1
0
mirror of https://github.com/systemd/systemd.git synced 2024-10-31 07:51:21 +03:00
Commit Graph

39238 Commits

Author SHA1 Message Date
Zbigniew Jędrzejewski-Szmek
ca78ad1de9 headers: remove unneeded includes from util.h
This means we need to include many more headers in various files that simply
included util.h before, but it seems cleaner to do it this way.
2019-03-27 11:53:12 +01:00
Zbigniew Jędrzejewski-Szmek
b45556375e test-fileio: do not use variable before checking return value
Coverity is unhappy because we use "line" in the assert that checks
the return value. It doesn't matter much, but let's clean this up.
Also, let's not assume that /proc/cmdline contains anything.

CID #1400219.
2019-03-27 11:52:54 +01:00
Zbigniew Jędrzejewski-Szmek
a1917c55c3
Merge pull request #12109 from poettering/sleep-minifixes
tiny fixes to sleep.c
2019-03-26 19:26:11 +01:00
Lennart Poettering
3dfbf094ac update TODO 2019-03-26 11:17:23 +01:00
Lennart Poettering
aed9834289 sleep: (void)ify some call 2019-03-26 11:17:23 +01:00
Lennart Poettering
427646ea9d sleep: use negative_errno() where appropriate 2019-03-26 11:17:23 +01:00
Lennart Poettering
adca059d55
Merge pull request #12044 from keszybz/ttyname-malloc-simplification
util-lib: use a fixed buffer size for terminal path
2019-03-26 10:05:29 +01:00
Lennart Poettering
0d53f53bbd tests: add simple testcase for getttyname_malloc() 2019-03-26 09:10:21 +01:00
Zbigniew Jędrzejewski-Szmek
e1af3bc62a
Merge pull request #12106 from poettering/nosuidns
add "nosuid" flag to exec directory mounts of DynamicUser=1 services
2019-03-26 08:58:00 +01:00
Zbigniew Jędrzejewski-Szmek
83eee14f46 logind: reword the polkit prompt for reboot parameter
Let's opt for the simplest description possible so that users actually
understand what we have in mind.
2019-03-26 08:52:18 +01:00
Zbigniew Jędrzejewski-Szmek
99f57a4fea
Merge pull request #12105 from poettering/api-vfs-mount-flags
some API VFS mount flag tweaks
2019-03-26 08:32:53 +01:00
Lennart Poettering
607b358ef2 core: drop suid/sgid bit of files/dirs when doing recursive chown
This adds some extra paranoia: when we recursively chown a directory for
use with DynamicUser=1 services we'll now drop suid/sgid from all files
we chown().

Of course, such files should not exist in the first place, and noone
should get access to those dirs who isn't root anyway, but let's better
be safe than sorry, and drop everything we come across.
2019-03-26 08:29:37 +01:00
Lennart Poettering
25e68fd397 nspawn: minor improvements to --help text 2019-03-26 08:06:00 +01:00
Jörg Sommer
a505736536 completion/zsh/journalctl: Add --no-hostname 2019-03-26 07:59:30 +01:00
Lennart Poettering
c49357e747 man: rework timer docs to use a table for monotonic timers 2019-03-25 20:32:18 +01:00
Lennart Poettering
9ce4e4b0f6 namespace: when DynamicUser=1 is set, mount StateDirectory= bind mounts "nosuid"
Add even more suid/sgid protection to DynamicUser= envionments: the
state directories we bind mount from the host will now have the nosuid
flag set, to disable the effect of nosuid on them.
2019-03-25 19:57:15 +01:00
Lennart Poettering
849b9b85b8 nspawn: mount mqueue with nodev,noexec,nosuid, too
The host mounts it like that, nspawn hence should do too.

Moreover, mount the file system after doing CLONEW_NEWIPC so that it
actually reflects the right mqueues. Finally, mount it wthout
considering it fatal, since POSIX mqueue support is little used and it
should be fine not to support it in the kernel.
2019-03-25 19:53:05 +01:00
Lennart Poettering
5cb02182fd units: set nodev,nosuid,noexec flags for various secondary API VFS
A couple of API VFS we mount via .mount units. Let's set the three flags
for those too, just in case.

This is just paranoia, nothing else, but shouldn't hurt.
2019-03-25 19:39:00 +01:00
Lennart Poettering
64e82c1976 mount-util: beef up bind_remount_recursive() to be able to toggle more than MS_RDONLY
The function is otherwise generic enough to toggle other bind mount
flags beyond MS_RDONLY (for example: MS_NOSUID or MS_NODEV), hence let's
beef it up slightly to support that too.
2019-03-25 19:33:55 +01:00
Lennart Poettering
f0a95a2c6d mount-util: use set_put_strdup() where appropriate 2019-03-25 19:33:55 +01:00
Lennart Poettering
f8b1904f96 mount-util: don't clobber return value in umount_recursive()
We shouldn't override 'r' with the result of cunescape(), since we use
it to return the last error of umount().
2019-03-25 19:33:55 +01:00
Lennart Poettering
867189b545 namespace: get rid of {} around single-line if blocks 2019-03-25 19:33:55 +01:00
Lennart Poettering
39e91a2777 namespace: get rid of local variable 2019-03-25 19:33:55 +01:00
Lennart Poettering
1019a48f40 namespace: (void)ify a number of syscalls 2019-03-25 19:33:55 +01:00
Lennart Poettering
5f7a690aaa namespace: replace one case of stack allocation with heap allocation
The list of mounts might grow quite large, let's avoid the stack for
this. Better safe than sorry.
2019-03-25 19:33:55 +01:00
Lennart Poettering
60a3e982f4
Merge pull request #12081 from poettering/systemctl-love
various small systemctl modernizations and refactoring
2019-03-25 17:06:38 +01:00
Lennart Poettering
1d52a931c6 systemctl: move --failed close to --state= in help text 2019-03-25 15:25:58 +01:00
Lennart Poettering
8e54300425 systemctl: underline sections in help text
Taking inspiration from the recent commit that added that to nspawn's
help text.
2019-03-25 15:25:58 +01:00
Lennart Poettering
3bfa8668b0 systemctl: use structured initialization 2019-03-25 15:25:57 +01:00
Lennart Poettering
2f50e59f2b systemctl: use SYNTHETIC_ERRNO everywhere 2019-03-25 15:23:08 +01:00
Lennart Poettering
63a3b3cb70 systemctl: split out some SysV compat stuff into its own C file
systemctl.c is way to large already. Let's split out some stuff out that
is easy to split out.
2019-03-25 15:23:08 +01:00
Zbigniew Jędrzejewski-Szmek
8461f3680b hwdb: update for v242
Appears to be usual slew of mundane corrections and additions.
2019-03-25 14:52:38 +01:00
Zbigniew Jędrzejewski-Szmek
3e7c973f1a
Merge pull request #12089 from mrc0mmand/journalctl-bash-comp-redirection
bash-completion: use the default completion for shell redirect operators
2019-03-25 14:22:15 +01:00
Lennart Poettering
b82f71c7ff tree-wide: constify a few static string tables 2019-03-25 14:04:34 +01:00
Lennart Poettering
ebfb1b5724 dbus-unit: remove redundant check
We checked this with an assert() a few lines up aleady, no need to check
this again.
2019-03-25 13:48:53 +01:00
Lennart Poettering
e59ba56d78 core: remove unnecessary heap allocation 2019-03-25 13:48:53 +01:00
Lennart Poettering
5787c50932 NEWS: various tweaks and updates for v242 2019-03-25 13:45:45 +01:00
Zbigniew Jędrzejewski-Szmek
fd7887da00
Merge pull request #12087 from yuwata/fix-condition-free-list
util: fix condition_free_list_type()
2019-03-24 13:47:05 +01:00
Frantisek Sumsal
c01dbf6d19 bash-completion: unify indentation 2019-03-23 21:51:04 +01:00
Frantisek Sumsal
1413763ea5 bash-completion: use default completion for redirect operators 2019-03-23 21:50:50 +01:00
Yu Watanabe
4d6cd572a7 fuzz: add testcases for the bug in condition_free_list_type() 2019-03-24 00:35:39 +09:00
Yu Watanabe
1beabe08d6 network,udev: explicitly declare 'conditions' is a list 2019-03-24 00:35:39 +09:00
Yu Watanabe
7bb55ed099 util: fix condition_free_list_type()
This fixes a bug introduced by c4f58deab5.

Closes oss-fuzz#13878, oss-fuzz#13882, oss-fuzz#13884, oss-fuzz#13886, and
oss-fuzz#13888.
2019-03-24 00:34:33 +09:00
Lennart Poettering
16b4623620
Merge pull request #11602 from vesajaaskelainen/dbus-reboot-with-parameters
dbus-manager: Add RebootWithParameters d-bus method
2019-03-22 21:07:47 +01:00
Lennart Poettering
83276695c6
Merge pull request #12079 from keszybz/fuzz-nspawn-oci
Add fuzzer for nspawn-oci
2019-03-22 21:06:17 +01:00
Vesa Jääskeläinen
428b296a59 logind: Add support for RebootParameter
This adds support for user to set & get reboot parameter for reboot.

As callee would be next issuing Reboot call same policy checks are being used.

If unit file issuing the reboot action defines RebootArgument (or similar) that
setting takes precedence.
2019-03-22 20:30:33 +02:00
Lennart Poettering
525ea273de
Merge pull request #12075 from keszybz/two-docs
Two small man page enhancements
2019-03-22 18:11:59 +01:00
Lennart Poettering
e4077ff6f3 nspawn: don't free "fds" twice
Previously both run() and run_container() would free 'fds'. Let's fix
that, and let run() free it but make run_container() already remove all
fds from it, because that's what we actually want to do.

Fixes: #12073
2019-03-22 18:11:27 +01:00
Zbigniew Jędrzejewski-Szmek
b2645747b7 nspawn-oci: fix double free
Also rename function to make it clear that it also frees the array
object itself.
2019-03-22 17:39:12 +01:00
Zbigniew Jędrzejewski-Szmek
54ed9f88dc udev/link-config: rename MACPolicy to MACAddressPolicy
Things are clearer if the same name is used everywhere, and we don't gain
much by saving a few bytes.
2019-03-22 17:16:17 +01:00