morgan/systemd
1
0
Fork 0
mirror of https://github.com/morgan9e/systemd synced 2026-04-14 00:14:32 +09:00
Code Issues Packages Projects Releases Wiki Activity

Add systemd-analyze verb to list runtime unit properties (#37665)

Browse Source
This commit is contained in:
Yu Watanabe
2025-07-04 11:47:38 +09:00
committed by GitHub
parent bfa39a8654 01383af1c1
commit c2f3bb742b
31 changed files with 2675 additions and 2519 deletions
Download Patch File Download Diff File Expand all files Collapse all files

403
docs/TRANSIENT-SETTINGS.md
View File

@@ -21,88 +21,131 @@ Most generic unit settings are available for transient units.
```
✓ Description=
✓ Documentation=
✓ SourcePath=
Requires=
Requisite=
Wants=
BindsTo=
Conflicts=
Before=
After=
OnFailure=
✓ PropagatesReloadTo=
✓ ReloadPropagatedFrom=
✓ PartOf=
✓ Upholds=
✓ JoinsNamespaceOf=
✓ RequiresMountsFor=
OnFailureJobMode=
JobTimeoutAction=
JobTimeoutRebootArgument=
StartLimitAction=
FailureAction=
SuccessAction=
RebootArgument=
CollectMode=
✓ StopWhenUnneeded=
✓ RefuseManualStart=
✓ RefuseManualStop=
✓ AllowIsolate=
✓ DefaultDependencies=
✓ OnFailureJobMode=
✓ IgnoreOnIsolate=
✓ SurviveFinalKillSignal=
✓ DefaultDependencies=
✓ JobTimeoutSec=
✓ JobRunningTimeoutSec=
✓ JobTimeoutAction=
✓ JobTimeoutRebootArgument=
✓ StartLimitIntervalSec=
✓ StartLimitBurst=
✓ StartLimitAction=
✓ FailureAction=
✓ SuccessAction=
✓ FailureActionExitStatus=
✓ SuccessActionExitStatus=
RebootArgument=
FailureActionExitStatus=
✓ Documentation=
✓ RequiresMountsFor=
✓ WantsMountsFor=
✓ Markers=
✓ Requires=
✓ Requisite=
✓ Wants=
✓ BindsTo=
✓ PartOf=
✓ Upholds=
✓ RequiredBy=
✓ RequisiteOf=
✓ WantedBy=
✓ BoundBy=
✓ UpheldBy=
✓ ConsistsOf=
✓ Conflicts=
✓ ConflictedBy=
✓ Before=
✓ After=
✓ OnSuccess=
✓ OnSuccessOf=
✓ OnFailure=
✓ OnFailureOf=
✓ Triggers=
✓ TriggeredBy=
✓ PropagatesReloadTo=
✓ ReloadPropagatedFrom=
✓ PropagatesStopTo=
✓ StopPropagatedFrom=
✓ JoinsNamespaceOf=
✓ References=
✓ ReferencedBy=
✓ InSlice=
✓ SliceOf=
✓ ConditionArchitecture=
✓ ConditionFirmware=
✓ ConditionVirtualization=
✓ ConditionHost=
✓ ConditionKernelCommandLine=
✓ ConditionVersion=
✓ ConditionCredential=
✓ ConditionSecurity=
✓ ConditionCapability=
✓ ConditionACPower=
✓ ConditionNeedsUpdate=
✓ ConditionFirstBoot=
✓ ConditionPathExists=
✓ ConditionPathExistsGlob=
✓ ConditionPathIsDirectory=
✓ ConditionPathIsSymbolicLink=
✓ ConditionPathIsMountPoint=
✓ ConditionPathIsReadWrite=
✓ ConditionPathIsEncrypted=
✓ ConditionDirectoryNotEmpty=
✓ ConditionFileNotEmpty=
✓ ConditionFileIsExecutable=
✓ ConditionNeedsUpdate=
✓ ConditionFirstBoot=
✓ ConditionKernelCommandLine=
✓ ConditionKernelVersion=
✓ ConditionVersion=
✓ ConditionArchitecture=
✓ ConditionFirmware=
✓ ConditionVirtualization=
✓ ConditionSecurity=
✓ ConditionCapability=
✓ ConditionHost=
✓ ConditionACPower=
✓ ConditionUser=
✓ ConditionGroup=
✓ ConditionControlGroupController=
✓ ConditionCPUs=
✓ ConditionMemory=
✓ ConditionEnvironment=
✓ ConditionCPUFeature=
✓ ConditionOSRelease=
✓ ConditionMemoryPressure=
✓ ConditionCPUPressure=
✓ ConditionIOPressure=
✓ ConditionKernelModuleLoaded=
✓ AssertArchitecture=
✓ AssertFirmware=
✓ AssertVirtualization=
✓ AssertHost=
✓ AssertKernelCommandLine=
✓ AssertVersion=
✓ AssertCredential=
✓ AssertSecurity=
✓ AssertCapability=
✓ AssertACPower=
✓ AssertNeedsUpdate=
✓ AssertFirstBoot=
✓ AssertPathExists=
✓ AssertPathExistsGlob=
✓ AssertPathIsDirectory=
✓ AssertPathIsSymbolicLink=
✓ AssertPathIsMountPoint=
✓ AssertPathIsReadWrite=
✓ AssertPathIsEncrypted=
✓ AssertDirectoryNotEmpty=
✓ AssertFileNotEmpty=
✓ AssertFileIsExecutable=
✓ AssertNeedsUpdate=
✓ AssertFirstBoot=
✓ AssertKernelCommandLine=
✓ AssertKernelVersion=
✓ AssertArchitecture=
✓ AssertVirtualization=
✓ AssertSecurity=
✓ AssertCapability=
✓ AssertHost=
✓ AssertACPower=
✓ AssertUser=
✓ AssertGroup=
✓ AssertControlGroupController=
CollectMode=
AssertCPUs=
✓ AssertMemory=
✓ AssertEnvironment=
✓ AssertCPUFeature=
✓ AssertOSRelease=
✓ AssertMemoryPressure=
✓ AssertCPUPressure=
✓ AssertIOPressure=
✓ AssertKernelModuleLoaded=
```
## Execution-Related Settings
@@ -236,55 +279,58 @@ All execution-related settings are available for transient units.
All cgroup/resource control settings are available for transient units
```
CPUAccounting=
DevicePolicy=
✓ Slice=
✓ ManagedOOMSwap=
✓ ManagedOOMMemoryPressure=
✓ ManagedOOMPreference=
✓ MemoryPressureWatch=
✓ DelegateSubgroup=
✓ ManagedOOMMemoryPressureLimit=
✓ MemoryAccounting=
✓ MemoryZSwapWriteback=
✓ IOAccounting=
✓ TasksAccounting=
✓ IPAccounting=
✓ CoredumpReceive=
✓ CPUWeight=
✓ StartupCPUWeight=
CPUShares=
✓ StartupCPUShares=
✓ CPUQuota=
✓ CPUQuotaPeriodSec=
IOWeight=
✓ StartupIOWeight=
✓ AllowedCPUs=
✓ StartupAllowedCPUs=
✓ AllowedMemoryNodes=
✓ StartupAllowedMemoryNodes=
MemoryAccounting=
✓ DefaultMemoryMin=
DisableControllers=
✓ Delegate=
✓ MemoryMin=
✓ DefaultMemoryLow=
✓ DefaultMemoryMin=
✓ MemoryLow=
✓ MemoryHigh=
✓ MemoryMax=
✓ MemorySwapMax=
✓ MemoryLimit=
✓ MemoryZSwapMax=
✓ TasksMax=
✓ CPUQuota=
✓ CPUQuotaPeriodSec=
✓ DeviceAllow=
✓ DevicePolicy=
✓ IOAccounting=
✓ IOWeight=
✓ StartupIOWeight=
✓ IODeviceWeight=
✓ IODeviceLatencyTargetSec=
✓ IPAddressAllow=
✓ IPAddressDeny=
✓ IPIngressFilterPath=
✓ IPEgressFilterPath=
✓ BPFProgram=
✓ SocketBindAllow=
✓ SocketBindDeny=
✓ MemoryPressureThresholdSec=
✓ NFTSet=
✓ ManagedOOMMemoryPressureDurationSec=
✓ IOReadBandwidthMax=
✓ IOWriteBandwidthMax=
✓ IOReadIOPSMax=
✓ IOWriteIOPSMax=
✓ BlockIOAccounting=
✓ BlockIOWeight=
✓ StartupBlockIOWeight=
✓ BlockIODeviceWeight=
✓ BlockIOReadBandwidth=
✓ BlockIOWriteBandwidth=
✓ TasksAccounting=
✓ TasksMax=
✓ Delegate=
✓ DisableControllers=
✓ IPAccounting=
✓ IPAddressAllow=
✓ IPAddressDeny=
✓ ManagedOOMSwap=
✓ ManagedOOMMemoryPressure=
✓ ManagedOOMMemoryPressureLimit=
✓ ManagedOOMMemoryPressureDurationSec=
✓ ManagedOOMPreference=
✓ CoredumpReceive=
```
## Process Killing Settings
@@ -292,13 +338,14 @@ All cgroup/resource control settings are available for transient units
All process killing settings are available for transient units:
```
✓ SendSIGKILL=
✓ SendSIGHUP=
✓ KillMode=
✓ SendSIGHUP=
✓ SendSIGKILL=
✓ KillSignal=
✓ RestartKillSignal=
✓ FinalKillSignal=
✓ WatchdogSignal=
✓ ReloadSignal=
```
## Service Unit Settings
@@ -306,41 +353,53 @@ All process killing settings are available for transient units:
Most service unit settings are available for transient units.
```
✓ BusName=
✓ ExecCondition=
✓ ExecReload=
✓ ExecStart=
✓ ExecStartPost=
✓ ExecStartPre=
✓ ExecStop=
✓ ExecStopPost=
✓ ExitType=
✓ FileDescriptorStoreMax=
✓ GuessMainPID=
✓ NonBlocking=
✓ NotifyAccess=
✓ OOMPolicy=
✓ PIDFile=
✓ RemainAfterExit=
✓ Restart=
✓ RestartForceExitStatus=
✓ RestartPreventExitStatus=
✓ RestartSec=
✓ RootDirectoryStartOnly=
✓ RuntimeMaxSec=
✓ RuntimeRandomizedExtraSec=
Sockets=
✓ SuccessExitStatus=
✓ TimeoutAbortSec=
✓ TimeoutSec=
✓ TimeoutStartFailureMode=
✓ TimeoutStartSec=
✓ TimeoutStopFailureMode=
✓ TimeoutStopSec=
✓ Type=
✓ ExitType=
✓ Restart=
✓ RestartMode=
✓ BusName=
✓ NotifyAccess=
✓ USBFunctionDescriptors=
✓ USBFunctionStrings=
✓ OOMPolicy=
✓ TimeoutStartFailureMode=
✓ TimeoutStopFailureMode=
✓ FileDescriptorStorePreserve=
✓ PermissionsStartOnly=
✓ RootDirectoryStartOnly=
✓ RemainAfterExit=
✓ GuessMainPID=
✓ RestartSec=
✓ RestartMaxDelaySec=
✓ TimeoutStartSec=
✓ TimeoutStopSec=
✓ TimeoutAbortSec=
✓ RuntimeMaxSec=
✓ RuntimeRandomizedExtraSec=
✓ WatchdogSec=
✓ TimeoutSec=
✓ FileDescriptorStoreMax=
✓ RestartSteps=
✓ ExecCondition=
✓ ExecStartPre=
✓ ExecStart=
✓ ExecStartPost=
✓ ExecConditionEx=
✓ ExecStartPreEx=
✓ ExecStartEx=
✓ ExecStartPostEx=
✓ ExecReload=
✓ ExecStop=
✓ ExecStopPost=
✓ ExecReloadEx=
✓ ExecStopEx=
✓ ExecStopPostEx=
✓ RestartPreventExitStatus=
✓ RestartForceExitStatus=
✓ SuccessExitStatus=
✓ OpenFile=
Socket=
```
## Mount Unit Settings
@@ -357,7 +416,7 @@ All mount unit settings are available to transient units:
✓ SloppyOptions=
✓ LazyUnmount=
✓ ForceUnmount=
✓ ReadWriteOnly=
✓ ReadwriteOnly=
```
## Automount Unit Settings
@@ -366,6 +425,7 @@ All automount unit setting is available to transient units:
```
✓ Where=
✓ ExtraOptions=
✓ DirectoryMode=
✓ TimeoutIdleSec=
```
@@ -375,21 +435,21 @@ All automount unit setting is available to transient units:
Most timer unit settings are available to transient units.
```
✓ OnActiveSec=
✓ OnBootSec=
✓ OnCalendar=
✓ OnClockChange=
✓ OnStartupSec=
✓ OnTimezoneChange=
✓ OnUnitActiveSec=
✓ OnUnitInactiveSec=
✓ Persistent=
✓ WakeSystem=
✓ RemainAfterElapse=
AccuracySec=
RandomizedDelaySec=
Persistent=
OnTimezoneChange=
✓ OnClockChange=
✓ FixedRandomDelay=
✓ DeferReactivation=
✓ AccuracySec=
✓ RandomizedDelaySec=
✓ OnActiveSec=
✓ OnBootSec=
✓ OnStartupSec=
✓ OnUnitActiveSec=
✓ OnUnitInactiveSec=
✓ OnCalendar=
Unit=
```
@@ -407,6 +467,9 @@ such).
✓ RuntimeMaxSec=
✓ RuntimeRandomizedExtraSec=
✓ TimeoutStopSec=
✓ User=
✓ Group=
✓ OOMPolicy=
```
## Socket Unit Settings
@@ -414,65 +477,71 @@ such).
Most socket unit settings are available to transient units.
```
✓ ListenStream=
✓ ListenDatagram=
✓ ListenSequentialPacket=
✓ ListenFIFO=
✓ ListenNetlink=
✓ ListenSpecial=
✓ ListenMessageQueue=
✓ ListenUSBFunction=
✓ SocketProtocol=
✓ BindIPv6Only=
✓ Backlog=
✓ BindToDevice=
✓ ExecStartPre=
✓ ExecStartPost=
✓ ExecStopPre=
✓ ExecStopPost=
✓ TimeoutSec=
✓ SocketUser=
✓ SocketGroup=
✓ SocketMode=
✓ DirectoryMode=
✓ Accept=
✓ FlushPending=
✓ Writable=
✓ MaxConnections=
✓ MaxConnectionsPerSource=
✓ KeepAlive=
✓ KeepAliveTimeSec=
✓ KeepAliveIntervalSec=
✓ KeepAliveProbes=
✓ DeferAcceptSec=
✓ NoDelay=
✓ Priority=
✓ ReceiveBuffer=
✓ SendBuffer=
✓ IPTOS=
✓ IPTTL=
✓ Mark=
✓ PipeSize=
✓ FreeBind=
✓ Transparent=
✓ Broadcast=
✓ PassCredentials=
✓ PassFileDescriptorsToExec=
✓ PassSecurity=
✓ PassPacketInfo=
✓ TCPCongestion=
✓ ReusePort=
✓ RemoveOnStop=
✓ SELinuxContextFromNet=
✓ Priority=
✓ IPTTL=
✓ Mark=
✓ IPTOS=
✓ Backlog=
✓ MaxConnections=
✓ MaxConnectionsPerSource=
✓ KeepAliveProbes=
✓ TriggerLimitBurst=
✓ PollLimitBurst=
✓ SocketMode=
✓ DirectoryMode=
✓ MessageQueueMaxMessages=
✓ MessageQueueMessageSize=
RemoveOnStop=
Symlinks=
FileDescriptorName=
Service=
TimeoutSec=
KeepAliveTimeSec=
KeepAliveIntervalSec=
✓ DeferAcceptSec=
✓ DeferTrigger=
✓ DeferTriggerMaxSec=
✓ TriggerLimitIntervalSec=
TriggerLimitBurst=
PollLimitIntervalSec=
✓ ReceiveBuffer=
✓ SendBuffer=
✓ PipeSize=
✓ ExecStartPre=
✓ ExecStartPost=
✓ ExecReload=
✓ ExecStopPost=
✓ SmackLabel=
✓ SmackLabelIPIn=
✓ SmackLabelIPOut=
SELinuxContextFromNet=
TCPCongestion=
✓ BindToDevice=
✓ BindIPv6Only=
✓ FileDescriptorName=
✓ SocketUser=
✓ SocketGroup=
✓ Timestamping=
✓ Symlinks=
✓ SocketProtocol=
✓ ListenStream=
✓ ListenDatagram=
✓ ListenSequentialPacket=
✓ ListenNetlink=
✓ ListenSpecial=
✓ ListenMessageQueue=
✓ ListenFIFO=
✓ ListenUSBFunction=
Service=
```
## Swap Unit Settings
@@ -491,14 +560,18 @@ Swap units are currently not available at all as transient units:
Most path unit settings are available to transient units.
```
✓ MakeDirectory=
✓ DirectoryMode=
✓ PathExists=
✓ PathExistsGlob=
✓ PathChanged=
✓ PathModified=
✓ DirectoryNotEmpty=
✓ TriggerLimitBurst=
✓ PollLimitBurst=
✓ TriggerLimitIntervalSec=
✓ PollLimitIntervalSec=
Unit=
✓ MakeDirectory=
✓ DirectoryMode=
```
## Install Section

39
man/systemd-analyze.xml
View File

@@ -210,6 +210,12 @@
<arg choice="opt" rep="repeat">OPTIONS</arg>
<arg choice="plain">chid</arg>
</cmdsynopsis>
<cmdsynopsis>
<command>systemd-analyze</command>
<arg choice="opt" rep="repeat">OPTIONS</arg>
<arg choice="plain">transient-settings</arg>
<arg choice="plain" rep="repeat"><replaceable>TYPE</replaceable></arg>
</cmdsynopsis>
</refsynopsisdiv>
<refsect1>
@@ -1121,6 +1127,39 @@ LEGEND: M → sys_vendor (LENOVO) ┄ F → product_family (ThinkPad X1 Carbon G
<xi:include href="version-info.xml" xpointer="v258"/>
</refsect2>
<refsect2>
<title><command>systemd-analyze transient-settings <replaceable>TYPE</replaceable>...</command></title>
<para>Lists properties that can be set for various unit types via command line interfaces, in
particular
<citerefentry><refentrytitle>systemctl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
<command>set-property</command> and <option>--property=</option>/<option>--automount-property=</option>
options in
<citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, and
<citerefentry><refentrytitle>systemd-mount</refentrytitle><manvolnum>1</manvolnum></citerefentry>.
Those assignments are possible for a subset of the properties that can be set in config files, see
<citerefentry><refentrytitle>systemd.unit</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd.resource-control</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
and the other unit-type-specific pages. The <replaceable>TYPE</replaceable> argument must be a unit
type ("service", "socket", …). The properties that apply to the specific types are listed.</para>
<para>Note: D-Bus properties documented in
<citerefentry><refentrytitle>org.freedesktop.systemd1</refentrytitle><manvolnum>5</manvolnum></citerefentry>
form a partially overlapping set with the lists generated by this command. Many D-Bus properties and
transient settings share the same names, but for example, <varname>LogRateLimitIntervalSec=</varname>
is described in
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> and
would be listed by this command, but the corresponding D-Bus property described in
<citerefentry><refentrytitle>systemd.exec</refentrytitle><manvolnum>5</manvolnum></citerefentry> is
<varname>LogRateLimitIntervalUSec</varname>.
</para>
<para>This verb is intended primarily for programatic generation of shell completions.</para>
<xi:include href="version-info.xml" xpointer="v258"/>
</refsect2>
</refsect1>
<refsect1>

8
shell-completion/bash/systemd-analyze
View File

@@ -81,6 +81,7 @@ _systemd_analyze() {
[ARCHITECTURES]='architectures'
[FDSTORE]='fdstore'
[CAPABILITY]='capability'
[TRANSIENT_SETTINGS]='transient-settings'
)
local CONFIGS='locale.conf systemd/bootchart.conf systemd/coredump.conf systemd/journald.conf
@@ -225,6 +226,13 @@ _systemd_analyze() {
if [[ $cur = -* ]]; then
comps='--help --version --no-pager --json=off --json=pretty --json=short -m --mask'
fi
elif __contains_word "$verb" ${VERBS[TRANSIENT_SETTINGS]}; then
if [[ $cur = -* ]]; then
comps='--help --version --no-pager'
else
comps="$(systemctl --no-legend --no-pager -t help)"
fi
fi
COMPREPLY=( $(compgen -W '$comps' -- "$cur") )

8
shell-completion/zsh/_systemd-analyze
View File

@@ -47,6 +47,13 @@
_describe 'plot options' _options
}
(( $+functions[_systemd-analyze_transient-settings] )) ||
_systemd-analyze_transient-settings() {
local -a _types
_types=( $(systemctl --no-pager --no-legend -t help) )
_describe -t types 'unit types' _types
}
(( $+functions[_systemd-analyze_commands] )) ||
_systemd-analyze_commands(){
local -a _systemd_analyze_cmds
@@ -74,6 +81,7 @@ JSON or table format'
'security:Analyze security settings of a service'
'inspect-elf:Parse and print ELF package metadata'
'has-tpm2:Report whether TPM2 support is available'
'transient-settings:List transient settings for unit types'
# log-level, log-target, service-watchdogs have been deprecated
)

105
src/analyze/analyze.c
View File

@@ -12,7 +12,6 @@
#include "sd-json.h"
#include "alloc-util.h"
#include "analyze-verify-util.h"
#include "analyze.h"
#include "analyze-architectures.h"
#include "analyze-blame.h"
@@ -46,8 +45,10 @@
#include "analyze-unit-files.h"
#include "analyze-unit-paths.h"
#include "analyze-verify.h"
#include "analyze-verify-util.h"
#include "build.h"
#include "bus-error.h"
#include "bus-unit-util.h"
#include "bus-util.h"
#include "calendarspec.h"
#include "dissect-image.h"
@@ -66,6 +67,7 @@
#include "string-util.h"
#include "strv.h"
#include "time-util.h"
#include "unit-def.h"
#include "unit-name.h"
#include "verbs.h"
@@ -159,6 +161,29 @@ void time_parsing_hint(const char *p, bool calendar, bool timestamp, bool timesp
"Use 'systemd-analyze timespan \"%s\"' instead?", p);
}
static int verb_transient_settings(int argc, char *argv[], void *userdata) {
assert(argc >= 2);
pager_open(arg_pager_flags);
bool first = true;
STRV_FOREACH(arg, strv_skip(argv, 1)) {
UnitType t;
t = unit_type_from_string(*arg);
if (t < 0)
return log_error_errno(t, "Invalid unit type '%s'.", *arg);
if (!first)
puts("");
bus_dump_transient_settings(t);
first = false;
}
return 0;
}
static int help(int argc, char *argv[], void *userdata) {
_cleanup_free_ char *link = NULL, *dot_link = NULL;
int r;
@@ -200,6 +225,7 @@ static int help(int argc, char *argv[], void *userdata) {
" architectures [NAME...] List known architectures\n"
" smbios11 List strings passed via SMBIOS Type #11\n"
" chid List local CHIDs\n"
" transient-settings TYPE... List transient settings for unit TYPE\n"
"\n%3$sExpression Evaluation:%4$s\n"
" condition CONDITION... Evaluate conditions and asserts\n"
" compare-versions VERSION1 [OP] VERSION2\n"
@@ -639,46 +665,47 @@ static int run(int argc, char *argv[]) {
_cleanup_(umount_and_freep) char *mounted_dir = NULL;
static const Verb verbs[] = {
{ "help", VERB_ANY, VERB_ANY, 0, help },
{ "time", VERB_ANY, 1, VERB_DEFAULT, verb_time },
{ "blame", VERB_ANY, 1, 0, verb_blame },
{ "critical-chain", VERB_ANY, VERB_ANY, 0, verb_critical_chain },
{ "plot", VERB_ANY, 1, 0, verb_plot },
{ "dot", VERB_ANY, VERB_ANY, 0, verb_dot },
{ "help", VERB_ANY, VERB_ANY, 0, help },
{ "time", VERB_ANY, 1, VERB_DEFAULT, verb_time },
{ "blame", VERB_ANY, 1, 0, verb_blame },
{ "critical-chain", VERB_ANY, VERB_ANY, 0, verb_critical_chain },
{ "plot", VERB_ANY, 1, 0, verb_plot },
{ "dot", VERB_ANY, VERB_ANY, 0, verb_dot },
/* ↓ The following seven verbs are deprecated, from here … ↓ */
{ "log-level", VERB_ANY, 2, 0, verb_log_control },
{ "log-target", VERB_ANY, 2, 0, verb_log_control },
{ "set-log-level", 2, 2, 0, verb_log_control },
{ "get-log-level", VERB_ANY, 1, 0, verb_log_control },
{ "set-log-target", 2, 2, 0, verb_log_control },
{ "get-log-target", VERB_ANY, 1, 0, verb_log_control },
{ "service-watchdogs", VERB_ANY, 2, 0, verb_service_watchdogs },
{ "log-level", VERB_ANY, 2, 0, verb_log_control },
{ "log-target", VERB_ANY, 2, 0, verb_log_control },
{ "set-log-level", 2, 2, 0, verb_log_control },
{ "get-log-level", VERB_ANY, 1, 0, verb_log_control },
{ "set-log-target", 2, 2, 0, verb_log_control },
{ "get-log-target", VERB_ANY, 1, 0, verb_log_control },
{ "service-watchdogs", VERB_ANY, 2, 0, verb_service_watchdogs },
/* ↑ … until here ↑ */
{ "dump", VERB_ANY, VERB_ANY, 0, verb_dump },
{ "cat-config", 2, VERB_ANY, 0, verb_cat_config },
{ "unit-files", VERB_ANY, VERB_ANY, 0, verb_unit_files },
{ "unit-paths", 1, 1, 0, verb_unit_paths },
{ "exit-status", VERB_ANY, VERB_ANY, 0, verb_exit_status },
{ "syscall-filter", VERB_ANY, VERB_ANY, 0, verb_syscall_filters },
{ "capability", VERB_ANY, VERB_ANY, 0, verb_capabilities },
{ "filesystems", VERB_ANY, VERB_ANY, 0, verb_filesystems },
{ "condition", VERB_ANY, VERB_ANY, 0, verb_condition },
{ "compare-versions", 3, 4, 0, verb_compare_versions },
{ "verify", 2, VERB_ANY, 0, verb_verify },
{ "calendar", 2, VERB_ANY, 0, verb_calendar },
{ "timestamp", 2, VERB_ANY, 0, verb_timestamp },
{ "timespan", 2, VERB_ANY, 0, verb_timespan },
{ "security", VERB_ANY, VERB_ANY, 0, verb_security },
{ "inspect-elf", 2, VERB_ANY, 0, verb_elf_inspection },
{ "malloc", VERB_ANY, VERB_ANY, 0, verb_malloc },
{ "fdstore", 2, VERB_ANY, 0, verb_fdstore },
{ "image-policy", 2, 2, 0, verb_image_policy },
{ "has-tpm2", VERB_ANY, 1, 0, verb_has_tpm2 },
{ "pcrs", VERB_ANY, VERB_ANY, 0, verb_pcrs },
{ "srk", VERB_ANY, 1, 0, verb_srk },
{ "architectures", VERB_ANY, VERB_ANY, 0, verb_architectures },
{ "smbios11", VERB_ANY, 1, 0, verb_smbios11 },
{ "chid", VERB_ANY, VERB_ANY, 0, verb_chid },
{ "dump", VERB_ANY, VERB_ANY, 0, verb_dump },
{ "cat-config", 2, VERB_ANY, 0, verb_cat_config },
{ "unit-files", VERB_ANY, VERB_ANY, 0, verb_unit_files },
{ "unit-paths", 1, 1, 0, verb_unit_paths },
{ "exit-status", VERB_ANY, VERB_ANY, 0, verb_exit_status },
{ "syscall-filter", VERB_ANY, VERB_ANY, 0, verb_syscall_filters },
{ "capability", VERB_ANY, VERB_ANY, 0, verb_capabilities },
{ "filesystems", VERB_ANY, VERB_ANY, 0, verb_filesystems },
{ "condition", VERB_ANY, VERB_ANY, 0, verb_condition },
{ "compare-versions", 3, 4, 0, verb_compare_versions },
{ "verify", 2, VERB_ANY, 0, verb_verify },
{ "calendar", 2, VERB_ANY, 0, verb_calendar },
{ "timestamp", 2, VERB_ANY, 0, verb_timestamp },
{ "timespan", 2, VERB_ANY, 0, verb_timespan },
{ "security", VERB_ANY, VERB_ANY, 0, verb_security },
{ "inspect-elf", 2, VERB_ANY, 0, verb_elf_inspection },
{ "malloc", VERB_ANY, VERB_ANY, 0, verb_malloc },
{ "fdstore", 2, VERB_ANY, 0, verb_fdstore },
{ "image-policy", 2, 2, 0, verb_image_policy },
{ "has-tpm2", VERB_ANY, 1, 0, verb_has_tpm2 },
{ "pcrs", VERB_ANY, VERB_ANY, 0, verb_pcrs },
{ "srk", VERB_ANY, 1, 0, verb_srk },
{ "architectures", VERB_ANY, VERB_ANY, 0, verb_architectures },
{ "smbios11", VERB_ANY, 1, 0, verb_smbios11 },
{ "chid", VERB_ANY, VERB_ANY, 0, verb_chid },
{ "transient-settings", 2, VERB_ANY, 0, verb_transient_settings },
{}
};

44
src/basic/cgroup-util.c
View File

@@ -2048,34 +2048,38 @@ int cg_has_coredump_receive(const char *path) {
}
const uint64_t cgroup_io_limit_defaults[_CGROUP_IO_LIMIT_TYPE_MAX] = {
[CGROUP_IO_RBPS_MAX] = CGROUP_LIMIT_MAX,
[CGROUP_IO_WBPS_MAX] = CGROUP_LIMIT_MAX,
[CGROUP_IO_RIOPS_MAX] = CGROUP_LIMIT_MAX,
[CGROUP_IO_WIOPS_MAX] = CGROUP_LIMIT_MAX,
[CGROUP_IO_RBPS_MAX] = CGROUP_LIMIT_MAX,
[CGROUP_IO_WBPS_MAX] = CGROUP_LIMIT_MAX,
[CGROUP_IO_RIOPS_MAX] = CGROUP_LIMIT_MAX,
[CGROUP_IO_WIOPS_MAX] = CGROUP_LIMIT_MAX,
};
static const char* const cgroup_io_limit_type_table[_CGROUP_IO_LIMIT_TYPE_MAX] = {
[CGROUP_IO_RBPS_MAX] = "IOReadBandwidthMax",
[CGROUP_IO_WBPS_MAX] = "IOWriteBandwidthMax",
[CGROUP_IO_RIOPS_MAX] = "IOReadIOPSMax",
[CGROUP_IO_WIOPS_MAX] = "IOWriteIOPSMax",
[CGROUP_IO_RBPS_MAX] = "IOReadBandwidthMax",
[CGROUP_IO_WBPS_MAX] = "IOWriteBandwidthMax",
[CGROUP_IO_RIOPS_MAX] = "IOReadIOPSMax",
[CGROUP_IO_WIOPS_MAX] = "IOWriteIOPSMax",
};
DEFINE_STRING_TABLE_LOOKUP(cgroup_io_limit_type, CGroupIOLimitType);
void cgroup_io_limits_list(void) {
DUMP_STRING_TABLE(cgroup_io_limit_type, CGroupIOLimitType, _CGROUP_IO_LIMIT_TYPE_MAX);
}
static const char *const cgroup_controller_table[_CGROUP_CONTROLLER_MAX] = {
[CGROUP_CONTROLLER_CPU] = "cpu",
[CGROUP_CONTROLLER_CPUACCT] = "cpuacct",
[CGROUP_CONTROLLER_CPUSET] = "cpuset",
[CGROUP_CONTROLLER_IO] = "io",
[CGROUP_CONTROLLER_BLKIO] = "blkio",
[CGROUP_CONTROLLER_MEMORY] = "memory",
[CGROUP_CONTROLLER_DEVICES] = "devices",
[CGROUP_CONTROLLER_PIDS] = "pids",
[CGROUP_CONTROLLER_BPF_FIREWALL] = "bpf-firewall",
[CGROUP_CONTROLLER_BPF_DEVICES] = "bpf-devices",
[CGROUP_CONTROLLER_BPF_FOREIGN] = "bpf-foreign",
[CGROUP_CONTROLLER_BPF_SOCKET_BIND] = "bpf-socket-bind",
[CGROUP_CONTROLLER_CPU] = "cpu",
[CGROUP_CONTROLLER_CPUACCT] = "cpuacct",
[CGROUP_CONTROLLER_CPUSET] = "cpuset",
[CGROUP_CONTROLLER_IO] = "io",
[CGROUP_CONTROLLER_BLKIO] = "blkio",
[CGROUP_CONTROLLER_MEMORY] = "memory",
[CGROUP_CONTROLLER_DEVICES] = "devices",
[CGROUP_CONTROLLER_PIDS] = "pids",
[CGROUP_CONTROLLER_BPF_FIREWALL] = "bpf-firewall",
[CGROUP_CONTROLLER_BPF_DEVICES] = "bpf-devices",
[CGROUP_CONTROLLER_BPF_FOREIGN] = "bpf-foreign",
[CGROUP_CONTROLLER_BPF_SOCKET_BIND] = "bpf-socket-bind",
[CGROUP_CONTROLLER_BPF_RESTRICT_NETWORK_INTERFACES] = "bpf-restrict-network-interfaces",
};

1
src/basic/cgroup-util.h
View File

@@ -97,6 +97,7 @@ extern const uint64_t cgroup_io_limit_defaults[_CGROUP_IO_LIMIT_TYPE_MAX];
const char* cgroup_io_limit_type_to_string(CGroupIOLimitType t) _const_;
CGroupIOLimitType cgroup_io_limit_type_from_string(const char *s) _pure_;
void cgroup_io_limits_list(void);
/* Special values for the io.bfq.weight attribute */
#define CGROUP_BFQ_WEIGHT_INVALID UINT64_MAX

2
src/basic/macro.h
View File

@@ -152,7 +152,7 @@ static inline unsigned long ALIGN_POWER2(unsigned long u) {
} while (false)
#define STRV_MAKE(...) ((char**) ((const char*[]) { __VA_ARGS__, NULL }))
#define STRV_MAKE_EMPTY ((char*[1]) { NULL })
#define STRV_EMPTY ((char*[1]) { NULL })
#define STRV_MAKE_CONST(...) ((const char* const*) ((const char*[]) { __VA_ARGS__, NULL }))
/* Pointers range from NULL to POINTER_MAX */

5
src/basic/rlimit-util.c
View File

@@ -343,6 +343,11 @@ static const char* const rlimit_table[_RLIMIT_MAX] = {
DEFINE_STRING_TABLE_LOOKUP(rlimit, int);
void rlimits_list(const char *prefix) {
FOREACH_ELEMENT(field, rlimit_table)
printf("%s%s\n", strempty(prefix), *field);
}
int rlimit_from_string_harder(const char *s) {
const char *suffix;

1
src/basic/rlimit-util.h
View File

@@ -10,6 +10,7 @@
const char* rlimit_to_string(int i) _const_;
int rlimit_from_string(const char *s) _pure_;
int rlimit_from_string_harder(const char *s) _pure_;
void rlimits_list(const char *prefix);
int setrlimit_closest(int resource, const struct rlimit *rlim);
int setrlimit_closest_all(const struct rlimit * const *rlim, int *which_failed);

6
src/basic/unit-def.c
View File

@@ -1,5 +1,7 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include <stdio.h>
#include "alloc-util.h"
#include "bus-label.h"
#include "glyph-util.h"
@@ -331,6 +333,10 @@ static const char* const unit_dependency_table[_UNIT_DEPENDENCY_MAX] = {
DEFINE_STRING_TABLE_LOOKUP(unit_dependency, UnitDependency);
void unit_types_list(void) {
DUMP_STRING_TABLE(unit_dependency, UnitDependency, _UNIT_DEPENDENCY_MAX);
}
static const char* const notify_access_table[_NOTIFY_ACCESS_MAX] = {
[NOTIFY_NONE] = "none",
[NOTIFY_MAIN] = "main",

1
src/basic/unit-def.h
View File

@@ -304,6 +304,7 @@ const char* unit_dbus_interface_from_name(const char *name);
const char* unit_type_to_string(UnitType i) _const_;
UnitType unit_type_from_string(const char *s) _pure_;
void unit_types_list(void);
const char* unit_load_state_to_string(UnitLoadState i) _const_;
UnitLoadState unit_load_state_from_string(const char *s) _pure_;

4463
src/shared/bus-unit-util.c
View File

File diff suppressed because it is too large Load Diff

2
src/shared/bus-unit-util.h
View File

@@ -51,3 +51,5 @@ int unit_freezer_new(const char *name, UnitFreezer **ret);
int unit_freezer_freeze(UnitFreezer *f);
int unit_freezer_thaw(UnitFreezer *f);
void bus_dump_transient_settings(UnitType t);

8
src/shared/condition.c
View File

@@ -1402,6 +1402,10 @@ ConditionType condition_type_from_string(const char *s) {
return _condition_type_from_string(s);
}
void condition_types_list(void) {
DUMP_STRING_TABLE(_condition_type, ConditionType, _CONDITION_TYPE_MAX);
}
static const char* const _assert_type_table[_CONDITION_TYPE_MAX] = {
[CONDITION_ARCHITECTURE] = "AssertArchitecture",
[CONDITION_FIRMWARE] = "AssertFirmware",
@@ -1453,6 +1457,10 @@ ConditionType assert_type_from_string(const char *s) {
return _assert_type_from_string(s);
}
void assert_types_list(void) {
DUMP_STRING_TABLE(_assert_type, ConditionType, _CONDITION_TYPE_MAX);
}
static const char* const condition_result_table[_CONDITION_RESULT_MAX] = {
[CONDITION_UNTESTED] = "untested",
[CONDITION_SUCCEEDED] = "succeeded",

2
src/shared/condition.h
View File

@@ -88,9 +88,11 @@ void condition_dump_list(Condition *c, FILE *f, const char *prefix, condition_to
const char* condition_type_to_string(ConditionType t) _const_;
ConditionType condition_type_from_string(const char *s) _pure_;
void condition_types_list(void);
const char* assert_type_to_string(ConditionType t) _const_;
ConditionType assert_type_from_string(const char *s) _pure_;
void assert_types_list(void);
const char* condition_result_to_string(ConditionResult r) _const_;
ConditionResult condition_result_from_string(const char *s) _pure_;

1
src/test/meson.build
View File

@@ -56,6 +56,7 @@ simple_tests += files(
'test-blockdev-util.c',
'test-bootspec.c',
'test-build-path.c',
'test-bus-unit-util.c',
'test-bus-util.c',
'test-calendarspec.c',
'test-cgroup-util.c',

15
src/test/test-bus-unit-util.c Normal file
View File

@@ -0,0 +1,15 @@
/* SPDX-License-Identifier: LGPL-2.1-or-later */
#include "bus-unit-util.h"
#include "unit-def.h"
#include "tests.h"
TEST(bus_dump_transient_settings) {
/* -1 is for generic unit, natural numbers are for specific unit types */
for (UnitType t = 0; t < _UNIT_TYPE_MAX; t++) {
log_info("==================== %s ====================", t < 0 ? "unit" : unit_type_to_string(t));
bus_dump_transient_settings(t);
}
}
DEFINE_TEST_MAIN(LOG_DEBUG);

4
src/test/test-conf-parser.c
View File

@@ -171,14 +171,14 @@ TEST(config_parse_unsigned) {
}
TEST(config_parse_strv) {
test_config_parse_strv_one("", false, STRV_MAKE_EMPTY);
test_config_parse_strv_one("", false, STRV_EMPTY);
test_config_parse_strv_one("foo", false, STRV_MAKE("foo"));
test_config_parse_strv_one("foo bar foo", false, STRV_MAKE("foo", "bar", "foo"));
test_config_parse_strv_one("\"foo bar\" foo", false, STRV_MAKE("foo bar", "foo"));
test_config_parse_strv_one("\xc3\x80", false, STRV_MAKE("\xc3\x80"));
test_config_parse_strv_one("\xc3\x7f", false, STRV_MAKE("\xc3\x7f"));
test_config_parse_strv_one("", true, STRV_MAKE_EMPTY);
test_config_parse_strv_one("", true, STRV_EMPTY);
test_config_parse_strv_one("foo", true, STRV_MAKE("foo"));
test_config_parse_strv_one("foo bar foo", true, STRV_MAKE("foo", "bar"));
test_config_parse_strv_one("\"foo bar\" foo", true, STRV_MAKE("foo bar", "foo"));

8
src/test/test-nulstr-util.c
View File

@@ -42,22 +42,22 @@ TEST(strv_parse_nulstr_full) {
STRV_MAKE("hoge", "hoge2", "hoge3", "", "hoge5", "", "xxx"));
strv_parse_nulstr_full_one(((const char[0]) {}), 0,
STRV_MAKE_EMPTY, STRV_MAKE_EMPTY);
STRV_EMPTY, STRV_EMPTY);
strv_parse_nulstr_full_one(((const char[1]) { 0 }), 1,
STRV_MAKE(""), STRV_MAKE_EMPTY);
STRV_MAKE(""), STRV_EMPTY);
strv_parse_nulstr_full_one(((const char[1]) { 'x' }), 1,
STRV_MAKE("x"), STRV_MAKE("x"));
strv_parse_nulstr_full_one(((const char[2]) { 0, 0 }), 2,
STRV_MAKE("", ""), STRV_MAKE_EMPTY);
STRV_MAKE("", ""), STRV_EMPTY);
strv_parse_nulstr_full_one(((const char[2]) { 'x', 0 }), 2,
STRV_MAKE("x"), STRV_MAKE("x"));
strv_parse_nulstr_full_one(((const char[3]) { 0, 0, 0 }), 3,
STRV_MAKE("", "", ""), STRV_MAKE_EMPTY);
STRV_MAKE("", "", ""), STRV_EMPTY);
strv_parse_nulstr_full_one(((const char[3]) { 'x', 0, 0 }), 3,
STRV_MAKE("x", ""), STRV_MAKE("x"));

2
src/test/test-proc-cmdline.c
View File

@@ -244,7 +244,7 @@ TEST(proc_cmdline_key_startswith) {
TEST(proc_cmdline_filter_pid1_args) {
test_proc_cmdline_filter_pid1_args_one("systemd\0",
STRV_MAKE_EMPTY);
STRV_EMPTY);
/* short option */
test_proc_cmdline_filter_pid1_args_one("systemd\0"

2
src/test/test-serialize.c
View File

@@ -110,7 +110,7 @@ TEST(serialize_strv) {
log_info("/* %s (%s) */", __func__, fn);
assert_se(serialize_strv(f, "strv1", NULL) == 0);
assert_se(serialize_strv(f, "strv2", STRV_MAKE_EMPTY) == 0);
assert_se(serialize_strv(f, "strv2", STRV_EMPTY) == 0);
assert_se(serialize_strv(f, "strv3", strv) == 1);
assert_se(serialize_strv(f, "strv4", STRV_MAKE(long_string)) == -EINVAL);

2
src/test/test-socket-bind.c
View File

@@ -139,7 +139,7 @@ int main(int argc, char *argv[]) {
assert_se(test_socket_bind(m, "socket_bind_test.service", netcat_path, "2000", STRV_MAKE("ipv6:2001-2002"), STRV_MAKE("any")) >= 0);
assert_se(test_socket_bind(m, "socket_bind_test.service", netcat_path, "6666", STRV_MAKE("ipv4:6666", "6667"), STRV_MAKE("any")) >= 0);
assert_se(test_socket_bind(m, "socket_bind_test.service", netcat_path, "6666", STRV_MAKE("6667", "6668", ""), STRV_MAKE("any")) >= 0);
assert_se(test_socket_bind(m, "socket_bind_test.service", netcat_path, "7777", STRV_MAKE_EMPTY, STRV_MAKE_EMPTY) >= 0);
assert_se(test_socket_bind(m, "socket_bind_test.service", netcat_path, "7777", STRV_EMPTY, STRV_EMPTY) >= 0);
assert_se(test_socket_bind(m, "socket_bind_test.service", netcat_path, "8888", STRV_MAKE("any"), STRV_MAKE("any")) >= 0);
assert_se(test_socket_bind(m, "socket_bind_test.service", netcat_path, "8888", STRV_MAKE("ipv6:tcp:8888-8889"), STRV_MAKE("any")) >= 0);
assert_se(test_socket_bind(m, "socket_bind_test.service", netcat_path, "10000", STRV_MAKE("ipv6:udp:9999-10000"), STRV_MAKE("any")) >= 0);

2
src/test/test-string-util.c
View File

@@ -496,7 +496,7 @@ TEST(foreach_word_quoted) {
true);
check("test\\",
STRV_MAKE_EMPTY,
STRV_EMPTY,
true);
}

10
src/test/test-strv.c
View File

@@ -224,9 +224,9 @@ static void test_strv_unquote_one(const char *quoted, char **list) {
TEST(strv_unquote) {
test_strv_unquote_one(" foo=bar \"waldo\" zzz ", STRV_MAKE("foo=bar", "waldo", "zzz"));
test_strv_unquote_one("", STRV_MAKE_EMPTY);
test_strv_unquote_one(" ", STRV_MAKE_EMPTY);
test_strv_unquote_one(" ", STRV_MAKE_EMPTY);
test_strv_unquote_one("", STRV_EMPTY);
test_strv_unquote_one(" ", STRV_EMPTY);
test_strv_unquote_one(" ", STRV_EMPTY);
test_strv_unquote_one(" x", STRV_MAKE("x"));
test_strv_unquote_one("x ", STRV_MAKE("x"));
test_strv_unquote_one(" x ", STRV_MAKE("x"));
@@ -774,7 +774,7 @@ TEST(strv_foreach_backwards) {
STRV_FOREACH_BACKWARDS(check, (char**) NULL)
assert_not_reached();
STRV_FOREACH_BACKWARDS(check, STRV_MAKE_EMPTY)
STRV_FOREACH_BACKWARDS(check, STRV_EMPTY)
assert_not_reached();
unsigned count = 0;
@@ -1049,7 +1049,7 @@ TEST(strv_fnmatch) {
_cleanup_strv_free_ char **v = NULL;
size_t pos;
assert_se(!strv_fnmatch(STRV_MAKE_EMPTY, "a"));
assert_se(!strv_fnmatch(STRV_EMPTY, "a"));
v = strv_new("xxx", "*\\*", "yyy");
assert_se(!strv_fnmatch_full(v, "\\", 0, NULL));

2
src/test/test-verbs.c
View File

@@ -43,7 +43,7 @@ TEST(verbs) {
test_dispatch_one(STRV_MAKE("copy-to", "foo", "bar", "baz", "quux", "qaax"), verbs, -EINVAL);
/* no verb, but a default is set */
test_dispatch_one(STRV_MAKE_EMPTY, verbs, 0);
test_dispatch_one(STRV_EMPTY, verbs, 0);
}
TEST(verbs_no_default) {

4
test/units/TEST-07-PID1.delegate-namespaces.sh
View File

@@ -45,8 +45,8 @@ testcase_pid() {
}
testcase_uts() {
(! systemd-run -p PrivateUsersEx=self -p ProtectHostnameEx=private --wait --pipe -- hostname abc)
systemd-run -p PrivateUsersEx=self -p ProtectHostnameEx=private -p DelegateNamespaces=uts --wait --pipe -- hostname abc
(! systemd-run -p PrivateUsersEx=self -p ProtectHostname=private --wait --pipe -- hostname abc)
systemd-run -p PrivateUsersEx=self -p ProtectHostname=private -p DelegateNamespaces=uts --wait --pipe -- hostname abc
}
testcase_implied_private_users_self() {

16
test/units/TEST-07-PID1.protect-hostname.sh
View File

@@ -22,7 +22,7 @@ testcase_yes() {
(! systemd-run --wait -p ProtectHostname=yes hostname foo)
# ProtectHostname=yes can optionally take a hostname.
systemd-run --wait -p ProtectHostnameEx=yes:hoge \
systemd-run --wait -p ProtectHostname=yes:hoge \
-P bash -xec '
test "$(hostname)" = "hoge"
(! hostname foo)
@@ -50,10 +50,18 @@ EOF
systemd-run --wait -p ProtectHostname=yes -p PrivateMounts=yes \
findmnt --mountpoint /proc/sys/kernel/hostname
# Check that ProtectHostnameEx=… also works.
systemd-run --wait -p ProtectHostnameEx=yes:hoge \
-P bash -xec '
test "$(hostname)" = "hoge"
(! hostname foo)
test "$(hostname)" = "hoge"
'
}
testcase_private() {
systemd-run --wait -p ProtectHostnameEx=private \
systemd-run --wait -p ProtectHostname=private \
-P bash -xec '
hostname foo
test "$(hostname)" = "foo"
@@ -64,7 +72,7 @@ testcase_private() {
test "$(hostnamectl hostname)" = "$HOSTNAME_FROM_SYSTEMD"
# ProtectHostname=private can optionally take a hostname.
systemd-run --wait -p ProtectHostnameEx=private:hoge \
systemd-run --wait -p ProtectHostname=private:hoge \
-P bash -xec '
test "$(hostname)" = "hoge"
hostname foo
@@ -91,7 +99,7 @@ EOF
test "$(hostnamectl hostname)" = "$HOSTNAME_FROM_SYSTEMD"
# Verify /proc/sys/kernel/hostname is not bind mounted from host read-only.
(! systemd-run --wait -p ProtectHostnameEx=private -p PrivateMounts=yes \
(! systemd-run --wait -p ProtectHostname=private -p PrivateMounts=yes \
findmnt --mountpoint /proc/sys/kernel/hostname)
}

2
test/units/TEST-07-PID1.transient-unit-container.sh
View File

@@ -157,7 +157,7 @@ testcase_transient_unit_container_file_write() {
-p RootDirectory="$CONTAINER_ROOT_FS" \
-p PrivatePIDs=yes \
-p PrivateUsersEx=full \
-p ProtectHostnameEx=private \
-p ProtectHostname=private \
-p ProtectControlGroupsEx=private \
-p PrivateMounts=yes \
-p PrivateNetwork=yes \

15
test/units/TEST-54-CREDS.sh
View File

@@ -334,7 +334,7 @@ systemd-run -p "ImportCredential=test.creds.*" \
test ! -e '${CREDENTIALS_DIRECTORY}/test.creds.hoge:invalid'
# Check if credentials with invalid names are not imported (with renaming).
systemd-run -p "ImportCredentialEx=test.creds.*:renamed.creds." \
systemd-run -p "ImportCredential=test.creds.*:renamed.creds." \
--unit=test-54-ImportCredential.service \
-p DynamicUser=1 \
--wait \
@@ -352,8 +352,8 @@ systemd-run -p "ImportCredential=test.creds.*" \
'${CREDENTIALS_DIRECTORY}/test.creds.third' >/tmp/ts54-concat
cmp /tmp/ts54-concat <(echo -n abc)
# Check that ImportCredentialEx= works without renaming.
systemd-run -p "ImportCredentialEx=test.creds.*" \
# Check that ImportCredential= works without renaming.
systemd-run -p "ImportCredential=test.creds.*" \
--unit=test-54-ImportCredential.service \
-p DynamicUser=1 \
--wait \
@@ -364,7 +364,7 @@ systemd-run -p "ImportCredentialEx=test.creds.*" \
cmp /tmp/ts54-concat <(echo -n abc)
# Check that renaming with globs works as expected.
systemd-run -p "ImportCredentialEx=test.creds.*:renamed.creds." \
systemd-run -p "ImportCredential=test.creds.*:renamed.creds." \
--unit=test-54-ImportCredential.service \
-p DynamicUser=1 \
--wait \
@@ -375,7 +375,7 @@ systemd-run -p "ImportCredentialEx=test.creds.*:renamed.creds." \
cmp /tmp/ts54-concat <(echo -n abc)
# Check that renaming without globs works as expected.
systemd-run -p "ImportCredentialEx=test.creds.first:renamed.creds.first" \
systemd-run -p "ImportCredential=test.creds.first:renamed.creds.first" \
--unit=test-54-ImportCredential.service \
-p DynamicUser=1 \
--wait \
@@ -384,8 +384,8 @@ systemd-run -p "ImportCredentialEx=test.creds.first:renamed.creds.first" \
cmp /tmp/ts54-concat <(echo -n a)
# Test that multiple renames are processed in the correct order.
systemd-run -p "ImportCredentialEx=test.creds.first:renamed.creds.first" \
-p "ImportCredentialEx=test.creds.second:renamed.creds.first" \
systemd-run -p "ImportCredential=test.creds.first:renamed.creds.first" \
-p "ImportCredential=test.creds.second:renamed.creds.first" \
--unit=test-54-ImportCredential.service \
-p DynamicUser=1 \
--wait \
@@ -394,6 +394,7 @@ systemd-run -p "ImportCredentialEx=test.creds.first:renamed.creds.first" \
cmp /tmp/ts54-concat <(echo -n a)
# Test that a credential can be imported multiple times with different names.
# We use the deprecated name ImportCredentialEx= on purpose to check that it works.
systemd-run -p "ImportCredentialEx=test.creds.first" \
-p "ImportCredentialEx=test.creds.first:renamed.creds.first" \
-p "ImportCredentialEx=test.creds.first:renamed.creds.second" \

11
test/units/TEST-65-ANALYZE.sh
View File

@@ -1105,6 +1105,17 @@ else
echo "have no tpm2"
fi
# Test "transient-settings" verb
# shellcheck disable=SC2046
systemd-analyze --no-pager transient-settings $(systemctl --no-legend --no-pager -t help)
systemd-analyze transient-settings service | grep NoNewPrivileges
systemd-analyze transient-settings mount | grep CPUQuotaPeriodSec
# make sure deprecated names are not printed
(! systemd-analyze transient-settings service | grep CPUAccounting )
(! systemd-analyze transient-settings service | grep ConditionKernelVersion )
(! systemd-analyze transient-settings service | grep AssertKernelVersion )
systemd-analyze log-level info
touch /testok