1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2025-01-22 22:03:43 +03:00

17517 Commits

Author SHA1 Message Date
Lennart Poettering
66cedb3078 selinux: simplify and unify logging
Normally we shouldn#t log from "library" functions, but SELinux is
weird, hence upgrade security messages uniformly to LOG_ERR when in
enforcing mode.
2014-10-23 21:36:56 +02:00
Lennart Poettering
7f416dae9b selinux: rework label query APIs
APIs that query and return something cannot silently fail, they must
either return something useful, or an error. Fix that.

Also, properly rollback socket unit fd creation when something goes
wrong with the security framework.
2014-10-23 21:36:56 +02:00
Lennart Poettering
376a298096 smack: we don't need the special labels exported, hence don't 2014-10-23 21:36:56 +02:00
Lennart Poettering
2962142175 selinux: drop 3 unused function prototypes 2014-10-23 21:36:56 +02:00
Lennart Poettering
5dfc54615a smack: rework SMACK label fixing code to follow more closely the semantics of the matching selinux code 2014-10-23 21:36:56 +02:00
Lennart Poettering
d1ce2089b4 smack: never follow symlinks when relabelling
previously mac_smack_apply(path, NULL) would operate on the symlink
itself while mac_smack_apply(path, "foo") would follow the symlink.
Let's clean this up an always operate on the symlink, which appears to
be the safer option.
2014-10-23 21:36:56 +02:00
Lennart Poettering
d53e386db6 smack: rework smack APIs a bit
a) always return negative errno error codes
b) always become a noop if smack is off
c) always take a NULL label as a request to remove it
2014-10-23 21:36:56 +02:00
Lennart Poettering
c80d766c80 mac: rename all calls that apply a label mac_{selinux|smack}_apply_xyz(), and all that reset it to defaults mac_{selinux|smack}_fix()
Let's clean up the naming schemes a bit and use the same one for SMACK
and for SELINUX.
2014-10-23 21:36:56 +02:00
Lennart Poettering
1ec220bcda selinux: make use of cleanup gcc magic 2014-10-23 21:36:56 +02:00
Tom Gundersen
157a180e4f TODO 2014-10-23 20:22:06 +02:00
Daniel Mack
af951ff5e9 man: pam_systemd: some typos fixed, some info added
Just some minor nits that I stumbled over when reading the man page.
2014-10-23 19:18:54 +02:00
Michal Schmidt
7c0b05e58b unit: adjust for the possibility of set_move() failing 2014-10-23 17:38:02 +02:00
Michal Schmidt
7ad63f57b6 hashmap: allow hashmap_move() to fail
It cannot fail in the current hashmap implementation, but it may fail in
alternative implementations (unless a sufficiently large reservation has
been placed beforehand).
2014-10-23 17:38:02 +02:00
Michal Schmidt
09a65f9299 unit: place reservations before merging other's dependencies
With the hashmap implementation that uses chaining the reservations
merely ensure that the merging won't result in long bucket chains.

With a future alternative implementation it will additionally reserve
memory to make sure the merging won't fail.
2014-10-23 17:38:02 +02:00
Michal Schmidt
2d5c93c7af install, cgtop: adjust hashmap_move_one() callers for -ENOMEM possibility
That hashmap_move_one() currently cannot fail with -ENOMEM is an
implementation detail, which is not possible to guarantee in general.
Hashmap implementations based on anything else than chaining of
individual entries may have to allocate.

hashmap_move_one will not fail with -ENOMEM if a proper reservation has
been made beforehand. Use reservations in install.c.

In cgtop.c simply propagate the error instead of asserting.
2014-10-23 17:38:02 +02:00
Michal Schmidt
8f88aed740 test: add test for hashmap_reserve() 2014-10-23 17:38:02 +02:00
Michal Schmidt
e4c691b59d hashmap: introduce hashmap_reserve()
With the current hashmap implementation that uses chaining, placing a
reservation can serve two purposes:
 - To optimize putting of entries if the number of entries to put is
   known. The reservation allocates buckets, so later resizing can be
   avoided.
 - To avoid having very long bucket chains after using
   hashmap_move(_one).

In an alternative hashmap implementation it will serve an additional
purpose:
 - To guarantee a subsequent hashmap_move(_one) will not fail with
   -ENOMEM (this never happens in the current implementation).
2014-10-23 17:38:02 +02:00
Michal Schmidt
9700d6980f hashmap: return more information from resize_buckets()
Return 0 if no resize was needed, 1 if successfully resized and
negative on error.
2014-10-23 17:38:02 +02:00
Michal Schmidt
b3dcf58e28 shared: split mempool implementation from hashmaps 2014-10-23 17:38:02 +02:00
Michal Schmidt
1e43061b67 resolve: make DnsScope::conflict_queue an OrderedHashmap
on_conflict_dispatch() uses hashmap_steal_first() and then does
something non-trivial with it. It may care about the order.
2014-10-23 17:38:02 +02:00
Michal Schmidt
c9fe4af70d sd-bus: make sd_bus::reply_callbacks a OrderedHashmap
The way process_closing() picks the first entry from reply_callbacks
and works with it makes it likely that it cares about the order.
2014-10-23 17:38:02 +02:00
Michal Schmidt
c1f906bd91 journal: make sd_journal::files a OrderedHashmap
Anything that uses hashmap_next() almost certainly cares about the order
and needs to be an OrderedHashmap.
2014-10-23 17:38:02 +02:00
Michal Schmidt
43cf8388ea journal: make Server::user_journals an OrderedHashmap
Order matters here. It replaces oldest entries first when
USER_JOURNALS_MAX is reached.
2014-10-23 17:38:02 +02:00
Michal Schmidt
4743015db6 journal: make JournalFile::chain_cache an OrderedHashmap
The order of entries may matter here. Oldest entries are evicted first
when the cache is full.

(Though I don't see anything to rejuvenate entries on cache hits.)
2014-10-23 17:38:02 +02:00
Michal Schmidt
9f03ee51a2 install: make InstallContext::{will_install,have_installed} OrderedHashmaps
It appears order may matter here. Use OrderedHashmaps to be safe.
2014-10-23 17:38:02 +02:00
Michal Schmidt
dd0124f6cb hashmap: drop assert(h) from hashmap_next()
It's handled just fine by returning NULL.
2014-10-23 17:38:02 +02:00
Michal Schmidt
bf3d3e2bb7 hashmap: hashmap_move_one() should return -ENOENT when 'other' is NULL
-ENOENT is the same return value as if 'other' were an allocated hashmap
that does not contain the key. A NULL hashmap is a possible way of
expressing a hashmap that contains no key.
2014-10-23 17:38:02 +02:00
Michal Schmidt
9ba81d5a61 test: add and improve hashmap tests
Test more corner cases and error states in several tests.

Add new tests for:
  hashmap_move
  hashmap_remove
  hashmap_remove2
  hashmap_remove_value
  hashmap_remove_and_replace
  hashmap_get2
  hashmap_first

In test_hashmap_many additionally test with an intentionally bad hash
function.
2014-10-23 17:38:02 +02:00
Michal Schmidt
32a4456cc2 test: generate tests for OrderedHashmap from Hashmap tests
test-hashmap-ordered.c is generated from test-hashmap-plain.c simply by
substituting "ordered_hashmap" for "hashmap" etc.

In the cases where tests rely on the order of entries, a distinction
between plain and ordered hashmaps is made using the ORDERED macro,
which is defined only for test-hashmap-ordered.c.
2014-10-23 17:38:02 +02:00
Michal Schmidt
5ba43716f3 hashmap: add OrderedHashmap as a distinct type
Few Hashmaps/Sets need to remember the insertion order. Most don't care
about the order when iterating. It would be possible to use more compact
hashmap storage in the latter cases.

Add OrderedHashmap as a distinct type from Hashmap, with functions
prefixed with "ordered_". For now, the functions are nothing more than
inline wrappers for plain Hashmap functions.
2014-10-23 17:38:02 +02:00
Lennart Poettering
6baa7db008 mac: also rename use_{smack,selinux,apparmor}() calls so that they share the new mac_{smack,selinux,apparmor}_xyz() convention 2014-10-23 17:34:30 +02:00
WaLyong Cho
cc56fafeeb mac: rename apis with mac_{selinux/smack}_ prefix 2014-10-23 17:13:15 +02:00
WaLyong Cho
66b6d9d5b5 label: rearrange mandatory access control(MAC) apis
move label apis to selinux-util.ch or smack-util.ch appropriately.
2014-10-23 17:10:05 +02:00
Zbigniew Jędrzejewski-Szmek
99a1ab10b0 man: add example how to generate certificates with openssl 2014-10-23 00:43:49 -04:00
Zbigniew Jędrzejewski-Szmek
36d4739a68 journal-upload: return proper exit code
Even when termninated normally, systemd-journal-upload would return
something positive which would be interpreted as failure.
2014-10-23 00:31:56 -04:00
Zbigniew Jędrzejewski-Szmek
cb41ff2922 shared/log: add log_trace as compile-time optional debugging
Repetetive messages can be annoying when running with
SYSTEMD_LOG_LEVEL=debug, but they are sometimes very useful
when debugging problems. Add log_trace which is like log_debug
but becomes a noop unless LOG_TRACE is defined during compilation.
This makes it easy to enable very verbose logging for a subset
of programs when compiling from source.
2014-10-23 00:27:57 -04:00
Zbigniew Jędrzejewski-Szmek
8847551bcb journal-upload: fix --trust=all option 2014-10-23 00:27:55 -04:00
Zbigniew Jędrzejewski-Szmek
30776485c5 journal-upload: avoid calling printf with maximum precision
Precision of INT_MAX does not work as I expected it to.

https://bugzilla.redhat.com/show_bug.cgi?id=1154334
2014-10-23 00:27:25 -04:00
Zbigniew Jędrzejewski-Szmek
d71839afd8 journal-upload: verify state file can be saved before uploading
Do our best verify that we can actually write the state file
before upload commences to avoid duplicate messages on the server.
2014-10-23 00:27:23 -04:00
Zbigniew Jędrzejewski-Szmek
cb6518345f socket-util: use IP address when hostname is not found
socknameinfo_pretty() would fail for addresses without reverse DNS,
but we do not want that to happen.
2014-10-23 00:26:35 -04:00
Zbigniew Jędrzejewski-Szmek
a7736b14de journal-remote: add --split-mode to help 2014-10-23 00:26:33 -04:00
Zbigniew Jędrzejewski-Szmek
9ce998b937 journal-remote: better error message on failure
Return a proper code instead of simply NULL for failure.
2014-10-23 00:18:47 -04:00
Zbigniew Jędrzejewski-Szmek
50a0b07175 journal-upload: do not require port to be set 2014-10-23 00:18:42 -04:00
Zbigniew Jędrzejewski-Szmek
1af719edc5 systemd-upload: print paths in help() 2014-10-23 00:18:15 -04:00
Zbigniew Jędrzejewski-Szmek
43300d9d38 journal-remote: give names to event sources
This possibility was recently added, and it makes debugging much nicer.
2014-10-23 00:18:13 -04:00
Zbigniew Jędrzejewski-Szmek
42b6bf75e4 journal-upload: fix socket activation 2014-10-23 00:18:10 -04:00
Zbigniew Jędrzejewski-Szmek
a9becdd65b sd-daemon,man: ignore missing $WATCHDOG_PID
Systemd 209 started setting $WATCHDOG_PID, and sd-daemon watch was
modified to check for this variable. This means that
sd_watchdog_enabled() stopped working with previous versions of
systemd. But sd-event is a public library and API and we must keep it
working even when a program compiled with a newer version of the
libary is used on a system running an older version of the manager.

getenv() and unsetenv() are fairly expensive calls, so optimize
sd_watchdog_enabled() by not calling them when unnecessary.

man: centralize the description of $WATCHDOG_PID and $WATCHDOG_USEC in
the sd_watchdog_enabled manpage. It is better not to repeat the same
stuff in two places.
2014-10-23 00:17:18 -04:00
Zbigniew Jędrzejewski-Szmek
203af57fcd man: make udev.event-timeout more visible
Evidently some people had trouble finding it in the documentation.
2014-10-23 00:12:50 -04:00
Lennart Poettering
b825ab1a99 units: run firstboot before sysusers, so that firstboot can initialize the root password 2014-10-23 01:24:59 +02:00
Lennart Poettering
758c4d7a39 update TODO 2014-10-23 01:09:38 +02:00