1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-14 23:24:38 +03:00

19121 Commits

Author SHA1 Message Date
Cristian Rodríguez
05f73ad22b cryptsetup: Do not warn If the key is /dev/*random
Using /dev/urandom as a key is valid for swap, do not
warn if this devices are world readable.
2015-02-02 16:41:31 +01:00
Tom Gundersen
5544ee8516 networkd: support socket activation
Still keep the non-socket activation code around for starting from the commandline, but
will likely drop that too in the future.
2015-02-02 11:57:52 +01:00
Tom Gundersen
a9944163fe sd-rtnl: introduce sd_rtnl_new_from_netlink 2015-02-02 11:57:52 +01:00
Tom Gundersen
e56cdb7ae2 networkd-wait-online: add timeout
Default to timing out after 120 seconds without a network connection. Setting a
timeout of 0 disables the timeout.
2015-02-02 11:57:52 +01:00
Tom Gundersen
c4f1aff230 sd-event: treat NULL callback for timer events like sig events
In both cases exit the event loop.
2015-02-02 11:57:52 +01:00
Tom Gundersen
5d8689d749 networkd-wait-online: support globbing for ignored devices 2015-02-02 11:57:52 +01:00
Marcel Holtmann
3cc711193d hwdb: Update database of Bluetooth company identifiers 2015-02-02 09:18:28 +01:00
Zbigniew Jędrzejewski-Szmek
74a6d87d0c man: switch yum to dnf for Fedora
The dnf name is here to stay, we might as well adjust.
2015-02-01 17:22:32 -05:00
Zbigniew Jędrzejewski-Szmek
7d328b5446 shared/capability: go frugal on space for caps 2015-02-01 17:22:32 -05:00
Zbigniew Jędrzejewski-Szmek
51ddf61540 Fix dropping of all capabilities
From fd.o bug 88898:

systemd-resolved fails to start:
Failed to drop capabilities: Operation not permitted

Broken in f11943c53ec181829a821c6b27acf828bab71caa.

Drop all capabilities:
1. prctl(PR_SET_KEEPCAPS, keep_capabilities != 0) // 0 when we drop all
capabilities
2. setresuid() // bye bye capabilities
3. Add CAP_SETPCAP // fails because we have no capabilities
4. Reduce capability bounding set
5. Drop capabilities
6. prctl(PR_SET_KEEPCAPS, 0)

Capabilites should always be kept after setresuid() so that the capability
bounding set can be reduced.

Based-on-a-patch-by: mustrumr97@gmail.com

https://bugs.freedesktop.org/show_bug.cgi?id=88898

We must be careful not to leave PR_SET_KEEPCAPS on. We could use the
setresuid() call to drop capabilities, but the rules when capabilities
are dropped are fairly complex, since a transition to non-zero uid must
happen. Let's instead keep the capabilities during setresuid(), and drop
them later.
2015-02-01 17:22:32 -05:00
Michael Olbrich
615938651d config_parse_set_status: put signals in the correct set
This was broken when the code was rearranged in "1e2fd62d70ff
core/load-fragment.c: correct argument sign and split up long lines"
2015-02-01 17:22:31 -05:00
Zbigniew Jędrzejewski-Szmek
5ffa8c8181 Add a snprinf wrapper which checks that the buffer was big enough
If we scale our buffer to be wide enough for the format string, we
should expect that the calculation was correct.

char_array_0() invocations are removed, since snprintf nul-terminates
the output in any case.

A similar wrapper is used for strftime calls, but only in timedatectl.c.
2015-02-01 17:21:39 -05:00
Zbigniew Jędrzejewski-Szmek
294929f891 tmpfiles: accurately report creation results 2015-02-01 12:44:04 -05:00
Zbigniew Jędrzejewski-Szmek
612532206c tmpfiles: remove dead branch
In the test, p is a path to a directory, always absolute. dent->d_name
is a single path component, so they cannot be equal. The comparison
was wrong also for other reasons: D type supports globs, so direct
comparisons using streq are not enough.
2015-02-01 12:44:04 -05:00
Zbigniew Jędrzejewski-Szmek
0775b9b611 units: set TimeoutSec on some oneshot services
Services which are not crucial to system bootup, and have Type=oneshot
can effectively "hang" the system if they fail to complete for whatever
reason. To allow the boot to continue, kill them after a timeout.

In case of systemd-journal-flush the flush will continue in the background,
and in the other two cases the job will be aborted, but this should not
result in any permanent problem.
2015-02-01 12:44:03 -05:00
Zbigniew Jędrzejewski-Szmek
a3bd89ea99 core/cgroup: fix embarrassing typo
https://github.com/docker/docker/issues/10280
2015-01-31 23:03:56 -05:00
Zbigniew Jędrzejewski-Szmek
afa3509a4f test-dhcp-client: remove linebreak 2015-01-31 12:25:12 -05:00
Tom Gundersen
2d9079c217 TODO 2015-01-31 15:27:49 +01:00
Tom Gundersen
d4cdbea555 networkd: dhcp-server - start as soon as addresses have been set
We would otherwise wait for the interface to be completely configured, which
could take considerable time with IPv4LL. As a result nspawn was very slow
at obtaining IP addresses.
2015-01-31 15:26:08 +01:00
Tom Gundersen
79b1f37d95 networkd-wait-online: allow specific devices to be ignored
In addition to the loopback device, also explicitly configured devices to be ignored.

Suggested by Charles Devereaux <systemd@guylhem.net>.
2015-01-31 15:26:08 +01:00
Tom Gundersen
233ba5c3a0 sd-rtnl: don't fail event handler when callback fails
As in sd-bus, simply log at debug level when a callback fails, but don't fail the event handler.
Otherwise any error returned by any callback will disable the rtnl event handler. We should
only do that on serious internal errors in sd-rtnl that we know cannot be recovered from.
2015-01-31 15:26:08 +01:00
Maxim Mikityanskiy
81f5fc2d43 core: make setting the shutdown watchdog configuration via dbus work
https://bugs.freedesktop.org/show_bug.cgi?id=88284
2015-01-30 18:48:18 -05:00
Kay Sievers
954871d8ba Revert "sd-bus: change serialization of kdbus messages to qualify in their entirety as gvariant objects"
This breaks booting with kdbus.

This reverts commit b381de4197157748ed96e469fcc372c23f842ae1.
2015-01-30 13:53:45 +01:00
Kay Sievers
82c28f5621 Revert "core: make setting the shutdown watchdog configuration via dbus work"
This reverts commit df6e44c4affced590b0d19c594d9301ffd436591.

systemd --version segfaults.

Starting program: /usr/lib/systemd/systemd --version
Missing separate debuginfos, use: debuginfo-install systemd-216-16.fc21.x86_64
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
systemd 218
+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN

Program received signal SIGSEGV, Segmentation fault.
0x000055555557c9be in main (argc=2, argv=0x7fffffffe4d8) at src/core/main.c:1832
1832            arg_shutdown_watchdog = m->shutdown_watchdog;
(gdb) bt
(gdb) bt full
        m = 0x0
2015-01-30 10:59:47 +01:00
Carlos Morata Castillo
b4f91f2ba3 Updates in bash autocompletions
Hi,

I did ./check-undocumented.sh -b (my script just submitted) and checked
the results.

Cheers.
2015-01-29 00:44:30 -05:00
Peter Hutterer
001a247324 hwdb: add a touchpad hwdb
Currently used to tag devices in the new Lenovo *50 series and the X1 Carbon
3rd. These laptops re-introduced the physical trackpoint buttons that were
missing from the *40 series but those buttons are now wired up to the
touchpad.

The touchpad now sends BTN_0, BTN_1 and BTN_2 for the trackpoint. The same
button codes were used in older touchpads that had dedicated scroll up/down
buttons. Input drivers need to work around this and thus know what they're
dealing with.

For the previous gen we introduced INPUT_PROP_TOPBUTTONPAD in the kernel, but
the resulting mess showed that these per-device quirks should really live in
userspace.

The list currently includes the X1 Carbon 3rd PNPID, others will be added as
get to know which PNPID they have.
2015-01-29 13:06:04 +10:00
Zbigniew Jędrzejewski-Szmek
3e495a6651 systemctl: refuse --host with cat
This might be fixed one day, but for now it's better to fail.

https://bugzilla.redhat.com/show_bug.cgi?id=1186952
2015-01-28 21:56:10 -05:00
Lennart Poettering
590ba75f32 update TODO 2015-01-29 03:53:23 +01:00
Peter Hutterer
ebb90c83ea Fix ordering of the 70-mouse.rule in the Makefile 2015-01-29 11:52:07 +10:00
Lennart Poettering
f11943c53e coredump: drop caps while we are processing the coredump
https://bugs.freedesktop.org/show_bug.cgi?id=87354
2015-01-29 02:47:29 +01:00
Lennart Poettering
9e8abdf0d9 Revert "journal: do not check for number of files"
This reverts commit b914ea8d379b446c4c9fac4ba181771676ef38cd.

We really need to put a limit on all our resources, everywhere, and in
particular if we operate on external data.

Hence, let's reintroduce the limit, but bump it substantially, so that
it is guaranteed to be higher than any realistic RLIMIT_NOFILE setting.
2015-01-29 02:11:55 +01:00
Lennart Poettering
6c2b9c8da1 man: turn new netdev table into a proper table 2015-01-29 01:40:48 +01:00
Maxim Mikityanskiy
df6e44c4af core: make setting the shutdown watchdog configuration via dbus work
https://bugs.freedesktop.org/show_bug.cgi?id=88284
2015-01-29 01:23:50 +01:00
Tom Gundersen
fc07d5d3a9 man: netdev - add some minimal explanation to the different netdev kinds and modes
Would be awesome to expand on this a lot, as there is currently no decent documentation for most of these things.
2015-01-28 21:35:54 +01:00
Tom Gundersen
73b23bea86 networkd: tunnel - call tunnel modes ipip6, not ip4ipv6 to match ip(8) 2015-01-28 21:35:54 +01:00
Martin Pitt
be94d95499 logind: handle closing sessions over daemon restarts
It may happen that you have several sessions with the same VT:

 - Open a session c1 which leaves some processes around, and log out. The
   session will stay in State=closing and become Active=no.
 - Log back in on the same VT, get a new session "c2" which is State=active and
   Active=yes.

When restarting logind after that, the first session that matches the current
VT becomes Active=yes, which will be c1; c2 thus is Active=no and does not get
the usual polkit/device ACL privileges.

Restore the "closing" state in session_load(), to avoid treating all restored
sessions as State=active. In seat_active_vt_changed(), prefer active sessions
over closing ones if more than one session matches the current VT.

Finally, fix the confusing comment in session_load() and explain it a bit
better.

https://launchpad.net/bugs/1415104
2015-01-28 20:03:38 +01:00
Lennart Poettering
40672b99c7 util: add comment explaining hostname_is_valid() 2015-01-28 17:48:05 +01:00
Lennart Poettering
477e75ef9e update TODO 2015-01-28 17:48:01 +01:00
Lennart Poettering
f50f01f4b7 sd-dhcp: chop of trailing dot of DHCP supplied host and domain nams 2015-01-28 17:47:37 +01:00
Martin Pitt
3b48ce4ec4 rules: clean up stale CD drive mounts after ejection
Ejecting a CD with the hardware drive button only causes a change uevent, but
the device node stays around (just without a medium). Pick up these uevents and
mark the device as SYSTEMD_READY=0 on ejection, so that systemd stops the
device unit and consequently all mount units on it.

On media insertion, mark the device as SYSTEMD_READY=1 again.

https://bugs.freedesktop.org/show_bug.cgi?id=72206
https://bugzilla.opensuse.org/show_bug.cgi?id=909418
https://bugs.archlinux.org/task/42071
https://bugs.launchpad.net/bugs/1168742
2015-01-28 17:04:06 +01:00
Martin Pitt
06e9788888 core/mount: add dependencies to dynamically mounted mounts too
Add unit dependencies for dynamic (i. e. not from fstab) mounts. With that,
mount units properly bind to their underlying device, and thus get
automatically stopped/unmounted when the underlying device goes away.

This cleans up stale mounts from unplugged devices.

Thanks to Lennart Poettering for pointing out the fix!
2015-01-28 17:02:28 +01:00
Lennart Poettering
3315f08517 sysv-generator: no need to check for identical symlinks source and target twice
http://lists.freedesktop.org/archives/systemd-devel/2015-January/027594.html
2015-01-28 15:11:49 +01:00
Lennart Poettering
82a2b6bb5e core: output unit status output strings to console, only if we actually are changing unit state
Unit _start() and _stop() implementations can fail with -EAGAIN to delay
execution temporarily. Thus, we should not output status messages before
invoking these calls, but after, and only when we know that the
invocation actually made a change.
2015-01-28 15:07:13 +01:00
Lennart Poettering
3ad85e3775 test: duplicate LIST_FOREACH_OTHERS test to check for corner cases of end and start of list 2015-01-28 14:22:13 +01:00
Lennart Poettering
cdda4aa8d2 list: properly skip over first item in LIST_FOREACH_OTHERS 2015-01-28 14:04:23 +01:00
Lennart Poettering
d1f6b1b455 manager: fix minor typo 2015-01-28 14:04:23 +01:00
Martin Pitt
40780877c1 sysv-generator: Re-fix .sh suffix handling
Commit 4e48855534 caused the .sh suffix to be stripped from the original
"filename", which caused the generated units to call the wrong init.d script.
Only use the .sh stripped file name for comparing with Provides:, not for
generating the Exec*= lines.

Spotted by sysv-generator-test.
2015-01-28 08:00:28 +01:00
Zbigniew Jędrzejewski-Szmek
78eb158a20 build-sys: add check for --help width 2015-01-27 21:48:12 -05:00
Zbigniew Jędrzejewski-Szmek
b57b06258e notify,firstboot,analyze,run: trim --help output to 80 lines 2015-01-27 21:48:12 -05:00
Zbigniew Jędrzejewski-Szmek
79ca888f5a tmpfiles: fix help text
The help text, apart from being too long, did not describe what the options
really do.
2015-01-27 21:48:12 -05:00