IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
It seems that systemd still uses legacy -n option. The option has been
originally designed to avoid write to /etc/mtab during boot when root
FS is not ready or read-only.
This is not necessary for long time, because /etc/mtab is not a real
file (it's symlink) and write to the file is impossible. All utils
should be able to detect the symlink and ignore mtab. This concept is
supported for very long time before systemd.
The userspase mount options are currently maintained by libmount
(mount(8) and mount.nfs) in /run/mount) which is tmpfs initialized
during early boot.
Start-up timestamp of a user instance (userspace_time in struct boot_times)
actually may be arbitrarily big. This, because all timestamps are offset by
that value, leads to creation of arbitrarily wide SVGs which almost completely
consist of blank space.
Fix this by inverse-offsetting all timestamps by that value if user instance
operation is requested.
Fixes#740.
Given three DNS names this function indicates if the second argument lies
strictly between the first and the third according to the canonical DNS
name order. Note that the order is circular, so the last name is
considered to be before the first.
The canonical DNS name ordering considers the rightmost label the most significant,
we were considering it the least significant. This is important when implementing
NSEC, which relies on the correct order.
Intended to be called repeatedly, and returns then successive unescaped labels
from the most to the least significant (left to right).
This is slightly inefficient as it scans the string three times (two would be
sufficient): once to find the end of the string, once to find the beginning
of each label and lastly once to do the actual unescaping. The latter two
could be done in one go, but that seemed unnecessarily convoluted.
As we have connect()ed to the desired DNS server, we no longer need to pass
control messages manually when sending packets. Simplify the logic accordingly.
This function emits the UDP packet via the scope, but first it will
determine the current server (and connect to it) and store the
server in the transaction.
This should not change the behavior, but simplifies the code.
Even when we use shortened, combined words, we still should uppercase
where a new word starts. I couldn't find a canonically capitalized
version of this term, hence I think we should follow our naming rules
here.
This drops the libsystemd-terminal and systemd-consoled code for various
reasons:
* It's been sitting there unfinished for over a year now and won't get
finished any time soon.
* Since its initial creation, several parts need significant rework: The
input handling should be replaced with the now commonly used libinput,
the drm accessors should coordinate the handling of mode-object
hotplugging (including split connectors) with other DRM users, and the
internal library users should be converted to sd-device and friends.
* There is still significant kernel work required before sd-console is
really useful. This includes, but is not limited to, simpledrm and
drmlog.
* The authority daemon is needed before all this code can be used for
real. And this will definitely take a lot more time to get done as
no-one else is currently working on this, but me.
* kdbus maintenance has taken up way more time than I thought and it has
much higher priority. I don't see me spending much time on the
terminal code in the near future.
If anyone intends to hack on this, please feel free to contact me. I'll
gladly help you out with any issues. Once kdbus and authorityd are
finished (whenever that will be..) I'll definitely pick this up again. But
until then, lets reduce compile times and maintenance efforts on this code
and drop it for now.
With access to the server when creating the socket, we can connect()
to the server and hence simplify message sending and receiving in
follow-up patches.
Close the socket when changing the server in a transaction, in
order for it to be reopened with the right server when we send
the next packet.
This fixes a regression where we could get stuck with a failing
server.
Each signal of the ObjectManager interface carries the path of the object
in question as an argument. Therefore, a caller will deduce the object
this signal is generated for, by parsing the _argument_. A caller will
*not* use the object-path of the message itself (i.e., message->path).
This is done on purpose, so the caller can rely on message->path to be
the path of the actual object-manager that generated this signal, instead
of the path of the object that triggered this signal.
This commit fixes all InterfacesAdded/Removed signals to use the path of
the closest object-manager as message->path. 'closest' in this case means
closest parent with at least one object-manager registered.
This fix raises the question what happens if we stack object-managers in
a hierarchy. Two implementations are possible: First, we report each
object only on the nearest object-manager. Second, we report it on each
parent object-manager. This patch chooses the former. This is compatible
with other existing ObjectManager implementations, which are required to
call GetManagedObjects() recursively on each object they find, which
implements the ObjectManager interface.
Add the PID we are proxying for, as well as the message's sender and
destination string, to the debug message that is printed when the proxy
drops unmatched broadcasts.
Justification is similar to BPDUGuard rename. "Positive" values
are easier. This is a rather uncommon option, so using a slightly
longer name should not be a problem, and may in fact may make it
easier to guess what the option does without reading the
documentation.
Looking at the kernel commit, "on" seems to be the default value:
commit 867a59436fc35593ae0e0efcd56cc6d2f8506586
Author: Vlad Yasevich <vyasevic@redhat.com>
Date: Wed Jun 5 10:08:01 2013 -0400
bridge: Add a flag to control unicast packet flood.
Add a flag to control flood of unicast traffic. By default, flood is
on and the bridge will flood unicast traffic if it doesn't know
the destination. When the flag is turned off, unicast traffic
without an FDB will not be forwarded to the specified port.
... and it seems to be the reasonable thing to do by default.
Rename to follow the follow the style of other options.
In general "positive" options are preferred to "negative" ones,
because they are easier to describe and easier for humans to
parse (c.f. the shortening on the man page entry).
Old name was slightly misleading, because this flag does not determine
whether DSCP is used overall, but only if it is copied to the
decapsulated packet. Rename to better reflect that.
"Copy" does not imply direction. This is on purpose, because we might
later on enhance the setting to allow/disallow copying in the other
direction, to the encapsulated packet. If that is implemented,
CopyDSCP could understand additional values. This is nicer than
having two separate settings and follows the example of DHCP=.
Also, we try to avoid abbreviations, but we allow acronyms
like MTU, in DiscoverPathMTU=.
This setting was recently added, so it's fine to rename it without
backwards compat.
The expire timeout must be started/stopped if the corresponding mount unit
changes its state, e.g. it is started via local-fs.target or stopped by a
manual umount.
Return the token immediately instead. Otherwise the token is never returned
to the kernel, because the umount job is a noop and will not trigger a
state change.
The timer value for automount unit specified with TimeoutIdleSec= is rounded
up to one second if that directive is set to 0.
Fix this by bailing early in automount_enter_runnning() in case no timeout is
requested.
free() cannot be used with const pointers. However, our _cleanup_free_
handler features cast logic that hides that qualifier, so we don't get a
warning.
In bus_kernel_translate_message(), we print a DEBUG message on unknown
items. But right now, we also print this message for KDBUS_ITEM_TIMESTAMP
despite parsing it properly. Fix this!
The autofs kernel idle logic requires us to poll the kernel for
idleness. This is of course suboptimal, but cannot be fixed without
kernel change.
Currently the polling frequency is set to 1/10 of the idle timeout. This
is quite high, as seen in #571. Let's lower this to 1/3.
In the english language the first character of a sentence is supposed to
be uppercase. Let's make sure this also applies to the journal
verification error messages.
When a new journal file is created we write the header first, then sync
and only then create the data and field hash tables in them. That means
to other processes it might appear that the files have a valid header
but not data and field hash tables. Our reader code should be able to
deal with this.
With this change we'll not map the two hash tables right-away after
opening a file for reading anymore (because that will of course fail if
the objects are missing), but delay this until the first time we access
them. On top of that, when we want to look something up in the hash
tables and we notice they aren't initialized yet, we consider them
empty.
This improves handling of some journal files reported in #487.
so far, when we read something from /proc/$PID we would pass on the
ENOENT from the kernel as error, if the process was missing. With this
change we systematically convert this to ESRCH, which is the more
appropriate error code, and what all the other glibc/syscalls like
kill() use.
All code that calls these functions should be fine with this change. In
fact, one invocation of get_process_exe() in bus-creds.c already assumed
ESRCH would be returned if a process is missing, and this assumption is
now validated after the change.
Virtualbox 5.0 now supports kvm hypervisor. In this case cpuid
identidies as "kvm", which breaks units depending on
ConditionVirtualization=oracle.
So return "oracle" even with kvm hypervisor.
We can never read past the end of the packet, so this seems impossible
to exploit, but let's error out early as reading past the end of the
current RR is clearly an error.
Found by Lennart, based on patch by Daniel.
Most blobs (keys, signatures, ...) should have a specific size given by
the relevant algorithm. However, as we don't use/verify the algorithms
yet, let's just ensure that we don't read out zero-length data in cases
where this does not make sense.
The only exceptions, where zero-length data is allowed are in the NSEC3
salt field, and the generic data (which we don't know anything about,
so better not make any assumptions).
a) use memcmp() to compare bitmaps efficiently
b) use UINT64_C() macro instead of ULL suffixes to get right suffix for
uint64_t constants
c) add a few assert()s
d) when comparing integers with 0 we generally try to make this explicit
with "!= 0".
e) remove redundant bitmap_isset() if check, as we don't have it in
bitmap_isset() either.
f) It should be fine to invoke bitmap_unset() on a NULL bitmap
