1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-08 11:27:32 +03:00
Commit Graph

10251 Commits

Author SHA1 Message Date
Lennart Poettering
2cf4172a71 journal: install sigbus handler for journal tools too
This makes them robust regarding truncation. Ideally, we'd export this
as an API, but given how messy SIGBUS handling is, and the uncertain
ownership logic of signal handlers we should not do this (unless libc
one day invents a scheme how to sanely install SIGBUS handlers for
specific memory areas only). However, for now we can still make all our
own tools robust.

Note that external tools will only have read-access to the journal
anyway, where SIGBUS is much more unlikely, given that only writes are
subject to disk full problems.
2015-01-05 01:40:51 +01:00
Lennart Poettering
b798e7baa5 systemctl: fix waiting for jobs when using direct connections to PID 1 for dbus 2015-01-05 01:40:51 +01:00
Lennart Poettering
ea69bd41c5 journald: constify all things 2015-01-05 01:40:51 +01:00
Lennart Poettering
146d477367 machined,bus-proxy: fix connecting to containers 2015-01-05 01:40:51 +01:00
Lennart Poettering
8531ae707d journald: prefix exported calls with "server_", unexport unnecessary calls 2015-01-05 01:40:51 +01:00
Lennart Poettering
fa6ac76083 journald: process SIGBUS for the memory maps we set up
Even though we use fallocate() it appears that file systems like btrfs
will trigger SIGBUS on certain low-disk-space situation. We should
handle that, hence catch the signal, add it to a list of invalidated
pages, and replace the page with an empty memory area. After each write
check if SIGBUS was triggered, and consider the write invalid if it was.

This should make journald a lot more robust with file systems where
fallocate() is not reliable, for example all CoW file systems
(btrfs...), where changing written data can fail with disk full errors.

https://bugzilla.redhat.com/show_bug.cgi?id=1045810
2015-01-05 01:40:51 +01:00
Lennart Poettering
b12afc8c5c nspawn: mount most of the cgroup tree read-only in nspawn containers except for the container's own subtree in the name=systemd hierarchy
More specifically mount all other hierarchies in their entirety and the
name=systemd above the container's subtree read-only.
2015-01-05 01:40:51 +01:00
Lennart Poettering
714e2e1d56 cgroup: downgrade log messages when we cannot write to cgroup trees that are mounted read-only 2015-01-05 01:40:51 +01:00
Thomas Hindoe Paaboel Andersen
9a14fb6285 machinectl: Check type instead of path before printing the type
Looks like a typo when introduced in fefdc04b38
2015-01-02 21:38:22 +01:00
Zbigniew Jędrzejewski-Szmek
e86b3761c4 mount: do not use -n when running in --user mode
-n is only allowed for root. /etc/mtab is nowadays almost always a link to /proc/,
so in practice this does not really matter too much, but should allow .mount units
to work in --user mode.

https://bugs.freedesktop.org/show_bug.cgi?id=87602
2015-01-01 14:39:21 -05:00
Topi Miettinen
e65476622d Type of mount(2) flags is unsigned long 2015-01-01 14:39:17 -05:00
Robert Milasan
257e968d8c udev: improve help/usage for some more programs 2015-01-01 14:38:21 -05:00
Zbigniew Jędrzejewski-Szmek
ba52f15a58 networkctl: avoid potential use of unitialized variables
Those values are based on a file we read from disk, so we should
verify everything we receive, and make sure everything we print
is sensible.

Also, print fractional seconds for TTL.
2015-01-01 13:36:44 -05:00
Zbigniew Jędrzejewski-Szmek
1bf7dd6e7d networkctl: remove unused variable 2015-01-01 13:36:43 -05:00
Zbigniew Jędrzejewski-Szmek
ef75325319 network: fix scanf/printf format
usec_t is defined as 64 bit wide, but long is 32 bit on many archs.
2015-01-01 13:36:43 -05:00
Zbigniew Jędrzejewski-Szmek
e65ef51dee missing: add __NR_renameat2 2015-01-01 13:36:43 -05:00
Zbigniew Jędrzejewski-Szmek
2e219e5672 Remove "to allow" from policy messages
It carries no additional information and forces a passive sentence
structure which is longer and harder to parse.
2015-01-01 09:45:04 -05:00
Piotr Drąg
a4a57bb6ce machined: fix grammar in org.freedesktop.machine1.policy.in
[zj: change "in into" to "into".]

https://bugs.freedesktop.org/show_bug.cgi?id=87722
2015-01-01 09:45:04 -05:00
David Herrmann
ee14ebf211 lldp: fix sd_lldp_save()
Fix a bunch of needless memzero() calls, a bunch of use-after-free
regarding _cleanup_free_ and drop unused variables.

Hint: Do NOT use _cleanup_free_ for temporary strappend() helpers that are
freed multiple times. All you safe is the last free() call, which is
really not worth the trouble resetting it to NULL all the time.
2014-12-31 16:28:48 +01:00
David Herrmann
7d4866548d lldp: fix uninitialized cleanup var #2
Another uninitialized variable marked as _cleanup_. Set it to NULL to
avoid accessing uninitialized memory.
2014-12-31 16:07:17 +01:00
David Herrmann
e7a2419a2a lldp: fix uninitialized cleanup var
Make sure to set _cleanup_ variables to NULL. Otherwise, we free
uninitialized objects.
2014-12-31 16:04:55 +01:00
David Herrmann
c5285fbfce import: fix mem-leak in CurlGlue
Make sure to actually free the underlying object in CurlGlue unref.
2014-12-31 16:01:37 +01:00
David Herrmann
580e55da11 lldp: fix double free
'k' is marked as _cleanup_free_ so reset it to NULL if we free it
explicitly.
2014-12-31 15:58:27 +01:00
David Herrmann
fbee1d8587 networkctl: fix strappend() error checking
Make sure to test the right variable for NULL.
2014-12-31 15:56:11 +01:00
David Herrmann
889cec8d58 network: add malloc-assertion in test
Make sure malloc() really returns non-NULL in lldp test.
2014-12-31 15:55:10 +01:00
David Herrmann
06a079055a machinectl: remove dead code
'r' is not touched after the previous error-checking 100 lines above. Drop
that code.
2014-12-31 15:52:23 +01:00
David Herrmann
a38f05b7f7 Revert commit f131770b "tree-wide: spelling fixes"
This partially reverts:

    commit f131770b14
    Author: Veres Lajos <vlajos@gmail.com>
    Date:   Mon Dec 29 09:45:58 2014 +0000

        tree-wide: spelling fixes

The commit in question changed a binary file. I didn't look at the diff in
particular, so I have no idea what exactly was changed. However, the file
is generated and it looked highly suspiciuous. Therefore, I reverted that
part.

Note that this is generated by "make update-unifont" so really no reason
to touch at all.
2014-12-31 13:34:21 +01:00
Veres Lajos
f131770b14 tree-wide: spelling fixes
https://github.com/vlajos/misspell_fixer

b6fdeb618c
Thanks to Torstein Husebo <torstein@huseboe.net>.
2014-12-30 20:07:04 -05:00
Robert Milasan
fd51179d5c accelerometer: display short options too 2014-12-30 19:12:50 -05:00
Zbigniew Jędrzejewski-Szmek
a39b4bdd10 systemctl: do not repeat hibernate/sleep attempts
If some sleep operation was not possible (e.g. because swap is missing),
we would try twice: once through logind, which would result in a clean error:
  Failed to execute operation: Sleep verb not supported
and then second time by starting the appropriate unit directly, which is
more messy. If logind tells us that something is not possible (or already
in progress), report that to the user and quit. If logind is present and working
we should not try to work around it.

Loosely based on https://bugs.freedesktop.org/show_bug.cgi?id=87832.
2014-12-30 18:39:52 -05:00
Zbigniew Jędrzejewski-Szmek
caffa4ef70 bus: replace ENOSYS return codes with EBADR/ENOTSUP
ENOSYS is used to signify compiled-out functionality. Using it for
different kinds of error is misleading.

For BUS_ERROR_SLEEP_VERB_NOT_SUPPORTED, logind-action.c uses ENOTSUP
already, so changing it to ENOTSUP makes the dbus and action paths
behave the same.
2014-12-30 18:39:52 -05:00
Robert Milasan
7fcf5779b4 accelerometer: drop unused -x option 2014-12-30 22:05:39 +01:00
David Herrmann
d95eb43e90 bus: add sd_bus_emit_object_{added/removed}()
This implements two new helpers, discussed on systemd-devel about 1 year
ago:
    sd_bus_emit_object_added()
    sd_bus_emit_object_removed()

Both calls are equivalent to their respective counterpart
sd_bus_emit_interfaces_{added/removed}(), but can figure out the list of
interfaces themselves, instead of requiring the caller to provide them.
Furthermore, both calls properly deal with builtin interfaces provided via
org.freedesktop.DBus.* and alike.

Both calls simply traverse a node and all its parent nodes to figure out a
list of all interfaces registered as vtable or fallback. It then appends
each of them, similar to the interfaces_{added/removed}() helpers.

Note that interfaces_{added/removed}() runs a parent traversal for *each*
passed interface. Therefore, it can simply bail out, once it found a
parent node that implements a given interface.
With object_{added/removed}() we cannot know the registered interfaces in
advance, thus, we cannot run one traversal per node. Instead, we run a
single traversal and remember all interfaces that we added. Therefore, a
child-interface overrides all conflicting parent-interfaces. We keep a
"Set *s" context to track those while climbing up the tree.
2014-12-30 11:37:35 +01:00
David Herrmann
7d9fcc2bf6 bus: fix capabilities on big-endian
The kernel provides capabilities as a u32 array, sd-bus uses an u8 array.
This works fine on little-endian as both are encoded the same way.
However, this fails on big-endian if we do not perform sufficient
byte-swapping on each u32 entry.

This patch makes sd-bus use u32, too. We avoid changing any kernel
provided data so we can keep pointing into kdbus pool buffers which
contain u32 arrays.
2014-12-30 09:09:41 +01:00
David Herrmann
34a5d5e526 bus: drop creds->capability_size
The number of available caps can be read from
/proc/sys/kernel/cap_last_cap during runtime. Our helper cap_last_cap()
does that, so there's no reason to remember the size of any capability
cache. We can just pre-allocate arrays with a suitable size for all
available caps and reject any higher caps.

The kernel capability API uses u32 as base so make sure we do the same.
Note that this is specified by POSIX, so it's unlikely to change.
2014-12-30 08:42:53 +01:00
David Herrmann
180a60bc87 macro: add DIV_ROUND_UP()
This macro calculates A / B but rounds up instead of down. We explicitly
do *NOT* use:
        (A + B - 1) / A
as it suffers from an integer overflow, even though the passed values are
properly tested against overflow. Our test-cases show this behavior.

Instead, we use:
        A / B + !!(A % B)

Note that on "Real CPUs" this does *NOT* result in two divisions. Instead,
instructions like idivl@x86 provide both, the quotient and the remainder.
Therefore, both algorithms should perform equally well (I didn't verify
this, though).
2014-12-30 01:39:01 +01:00
Lennart Poettering
c00a4c8f55 Revert "machined: don't force terminate registered machines"
This reverts commit 206e7a5f7b.

We actually want to allow shutting down containers that use
RegisterMachine() rather than CreateMachine() to register their own
unit. It should be safe to do so, since the primary usecase for
RegisterMachine() are container managers that run only a single
container within their own unit, such as systemd-nspawn.
2014-12-29 20:13:58 +01:00
Lennart Poettering
e5f5b5b9c9 machined: ignore spurious error 2014-12-29 19:08:50 +01:00
Lennart Poettering
814a3fdfdc nspawn: report back to systemd only very late whether we are OK
That way, systemd can actually figure out if everything is OK with
nspawn.
2014-12-29 17:54:33 +01:00
Lennart Poettering
d8f52ed25a machinectl: add "enable" and "disable" verbs for enabling/disabling systemd-nspawn for containers
This is basically just a shortcut for "systemctl enable
systemd-nspawn@<foobar>.service", but does escaping.
2014-12-29 17:00:05 +01:00
Lennart Poettering
ebd011d95b machinectl: add new "start" verb to start a container as a service in nspawn 2014-12-29 17:00:05 +01:00
David Herrmann
679bda6a73 bus-proxy: fix sd_bus_reply_*() usage
We *must* not use sd_bus_reply_*() as it does not set the sender field
correctly. Use the synthetic_reply_*() helpers instead!
2014-12-29 15:43:57 +01:00
David Herrmann
80b4378314 capability: use /proc/sys/kernel/cap_last_cap
This file was introduced with linux-3.2, use it instead of probing for it
via prctl(PR_CAPBSET_READ).

For now, keep the old code for backwards compat. We can drop it once 3.2
is our lowest requirement.

The test-cap-list code is extended to verify cap_last_cap() is the same as
we'd get via prctl probing and /proc.
2014-12-29 14:05:38 +01:00
Tom Gundersen
2f0af4e120 core: loopback - correctly fail the loopback_check if somehow the rtnl calls fail 2014-12-29 13:07:03 +01:00
David Herrmann
315a73d97f bus: fix typo
Drop spurious 'we'.
2014-12-29 12:55:28 +01:00
Tom Gundersen
09773ef446 rtnl: recv_message - don't enforce sender uid
All we care about is that the kernel (pid==0) sent the message. Verifying the sender uid
seems to break when using userns.

Reported by Stéphane Graber.
2014-12-29 02:20:04 +01:00
Tom Gundersen
2da780b976 test: loopback - parse logging env var 2014-12-29 01:59:49 +01:00
Tom Gundersen
b551ddd380 sd-rtnl: rtnl_call - don't dispatch wqueue after timeout has passed
Only a minor change as the timeout would be hit soon thereafetr at the next loop.
2014-12-29 01:59:49 +01:00
Tom Gundersen
f55dc7c96e sd-rtnl: rtnl_poll - fix typo
This caused rtnl_poll to always return true immediately in sd_rtnl_call().
2014-12-29 01:59:49 +01:00
Tom Gundersen
c7460cce79 sd-rtnl: recv_message - drop message when peeking fails
Read the message form the socket or we will loop trying to read the
same message repeatedly.
2014-12-29 01:59:49 +01:00
Tom Gundersen
0b2bbbdf2f sd-rtnl: recv_message - don't fail on interrupt
We should just try again instead.
2014-12-29 01:59:49 +01:00
Tom Gundersen
2263bb9a92 sd-rtnl: recv_message - log when dropping message
We drop messages received from the wrong uid/pid, log this at debug level.
2014-12-29 00:19:36 +01:00
Tom Gundersen
e95e909d82 core: loopback - simplify check_loopback()
We no longer configure the addresses on the loopback interface, but simply bring it up
and let the kernel do the rest. Also change the check to only check if the interface
is up, rather than checking for the IPv4 loopback address.
2014-12-28 15:58:27 +01:00
Sylvain Plantefève
94b5088c8d machined: Fix MarkReadOnly method's name on bus 2014-12-28 13:05:08 +01:00
Sylvain Plantefève
1517ab5d18 libsystemd: Fix minor typo in comment 2014-12-28 13:04:46 +01:00
Lennart Poettering
1ddb263d21 machined: don't look for images on each property get, but cache the image object inbetween 2014-12-28 02:44:37 +01:00
Lennart Poettering
f02ca52281 util: treat -1 as special size in format_bytes() 2014-12-28 02:08:40 +01:00
Lennart Poettering
b6b1849830 machined: add support for reporting image size via btrfs quota 2014-12-28 02:08:40 +01:00
Lennart Poettering
d7b8eec7dc tmpfiles: add new line type 'v' for creating btrfs subvolumes 2014-12-28 02:08:40 +01:00
Lennart Poettering
ebd93cb684 machinectl/machined: implement "rename", "clone", "read-only" verbs for machine images 2014-12-28 02:08:40 +01:00
Lennart Poettering
086821244b machined: add "machinectl remove" for removing images 2014-12-28 02:08:40 +01:00
Lennart Poettering
1b9cebf638 nspawn: use the same image discovery logic in nspawn as in machined 2014-12-28 02:08:40 +01:00
Lennart Poettering
003dffde2c machined: Move image discovery logic into src/shared, so that we can make use of it from nspawn 2014-12-28 02:08:40 +01:00
Stéphane Graber
58a489c2b3 Fix check_loopback()
Add missing htonl() so that check_loopback() actually tests for 127.0.0.1
instead of 1.0.0.127 on little-endian machines.
2014-12-27 19:17:39 +01:00
Lennart Poettering
01c51934cb loginctl: reindent --help text 2014-12-26 20:12:40 +01:00
Lennart Poettering
2520f939ba loginctl: add more --help sections 2014-12-26 20:12:40 +01:00
Lennart Poettering
fefdc04b38 machinectl: add status commands 2014-12-26 20:12:40 +01:00
Lennart Poettering
27c88c4e23 machined: fix search patch magic for '.host' image 2014-12-26 20:05:11 +01:00
Lennart Poettering
08ff5529df machined: make image read-only check indepenednt on own privs 2014-12-26 19:36:25 +01:00
Lennart Poettering
8937e7b689 machinectl: mark read-only images when listing in red 2014-12-26 19:33:15 +01:00
Lennart Poettering
087682d103 import: make image root directory configurable, instead of hardcoding /var/lib/container 2014-12-26 19:33:15 +01:00
Lennart Poettering
5fc7f35842 machined: when discovering images, implicitly add ".host" as pseudo image referring to the host's own directory tree 2014-12-26 19:33:15 +01:00
Lennart Poettering
a67a4c8cb7 machined: fix image search path iteration 2014-12-26 19:33:15 +01:00
Lennart Poettering
42c6f2c9b2 machined: let's also check machine directories in /usr and /usr/local 2014-12-26 19:33:15 +01:00
Lennart Poettering
f0be89eee9 import: properly remove pre-existing images if --force is used 2014-12-26 19:33:15 +01:00
Lennart Poettering
8620a9a323 import: beef up gpt importer to optionally make writable copy of read-only vendor image 2014-12-26 19:21:58 +01:00
Lennart Poettering
e9d7333468 import: minor improvements to dkr importer 2014-12-26 19:21:58 +01:00
Lennart Poettering
2c39ea529b util: always override crtime xattr 2014-12-26 19:21:58 +01:00
Lennart Poettering
6389e747d5 machinectl: left-align times 2014-12-26 19:21:58 +01:00
Lennart Poettering
e6bd041c97 copy: try top copy atime/time/xattrs when copying files 2014-12-26 19:21:58 +01:00
Lennart Poettering
c75f27ea2b test: improve btrfs test case 2014-12-26 19:21:58 +01:00
Lennart Poettering
86e339c884 machined: be more thorough when checking whether an image is writable or not 2014-12-26 19:21:58 +01:00
Zbigniew Jędrzejewski-Szmek
92ee6447b1 journald: always allocate space for object fields
If OBJECT_PID= came as the last field, we would not reallocate the iovec to bigger size,
and fail the assertion later on in dispatch_message_real().
2014-12-26 09:02:27 -05:00
Zbigniew Jędrzejewski-Szmek
12a717f834 journald: fix off by one in native transport
https://bugzilla.redhat.com/show_bug.cgi?id=1177184
2014-12-26 09:02:27 -05:00
Filipe Brandenburger
0289a5bcb5 test: wait for cloned thread to exit
In test_raw_clone, make sure the cloned thread calls _exit() and in the parent
thread call waitpid(..., __WCLONE) to wait for the child thread to terminate,
otherwise there is a race condition where the child thread will log to the
console after the test process has already exited and the assertion from the
child thread might not be enforced.

The absence of this patch might also create problems for other tests that would
be added after this one, since potentially both parent and child would run
those tests as the child would continue running.

Tested by confirming that the logs from the child are printed before the test
terminates and that a false assertion in the child aborts the test with a core
dump.

[zj: also add check for the return value.]
2014-12-25 11:55:12 -05:00
Filipe Brandenburger
e50221bf1a test: only use assert_se in test_raw_clone
The asserts used in the tests should never be allowed to be optimized away.
2014-12-25 11:55:12 -05:00
Zbigniew Jędrzejewski-Szmek
aa1aad74e6 run: uninitialized variable 2014-12-25 10:57:37 -05:00
Zbigniew Jędrzejewski-Szmek
3dd0bbeb15 ata_id: remove temp variable to kill warning
src/udev/ata_id/ata_id.c:503:24: warning: assignment from incompatible pointer type
         identify_words = &identify.wyde;
                        ^
2014-12-25 10:57:37 -05:00
Zbigniew Jędrzejewski-Szmek
11c6f693e9 ata_id: modernize 2014-12-25 10:57:37 -05:00
Filipe Brandenburger
f2c0b4f1b1 pam_systemd: remove spurious include of <sys/capability.h>
It does not use any functions or constants from libcap directly.

Tested that "pam_systemd.la" builds cleanly and works after this change.
2014-12-25 10:57:29 -05:00
Filipe Brandenburger
88c4911768 timedated: remove spurious include of <sys/capability.h>
It does not use any functions from libcap directly. The CAP_SYS_TIME constant
in use by this file comes from <linux/capability.h> imported through "missing.h".

Tested that "systemd-timedated" builds cleanly and works after this change.
2014-12-25 10:57:16 -05:00
Filipe Brandenburger
8ea763865f localed: remove spurious include of <sys/capability.h>
It does not use any functions from libcap directly. The CAP_SYS_ADMIN constant
in use by this file comes from <linux/capability.h> imported through "missing.h".

Tested that "systemd-localed" builds cleanly and works after this change.
2014-12-25 10:57:08 -05:00
Filipe Brandenburger
946be29c98 bus: remove spurious include of <sys/capability.h>
They do not use any functions from libcap directly. The CAP_SYS_ADMIN constant
in use by bus-objects.c comes from <linux/capability.h> imported through
"missing.h". The "missing.h" header is imported through "util.h" which gets
imported in "bus-util.h".

Tested that everything builds cleanly after this change.
2014-12-25 10:56:42 -05:00
Filipe Brandenburger
9bb0c7cfbb machined: remove spurious include of <sys/capability.h>
They do not use any functions from libcap directly. The CAP_KILL constant in
use by these files comes from <linux/capability.h> imported through
"missing.h".

Tested that "systemd-machined" builds cleanly and works after this change.
2014-12-25 10:56:34 -05:00
Filipe Brandenburger
ffbc903f03 hostnamed: remove spurious include of <sys/capability.h>
It does not use any functions from libcap directly. The CAP_SYS_ADMIN constant
in use by this file comes from <linux/capability.h> imported through "missing.h".

Tested that "systemd-hostnamed" builds cleanly and works after this change.
2014-12-25 10:56:27 -05:00
Filipe Brandenburger
2395eb17eb tmpfiles: remove spurious include of <sys/capability.h>
It does not use any functions from libcap directly. The CAP_MKNOD constant in
use by this file comes from <linux/capability.h> imported through "missing.h".

Tested that "systemd-tmpfiles" builds cleanly and works after this change.
2014-12-25 10:56:21 -05:00
Filipe Brandenburger
d920e59c7d logind: remove spurious include of <sys/capability.h>
They do not use any functions from libcap directly. The CAP_* constants in use
through these files come from "missing.h" which will import <linux/capability.h>
and complement it with CAP_* constants not defined by the current kernel
headers. The "missing.h" header is imported through "util.h" which gets
imported in "logind.h".

Tested that "systemd-logind" builds cleanly and works after this change.
2014-12-25 10:56:13 -05:00
Filipe Brandenburger
f01ae8260d nspawn: remove spurious include of <sys/capability.h>
It does not use any functions from libcap directly. The CAP_* constants in use
through this file come from "missing.h" which will import <linux/capability.h>
and complement it with CAP_* constants not defined by the current kernel
headers.

Add an explicit import of our "capability.h" since it does use the function
capability_bounding_set_drop from that header file. Previously, that header was
implicitly imported through through "cap-list.h".

Tested that "systemd-nspawn" builds cleanly and works after this change.
2014-12-25 10:55:42 -05:00
Cristian Rodríguez
fa66b606b1 timesync: remove square(), use pow instead
In any case, the compiler generates the same code inline and never
actually calls the library function.
2014-12-25 10:55:41 -05:00
Filipe Brandenburger
097df453da test: do not use last cap from kernel in test-cap-list
The new test-cap-list introduced in commit 2822da4fb7 uses the included
table of capabilities. However, it uses cap_last_cap() which probes the kernel
for the last available capability. On an older kernel (e.g. 3.10 from RHEL 7)
that causes the test to fail with the following message:

    Assertion '!capability_to_name(cap_last_cap()+1)' failed at src/test/test-cap-list.c:30, function main(). Aborting.

Fix it by exporting the size of the static table and using it in the test
instead of the dynamic one from the current kernel.

Tested by successfully running ./test-cap-list and the whole `make check` test
suite with this patch on a RHEL 7 host.
2014-12-25 10:55:41 -05:00
Shawn Paul Landden
6024a6e302 udev: fix another strict aliasing issue 2014-12-25 10:55:41 -05:00
Shawn Paul Landden
bf3dd6b1a7 libudev: fix strict aliasing violation 2014-12-25 10:55:41 -05:00
Lennart Poettering
10f9c75519 machined: beef up machined image listing with creation/modification times of subvolumes
We make use of the btrfs subvol crtime for this, and for gpt images of a
manually managed xattr, if we can.
2014-12-25 03:19:19 +01:00
Lennart Poettering
5fa89b2cb3 import: prefer usec_t over time_t 2014-12-25 03:14:09 +01:00
Lennart Poettering
901992209e import: add a new "pull-gpt" verb for downloading GPT disk images from the internet 2014-12-24 16:53:05 +01:00
Lennart Poettering
0c7bf33a98 import: three minor fixes 2014-12-24 16:53:05 +01:00
Lennart Poettering
a36544cd45 import: print friendly error messages on errors 2014-12-24 16:53:05 +01:00
Lennart Poettering
14ed8b9273 import: remember when we were finished importing 2014-12-24 16:53:05 +01:00
Lennart Poettering
ea1ae8c38e import: make the dkr import URL a part of the import object, not the import name object 2014-12-24 16:53:05 +01:00
Lennart Poettering
51929718dd machined: fix writability check for GPT images 2014-12-24 16:53:05 +01:00
Lennart Poettering
4a4d89b682 util: make creation time xattr logic more generic 2014-12-24 16:53:04 +01:00
Lennart Poettering
de33fc6257 sd-bus: rename sd_bus_open_system_container() to sd_bus_open_system_machine()
Pretty much everywhere else we use the generic term "machine" when
referring to containers in API, so let's do though in sd-bus too. In
particular, since the concept of a "container" exists in sd-bus too, but
as part of the marshalling system.
2014-12-24 16:53:04 +01:00
Shawn Paul Landden
0254e9448f util: fix strict aliasing violations in use of struct inotify_event v5
There is alot of cleanup that will have to happen to turn on
-fstrict-aliasing, but I think our code should be "correct" to the rule.
2014-12-24 16:53:04 +01:00
Lennart Poettering
4f44c03eaa busctl: when introspecting objects, optionally limit output by interface name 2014-12-23 22:44:32 +01:00
Lennart Poettering
d04c1fb8e2 machined: introduce polkit for OpenLogin() call
This way "machinectl login" can be opened up to run without privileges.
2014-12-23 21:28:48 +01:00
Lennart Poettering
18d7038163 bus: add missing bus-policy.[ch]
Accidentally forgot to commit this. Sorry!
2014-12-23 21:06:01 +01:00
Lennart Poettering
8b169c0fc2 build-sys: move core/build.h → shared/build.h
After all, pretty much all our tools include it, and it should hence be
shared.

Also move sysfs-show.h from core/ to login/, since it has no point to
exist in core.
2014-12-23 21:05:28 +01:00
Lennart Poettering
bf441e3d93 machinectl: rework 'machinectl login' to use OpenMachineLogin() 2014-12-23 19:15:27 +01:00
Lennart Poettering
5f8cc96a03 machined: add new call OpenMachineLogin() that starts a getty in a container on a pty and returns the pty master fd to the client
This is a one-stop solution for "machinectl login", and should simplify
getting logins in containers.
2014-12-23 19:15:27 +01:00
Lennart Poettering
ee502e0c28 sd-bus: teach x-container-unix: bus protoocol to connect to the namespace of a PID instead of a container name 2014-12-23 19:15:27 +01:00
Lennart Poettering
080bfdbb8e condition: don't include files from src/core 2014-12-23 19:15:27 +01:00
Lennart Poettering
6eeeb84c96 import: fix compiler warning 2014-12-23 19:15:27 +01:00
Lennart Poettering
039f0e70a0 env-util: don't include files from src/core/ 2014-12-23 19:15:27 +01:00
Lennart Poettering
3c70e3bb02 core: rearrange code so that libsystemd/sd-bus/ does not include header files from core
Stuff in src/shared or src/libsystemd should *never* include code from
src/core or any of the tools, so don't do that here either. It's not OK!
2014-12-23 19:15:27 +01:00
Daniel Mack
3e0a204897 bus-proxyd: ignore errors from sd_bus_creds_get_well_known_names()
sd_bus_creds_get_well_known_names() fails with -ENODATA in case the
message has no names attached, which is intended behavior if the
remote connection didn't own any names at the time of sending.

The function already deals with 'sender_names' being an empty strv,
so we can just continue in such cases.
2014-12-23 18:41:26 +01:00
Daniel Mack
259ac5cd7e bus-proxyd: handle -ESRCH and -ENXIO gracefully
Messages to destinations that are not currently owned by any bus connection
will cause kdbus related function to return with either -ENXIO or -ESRCH.

Such conditions should not make the proxyd terminate but send a sane
SD_BUS_ERROR_NAME_HAS_NO_OWNER error reply to the proxied connection.
2014-12-23 13:41:34 +01:00
Lennart Poettering
9d8c4979c0 util: add allocation loop to gettyname_malloc() 2014-12-23 03:26:24 +01:00
Lennart Poettering
611b312b7d nspawn,pty: port over to new ptsname_malloc() helper 2014-12-23 03:26:24 +01:00
Lennart Poettering
ee451d766a systemd-run: support -t mode when combined with -M
For that, ask machined for a container PTY and use that.
2014-12-23 03:26:24 +01:00
Lennart Poettering
40205d706e machined: add OpenMachinePTY() bus call for allocating a PTY device within a container
Then, port "machinectl" over to make use of it.
2014-12-23 03:26:24 +01:00
Lennart Poettering
095dc59660 systemd-run: add --quiet mode to suppress informational message on TTY usage 2014-12-23 03:26:24 +01:00
Lennart Poettering
c7b7d4493a machinectl,nspawn: don't print extra final newline if pty terminal output was newline-terinated anyway 2014-12-23 03:26:24 +01:00
Lennart Poettering
9b15b7846d run: add a new "-t" mode for invoking a binary on an allocated TTY 2014-12-23 03:26:24 +01:00
Lennart Poettering
91f4347ef7 import: rename 'poll-dck' to 'pull-dkr'
I figure "pull-dck" is not a good name, given that one could certainly
read the verb in a way that might be funny for 16year-olds. ;-)

Also, don't hardcode the index URL to use, make it runtime and configure
time configurable instead.
2014-12-23 03:25:36 +01:00
Tom Gundersen
9bae67d49b shared: json - support escaping utf16 surrogate pairs
We originally only supported escaping ucs2 encoded characters (as \uxxxx). This
only covers the BMP. Support escaping also utf16 surrogate pairs (on the form
\uxxxx\uyyyy) to cover all of unicode.
2014-12-22 20:27:20 +01:00
Tom Gundersen
04166cb7dd shared: utf8 - support decoding the full utf16
We originally only supported the BMP (i.e., we treated UTF-16 as UCS-2).
2014-12-22 20:26:53 +01:00
Tom Gundersen
2bb4c7e384 shared: utf8 - support ucs4 -> utf8
Originally we only supported ucs2, so move the ucs4 version from libsystemd-terminal to shared
and use that everywhere.
2014-12-22 20:26:53 +01:00
Daniel Mack
856d6e0988 sd-bus: ignore KDBUS_ITEM_TIMESTAMP in kernel messages
Kernel notifications carry a timestamp now, so make sure
bus_kernel_translate_message() doesn't complain when it stumbles across
them.
2014-12-22 19:59:53 +01:00
Daniel Mack
e24e415e5f busname: fix CMD_FREE ioctl
The KDBUS_CMD_FREE ioctl struct has a size field now, which needs to be set.
2014-12-22 16:51:15 +01:00
Dave Reisner
540d858183 verbs: fix typo in error message 2014-12-22 08:21:50 -05:00
Daniel Mack
6ad9bb71c2 sd-bus: sync kdbus.h (ABI break)
Sync kdbus.h with upstream changes:

  * Two optional cancellation points where added for synchronously
    blocking KDBUS_CMD_SEND commands: A sigmask to change the mask
    of accepted signals before the task is put to sleep, and a
    generic file descriptor that can be written to, in order to cancel
    the command. Both methods are currently unused.

  * The KDBUS_CMD_CANCEL ioctl was removed. sd-bus was never using
    that command, so there's no change needed.

  * Some kerneldoc fixes
2014-12-20 19:23:49 +01:00
Tom Gundersen
7a6f145746 sd-lldp: minor header cleanup
* (potentially) public headers must reside in src/systemd/ (not in
   src/libsystemd*)
 * some private (not prefixed with sd_) functions moved from sd-lldp.h to
   lldp-internal.h
 * introduce lldp-util.h for the cleanup macro, as these should not be public
 * rename the cleanup macro, we always name them _cleanup_foo_, never
   _cleanup_sd_foo_
 * mark some function arguments as 'const'
2014-12-19 22:42:03 +01:00
Lennart Poettering
ebeccf9eec machined: add a full bus object for images 2014-12-19 20:43:18 +01:00
Lennart Poettering
c2ce6a3d82 machined: add new GetImage() bus call for retrieving the bus path for an image 2014-12-19 20:07:23 +01:00
Lennart Poettering
821d4b6e06 sysv-generator: properly add Makefile symlink 2014-12-19 20:04:55 +01:00
Lennart Poettering
a34bf9db5d util: rename ignore_file() to hidden_file()
hidden_file() is a bit more precise, since dot files usually shouldn't
be ignored, but certainly be considered hidden.
2014-12-19 20:03:36 +01:00
Lennart Poettering
56159e0d91 machinectl: port machinectl to new verbs logic 2014-12-19 19:19:29 +01:00
Lennart Poettering
7eeeb28e45 import: Verb[] array can be static, too 2014-12-19 19:19:29 +01:00
Lennart Poettering
43343ee7c2 verbs: when invoking the default verb, pass a faked argv array, with just the verb in it
That way the dispatcher calls know how they got called.
2014-12-19 19:19:29 +01:00
Lennart Poettering
cd61c3bfd7 machined/machinectl: add logic to show list of available images
This adds a new bus call to machined that enumerates /var/lib/container
and returns all trees stored in it, distuingishing three types:

        - GPT disk images, which are files suffixed with ".gpt"
        - directory trees
        - btrfs subvolumes
2014-12-19 19:19:29 +01:00
Lennart Poettering
8eebf6ad55 util: when creating temporary filename for atomic creation of files, add an extra "#" to the name
That way, we have a simple, somewhat reliable way to detect such
temporary files, by simply checking if they start with ".#".
2014-12-19 19:19:29 +01:00
Michal Schmidt
668c965af4 journal: skipping of exhausted journal files is bad if direction changed
EOF is meaningless if the direction of iteration changes.
Move the EOF optimization under the direction check.

This fixes test-journal-interleaving for me.

Thanks to Filipe Brandenburger for telling me about the failure.
2014-12-19 17:14:11 +01:00
Michal Schmidt
b29ddfcb38 journal: make next_with_matches() always use f->current_offset
next_with_matches() is odd in that its "unit64_t *offset" parameter is
both input and output. In other it's purely for output.

The function is called from two places in next_beyond_location(). In
both of them "&cp" is used as the argument and in both cases cp is
guaranteed to equal f->current_offset.

Let's just have next_with_matches() ignore "*offset" on input and
operate with f->current_offset.

I did not investigate why it is, but it makes my usual benchmark run
reproducibly faster:

$ time ./journalctl --since=2014-06-01 --until=2014-07-01 > /dev/null

real    0m4.032s
user    0m3.896s
sys     0m0.135s

(Compare to preceding commit, where real was 4.4s.)
2014-12-19 16:15:21 +01:00
Michal Schmidt
487d37209b journal: fix skipping of duplicate entries in iteration
I accidentally broke the detection of duplicate entries in 7943f42275
"journal: optimize iteration by returning previously found candidate
entry".

When we have a known location of a candidate entry, we must not return
from next_beyond_location() immediately. We must go through the
duplicates detection to make sure the candidate differs from the
already iterated entry.

This fix slows down iteration a bit, but it's still faster than it
was before the rework.

$ time ./journalctl --since=2014-06-01 --until=2014-07-01 > /dev/null

real    0m4.448s
user    0m4.298s
sys     0m0.149s

(Compare with results from commit 7943f42275, where real was 5.3s before
the rework.)
2014-12-19 15:37:10 +01:00
Tom Gundersen
bfcdba8d56 networkd: link - plug leak 2014-12-19 08:34:04 +01:00
Tom Gundersen
19727828d2 networkctl: lldp - respect arg_legend 2014-12-19 08:33:46 +01:00
Susant Sahani
49699bac94 LLDP: Add support for networkctl 2014-12-19 08:15:05 +05:30
Susant Sahani
ce43e48446 networkd: integrate LLDP
This patch integrates LLDP with networkd.

Example conf:
file : lldp.network

[Match]
Name=em1

[Network]
LLDP=yes
2014-12-19 08:02:45 +05:30
Susant Sahani
ad1ad5c8e3 networkd: Introduce Link Layer Discovery Protocol (LLDP)
This patch introduces LLDP support to networkd. it implements the
receiver side of the protocol.

The Link Layer Discovery Protocol (LLDP) is an industry-standard,
vendor-neutral method to allow networked devices to advertise
capabilities, identity, and other information onto a LAN. The Layer 2
protocol, detailed in IEEE 802.1AB-2005.LLDP allows network devices
that operate at the lower layers of a protocol stack (such as
Layer 2 bridges and switches) to learn some of the capabilities
and characteristics of LAN devices available to higher
layer protocols.
2014-12-19 08:02:45 +05:30
Tom Gundersen
266b538958 networkctl: port to verbs helper 2014-12-19 03:16:45 +01:00
Tom Gundersen
caa8dab28f systemd-hwdb: port to new verbs helper 2014-12-19 03:02:55 +01:00
Tom Gundersen
eac8e8c6de import: dck - fix curl error handling 2014-12-19 03:00:56 +01:00
Lennart Poettering
72648326ea import: add new minimal tool "systemd-import" for pulling down foreign containers and install them locally
This adds a simply but powerful tool for downloading container images
from the most popular container solution used today. Use it like
this:

       # systemd-import pull-dck mattdm/fedora
       # systemd-nspawn -M fedora

This will donwload the layers for "mattdm/fedora", and make them
available locally as /var/lib/container/fedora.

The tool is pretty complete, as long as it's only about pulling down
images, or updating them. Pushing or searching is not supported yet.
2014-12-19 02:08:14 +01:00
Lennart Poettering
dca59f6266 util: add generalization of verb parsing for command line tools
We should move loginctl, timedatectl, machinectl over to use this new
API instead of a manual one.
2014-12-19 02:07:42 +01:00
Lennart Poettering
e02d225b1e util: make sure rm_rf() can be called on symlinks (with the effect of deleting it) 2014-12-19 02:07:42 +01:00
Lennart Poettering
e1dd6790e4 strv: ass new strv_is_uniq() and strv_reverse() calls 2014-12-19 02:07:42 +01:00
Lennart Poettering
24167f3db8 execute: the runtime directory can only be on tmpfs, hence don't use rm_rf_dangerous() needlessly 2014-12-19 02:07:42 +01:00
Lennart Poettering
b7d1319393 nss-myhostname: introduce is_gateway() similar to the existing is_hostname() 2014-12-19 02:07:42 +01:00
Zbigniew Jędrzejewski-Szmek
c853953658 load-fragment: allow quoting in command name and document allowed escapes
The handling of the command name and other arguments is unified. This
simplifies things and should make them more predictable for users.
Incidentally, this makes ExecStart handling match the .desktop file
specification, apart for the requirment for an absolute path.

https://bugs.freedesktop.org/show_bug.cgi?id=86171
2014-12-18 19:26:21 -05:00
Zbigniew Jędrzejewski-Szmek
ba774317ac Treat a trailing backslash as an error
Commit a2a5291b3f changed the parser to reject unfinished quoted
strings. Unfortunately it introduced an error where a trailing
backslash would case an infinite loop. Of course this must fixed, but
the question is what to to instead. Allowing trailing backslashes and
treating them as normal characters would be one option, but this seems
suboptimal. First, there would be inconsistency between handling of
quoting and of backslashes. Second, a trailing backslash is most
likely an error, at it seems better to point it out to the user than
to try to continue.

Updated rules:
ExecStart=/bin/echo \\ → OK, prints a backslash
ExecStart=/bin/echo \ → error
ExecStart=/bin/echo "x → error
ExecStart=/bin/echo "x"y → error
2014-12-18 19:26:21 -05:00
Zbigniew Jędrzejewski-Szmek
30bcc05295 test-strv: use STRV_MAKE 2014-12-18 19:26:21 -05:00
Zbigniew Jędrzejewski-Szmek
447021aafd tree-wide: make condition_free_list return NULL 2014-12-18 19:26:21 -05:00
Zbigniew Jędrzejewski-Szmek
f1acf85a36 core: make exec_command_free_list return NULL 2014-12-18 19:26:21 -05:00
Zbigniew Jędrzejewski-Szmek
dbf1f77bf7 test-cap-list: allow mismatch in case 2014-12-18 18:54:00 -05:00
Dave Reisner
e40872fc53 path-util: fix breakage in path_is_mount_point
This fixes 2 problems introduced by 6feeeab0bc:

1) If name_to_handle_at returns ENOSYS for the child, we'll wrongly
return -ENOSYS when it returns the same for the parent. Immediately
jump to the fallback logic when we get ENOSYS.

2) If name_to_handle_at returns EOPNOTSUPP for the child but suceeds
for the parent, we'll be comparing an uninitialized value (mount_id) to
an initialized value (mount_id_parent). Initialize the mount_id
variables to invalid mount_ids to avoid this.
2014-12-18 18:34:12 -05:00
Tom Gundersen
65eb4378c3 systemd-hwdb: introduce new tool
This pulls out the hwdb managment from udevadm into an independent tool.

The old code is left in place for backwards compatibility, and easy of
testing, but all documentation is dropped to encourage use of the new
tool instead.
2014-12-18 15:37:27 +01:00
Alin Rauta
b98b483bac networkd: add FDB support 2014-12-18 15:28:16 +01:00
Michal Schmidt
c2551e7105 journal: next_with_matches() now does not need a mapped object as input
Now that journal_file_next_entry() does not need a pointer to the
current object, next_with_matches() does not need it either.
2014-12-18 14:44:34 +01:00
Michal Schmidt
f534928ad7 journal: journal_file_next_entry() does not need pointer to current Object
The current offset is sufficient information.
2014-12-18 14:41:22 +01:00
Michal Schmidt
7943f42275 journal: optimize iteration by returning previously found candidate entry
In next_beyond_location() when the JournalFile's location type is
LOCATION_SEEK, it means there's nothing to do, because we already have
the location of the candidate entry. Do an early return. Note that now
next_beyond_location() does not anymore guarantee on return that the
entry is mapped, but previous patches made sure the caller does not
care.

This optimization is at least as good as "journal: optimize iteration:
skip files that cannot improve current candidate entry" was.

Timing results on my workstation, using:
$ time ./journalctl -q --since=2014-06-01 --until=2014-07-01 > /dev/null

Before "Revert "journal: optimize iteration: skip files that cannot
improve current candidate entry":

real    0m5.349s
user    0m5.166s
sys     0m0.181s

Now:

real    0m3.901s
user    0m3.724s
sys     0m0.176s
2014-12-18 14:35:30 +01:00
Michal Schmidt
6e693b42dc journal: optimize iteration by skipping exhausted files
If from a previous iteration we know we are at the end of a journal
file, don't bother looking into the file again. This is complicated by
the fact that the EOF does not have to be permanent (think of
"journalctl -f"). So we also check if the number of entries in the
journal file changed.

This optimization has a similar effect as "journal: optimize iteration:
skip whole files behind current location" had.
2014-12-18 14:29:46 +01:00
Michal Schmidt
58439db4cc journal: drop unnecessary parameters of next_beyond_location()
offset is redundant, because the caller can rely on f->current_offset.
The object pointer the function saves in *ret is thrown away by the caller.
2014-12-18 12:44:16 +01:00
Michal Schmidt
e499c9998b journal: remove redundant variable new_offset
The file's current_offset is already updated at this point, so let's use
it.
2014-12-18 12:28:24 +01:00
Michal Schmidt
d8ae66d7fa journal: compare candidate entries using JournalFiles' locations
When comparing the locations of candidate entries, we can rely on the
location information stored in struct JournalFile.
2014-12-18 12:26:00 +01:00
Michal Schmidt
1eb6332d55 journal: simplify set_location()
set_location() is called from real_journal_next() when a winning entry
has been picked from among the candidates in journal files.

The location type is always set to LOCATION_DISCRETE. No need to pass
it as a parameter.
The per-JournalFile location information is already updated at this
point. No need for having the direction and offset here.
2014-12-18 12:20:25 +01:00
Michal Schmidt
6573ef05a3 journal: keep per-JournalFile location info during iteration
In next_beyond_location() when we find a candidate entry in a journal
file, save its location information in struct JournalFile.

The purpose of remembering the locations of candidate entries is to be
able to save work in the next iteration. This patch does only the
remembering part.

LOCATION_SEEK means the location identifies a candidate entry.
When a winner is picked from among candidates, it becomes
LOCATION_DISCRETE.
LOCATION_TAIL here signifies we've iterated the file to the end (or the
beginning in the case of reversed direction).
2014-12-18 12:17:20 +01:00
Michal Schmidt
1fc605b0e1 journal: abstract the resetting of JournalFile's location 2014-12-18 11:56:19 +01:00
Michal Schmidt
99cc7653a8 journal: move definition of LocationType to journal-file.h
In preparation for individual JournalFiles maintaining a location
of their own.
2014-12-18 11:53:39 +01:00
Michal Schmidt
8a2bd0a365 Revert "journal: optimize iteration: skip whole files behind current location"
This reverts commit b7c88ab8cc.

This optimization will be made redundant by the following patches.
2014-12-18 11:53:39 +01:00
Michal Schmidt
0633cb5206 Revert "journal: optimize iteration: skip files that cannot improve current candidate entry"
This reverts commit f8b5a3b75f.

This optimization will be made redundant by the following patches.
2014-12-18 11:53:39 +01:00
Michal Schmidt
14499361a5 journal: delete unused function journal_file_skip_entry()
Its only caller is a test.
2014-12-18 11:53:08 +01:00
Michal Schmidt
ae2adbcd09 journal: delete unused function journal_file_move_to_entry_by_offset() 2014-12-18 11:47:13 +01:00
Zbigniew Jędrzejewski-Szmek
ee05e7795b core: use raw_clone instead of fork in signal handler
fork() is not async-signal-safe and calling it from the signal handler
could result in a deadlock when at_fork() handlers are called. Using
the raw clone() syscall sidesteps that problem.

The tricky part is that raise() does not work, since getpid() does not
work. Add raw_getpid() to get the real pid, and use kill() instead of
raise().

https://bugs.freedesktop.org/show_bug.cgi?id=86604
2014-12-18 00:52:41 -05:00
Zbigniew Jędrzejewski-Szmek
503dbda6d9 test-unit-file: add test for semicolon escaping
https://bugs.freedesktop.org/show_bug.cgi?id=87393
2014-12-18 00:52:41 -05:00
tomsod-m ya ru
3851c51ad1 load-fragment: properly unescape \;
https://bugs.freedesktop.org/show_bug.cgi?id=87393
2014-12-17 23:01:38 -05:00
Zbigniew Jędrzejewski-Szmek
6feeeab0bc path: make the check for unsupported name_to_handle_at symmetric
If child supports, but the parent does not, or when the child does
not support, but the parent does, assume the child is a mount point.

Only if neither supports use the fallback.
2014-12-17 21:08:16 -05:00
Umut Tezduyar Lindskog
b890bf6a81 path: follow symbolic link for parent path (2)
c0e57ba9e2 fixed the fallback path.
We should do the same for name_to_handle_at().
2014-12-17 21:08:16 -05:00
Lennart Poettering
f2cbe59e11 machinectl: add new commands for copying files from/to containers 2014-12-18 01:36:28 +01:00
Lennart Poettering
20b63d12b5 util: in make_stdio() use dup2() rather than dup3()
dup3() allows setting O_CLOEXEC which we are not interested in. However,
it also fails if called with the same fd as input and output, which is
something we don't want. Hence use dup2().

Also, we need to explicitly turn off O_CLOEXEC for the fds, in case the
input fd was O_CLOEXEC and < 3.
2014-12-18 01:36:28 +01:00
Lennart Poettering
785890acf6 machinectl: implement "bind" command to create additional bind mounts from host to container during runtime 2014-12-18 01:36:28 +01:00