1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-25 01:34:28 +03:00
Commit Graph

69580 Commits

Author SHA1 Message Date
Yu Watanabe
60d52f219e udev: use SD_EVENT_SIGNAL_PROCMASK 2023-12-23 00:32:48 +01:00
Luca Boccassi
bc22b7be0a
Merge pull request #30590 from yuwata/backlight-cleanups
backlight: several cleanups and use dispatch_verb()
2023-12-22 23:35:27 +01:00
Yu Watanabe
bdc79e5fcd TODO: fix typo 2023-12-23 04:49:26 +09:00
Matt Layher
4591eccfc7 network: use varlink for networkctl check_netns_match()
Use varlink to detect networkd's network namespace when executing
networkctl rather than the D-Bus interface.

Signed-off-by: Matt Layher <mdlayher@gmail.com>
2023-12-23 04:25:13 +09:00
Yu Watanabe
f8f59f3280 backlight: split out verb_load() and verb_save(), then use dispatch_verb()
No functional change, just refactoring.
2023-12-23 03:53:28 +09:00
Yu Watanabe
48de55c38c backlight: use WRITE_STRING_FILE_MKDIR_0755 flag on save
No functional change, just refactoring.
2023-12-23 03:53:28 +09:00
Yu Watanabe
78b4ff5df4 backlight: split out read_saved_brightness()
No functional change, just refactoring.
2023-12-23 03:53:28 +09:00
Yu Watanabe
69ba99f9f3 backlight: split out device_new_from_arg()
While at it, this replaces strndupa_safe() with strndup(), as the input
is a user-controlled string.

No functional change, just refactoring.
2023-12-23 03:53:28 +09:00
Yu Watanabe
7135e6291d backlight: split out build_save_file_path()
No functional change, just refactoring.
2023-12-23 03:53:28 +09:00
Yu Watanabe
0e1564a261 backlight: move validity check of max_brightness to get_max_brightness()
Also rename get_max_brightness() -> read_max_brightness() for
consistency with read_brightness().
2023-12-23 03:53:28 +09:00
Yu Watanabe
2b575c0c95
Merge pull request #30585 from YHNdnzj/isatty-handling
various: clean up isatty() handling
2023-12-23 03:19:19 +09:00
Mike Yuan
dd9c8da865
various: clean up isatty() handling
As per https://github.com/systemd/systemd/pull/30547#discussion_r1434371627
2023-12-22 23:06:49 +08:00
Mike Yuan
76270f5c09
terminal-util: introduce isatty_safe that rejects EBADF 2023-12-22 23:06:48 +08:00
Mike Yuan
d3f818fea6
terminal-util: use RET_GATHER more 2023-12-22 23:04:47 +08:00
Luca Boccassi
4f276e97de test: fix check for device in test-execute
The unit actually uses /dev/kmsg, not /dev/kvm

Follow-up for ae7482b994
2023-12-22 15:32:28 +01:00
Luca Boccassi
12b6b3cfd9
Merge pull request #30550 from yuwata/network-nexthop-cleanups-3
network: several cleanups for nexthop (part3)
2023-12-22 10:44:39 +01:00
Yu Watanabe
2962a50850 systemctl: swap cached_id_map and cached_name_map
These are unused or used in the same order. So, this patch does not
change any behavior, just for naming consistency with the function
prototype.

Closes #30570.
2023-12-22 12:34:01 +09:00
Lennart Poettering
c5c74d85d3 networkd: add basic Varlink interface
Let's get networkd onto Varlink. This only adds the most basic of
operations.

I'd love to see networkd do Varlink for all its basic operations so that
networkctl can use that, and work correctly before D-Bus is up. Right
now, many of networkctls calls simply don't work before D-Bus, and I'd
like to see that improved.
2023-12-22 11:54:43 +09:00
Lennart Poettering
8017ed7e0e service: don't try to determine selinux label for socket activation if RootImage= is used
We cannot determine the SELinux label ahead of time if RootImage= is
used, since we'd have to mount the image then, hence don't, and handle
this cleanly, and gracefully.

While we are at it, stop "reaching over" so much from the socket code to
the service code, and instead provide function that most of the hard
work in service.c that socket.c just calls.

While we are at it, add debug logging and stuff.

I noticed the issue when also noticing #30560, but that one is harder to
fix, hence I avoided it for now.
2023-12-22 11:51:51 +09:00
Yu Watanabe
a16335cd17
Merge pull request #30553 from yuwata/network-post-event-source
network: merge two post event sources
2023-12-22 11:50:56 +09:00
Yu Watanabe
4e22097489
Merge pull request #30541 from yuwata/network-address-empty
network/address: make Address= in [Network] support an empty string
2023-12-22 11:50:44 +09:00
Luca Boccassi
eb2afc75e0
Merge pull request #30575 from arthurzam/bash
bash-completion: add some missing options
2023-12-21 23:44:17 +01:00
Lennart Poettering
66f3da245b
Merge pull request #30284 from YHNdnzj/fstab-wantedby-defaultdeps
fstab-generator: disable default deps if x-systemd.{wanted,required}-by= is used
2023-12-21 22:47:54 +01:00
Lennart Poettering
dc6522b18f
Merge pull request #28658 from H5117/enroll_with_ec
cryptsetup: Add support for EC keys in PKCS#11 tokens
2023-12-21 22:45:40 +01:00
Lennart Poettering
aafd495af8
Merge pull request #30547 from poettering/uid0
add new "uid0" command as alternative multi-call interface for systemd-run, as sudo replacement
2023-12-21 22:45:15 +01:00
Daan De Meyer
bacad14f94 Drop /dev test in test-mountpoint-util
Even /dev isn't always guaranteed to be a mount point, so let's drop
this part of the test.
2023-12-22 06:28:01 +09:00
Arthur Zamarin
8546a4af00
bash-completion: add missing option to systemd-confext
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
2023-12-21 23:23:13 +02:00
Arthur Zamarin
bd97ae259d
bash-completion: add missing option to systemd-cgls
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
2023-12-21 23:13:35 +02:00
Arthur Zamarin
fabe596e7e
bash-completion: add missing option to systemd-cat
Signed-off-by: Arthur Zamarin <arthurzam@gentoo.org>
2023-12-21 23:07:05 +02:00
Yu Watanabe
2c6c2b893b
Merge pull request #30568 from poettering/creds-varlink
creds: add varlink interface to encrypt/decrypt credentials
2023-12-22 05:30:23 +09:00
Yu Watanabe
4d5ea06c83
Merge pull request #30566 from poettering/varlink-inval-param
add a new helper varlink_error_invalid_parameter_name(), and make more use of the existing varlink_error_invalid_parameter()
2023-12-22 05:28:36 +09:00
Lennart Poettering
7b36fb9f96 polkit: simplify bus_verify_polkit_async() + drop auth-by-cap dbus feature
This simplifies bus_verify_polkit_async() and related calls quite a bit:

1. This removes any support for authentication-by-Linux-capability. This
   is ultimately a kdbus leftover: with classic AF_UNIX transports we
   cannot authenticate by capabilities securely (because we cannot
   acquire it from the peer without races), hence we never actually did.
   Since the necessary kernel work didn't materialize in the last 10y,
   and is unlikely to be added, let's just kill this context. We cannot
   quite remove the caps stuff from sd-bus for API compat, but for our
   polkit logic let's kill it.

2. The "good_uid" and "interactive" params are only necessary in very
   few cases, hence let's move them to a new call
   bus_verify_polkit_async_full() and make bus_verify_polkit_async() a
   wrapper around it without those two parameters.

This also fixes a bunch of wrong uses of the "interactive" bool. The
bool makes no sense today as the ALLOW_INTERACTIVE_AUTHORIZATION field
in the D-Bus message header replaces it fully. We only need it to
implement method calls we introduced prior to that header field becoming
available in D-Bus. And it should only be used on such old method calls,
and otherwise always be set to false.

This does not change behaviour in any way. Just simplifies stuff.

Fixes: #21586
2023-12-22 05:27:36 +09:00
Lennart Poettering
c2fb27ca04 varlink: make use of varlink_error_invalid_parameter() helper where appropriate 2023-12-21 19:22:47 +01:00
Lennart Poettering
afc50293bb varlink: add helper varlink_error_invalid_parameter_name() 2023-12-21 19:22:46 +01:00
Lennart Poettering
1760716959 test: add simple creds/varlink integration test 2023-12-21 19:19:12 +01:00
Lennart Poettering
644f19c75c creds: add varlink API for encrypting/decrypting credentials 2023-12-21 19:19:12 +01:00
Lennart Poettering
fa328d8a45 varlink: add helper varlink_error_invalid_parameter_name() 2023-12-21 19:19:11 +01:00
Lennart Poettering
73d8041c9a update TODO 2023-12-21 19:15:01 +01:00
Lennart Poettering
dd25a95763 test: add minimal integration test coverage for uid0 tool 2023-12-21 19:15:01 +01:00
Lennart Poettering
2118b179ca man: try to improve wording on --slice-inherit docs 2023-12-21 19:15:01 +01:00
Lennart Poettering
2f0b4d578b run/uid0: tint the terminal background color (and add new --background= switch)
This adds a new --background= switch that allows specifiying a
background color for the terminal while the tool runs.

It also teaches the tool when invoked as uid0 to tint the terminal in a
reddish hue when operating as root, and in a yellowish hue when
operating as any other user.

This should highlight nicely when the user is operating with elevated
privileges, or changed privileges.
2023-12-21 19:15:01 +01:00
Lennart Poettering
447bcbfc90 color-util: add helper to convert RGB → HSV
We already have HSV → RGB, add the opposite operation.
2023-12-21 19:15:01 +01:00
Lennart Poettering
eee799fa86 color-util: split out HSV color conversion into color-util.[ch] 2023-12-21 19:15:01 +01:00
Lennart Poettering
23d9fcc3c9 ptyfwd: optionally, change ANSI background color of forwarded terminals
As the bytes flow through our terminal forwarder we can color the
background of the terminal with a color of our choices, if that's
desired.

This will later allow us to color the background of the uid0 tool when
running as root with a slightly alarming red color.

This does two things:

1. When an ANSI sequence is seen that resets the background color, it is
   extended to immediately set the color to our choice.
2. When a newline is seen it is immeidately extended to set the
   background color again and clear the current line till the end.

Net effect: all lines written while we forward the ttys will be shown
with the background color of choice.
2023-12-21 19:15:01 +01:00
Lennart Poettering
63e9c38370 terminal-util: add helper that determines terminal default bg color 2023-12-21 19:15:01 +01:00
Lennart Poettering
d02d4f83f0 terminal-util: add helper for disabling terminal echo in termios struct 2023-12-21 19:15:01 +01:00
Lennart Poettering
b0936baf11 mkosi: don't turn off installation of our PAM snippets
Otherwise we don't get the new PAM snippet for the uid0 PAM stack
installed.
2023-12-21 19:14:43 +01:00
Lennart Poettering
1072d94731 run: optionally set the "ignore-failure" flag for ExecStart= lines 2023-12-21 19:14:43 +01:00
Lennart Poettering
72eb3081b2 run: when invoked as "uid0", expose some sudo-like behaviour
This turns "systemd-run" into a multi-call binary. When invoked under
the name "uid0", then it behaves a bit more like traditional "sudo".
This mostly means defaults appropriuate for that, for example a PAM
stack, interactivity and more.

Fixes: #29199
2023-12-21 19:14:43 +01:00
Lennart Poettering
20f8b345db env-util: add strv_env_assignf() helper 2023-12-21 19:07:29 +01:00