IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Make sure we don't inspect sun_path of unnamed sockets.
Since we cannot know if two unnamed sockets' adresses refer to the same
socket, just return false.
When dbus.socket is updated like this:
-ListenStream=/var/run/dbus/system_bus_socket
+ListenStream=/run/dbus/system_bus_socket
... and daemon-reload is performed, bad things happen.
During deserialization systemd does not recognize that the two paths
refer to the same named socket and replaces the socket file with a new
one. As a result, applications hang when they try talking to dbus.
Fix this by finding a match not only when the path names are equal, but
also when they point to the same inode.
In socket_address_equal() it is necessary to move the address size
comparison into the abstract sockets branch. For path name sockets the
comparison must not be done and for other families it is redundant
(their sizes are constant and checked by socket_address_verify()).
FIFOs and special files can also have multiple pathnames, so compare the
inodes for them as well. Note that previously the pathname checks used
streq_ptr(), but the paths cannot be NULL.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186018
Fix result testing of is_symlink() to ignore negative results, which happen if
the file name does not exist at all. In this case we do not want a warning and
unlink the non-existing link.
https://bugs.debian.org/778700
Previously we always invoked the container PID 1 on /dev/console of the
container. With this change we do so only if nspawn was invoked
interactively (i.e. its stdin/stdout was connected to a TTY). In all other
cases we directly pass through the fds unmodified.
This has the benefit that nspawn can be added into shell pipelines.
https://bugs.freedesktop.org/show_bug.cgi?id=87732
With this change runlevel 2, 3, 4 are mapped to multi-user.target for
good, and 5 to graphical.target. This was already the previous mapping
but is now no longer reconfigurable, but hard-coded into the core.
This should generally simplify things, but also fix one bug: the
sysv-generator previously generated symlinks to runlevel[2-5].target
units, which possibly weren't picked up if these aliases were otherwise
only referenced by the real names "multi-user.target" and
"graphical.target".
We keep compat aliases "runlevel[2345].target" arround for cases where
this target name is explicitly requested.
The call iterates through cmsg list and closes all fds passed via
SCM_RIGHTS.
This patch also ensures the call is used wherever appropriate, where we
might get spurious fds sent and we should better close them, then leave
them lying around.
Make use of the new sd_bus_set_allow_interactive_authorization() call to
globally enable interactive authorization. Also, turn on PK agent for
more calls.
This allows us to make use of the sd_bus_call_method() convencience
helper at more places.
- Always issue selinux access check as early as possible, and PK check
as late as possible.
- Introduce a new policykit action for altering environment
- Open most remaining bus calls to unprivileged clients via PK
For plymouth themes not supporting i18n (like .script), send translated
messages to display to user, which is equivalent to the sent machine
readable data.
Try to connect and send to plymouth (if running) some checked report progress,
using direct plymouth protocole.
Update message is the following:
fsckd:<num_devices>:<progress>:<string>
* num_devices corresponds to the current number of devices being checked (int)
* progress corresponds to the current minimum percentage of all devices being
checked (float, from 0 to 100)
* string is a translated message ready to be displayed by the plymouth theme
displaying the information above. It can be overriden by plymouth themes
supporting i18n.
Grab in fsckd plymouth watch key Control+C, and propagate this cancel request
to systemd-fsck which will terminate fsck.
Send a message to signal to user what key we are grabbing for fsck cancel.
Message is: fsckd-cancel-msg:<string>
Where string is a translated string ready to be displayed by the plymouth theme
indicating that Control+C can be used to cancel current checks. It can be
overriden (matching only fsckd-cancel-msg prefix) for themes supporting i18n.
Remove the plymouth running or show-status checks from systemd-fsck. Instead,
always connect to systemd-fsckd socket, and let this one decide if we display
progress or not.
Add systemd-fsckd multiplexer which accepts multiple systemd-fsck
instances to connect to it and sends progress report. systemd-fsckd then
computes and writes to /dev/console the number of devices currently being
checked and the minimum fsck progress. This will be used for interactive
progress report and cancelling in plymouth.
systemd-fsckd stops on idle when no systemd-fsck is connected.
Make the necessary changes to systemd-fsck to connect to the systemd-fsckd
socket.
What used to be gummiboot, was renamed sd-boot when it was merged into
systemd. Let's try to be a bit more consistent with the rest of systemd
and rename it again as follows:
The EFI bootloader is now called 'systemd-bootx64.efi', and its sources are in
'src/boot/efi/'. The drop-in directory where bootctl will find EFI loaders
is now /usr/lib/systemd/boot/efi/.
Also, allow clients to alter their own objects without any further
priviliges. i.e. this allows clients to kill and lock their own sessions
without involving PK.
Most of our client tools want to set this bit for all their method
calls, even though it defaults to off in sd-bus, and rightfully so.
Hence, to simplify thing, introduce a per sd_bus-object flag that sets
the default value for all messages created on the connection.
The output of gnutls_certificate_verification_status_print() needs to be
freed.
Noticed this while staring at verify_cert_authorized() to see what could
possibly confuse gcc5 on armv7hl to segfault during compilation.
We would require a match against all three: patterns specified
with --to, with --from, and as positional arguments to show an
edge. This does not seem useful. Let instead the positional args
behave like they were specified in both --to and --from, which is
fairly intuitive and should be more useful.
The test would treat the first non-empty set of matches in
match_paths, match_drivers, match_types, match_names as definitive
(essentially chaining them with OR). Make those tests instead match
like other tests and require all to pass if the set of patterns is
nonempty.
For two releases those exported with version 183 by mistake, and then
they were fixed to have version 215 (015419c0df libudev: fix symbol
version for udev_queue_flush() and udev_queue_get_fd()). But that
breaks ABI compatibility for binaries compiled with udev from before
that commit. There most likely very few such binaries, if any, but as
a matter of principle we should export the old symbols too, in order
to keep full compatibility.
If we cannot forward messages, include information on the peer and message
just like the xml-policy does. This helps debugging such situations and
figuring out what exactly is going wrong.
UDS sockets transmit EUID+EGID only. Don't try to fake data we don't know!
Otherwise, this might be used to override user-limits by non-root setuid
programs (by faking UID==EUID).
Now that sd-bus is fixed to always use EUID even on UDS, we can safely set
all other UID/GID fields to INVALID.
Macro DEFINE_STRING_TABLE_LOOKUP expands to a new function for each
of the almost 120 tables throghout the code.
Move the its implementation to a function (guaranteed to never be inlined),
and make the macro expand to an inlined function that calls this function.
This saves a few kilobytes from the systemd binary
(David: - fix coding-style
- use 'ssize_t' to fix 32bit to 64bit propagation
- use streq_ptr())
Sometimes, when we try to reply to messages we don't check return
values. This means we might miss a ECONNRESET, and will get a ENOTCONN
on next command. Treat both the same hence.
sd_event_wait() returning 0 usually means that it timed out, which means it must
have been idle. However, sd_event_wait() may return 0 in case an event was triggered
but it turned out there was nothing to do. Make the check for idle explicit to avoid
this edge-case.
Errors like EPERM from the kernel should certainly not be reason to
exit. Let's try to be defensive here, and try to continue on most send
errors, but possibly tell the sender about it.
include-what-you-use automatically does this and it makes finding
unnecessary harder to spot. The only content of poll.h is a include
of sys/poll.h so should be harmless.
Otherwise systemd-reboot.service will remove the parameter that was set
before. This was broken in commit "b986229efe2cc96157aa14c37bab7843311bbef1
systemctl: bugfix for systemctl reboot command with argument"
This avoids taking the SysV init script enablement state into account if we
have native units. Otherwise systemctl disable on native unit would not
be respected in the presence of an enabled SysV script.
Also, there's no need to do all the parsing and creation of service files if we
already have a native systemd unit for the processed SysV init script.
On Tue, Feb 10, 2015 at 08:10:43PM +0100, Lennart Poettering wrote:
> Hmm, I think it would be nicer to use be32toh() here instead, since it
> ensures the macro is (to a limited degree) typesafe.
>
> Any chance you could rework that?
From: Paul Martin <paul.martin@codethink.co.uk>
Date: Wed, 11 Feb 2015 11:47:16 +0000
Subject: [PATCH] networkd dhcpv4 logging endian fix
On a big-endian host, systemd-networkd prints out IPv4 network
addresses byte reversed:
Feb 10 16:43:32 hostname systemd-networkd[151]: eth0 : DHCPv4 address 158.1.24.10/16 via 1.1.24.10
The address obtained is 10.24.1.158/16 and the route is
10.24.0.0/16 dev eth0 src 10.24.1.187
The macro ADDRESS_FMT_VAL() unpacks a "struct in_addr" in a
little-endian specific manner.
This patch forces the passed address into host order, then unpacks it.
On an x86 later than i486, compiled with -O2, the only extra overhead
is a single bswap instruction.
Pass around Link objcets rather than FdbEntry objects. The link objects have an up-to-date
ifname we can use for logging. match_name sholud _never_ be used for anything except
matching. Firstly, it may be unset (usually is), and secondly it may not be up-to-date.
