1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

36404 Commits

Author SHA1 Message Date
Lennart Poettering
3ca9940cb9 units: set NoNewPrivileges= for all long-running services
Previously, setting this option by default was problematic due to
SELinux (as this would also prohibit the transition from PID1's label to
the service's label). However, this restriction has since been lifted,
hence let's start making use of this universally in our services.

On SELinux system this change should be synchronized with a policy
update that ensures that NNP-ful transitions from init_t to service
labels is permitted.

An while we are at it: sort the settings in the unit files this touches.
This might increase the size of the change in this case, but hopefully
should result in stabler patches later on.

Fixes: #1219
2018-11-12 19:02:55 +01:00
Lennart Poettering
d49881a06a update TODO 2018-11-12 18:57:52 +01:00
Mathieu Trudel-Lapierre
55b6530baa Always rename an interface to its name specified in config if no NamePolicy= is specified
This is for issue #9006
2018-11-12 18:45:57 +01:00
Lennart Poettering
60d540fabd
Merge pull request #10603 from yuwata/udevd-parser
udevd: several cleanups for parsing options
2018-11-12 18:39:51 +01:00
Lennart Poettering
cd0504a395 update TODO 2018-11-12 17:44:46 +01:00
Tommi Rantala
429926e9cc core: include unit name in emergency_action() reason message
Add unit name in StartLimitAction=, FailureAction= and SuccessAction=
emergency_action() reason messages, so that the problematic unit is
easily visible, for example:

    "unit dbus.service failed"
2018-11-12 16:36:03 +01:00
Yu Watanabe
6f19b42f24 udev: use structured initializer at one more place 2018-11-12 23:25:59 +09:00
Yu Watanabe
c4b69e990f udev: drop redundant initializations for file descriptors
As udev_ctrl_new_from_fd() or udev_monitor_new_from_netlink_fd()
creates fd if negative fd is passed.
2018-11-12 23:25:59 +09:00
Yu Watanabe
c52cff0748 udev: handle sd_is_socket() failure 2018-11-12 23:25:59 +09:00
Yu Watanabe
46f0fbd8fd udev: drop util_log_priority() and use log_level_from_string()
The function util_log_priority() is almost same as
log_level_from_string(). The difference between them is only that
util_log_priority() accepts such that '3 hogehoge'.
2018-11-12 23:25:40 +09:00
Yu Watanabe
9d9264ba39 udev: use parse_sec() to parse --event-timeout option 2018-11-12 23:25:34 +09:00
Yu Watanabe
389f9bf2cf udev: include error cause of parsing --children-max option in log message 2018-11-12 23:21:49 +09:00
Yu Watanabe
c4d44cba4d udev: introduce enum ResolveNameTiming for --resolve-names argument 2018-11-12 23:20:53 +09:00
Yu Watanabe
6b92f42934 udevd: use parse_sec() to parse --exec-delay option 2018-11-12 23:16:54 +09:00
Yu Watanabe
216e8bbe34 udevd: explicitly set default value of global variables 2018-11-12 23:12:06 +09:00
Lennart Poettering
bc137cf45d update TODO 2018-11-12 11:44:02 +01:00
Lennart Poettering
8a26dae88f
Merge pull request #10736 from yuwata/coredump-comment
fuzz: fix oss-fuzz#8658
2018-11-12 11:42:16 +01:00
Lennart Poettering
192602cb1e
Merge pull request #10734 from yuwata/network-use-structured-initializers
network: several cleanups
2018-11-12 11:42:02 +01:00
seb128
8cc9fefe2e hwdb: revert airplane mode keys handling on Dell
That reverts the commits #8762 and #9868, those created double key events issues on some Dell laptops.
2018-11-12 10:44:24 +01:00
Lennart Poettering
f007824996
Merge pull request #10730 from yuwata/udev_device_get_ifindex_returns_zero
libudev: conserve previous behavior
2018-11-12 10:25:26 +01:00
Lennart Poettering
bdc0bcf014
Merge pull request #10731 from yuwata/fix-oss-fuzz-11344
Fixes oss-fuzz#11344
2018-11-12 10:23:23 +01:00
Yu Watanabe
9544a1ceb0 fuzz: add testcase of oss-fuzz#8658 2018-11-12 18:10:24 +09:00
Yu Watanabe
25cad95c82 fuzz: decrease DATA_SIZE_MAX
Fixes oss-fuzz#8658.
2018-11-12 18:08:48 +09:00
Yu Watanabe
27f931d1cd coredump: update comments 2018-11-12 17:56:20 +09:00
Yu Watanabe
538f15cf06 tree-wide: use CONFIG_PARSER_PROTOTYPE() macro 2018-11-12 16:45:04 +09:00
Yu Watanabe
3b00878ef6 wait-online: use hashmap_free_with_destructor() 2018-11-12 16:32:11 +09:00
Yu Watanabe
f61365e516 network: use hashmap_steal_first() rather than hashmap_first()+hashmap_remove() 2018-11-12 16:32:11 +09:00
Yu Watanabe
c6dbb5c43f network: use hashmap_clear_with_destructor() at one more place 2018-11-12 16:32:11 +09:00
Yu Watanabe
3e5700428e network: allocate hashmap objects when they are required 2018-11-12 16:32:11 +09:00
Yu Watanabe
a0e8e4cf3f network: do not assign unused value 2018-11-12 16:32:11 +09:00
Yu Watanabe
0f7f27694e network: fixes related to NetworkConfigSection
- Do not allocate NetworkConfigSection when filename == NULL
- set .network element before calling hashmap_put()
- Always free NetworkConfigSection in each object.
2018-11-12 16:32:11 +09:00
Yu Watanabe
17f9c355d5 network: use structured initializers 2018-11-12 16:32:10 +09:00
Yu Watanabe
1a75764a32 network: use NetworkConfigSection in fdb entries 2018-11-12 16:32:10 +09:00
Yu Watanabe
d5017c8410 network: make ndisc related handlers return negative errno but caller ignore the errors 2018-11-12 16:32:10 +09:00
Yu Watanabe
e559eca1b6 sd-bus: use SD_BUS_ERROR_NULL macro
Follow-up for e8f280bd0a.
2018-11-12 16:32:10 +09:00
Yu Watanabe
acc1bc9918 test: make test-udev accept only check when argc == 2
Follow-up for 110a13202e.
2018-11-12 16:32:10 +09:00
Yu Watanabe
bf877a54c7
Merge pull request #10669 from danderson/networkd-6rd
networkd: add 6rd support for sit netdevs
2018-11-12 15:55:03 +09:00
Markus Grimm
d7ef030b26 journal-remote: bugfix to re-enable ssl key check (#10707) 2018-11-12 15:47:47 +09:00
Alexander Kurtz
f628e3eea7 man: fix default value in resolved.conf man page (#10733)
See https://github.com/systemd/systemd/blob/v239/meson_options.txt#L190
2018-11-12 15:44:55 +09:00
Yu Watanabe
fd5ef45eab
Merge pull request #10694 from evverx/udev-test-in-container
udev-test: remove a check for whether the test is run in a container
2018-11-12 13:12:09 +09:00
Yu Watanabe
edc81c1ccb udevd: do not treat negative value as valid ifindex
Also, some conditions in is_devpath_busy() are similified.
2018-11-12 13:07:10 +09:00
Yu Watanabe
8ecbc4b880 libudev: conserve previous behavior
The commit dcfbde3a43 changes
sd_device_get_ifindex() returns -ENOENT instead of zero if the device
does not have ifindex.
Let's keep the original behavior of udev_device_get_ifindex().

Fixes #10699.
2018-11-12 13:00:30 +09:00
Lennart Poettering
5fb0720ebb
Merge pull request #10728 from keszybz/four-unrelated-cleanups
Four unrelated cleanups
2018-11-11 21:16:14 +01:00
Lennart Poettering
707ade9d13
Merge pull request #10732 from yuwata/network-sock_cloexec
dhcp, fuzz: set SOCK_CLOEXEC and SOCK_NONBLOCK
2018-11-11 21:15:50 +01:00
Yu Watanabe
34d178bbac fuzz: add testcase of oss-fuzz#10734 2018-11-12 02:04:35 +09:00
Yu Watanabe
3e29b8895a libsystemd-network: set SOCK_CLOEXEC and SOCK_NONBLOCK 2018-11-12 02:03:22 +09:00
Yu Watanabe
f2a500eb41 fuzz: explicitly set initial value of global variables 2018-11-12 01:58:17 +09:00
Yu Watanabe
804a6a1759 fuzz: set SOCK_CLOEXEC and SOCK_NONBLOCK 2018-11-12 01:57:27 +09:00
Yu Watanabe
c0e3d79970 fuzz: use SOCK_STREAM instead of SOCK_DGRAM
Fixes oss-fuzz#10734.
2018-11-12 01:56:17 +09:00
Yu Watanabe
89c7e7aa97 fuzz: add testcase of already fixed issue 10908 2018-11-12 01:17:45 +09:00