Zbigniew Jędrzejewski-Szmek
ca78ad1de9
headers: remove unneeded includes from util.h
...
This means we need to include many more headers in various files that simply
included util.h before, but it seems cleaner to do it this way.
2019-03-27 11:53:12 +01:00
Zbigniew Jędrzejewski-Szmek
b45556375e
test-fileio: do not use variable before checking return value
...
Coverity is unhappy because we use "line" in the assert that checks
the return value. It doesn't matter much, but let's clean this up.
Also, let's not assume that /proc/cmdline contains anything.
CID #1400219 .
2019-03-27 11:52:54 +01:00
Zbigniew Jędrzejewski-Szmek
a1917c55c3
Merge pull request #12109 from poettering/sleep-minifixes
...
tiny fixes to sleep.c
2019-03-26 19:26:11 +01:00
Lennart Poettering
3dfbf094ac
update TODO
2019-03-26 11:17:23 +01:00
Lennart Poettering
aed9834289
sleep: (void)ify some call
2019-03-26 11:17:23 +01:00
Lennart Poettering
427646ea9d
sleep: use negative_errno() where appropriate
2019-03-26 11:17:23 +01:00
Lennart Poettering
adca059d55
Merge pull request #12044 from keszybz/ttyname-malloc-simplification
...
util-lib: use a fixed buffer size for terminal path
2019-03-26 10:05:29 +01:00
Lennart Poettering
0d53f53bbd
tests: add simple testcase for getttyname_malloc()
2019-03-26 09:10:21 +01:00
Zbigniew Jędrzejewski-Szmek
e1af3bc62a
Merge pull request #12106 from poettering/nosuidns
...
add "nosuid" flag to exec directory mounts of DynamicUser=1 services
2019-03-26 08:58:00 +01:00
Zbigniew Jędrzejewski-Szmek
83eee14f46
logind: reword the polkit prompt for reboot parameter
...
Let's opt for the simplest description possible so that users actually
understand what we have in mind.
2019-03-26 08:52:18 +01:00
Zbigniew Jędrzejewski-Szmek
99f57a4fea
Merge pull request #12105 from poettering/api-vfs-mount-flags
...
some API VFS mount flag tweaks
2019-03-26 08:32:53 +01:00
Lennart Poettering
607b358ef2
core: drop suid/sgid bit of files/dirs when doing recursive chown
...
This adds some extra paranoia: when we recursively chown a directory for
use with DynamicUser=1 services we'll now drop suid/sgid from all files
we chown().
Of course, such files should not exist in the first place, and noone
should get access to those dirs who isn't root anyway, but let's better
be safe than sorry, and drop everything we come across.
2019-03-26 08:29:37 +01:00
Lennart Poettering
25e68fd397
nspawn: minor improvements to --help text
2019-03-26 08:06:00 +01:00
Jörg Sommer
a505736536
completion/zsh/journalctl: Add --no-hostname
2019-03-26 07:59:30 +01:00
Lennart Poettering
c49357e747
man: rework timer docs to use a table for monotonic timers
2019-03-25 20:32:18 +01:00
Lennart Poettering
9ce4e4b0f6
namespace: when DynamicUser=1 is set, mount StateDirectory= bind mounts "nosuid"
...
Add even more suid/sgid protection to DynamicUser= envionments: the
state directories we bind mount from the host will now have the nosuid
flag set, to disable the effect of nosuid on them.
2019-03-25 19:57:15 +01:00
Lennart Poettering
849b9b85b8
nspawn: mount mqueue with nodev,noexec,nosuid, too
...
The host mounts it like that, nspawn hence should do too.
Moreover, mount the file system after doing CLONEW_NEWIPC so that it
actually reflects the right mqueues. Finally, mount it wthout
considering it fatal, since POSIX mqueue support is little used and it
should be fine not to support it in the kernel.
2019-03-25 19:53:05 +01:00
Lennart Poettering
5cb02182fd
units: set nodev,nosuid,noexec flags for various secondary API VFS
...
A couple of API VFS we mount via .mount units. Let's set the three flags
for those too, just in case.
This is just paranoia, nothing else, but shouldn't hurt.
2019-03-25 19:39:00 +01:00
Lennart Poettering
64e82c1976
mount-util: beef up bind_remount_recursive() to be able to toggle more than MS_RDONLY
...
The function is otherwise generic enough to toggle other bind mount
flags beyond MS_RDONLY (for example: MS_NOSUID or MS_NODEV), hence let's
beef it up slightly to support that too.
2019-03-25 19:33:55 +01:00
Lennart Poettering
f0a95a2c6d
mount-util: use set_put_strdup() where appropriate
2019-03-25 19:33:55 +01:00
Lennart Poettering
f8b1904f96
mount-util: don't clobber return value in umount_recursive()
...
We shouldn't override 'r' with the result of cunescape(), since we use
it to return the last error of umount().
2019-03-25 19:33:55 +01:00
Lennart Poettering
867189b545
namespace: get rid of {} around single-line if blocks
2019-03-25 19:33:55 +01:00
Lennart Poettering
39e91a2777
namespace: get rid of local variable
2019-03-25 19:33:55 +01:00
Lennart Poettering
1019a48f40
namespace: (void)ify a number of syscalls
2019-03-25 19:33:55 +01:00
Lennart Poettering
5f7a690aaa
namespace: replace one case of stack allocation with heap allocation
...
The list of mounts might grow quite large, let's avoid the stack for
this. Better safe than sorry.
2019-03-25 19:33:55 +01:00
Lennart Poettering
60a3e982f4
Merge pull request #12081 from poettering/systemctl-love
...
various small systemctl modernizations and refactoring
2019-03-25 17:06:38 +01:00
Lennart Poettering
1d52a931c6
systemctl: move --failed close to --state= in help text
2019-03-25 15:25:58 +01:00
Lennart Poettering
8e54300425
systemctl: underline sections in help text
...
Taking inspiration from the recent commit that added that to nspawn's
help text.
2019-03-25 15:25:58 +01:00
Lennart Poettering
3bfa8668b0
systemctl: use structured initialization
2019-03-25 15:25:57 +01:00
Lennart Poettering
2f50e59f2b
systemctl: use SYNTHETIC_ERRNO everywhere
2019-03-25 15:23:08 +01:00
Lennart Poettering
63a3b3cb70
systemctl: split out some SysV compat stuff into its own C file
...
systemctl.c is way to large already. Let's split out some stuff out that
is easy to split out.
2019-03-25 15:23:08 +01:00
Zbigniew Jędrzejewski-Szmek
8461f3680b
hwdb: update for v242
...
Appears to be usual slew of mundane corrections and additions.
2019-03-25 14:52:38 +01:00
Zbigniew Jędrzejewski-Szmek
3e7c973f1a
Merge pull request #12089 from mrc0mmand/journalctl-bash-comp-redirection
...
bash-completion: use the default completion for shell redirect operators
2019-03-25 14:22:15 +01:00
Lennart Poettering
b82f71c7ff
tree-wide: constify a few static string tables
2019-03-25 14:04:34 +01:00
Lennart Poettering
ebfb1b5724
dbus-unit: remove redundant check
...
We checked this with an assert() a few lines up aleady, no need to check
this again.
2019-03-25 13:48:53 +01:00
Lennart Poettering
e59ba56d78
core: remove unnecessary heap allocation
2019-03-25 13:48:53 +01:00
Lennart Poettering
5787c50932
NEWS: various tweaks and updates for v242
2019-03-25 13:45:45 +01:00
Zbigniew Jędrzejewski-Szmek
fd7887da00
Merge pull request #12087 from yuwata/fix-condition-free-list
...
util: fix condition_free_list_type()
2019-03-24 13:47:05 +01:00
Frantisek Sumsal
c01dbf6d19
bash-completion: unify indentation
2019-03-23 21:51:04 +01:00
Frantisek Sumsal
1413763ea5
bash-completion: use default completion for redirect operators
2019-03-23 21:50:50 +01:00
Yu Watanabe
4d6cd572a7
fuzz: add testcases for the bug in condition_free_list_type()
2019-03-24 00:35:39 +09:00
Yu Watanabe
1beabe08d6
network,udev: explicitly declare 'conditions' is a list
2019-03-24 00:35:39 +09:00
Yu Watanabe
7bb55ed099
util: fix condition_free_list_type()
...
This fixes a bug introduced by c4f58deab5
.
Closes oss-fuzz#13878, oss-fuzz#13882, oss-fuzz#13884, oss-fuzz#13886, and
oss-fuzz#13888.
2019-03-24 00:34:33 +09:00
Lennart Poettering
16b4623620
Merge pull request #11602 from vesajaaskelainen/dbus-reboot-with-parameters
...
dbus-manager: Add RebootWithParameters d-bus method
2019-03-22 21:07:47 +01:00
Lennart Poettering
83276695c6
Merge pull request #12079 from keszybz/fuzz-nspawn-oci
...
Add fuzzer for nspawn-oci
2019-03-22 21:06:17 +01:00
Vesa Jääskeläinen
428b296a59
logind: Add support for RebootParameter
...
This adds support for user to set & get reboot parameter for reboot.
As callee would be next issuing Reboot call same policy checks are being used.
If unit file issuing the reboot action defines RebootArgument (or similar) that
setting takes precedence.
2019-03-22 20:30:33 +02:00
Lennart Poettering
525ea273de
Merge pull request #12075 from keszybz/two-docs
...
Two small man page enhancements
2019-03-22 18:11:59 +01:00
Lennart Poettering
e4077ff6f3
nspawn: don't free "fds" twice
...
Previously both run() and run_container() would free 'fds'. Let's fix
that, and let run() free it but make run_container() already remove all
fds from it, because that's what we actually want to do.
Fixes : #12073
2019-03-22 18:11:27 +01:00
Zbigniew Jędrzejewski-Szmek
b2645747b7
nspawn-oci: fix double free
...
Also rename function to make it clear that it also frees the array
object itself.
2019-03-22 17:39:12 +01:00
Zbigniew Jędrzejewski-Szmek
54ed9f88dc
udev/link-config: rename MACPolicy to MACAddressPolicy
...
Things are clearer if the same name is used everywhere, and we don't gain
much by saving a few bytes.
2019-03-22 17:16:17 +01:00