Merge branch 'notsystemd/postmove' into notsystemd/master

# Conflicts: # src/grp-journal/systemd-journald/Makefile # src/grp-login/systemd-logind/Makefile # src/grp-machine/grp-import/systemd-export/Makefile # src/grp-machine/grp-import/systemd-import/Makefile # src/grp-machine/grp-import/systemd-pull/Makefile # src/grp-machine/systemd-machined/Makefile # src/grp-network/libnetworkd-core/Makefile # src/grp-resolve/libbasic-dns/Makefile # src/grp-resolve/systemd-resolved/Makefile # src/grp-utils/systemd-path/Makefile # src/libshared/src/Makefile # src/libsystemd-network/include/systemd-network/sd-ndisc.h # src/libsystemd/Makefile # src/libsystemd/src/test.mk # src/libudev/Makefile # src/systemd-dbus1-generator/Makefile # src/systemd-nspawn/nspawn.c Signed-off-by: Luke Shumaker <lukeshu@sbcglobal.net>
author: Luke Shumaker <lukeshu@sbcglobal.net> 2016-09-14 18:33:57 -0400
committer: Luke Shumaker <lukeshu@sbcglobal.net> 2016-09-14 18:33:57 -0400
commit: 3c72c8d3ee67388336aca58c5afa3fb93a9c24c0 (patch)
tree: d072df7fee0f5906fad88c08398b2fe887cbc064 /src/grp-machine/grp-import
parent: e51613a3291342c6006edda8783755fb8994fd75 (diff)
parent: 6ba6ca19507add38549e07058c57489a8cd98cd1 (diff)
11 files changed, 16 insertions, 23 deletions
diff --git a/src/grp-machine/grp-import/libimport/Makefile b/src/grp-machine/grp-import/libimport/Makefile
index 5691d0bba1..ee10c0f6df 100644
--- a/src/grp-machine/grp-import/libimport/Makefile
+++ b/src/grp-machine/grp-import/libimport/Makefile
@@ -45,7 +45,7 @@ test_qcow2_CFLAGS = \
 	$(ZLIB_CFLAGS)
 
 test_qcow2_LDADD = \
-	libshared.la \
+	libsystemd-shared.la \
 	$(ZLIB_LIBS)
 
 include $(topsrcdir)/build-aux/Makefile.tail.mk
diff --git a/src/grp-machine/grp-import/libimport/import-common.c b/src/grp-machine/grp-import/libimport/import-common.c
index cd69e900ec..9061cd4da1 100644
--- a/src/grp-machine/grp-import/libimport/import-common.c
+++ b/src/grp-machine/grp-import/libimport/import-common.c
@@ -126,9 +126,7 @@ int import_fork_tar_x(const char *path, pid_t *ret) {
                 if (null_fd != STDOUT_FILENO)
                         null_fd = safe_close(null_fd);
 
-                fd_cloexec(STDIN_FILENO, false);
-                fd_cloexec(STDOUT_FILENO, false);
-                fd_cloexec(STDERR_FILENO, false);
+                stdio_unset_cloexec();
 
                 if (unshare(CLONE_NEWNET) < 0)
                         log_error_errno(errno, "Failed to lock tar into network namespace, ignoring: %m");
@@ -200,9 +198,7 @@ int import_fork_tar_c(const char *path, pid_t *ret) {
                 if (null_fd != STDIN_FILENO)
                         null_fd = safe_close(null_fd);
 
-                fd_cloexec(STDIN_FILENO, false);
-                fd_cloexec(STDOUT_FILENO, false);
-                fd_cloexec(STDERR_FILENO, false);
+                stdio_unset_cloexec();
 
                 if (unshare(CLONE_NEWNET) < 0)
                         log_error_errno(errno, "Failed to lock tar into network namespace, ignoring: %m");
diff --git a/src/grp-machine/grp-import/systemd-export/Makefile b/src/grp-machine/grp-import/systemd-export/Makefile
index f8fcbc3cca..aa8792565a 100644
--- a/src/grp-machine/grp-import/systemd-export/Makefile
+++ b/src/grp-machine/grp-import/systemd-export/Makefile
@@ -39,7 +39,7 @@ systemd_export_CFLAGS = \
 	$(BZIP2_CFLAGS)
 
 systemd_export_LDADD = \
-	libshared.la \
+	libsystemd-shared.la \
 	libimport.la \
 	$(XZ_LIBS) \
 	$(ZLIB_LIBS) \
diff --git a/src/grp-machine/grp-import/systemd-import/Makefile b/src/grp-machine/grp-import/systemd-import/Makefile
index 06fd01fcd7..221659c346 100644
--- a/src/grp-machine/grp-import/systemd-import/Makefile
+++ b/src/grp-machine/grp-import/systemd-import/Makefile
@@ -38,8 +38,7 @@ systemd_import_CFLAGS = \
 	$(BZIP2_CFLAGS)
 
 systemd_import_LDADD = \
-	libshared.la \
-	libimport.la \
+	libsystemd-shared.la \
 	$(XZ_LIBS) \
 	$(ZLIB_LIBS) \
 	$(BZIP2_LIBS)
diff --git a/src/grp-machine/grp-import/systemd-import/import.c b/src/grp-machine/grp-import/systemd-import/import.c
index 6744006312..38fe7f8110 100644
--- a/src/grp-machine/grp-import/systemd-import/import.c
+++ b/src/grp-machine/grp-import/systemd-import/import.c
@@ -91,7 +91,7 @@ static int import_tar(int argc, char *argv[], void *userdata) {
                         if (r < 0)
                                 return log_error_errno(r, "Failed to check whether image '%s' exists: %m", local);
                         else if (r > 0) {
-                                log_error_errno(EEXIST, "Image '%s' already exists.", local);
+                                log_error("Image '%s' already exists.", local);
                                 return -EEXIST;
                         }
                 }
@@ -186,7 +186,7 @@ static int import_raw(int argc, char *argv[], void *userdata) {
                         if (r < 0)
                                 return log_error_errno(r, "Failed to check whether image '%s' exists: %m", local);
                         else if (r > 0) {
-                                log_error_errno(EEXIST, "Image '%s' already exists.", local);
+                                log_error("Image '%s' already exists.", local);
                                 return -EEXIST;
                         }
                 }
diff --git a/src/grp-machine/grp-import/systemd-importd/Makefile b/src/grp-machine/grp-import/systemd-importd/Makefile
index 1f5bae1267..e00f531a0d 100644
--- a/src/grp-machine/grp-import/systemd-importd/Makefile
+++ b/src/grp-machine/grp-import/systemd-importd/Makefile
@@ -34,9 +34,9 @@ systemd_importd_CFLAGS = \
 	-D SYSTEMD_EXPORT_PATH=\"$(rootlibexecdir)/systemd-export\"
 
 systemd_importd_LDADD = \
-	libshared.la
+	libsystemd-shared.la
 
-dist_rootlibexec_DATA = \
+dist_rootlibexec_DATA += \
 	src/import/import-pubring.gpg
 
 nodist_systemunit_DATA += \
diff --git a/src/grp-machine/grp-import/systemd-importd/importd.c b/src/grp-machine/grp-import/systemd-importd/importd.c
index e790c0c475..f032f06fcf 100644
--- a/src/grp-machine/grp-import/systemd-importd/importd.c
+++ b/src/grp-machine/grp-import/systemd-importd/importd.c
@@ -448,9 +448,7 @@ static int transfer_start(Transfer *t) {
                                 safe_close(null_fd);
                 }
 
-                fd_cloexec(STDIN_FILENO, false);
-                fd_cloexec(STDOUT_FILENO, false);
-                fd_cloexec(STDERR_FILENO, false);
+                stdio_unset_cloexec();
 
                 setenv("SYSTEMD_LOG_TARGET", "console-prefixed", 1);
                 setenv("NOTIFY_SOCKET", "/run/systemd/import/notify", 1);
diff --git a/src/grp-machine/grp-import/systemd-importd/systemd-importd.service.in b/src/grp-machine/grp-import/systemd-importd/systemd-importd.service.in
index b74ad72cdc..0f5489e7e3 100644
--- a/src/grp-machine/grp-import/systemd-importd/systemd-importd.service.in
+++ b/src/grp-machine/grp-import/systemd-importd/systemd-importd.service.in
@@ -17,3 +17,5 @@ CapabilityBoundingSet=CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD CAP_SETFCAP CAP_
 NoNewPrivileges=yes
 WatchdogSec=3min
 KillMode=mixed
+MemoryDenyWriteExecute=yes
+SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @mount @obsolete @raw-io
diff --git a/src/grp-machine/grp-import/systemd-pull/Makefile b/src/grp-machine/grp-import/systemd-pull/Makefile
index 1ee9fa25de..780a5a4610 100644
--- a/src/grp-machine/grp-import/systemd-pull/Makefile
+++ b/src/grp-machine/grp-import/systemd-pull/Makefile
@@ -48,8 +48,8 @@ systemd_pull_CFLAGS = \
 	-D USER_KEYRING_PATH=\"$(pkgsysconfdir)/import-pubring.gpg\"
 
 systemd_pull_LDADD = \
+	libsystemd-shared.la \
 	libimport.la \
-	libshared.la \
 	$(LIBCURL_LIBS) \
 	$(XZ_LIBS) \
 	$(ZLIB_LIBS) \
diff --git a/src/grp-machine/grp-import/systemd-pull/pull-common.c b/src/grp-machine/grp-import/systemd-pull/pull-common.c
index f5815c216d..bd1623e003 100644
--- a/src/grp-machine/grp-import/systemd-pull/pull-common.c
+++ b/src/grp-machine/grp-import/systemd-pull/pull-common.c
@@ -507,9 +507,7 @@ int pull_verify(PullJob *main_job,
                 cmd[k++] = "-";
                 cmd[k++] = NULL;
 
-                fd_cloexec(STDIN_FILENO, false);
-                fd_cloexec(STDOUT_FILENO, false);
-                fd_cloexec(STDERR_FILENO, false);
+                stdio_unset_cloexec();
 
                 execvp("gpg2", (char * const *) cmd);
                 execvp("gpg", (char * const *) cmd);
diff --git a/src/grp-machine/grp-import/systemd-pull/pull.c b/src/grp-machine/grp-import/systemd-pull/pull.c
index 166f91d6e1..4153c938d8 100644
--- a/src/grp-machine/grp-import/systemd-pull/pull.c
+++ b/src/grp-machine/grp-import/systemd-pull/pull.c
@@ -98,7 +98,7 @@ static int pull_tar(int argc, char *argv[], void *userdata) {
                         if (r < 0)
                                 return log_error_errno(r, "Failed to check whether image '%s' exists: %m", local);
                         else if (r > 0) {
-                                log_error_errno(EEXIST, "Image '%s' already exists.", local);
+                                log_error("Image '%s' already exists.", local);
                                 return -EEXIST;
                         }
                 }
@@ -184,7 +184,7 @@ static int pull_raw(int argc, char *argv[], void *userdata) {
                         if (r < 0)
                                 return log_error_errno(r, "Failed to check whether image '%s' exists: %m", local);
                         else if (r > 0) {
-                                log_error_errno(EEXIST, "Image '%s' already exists.", local);
+                                log_error("Image '%s' already exists.", local);
                                 return -EEXIST;
                         }
                 }
author	Luke Shumaker <lukeshu@sbcglobal.net>	2016-09-14 18:33:57 -0400
committer	Luke Shumaker <lukeshu@sbcglobal.net>	2016-09-14 18:33:57 -0400
commit	3c72c8d3ee67388336aca58c5afa3fb93a9c24c0 (patch)
tree	d072df7fee0f5906fad88c08398b2fe887cbc064 /src/grp-machine/grp-import
parent	e51613a3291342c6006edda8783755fb8994fd75 (diff)
parent	6ba6ca19507add38549e07058c57489a8cd98cd1 (diff)