IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
remove_directory will always return 0 so this can never happen.
Besides that, d->path and d are freed so we would end up with
a null pointer dereference anyway.
To be able to use `systemd-run` or `machinectl login` on a container
that is in a private user namespace, the sub-process must have entered
the user namespace before connecting to the container's D-Bus, otherwise
the UID and GID in the peer credentials are garbage.
So we extend namespace_open and namespace_enter to support UID namespaces,
and we enter the UID namespace in bus_container_connect_{socket,kernel}.
namespace_open will degrade to a no-op if user namespaces are not enabled
in the kernel.
Special handling is required for the setns call in namespace_enter with
a user namespace, since transitioning to your own namespace is forbidden,
as it would result in re-entering your user namespace as root.
Arguably it may be valid to check this at the call site, rather than
inside namespace_enter, but it is less code to do it inside, and if the
intention of calling namespace_enter is to *be* in the target namespace,
rather than to transition to the target namespace, it is a reasonable
approach.
The check for whether the user namespace is the same must happen before
entering namespaces, as we may not be able to access /proc during the
intermediate transition stage.
We can't instead attempt to enter the user namespace and then ignore
the failure from it being the same namespace, since the error code is
not distinct, and we can't compare namespaces while mid-transition.
The following functions return immediately if a null pointer was passed.
* calendar_spec_free
* link_address_free
* manager_free
* sd_bus_unref
* sd_journal_close
* udev_monitor_unref
* udev_unref
It is therefore not needed that a function caller repeats a corresponding check.
This issue was fixed by using the software Coccinelle 1.0.1.
Previously the following command:
$ journalctl -f -t unmatchedtag12345
... would block when called with criteria that did not match any
journal lines. Once log lines appeared that matched the criteria
they were displayed.
Commit 02ab86c732 broke this
behavior and the journal was not followed, but the command
exits with '-- No entries --' displayed.
This commit fixes the issue.
More information downstream:
https://bugzilla.redhat.com/show_bug.cgi?id=1253649
Whenever one of our calls is invoked with a non-NULL, writable
sd_bus_error parameter, let's fill in some valid error on failure. We
previously only filled in remote errors, but never local errors, which is
hard to handle by users. Hence, let's clean this up to always fill in
the error.
This introduces a new bus_assert_return() macro that works like
assert_return() but optionally also initializes a bus_error struct.
Fixes#224.
Based on a patch by Umut Tezduyar.
There's no reason to explicitly turn off bus activation for resolved
here. The reason this was done before was that the code was copied from
nss-resolve, which has a fallback to glibc's nss-dns if resolved is not
reachable. However, such a logic makes no sense for resolve-host since
such a fallback doesn't make sense here, which means we can actually
turn on activation. Let's do it hence.
Let's make sure that clients querying resolved via the bus for A, AAAA
or PTR records for "localhost" get a synthesized, local reply, so that
we do not hit the network.
This makes part of nss-myhostname redundant, if used in conjunction.
However, given that nss-resolve shall be optional we need to keep this
code in both places for now.
Given that we already hardocde the loopback ifindex, following the
kernel's own logic, we can replace the invocation of
if_nametoindex("lo") with LOOPBACK_IFINDEX.
Since dacd6cee76 the two OOM's are
ignored as the value of r will be overwritten and we only log in
the fail section anyway.
This patch jumps to fail on OOM.
Note that this is different behavior compared to both the current
code and previous to dacd6cee76. Before
that commit we would log that saving the inhibit data failed, but
still write the file, though without the WHO/WHY section.
CID# 1313545
Fix error message:
-->--
Code should not be reached 'Unknown action.' at
src/systemctl/systemctl.c:6382, function halt_now(). Aborting.
Aborted
--<--
when executing 'reboot -f' from a system running a kexec kernel.
We should not fall back to dbus-1 and connect to the proxy when kdbus
returns an error that indicates that kdbus is running but just does not
accept new connections because of quota limits or something similar.
Using is_kdbus_available() in libsystemd/ requires it to move from
shared/ to libsystemd/.
Based on a patch from David Herrmann:
https://github.com/systemd/systemd/pull/886
The partition-type flags are defined independently for every partition-type. Apply
them only to the types where they are defined, and not to the ESP, which does not
appear to share the same set of flags.
https://github.com/systemd/systemd/issues/920
Overlayfs uses , as an option separator and : as a list separator. These
characters are both valid in file paths, so overlayfs allows file paths
which contain these characters to backslash escape these values.
This modifies the strv in-place, replacing strings with their escaped
version. It's mostly just a convenience function for when you need to
join a strv together because it's passed as a string to something, and
the separator needs escaping.
This is for shell-style \ escaping rather than quoting, which while it
has the same effect in produced shell commands, is not exclusively
useful for shell commands.
shell_escape would be useful for producing sed commands, as you would be
able to \ escape the normal special characters, plus whichever argument
separator was chosen; or it could be used to escape arguments passed to
the overlayfs mount command.
strv_split_extract is to strv_split_quotes as extract_first_word was to
unquote_first_word.
Now there's extract_first_word for extracting a single argument,
extract_many_words for extracting a bounded number of arguments,
and strv_split_extract for extracting an arbitrary number of arguments.
This now accepts : characters with the \: escape sequence.
Other escape sequences are also interpreted, but having a \ in your file
path is less likely than :, so this shouldn't break anyone's existing
tools.
If EXTRACT_DONT_COALESCE_SEPARATORS is passed, then leading separators,
trailing separators and spans of multiple separators aren't skipped, and
empty arguments from before, after or between separators may be extracted.
To add a flag to allow an empty string to be parsed as an argument, we
need to be able to distinguish between the end of the string, and after
the end of the string, so when we *do* reach the end, let's set *p to
this state.
This is so that, when called in a loop, unquote_first_word can
distinguish between reaching the end of a string because it has consumed
all the input before the end, and consuming all the input.
This is important because we later add a flag that allows
char *in = "";
char *out;
unquote_first_word(&in, &out, flags);
To put "" in out, and set in = NULL, so the trailing empty string of the
input can be consumed, and mark that the input has been consumed.
