1
1
mirror of https://github.com/systemd/systemd-stable.git synced 2024-12-24 21:34:08 +03:00
Commit Graph

29728 Commits

Author SHA1 Message Date
Lennart Poettering
701afcbf12 Merge pull request #6659 from yuwata/econnrefused
networkd: do not fail manager_connect_bus() if dbus is not active yet
2017-08-30 12:17:53 +02:00
Jon Ringle
e4f05508ad networkd: Honor configured DHCP ClientIdentifier on link_update (#6622)
We have an embedded board with a couple of ethernet ports. From the kernel
log, I can see that the ethernet drivers are obtaining their correct MAC
address, but for some reason, at first systemd-networkd doesn't see the
mac address for the ethernet port at the time that it looks at
dhcp_client_identifier configuration (it has 00:00:00:00:00:00 for mac).

Later on, systemd-networkd gets a link_update() call, and at this time, it
has the correct mac address for the ethernet port. However, in link_update()
the dhcp_client_identifier configuration is not being considered, and a call
to sd_dhcp_client_set_iaid_duid() is being done always
2017-08-30 11:38:00 +02:00
Lennart Poettering
30495cb0a7 Merge pull request #6691 from yuwata/man-journal-remote2
journal-remote: small fixes
2017-08-30 11:31:37 +02:00
Lennart Poettering
1d9c3c7477 update TODO 2017-08-30 10:50:01 +02:00
Lennart Poettering
6d405b6909 Merge pull request #6672 from yuwata/drop-priv
use !! prefix in networkd and timesyncd
2017-08-30 10:45:24 +02:00
Yu Watanabe
e64aae43dd man: journal-remote: add detailed condition when SplitMode=none must be used 2017-08-30 17:03:37 +09:00
g0tar
73e669e0fd terminal reset should honour default_utf8 kernel setting (#6606)
terminal reset should honour default_utf8 kernel setting
2017-08-30 10:00:44 +02:00
Yu Watanabe
cb30d3ba66 journal-remote: show error if SplitMode=host with 'active' source is specified 2017-08-30 16:56:41 +09:00
Yu Watanabe
5ed0dcf4d5 test: drop Exec* prefixes to obtain paths of executables 2017-08-30 16:00:07 +09:00
Yu Watanabe
53d133ea1b timesync: move stamp file to /var/lib/systemd/timesync/clock 2017-08-30 15:59:57 +09:00
Lennart Poettering
40cdf0c962 Merge pull request #6585 from poettering/seccomp-lock-personality
Seccomp lock personality
2017-08-29 18:58:56 +02:00
Lennart Poettering
b1a05d7320 Merge pull request #6677 from yuwata/man-journal-remote
journal-remote: improve man page and error message
2017-08-29 18:04:50 +02:00
Topi Miettinen
07ce74074d namespace: avoid assertion failure (#6649)
If the root image is not decrypted, it must not be relinquished.
2017-08-29 17:31:24 +02:00
Lennart Poettering
7123a951d0 Merge pull request #6670 from fsateler/disable-networkd
build-sys: don't build networkctl if networkd is disabled
2017-08-29 17:28:06 +02:00
Lennart Poettering
3167f78a11 core: open up LockPersonality= for transient units
Let's make "systemd-run -p LockPersonality=1 -t /bin/sh" work.
2017-08-29 15:58:13 +02:00
Lennart Poettering
72eafe7159 seccomp: rework seccomp_lock_personality() to apply filter to all archs 2017-08-29 15:58:13 +02:00
Lennart Poettering
e8132d63fe seccomp: default to something resembling the current personality when locking it
Let's lock the personality to the currently set one, if nothing is
specifically specified. But do so with a grain of salt, and never
default to any exotic personality here, but only PER_LINUX or
PER_LINUX32.
2017-08-29 15:56:57 +02:00
Topi Miettinen
78e864e5b3 seccomp: LockPersonality boolean (#6193)
Add LockPersonality boolean to allow locking down personality(2)
system call so that the execution domain can't be changed.
This may be useful to improve security because odd emulations
may be poorly tested and source of vulnerabilities, while
system services shouldn't need any weird personalities.
2017-08-29 15:54:50 +02:00
Lennart Poettering
54d564a212 Merge pull request #6636 from sourcejedi/fsync
"Don't fear the fsync()"
2017-08-29 15:19:44 +02:00
Alan Jenkins
265710c205 fileio: rename function parameter to avoid masking global symbol
> glibc exports a function called sync(), we should probably avoid
> overloading that as a variable here locally (gcc even used to warn about
> that, not sure why it doesn't anymore), to avoid confusion around what
> "if (sync)" actually means
2017-08-29 10:56:32 +01:00
Jonathan Teh
77eaf7b4b9 hwdb: Add various USB mice (#6676) 2017-08-29 08:32:59 +10:00
Lennart Poettering
05aed5e8e4 Merge pull request #6653 from yuwata/man-link
Small fixes
2017-08-28 19:12:35 +02:00
Felipe Sateler
4f5993c3f4 shared: Add a linker script so that all functions are tagget @SD_SHARED instead of @Base (#6669)
This helps prevent symbol collisions with other programs and libraries. In particular,
because PAM modules are loaded into the process that is creating the session, and
systemd creates PAM sessions, the potential for collisions is high.

Disambiguate all systemd calls by tagging a 'version' SD_SHARED.

Fixes #6624
2017-08-28 18:49:03 +02:00
vliaskov
6c24adfd46 Revert "mount-setup: mount xenfs filesystem (#6491)" (#6662)
This reverts commit b305bd3aab.
2017-08-28 18:46:01 +02:00
Diogo Pereira
c29ebc1a10 Fix typo in man/systemd.exec.xml (#6683) 2017-08-28 18:38:29 +02:00
dasj19
b0d112c3d0 Added Romanian Translation (#6674) 2017-08-28 18:24:09 +02:00
Jason Gunthorpe
5570d7f956 Support 'rdma' as a ListenNetlink= argument (#6626)
NETLINK_RDMA has been in the kernel since v3.0.
2017-08-28 17:22:10 +02:00
Felipe Sateler
a86d0fe165 editorconfig: add rule for meson.build files (#6671) 2017-08-28 16:37:23 +02:00
Felipe Sateler
a174f618eb networkd: do not install the socket when networkd is not enabled 2017-08-27 10:49:10 -03:00
Yu Watanabe
6b1b9f75c8 journal-remote: show error message if output file name does not end with .journal
`journalctl -o export | systemd-journal-remote -o /tmp/dir -`
gives the following error messages.
```
Failed to open output journal /tmp/dir: Invalid argument
Failed to get writer for source stdin: Invalid argument
Failed to create source for fd:0 (stdin): Invalid argument
```
And these are hard to understand what is the problem.
This commit makes journal-remote check whether the output file name
ends with .journal suffix or not, and if not, output error message.
2017-08-27 16:34:57 +09:00
Yu Watanabe
c298b083c6 man: journal-remote: active mode without --url option requires output filename
Closes #6675.
2017-08-27 16:20:16 +09:00
Yu Watanabe
87a85e25a2 units: make use of !! ExecStart= prefix in systemd-timesyncd.service
Let's make use of !! to run timesyncd with ambient capabilities on
systems supporting them.
2017-08-27 01:41:12 +09:00
Yu Watanabe
c61f302d3c units: make use of !! ExecStart= prefix in systemd-networkd.service
Let's make use of !! to run networkd with ambient capabilities on
systems supporting them.
2017-08-27 01:40:47 +09:00
Evgeny Vereshchagin
0c700d392d build-sys: fix the script used for generating load_fragment_gperf_nulstr (#6646)
This prevents `systemd --dump-configuration-items` from crashing.
Closes #6596.
2017-08-26 23:21:23 +09:00
Susant Sahani
dd5f3175b7 Networkd Bond DOC: Move ActiveSlave and PrimarySlave to [Network] (#6610)
Fixes #6545
2017-08-26 22:37:46 +09:00
Lennart Poettering
2e681921c9 logind: make sure we don't process the same method call twice (#6583)
Tiny mistake, big effect.

Fixes: #6375
2017-08-26 22:19:26 +09:00
Yu Watanabe
5ce96b141a Merge pull request #6582 from poettering/logind-tty
various tty path parsing fixes
2017-08-26 22:12:48 +09:00
Lennart Poettering
0f52f8e552 core: disable the effect of Restart= if there's a stop job pending for a service (#6581)
We shouldn't undo the job already enqueued, under any circumstances.

Fixes: #6504
2017-08-26 22:07:23 +09:00
Lennart Poettering
9b9c30ec75 man: fix example indentation in tmpfiles.d(5) (#6578)
docboc actually copies the indentation 1:1 into the final man page and
that makes the example really weirdly aligned. Let's fix that.
2017-08-26 21:59:21 +09:00
Yu Watanabe
2c5ad0fd6d Merge pull request #6577 from poettering/more-exec-flags
add ! and !! ExecStart= flags to make ambient caps useful
2017-08-26 21:49:05 +09:00
Michal Sekletar
b58aeb70db service: attempt to execute next main command only for oneshot services (#6619)
This commit fixes crash described in
https://github.com/systemd/systemd/issues/6533

Multiple ExecStart lines are allowed only for oneshot services
anyway so it doesn't make sense to call service_run_next_main() with
services of type other than SERVICE_ONESHOT.

Referring back to reproducer from the issue, previously we didn't observe
this problem because s->main_command was reset after daemon-reload hence
we never reached the assert statement in service_run_next_main().

Fixes #6533
2017-08-25 16:36:10 +03:00
Felipe Sateler
dcfe072ad6 build-sys: don't build networkctl if networkd is disabled 2017-08-23 16:10:42 -03:00
Yu Watanabe
d7ea7bb8a8 network,resolve: remove comments related to kdbus 2017-08-23 12:42:35 +09:00
Yu Watanabe
fb72b1d99f networkd: do not fail manager_connect_bus() if dbus is not active yet
Fixes #6618.
2017-08-23 12:42:22 +09:00
Yu Watanabe
9b5c390fe3 man: mention configuration directories to sysusers.d 2017-08-23 12:40:07 +09:00
Yu Watanabe
521d3679c1 Merge pull request #6615 from ssahani/client-id
networkd: fix spell DCHPClientIdentifier (DCHP => DHCP)
2017-08-22 20:19:19 +09:00
Yu Watanabe
2d56bdabc2 man: fix wrong citation in systemd-sysctl.service.xml 2017-08-22 13:26:09 +09:00
Michael Biebl
91b8082096 CONTRIBUTING: stop mentioning "make check"
Since the switch to meson this information is no longer valid. HACKING already documents how to run the test suite.

See #6642
2017-08-21 09:47:07 +02:00
Charles Huber
850c8bd7b7 hwdb: Add Logitech G100s Optical Gaming Mouse (#6570) 2017-08-18 05:53:25 +10:00
Alan Jenkins
0675e94ab5 "Don't fear the fsync()"
For files which are vital to boot

1. Avoid opening any window where power loss will zero them out or worse.
   I know app developers all coded to the ext3 implementation, but
   the only formal documentation we have says we're broken if we actually
   rely on it.  E.g.

   * `man mount`, search for `auto_da_alloc`.
   * http://www.linux-mtd.infradead.org/faq/ubifs.html#L_atomic_change
   * https://thunk.org/tytso/blog/2009/03/15/dont-fear-the-fsync/

2. If we tell the kernel we're interested in writing them to disk, it will
   tell us if that fails.  So at minimum, this means we play our part in
   notifying the user about errors.

I refactored error-handling in `udevadm-hwdb` a little.  It turns out I did
exactly the same as had already been done in the `systemd-hwdb` version,
i.e. commit d702dcd.
2017-08-17 20:26:36 +01:00