1
0
mirror of https://github.com/systemd/systemd.git synced 2024-11-08 11:27:32 +03:00
Commit Graph

21702 Commits

Author SHA1 Message Date
Evgeny Vereshchagin
f4b8163b97 man: add systemd-cgls as tool that shows the cgroup hierarchy 2015-08-17 19:16:04 +00:00
Lennart Poettering
f90c90b4a1 Merge pull request #977 from richardmaw-codethink/machinectl-userns-login-v2
Fix machinectl login with containers in user namespaces (v2)
2015-08-17 15:12:15 +02:00
Lennart Poettering
aaa2a3abf9 Merge pull request #976 from elfring/Remove_unnecessary_checks2
Delete unnecessary checks before some function calls
2015-08-17 11:30:31 +02:00
Lennart Poettering
22175a39e8 Merge pull request #958 from stefwalter/fix-journalctl-f-regression
Regression: 'journalctl -f -t unmatched' doesn't block properly
2015-08-17 11:19:14 +02:00
Richard Maw
671c341958 namespace helpers: Allow entering a UID namespace
To be able to use `systemd-run` or `machinectl login` on a container
that is in a private user namespace, the sub-process must have entered
the user namespace before connecting to the container's D-Bus, otherwise
the UID and GID in the peer credentials are garbage.

So we extend namespace_open and namespace_enter to support UID namespaces,
and we enter the UID namespace in bus_container_connect_{socket,kernel}.

namespace_open will degrade to a no-op if user namespaces are not enabled
in the kernel.

Special handling is required for the setns call in namespace_enter with
a user namespace, since transitioning to your own namespace is forbidden,
as it would result in re-entering your user namespace as root.

Arguably it may be valid to check this at the call site, rather than
inside namespace_enter, but it is less code to do it inside, and if the
intention of calling namespace_enter is to *be* in the target namespace,
rather than to transition to the target namespace, it is a reasonable
approach.

The check for whether the user namespace is the same must happen before
entering namespaces, as we may not be able to access /proc during the
intermediate transition stage.

We can't instead attempt to enter the user namespace and then ignore
the failure from it being the same namespace, since the error code is
not distinct, and we can't compare namespaces while mid-transition.
2015-08-17 08:52:13 +00:00
Markus Elfring
3e044c492e Bug #944: Deletion of unnecessary checks before a few calls of systemd functions
The following functions return immediately if a null pointer was passed.
* calendar_spec_free
* link_address_free
* manager_free
* sd_bus_unref
* sd_journal_close
* udev_monitor_unref
* udev_unref

It is therefore not needed that a function caller repeats a corresponding check.

This issue was fixed by using the software Coccinelle 1.0.1.
2015-08-17 10:45:30 +02:00
Daniel Mack
e503467fa0 Merge pull request #953 from poettering/ebadf
tree-wide: generate EBADF when we get invalid fds
2015-08-17 10:10:04 +02:00
Daniel Mack
4fe66a7155 Merge pull request #970 from poettering/timedatectl-set-netp
man: extend documentation for timedatectl's set-ntp command
2015-08-17 10:09:16 +02:00
Daniel Mack
2f258a317d Merge pull request #973 from poettering/sd-bus-error-ret
sd-bus: always fill in sd_bus_error paramters, on error
2015-08-17 10:07:27 +02:00
Daniel Mack
e036a5f1d5 Merge pull request #974 from teg/resolved-fixes-2
resolved: debugging improvements
2015-08-17 10:04:31 +02:00
Stef Walter
c51e1a9635 journalctl: make sure 'journalctl -f -t unmatched' blocks
Previously the following command:

$ journalctl -f -t unmatchedtag12345

... would block when called with criteria that did not match any
journal lines. Once log lines appeared that matched the criteria
they were displayed.

Commit 02ab86c732 broke this
behavior and the journal was not followed, but the command
exits with '-- No entries --' displayed.

This commit fixes the issue.

More information downstream:

https://bugzilla.redhat.com/show_bug.cgi?id=1253649
2015-08-17 09:51:51 +02:00
Markus Elfring
dc4ebc0787 Bug #944: Deletion of unnecessary checks before calls of the function "free"
The function "free" is documented in the way that no action shall occur for
a passed null pointer. It is therefore not needed that a function caller
repeats a corresponding check.
http://stackoverflow.com/questions/18775608/free-a-null-pointer-anyway-or-check-first

This issue was fixed by using the software Coccinelle 1.0.1.
2015-08-17 09:30:49 +02:00
Markus Elfring
f00ef7f5d4 Bug #944: Replacement of a free() call by mfree()
The function "mfree" should be called instead of "free" at a specific
source code place.
2015-08-17 09:10:56 +02:00
Tom Gundersen
6b34a6c995 resolved: cache - add more detailed cache debug logging 2015-08-17 07:18:30 +02:00
Lennart Poettering
759e02e79d sd-bus: always fill in sd_bus_error paramters, on error
Whenever one of our calls is invoked with a non-NULL, writable
sd_bus_error parameter, let's fill in some valid error on failure. We
previously only filled in remote errors, but never local errors, which is
hard to handle by users. Hence, let's clean this up to always fill in
the error.

This introduces a new bus_assert_return() macro that works like
assert_return() but optionally also initializes a bus_error struct.

Fixes #224.

Based on a patch by Umut Tezduyar.
2015-08-16 22:13:34 +02:00
Lennart Poettering
0d4605ec3c update TODO 2015-08-16 21:59:58 +02:00
Lennart Poettering
0038aed166 Merge pull request #908 from richardmaw-codethink/nspawn-path-escapes-v3
Allow arbitrary file paths to be passed to nspawn (v3)
2015-08-16 21:32:03 +02:00
Lennart Poettering
d1584b9f5b README: drop reference to Endocode
Chris Kühl does not work at Endocode anymore, the contact data is no
longer valid.
2015-08-16 21:06:42 +02:00
Tom Gundersen
17018c3cc7 TODO 2015-08-16 20:52:30 +02:00
Tom Gundersen
7499840853 resolve-host: print RTT 2015-08-16 20:52:21 +02:00
Tom Gundersen
6b9308d14b resolved: packet - fix typo in read_rr() 2015-08-16 20:52:21 +02:00
Tom Gundersen
0125ed22e3 Merge pull request #955 from poettering/resolved-localhost-xyz
resolved: enable synthesizing of A, AAAA and PTR records for "localhost"
2015-08-16 20:46:11 +02:00
Tom Gundersen
3aeae87664 Merge pull request #954 from poettering/nss-myhostname-loopback
nss-myhostname: use LOOPBACK_IFINDEX instead of if_nametoindex("lo")
2015-08-16 20:38:32 +02:00
Tom Gundersen
53576a7010 Merge pull request #972 from poettering/resolve-host-auto-start
resolve-host: enable auto start of resolved
2015-08-16 20:37:52 +02:00
Lennart Poettering
50d25fb08b resolve-host: enable auto start of resolved
There's no reason to explicitly turn off bus activation for resolved
here. The reason this was done before was that the code was copied from
nss-resolve, which has a fallback to glibc's nss-dns if resolved is not
reachable. However, such a logic makes no sense for resolve-host since
such a fallback doesn't make sense here, which means we can actually
turn on activation. Let's do it hence.
2015-08-16 20:29:23 +02:00
Lennart Poettering
7d19344a99 Merge pull request #971 from evverx/news-fix
NEWS: fix the "indirect" state description
2015-08-16 20:24:25 +02:00
Evgeny Vereshchagin
c7683ffb53 NEWS: fix the "indirect" state description 2015-08-16 18:10:23 +00:00
Lennart Poettering
7b0991c617 Merge pull request #931 from spartacus06/update-completion-machinectl
Update shell completion for machinectl
2015-08-16 19:58:49 +02:00
Lennart Poettering
8731be1a52 man: extend documentation for timedatectl's set-ntp command
This extends on the relationship between timedatectl's set-ntp command
and its effect on the systemd-timesyncd.service unit. This also links
that unit back to the timedatectl man page.

Closes #798.
2015-08-16 18:29:54 +02:00
Lennart Poettering
e6a26d8c97 update TODO 2015-08-16 18:25:34 +02:00
Seth Jennings
4f8f4c310c shell-completion: use list-images rather than list
"machinectl list" only lists running machines while many of the MACHINES
commands use names of images; both running and non-running.

List machines from both "list" and "list-images" and use sort -u to
avoid duplicates.
2015-08-16 11:20:21 -05:00
Seth Jennings
6eb8bec62d shell-completion: update machinectl bash completion
Many new subcommands have been added since the bash completion was last
updated.  Bring it up to speed.
2015-08-16 11:19:36 -05:00
Lennart Poettering
6416a35db1 Merge pull request #930 from richardmaw-codethink/man-when-exec-start-post
man: Describe when ExecStartFoo= commands are run in more detail
2015-08-16 18:11:18 +02:00
Lennart Poettering
81f5fc1c5c Merge pull request #918 from thomasmey/uml-fix
UML: Fix block device setup
2015-08-16 17:07:28 +02:00
Lennart Poettering
9c75b2538a Merge pull request #947 from evverx/bash-completion
Update bash-completion: generate all unit types
2015-08-16 17:04:57 +02:00
Evgeny Vereshchagin
adb0c25eb6 bash-completion: generate unit type list from systemctl -t help option 2015-08-16 14:53:21 +00:00
Lennart Poettering
e59679246e Merge pull request #932 from kaysievers/bus
sd-bus: do not connect to dbus-1 socket when kdbus is available
2015-08-16 14:34:36 +02:00
Ronny Chevalier
ab5838fce7 Merge pull request #968 from alkino/master
zsh completion: update busctl
2015-08-15 14:21:42 +02:00
Nicolas Cornu
cade10ccef zsh completion: update busctl 2015-08-15 13:58:05 +02:00
Lennart Poettering
8ac43fee1a tree-wide: generate EBADF when we get invalid fds
This is a follow-up to #907, and makes the same change for all our other
public APIs.
2015-08-14 18:23:16 +02:00
Daniel Mack
6c269e6402 Merge pull request #948 from phomes/master
logind: actually fail on OOM
2015-08-14 13:31:36 +02:00
Lennart Poettering
9b644bf921 resolved: never allow routing of "localhost" queries to DNS or LLMNR
We should never allow leaking of "localhost" queries onto the network,
even if there's an explicit domain rotue set for this.
2015-08-14 13:21:28 +02:00
Lennart Poettering
2a1037af15 resolved: locally synthesize replies for "localhost"
Let's make sure that clients querying resolved via the bus for A, AAAA
or PTR records for "localhost" get a synthesized, local reply, so that
we do not hit the network.

This makes part of nss-myhostname redundant, if used in conjunction.
However, given that nss-resolve shall be optional we need to keep this
code in both places for now.
2015-08-14 13:17:05 +02:00
Lennart Poettering
f43242886c nss-myhostname: use LOOPBACK_IFINDEX instead of if_nametoindex("lo")
Given that we already hardocde the loopback ifindex, following the
kernel's own logic, we can replace the invocation of
if_nametoindex("lo") with LOOPBACK_IFINDEX.
2015-08-14 13:11:04 +02:00
Lennart Poettering
c5974b33e7 update TODO 2015-08-14 12:47:57 +02:00
Thomas Hindoe Paaboel Andersen
88231eb62c logind: actually fail on OOM
Since dacd6cee76 the two OOM's are
ignored as the value of r will be overwritten and we only log in
the fail section anyway.

This patch jumps to fail on OOM.

Note that this is different behavior compared to both the current
code and previous to dacd6cee76. Before
that commit we would log that saving the inhibit data failed, but
still write the file, though without the WHO/WHY section.

CID# 1313545
2015-08-13 23:53:49 +02:00
Lennart Poettering
3326332eb9 Merge pull request #907 from keszybz/sd-daemon-badf
sd-daemon: return EBADF for invalid fd numbers
2015-08-13 21:54:56 +03:00
Daniel Mack
b69c7e104b Merge pull request #941 from phomes/master
hwdb: add DPI for a few more mice
2015-08-13 17:57:09 +02:00
Thomas Hindoe Paaboel Andersen
6b829dddc6 hwdb: add DPI for a few more mice 2015-08-12 22:29:28 +02:00
Kay Sievers
bae0c4aa19 Merge pull request #938 from tblume/fix-kexec-force-reboot
support reboot -f for kexec kernel
2015-08-12 16:08:18 +02:00