IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
Stop to pretend that we can split selinux related code from other.
We have too many cross-references and it breaks all the time and
I am no longer willing to maintain that mess for no real benefit.
We currently have cyclic dependencies which are only resolved on
machines with gc-sections toolchains. We need a simpler and at the
same time more strict model to manage our convenienc libraries and
linking.
The first thing to give up is the "optimization" of not linking
libselinux for a very few tools. If that is an issue, please fix
the mess that libselinux creates in selinux itself, and do not ask
consumers to work around it.
Now that listen_fds() have been split out, we can safely move the allocation
of the manager object after doing the forking (the fork is done to notify legcay
init-systems that the fds are ready).
Subsequently, we can merge manager_listen() back into managre_new().
This entails a minor behaviour change: the application of permissions to
static device nodes now happens after the fork (but still before notifying
systemd about being ready).
This will simply silently fail on non-systemd systems, so there is no reason
to make it conditional.
Also make it clear that we notify systemd about being ready as the last step
before starting the event loop, whereas the forking might need to happen
earlier.
This allows a fd to be created and configured as part of one monitor, to be passed in
to create a second monitor without having to redo any of the configuration.
This should have no behavioural change, but it is odd to tie the cgroup cleaning to
whether or not we are passed sockets.
The point really is if we are guaranteed to be in a dedicated cgroup, so instead
check for our parent being PID1 (we already implicitly only do this on systemd
systems).
We used to block all signals, and restore the original signal mask before exec'ing
external processes.
Now we just block the signals we care about and unconditionally unblock all signals
before exec'ing.
In 5a8bcb674f, IPForwarding was introduced
to set forwarding flags on interfaces in .network files. networkd sets
forwarding options regardless of the previous setting, even if it was
set by e.g. sysctl. This commit creates a new option for IPForwarding,
"kernel", that preserves the sysctl settings rather than always setting
them.
See https://bugs.freedesktop.org/show_bug.cgi?id=89509 for the initial
bug report.
A lot of touch screens use INPUT_PROP_DIRECT to indicate that touch input
maps directly to the underlying screen, while the BTN_TOUCH bit might not be
set.
This change switches to bools and separates bit flag evaluation from
decision making and application of udev properties, while hopefully
keeping the same semantics. Apart from using BTN_LEFT instead of BTN_MOUSE
for mouse detection.
Strip trailing slashes from options such as --with-rootprefix, so that building
with rootprefix="/" results in paths like "/lib" instead of "//lib".
Also handle paths such as "/usr/" gracefully.
Use m4/ax_normalize_path.m4 from the autoconf-archive project, which is now
included in our tree as per usual practices in using autoconf-archive macros.
Tested with the following configure options:
./configure \
--with-rootprefix=/ \
--with-rootlibdir=/lib64/ \
--prefix=/usr/ \
--libdir=/lib/ \
--with-bashcompletiondir=/bash-completion/completions/
(The "prefix" and "libdir" are already automatically normalized by Autoconf,
this command is testing the others.)
Compared the config.log and resulting trees (in particular man pages) to
confirm double slashes were not present in the latter.
Also tested that a configuration using default options is not affected and that
`make distcheck` still works as expected.
The cunescape() helper function used to handle unknown escaping sequences
gracefully by copying them over verbatim.
Commit 527b7a42 ("util: rework cunescape(), improve error handling") added
a flag to make that behavior optional, and changed to default to error out
with -EINVAL otherwise.
However, config_parse_exec(), which is used to parse the
Exec{Start,Stop}{Post,Pre,} directives of unit files, was not changed along
with that commit, which means that directives with improperly escaped
command line strings are no longer parsed.
Relevant bugreports include:
https://bugs.freedesktop.org/show_bug.cgi?id=90794https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787256
Fix this by passing UNESCAPE_RELAX to config_parse_exec() in order to
restore the original behavior.
In device_update_properties_bufs(), the strv is built from pointers into the
single nul-terminated buf_nulstr string, to avoid allocating the key=value
strings twice. However, we must not do that while building and
GREEDY_REALLOC0()'ing buf_nulstr, as each time when this actually reallocates
memory the pointers we wrote into buf_strv so far become invalid.
So change the logic to first completely build the new buf_nulstr, and then
iterate over it to pick out the pointers to the individual key=value strings
for properties_strv.
This fixes invalid environment for udev callouts.
