mirror of
https://github.com/systemd/systemd-stable.git
synced 2024-10-28 11:55:23 +03:00
Merge pull request #8607 from poettering/trivialities2
tiny, trivial, unrelated fixes
This commit is contained in:
commit
984b9c8cfe
10
TODO
10
TODO
@ -24,6 +24,16 @@ Janitorial Clean-ups:
|
|||||||
|
|
||||||
Features:
|
Features:
|
||||||
|
|
||||||
|
* nspawn's console TTY should be allocated from within the container, not
|
||||||
|
mounted in from the outside
|
||||||
|
|
||||||
|
* show invocation ID in systemd-run output
|
||||||
|
|
||||||
|
* bypass SIGTERM state in unit files if KillSignal is SIGKILL
|
||||||
|
|
||||||
|
* tree-wide: ensure we always block the signals we hook into with
|
||||||
|
sd_event_add_signal() first
|
||||||
|
|
||||||
* add proper dbus APIs for the various sd_notify() commands, such as MAINPID=1
|
* add proper dbus APIs for the various sd_notify() commands, such as MAINPID=1
|
||||||
and so on, which would mean we could report errors and such.
|
and so on, which would mean we could report errors and such.
|
||||||
|
|
||||||
|
@ -440,3 +440,13 @@
|
|||||||
string, always apply the C-style unescaping fist, followed by the specifier
|
string, always apply the C-style unescaping fist, followed by the specifier
|
||||||
expansion. When doing the reverse, make sure to escape '%' in specifier-style
|
expansion. When doing the reverse, make sure to escape '%' in specifier-style
|
||||||
first (i.e. '%' → '%%'), and then do C-style escaping where necessary.
|
first (i.e. '%' → '%%'), and then do C-style escaping where necessary.
|
||||||
|
|
||||||
|
- It's a good idea to use O_NONBLOCK when opening 'foreign' regular files, i.e
|
||||||
|
file system objects that are supposed to be regular files whose paths where
|
||||||
|
specified by the user and hence might actually refer to other types of file
|
||||||
|
system objects. This is a good idea so that we don't end up blocking on
|
||||||
|
'strange' file nodes, for example if the user pointed us to a FIFO or device
|
||||||
|
node which may block when opening. Moreover even for actual regular files
|
||||||
|
O_NONBLOCK has a benefit: it bypasses any mandatory lock that might be in
|
||||||
|
effect on the regular file. If in doubt consider turning off O_NONBLOCK again
|
||||||
|
after opening.
|
||||||
|
@ -301,7 +301,7 @@ systemd-reboot.service systemd-poweroff.service systemd-halt.service syste
|
|||||||
<para>Commonly used system shutdown targets are <emphasis>emphasized</emphasis>.</para>
|
<para>Commonly used system shutdown targets are <emphasis>emphasized</emphasis>.</para>
|
||||||
|
|
||||||
<para>Note that
|
<para>Note that
|
||||||
<citerefentry>system<refentrytitle>systemd-halt.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
|
<citerefentry><refentrytitle>systemd-halt.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
|
||||||
<filename>systemd-reboot.service</filename>, <filename>systemd-poweroff.service</filename> and
|
<filename>systemd-reboot.service</filename>, <filename>systemd-poweroff.service</filename> and
|
||||||
<filename>systemd-kexec.service</filename> will transition the system and server manager (PID 1) into the second
|
<filename>systemd-kexec.service</filename> will transition the system and server manager (PID 1) into the second
|
||||||
phase of system shutdown (implemented in the <filename>systemd-shutdown</filename> binary), which will unmount any
|
phase of system shutdown (implemented in the <filename>systemd-shutdown</filename> binary), which will unmount any
|
||||||
|
@ -181,11 +181,13 @@ void *xbsearch_r(const void *key, const void *base, size_t nmemb, size_t size,
|
|||||||
const void *p;
|
const void *p;
|
||||||
int comparison;
|
int comparison;
|
||||||
|
|
||||||
|
assert(!size_multiply_overflow(nmemb, size));
|
||||||
|
|
||||||
l = 0;
|
l = 0;
|
||||||
u = nmemb;
|
u = nmemb;
|
||||||
while (l < u) {
|
while (l < u) {
|
||||||
idx = (l + u) / 2;
|
idx = (l + u) / 2;
|
||||||
p = (const char *) base + idx * size;
|
p = (const uint8_t*) base + idx * size;
|
||||||
comparison = compar(key, p, arg);
|
comparison = compar(key, p, arg);
|
||||||
if (comparison < 0)
|
if (comparison < 0)
|
||||||
u = idx;
|
u = idx;
|
||||||
|
@ -397,19 +397,18 @@ static int relabel_cgroup_filesystems(void) {
|
|||||||
only when the filesystem has been already populated by a previous instance of systemd
|
only when the filesystem has been already populated by a previous instance of systemd
|
||||||
running from initrd. Otherwise don't remount anything and leave the filesystem read-write
|
running from initrd. Otherwise don't remount anything and leave the filesystem read-write
|
||||||
for the cgroup filesystems to be mounted inside. */
|
for the cgroup filesystems to be mounted inside. */
|
||||||
r = statfs("/sys/fs/cgroup", &st);
|
if (statfs("/sys/fs/cgroup", &st) < 0)
|
||||||
if (r < 0) {
|
|
||||||
return log_error_errno(errno, "Failed to determine mount flags for /sys/fs/cgroup: %m");
|
return log_error_errno(errno, "Failed to determine mount flags for /sys/fs/cgroup: %m");
|
||||||
}
|
|
||||||
|
|
||||||
if (st.f_flags & ST_RDONLY)
|
if (st.f_flags & ST_RDONLY)
|
||||||
(void) mount(NULL, "/sys/fs/cgroup", NULL, MS_REMOUNT, NULL);
|
(void) mount(NULL, "/sys/fs/cgroup", NULL, MS_REMOUNT, NULL);
|
||||||
|
|
||||||
(void) label_fix("/sys/fs/cgroup", 0);
|
(void) label_fix("/sys/fs/cgroup", 0);
|
||||||
nftw("/sys/fs/cgroup", nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL);
|
(void) nftw("/sys/fs/cgroup", nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL);
|
||||||
|
|
||||||
if (st.f_flags & ST_RDONLY)
|
if (st.f_flags & ST_RDONLY)
|
||||||
(void) mount(NULL, "/sys/fs/cgroup", NULL, MS_REMOUNT|MS_RDONLY, NULL);
|
(void) mount(NULL, "/sys/fs/cgroup", NULL, MS_REMOUNT|MS_RDONLY, NULL);
|
||||||
|
|
||||||
} else if (r < 0)
|
} else if (r < 0)
|
||||||
return log_error_errno(r, "Failed to determine whether we are in all unified mode: %m");
|
return log_error_errno(r, "Failed to determine whether we are in all unified mode: %m");
|
||||||
|
|
||||||
@ -435,9 +434,9 @@ int mount_setup(bool loaded_policy) {
|
|||||||
|
|
||||||
before_relabel = now(CLOCK_MONOTONIC);
|
before_relabel = now(CLOCK_MONOTONIC);
|
||||||
|
|
||||||
nftw("/dev", nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL);
|
(void) nftw("/dev", nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL);
|
||||||
nftw("/dev/shm", nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL);
|
(void) nftw("/dev/shm", nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL);
|
||||||
nftw("/run", nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL);
|
(void) nftw("/run", nftw_cb, 64, FTW_MOUNT|FTW_PHYS|FTW_ACTIONRETVAL);
|
||||||
|
|
||||||
r = relabel_cgroup_filesystems();
|
r = relabel_cgroup_filesystems();
|
||||||
if (r < 0)
|
if (r < 0)
|
||||||
|
@ -343,20 +343,15 @@ void server_process_native_file(
|
|||||||
sealed = memfd_get_sealed(fd) > 0;
|
sealed = memfd_get_sealed(fd) > 0;
|
||||||
|
|
||||||
if (!sealed && (!ucred || ucred->uid != 0)) {
|
if (!sealed && (!ucred || ucred->uid != 0)) {
|
||||||
_cleanup_free_ char *sl = NULL, *k = NULL;
|
_cleanup_free_ char *k = NULL;
|
||||||
const char *e;
|
const char *e;
|
||||||
|
|
||||||
/* If this is not a sealed memfd, and the peer is unknown or
|
/* If this is not a sealed memfd, and the peer is unknown or
|
||||||
* unprivileged, then verify the path. */
|
* unprivileged, then verify the path. */
|
||||||
|
|
||||||
if (asprintf(&sl, "/proc/self/fd/%i", fd) < 0) {
|
r = fd_get_path(fd, &k);
|
||||||
log_oom();
|
|
||||||
return;
|
|
||||||
}
|
|
||||||
|
|
||||||
r = readlink_malloc(sl, &k);
|
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
log_error_errno(r, "readlink(%s) failed: %m", sl);
|
log_error_errno(r, "readlink(/proc/self/fd/%i) failed: %m", fd);
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -284,5 +284,5 @@ int main(int argc, char *argv[]) {
|
|||||||
return r < 0 ? EXIT_FAILURE : r;
|
return r < 0 ? EXIT_FAILURE : r;
|
||||||
}
|
}
|
||||||
|
|
||||||
return 0;
|
return EXIT_SUCCESS;
|
||||||
}
|
}
|
||||||
|
@ -879,8 +879,7 @@ int image_path_lock(const char *path, int operation, LockFile *global, LockFile
|
|||||||
r = make_lock_file_for(path, operation, &t);
|
r = make_lock_file_for(path, operation, &t);
|
||||||
if (r < 0) {
|
if (r < 0) {
|
||||||
if ((operation & LOCK_SH) && r == -EROFS)
|
if ((operation & LOCK_SH) && r == -EROFS)
|
||||||
log_debug_errno(r, "Failed to create shared "
|
log_debug_errno(r, "Failed to create shared lock for '%s', ignoring: %m", path);
|
||||||
"lock for %s: %m", path);
|
|
||||||
else
|
else
|
||||||
return r;
|
return r;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user