1
0
mirror of https://github.com/systemd/systemd.git synced 2024-12-23 21:35:11 +03:00
Commit Graph

29070 Commits

Author SHA1 Message Date
Peter Hutterer
855cf359b2 udev: skip EVDEV_ABS override on devices without EV_ABS (#5984)
When we first handle a device with an EVDEV_ABS override, check if it has
EV_ABS bits. If not, print a warning and continue. This is required on devices
where the match string applies to multiple device nodes, not all of which may
have absolute axes.

Fixes https://github.com/systemd/systemd/issues/5079
2017-05-19 10:56:29 +02:00
Evgeny Vereshchagin
e69c933694 Merge pull request #5988 from poettering/man-and-gcc
minor man page and gcc fixes
2017-05-19 09:34:39 +03:00
Lennart Poettering
86a48fb6f7 udev: turn off -Wformat-nonliteral for one safe case
c20e6de897 introduced a format string as
variable, but didn't turn off -Wformat-nonliteral warnings on it, thus
breaking the build. Let's fix that, by simply turning off the warning in
this case, as we know it's safe.
2017-05-18 22:26:12 -04:00
Lennart Poettering
6b7af82122 man: extend documentation on sd_bus_add_match a bit()
Explain briefly how the concept of "sd_bus_slot" works.

This recently came up on the mailing list, hence let's document this for
the next time.
2017-05-18 22:26:08 -04:00
Susant Sahani
cb4d8b2d05 sd-netlink: Make use of IN_SET (#5977) 2017-05-18 12:56:36 +02:00
Daniel Wang
2d66f64865 gitignore: ignore /test-sd-dhcp-lease (#5983) 2017-05-17 20:14:58 -04:00
Lennart Poettering
f731ad4456 Merge pull request #5957 from keszybz/test-c++
Test compilation under C++
2017-05-17 17:02:55 +02:00
Dimitri John Ledkov
c20e6de897 udev: net_id add support for platform bus (ACPI, mostly arm64) devices (#5933)
Fixes: #5894
2017-05-17 15:28:35 +02:00
Zbigniew Jędrzejewski-Szmek
d80e5b74e8 calendarspec: parse unix timestamps (@...) (#5947)
Fixes #5810.
2017-05-17 11:40:49 +02:00
Lennart Poettering
a8b7e8a742 Merge pull request #5883 from garyttierney/fix-selinux
selinux: enable labeling and access checks for unprivileged users
2017-05-17 11:39:44 +02:00
Yu Watanabe
8ff213fd65 meson: do not use generate_gperfs.py for keyboard-keys-from-name.gperf (#5968)
Fixes #5967.
2017-05-15 20:51:22 -04:00
Charles Plessy
f9d77d198e Add Lenovo UltraNav SK-8845 (#5963)
Closes #5952.
2017-05-15 08:16:16 -04:00
Zbigniew Jędrzejewski-Szmek
0f771be9ca test-bus-vtable: add SD_BUS_PROPERTY
Without cc9daff228, this results in:

src/libsystemd/sd-bus/test-bus-vtable-cc.cc:56:1: sorry, unimplemented: non-trivial designated initializers not supported
 };
 ^
2017-05-14 15:10:44 -04:00
Zbigniew Jędrzejewski-Szmek
5502d46f73 Merge pull request #5961 from ronnychevalier/rc/conf-parser-strv-typo
conf-parser: fix wrong argument given to log_syntax_invalid_utf8
2017-05-14 10:31:12 -04:00
Ronny Chevalier
16eefcafed env-util: fix memory leak (#5962)
If cunescape succeeds, but the assignment is not valid, uce is not freed.
2017-05-14 10:30:40 -04:00
Ronny Chevalier
d5ade2d602 test-conf-parser: add valid and invalid utf8 test for config_parse_path 2017-05-14 13:19:11 +02:00
Ronny Chevalier
b4958f42af conf-parser: fix wrong argument given to log_syntax_invalid_utf8
The condition is on "word", hence we give word instead of rvalue.

An assert would be triggered if !utf8_is_valid(word) is true and
rvalue == NULL, since log_syntax_invalid_utf8 calls utf8_escape_invalid
which calls assert(str).

A test case has been added to test with valid and invalid utf8.
2017-05-14 13:19:11 +02:00
Zbigniew Jędrzejewski-Szmek
94e2523b70 tests,meson: add test-bus-vtable, compiled as C and C++
This test is mostly a compilation test that checks that various defines in
sd-bus-vtable.h are valid C++. The code is executed, but the results are not
checked (apart from sd-bus functions not returning an error). test-bus-objects
contains pretty extensive tests for this functionality.

The C++ version is only added to meson, since it's simpler there.
Because of the .cc extension, meson will compile the executable with c++.

This test is necessary to properly check the macros in sd-bus-vtable.h. Just
running the headers through g++ is not enough, because the macros are not
exercised.

Follow-up for #5941.
2017-05-13 15:50:44 -04:00
Zbigniew Jędrzejewski-Szmek
3bf47e7392 test-ipv4ll: use assert_se consistently
We use assert_se in tests so that the asserts get evaluated even if compiled with NDEBUG.
2017-05-13 15:45:29 -04:00
Zbigniew Jędrzejewski-Szmek
afc5fc1ffa tree-wide: drop assert.h includes
We provide an independent reimplementation in macro.h, and that's the one
we want to use. Including the system header is unnecessary and confusing.
2017-05-13 15:44:30 -04:00
Zbigniew Jędrzejewski-Szmek
d7f149c1aa tests: make sure that our headers are valid c++
This adds a meson test because it fits nicely into the existing framework.
It should be enough to run this test once in a while, so I don't think it's
crucial to also have it under autotools.
2017-05-13 15:43:39 -04:00
Michael Biebl
0839f42ebf Merge pull request #5956 from eliasp/fix-typo-network-zones
man: fix typo (`--network-zones` → `--network-zone`)
2017-05-13 21:07:04 +02:00
Elias Probst
cf917c27b6
man: fix typo (--network-zones--network-zone) 2017-05-13 20:56:44 +02:00
Daniel Wang
b85bc551c3 network: Implement DHCP Option 119 (Domain Search List) (#5932)
This adds a modified version of dhcp6_option_parse_domainname() that is
able to parse compressed domain names, borrowing the idea from
dns_packet_read_name(). It also adds pieces in networkd-link and
networkd-manager to properly save/load the added option field.

Resolves #2710.
2017-05-13 10:19:32 -04:00
Gary Tierney
b3fb3c01ee audit-fd: check for CAP_AUDIT_WRITE before opening an audit socket
Adds a check to audit-fd.c to ensure that CAP_AUDIT_WRITE is present in
the set of effective capabilities before opening an audit netlink
socket.  This ensures that unprivileged systemd instances (MANAGER_USER)
don't try to log AVC permission checks with the audit subsystem when
CAP_AUDIT_WRITE is not present.
2017-05-12 14:43:39 +01:00
Gary Tierney
6d395665e5 Revert "selinux: split up mac_selinux_have() from mac_selinux_use()"
This reverts commit 6355e75610.

The previously mentioned commit inadvertently broke a lot of SELinux related
functionality for both unprivileged users and systemd instances running as
MANAGER_USER.  In particular, setting the correct SELinux context after a User=
directive is used would fail to work since we attempt to set the security
context after changing UID.  Additionally, it causes activated socket units to
be mislabeled for systemd --user processes since setsockcreatecon() would never
be called.

Reverting this fixes the issues with labeling outlined above, and reinstates
SELinux access checks on unprivileged user services.
2017-05-12 14:43:39 +01:00
Lennart Poettering
6e4177315f Merge pull request #5432 from keszybz/udev-logging
udev logging separation
2017-05-12 15:22:46 +02:00
Zbigniew Jędrzejewski-Szmek
5486a31d28 nss-resolve: drop the internal fallback to libnss_dns (#5945)
If we could not communicate with systemd-resolved, we would call into
libnss_dns. libnss_dns would return NOTFOUND for stuff like "localhost" and
other names resolved by nss-myhostname, which we would fall under the !UNAVAIL=
condition and cause resolution to fail. So the following recommended
configuration in nsswitch.conf would not work:

   hosts: resolve [!UNAVAIL=return] dns myhostname

Remove the internal fallback code completely so that the fallback logic
can be configured in nsswitch.conf.

Tested with
   hosts: resolve [!UNAVAIL=return] myhostname
and
   hosts: resolve [!UNAVAIL=return] dns myhostname

Fixes #5742.
2017-05-12 14:31:46 +02:00
Lennart Poettering
3823da25cf Merge pull request #5928 from keszybz/libidn2
Use idn2 instead of idn
2017-05-12 12:01:40 +02:00
Lennart Poettering
2cfafe4d03 Merge pull request #5942 from keszybz/timestamp-writing
Allow timestamp to be set by the file writing utility functions
2017-05-12 12:00:24 +02:00
Lennart Poettering
77f0f0a5c7 Merge pull request #5946 from evverx/test-sigbus-fixes
test-sigbus: use posix_fallocate rather than fallocate
2017-05-12 11:58:13 +02:00
Zbigniew Jędrzejewski-Szmek
f089206caa README: update util-linux required compilation options (#5949)
Fixes #5563.
2017-05-12 10:49:48 +02:00
Zbigniew Jędrzejewski-Szmek
ca3bad6504 networkd: remove unused variables (#5948)
Fixup for 36423ff433.
2017-05-12 04:53:12 +03:00
Evgeny Vereshchagin
b8d79b4b68 tests: stop creating /TEST (#5943)
Closes #5856.
2017-05-11 18:56:39 -04:00
Matthijs van Duin
cc9daff228 sd-bus: fix c++ compatibility (#5941)
g++ annoyingly requires a non-empty struct-initializer to initialize all
struct members, in order of declaration.

Signed-off-by: Matthijs van Duin <matthijsvanduin@gmail.com>
2017-05-11 18:55:26 -04:00
Zbigniew Jędrzejewski-Szmek
fc1b2dc395 Merge pull request #5936 from ssahani/net-route
networkd: route replace parse prefix with generic in_addr_prefix_from_string
2017-05-11 18:53:35 -04:00
Zbigniew Jędrzejewski-Szmek
a8a2a0ed64 mkosi: switch over to libidn2 2017-05-11 14:27:01 -04:00
Zbigniew Jędrzejewski-Szmek
87057e244b resolved: support libidn2 in addition to libidn
libidn2 2.0.0 supports IDNA2008, in contrast to libidn which supports IDNA2003.

https://bugzilla.redhat.com/show_bug.cgi?id=1449145
From that bug report:

Internationalized domain names exist for quite some time (IDNA2003), although
the protocols describing them have evolved in an incompatible way (IDNA2008).
These incompatibilities will prevent applications written for IDNA2003 to
access certain problematic domain names defined with IDNA2008, e.g., faß.de is
translated to domain xn--fa-hia.de with IDNA2008, while in IDNA2003 it is
translated to fass.de domain. That not only causes incompatibility problems,
but may be used as an attack vector to redirect users to different web sites.

v2:
- keep libidn support
- require libidn2 >= 2.0.0
v3:
- keep dns_name_apply_idna caller dumb, and keep the #ifdefs inside of the
  function.
- use both ±IDN and ±IDN2 in the version string
2017-05-11 14:25:01 -04:00
Zbigniew Jędrzejewski-Szmek
d84ed2bd13 networkd: pretiffy message about invalid prefix
We know how the field we are parsing is called, let's put this information in
the error message:
"Route Source= prefix is invalid, ignoring assignment: ..."
"Route Destination= prefix is invalid, ignoring assignment: ..."
2017-05-11 14:01:14 -04:00
Zbigniew Jędrzejewski-Szmek
872c403963 update-done: use newly added library function to write the file
Fixes #5861.
2017-05-11 13:43:53 -04:00
Lennart Poettering
271312e37b Merge pull request #5893 from keszybz/memorydenywriteexecute
Add support for more arches for MemoryDenyWriteExecute
2017-05-11 19:42:42 +02:00
Zbigniew Jędrzejewski-Szmek
c826cd3f7c pid1: improve logging when failing to remount / ro (#5940)
https://bugzilla.redhat.com/show_bug.cgi?id=1227736#c49

We counted how many filesystems could not be unmounted, but only for those
filesystems which we tried to unmount. Since we only remount / ro, without
attempting to unmount, we would emit a confusing error message:

Remounting '/' read-only with options 'seclabel,space_cache,subvolid=5,subvol=/'.
Remounting '/' read-only with options 'seclabel,space_cache,subvolid=5,subvol=/'.
Remounting '/' read-only with options 'seclabel,space_cache,subvolid=5,subvol=/'.
All filesystems unmounted.

Warn when remount-ro fails, and for filesystems which we won't try to unmount,
include the failure to remount-ro in n_failed.

A few minor cleanups:
- remove unecessary goto which jumps to the next line anyway
- always calculate n_failed, even if log_error is false. This causes no change
  in behaviour, but I think the code is easier to follow, since the log setting
  cannot influence other logic.
2017-05-11 18:12:41 +02:00
Zbigniew Jędrzejewski-Szmek
39c38d773f basic/fileio: extend atomic file writing with timestamp setting
There should be no functional change.
2017-05-11 10:23:36 -04:00
Tom Gundersen
f5938e8ff3 busctl: monitor - only start printing messages once we have become a monitor (#5931)
A connection becomes a monitor the moment it loses its unique name, so any
messages received before that should not be dumped to the console.

Currently, we print NameAcquired and NameLost for the unique name of the
peer that becomes the monitor, simply discard all messages until we
receive our NameLost signal.
2017-05-11 15:56:55 +02:00
Zbigniew Jędrzejewski-Szmek
52511fae7b core: fix warning about unsigned variable (#5935)
Fixup for d8c92e8bc7.
2017-05-11 08:15:28 +02:00
Susant Sahani
36423ff433 networkd: route replace parse prefix with generic in_addr_prefix_from_string 2017-05-11 10:12:54 +05:30
Peter Hutterer
5efd9f72ca hwdb: add the X200/X201 to the existing X201s entry (#5934)
https://bugs.freedesktop.org/show_bug.cgi?id=100628
2017-05-10 22:29:15 -04:00
Ray Strode
af92daebc5 man: fix LD_LIBRARY_PATH example in environment.d (#5929)
The example for LD_LIBRARY_PATH in the environment.d man page is wrong.

When setting LD_LIBRARY_PATH, the new directory usually needs to be at
the front so it overrides old directories.

In the example, the colon delimiter is correctly prepended to the front, but
the actual new path is erroneously appended to the end.

This commit moves it to the front where it belongs.
2017-05-10 22:23:54 -04:00
Peter Hutterer
61b2f1976c udev: don't allow pointing stick sensitivities greater than 255 (#5927)
It gets truncated, so the result is that people mess with the const accel
because the sensitivity isn't the expected 300 but the too-low 45.

One example: https://bugs.freedesktop.org/show_bug.cgi?id=100965
2017-05-10 21:22:00 +02:00
Lennart Poettering
554a080674 Merge pull request #5920 from fbuihuu/sysusers-disable-gshadow
Sysusers disable group shadow support
2017-05-10 19:46:13 +02:00