IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
When we get notifications from the kernel, we always turn them into
synthetic dbus1 messages. This means, we do *not* consume the kdbus
message, and as such have to free the offset.
Right now, the translation-helpers told the caller that they consumed the
message, which is wrong. Fix this by explicitly releasing all kernel
messages that are translated.
Due to our _cleanup_ usage for the udev manager, it will be destroyed
after the "exit:" label has finished. Therefore, it is the last
destruction done in main(). This has two side-effects:
- mac_selinux is destroyed before the udev manager is, possible causing
use-after-free if the manager-cleanup accesses selinux data
- log_close() is called *before* the manager is destroyed, possibly
re-opening the log if you use --debug (and thus not re-applying the
--debug option)
Avoid this by moving the manager-handling into a new function called
run(). This function will be left before we enter the "exit:" label in
main(), hence, the manager object will be destroyed early.
Unlike dbus-daemon, the bus-proxy does not know the receiver of a
broadcast (as the kernel has exclusive access on the bus connections).
Hence, and "destination=" matches in dbus1 policies cannot be applied.
But kdbus does not place any restrictions on *SENDING* broadcasts, anyway.
The kernel never returns EPERM to KDBUS_CMD_SEND if KDBUS_MSG_SIGNAL is
set. Instead, receiver policies are checked. Hence, stop checking sender
policies for signals in bus-proxy and leave it up to the kernel.
This fixes some network-manager bus-proxy issues where NM uses weird
dst-based matches against interface-based matches. As we cannot perform
dst-based matches, our bus-proxy cannot properly implement this policy.
Right now, if you start a session via 'su' or 'sudo' from within a
session, we make sure to re-use the existing session instead of creating a
new one. We detect this by reading the session of the requesting PID.
However, with gnome-terminal running as a busname-unit, and as such
running outside the session of the user, this will no longer work.
Therefore, this patch makes sure to return the existing session of a VT if
you start a new one.
This has the side-effect, that you will re-use a session which your PID is
not part of. This works fine, but will break assumptions if the parent
session dies (and as such close your session even though you think you're
part of it). However, this should be perfectly fine. If you run multiple
logins on the same session, you should really know what you're doing. The
current way of silently accepting it but choosing the last registered
session is just weird.
bind() fails if it is called before setting SO_REUSEPORT and another
process is already binded to the same addess.
A new reuse_port option has been introduced to socket_address_listen()
to set the option as part of socket initialization.
Fix weird coding-style:
- proper white-space
- no if (func() >= 0) bail-outs
- fix braces
- avoid 'r' for anything but errno
- init _cleanup_ variables unconditionally, even if not needed
test_simple_escaped() sometimes fails with
AssertionError: Lists differ: ['foo\\x2b.service', 'foo-admin.service'] != ['foo-admin.service', 'foo\\x2b.service']
We don't need to assume any order here, so compare them as a set, not a list.
It is needed in one branch of the fork, but calculated in another
branch.
Failing to do this means using --private-users without specifying a uid
shift always fails because it tries to shift the uid to UID_INVALID.
When we do a MS_BIND mount, it inherits the flags of its parent mount.
When we do a remount, it sets the flags to exactly what is specified.
If we are in a user namespace then these mount points have their flags
locked, so you can't reduce the protection.
As a consequence, the default setup of mount_all doesn't work with user
namespaces. However if we ensure we add the mount flags of the parent
mount when remounting, then we aren't removing mount options, so we
aren't trying to unlock an option that we aren't allowed to.
The idea is that after adding a new man page, make update-man-list
will be used to regenerate part of the makefile. So the data already
present in the makefile cannot be used to do that.
Also, renames filter out generated xml files in make-man-rules.py
itself in order to make Makefile.am a bit simpler, and rename files
to dist_files to better reflect new meaning.
Push the extraction of the envp + argv as close as possible to their use, to avoid code
duplication. As a sideeffect fix logging when delaing execution.
If a link is attempted t obe enslaved by a netdev that has already failed, we
must fail immediately and not save the callback for later, as it will then
never get triggered.
This only happens when something has gone wrong, so is not easy to hit. However,
if a bridge (say) is configured on a system without bridge support we will hit
this.
Fixes issue #299.