Merge branch 'notsystemd/postmove' into notsystemd/master

# Conflicts: # src/grp-journal/libjournal-core/.gitignore # src/grp-system/libcore/include/core/mount.h
author: Luke Shumaker <lukeshu@sbcglobal.net> 2016-12-17 03:11:52 -0500
committer: Luke Shumaker <lukeshu@sbcglobal.net> 2016-12-17 03:11:52 -0500
commit: b849891b5dde5ee14ab8b7b7db74e65a4a38d993 (patch)
tree: 29bb0e6fda9b4b170041913de495da057bbe3621 /src/grp-hostname/systemd-hostnamed
parent: 004efebf9cc559ea131bb9460ee0ee198e2d5da7 (diff)
parent: 881228ff72434a0e3401a16bd87f179ef0ab1619 (diff)
2 files changed, 51 insertions, 52 deletions
diff --git a/src/grp-hostname/systemd-hostnamed/hostnamed.c b/src/grp-hostname/systemd-hostnamed/hostnamed.c
index a18658e92e..3e683a20ce 100644
--- a/src/grp-hostname/systemd-hostnamed/hostnamed.c
+++ b/src/grp-hostname/systemd-hostnamed/hostnamed.c
@@ -148,56 +148,61 @@ static bool valid_deployment(const char *deployment) {
 }
 
 static const char* fallback_chassis(void) {
-        int r;
         char *type;
         unsigned t;
-        int v;
+        int v, r;
 
         v = detect_virtualization();
-
         if (VIRTUALIZATION_IS_VM(v))
                 return "vm";
         if (VIRTUALIZATION_IS_CONTAINER(v))
                 return "container";
 
-        r = read_one_line_file("/sys/firmware/acpi/pm_profile", &type);
+        r = read_one_line_file("/sys/class/dmi/id/chassis_type", &type);
         if (r < 0)
-                goto try_dmi;
+                goto try_acpi;
 
         r = safe_atou(type, &t);
         free(type);
         if (r < 0)
-                goto try_dmi;
+                goto try_acpi;
 
-        /* We only list the really obvious cases here as the ACPI data
-         * is not really super reliable.
-         *
-         * See the ACPI 5.0 Spec Section 5.2.9.1 for details:
-         *
-         * http://www.acpi.info/DOWNLOADS/ACPIspec50.pdf
+        /* We only list the really obvious cases here. The DMI data is unreliable enough, so let's not do any
+           additional guesswork on top of that.
+
+           See the SMBIOS Specification 3.0 section 7.4.1 for details about the values listed here:
+
+           https://www.dmtf.org/sites/default/files/standards/documents/DSP0134_3.0.0.pdf
          */
 
-        switch(t) {
+        switch (t) {
 
-        case 1:
-        case 3:
-        case 6:
+        case 0x3: /* Desktop */
+        case 0x4: /* Low Profile Desktop */
+        case 0x6: /* Mini Tower */
+        case 0x7: /* Tower */
                 return "desktop";
 
-        case 2:
+        case 0x8: /* Portable */
+        case 0x9: /* Laptop */
+        case 0xA: /* Notebook */
+        case 0xE: /* Sub Notebook */
                 return "laptop";
 
-        case 4:
-        case 5:
-        case 7:
+        case 0xB: /* Hand Held */
+                return "handset";
+
+        case 0x11: /* Main Server Chassis */
+        case 0x1C: /* Blade */
+        case 0x1D: /* Blade Enclosure */
                 return "server";
 
-        case 8:
+        case 0x1E: /* Tablet */
                 return "tablet";
         }
 
-try_dmi:
-        r = read_one_line_file("/sys/class/dmi/id/chassis_type", &type);
+try_acpi:
+        r = read_one_line_file("/sys/firmware/acpi/pm_profile", &type);
         if (r < 0)
                 return NULL;
 
@@ -206,39 +211,29 @@ try_dmi:
         if (r < 0)
                 return NULL;
 
-        /* We only list the really obvious cases here. The DMI data is
-           unreliable enough, so let's not do any additional guesswork
-           on top of that.
-
-           See the SMBIOS Specification 3.0 section 7.4.1 for
-           details about the values listed here:
-
-           https://www.dmtf.org/sites/default/files/standards/documents/DSP0134_3.0.0.pdf
+        /* We only list the really obvious cases here as the ACPI data is not really super reliable.
+         *
+         * See the ACPI 5.0 Spec Section 5.2.9.1 for details:
+         *
+         * http://www.acpi.info/DOWNLOADS/ACPIspec50.pdf
          */
 
-        switch (t) {
+        switch(t) {
 
-        case 0x3:
-        case 0x4:
-        case 0x6:
-        case 0x7:
+        case 1: /* Desktop */
+        case 3: /* Workstation */
+        case 6: /* Appliance PC */
                 return "desktop";
 
-        case 0x8:
-        case 0x9:
-        case 0xA:
-        case 0xE:
+        case 2: /* Mobile */
                 return "laptop";
 
-        case 0xB:
-                return "handset";
-
-        case 0x11:
-        case 0x1C:
-        case 0x1D:
+        case 4: /* Enterprise Server */
+        case 5: /* SOHO Server */
+        case 7: /* Performance Server */
                 return "server";
 
-        case 0x1E:
+        case 8: /* Tablet */
                 return "tablet";
         }
 
@@ -456,7 +451,7 @@ static int method_set_hostname(sd_bus_message *m, void *userdata, sd_bus_error *
         r = context_update_kernel_hostname(c);
         if (r < 0) {
                 log_error_errno(r, "Failed to set host name: %m");
-                return sd_bus_error_set_errnof(error, r, "Failed to set hostname: %s", strerror(-r));
+                return sd_bus_error_set_errnof(error, r, "Failed to set hostname: %m");
         }
 
         log_info("Changed host name to '%s'", strna(c->data[PROP_HOSTNAME]));
@@ -517,13 +512,13 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_
         r = context_update_kernel_hostname(c);
         if (r < 0) {
                 log_error_errno(r, "Failed to set host name: %m");
-                return sd_bus_error_set_errnof(error, r, "Failed to set hostname: %s", strerror(-r));
+                return sd_bus_error_set_errnof(error, r, "Failed to set hostname: %m");
         }
 
         r = context_write_data_static_hostname(c);
         if (r < 0) {
                 log_error_errno(r, "Failed to write static host name: %m");
-                return sd_bus_error_set_errnof(error, r, "Failed to set static hostname: %s", strerror(-r));
+                return sd_bus_error_set_errnof(error, r, "Failed to set static hostname: %m");
         }
 
         log_info("Changed static host name to '%s'", strna(c->data[PROP_STATIC_HOSTNAME]));
@@ -598,7 +593,7 @@ static int set_machine_info(Context *c, sd_bus_message *m, int prop, sd_bus_mess
         r = context_write_data_machine_info(c);
         if (r < 0) {
                 log_error_errno(r, "Failed to write machine info: %m");
-                return sd_bus_error_set_errnof(error, r, "Failed to write machine info: %s", strerror(-r));
+                return sd_bus_error_set_errnof(error, r, "Failed to write machine info: %m");
         }
 
         log_info("Changed %s to '%s'",
diff --git a/src/grp-hostname/systemd-hostnamed/systemd-hostnamed.service.in b/src/grp-hostname/systemd-hostnamed/systemd-hostnamed.service.in
index 0b03a589ea..edc5a1722a 100644
--- a/src/grp-hostname/systemd-hostnamed/systemd-hostnamed.service.in
+++ b/src/grp-hostname/systemd-hostnamed/systemd-hostnamed.service.in
@@ -13,12 +13,16 @@ Documentation=http://www.freedesktop.org/wiki/Software/systemd/hostnamed
 [Service]
 ExecStart=@rootlibexecdir@/systemd-hostnamed
 BusName=org.freedesktop.hostname1
-CapabilityBoundingSet=CAP_SYS_ADMIN
 WatchdogSec=3min
+CapabilityBoundingSet=CAP_SYS_ADMIN
 PrivateTmp=yes
 PrivateDevices=yes
 PrivateNetwork=yes
 ProtectSystem=yes
 ProtectHome=yes
+ProtectControlGroups=yes
+ProtectKernelTunables=yes
 MemoryDenyWriteExecute=yes
+RestrictRealtime=yes
+RestrictAddressFamilies=AF_UNIX
 SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io
author	Luke Shumaker <lukeshu@sbcglobal.net>	2016-12-17 03:11:52 -0500
committer	Luke Shumaker <lukeshu@sbcglobal.net>	2016-12-17 03:11:52 -0500
commit	b849891b5dde5ee14ab8b7b7db74e65a4a38d993 (patch)
tree	29bb0e6fda9b4b170041913de495da057bbe3621 /src/grp-hostname/systemd-hostnamed
parent	004efebf9cc559ea131bb9460ee0ee198e2d5da7 (diff)
parent	881228ff72434a0e3401a16bd87f179ef0ab1619 (diff)