IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
This way it's much easier to test that the code compiles without issues.
It's also easier to edit the code.
Indentation in one of the examples is reduced to two spaces. This is what we
use in man pages to make them fit on screen better.
strerror_r() is used instead of strerror(). The usual trick is employed: we
allocate a buffer that lives until the end of the surrounding block to provide
the scratch space. This change is particularly important forn sd-bus and the
pam modules, which may be called from threaded code.
I checked the codebase, and we only use bus_error_message() in log statements,
so the returned pointer is not used beyond its valid lifetime.
make sure we always have something to return in all return parameters,
including in the boot id return parameter, in all code paths.
Follow-up for: #24965
Here SYNTHETIC_ERRNO() was used based on the general rule that logging
functions should do that when the error value is generated at the call
site. But here we're really propagating a memory allocation error, which
wasn't reported using errno, but the meaning is the same. And it's better
to bend the rule a bit like this than to use strerror().
strerror() is not thread safe and calling it just isn't worth the effort
required to justify why it would be safe in those cases. It's easier to just
use %m which is thread-safe out of the box. I don't think that any of the
changes in the patch cause any functional difference. This is just about
getting rid of calls to strerror() in general.
When we print an error message and fail to format the string, using something
like "(null)" is good enough. This is very very unlikely to happen anyway.
Error handling in acquire_user_record() was checking the wrong
condition (PAM errors are always >= 0, so r < 0 cannot match).
Apart from the fix for error handling, no change in behaviour is intended.
I did some minor adjustements to formatting and added _cleanup_ in one more
place.
This is a primitive helper that wraps calls to pam_syslog() replacing
@PAMERR@ with pam_strerror() output in the format string. This allows for
a bunch of boilerplate to be removed.
@PAMERR@ is only supported at the end of the string. Similarly to %m,
realistically that's the only place where it is useful.
Note that unlike in logging functions in log.[ch], here the error value is
only used for the message and is not saved anywhere, so we don't need to
care about SYNTHETIC_ERRNO.
If _SOURCE_MONOTONIC_TIMESTAMP was set in the entry, we wouldn't
query the boot ID, leading to every kernel entry in the export mode
to have BOOT_ID=000000000000000. Let's fix this by always querying
the boot ID.
Even if a bonding master interface has carrier, the underlying slave
interfaces may not. In such a case, sending solicitation fails with
-ENOBUS. Here, let's unconditionally ignore errors, as anyway we will
send a solicitation later.
Fixes#24717.
The new conditoins are placed inside of services, but they cannot be
used to test service creds, but only system creds. This deserves
explicit mention, since it might be confusing otherwise.
Reverts a small part of 02380e19467cc2761fcea59c199379a8e1d801b9
So far our pam code was using strerror_safe(). But that's not a good approach,
because strerror_safe() is not thread-safe, and the pam code is "library code"
that should be thread-safe. In fact, the whole effort to use strerror() is
unnecessary, because pam_syslog() is documented to support %m. The
implementation in linux-pam simply uses vasprintf(). If we use %m too, we get
rid of the issue. The wrapper sets errno temporarily from the argument.
Apparently some PAM consumers run multiple PAM stacks in threads, so we should
avoid non-thread-safe code.
The new helper returns PAM_BUF_ERR for ENOMEM, and PAM_SERVICE_ERR in other
cases. This may change the returned code in some cases, but I think a) it
doesn't matter much, b) it's probably for the better. E.g. we might now return
PAM_SERVICE_ERR if the dbus message is borked, and PAM_SERVICE_ERR seems
appropriate.
In particular, 'system/service credentials' are now described as simply
'credentials'. The selling point of credentials is that they are transparently
propagated from the system to services, so distinguishing between system and
service credentials is not important.
The description of ordering against initrd-switch-root.target is completely
rewritten. The old description was confused.
I think the description of systemd-measure should be reworked to clearly
describe what new functionality is provided and what policy changes are
built on top. But I don't qrok the details, so I left this part unchanged.
Before Debian switched to systemd, `shutdown now` would reset the system into
single user mode, doing roughly the equivalent of `telinit 1`.
Now, systemd's `shutdown` command does not behave that way; it defaults to
`poweroff` which might be confusing for users (like me) used to the previous
method.
Because I don't use the command often, I keep being stumped by this behavior,
and every time I look at the `shutdown(1)` manpage, I don't understand why I
can't find what I am looking for. This patch should make sure that people like
me find their way back to some sort of reason.
Maybe the *proper* way to fix this would be to restore the more classic
behavior, but I'm definitely not going to climb that hill. Besides, I clearly
remember the time I found out about the `shutdown` command and was *really*
confused when it brought me back to a command-line prompt. That was really
counter-intuitive and I find that change to actually be a good thing. So I'm
not proposing to change this behavior, merely document it better.
I originally added this to the `-P` option but it was suggested adding a new
`COMPATIBILITY` section instead, where other such issues could be added.
The `COMPATIBILITY` section is not actually officially documented. `man(1)`
talks about a `CONFORMING TO` section, but `shutdown(1)` is not
POSIX (`shutdown(2)` is, of course), so there's no actual standard on how this
should work.
The other option I considered was to add a `BUGS` section, but that seemed to
inflammatory, and definitely counter-productive.
