1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-02 02:21:44 +03:00
Commit Graph

26171 Commits

Author SHA1 Message Date
Michael Biebl
ac3608cdbc login: Fix policy for org.freedesktop.login1.set-self-linger (#3365) (#3373)
We need to explicitly define authorizations for allow_inactive and
allow_active. Otherwise one is getting "Access denied" when run from a
local console:

$ loginctl enable-linger
Could not enable linger: Access denied
2016-05-28 11:03:03 +02:00
Tom Yan
2b00a4e03d networkd: disable IPv6 for bridge slave
If an interface is managed as a bridge slave, we don't want any IP configuration for it. Therefore, disable IPv6 in such case.
2016-05-28 13:35:01 +08:00
Tom Yan
2b2d8603ce networkd: unset master if not enslaved with networkd
When we manage an interface with networkd but not as a slave (i.e. no `Bridge=` or `Bond=` set in its .network), we do not want it to remain slaved.
2016-05-28 13:31:41 +08:00
John Paul Adrian Glaubitz
9ae8424410 networkd/sd-dhcp-server: Fix unaligned access in parse_request(). 2016-05-27 22:40:16 +02:00
Tejun Heo
da4d897e75 core: add cgroup memory controller support on the unified hierarchy (#3315)
On the unified hierarchy, memory controller implements three control knobs -
low, high and max which enables more useable and versatile control over memory
usage.  This patch implements support for the three control knobs.

* MemoryLow, MemoryHigh and MemoryMax are added for memory.low, memory.high and
  memory.max, respectively.

* As all absolute limits on the unified hierarchy use "max" for no limit, make
  memory limit parse functions accept "max" in addition to "infinity" and
  document "max" for the new knobs.

* Implement compatibility translation between MemoryMax and MemoryLimit.

v2:

- Fixed missing else's in config_parse_memory_limit().
- Fixed missing newline when writing out drop-ins.
- Coding style updates to use "val > 0" instead of "val".
- Minor updates to documentation.
2016-05-27 18:10:18 +02:00
Lennart Poettering
ffe54bf4bf Merge pull request #3329 from htejun/dbus-cgroup-fixes
dbus-cgroup fixes
2016-05-27 18:06:18 +02:00
Tejun Heo
83afa09d97 core: fix missing newline when writing drop-in for WorkingDirectory (#3337) 2016-05-27 17:41:45 +02:00
Lennart Poettering
694fe5d45e Merge pull request #3356 from OpenDZ/tixxdz/nspawn-quick-v1
nspawn: filesystem uid patching fixes and other minor improvments
2016-05-27 17:37:19 +02:00
Christian Hesse
85b78539c9 systemctl: fix code path (and memory leak) on error 2016-05-27 09:33:27 +02:00
Christian Hesse
5f056378b0 systemctl: fix return values on success 2016-05-27 09:32:41 +02:00
Christian Hesse
7f30799ade systemctl: remove extra comma 2016-05-27 09:21:02 +02:00
John Paul Adrian Glaubitz
aa91232040 resolve/test-dns-packet: Fix unaligned access in test_packet_from_file(). 2016-05-26 23:32:25 +02:00
Djalal Harouni
520e0d541f nspawn: rename arg_retain to arg_caps_retain
The argument is about capabilities.
2016-05-26 22:43:34 +02:00
Djalal Harouni
f011b0b87a nspawn: split out seccomp call into nspawn-seccomp.[ch]
Split seccomp into nspawn-seccomp.[ch]. Currently there are no changes,
but this will make it easy in the future to share or use the seccomp logic
from systemd core.
2016-05-26 22:42:29 +02:00
Djalal Harouni
231bfb1b02 nspawn: rename is_procfs_sysfs_or_suchlike() to is_fs_fully_userns_compatible()
Rename is_procfs_sysfs_or_suchlike() to is_fs_fully_userns_compatible()
to give it the real meaning. This may prevent future modifications that
may introduce bugs.
2016-05-26 22:39:34 +02:00
Djalal Harouni
87c05f365d nspawn: a bench of special fileystems that should not be shifted
Add some special filesystems that should not be shifted, most of them
relate to the host and not to containers.
2016-05-26 22:38:25 +02:00
Christian Hesse
acc0269cad {machine,system}ctl: always pass &changes and &n_changes (#3350)
We have to pass addresses of changes and n_changes to
bus_deserialize_and_dump_unit_file_changes(). Otherwise we are hit by
missing information (subsequent calls to unit_file_changes_add() to
not add anything).

Also prevent null pointer dereference in
bus_deserialize_and_dump_unit_file_changes() by asserting.

Fixes #3339
2016-05-26 15:57:37 +02:00
Lennart Poettering
ae06d1be4e ipv4ll: shorten some checks by using IN_SET a bit
As suggested:

https://github.com/systemd/systemd/pull/3328#discussion-diff-64285764
2016-05-26 15:34:43 +02:00
Lennart Poettering
9c4f6ccb70 sd-ndisc: small coding style fixes
Let's use usec_t internally always, when dealing with time values.

Let's use uint8_t* pointers if we are dealing with generic byte pointers.
2016-05-26 15:34:43 +02:00
Lennart Poettering
79b490b796 sd-ndisc: add more whitespace
Whitespace doesn't hurt and helps structuring things.
2016-05-26 15:34:43 +02:00
Lennart Poettering
b9e7b1cf06 sd-ndisc: stop discovery properly when something fails 2016-05-26 15:34:43 +02:00
Lennart Poettering
901c983b6d sd-ndisc: rework size checking in ndisc_ra_parse()
Let's better check the size before we subtract. Also, let's change the size
argument to size_t, as it cannot be signed anyway.

Finally, use EBADMSG for indicating invalid packets, like we do everywhere
else.
2016-05-26 15:34:43 +02:00
Lennart Poettering
745c5152c2 sd-ndisc: simplify clamping of router "pref" parameter 2016-05-26 15:34:43 +02:00
Lennart Poettering
3e261cfd3c sd-ndisc: append "event_source" to event source objects stored in structures
Otherwise it gets too confusing whether "timeout" refers to an event source or
just a timeout time specification.
2016-05-26 15:34:43 +02:00
Lennart Poettering
ad2998abd5 sd-ndisc: add log_ndisc_errno() macro, to complement log_ndisc() like elsewhere
Also make use of it where appropriate.
2016-05-26 15:34:43 +02:00
Lennart Poettering
b3dfcf6a76 sd-ndisc: use the right object to pass to log_ndisc()
There's no "client" object, in both cases. There's only "nd".

This wasn't noticed before, as the context object is currently not actually
used by the log macros.
2016-05-26 15:34:43 +02:00
Lennart Poettering
d54b734adc sd-ndisc: Typo fix: s/advertisment/advertisement/ 2016-05-26 15:34:43 +02:00
Lennart Poettering
b24ef0493a ipv4acd: rename "ll" parameter to "acd" everywhere
Appears to be a (confusing) left-over from copy/paste when this still was
ipv4ll code.
2016-05-26 15:34:43 +02:00
Lennart Poettering
703945c1dc sd-ipv4ll: add a bit of logging to IPv4LL too 2016-05-26 15:34:43 +02:00
Lennart Poettering
3aacc173e9 sd-ipv4acd: drop IPV4ACD_NETWORK definition
Appears to be a copy/paste mistake from sd-ipv4ll. Let's get rid of this.
2016-05-26 15:34:43 +02:00
Lennart Poettering
96a7979f3d ipv4acd: rework how we pick ipv4ll addresses
Let's make the seed actually work as stable seed, and use siphash24 to generate
the series of addresses, instead of the opaque libc random_r().

This not only makes the seed truly work as stable, portable seed, but also
makes the code quite a bit shorter, and removes a couple of memory allocations.
2016-05-26 15:34:43 +02:00
Lennart Poettering
38958cd66e ipv4ll: change "seed" parameter to be uint64_t
Let's make clear this always has the same size, since otherwise it's not useful
for reproducible runs, which this is really about however.
2016-05-26 15:34:43 +02:00
Lennart Poettering
ff0c5ebd4a ipv4acd: make sure our event handler callbacks never check uninitialized "r" for errors 2016-05-26 15:34:42 +02:00
Lennart Poettering
e3f4eedba1 ipv4acd: normalize time types to usec_t
We try to stick to usec_t for encoding time information, do that here too. In
particular, get rid of "int" second specifications, since signed timespans are
a weird thing.
2016-05-26 15:34:42 +02:00
Lennart Poettering
d63458452d ipv4acd: in case the state engine is reused, reset n_conflict timer to 0 2016-05-26 15:34:42 +02:00
Lennart Poettering
d914f7a563 ipv4acd: no need to memcpy() where assignment suffices 2016-05-26 15:34:42 +02:00
Lennart Poettering
c9e458a419 ipv4acd: introduce new "started" state
This state is active immediately after the state engine was started, but before
the first timer hits.

This way multiple _start() invocations on the same object are always detected
correctly.
2016-05-26 15:34:42 +02:00
Lennart Poettering
d246e77a43 ipv4acd: rename ipv4acd_stop() → ipv4acd_reset()
This is much less confusing, since there's also sd_ipv4acd_stop(), which was
idfferent from ipv4acd_stop().

After renaming it, let's also use the funciton when destroying ipv4acd objects,
as the code is pretty much the same for that.
2016-05-26 15:34:42 +02:00
Lennart Poettering
4dbf7b3a93 ipv4acd: add "_event_source" suffix to event source objects
Otherwise the field "receive_message" is a bit too confusing, as it suggests it
actually stores a message object of some kind.
2016-05-26 15:34:42 +02:00
Lennart Poettering
784cdc2d0b ipv4acd: make the iteration and conflict fields unsigned
They are counters after all, and can never go below zero, hence don't pretend
with the chose type that they could.

Also, prefix their name with "n_", to indicate that they are counters.
2016-05-26 15:34:42 +02:00
Lennart Poettering
73e94c0dcb ipv4l-{acd,ll}: make sure ipv4 addresses are unsigned
And some other minor fixes.
2016-05-26 15:34:42 +02:00
Lennart Poettering
a48fc60a33 ipv4acd: library code should never log
Or actually, not at any level higher than debug.
2016-05-26 15:34:42 +02:00
Lennart Poettering
c116f52635 sd-ipv4{acl,ll}: don't make use of RefCnt objects
These objects are only useful when multiple threads are involved, as they
operate with atomic operations. Given that our libraries are explicitly not
thread-safe don't make use of RefCnt here, and make things a bit simpler.
2016-05-26 15:34:42 +02:00
Lennart Poettering
45aa74c72e sd-network: don't needlessly abbreviate "callback" as "cb" in struct members
It's OK to abbreviate this in the local scope, but otherwise, let's not be
needlessly terse.
2016-05-26 15:34:42 +02:00
Lennart Poettering
671eaa7405 dhcp: fix operator precedence issue with macro 2016-05-26 15:34:42 +02:00
Lennart Poettering
c1c9b211e3 sd-ndisc: make the _stop() call idempotent
It's a good idea to make stopcalls idempotent, so that they become nops if the
object is already stopped.
2016-05-26 15:34:42 +02:00
Lennart Poettering
a114066685 sd-network: fix up assertion chaos
assert_return() should only be used to validate user-facing parameters and
state, assert() should be used for checking our own internal state and
parameters.
2016-05-26 15:34:42 +02:00
Lennart Poettering
5c4c338adc sd-ndisc: rename sd_ndisc_init() to sd_ndisc_reset()
After all, it's actually used for resetting the state, not only for the initial
initialization.

While we are at it, also simplify the error path for
sd_ndisc_discovery_start().
2016-05-26 15:34:42 +02:00
Lennart Poettering
2f8e763376 sd-network: rename "index" field of the various clients to "ifindex"
A field "index" is not particularly precise and also might conflict with libc's
index() function definition. Also, pretty much everywhere else we call this
concept "ifindex", including in networkd, the primary user of these libraries.
Hence, let's fix this up and call this "ifindex" everywhere here too.
2016-05-26 15:34:42 +02:00
Lennart Poettering
9c2438b84e sd-ndisc: properly make various parameters unsigned 2016-05-26 15:34:42 +02:00