1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-07 01:27:11 +03:00
Commit Graph

18761 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
a6dba97829 cryptsetup-generator: remove duplicated function 2015-01-11 23:41:41 -05:00
Zbigniew Jędrzejewski-Szmek
c5e04d5127 fstab-util: detect out-of-range pri= assignments
We would silently ignore them. One would have to be crazy
to do assign an out of range value, but simply ignoring it
bothers me.
2015-01-11 23:41:41 -05:00
Zbigniew Jędrzejewski-Szmek
266fd0eabc .gitignore: add new tests and sort tests alphabetically 2015-01-11 23:41:41 -05:00
Zbigniew Jędrzejewski-Szmek
d15d0333be Add new function to filter fstab options
This fixes parsing of options in shared/generator.c. Existing code
had some issues:

- it would treate whitespace and semicolons as seperators. fstab(5)
  is pretty clear that only commas matter. And the syntax does
  not allow for spaces to be inserted in the field in fstab.
  Whitespace might be escaped, but then it should not seperate
  options. Treat whitespace and semicolons as any other character.
- it assumed that x-systemd.device-timeout would always be followed
  by "=". But this is not guaranteed, hasmntopt will return this
  option even if there's no value. Uninitialized memory could be read.
- some error paths would log, and inconsistently, some would just
  return an error code.

Filtering is split out to a separate function and tests are added.

Similar code paths in other places are adjusted to use the new function.
2015-01-11 23:41:41 -05:00
Zbigniew Jędrzejewski-Szmek
1e39ff926f network: apply static addresses in specified order
https://bugs.freedesktop.org/show_bug.cgi?id=83270
2015-01-11 18:17:33 -05:00
Zbigniew Jędrzejewski-Szmek
502f1733e3 shared/list: add LIST_APPEND 2015-01-11 18:17:33 -05:00
Zbigniew Jędrzejewski-Szmek
33e1e5a756 path-lookup: allow /run to override /etc in generator search
Generators are different than unit files: they are never automatically
generated, so there's no point in allowing /etc to override /run. On
the other hand, overriding /etc might be useful in some cases.
2015-01-11 18:17:33 -05:00
Zbigniew Jędrzejewski-Szmek
4f1a33dd0d test-path-lookup: add simple test for path lookup functions 2015-01-11 18:17:33 -05:00
Zbigniew Jędrzejewski-Szmek
aac7766c10 test-util: make sure that masking and overriding works 2015-01-11 18:17:33 -05:00
Zbigniew Jędrzejewski-Szmek
e801700e9a Implement masking and overriding of generators
Sometimes it is necessary to stop a generator from running. Either
because of a bug, or for testing, or some other reason. The only way
to do that would be to rename or chmod the generator binary, which is
inconvenient and does not survive upgrades. Allow masking and
overriding generators similarly to units and other configuration
files.

For the systemd instance, masking would be more common, rather than
overriding generators. For the user instances, it may also be useful
for users to have generators in $XDG_CONFIG_HOME to augment or
override system-wide generators.

Directories are searched according to the usual scheme (/usr/lib,
/usr/local/lib, /run, /etc), and files with the same name in higher
priority directories override files with the same name in lower
priority directories. Empty files and links to /dev/null mask a given
name.

https://bugs.freedesktop.org/show_bug.cgi?id=87230
2015-01-11 18:17:33 -05:00
Zbigniew Jędrzejewski-Szmek
4968105790 Simplify execute_directory()
Remove the optional sepearate opening of the directory,
it would be just too complicated with the change to
multiple directories.

Move the middle of execute_directory() to a seperate
function to make it easier to grok.
2015-01-11 18:17:33 -05:00
David Herrmann
87b934960a bus-proxy: implement 'at_console'
The 'at_console' policy-category allows to apply policy-items to clients
depending on whether they're run from within a valid user-session or not.
We use sd_uid_get_seats() to check whether a user has a valid seat (which
excludes remote-sessions like ssh).
2015-01-11 17:23:24 +01:00
David Herrmann
b49c7806a3 bus-proxy: print message direction in policy logs
Make sure to print "dbus-1 to kernel" or "kernel to dbus-1" in policy logs
to better diagnose the situation.
2015-01-11 15:27:18 +01:00
David Herrmann
b5cfc2b953 bus-proxy: fix receiver policy on dbus-1 to kdbus signals
If a dbus-1 client sends a broadcasted signal via the bus-proxy to kdbus,
the bus-proxy has no idea who the receiver is. Classic dbus-daemon has
bus-access and can perform policy checks for each receiver, but we cant.
Instead, we know the kernel will perform receiver policy checks for
broadcasts, so we can skip the policy check and just push it into the
kernel.

This fixes wpa_supplicant which has DENY rules on receive_type=signal for
non-root. As we never know the target, we always DENY all broadcasts from
wpa_supplicant.

Note that will still perform receiver-policy checks for signals that we
get from the kernel back to us. In those cases, we know the receiver
(which is us).
2015-01-11 15:14:14 +01:00
David Herrmann
fa188b9b24 bus-proxy: fix swapped path/interface debug messages
The policy debug messages swapped "path=" and "interface=", fix this.
2015-01-11 14:54:33 +01:00
David Herrmann
0042d824e3 bus-proxy: fix policy for expected/non-expected reply tags
dbus-1 distinguishes expected and non-expected replies. An expected reply
is a reply that is sent as answer to a previously forwarded method-call
before the timeout fires. Those replies are, by default, forwarded and
DENY policy tags are ignored on them (unless explicitly stated otherwise).

We don't track reply-windows in the bus-proxy as the kernel already does
this. Furthermore, the kernel prohibits any non-expected replies (which
breaks dbus-1, but it was an odd feature, anyway).

Therefore, skip policy checks on replies and always let the kernel deal
with it!

To be correct, we should still process DENY tags marked as
send_expected_reply=true (which is *NOT* the default!). However, so far we
don't parse those attributes, and no-one really uses it, so lets not
implement it for now. It's marked as TODO if anyone feels like fixing it.
2015-01-11 14:18:29 +01:00
David Herrmann
24b759c5d7 log: fix log_full_errno() with custom facilities
Make sure to extract the log-priority when comparing against
max-log-level, otherwise, we will always drop those messages.

This fixes bus-proxyd to properly send warnings on policy blocks.
2015-01-11 03:16:01 +01:00
Kay Sievers
1325ec4280 build-sys: fix link-order and avoid "label" functions in libsystemd-shared 2015-01-11 00:25:31 +01:00
Kay Sievers
d031efb271 kdbus.h: update 2015-01-10 04:16:18 +01:00
Kay Sievers
1401ec2d34 push xorg information to the systemd --user instance 2015-01-09 21:39:31 +01:00
Lennart Poettering
fa607802f3 update TODO 2015-01-09 21:32:29 +01:00
Lennart Poettering
906b76b27b loginctl: make session/user arguments optional for a number commands, and imply calling session/user instead
This turns "lock-session", "activate", "unlock-session",
"enable-linger", "disable-linger" into commands that take no argument,
optionally in which case the callers session/user is implied.
2015-01-09 21:30:39 +01:00
Lennart Poettering
997eadb553 sd-bus: even if we need a cookie when sending a message there's no need to needlessly send it if we don't actually need it 2015-01-09 21:25:23 +01:00
Lennart Poettering
d714387ed7 bus-proxy: make sure we have creds when two legacy clients talk to each other 2015-01-09 21:24:37 +01:00
Lennart Poettering
4540817b0d hwdb: add Kay's Laser Mouse to the dpi database 2015-01-09 20:28:32 +01:00
Lennart Poettering
48aae6d6a0 bus-proxy-test: show parsed system/session policy 2015-01-09 19:30:01 +01:00
Lennart Poettering
585b46db6b bus-proxy: eat up "*" matches, they are pointless 2015-01-09 19:28:18 +01:00
Lennart Poettering
f5886c92ac bus-proxy: dbus-daemon implies that connections from UIDs that are identical to the bus owner should be allowed
Hence, copy this behaviour for bus-proxy too.
2015-01-09 19:25:23 +01:00
Kay Sievers
a2be9e047e bus-proxyd: xml - consider empty tags as recv 2015-01-09 18:46:08 +01:00
Lennart Poettering
fe21f16764 bus-proxy: make sure sure eavesdrop= XML attributes are properly handled 2015-01-09 18:35:36 +01:00
Lennart Poettering
8cb4ab0058 logind: unify how we cast between uid_t and pointers for hashmap keys 2015-01-09 18:35:36 +01:00
Lennart Poettering
309a29dfd2 logind: when a bus call is done on a session, user or seat, optionally determine them from the caller credentials
More specifically, if an operation is requested on a session with an
empty name, the caller's session is used. If an operation is requested
on a seat with an empty name, the seat of the caller's session is used.
Finally, if an operation on the user with UID -1 is requested, the user
of the client's session is used (and not the UID of the client!).
2015-01-09 18:35:36 +01:00
Lennart Poettering
3909ba34ec man: document that 'loginctl activate' only takes a single argument 2015-01-09 18:35:36 +01:00
Lennart Poettering
b298e98413 logind: include "self" object links in dbus introspection
Makes "busctl introspect" a lot more fun.
2015-01-09 18:35:36 +01:00
Lennart Poettering
86e1f46f92 loginctl: make "loginctl session-status" without session ID show the caller's session status
Similar for user-status and seat-status.
2015-01-09 18:35:36 +01:00
Lennart Poettering
ff0af2a166 core: modernize execution code a bit
Among other things, avoid log_struct() unless we really need it.

Also, use "r" as variable to store function errors in, instead of "err".
"r" is pretty much what we use everywhere else, hence using the same
here make sense.

FInally, in the child, when we want to log, make sure to open the
logging framework first, since it is explicitly closed in preparation
for the exec().
2015-01-09 18:35:36 +01:00
Zbigniew Jędrzejewski-Szmek
b914ea8d37 journal: do not check for number of files
Now that we bump rlimit, we do not really know how many files
we can open. Remove the check.

https://bugzilla.redhat.com/show_bug.cgi?id=1179980
2015-01-09 09:31:26 -05:00
Ronny Chevalier
86d81e502b systemctl: add missing output modes to help message 2015-01-09 13:54:19 +01:00
Ronny Chevalier
e4e5a85f34 shell-completion: add missing output modes
https://bugs.freedesktop.org/show_bug.cgi?id=88216
2015-01-09 13:53:23 +01:00
David Herrmann
7ce9812173 bus: append bloom-filter to all signals
Make sure to append bloom-filters to all signal-messages, not only
broadcasts.
2015-01-09 00:53:30 +01:00
Peter Hutterer
5ebbc3f32f hwdb: add missing line between the G400 entries
Error, DATA expected but got 'mouse:usb:v046dpc24c:name:Logitech G400s Optical
Gaming Mouse:' in '/etc/udev/hwdb.d/70-mouse.hwdb':
Error, MATCH expected but got ' MOUSE_DPI=400@1000 *800@1000 2000@1000
4000@1000' in '/etc/udev/hwdb.d/70-mouse.hwdb':

Introduced in 6366e349
2015-01-09 09:35:19 +10:00
Lennart Poettering
3bd5c32d93 core: check both EPERM and EACCES for OOM adjustments 2015-01-08 23:21:01 +01:00
Lennart Poettering
a47e6701bf update TODO 2015-01-08 23:13:45 +01:00
Lennart Poettering
d5243d6286 core: make EPERM errors when applying OOM adjustment for forked processes non-fatal
This should be useful for user namespaces.
2015-01-08 23:13:45 +01:00
Lennart Poettering
f7621db0e3 loginctl: port to generic verbs.h API 2015-01-08 23:13:45 +01:00
Lennart Poettering
a03fe1a5d5 man: remove references to systemadm from systemctl man page
The tool is badly maintained and we shouldn't refence such old cruft.
2015-01-08 23:13:45 +01:00
Lennart Poettering
f2068bcce0 machined: when cloning a raw disk image, also set the NOCOW flag 2015-01-08 23:13:45 +01:00
Lennart Poettering
e45fc5e738 man: bring machinectl man page up-to-date 2015-01-08 23:13:45 +01:00
Lennart Poettering
b619ec8f83 man: bring systemctl man page and --help text into the same order 2015-01-08 23:13:45 +01:00
Lennart Poettering
17cd091332 man: add the same command sections to the man page as the --help text shows 2015-01-08 23:13:45 +01:00