This adds minimal hardware watchdog support to PID 1. The idea is that
PID 1 supervises and watchdogs system services, while the hardware
watchdog is used to supervise PID 1.
This adds two hardware watchdog configuration options, for the runtime
watchdog and for a shutdown watchdog. The former is active during normal
operation, the latter only at reboots to ensure that if a clean reboot
times out we reboot nonetheless.
If the runtime watchdog is enabled PID 1 will automatically wake up at
half the configured interval and write to the watchdog daemon.
By default we enable the shutdown watchdog, but leave the runtime
watchdog disabled in order not to break independent hardware watchdog
daemons people might be using.
This is only the most basic hookup. If necessary we can later on hook
up the watchdog ping more closely with services deemed crucial.
It is easier to see what job_type_merge() is doing when the merging
rules are written in the form of a table.
job_type_is_superset() contained redundant information. It can be
simplified to a simple rule: Type A is a superset of B iff merging A
with B gives A.
Two job types are conflicting iff they are not mergeable.
Make job_type_lookup_merge() the core function to decide the type
merging. All other job_type_*() are just short wrappers around it.
They can be inline.
test-job-type gives the same results as before.
btw, the systemd binary is smaller by almost 1 KB.
Especially in the case of --enable-split-usr, several units will point
to the wrong location for systemctl. Use @SYSTEMCTL@ which will always
contain the proper path.
Many programming languages don't allow variable names beginning in dots,
hence let's use double underscores for the location fields instead. This
gets us the simple rule:
__ is the prefix for location fields (i.e. fields that are used to
identify entries, rather than part of the entries)
_ is the prefix for trusted fields (i.e. those fields journald itself
adds to all entries)
no prefix for unrusted fields (i.e. all fields normal client code sends
us)
This reverts commit 9586cdfab6.
(but not the TODO hunk).
The bug was already fixed by 1a710b43. And if other errors occur, we
don't want to leave the socket active in order to avoid having socket
tarpits.
This logic can be turned off by defining SD_JOURNAL_SUPPRESS_LOCATION
before including sd-journal.h.
This also saves/restores errno in all logging functions, in order to be
useful as logging calls without side-effects.
This also adds a couple of __unlikely__ around the early checks in the
logging calls, in order to minimize the runtime impact.