diff options
Diffstat (limited to 'src')
| -rw-r--r-- | src/boot/efi/measure.h | 5 | ||||
| -rw-r--r-- | src/boot/efi/meson.build | 2 | ||||
| -rw-r--r-- | src/cgtop/cgtop.c | 20 | ||||
| -rw-r--r-- | src/core/service.c | 3 | ||||
| -rw-r--r-- | src/hostname/meson.build | 10 | ||||
| -rw-r--r-- | src/import/pull-common.c | 1 | ||||
| -rw-r--r-- | src/import/pull-raw.c | 1 | ||||
| -rw-r--r-- | src/journal-remote/meson.build | 16 | ||||
| -rw-r--r-- | src/locale/meson.build | 8 | ||||
| -rw-r--r-- | src/machine/meson.build | 3 | ||||
| -rw-r--r-- | src/network/meson.build | 8 | ||||
| -rw-r--r-- | src/network/netdev/geneve.h | 1 | ||||
| -rw-r--r-- | src/nspawn/nspawn.c | 8 | ||||
| -rw-r--r-- | src/resolve/meson.build | 6 | ||||
| -rw-r--r-- | src/shared/efivars.c | 1 | ||||
| -rw-r--r-- | src/shared/meson.build | 19 | ||||
| -rw-r--r-- | src/shared/pager.c | 10 | ||||
| -rw-r--r-- | src/test/meson.build | 51 | ||||
| -rw-r--r-- | src/update-done/update-done.c | 21 |
19 files changed, 89 insertions, 105 deletions
diff --git a/src/boot/efi/measure.h b/src/boot/efi/measure.h index a2cfe817d0..43aa8a0058 100644 --- a/src/boot/efi/measure.h +++ b/src/boot/efi/measure.h @@ -13,9 +13,6 @@ #ifndef __SDBOOT_MEASURE_H #define __SDBOOT_MEASURE_H -#ifndef SD_TPM_PCR -#define SD_TPM_PCR 8 -#endif - EFI_STATUS tpm_log_event(UINT32 pcrindex, const EFI_PHYSICAL_ADDRESS buffer, UINTN buffer_size, const CHAR16 *description); + #endif diff --git a/src/boot/efi/meson.build b/src/boot/efi/meson.build index 6c5c856d8c..6241cb1c19 100644 --- a/src/boot/efi/meson.build +++ b/src/boot/efi/meson.build @@ -62,6 +62,8 @@ if have_gnu_efi efi_conf = configuration_data() efi_conf.set_quoted('PACKAGE_VERSION', meson.project_version()) efi_conf.set_quoted('EFI_MACHINE_TYPE_NAME', EFI_MACHINE_TYPE_NAME) + efi_conf.set('SD_BOOT_LOG_TPM', get_option('tpm')) + efi_conf.set('SD_TPM_PCR', get_option('tpm-pcrindex')) efi_config_h = configure_file( output : 'efi_config.h', diff --git a/src/cgtop/cgtop.c b/src/cgtop/cgtop.c index 67f3a99860..7ebb02fa8c 100644 --- a/src/cgtop/cgtop.c +++ b/src/cgtop/cgtop.c @@ -75,6 +75,7 @@ static usec_t arg_delay = 1*USEC_PER_SEC; static char* arg_machine = NULL; static char* arg_root = NULL; static bool arg_recursive = true; +static bool arg_recursive_unset = false; static enum { COUNT_PIDS, @@ -732,7 +733,6 @@ static int parse_argv(int argc, char *argv[]) { {} }; - bool recursive_unset = false; int c, r; assert(argc >= 1); @@ -852,7 +852,7 @@ static int parse_argv(int argc, char *argv[]) { } arg_recursive = r; - recursive_unset = r == 0; + arg_recursive_unset = r == 0; break; case 'M': @@ -873,11 +873,6 @@ static int parse_argv(int argc, char *argv[]) { return -EINVAL; } - if (recursive_unset && arg_count == COUNT_PIDS) { - log_error("Non-recursive counting is only supported when counting processes, not tasks. Use -P or -k."); - return -EINVAL; - } - return 1; } @@ -902,6 +897,10 @@ int main(int argc, char *argv[]) { log_parse_environment(); log_open(); + r = parse_argv(argc, argv); + if (r <= 0) + goto finish; + r = cg_mask_supported(&mask); if (r < 0) { log_error_errno(r, "Failed to determine supported controllers: %m"); @@ -910,9 +909,10 @@ int main(int argc, char *argv[]) { arg_count = (mask & CGROUP_MASK_PIDS) ? COUNT_PIDS : COUNT_USERSPACE_PROCESSES; - r = parse_argv(argc, argv); - if (r <= 0) - goto finish; + if (arg_recursive_unset && arg_count == COUNT_PIDS) { + log_error("Non-recursive counting is only supported when counting processes, not tasks. Use -P or -k."); + return -EINVAL; + } r = show_cgroup_get_path_and_warn(arg_machine, arg_root, &root); if (r < 0) { diff --git a/src/core/service.c b/src/core/service.c index a63c6d8bc3..b45929e535 100644 --- a/src/core/service.c +++ b/src/core/service.c @@ -2163,7 +2163,6 @@ static int service_serialize_exec_command(Unit *u, FILE *f, ExecCommand *command unsigned idx; const char *type; char **arg; - _cleanup_strv_free_ char **escaped_args = NULL; _cleanup_free_ char *args = NULL, *p = NULL; size_t allocated = 0, length = 0; @@ -2306,7 +2305,7 @@ static int service_deserialize_exec_command(Unit *u, const char *key, const char bool control, found = false; ServiceExecCommand id = _SERVICE_EXEC_COMMAND_INVALID; ExecCommand *command = NULL; - _cleanup_free_ char *args = NULL, *path = NULL; + _cleanup_free_ char *path = NULL; _cleanup_strv_free_ char **argv = NULL; enum ExecCommandState { diff --git a/src/hostname/meson.build b/src/hostname/meson.build index 68275ba8f5..7cb5fc135a 100644 --- a/src/hostname/meson.build +++ b/src/hostname/meson.build @@ -1,9 +1,9 @@ -install_data('org.freedesktop.hostname1.conf', - install_dir : dbuspolicydir) -install_data('org.freedesktop.hostname1.service', - install_dir : dbussystemservicedir) - if conf.get('ENABLE_HOSTNAMED', 0) == 1 + install_data('org.freedesktop.hostname1.conf', + install_dir : dbuspolicydir) + install_data('org.freedesktop.hostname1.service', + install_dir : dbussystemservicedir) + custom_target( 'org.freedesktop.hostname1.policy', input : 'org.freedesktop.hostname1.policy.in', diff --git a/src/import/pull-common.c b/src/import/pull-common.c index 4c745288f5..78840dd882 100644 --- a/src/import/pull-common.c +++ b/src/import/pull-common.c @@ -394,7 +394,6 @@ int pull_verify(PullJob *main_job, PullJob *signature_job) { _cleanup_close_pair_ int gpg_pipe[2] = { -1, -1 }; - _cleanup_free_ char *fn = NULL; _cleanup_close_ int sig_file = -1; char sig_file_path[] = "/tmp/sigXXXXXX", gpg_home[] = "/tmp/gpghomeXXXXXX"; _cleanup_(sigkill_waitp) pid_t pid = 0; diff --git a/src/import/pull-raw.c b/src/import/pull-raw.c index fd2e472f09..a15eac1f1f 100644 --- a/src/import/pull-raw.c +++ b/src/import/pull-raw.c @@ -580,7 +580,6 @@ static int raw_pull_job_on_open_disk_generic( const char *extra, char **temp_path) { - _cleanup_free_ char *p = NULL; int r; assert(i); diff --git a/src/journal-remote/meson.build b/src/journal-remote/meson.build index 394be7068c..072fa14548 100644 --- a/src/journal-remote/meson.build +++ b/src/journal-remote/meson.build @@ -37,13 +37,13 @@ if conf.get('ENABLE_REMOTE', 0) == 1 and conf.get('HAVE_MICROHTTPD', 0) == 1 configuration : substs) install_data(journal_remote_conf, install_dir : pkgsysconfdir) -endif -install_data('browse.html', - install_dir : join_paths(pkgdatadir, 'gatewayd')) + install_data('browse.html', + install_dir : join_paths(pkgdatadir, 'gatewayd')) -meson.add_install_script('sh', '-c', - mkdir_p.format('/var/log/journal/remote')) -meson.add_install_script('sh', '-c', - 'chown 0:0 $DESTDIR/var/log/journal/remote && - chmod 755 $DESTDIR/var/log/journal/remote || :') + meson.add_install_script('sh', '-c', + mkdir_p.format('/var/log/journal/remote')) + meson.add_install_script('sh', '-c', + 'chown 0:0 $DESTDIR/var/log/journal/remote && + chmod 755 $DESTDIR/var/log/journal/remote || :') +endif diff --git a/src/locale/meson.build b/src/locale/meson.build index f722e0ed92..d03af4c0e2 100644 --- a/src/locale/meson.build +++ b/src/locale/meson.build @@ -27,9 +27,11 @@ endif kbd_model_map = join_paths(meson.current_source_dir(), 'kbd-model-map') language_fallback_map = join_paths(meson.current_source_dir(), 'language-fallback-map') -install_data('kbd-model-map', - 'language-fallback-map', - install_dir : pkgdatadir) +if conf.get('ENABLE_LOCALED', 0) == 1 + install_data('kbd-model-map', + 'language-fallback-map', + install_dir : pkgdatadir) +endif tests += [ [['src/locale/test-keymap-util.c', diff --git a/src/machine/meson.build b/src/machine/meson.build index 4ecb1cdb93..953774fdb6 100644 --- a/src/machine/meson.build +++ b/src/machine/meson.build @@ -39,8 +39,7 @@ endif tests += [ [['src/machine/test-machine-tables.c'], [libmachine_core, - libshared, - libudev], + libshared], [threads], 'ENABLE_MACHINED'], ] diff --git a/src/network/meson.build b/src/network/meson.build index 1fa7db50ce..808f9eebbc 100644 --- a/src/network/meson.build +++ b/src/network/meson.build @@ -130,9 +130,8 @@ if conf.get('ENABLE_NETWORKD', 0) == 1 [libnetworkd_core, libudev_internal, libsystemd_network, - libshared, - libfirewall], - [libiptc]], + libshared], + []], [['src/network/test-network-tables.c', 'src/network/test-network-tables.c', @@ -141,8 +140,7 @@ if conf.get('ENABLE_NETWORKD', 0) == 1 libudev_internal, libudev_core, libsystemd_network, - libshared, - libfirewall], + libshared], [], '', '', [], [network_include_dir] + libudev_core_includes], diff --git a/src/network/netdev/geneve.h b/src/network/netdev/geneve.h index d97dac892c..f93b550b06 100644 --- a/src/network/netdev/geneve.h +++ b/src/network/netdev/geneve.h @@ -25,7 +25,6 @@ typedef struct Geneve Geneve; #include "netdev.h" #include "networkd-link.h" #include "networkd-network.h" -#include "netdev.h" #define GENEVE_VID_MAX (1u << 24) - 1 diff --git a/src/nspawn/nspawn.c b/src/nspawn/nspawn.c index fd00d0957a..905dbc4c74 100644 --- a/src/nspawn/nspawn.c +++ b/src/nspawn/nspawn.c @@ -1158,6 +1158,10 @@ static int parse_argv(int argc, char *argv[]) { arg_caps_retain = (arg_caps_retain | plus | (arg_private_network ? 1ULL << CAP_NET_ADMIN : 0)) & ~minus; + r = cg_unified_flush(); + if (r < 0) + return log_error_errno(r, "Failed to determine whether the unified cgroups hierarchy is used: %m"); + e = getenv("SYSTEMD_NSPAWN_CONTAINER_SERVICE"); if (e) arg_container_service_name = e; @@ -3545,10 +3549,6 @@ int main(int argc, char *argv[]) { log_parse_environment(); log_open(); - r = cg_unified_flush(); - if (r < 0) - return log_error_errno(r, "Failed to determine whether the unified cgroups hierarchy is used: %m"); - /* Make sure rename_process() in the stub init process can work */ saved_argv = argv; saved_argc = argc; diff --git a/src/resolve/meson.build b/src/resolve/meson.build index 46a417e766..347ffaaeca 100644 --- a/src/resolve/meson.build +++ b/src/resolve/meson.build @@ -135,10 +135,10 @@ if conf.get('ENABLE_RESOLVED', 0) == 1 configuration : substs) install_data(resolved_conf, install_dir : pkgsysconfdir) -endif -install_data('resolv.conf', - install_dir : rootlibexecdir) + install_data('resolv.conf', + install_dir : rootlibexecdir) +endif tests += [ [['src/resolve/test-resolve-tables.c', diff --git a/src/shared/efivars.c b/src/shared/efivars.c index 8631a5a5d9..8229e6b183 100644 --- a/src/shared/efivars.c +++ b/src/shared/efivars.c @@ -269,6 +269,7 @@ int efi_set_variable( _cleanup_close_ int fd = -1; assert(name); + assert(value); if (asprintf(&p, "/sys/firmware/efi/efivars/%s-%02x%02x%02x%02x-%02x%02x-%02x%02x-%02x%02x-%02x%02x%02x%02x%02x%02x", diff --git a/src/shared/meson.build b/src/shared/meson.build index 8968127d3f..f1d73d1b3f 100644 --- a/src/shared/meson.build +++ b/src/shared/meson.build @@ -34,6 +34,7 @@ shared_sources = ''' efivars.h fdset.c fdset.h + firewall-util.h fstab-util.c fstab-util.h gcrypt-util.c @@ -114,6 +115,10 @@ if conf.get('HAVE_SECCOMP', 0) == 1 shared_sources += ['seccomp-util.c'] endif +if conf.get('HAVE_LIBIPTC', 0) == 1 + shared_sources += ['firewall-util.c'] +endif + libshared_name = 'systemd-shared-@0@'.format(meson.project_version()) libshared = shared_library( @@ -122,10 +127,10 @@ libshared = shared_library( basic_sources, journal_internal_sources, libsystemd_internal_sources, + libudev_sources, include_directories : includes, link_args : ['-shared'], c_args : ['-fvisibility=default'], - link_with : [libudev], dependencies : [threads, librt, libcap, @@ -152,21 +157,9 @@ libshared_static = static_library( libcap, libacl, libcryptsetup, - libiptc, libseccomp, libselinux, libidn, libxz, liblz4, libblkid]) - -if conf.get('HAVE_LIBIPTC', 0) == 1 - libfirewall = static_library( - 'firewall', - 'firewall-util.h', - 'firewall-util.c', - include_directories : includes, - dependencies : [libiptc]) -else - libfirewall = [] -endif diff --git a/src/shared/pager.c b/src/shared/pager.c index 22d7603ec6..4d7b02c63c 100644 --- a/src/shared/pager.c +++ b/src/shared/pager.c @@ -176,12 +176,14 @@ void pager_close(void) { /* Inform pager that we are done */ (void) fflush(stdout); - if (stdout_redirected && ((stored_stdout < 0) || (dup2(stored_stdout, STDOUT_FILENO) < 0))) - (void) close(STDOUT_FILENO); + if (stdout_redirected) + if (stored_stdout < 0 || dup2(stored_stdout, STDOUT_FILENO) < 0) + (void) close(STDOUT_FILENO); stored_stdout = safe_close(stored_stdout); (void) fflush(stderr); - if (stderr_redirected && ((stored_stderr < 0) || (dup2(stored_stderr, STDERR_FILENO) < 0))) - (void) close(STDERR_FILENO); + if (stderr_redirected) + if (stored_stderr < 0 || dup2(stored_stderr, STDERR_FILENO) < 0) + (void) close(STDERR_FILENO); stored_stderr = safe_close(stored_stderr); stdout_redirected = stderr_redirected = false; diff --git a/src/test/meson.build b/src/test/meson.build index 6c0fd4dca9..4ae1210fe1 100644 --- a/src/test/meson.build +++ b/src/test/meson.build @@ -55,8 +55,7 @@ tests += [ [['src/test/test-job-type.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -66,8 +65,7 @@ tests += [ [['src/test/test-ns.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -88,8 +86,7 @@ tests += [ [['src/test/test-hostname.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -110,8 +107,7 @@ tests += [ [['src/test/test-unit-name.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -121,8 +117,7 @@ tests += [ [['src/test/test-unit-file.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -285,8 +280,7 @@ tests += [ [['src/test/test-namespace.c'], [libcore, - libshared, - libudev], + libshared], [threads, libblkid]], @@ -415,8 +409,7 @@ tests += [ [['src/test/test-firewall-util.c'], - [libfirewall, - libshared], + [libshared], [], 'HAVE_LIBIPTC'], @@ -461,8 +454,7 @@ tests += [ [['src/test/test-cgroup-mask.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -492,8 +484,7 @@ tests += [ [['src/test/test-path.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -503,8 +494,7 @@ tests += [ [['src/test/test-execute.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -532,8 +522,7 @@ tests += [ [['src/test/test-sched-prio.c'], [libcore, - libshared, - libudev], + libshared], [threads, librt, libseccomp, @@ -564,8 +553,7 @@ tests += [ []], [['src/test/test-libudev.c'], - [libshared, - libudev], + [libshared], []], [['src/test/test-udev.c'], @@ -615,8 +603,7 @@ tests += [ [['src/journal/test-journal-syslog.c'], [libjournal_core, - libshared, - libudev], + libshared], [threads, libxz, liblz4, @@ -818,8 +805,7 @@ tests += [ 'src/libsystemd-network/dhcp-internal.h', 'src/systemd/sd-dhcp-client.h'], [libshared, - libsystemd_network, - libudev], + libsystemd_network], []], [['src/libsystemd-network/test-dhcp-server.c'], @@ -855,8 +841,7 @@ tests += [ 'src/systemd/sd-dhcp6-client.h', 'src/systemd/sd-ndisc.h'], [libshared, - libsystemd_network, - libudev], + libsystemd_network], []], [['src/libsystemd-network/test-dhcp6-client.c', @@ -865,8 +850,7 @@ tests += [ 'src/libsystemd-network/dhcp6-internal.h', 'src/systemd/sd-dhcp6-client.h'], [libshared, - libsystemd_network, - libudev], + libsystemd_network], []], [['src/libsystemd-network/test-lldp.c'], @@ -889,7 +873,6 @@ tests += [ [['src/login/test-login-tables.c'], [liblogind_core, - libshared, - libudev], + libshared], [threads]], ] diff --git a/src/update-done/update-done.c b/src/update-done/update-done.c index d466e1b759..06e2d7b71b 100644 --- a/src/update-done/update-done.c +++ b/src/update-done/update-done.c @@ -17,8 +17,10 @@ along with systemd; If not, see <http://www.gnu.org/licenses/>. ***/ +#include "alloc-util.h" #include "fd-util.h" #include "fileio.h" +#include "fs-util.h" #include "io-util.h" #include "selinux-util.h" #include "util.h" @@ -36,6 +38,7 @@ static int apply_timestamp(const char *path, struct timespec *ts) { _cleanup_fclose_ FILE *f = NULL; int fd = -1; int r; + _cleanup_(unlink_and_freep) char *tmp = NULL; assert(path); assert(ts); @@ -50,20 +53,20 @@ static int apply_timestamp(const char *path, struct timespec *ts) { if (r < 0) return log_error_errno(r, "Failed to set SELinux context for %s: %m", path); - fd = open(path, O_CREAT|O_WRONLY|O_TRUNC|O_CLOEXEC|O_NOCTTY|O_NOFOLLOW, 0644); + fd = open_tmpfile_linkable(path, O_WRONLY|O_CLOEXEC, &tmp); mac_selinux_create_file_clear(); if (fd < 0) { if (errno == EROFS) - return log_debug("Can't create timestamp file %s, file system is read-only.", path); + return log_debug("Can't create temporary timestamp file %s, file system is read-only.", tmp); - return log_error_errno(errno, "Failed to create/open timestamp file %s: %m", path); + return log_error_errno(errno, "Failed to create/open temporary timestamp file %s: %m", tmp); } f = fdopen(fd, "we"); if (!f) { safe_close(fd); - return log_error_errno(errno, "Failed to fdopen() timestamp file %s: %m", path); + return log_error_errno(errno, "Failed to fdopen() timestamp file %s: %m", tmp); } (void) fprintf(f, @@ -76,7 +79,15 @@ static int apply_timestamp(const char *path, struct timespec *ts) { return log_error_errno(r, "Failed to write timestamp file: %m"); if (futimens(fd, twice) < 0) - return log_error_errno(errno, "Failed to update timestamp on %s: %m", path); + return log_error_errno(errno, "Failed to update timestamp on %s: %m", tmp); + + /* fix permissions */ + (void) fchmod(fd, 0644); + r = link_tmpfile(fd, tmp, path); + if (r < 0) + return log_error_errno(r, "Failed to move \"%s\" to \"%s\": %m", tmp, path); + + tmp = mfree(tmp); return 0; } |