diff --git a/man/machinectl.xml b/man/machinectl.xml
index 44a96e8cc4..c37fb88c38 100644
--- a/man/machinectl.xml
+++ b/man/machinectl.xml
@@ -143,13 +143,6 @@
-
-
-
- Do not query the user for authentication for
- privileged operations.
-
-
@@ -309,6 +302,7 @@
+
@@ -1035,6 +1029,7 @@
See Also
+ systemd1,
systemd-machined.service8,
systemd-nspawn1,
systemd.special7,
diff --git a/src/machine/machinectl.c b/src/machine/machinectl.c
index 1ed0f9e657..f79617ee06 100644
--- a/src/machine/machinectl.c
+++ b/src/machine/machinectl.c
@@ -2638,12 +2638,14 @@ static int set_limit(int argc, char *argv[], void *userdata) {
uint64_t limit;
int r;
+ polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
+
if (STR_IN_SET(argv[argc-1], "-", "none", "infinity"))
limit = (uint64_t) -1;
else {
r = parse_size(argv[argc-1], 1024, &limit);
if (r < 0)
- return log_error("Failed to parse size: %s", argv[argc-1]);
+ return log_error_errno(r, "Failed to parse size: %s", argv[argc-1]);
}
if (argc > 2)
@@ -2670,10 +2672,8 @@ static int set_limit(int argc, char *argv[], void *userdata) {
NULL,
"t", limit);
- if (r < 0) {
- log_error("Could not set limit: %s", bus_error_message(&error, -r));
- return r;
- }
+ if (r < 0)
+ return log_error_errno(r, "Could not set limit: %s", bus_error_message(&error, r));
return 0;
}
@@ -2688,6 +2688,8 @@ static int clean_images(int argc, char *argv[], void *userdata) {
unsigned c = 0;
int r;
+ polkit_agent_open_if_enabled(arg_transport, arg_ask_password);
+
r = sd_bus_message_new_method_call(
bus,
&m,
@@ -3139,7 +3141,7 @@ int main(int argc, char*argv[]) {
goto finish;
}
- sd_bus_set_allow_interactive_authorization(bus, arg_ask_password);
+ (void) sd_bus_set_allow_interactive_authorization(bus, arg_ask_password);
r = machinectl_main(argc, argv, bus);
diff --git a/src/machine/machined.c b/src/machine/machined.c
index 8fb6db7746..3577c809a4 100644
--- a/src/machine/machined.c
+++ b/src/machine/machined.c
@@ -26,35 +26,45 @@
#include "signal-util.h"
#include "special.h"
-Manager *manager_new(void) {
- Manager *m;
+static Manager* manager_unref(Manager *m);
+DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_unref);
+
+static int manager_new(Manager **ret) {
+ _cleanup_(manager_unrefp) Manager *m = NULL;
int r;
+ assert(ret);
+
m = new0(Manager, 1);
if (!m)
- return NULL;
+ return -ENOMEM;
m->machines = hashmap_new(&string_hash_ops);
m->machine_units = hashmap_new(&string_hash_ops);
m->machine_leaders = hashmap_new(NULL);
- if (!m->machines || !m->machine_units || !m->machine_leaders) {
- manager_free(m);
- return NULL;
- }
+ if (!m->machines || !m->machine_units || !m->machine_leaders)
+ return -ENOMEM;
r = sd_event_default(&m->event);
- if (r < 0) {
- manager_free(m);
- return NULL;
- }
+ if (r < 0)
+ return r;
- sd_event_set_watchdog(m->event, true);
+ r = sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL);
+ if (r < 0)
+ return r;
- return m;
+ r = sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL);
+ if (r < 0)
+ return r;
+
+ (void) sd_event_set_watchdog(m->event, true);
+
+ *ret = TAKE_PTR(m);
+ return 0;
}
-void manager_free(Manager *m) {
+static Manager* manager_unref(Manager *m) {
Machine *machine;
assert(m);
@@ -80,7 +90,7 @@ void manager_free(Manager *m) {
sd_bus_unref(m->bus);
sd_event_unref(m->event);
- free(m);
+ return mfree(m);
}
static int manager_add_host_machine(Manager *m) {
@@ -121,7 +131,7 @@ static int manager_add_host_machine(Manager *m) {
return 0;
}
-int manager_enumerate_machines(Manager *m) {
+static int manager_enumerate_machines(Manager *m) {
_cleanup_closedir_ DIR *d = NULL;
struct dirent *de;
int r = 0;
@@ -268,7 +278,7 @@ static int manager_connect_bus(Manager *m) {
return 0;
}
-void manager_gc(Manager *m, bool drop_not_started) {
+static void manager_gc(Manager *m, bool drop_not_started) {
Machine *machine;
assert(m);
@@ -292,7 +302,7 @@ void manager_gc(Manager *m, bool drop_not_started) {
}
}
-int manager_startup(Manager *m) {
+static int manager_startup(Manager *m) {
Machine *machine;
Iterator i;
int r;
@@ -328,7 +338,7 @@ static bool check_idle(void *userdata) {
return hashmap_isempty(m->machines);
}
-int manager_run(Manager *m) {
+static int manager_run(Manager *m) {
assert(m);
return bus_event_loop_with_idle(
@@ -340,7 +350,7 @@ int manager_run(Manager *m) {
}
int main(int argc, char *argv[]) {
- Manager *m = NULL;
+ _cleanup_(manager_unrefp) Manager *m = NULL;
int r;
log_set_target(LOG_TARGET_AUTO);
@@ -356,18 +366,16 @@ int main(int argc, char *argv[]) {
goto finish;
}
- /* Always create the directories people can create inotify
- * watches in. Note that some applications might check for the
- * existence of /run/systemd/machines/ to determine whether
- * machined is available, so please always make sure this
- * check stays in. */
- mkdir_label("/run/systemd/machines", 0755);
+ /* Always create the directories people can create inotify watches in. Note that some applications might check
+ * for the existence of /run/systemd/machines/ to determine whether machined is available, so please always
+ * make sure this check stays in. */
+ (void) mkdir_label("/run/systemd/machines", 0755);
- assert_se(sigprocmask_many(SIG_BLOCK, NULL, SIGCHLD, -1) >= 0);
+ assert_se(sigprocmask_many(SIG_BLOCK, NULL, SIGCHLD, SIGTERM, SIGINT, -1) >= 0);
- m = manager_new();
- if (!m) {
- r = log_oom();
+ r = manager_new(&m);
+ if (r < 0) {
+ log_error_errno(r, "Failed to allocate manager object: %m");
goto finish;
}
@@ -388,7 +396,5 @@ int main(int argc, char *argv[]) {
log_debug("systemd-machined stopped as pid "PID_FMT, getpid_cached());
finish:
- manager_free(m);
-
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}
diff --git a/src/machine/machined.h b/src/machine/machined.h
index 2e6fe4c187..2f204f0549 100644
--- a/src/machine/machined.h
+++ b/src/machine/machined.h
@@ -43,17 +43,7 @@ struct Manager {
unsigned n_operations;
};
-Manager *manager_new(void);
-void manager_free(Manager *m);
-
int manager_add_machine(Manager *m, const char *name, Machine **_machine);
-int manager_enumerate_machines(Manager *m);
-
-int manager_startup(Manager *m);
-int manager_run(Manager *m);
-
-void manager_gc(Manager *m, bool drop_not_started);
-
int manager_get_machine_by_pid(Manager *m, pid_t pid, Machine **machine);
extern const sd_bus_vtable manager_vtable[];
diff --git a/src/shared/spawn-polkit-agent.h b/src/shared/spawn-polkit-agent.h
index ea72c1281c..c4316ea473 100644
--- a/src/shared/spawn-polkit-agent.h
+++ b/src/shared/spawn-polkit-agent.h
@@ -12,17 +12,17 @@
int polkit_agent_open(void);
void polkit_agent_close(void);
-static inline void polkit_agent_open_if_enabled(
+static inline int polkit_agent_open_if_enabled(
BusTransport transport,
bool ask_password) {
/* Open the polkit agent as a child process if necessary */
if (transport != BUS_TRANSPORT_LOCAL)
- return;
+ return 0;
if (!ask_password)
- return;
+ return 0;
- polkit_agent_open();
+ return polkit_agent_open();
}
diff --git a/tmpfiles.d/meson.build b/tmpfiles.d/meson.build
index 9768f3a94e..a7a7d0a1d7 100644
--- a/tmpfiles.d/meson.build
+++ b/tmpfiles.d/meson.build
@@ -7,7 +7,7 @@ enable_tmpfiles = conf.get('ENABLE_TMPFILES') == 1
tmpfiles = [['home.conf', ''],
['journal-nocow.conf', ''],
['systemd-nologin.conf', ''],
- ['systemd-nspawn.conf', ''],
+ ['systemd-nspawn.conf', 'ENABLE_MACHINED'],
['tmp.conf', ''],
['x11.conf', ''],
['legacy.conf', 'HAVE_SYSV_COMPAT'],