Find a file
Lennart Poettering 9fac502920 nspawn,pid1: pass "inaccessible" nodes from cntr mgr to pid1 payload via /run/host
Let's make /run/host the sole place we pass stuff from host to container
in and place the "inaccessible" nodes in /run/host too.

In contrast to the previous two commits this is a minor compat break, but
not a relevant one I think. Previously the container manager would place
these nodes in /run/systemd/inaccessible/ and that's where PID 1 in the
container would try to add them too when missing. Container manager and
PID 1 in the container would thus manage the same dir together.

With this change the container manager now passes an immutable directory
to the container and leaves /run/systemd entirely untouched, and managed
exclusively by PID 1 inside the container, which is nice to have clear
separation on who manages what.

In order to make sure systemd then usses the /run/host/inaccesible/
nodes this commit changes PID 1 to look for that dir and if it exists
will symlink it to /run/systemd/inaccessible.

Now, this will work fine if new nspawn and new pid 1 in the container
work together. as then the symlink is created and the difference between
the two dirs won't matter.

For the case where an old nspawn invokes a new PID 1: in this case
things work as they always worked: the dir is managed together.

For the case where different container manager invokes a new PID 1: in
this case the nodes aren't typically passed in, and PID 1 in the
container will try to create them and will likely fail partially (though
gracefully) when trying to create char/block device nodes. THis is fine
though as there are fallbacks in place for that case.

For the case where a new nspawn invokes an old PID1: this is were the
(minor) incompatibily happens: in this case new nspawn will place the
nodes in the /run/host/inaccessible/ subdir, but the PID 1 in the
container won't look for them there. Since the nodes are also not
pre-created in /run/systed/inaccessible/ PID 1 will try to create them
there as if a different container manager sets them up. This is of
course not sexy, but is not a total loss, since as mentioned fallbacks
are in place anyway. Hence I think it's OK to accept this minor
incompatibility.
2020-08-20 10:17:52 +02:00
.github Revert "ci: turn off the "upstream-systemd-ci" ppa" 2020-07-15 08:59:25 +02:00
.lgtm/cpp-queries lgtm: complain about accept() [people should use accept4() instead, due to O_CLOEXEC] 2019-04-10 20:03:38 +02:00
.mkosi Update mkosi.ubuntu to 'focal' 2020-07-23 16:44:09 +02:00
catalog catalog: update Polish translation 2020-07-26 11:28:29 +02:00
coccinelle tree-wide: use set_ensure_put() 2020-06-22 16:32:37 +02:00
docs Merge pull request #16690 from poettering/userdb-group-desc 2020-08-11 00:27:54 -07:00
factory/etc man: move 'files' module in NSS 'hosts:' line before myhostname 2020-08-17 18:55:59 +02:00
hwdb.d hwdb: ACCEL_MOUNT_MATRIX quirk for Acer SP111-32* 2020-08-17 18:57:53 +02:00
man basic/virt: treat "pouch" as a container type (id: pouch) 2020-08-20 09:48:13 +02:00
modprobe.d Add SPDX license headers to various assorted files 2017-11-19 19:08:15 +01:00
network network: add TUN/TAP vt-* network rule for VMs 2020-04-17 19:15:00 +02:00
po l10n: update Czech Translation 2020-07-01 17:44:20 +02:00
presets Revert "presets: "disable" all passive targets by default" 2020-05-26 20:51:58 +02:00
rules.d udev: split attribute assignment for MMC cards 2020-06-25 18:40:45 +02:00
semaphoreci semaphoreci: update Debian release to bullseye 2020-07-24 01:45:44 +03:00
shell-completion homed: default to "btrfs" as fs type in the LUKS backend 2020-08-19 15:46:07 +02:00
src nspawn,pid1: pass "inaccessible" nodes from cntr mgr to pid1 payload via /run/host 2020-08-20 10:17:52 +02:00
sysctl.d sysctl: enable coredump for suid binaries 2020-04-07 15:28:46 +02:00
sysusers.d sysusers,tmpfiles: re-create systemd-network, systemd-resolve and systemd-timesync 2018-07-16 17:11:50 +02:00
test nspawn: move $NOTIFY_SOCKET into /run/host/ too 2020-08-20 10:17:48 +02:00
tmpfiles.d tmpfiles: don't complain if we can't enable pstore in containers 2020-05-25 16:43:35 +02:00
tools tools/make-man-index: fix purpose text that contains tags 2020-08-17 18:32:51 +02:00
travis-ci travis: compile with -O1 with clang 2020-07-21 02:00:04 +09:00
units units: order volatile-root after repart 2020-08-11 09:12:56 +02:00
xorg scripts: use 4 space indentation 2019-04-12 08:30:31 +02:00
.clang-format clang-format: set Break afer enum to false 2020-07-19 15:44:04 +02:00
.ctags editors: Prevent ctags from following symlinks 2019-02-15 11:01:20 -08:00
.dir-locals.el scripts: use 4 space indentation 2019-04-12 08:30:31 +02:00
.editorconfig editorconfig: add man configuration 2020-05-26 15:37:05 +02:00
.gitattributes git: indicate that tabs are never OK in the systemd tree 2013-10-30 02:25:38 +01:00
.gitignore mkosi: Keep mkosi.default out of the repository. 2020-07-16 21:44:02 +01:00
.lgtm.yml lgtm: drop the TMPDIR/meson workaround 2020-03-03 20:27:42 +01:00
.mailmap NEWS: update contributors list for v246-pre 2020-07-23 17:30:54 +02:00
.travis.yml coverity: switch back to Fedora 31 2020-07-12 22:00:16 +00:00
.vimrc scripts: use 4 space indentation 2019-04-12 08:30:31 +02:00
.ycm_extra_conf.py ycm: add doc string for all the functions in configuration file 2017-11-29 13:21:49 -07:00
azure-pipelines.yml Free up some resources on Azure Pipelines 2019-07-17 13:28:38 +09:00
configure treewide: more portable bash shebangs 2020-03-05 17:27:07 +01:00
LICENSE.GPL2 relicense to LGPLv2.1 (with exceptions) 2012-04-12 00:24:39 +02:00
LICENSE.LGPL2.1 licence: remove references to old FSF address 2012-12-17 11:41:31 +01:00
Makefile build-sys: Fix Makefile wrapper for install target (#6548) 2017-08-07 11:29:20 +02:00
meson.build Merge pull request #16771 from poettering/dyn-pwq 2020-08-19 15:40:41 +02:00
meson_options.txt build-sys: add libfido2 as optional dependency 2020-07-01 11:17:28 +02:00
mkosi.build mkosi: Unify environment for unit tests 2020-04-22 10:35:12 +02:00
NEWS NEWS: clarify two points 2020-08-01 11:54:26 +02:00
README meson: add min version for libfdisk 2020-08-19 10:18:33 +02:00
README.md README: add reference to systemd.io 2020-06-16 13:34:04 +02:00
TODO update TODO 2020-08-19 10:04:08 +02:00
zanata.xml po: add basic fedora.zanata.org configuration 2018-02-19 13:56:57 +01:00

Systemd

System and Service Manager

Count of open issues over time Count of open pull requests over time Semaphore CI Build Status
Coverity Scan Status
OSS-Fuzz Status
CIFuzz
CII Best Practices
Travis CI Build Status
Language Grade: C/C++
CentOS CI Build Status
Build Status
Fossies codespell report
Packaging status

Details

Most documentation is available on systemd's web site.

Assorted, older, general information about systemd can be found in the systemd Wiki.

Information about build requirements is provided in the README file.

Consult our NEWS file for information about what's new in the most recent systemd versions.

Please see the Hacking guide for information on how to hack on systemd and test your modifications.

Please see our Contribution Guidelines for more information about filing GitHub Issues and posting GitHub Pull Requests.

When preparing patches for systemd, please follow our Coding Style Guidelines.

If you are looking for support, please contact our mailing list or join our IRC channel.

Stable branches with backported patches are available in the stable repo.