ignoring it.");
|
||||||
ssid = mfree(ssid);
|
ssid = mfree(ssid);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -403,7 +403,7 @@ static int monitor_swap_contexts_handler(sd_event_source *s, uint64_t usec, void
|
||||||
if (r == -ENOMEM)
|
if (r == -ENOMEM)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_notice_errno(r, "Failed to kill any cgroup(s) based on swap: %m");
|
log_notice_errno(r, "Failed to kill any cgroups based on swap: %m");
|
||||||
else {
|
else {
|
||||||
if (selected && r > 0) {
|
if (selected && r > 0) {
|
||||||
log_notice("Killed %s due to memory used (%"PRIu64") / total (%"PRIu64") and "
|
log_notice("Killed %s due to memory used (%"PRIu64") / total (%"PRIu64") and "
|
||||||
|
@ -520,7 +520,7 @@ static int monitor_memory_pressure_contexts_handler(sd_event_source *s, uint64_t
|
||||||
if (r == -ENOMEM)
|
if (r == -ENOMEM)
|
||||||
return log_oom();
|
return log_oom();
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
log_notice_errno(r, "Failed to kill any cgroup(s) under %s based on pressure: %m", t->path);
|
log_notice_errno(r, "Failed to kill any cgroups under %s based on pressure: %m", t->path);
|
||||||
else {
|
else {
|
||||||
/* Don't act on all the high pressure cgroups at once; return as soon as we kill one.
|
/* Don't act on all the high pressure cgroups at once; return as soon as we kill one.
|
||||||
* If r == 0 then it means there were not eligible candidates, the candidate cgroup
|
* If r == 0 then it means there were not eligible candidates, the candidate cgroup
|
||||||
|
|
|
@ -449,7 +449,7 @@ int ethtool_set_wol(
|
||||||
_cleanup_free_ char *str = NULL;
|
_cleanup_free_ char *str = NULL;
|
||||||
|
|
||||||
(void) wol_options_to_string_alloc(wolopts & ~ecmd.supported, &str);
|
(void) wol_options_to_string_alloc(wolopts & ~ecmd.supported, &str);
|
||||||
log_debug("Network interface %s does not support requested Wake on LAN option(s) \"%s\", ignoring.",
|
log_debug("Network interface %s does not support requested Wake on LAN options \"%s\", ignoring.",
|
||||||
ifname, strna(str));
|
ifname, strna(str));
|
||||||
|
|
||||||
wolopts &= ecmd.supported;
|
wolopts &= ecmd.supported;
|
||||||
|
|
|
@ -142,7 +142,7 @@ int table_print_with_pager(Table *t, JsonFormatFlags json_format_flags, PagerFla
|
||||||
int table_set_json_field_name(Table *t, size_t column, const char *name);
|
int table_set_json_field_name(Table *t, size_t column, const char *name);
|
||||||
|
|
||||||
#define table_log_add_error(r) \
|
#define table_log_add_error(r) \
|
||||||
log_error_errno(r, "Failed to add cell(s) to table: %m")
|
log_error_errno(r, "Failed to add cells to table: %m")
|
||||||
|
|
||||||
#define table_log_print_error(r) \
|
#define table_log_print_error(r) \
|
||||||
log_error_errno(r, "Failed to print table: %m")
|
log_error_errno(r, "Failed to print table: %m")
|
||||||
|
|
|
@ -60,10 +60,10 @@ int wifi_get_interface(sd_netlink *genl, int ifindex, enum nl80211_iftype *ret_i
|
||||||
return log_debug_errno(r, "Failed to get NL80211_ATTR_SSID attribute: %m");
|
return log_debug_errno(r, "Failed to get NL80211_ATTR_SSID attribute: %m");
|
||||||
if (r >= 0) {
|
if (r >= 0) {
|
||||||
if (len == 0) {
|
if (len == 0) {
|
||||||
log_debug("SSID has zero length, ignoring the received SSID.");
|
log_debug("SSID has zero length, ignoring it.");
|
||||||
ssid = mfree(ssid);
|
ssid = mfree(ssid);
|
||||||
} else if (strlen_ptr(ssid) != len) {
|
} else if (strlen_ptr(ssid) != len) {
|
||||||
log_debug("SSID contains NUL character(s), ignoring the received SSID.");
|
log_debug("SSID contains NUL characters, ignoring it.");
|
||||||
ssid = mfree(ssid);
|
ssid = mfree(ssid);
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
|
@ -367,7 +367,7 @@ static int run_editor(char **paths) {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
log_error("Cannot edit unit(s), no editor available. Please set either $SYSTEMD_EDITOR, $EDITOR or $VISUAL.");
|
log_error("Cannot edit units, no editor available. Please set either $SYSTEMD_EDITOR, $EDITOR or $VISUAL.");
|
||||||
_exit(EXIT_FAILURE);
|
_exit(EXIT_FAILURE);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -1065,8 +1065,8 @@ static int help(int argc, char *argv[], void *userdata) {
|
||||||
"\nCommands:\n"
|
"\nCommands:\n"
|
||||||
" user [USER…] Inspect user\n"
|
" user [USER…] Inspect user\n"
|
||||||
" group [GROUP…] Inspect group\n"
|
" group [GROUP…] Inspect group\n"
|
||||||
" users-in-group [GROUP…] Show users that are members of specified group(s)\n"
|
" users-in-group [GROUP…] Show users that are members of specified groups\n"
|
||||||
" groups-of-user [USER…] Show groups the specified user(s) is a member of\n"
|
" groups-of-user [USER…] Show groups the specified users are members of\n"
|
||||||
" services Show enabled database services\n"
|
" services Show enabled database services\n"
|
||||||
" ssh-authorized-keys USER Show SSH authorized keys for user\n"
|
" ssh-authorized-keys USER Show SSH authorized keys for user\n"
|
||||||
"\nOptions:\n"
|
"\nOptions:\n"
|
||||||
|
|
|
@ -85,7 +85,7 @@ template:
|
||||||
zone:
|
zone:
|
||||||
# Create our own DNSSEC-aware root zone, so we can test the whole chain of
|
# Create our own DNSSEC-aware root zone, so we can test the whole chain of
|
||||||
# trust. This needs a ZSK/KSK keypair to be generated before running knot +
|
# trust. This needs a ZSK/KSK keypair to be generated before running knot +
|
||||||
# adding the respective key(s) to resolved's trust anchor store (see the
|
# adding the respective keys to resolved's trust anchor store (see the
|
||||||
# test script for the setup steps).
|
# test script for the setup steps).
|
||||||
- domain: .
|
- domain: .
|
||||||
dnssec-policy: manual
|
dnssec-policy: manual
|
||||||
|
|
|
@ -827,7 +827,7 @@ class Utilities():
|
||||||
return False
|
return False
|
||||||
|
|
||||||
def wait_online(self, links_with_operstate, timeout='20s', bool_any=False, ipv4=False, ipv6=False, setup_state='configured', setup_timeout=5):
|
def wait_online(self, links_with_operstate, timeout='20s', bool_any=False, ipv4=False, ipv6=False, setup_state='configured', setup_timeout=5):
|
||||||
"""Wait for the link(s) to reach the specified operstate and/or setup state.
|
"""Wait for the links to reach the specified operstate and/or setup state.
|
||||||
|
|
||||||
This is similar to wait_operstate() but can be used for multiple links,
|
This is similar to wait_operstate() but can be used for multiple links,
|
||||||
and it also calls systemd-networkd-wait-online to wait for the given operstate.
|
and it also calls systemd-networkd-wait-online to wait for the given operstate.
|
||||||
|
@ -843,10 +843,10 @@ class Utilities():
|
||||||
Set 'ipv4' or 'ipv6' to True to wait for IPv4 address or IPv6 address, respectively, of each of the given links.
|
Set 'ipv4' or 'ipv6' to True to wait for IPv4 address or IPv6 address, respectively, of each of the given links.
|
||||||
This is applied only for the operational state 'degraded' or above.
|
This is applied only for the operational state 'degraded' or above.
|
||||||
|
|
||||||
Note that this function waits for the link(s) to reach *or exceed* the given operstate.
|
Note that this function waits for the links to reach *or exceed* the given operstate.
|
||||||
However, the setup_state, if specified, must be matched *exactly*.
|
However, the setup_state, if specified, must be matched *exactly*.
|
||||||
|
|
||||||
This returns if the link(s) reached the requested operstate/setup_state; otherwise it
|
This returns if the links reached the requested operstate/setup_state; otherwise it
|
||||||
raises CalledProcessError or fails test assertion.
|
raises CalledProcessError or fails test assertion.
|
||||||
"""
|
"""
|
||||||
args = wait_online_cmd + [f'--timeout={timeout}'] + [f'--interface={link}' for link in links_with_operstate]
|
args = wait_online_cmd + [f'--timeout={timeout}'] + [f'--interface={link}' for link in links_with_operstate]
|
||||||
|
|
|
@ -72,7 +72,7 @@ systemctl stop --job-mode=replace-irreversibly unstoppable.service
|
||||||
# Shutdown of the container/VM will hang if not.
|
# Shutdown of the container/VM will hang if not.
|
||||||
systemctl start unstoppable.service
|
systemctl start unstoppable.service
|
||||||
|
|
||||||
# Test waiting for a started unit(s) to terminate again
|
# Test waiting for a started units to terminate again
|
||||||
cat <<EOF >/run/systemd/system/wait2.service
|
cat <<EOF >/run/systemd/system/wait2.service
|
||||||
[Unit]
|
[Unit]
|
||||||
Description=Wait for 2 seconds
|
Description=Wait for 2 seconds
|
||||||
|
|
|
@ -21,7 +21,7 @@
|
||||||
# upon a normal shutdown (shutdown, reboot, halt).
|
# upon a normal shutdown (shutdown, reboot, halt).
|
||||||
#
|
#
|
||||||
# To configure the kernel parameters, uncomment the appropriate
|
# To configure the kernel parameters, uncomment the appropriate
|
||||||
# line(s) below. The value written is either 'Y' to enable the
|
# lines below. The value written is either 'Y' to enable the
|
||||||
# kernel parameter, or 'N' to disable the kernel parameter.
|
# kernel parameter, or 'N' to disable the kernel parameter.
|
||||||
#
|
#
|
||||||
# After making a change to this file, do:
|
# After making a change to this file, do:
|
||||||
|
|
Loading…
Reference in a new issue