1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-08 11:27:32 +03:00
Commit Graph

7994 Commits

Author SHA1 Message Date
Michal Schmidt
5ebff53375 util: never follow symlinks in rm_rf_children()
The function checks if the entry is a directory before recursing, but
there is a window between the check and the open, during which the
directory could be replaced with a symlink.

CVE-2012-1174
https://bugzilla.redhat.com/show_bug.cgi?id=803358
2012-03-16 18:33:02 +01:00
Lennart Poettering
16f1239e1e build-sys: prepare release 44 2012-03-16 01:57:47 +01:00
Lennart Poettering
5ee9f21e86 build-sys: don't build distcheck version with split /usr 2012-03-16 01:44:16 +01:00
Lennart Poettering
38cacf5acd man: make sure we ship HTML versions of the man pages in the tarball 2012-03-16 01:25:32 +01:00
Lennart Poettering
5c3246b1a6 man: document journal features of systemctl(1) 2012-03-16 01:00:23 +01:00
Lennart Poettering
2af777ba96 man: document systemd-journalctl(1) 2012-03-16 00:50:52 +01:00
Lennart Poettering
b47ffcfdfd man: document systemd-journald.conf(5) 2012-03-15 23:25:14 +01:00
Lennart Poettering
44f44a29cc man: document systemd-machine-id-setup(1) 2012-03-15 22:36:33 +01:00
Lennart Poettering
9aac0b2c19 man: document systemd-cat(1) 2012-03-15 22:19:36 +01:00
Frederic Crozat
ccdbaf9111 journal: only use uint8_t for state 2012-03-15 20:53:03 +01:00
Lennart Poettering
34a35eced4 a couple of fixes to make llvm-analyze quiet 2012-03-15 20:49:25 +01:00
Tero Roponen
490e567dbb journalctl: add a missing 'break'
There is a 'break' missing in the -q handling
so, for example, 'systemd-journalctl --new-id128 -q'
does nothing.

This patch fixes the problem.
2012-03-15 14:12:30 +01:00
Kay Sievers
d3c7d7dd77 update TODO 2012-03-15 12:43:53 +01:00
Lennart Poettering
27d1ae066c journald: don't try to roatet corrupted files when we open read-only anyway 2012-03-15 03:01:09 +01:00
Lennart Poettering
5e62067d08 journald: adjust permissions for rotated files 2012-03-15 03:01:09 +01:00
Lennart Poettering
c042179388 journald: take corrupted files into account when calculating disk space 2012-03-15 03:01:09 +01:00
Lennart Poettering
e7bf07b3d4 journald: be a bit more verbose 2012-03-15 03:01:09 +01:00
Lennart Poettering
a3a52c0fd0 journald: fix calculation of disk space 2012-03-15 03:01:09 +01:00
Lennart Poettering
15944db871 journald: copy metrics/compression state from template when rotating 2012-03-15 03:01:09 +01:00
Lennart Poettering
71100051c5 journald: increase max file size to 128MB 2012-03-15 02:57:39 +01:00
Lennart Poettering
5c70eab445 journal: vacuum corrupted files, too 2012-03-15 01:35:03 +01:00
Lennart Poettering
9447a7f1de journal: if we encounter a corrupted file, rotate and go on 2012-03-15 01:13:01 +01:00
Lennart Poettering
4d1c38b807 nspawn: mount /etc/timezone into nspawn environment too 2012-03-15 00:45:02 +01:00
Lennart Poettering
6bc1ce40e5 journald: fix typo 2012-03-15 00:44:26 +01:00
Lennart Poettering
4f4d6a7073 journalctl: suppress messages about adm group if ACL support is not enabled 2012-03-15 00:44:10 +01:00
Lennart Poettering
fb0864e7b9 virt: the pidns controller does not exist anymore 2012-03-15 00:43:47 +01:00
Lennart Poettering
67aa455172 journald: set SO_PASSEC only if selinux is enabled 2012-03-14 20:07:50 +01:00
Lennart Poettering
4367379907 journalctl: warn if the user is not in the adm group 2012-03-14 19:54:22 +01:00
Lennart Poettering
18da49531e update TODO 2012-03-14 19:10:29 +01:00
Lennart Poettering
071fd8c21e journal: fix memory leak 2012-03-14 18:31:38 +01:00
Kay Sievers
91418155ae rules sort order: /lib, /run, /etc
After long consideration we came to the conclusion that user
configuration in /etc should always override the (generally
computer generated) configuration in /run. User configuration
should always be what matters over anything else. Hence rearrange
the search orders accordingly. In general this should change
very little as overriding like this is seldomn done so far,
and the order between /etc and /usr stays the same.
2012-03-14 18:10:59 +01:00
Marti Raudsepp
189f6d82ee journal: Don't hold pointers to journal while remapping
Hi!

I was trying out the journal and the journalctl utility sometimes
crashed on me. After some debugging, I tracked it down to the fact
that next_with_matches() holds the "c" object pointer through the
journal_file_next_entry_for_data() call -- which apparently may re-map
the journal file, invalidating the pointer.

The attached patch fixes this crash for me, but being unfamiliar with
the code, I don't know if I'm doing the right thing.

This patch is also available from my github repository:
git://github.com/intgr/systemd.git
https://github.com/intgr/systemd

Regards,
Marti

For the record, here's the original stack trace at the time of remapping:

ret=0x7fff1d5cdec0) at src/journal/journal-file.c:330
ret=0x7fff1d5cdf28) at src/journal/journal-file.c:414
ret=0x7fff1d5ce0a0, offset=0x7fff1d5ce098) at
src/journal/journal-file.c:1101
i=5705, ret=0x7fff1d5ce0a0, offset=0x7fff1d5ce098) at
src/journal/journal-file.c:1147
p=6413608, data_offset=66600, direction=DIRECTION_DOWN,
ret=0x7fff1d5ce0a0, offset=0x7fff1d5ce098) at
src/journal/journal-file.c:1626
direction=DIRECTION_DOWN, ret=0x7fff1d5ce120, offset=0x7fff1d5ce128)
at src/journal/sd-journal.c:533
direction=DIRECTION_DOWN, ret=0x7fff1d5ce170, offset=0x7fff1d5ce178)
at src/journal/sd-journal.c:595
src/journal/sd-journal.c:651

From 9266fc6a58065a7c5dab67430fd78925e519dce9 Mon Sep 17 00:00:00 2001
From: Marti Raudsepp <marti@juffo.org>
Date: Fri, 9 Mar 2012 16:23:00 +0200
Subject: [PATCH] journal: Don't hold pointers to journal while remapping

This would cause a segfault otherwise.
2012-03-14 17:55:55 +01:00
Lennart Poettering
8af0fcdb90 update TODO 2012-03-14 17:23:43 +01:00
Lennart Poettering
17a949114d log: introduce log_metav 2012-03-14 14:54:41 +01:00
Lennart Poettering
0d1575814b update TODO 2012-03-14 14:37:49 +01:00
Lennart Poettering
9d648202eb pkg-config: bring unit search path order in sync with the code 2012-03-14 14:31:57 +01:00
Lennart Poettering
b412ab3bcc path-lookup: rearrange things so that the system path order follows the user path order 2012-03-14 14:31:50 +01:00
Lennart Poettering
fc1a2e06a2 conf: when looking for configurations look in /etc first, in /run second
After long consideration we came to the conclusion that user
configuration in /etc should always override the (generally computer
generated) configuration in /run. User configuration should always be
what matters over anything else. Hence rearrange the search orders
accordingly.

In general this should change very little as overriding like this is
seldomn done so far, and the order between /etc and /usr stays the same.
2012-03-14 14:25:05 +01:00
Lennart Poettering
45dc3a0478 man: document where we read kernel cmdline options from 2012-03-14 14:13:12 +01:00
Lennart Poettering
09b967eaa5 machine-id: initialize from $container_uuid if not set otherwise
This is a result of the discussions on

https://bugs.freedesktop.org/show_bug.cgi?id=46894
2012-03-14 14:06:42 +01:00
Lennart Poettering
2d44fc7ba5 journald: allocate PAGE_SIZE bytes for selinux label length
As suggested in https://bugzilla.redhat.com/show_bug.cgi?id=798760
2012-03-14 03:39:15 +01:00
Lennart Poettering
77b088c211 socket: make sure that the name for per-connection services are unique
If a client connects to us repeatedly always using the same source port
and we instantiate a service for the incoming connection this might
clash with an old instance. Hence, include the connection number, the
same way we do it for AF_UNIX to make connections unique.

https://bugs.freedesktop.org/show_bug.cgi?id=45297
2012-03-14 03:07:26 +01:00
Lennart Poettering
9586cdfab6 socket: if we fail to create an instantiated service for a socket, don't put the socket in failure mode
An incoming connection that is immediately terminated might result in
getpeername() or a similar call failing. Hence it is quite possible that
while we are setting up an instantiated service for a socket we might
get an error and we shouldn't take this as hint to take the listening
socket down.

https://bugs.freedesktop.org/show_bug.cgi?id=45297
https://bugzilla.novell.com/show_bug.cgi?id=741590
2012-03-14 03:01:27 +01:00
Kay Sievers
4b50a3d004 extras: ata_id - do not log error if HDIO_GET_IDENTITY fails
<tomegun> kay: is this a valid issue: https://bugs.archlinux.org/task/27060 ?
<kay> tomegun: udev does not really care if that fails
<tomegun> kay: the suggestion there is to treat EINVAL the same way we treat ENOTTY (i.e. as an info only)
<tomegun> if it really does not matter it might make sense to avoid bogus bug reports
<kay> tomegun: done
2012-03-14 01:01:16 +01:00
Lennart Poettering
6b80b9b8ee update TODO 2012-03-13 13:44:47 +01:00
Kay Sievers
746b5152cc extras: path_id - add comment about readdir() rebase logic 2012-03-13 12:55:53 +01:00
Lennart Poettering
9631c090fd mount: fix assertion
https://bugzilla.redhat.com/show_bug.cgi?id=768523
2012-03-13 03:34:42 +01:00
Lennart Poettering
62f168a05b conf-parser: warn if an assignment is place outside of a section
https://bugzilla.redhat.com/show_bug.cgi?id=783134
2012-03-13 02:41:29 +01:00
Lennart Poettering
b19be9eb9e util: add brute-force fallback for close_all_fds()
If /proc is not available (i.e. in chroot envs) let's fall back to brute
forcing our way through the fd table.

https://bugzilla.redhat.com/show_bug.cgi?id=784921
2012-03-13 02:29:27 +01:00
Lennart Poettering
7f2c63cbf4 journald: use SCM_SECURITY to race-freely determine peer SELinux label
https://bugzilla.redhat.com/show_bug.cgi?id=798760
2012-03-13 02:29:10 +01:00