Revert "meson: allow WatchdogSec= in services to be configured"revert-13843-watchdog

This reverts commit 21d0dd5a89fe0ef259ca51ebea9f39dd79a341c2.
author: Evgeny Vereshchagin <evvers@ya.ru> 2019-10-25 23:22:08 +0300
committer: GitHub <noreply@github.com> 2019-10-25 23:22:08 +0300
commit: d65dd4597578788ec4a5ec45fcdea537f87aa588 (patch)
tree: ea2e335a4330b93c25a35075ebe82edaf72a3242
parent: 21d0dd5a89fe0ef259ca51ebea9f39dd79a341c2 (diff)
download: systemd-revert-13843-watchdog.tar.gz
17 files changed, 16 insertions, 23 deletions
diff --git a/meson.build b/meson.build
index dc1fde60ee..1e27be7837 100644
--- a/meson.build
+++ b/meson.build
@@ -795,10 +795,6 @@ conf.set_quoted('SYSTEMD_DEFAULT_LOCALE', default_locale)
 
 conf.set_quoted('GETTEXT_PACKAGE', meson.project_name())
 
-service_watchdog = get_option('service-watchdog')
-substs.set('SERVICE_WATCHDOG',
-           service_watchdog == '' ? '' : 'WatchdogSec=' + service_watchdog)
-
 substs.set('SUSHELL', get_option('debug-shell'))
 substs.set('DEBUGTTY', get_option('debug-tty'))
 conf.set_quoted('DEBUGTTY', get_option('debug-tty'))
@@ -3117,8 +3113,7 @@ status = [
         'default cgroup hierarchy:          @0@'.format(default_hierarchy),
         'default net.naming-scheme setting: @0@'.format(default_net_naming_scheme),
         'default KillUserProcesses setting: @0@'.format(kill_user_processes),
-        'default locale:                    @0@'.format(default_locale),
-        'systemd service watchdog:          @0@'.format(service_watchdog == '' ? 'disabled' : service_watchdog)]
+        'default locale:                    @0@'.format(default_locale)]
 
 alt_dns_servers = '\n                                            '.join(dns_servers.split(' '))
 alt_ntp_servers = '\n                                            '.join(ntp_servers.split(' '))
diff --git a/meson_options.txt b/meson_options.txt
index 0919577fd7..5dc898eb80 100644
--- a/meson_options.txt
+++ b/meson_options.txt
@@ -207,8 +207,6 @@ option('gshadow', type : 'boolean',
        description : 'support for shadow group')
 option('default-locale', type : 'string', value : '',
        description : 'default locale used when /etc/locale.conf does not exist')
-option('service-watchdog', type : 'string', value : '3min',
-       description : 'default watchdog setting for systemd services')
 
 option('default-dnssec', type : 'combo',
        description : 'default DNSSEC mode',
diff --git a/units/systemd-hostnamed.service.in b/units/systemd-hostnamed.service.in
index 1fbbafdd6f..b4f606cf78 100644
--- a/units/systemd-hostnamed.service.in
+++ b/units/systemd-hostnamed.service.in
@@ -36,4 +36,4 @@ RestrictSUIDSGID=yes
 SystemCallArchitectures=native
 SystemCallErrorNumber=EPERM
 SystemCallFilter=@system-service sethostname
-@SERVICE_WATCHDOG@
+WatchdogSec=3min
diff --git a/units/systemd-importd.service.in b/units/systemd-importd.service.in
index 1a6fae4b69..38b7d7e94b 100644
--- a/units/systemd-importd.service.in
+++ b/units/systemd-importd.service.in
@@ -15,6 +15,7 @@ Documentation=https://www.freedesktop.org/wiki/Software/systemd/importd
 [Service]
 ExecStart=@rootlibexecdir@/systemd-importd
 BusName=org.freedesktop.import1
+WatchdogSec=3min
 KillMode=mixed
 CapabilityBoundingSet=CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD CAP_SETFCAP CAP_SYS_ADMIN CAP_SETPCAP CAP_DAC_OVERRIDE
 NoNewPrivileges=yes
@@ -27,4 +28,3 @@ SystemCallFilter=@system-service @mount
 SystemCallErrorNumber=EPERM
 SystemCallArchitectures=native
 LockPersonality=yes
-@SERVICE_WATCHDOG@
diff --git a/units/systemd-journal-remote.service.in b/units/systemd-journal-remote.service.in
index 7f5238802f..dd6322e62c 100644
--- a/units/systemd-journal-remote.service.in
+++ b/units/systemd-journal-remote.service.in
@@ -33,7 +33,7 @@ RestrictRealtime=yes
 RestrictSUIDSGID=yes
 SystemCallArchitectures=native
 User=systemd-journal-remote
-@SERVICE_WATCHDOG@
+WatchdogSec=3min
 
 # If there are many split up journal files we need a lot of fds to access them
 # all in parallel.
diff --git a/units/systemd-journal-upload.service.in b/units/systemd-journal-upload.service.in
index 33ef3b8dca..e3800473ec 100644
--- a/units/systemd-journal-upload.service.in
+++ b/units/systemd-journal-upload.service.in
@@ -31,7 +31,7 @@ StateDirectory=systemd/journal-upload
 SupplementaryGroups=systemd-journal
 SystemCallArchitectures=native
 User=systemd-journal-upload
-@SERVICE_WATCHDOG@
+WatchdogSec=3min
 
 # If there are many split up journal files we need a lot of fds to access them
 # all in parallel.
diff --git a/units/systemd-journald.service.in b/units/systemd-journald.service.in
index 303d5a4826..089bc38f59 100644
--- a/units/systemd-journald.service.in
+++ b/units/systemd-journald.service.in
@@ -37,7 +37,7 @@ SystemCallArchitectures=native
 SystemCallErrorNumber=EPERM
 SystemCallFilter=@system-service
 Type=notify
-@SERVICE_WATCHDOG@
+WatchdogSec=3min
 
 # If there are many split up journal files we need a lot of fds to access them
 # all in parallel.
diff --git a/units/systemd-localed.service.in b/units/systemd-localed.service.in
index f9a81fa8dd..7bca34409a 100644
--- a/units/systemd-localed.service.in
+++ b/units/systemd-localed.service.in
@@ -37,4 +37,4 @@ RestrictSUIDSGID=yes
 SystemCallArchitectures=native
 SystemCallErrorNumber=EPERM
 SystemCallFilter=@system-service
-@SERVICE_WATCHDOG@
+WatchdogSec=3min
diff --git a/units/systemd-logind.service.in b/units/systemd-logind.service.in
index ef802a4e6f..c6f5b81c1d 100644
--- a/units/systemd-logind.service.in
+++ b/units/systemd-logind.service.in
@@ -55,7 +55,7 @@ StateDirectory=systemd/linger
 SystemCallArchitectures=native
 SystemCallErrorNumber=EPERM
 SystemCallFilter=@system-service
-@SERVICE_WATCHDOG@
+WatchdogSec=3min
 
 # Increase the default a bit in order to allow many simultaneous logins since
 # we keep one fd open per session.
diff --git a/units/systemd-machined.service.in b/units/systemd-machined.service.in
index 3db0281f81..d6deefea08 100644
--- a/units/systemd-machined.service.in
+++ b/units/systemd-machined.service.in
@@ -29,7 +29,7 @@ RestrictRealtime=yes
 SystemCallArchitectures=native
 SystemCallErrorNumber=EPERM
 SystemCallFilter=@system-service @mount
-@SERVICE_WATCHDOG@
+WatchdogSec=3min
 
 # Note that machined cannot be placed in a mount namespace, since it
 # needs access to the host's mount namespace in order to implement the
diff --git a/units/systemd-networkd.service.in b/units/systemd-networkd.service.in
index ed985f64fa..5c6275e5b3 100644
--- a/units/systemd-networkd.service.in
+++ b/units/systemd-networkd.service.in
@@ -44,7 +44,7 @@ SystemCallFilter=@system-service
 Type=notify
 RestartKillSignal=SIGUSR2
 User=systemd-network
-@SERVICE_WATCHDOG@
+WatchdogSec=3min
 
 [Install]
 WantedBy=multi-user.target
diff --git a/units/systemd-nspawn@.service.in b/units/systemd-nspawn@.service.in
index 669fea3c12..2473a730b4 100644
--- a/units/systemd-nspawn@.service.in
+++ b/units/systemd-nspawn@.service.in
@@ -23,10 +23,10 @@ KillMode=mixed
 Type=notify
 RestartForceExitStatus=133
 SuccessExitStatus=133
+WatchdogSec=3min
 Slice=machine.slice
 Delegate=yes
 TasksMax=16384
-@SERVICE_WATCHDOG@
 
 # Enforce a strict device policy, similar to the one nspawn configures when it
 # allocates its own scope unit. Make sure to keep these policies in sync if you
diff --git a/units/systemd-portabled.service.in b/units/systemd-portabled.service.in
index fb79f454fd..c88d3597b7 100644
--- a/units/systemd-portabled.service.in
+++ b/units/systemd-portabled.service.in
@@ -15,6 +15,7 @@ RequiresMountsFor=/var/lib/portables
 [Service]
 ExecStart=@rootlibexecdir@/systemd-portabled
 BusName=org.freedesktop.portable1
+WatchdogSec=3min
 CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD
 MemoryDenyWriteExecute=yes
 ProtectHostname=yes
@@ -25,4 +26,3 @@ SystemCallErrorNumber=EPERM
 SystemCallArchitectures=native
 LockPersonality=yes
 IPAddressDeny=any
-@SERVICE_WATCHDOG@
diff --git a/units/systemd-resolved.service.in b/units/systemd-resolved.service.in
index 22cb202363..eee5d5ea8f 100644
--- a/units/systemd-resolved.service.in
+++ b/units/systemd-resolved.service.in
@@ -46,7 +46,7 @@ SystemCallErrorNumber=EPERM
 SystemCallFilter=@system-service
 Type=notify
 User=systemd-resolve
-@SERVICE_WATCHDOG@
+WatchdogSec=3min
 
 [Install]
 WantedBy=multi-user.target
diff --git a/units/systemd-timedated.service.in b/units/systemd-timedated.service.in
index 819cb4dba2..d430ee2017 100644
--- a/units/systemd-timedated.service.in
+++ b/units/systemd-timedated.service.in
@@ -36,4 +36,4 @@ RestrictSUIDSGID=yes
 SystemCallArchitectures=native
 SystemCallErrorNumber=EPERM
 SystemCallFilter=@system-service @clock
-@SERVICE_WATCHDOG@
+WatchdogSec=3min
diff --git a/units/systemd-timesyncd.service.in b/units/systemd-timesyncd.service.in
index 1a866fcc7a..2d8d14f6de 100644
--- a/units/systemd-timesyncd.service.in
+++ b/units/systemd-timesyncd.service.in
@@ -46,7 +46,7 @@ SystemCallErrorNumber=EPERM
 SystemCallFilter=@system-service @clock
 Type=notify
 User=systemd-timesync
-@SERVICE_WATCHDOG@
+WatchdogSec=3min
 
 [Install]
 WantedBy=sysinit.target
diff --git a/units/systemd-udevd.service.in b/units/systemd-udevd.service.in
index 8b1dd0efc7..c257af0efa 100644
--- a/units/systemd-udevd.service.in
+++ b/units/systemd-udevd.service.in
@@ -25,6 +25,7 @@ RestartSec=0
 ExecStart=@rootlibexecdir@/systemd-udevd
 ExecReload=@rootbindir@/udevadm control --reload --timeout 0
 KillMode=mixed
+WatchdogSec=3min
 TasksMax=infinity
 PrivateMounts=yes
 ProtectHostname=yes
@@ -37,4 +38,3 @@ SystemCallErrorNumber=EPERM
 SystemCallArchitectures=native
 LockPersonality=yes
 IPAddressDeny=any
-@SERVICE_WATCHDOG@
author	Evgeny Vereshchagin <evvers@ya.ru>	2019-10-25 23:22:08 +0300
committer	GitHub <noreply@github.com>	2019-10-25 23:22:08 +0300
commit	d65dd4597578788ec4a5ec45fcdea537f87aa588 (patch)
tree	ea2e335a4330b93c25a35075ebe82edaf72a3242
parent	21d0dd5a89fe0ef259ca51ebea9f39dd79a341c2 (diff)
download	systemd-revert-13843-watchdog.tar.gz