1
0
mirror of https://github.com/systemd/systemd.git synced 2025-01-18 10:04:04 +03:00

19295 Commits

Author SHA1 Message Date
David Herrmann
d90c154eb1 bus-proxy: don't fake data we don't have
UDS sockets transmit EUID+EGID only. Don't try to fake data we don't know!
Otherwise, this might be used to override user-limits by non-root setuid
programs (by faking UID==EUID).

Now that sd-bus is fixed to always use EUID even on UDS, we can safely set
all other UID/GID fields to INVALID.
2015-02-14 15:13:38 +01:00
Bruno Bottazzini
9cad100eca util: use a shared lookup function for string tables
Macro DEFINE_STRING_TABLE_LOOKUP expands to a new function for each
of the almost 120 tables throghout the code.
Move the its implementation to a function (guaranteed to never be inlined),
and make the macro expand to an inlined function that calls this function.
This saves a few kilobytes from the systemd binary

(David: - fix coding-style
        - use 'ssize_t' to fix 32bit to 64bit propagation
        - use streq_ptr())
2015-02-14 14:32:27 +01:00
Tom Gundersen
60c3556660 networkd: network - rename ipv6token parser
Too generic name.
2015-02-14 00:32:56 +01:00
Tom Gundersen
56fd6bf795 networkd: .network - rename LinkLocal to LinkLocalAddressing
Makes it a bit less ambiguous.
2015-02-14 00:32:26 +01:00
Tom Gundersen
113bfde15f man: systemd.network - document IPv6Token 2015-02-14 00:30:51 +01:00
Djalal Harouni
84dd59b51c sd-rtnl: add missing IFLA_INET6_ADDR_GEN_MODE definition
Add missing IFLA_INET6_ADDR_GEN_MODE definition so we can build with
kernel headers < 3.17
2015-02-14 00:17:47 +01:00
Tom Gundersen
e7337bae09 TODO 2015-02-14 00:16:13 +01:00
Lennart Poettering
c74f883c6f bus-proxy: ECONNRESET/ENOTCONN can hit us on every step, hence handle it on every step 2015-02-13 17:18:36 +01:00
Lennart Poettering
5569b33a8c bus-proxy: a few simplifications 2015-02-13 17:18:36 +01:00
Lennart Poettering
e044970a29 sd-bus: initialize a few structs at time or declaration 2015-02-13 17:18:36 +01:00
Lennart Poettering
95eb099fa8 bus-proxy: close each connection fd only once
After passing the fds over to the sd_bus object, we should forget them,
so that we don't close them a second time when the object goes away.
2015-02-13 17:18:36 +01:00
Lennart Poettering
557b5d4a94 bus-proxy: also consider ENOTCONN a clean termination condition
Sometimes, when we try to reply to messages we don't check return
values. This means we might miss a ECONNRESET, and will get a ENOTCONN
on next command. Treat both the same hence.
2015-02-13 17:18:35 +01:00
Tom Gundersen
a8ba6cd15d exit-on-idle: only exit if actually idle
sd_event_wait() returning 0 usually means that it timed out, which means it must
have been idle. However, sd_event_wait() may return 0 in case an event was triggered
but it turned out there was nothing to do. Make the check for idle explicit to avoid
this edge-case.
2015-02-13 16:32:02 +01:00
Lennart Poettering
5f6cb09127 bus-proxy: whenever we cannot forward a message, report this back to caller, but don't exit
Errors like EPERM from the kernel should certainly not be reason to
exit. Let's try to be defensive here, and try to continue on most send
errors, but possibly tell the sender about it.
2015-02-13 15:49:51 +01:00
Lennart Poettering
1433efd219 bus-proxy: rename synthetic_reply_return_strv() to synthetic_reply_method_return_strv()
That way it matches more closely the nomenclature of our other
success reply calls.
2015-02-13 15:49:51 +01:00
Lennart Poettering
418e4cb07d bus-proxy: minor simplifications 2015-02-13 15:49:51 +01:00
Lennart Poettering
07a0d22f9e sd-bus: export sd_bus_error_set_errnofv() 2015-02-13 15:49:51 +01:00
Lennart Poettering
61adca52f6 bus-proxy: no need to negate error codes, log_error_errno() already does it 2015-02-13 15:49:51 +01:00
Lennart Poettering
1140e15410 bus-proxy: tell Coverity we don't care about these return values 2015-02-13 15:49:51 +01:00
Lennart Poettering
d27efd9384 bus-proxy: we don't pointlessly abbreviate function names
It's fine to abbreviate local variables, but it's not OK to abbreviate
function names needlessly. This is not an excercise in writing
unreadable code.
2015-02-13 15:49:51 +01:00
Daniel Mack
403193f54b sd-bus: sync kdbus.h (ABI break)
Another slice logic rework in kdbus made KDBUS_ITEM_PAYLOAD_OFF items
relative to the message header again. Catch up with that in sd-bus.
2015-02-13 14:55:51 +01:00
Lennart Poettering
7d5fed66a6 units: turn on --network-veth by default for systemd-nspawn@.service
Given the recent improvements in networkd, it's probably the better
default now.
2015-02-13 14:35:50 +01:00
Lennart Poettering
93391a8bad units: fix systemd-networkd.service in containers lacking CAP_NET_ADMIN 2015-02-13 14:30:05 +01:00
Lennart Poettering
6813a2fe4e hwdb: update name databases 2015-02-13 14:09:17 +01:00
Lennart Poettering
29dff93227 build-sys: already bump package version in preparation for next release
(don't misunderstand this, the release is still out quite a bit...)
2015-02-13 11:07:18 +01:00
Lennart Poettering
f9d4ea9e4e build-sys: bump sonames in preparation for next release 2015-02-13 11:07:18 +01:00
Lennart Poettering
11ea2781ee NEWS: add contributors list 2015-02-13 11:07:18 +01:00
Martin Pitt
0c13be389f rules: simplify mmc RPMB handling
We don't actually want a by-path/ symlink for MMC RPMB devices, so just add
them to the blacklist. This will prevent creating wrong by-path links and
blkid'ing those.
2015-02-13 10:59:38 +01:00
Martin Pitt
b87b01cf83 rules: Fix by-path of mmc RPMB partitions and don't blkid them
Linux 3.10+ exposes RPMB (Replay Protected Memory Block) partitions of MMC
devices [1] ; trying to read them with blkid or other unspecific means will
cause kernel buffer I/O errors and timeouts. So don't run blkid on these.

Also ensure that /dev/disk/by-path creates proper symlinks and exposes the
-rpmb partition separately, instead of letting the "normal" partition symlink
point to the rpbm device (this is a race condition).

[1] http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=090d25fe224c0

https://launchpad.net/bugs/1333140
2015-02-13 08:39:07 +01:00
Thomas Hindoe Paaboel Andersen
0a6f50c0af include <poll.h> instead of <sys/poll.h>
include-what-you-use automatically does this and it makes finding
unnecessary harder to spot. The only content of poll.h is a include
of sys/poll.h so should be harmless.
2015-02-12 20:47:38 +01:00
Thomas Hindoe Paaboel Andersen
c1ff5570f4 Add missing includes in header files
This fixes various issues found by globally reordering the include
sections of all .c files.
2015-02-12 20:44:32 +01:00
Thomas Hindoe Paaboel Andersen
76f282c636 test-util: remove superfluous const 2015-02-12 20:44:11 +01:00
Thomas Hindoe Paaboel Andersen
8744505aae remove unused variable 2015-02-12 20:44:06 +01:00
Lennart Poettering
cf1d0302ae exec: also evaluate working_directory_missing_ok when not applying chroots 2015-02-12 18:58:43 +01:00
Lennart Poettering
615aaf412c NEWS: begin collecting news items for 219 2015-02-12 18:44:55 +01:00
Tom Gundersen
5c3072eab6 networkd: explicitly enable/disable ipv6ll addresses
The kernel does not like getting an empty container, so just always pass the parameter, even if
it is the default.
2015-02-12 14:23:02 +01:00
Lennart Poettering
424d110ac0 hwdb: adjust --help text to be more like other --help texts
Fix capitalization, indentation, make sure we support --version, and
similar.
2015-02-12 13:17:08 +01:00
Lennart Poettering
c2cc6b9aef core: disarm shutdown watchdog if we fail to set timeout
Better safe than sorry, if drivers are stupid, and reset immediately on
device closing if the timeout could not be initialized.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777735
2015-02-12 12:28:48 +01:00
Lennart Poettering
4c08c8242a core: don't fail to run services in --user instances if $HOME is missing
Otherwise we cannot even invoke systemd-exit.service anymore, thus not
even exit.

https://bugs.freedesktop.org/show_bug.cgi?id=83100
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759320
2015-02-12 12:21:16 +01:00
Lennart Poettering
a38d99451f Revert "tree-wide: Always use recvmsg with MSG_CMSG_CLOEXEC"
This reverts commit d6d810fbf8071f8510450dbacd1d083f37603656.

It's apparently not OK to pass MSG_CMSG_CLOEXEC to recvmsg() of raw
sockets.
2015-02-12 11:45:39 +01:00
Marcel Holtmann
d01efa0744 missing: add __NR_getrandom for powerpc architecture 2015-02-11 22:16:07 +01:00
Lennart Poettering
d54ddab8cb core: don't watch for socket events when service is in SERVICE_STOP
If a service has an ExecStop= program that uses the socket the service was
activated by to tell it to terminate, then that should not be used as
trigger to start the service again.

http://lists.freedesktop.org/archives/systemd-devel/2015-February/028058.html
2015-02-11 21:25:30 +01:00
Michael Olbrich
c31c4324c5 systemctl: don't update the reboot parameter if none is given
Otherwise systemd-reboot.service will remove the parameter that was set
before. This was broken in commit "b986229efe2cc96157aa14c37bab7843311bbef1
systemctl: bugfix for systemctl reboot command with argument"
2015-02-11 20:37:16 +01:00
Lennart Poettering
418761f586 core: correct a log message
The log message talks specifically about services, though it actually
applies to any kind of unit.
2015-02-11 18:51:37 +01:00
Lennart Poettering
eef46c372f tree-wide: whenever we include libgen.h, immediately undefine basename()
Also, document in adjacent comments and in CODING_STYLE why we do that.
2015-02-11 18:50:38 +01:00
Cristian Rodríguez
e89fe484df core: remove unneeded <libgen.h> include
execute.c only uses basename (the GNU version in <string.h>)
2015-02-11 18:31:29 +01:00
Lennart Poettering
a24111cea6 Revert "units: add SecureBits"
This reverts commit 6a716208b346b742053cfd01e76f76fb27c4ea47.

Apparently this doesn't work.

http://lists.freedesktop.org/archives/systemd-devel/2015-February/028212.html
2015-02-11 18:28:06 +01:00
Robert Milasan
e203dc1076 ata_id: remove unused header files
Signed-off-by: Robert Milasan <rmilasan@suse.com>
2015-02-11 18:02:04 +01:00
Topi Miettinen
6a716208b3 units: add SecureBits
No setuid programs are expected to be executed, so add
SecureBits=noroot noroot-locked
to unit files.
2015-02-11 17:33:36 +01:00
Torstein Husebø
c4c086a2e3 man: fix typo 2015-02-11 17:30:31 +01:00