diff options
Diffstat (limited to 'src/core')
| -rw-r--r-- | src/core/dbus.c | 46 | ||||
| -rw-r--r-- | src/core/execute.c | 2 | ||||
| -rw-r--r-- | src/core/job.c | 4 | ||||
| -rw-r--r-- | src/core/kmod-setup.c | 2 | ||||
| -rw-r--r-- | src/core/machine-id-setup.c | 2 | ||||
| -rw-r--r-- | src/core/main.c | 44 | ||||
| -rw-r--r-- | src/core/mount-setup.c | 3 | ||||
| -rw-r--r-- | src/core/path.c | 2 | ||||
| -rw-r--r-- | src/core/service.c | 2 | ||||
| -rw-r--r-- | src/core/smack-setup.c | 2 | ||||
| -rw-r--r-- | src/core/socket.c | 7 |
11 files changed, 73 insertions, 43 deletions
diff --git a/src/core/dbus.c b/src/core/dbus.c index 86886e6d2c..057653a8b5 100644 --- a/src/core/dbus.c +++ b/src/core/dbus.c @@ -69,13 +69,37 @@ int bus_send_queued_message(Manager *m) { } static int signal_agent_released(sd_bus_message *message, void *userdata, sd_bus_error *error) { + _cleanup_bus_creds_unref_ sd_bus_creds *creds = NULL; + const char *cgroup, *me; Manager *m = userdata; - const char *cgroup; + uid_t sender_uid; + sd_bus *bus; int r; assert(message); assert(m); + /* ignore recursive events sent by us on the system/user bus */ + bus = sd_bus_message_get_bus(message); + if (!sd_bus_is_server(bus)) { + r = sd_bus_get_unique_name(bus, &me); + if (r < 0) + return r; + + if (streq_ptr(sd_bus_message_get_sender(message), me)) + return 0; + } + + /* only accept org.freedesktop.systemd1.Agent from UID=0 */ + r = sd_bus_query_sender_creds(message, SD_BUS_CREDS_EUID, &creds); + if (r < 0) + return r; + + r = sd_bus_creds_get_euid(creds, &sender_uid); + if (r < 0 || sender_uid != 0) + return 0; + + /* parse 'cgroup-empty' notification */ r = sd_bus_message_read(message, "s", &cgroup); if (r < 0) { bus_log_parse_error(r); @@ -84,19 +108,15 @@ static int signal_agent_released(sd_bus_message *message, void *userdata, sd_bus manager_notify_cgroup_empty(m, cgroup); - /* only forward to system bus if running as system instance */ - if (m->running_as != MANAGER_SYSTEM || !m->system_bus) - return 0; - - r = sd_bus_message_rewind(message, 1); - if (r < 0) - goto exit; - - r = sd_bus_send(m->system_bus, message, NULL); + /* if running as system-instance, forward under our name */ + if (m->running_as == MANAGER_SYSTEM && m->system_bus) { + r = sd_bus_message_rewind(message, 1); + if (r >= 0) + r = sd_bus_send(m->system_bus, message, NULL); + if (r < 0) + log_warning_errno(r, "Failed to forward Released message: %m"); + } -exit: - if (r < 0) - log_warning_errno(r, "Failed to forward Released message: %m"); return 0; } diff --git a/src/core/execute.c b/src/core/execute.c index c92db51330..21721dc240 100644 --- a/src/core/execute.c +++ b/src/core/execute.c @@ -1446,7 +1446,7 @@ static int exec_child( * shouldn't trip up over that. */ sprintf(t, "%i", context->oom_score_adjust); - r = write_string_file("/proc/self/oom_score_adj", t); + r = write_string_file("/proc/self/oom_score_adj", t, 0); if (r == -EPERM || r == -EACCES) { log_open(); log_unit_debug_errno(unit, r, "Failed to adjust OOM setting, assuming containerized execution, ignoring: %m"); diff --git a/src/core/job.c b/src/core/job.c index 8a047df0c3..1448e5b69a 100644 --- a/src/core/job.c +++ b/src/core/job.c @@ -452,7 +452,7 @@ static bool job_is_runnable(Job *j) { j->type == JOB_RELOAD) { /* Immediate result is that the job is or might be - * started. In this case lets wait for the + * started. In this case let's wait for the * dependencies, regardless whether they are * starting or stopping something. */ @@ -462,7 +462,7 @@ static bool job_is_runnable(Job *j) { } /* Also, if something else is being stopped and we should - * change state after it, then lets wait. */ + * change state after it, then let's wait. */ SET_FOREACH(other, j->unit->dependencies[UNIT_BEFORE], i) if (other->job && diff --git a/src/core/kmod-setup.c b/src/core/kmod-setup.c index e7a6bdc8c4..fc6d2f4acb 100644 --- a/src/core/kmod-setup.c +++ b/src/core/kmod-setup.c @@ -116,7 +116,7 @@ int kmod_setup(void) { else if (r == KMOD_PROBE_APPLY_BLACKLIST) log_info("Module '%s' is blacklisted", kmod_module_get_name(mod)); else { - bool print_warning = kmod_table[i].warn_if_unavailable || (r < 0 && r != -ENOSYS); + bool print_warning = kmod_table[i].warn_if_unavailable || (r < 0 && r != -ENOENT); log_full_errno(print_warning ? LOG_WARNING : LOG_DEBUG, r, "Failed to insert module '%s': %m", kmod_module_get_name(mod)); diff --git a/src/core/machine-id-setup.c b/src/core/machine-id-setup.c index b3d22840cf..8e26362546 100644 --- a/src/core/machine-id-setup.c +++ b/src/core/machine-id-setup.c @@ -260,7 +260,7 @@ int machine_id_setup(const char *root) { * /run/machine-id as a replacement */ RUN_WITH_UMASK(0022) { - r = write_string_file(run_machine_id, id); + r = write_string_file(run_machine_id, id, WRITE_STRING_FILE_CREATE); } if (r < 0) { (void) unlink(run_machine_id); diff --git a/src/core/main.c b/src/core/main.c index 523f0ce020..6ae8b51544 100644 --- a/src/core/main.c +++ b/src/core/main.c @@ -685,6 +685,26 @@ static int parse_config_file(void) { return 0; } +static void manager_set_defaults(Manager *m) { + + assert(m); + + m->default_timer_accuracy_usec = arg_default_timer_accuracy_usec; + m->default_std_output = arg_default_std_output; + m->default_std_error = arg_default_std_error; + m->default_timeout_start_usec = arg_default_timeout_start_usec; + m->default_timeout_stop_usec = arg_default_timeout_stop_usec; + m->default_restart_usec = arg_default_restart_usec; + m->default_start_limit_interval = arg_default_start_limit_interval; + m->default_start_limit_burst = arg_default_start_limit_burst; + m->default_cpu_accounting = arg_default_cpu_accounting; + m->default_blockio_accounting = arg_default_blockio_accounting; + m->default_memory_accounting = arg_default_memory_accounting; + + manager_set_default_rlimits(m, arg_default_rlimit); + manager_environment_add(m, NULL, arg_default_environment); +} + static int parse_argv(int argc, char *argv[]) { enum { @@ -1203,7 +1223,7 @@ static int write_container_id(void) { if (isempty(c)) return 0; - return write_string_file("/run/systemd/container", c); + return write_string_file("/run/systemd/container", c, WRITE_STRING_FILE_CREATE); } int main(int argc, char *argv[]) { @@ -1630,28 +1650,15 @@ int main(int argc, char *argv[]) { } m->confirm_spawn = arg_confirm_spawn; - m->default_timer_accuracy_usec = arg_default_timer_accuracy_usec; - m->default_std_output = arg_default_std_output; - m->default_std_error = arg_default_std_error; - m->default_restart_usec = arg_default_restart_usec; - m->default_timeout_start_usec = arg_default_timeout_start_usec; - m->default_timeout_stop_usec = arg_default_timeout_stop_usec; - m->default_start_limit_interval = arg_default_start_limit_interval; - m->default_start_limit_burst = arg_default_start_limit_burst; - m->default_cpu_accounting = arg_default_cpu_accounting; - m->default_blockio_accounting = arg_default_blockio_accounting; - m->default_memory_accounting = arg_default_memory_accounting; m->runtime_watchdog = arg_runtime_watchdog; m->shutdown_watchdog = arg_shutdown_watchdog; - m->userspace_timestamp = userspace_timestamp; m->kernel_timestamp = kernel_timestamp; m->initrd_timestamp = initrd_timestamp; m->security_start_timestamp = security_start_timestamp; m->security_finish_timestamp = security_finish_timestamp; - manager_set_default_rlimits(m, arg_default_rlimit); - manager_environment_add(m, NULL, arg_default_environment); + manager_set_defaults(m); manager_set_show_status(m, arg_show_status); manager_set_first_boot(m, empty_etc); @@ -1763,6 +1770,13 @@ int main(int argc, char *argv[]) { case MANAGER_RELOAD: log_info("Reloading."); + + r = parse_config_file(); + if (r < 0) + log_error("Failed to parse config file."); + + manager_set_defaults(m); + r = manager_reload(m); if (r < 0) log_error_errno(r, "Failed to reload: %m"); diff --git a/src/core/mount-setup.c b/src/core/mount-setup.c index 42a6b952b9..1782d40720 100644 --- a/src/core/mount-setup.c +++ b/src/core/mount-setup.c @@ -27,6 +27,7 @@ #include "mount-setup.h" #include "dev-setup.h" +#include "bus-util.h" #include "log.h" #include "macro.h" #include "util.h" @@ -105,7 +106,7 @@ static const MountPoint mount_table[] = { is_efi_boot, MNT_NONE }, #endif { "kdbusfs", "/sys/fs/kdbus", "kdbusfs", NULL, MS_NOSUID|MS_NOEXEC|MS_NODEV, - NULL, MNT_IN_CONTAINER }, + is_kdbus_wanted, MNT_IN_CONTAINER }, }; /* These are API file systems that might be mounted by other software, diff --git a/src/core/path.c b/src/core/path.c index 6d26d89e82..20995d920c 100644 --- a/src/core/path.c +++ b/src/core/path.c @@ -426,7 +426,7 @@ static void path_set_state(Path *p, PathState state) { path_unwatch(p); if (state != old_state) - log_debug("Changed %s -> %s", path_state_to_string(old_state), path_state_to_string(state)); + log_unit_debug(UNIT(p), "Changed %s -> %s", path_state_to_string(old_state), path_state_to_string(state)); unit_notify(UNIT(p), state_translation_table[old_state], state_translation_table[state], true); } diff --git a/src/core/service.c b/src/core/service.c index fa1e80b710..d72ff54daa 100644 --- a/src/core/service.c +++ b/src/core/service.c @@ -1235,7 +1235,7 @@ static int main_pid_good(Service *s) { /* Returns 0 if the pid is dead, 1 if it is good, -1 if we * don't know */ - /* If we know the pid file, then lets just check if it is + /* If we know the pid file, then let's just check if it is * still valid */ if (s->main_pid_known) { diff --git a/src/core/smack-setup.c b/src/core/smack-setup.c index ddb02a1580..cbe7d0b4a9 100644 --- a/src/core/smack-setup.c +++ b/src/core/smack-setup.c @@ -221,7 +221,7 @@ int mac_smack_setup(bool *loaded_policy) { } #ifdef SMACK_RUN_LABEL - r = write_string_file("/proc/self/attr/current", SMACK_RUN_LABEL); + r = write_string_file("/proc/self/attr/current", SMACK_RUN_LABEL, 0); if (r) log_warning("Failed to set SMACK label \"%s\" on self: %s", SMACK_RUN_LABEL, strerror(-r)); diff --git a/src/core/socket.c b/src/core/socket.c index d3178e642b..693cbc6080 100644 --- a/src/core/socket.c +++ b/src/core/socket.c @@ -922,12 +922,6 @@ static void socket_apply_socket_options(Socket *s, int fd) { if (setsockopt(fd, SOL_TCP, TCP_CONGESTION, s->tcp_congestion, strlen(s->tcp_congestion)+1) < 0) log_unit_warning_errno(UNIT(s), errno, "TCP_CONGESTION failed: %m"); - if (s->reuse_port) { - int b = s->reuse_port; - if (setsockopt(fd, SOL_SOCKET, SO_REUSEPORT, &b, sizeof(b)) < 0) - log_unit_warning_errno(UNIT(s), errno, "SO_REUSEPORT failed: %m"); - } - if (s->smack_ip_in) { r = mac_smack_apply_ip_in_fd(fd, s->smack_ip_in); if (r < 0) @@ -1183,6 +1177,7 @@ static int socket_open_fds(Socket *s) { s->backlog, s->bind_ipv6_only, s->bind_to_device, + s->reuse_port, s->free_bind, s->transparent, s->directory_mode, |