Age | Commit message (Collapse) | Author |
|
We need to map sealed files as MAP_PRIVATE so far as the kernel treats
MAP_SHARED as writable mapping (you can run mprotect(PROT_WRITE) at any
time on those). However, unsealed files must be mapped as MAP_SHARED.
Otherwise, we never end up writing to the real file.
|
|
We use memfds for sealing. Lets not bother with memfds created without
MFD_ALLOW_SEALING for now. They're equivalent to random shmem files, so
don't bother treating them as sealable memfds.
|
|
No reason to open /dev/kdbus/control if we want memfds. memfd_create() is
always available.
|
|
Fix the memfd.h header to use handy features like #pragma, cleanup-funcs
and util.h. Also drop the EXTERN-C macros.
|
|
Unlike earlier versions, the syscall only takes 2 arguments in its
final version, not 3.
|
|
Don't expose generic kernel API via libsystemd, but keep the code internal
for our own usage.
|
|
|
|
|
|
Unlikely to happen but still...
|
|
|
|
|
|
|
|
This is a generalization of the vtable privilege check we already have,
but exported, and hence useful when preparing for a polkit change.
This will deal with the complexity that on dbus1 one cannot trust the
capability field we retrieve via the bus, since it is read via
/proc/$$/stat (and thus might be out-of-date) rather than directly from
the message (like on kdbus) or bus connection (as for uid creds on
dbus1).
Also, port over all code to this new API.
|
|
|
|
|
|
only, and for all tools
Previously, we ended up parsing some of them three times: in main.c when
processing the kernel cmdline, in main.c when processing the process
cmdline (only for containers), and in log.c again.
Let's streamline this, and only parse them in log.c
In PID 1 also make sure we parse "quiet" first, and then override this
with the more specific checks in log.c
|
|
|
|
|
|
|
|
LLVM+clang does not allow statement-expressions inside of
type-declarations (file-scope). Use CONST_MAX() to avoid this.
|
|
The CONST_MAX() macro is similar to MAX(), but verifies that both
arguments have the same type and are constant expressions. Furthermore,
the result of CONST_MAX() is again a constant-expression.
CONST_MAX() avoids any statement-expressions and other non-trivial
expression-types. This avoids rather arbitrary restrictions in both GCC
and LLVM, which both either fail with statement-expressions inside
type-declarations or statement-expressions inside static-const
initializations.
If anybody knows how to circumvent this, please feel free to unify
CONST_MAX() and MAX().
|
|
We must add 'const' to local variables in statement-expressions to
guarantee that the macros can produce constant-expressions if given such.
GCC seems to ignore this, but LLVM/clang requires it (understandably).
|
|
|
|
|
|
for both validating domains and host names
|
|
|
|
|
|
|
|
ones later
This is primarily important for the domains list, as we really should
prefer the locally configured domain over the dhcp supplied ones when we
use it as a search list.
|
|
Also, simplify things a bit and make sure we don't forget looking at one
of the entries.
|
|
|
|
information
|
|
|
|
This allows the search/routing domanis to be specified per link/network and be passed
on to resolved.
|
|
If /etc/kernel/cmdline is missing or empty, we read /proc/cmdline and
want to filter out the initrd line. Due to a bug, the whole contents was
filtered out.
|
|
The "0,5" syntax was actually right. The real problem is, the test should
only run if the local system has the de_DE.UTF-8 locale. Therefore, skip
the tests if setlocale() fails. This is kinda ugly, as it is done
silently, but we cannot skip partial tests with the current
infrastructure. Should be fine this way.
|
|
makes ethernet addresses look funny
|
|
|
|
'ieee80211_radiotap'
|
|
This option will also apply to the search domains, so make it plural.
|
|
net.ipv4.conf.default.xyz=
Otherwise we have a boot-time race, where interfaces that popped up
after the sysctl service would get the settings applied, but all others
wouldn't.
|
|
|
|
This should have the benefit that cg_set_attribute() returns ENOENT
instead of EACCESS when we use it for non-existing attributes.
|
|
One strtod() test is broken since:
commit 8e211000025940b770794abf5754de61b4add0af
Author: Thomas Hindoe Paaboel Andersen <phomes@gmail.com>
Date: Mon Aug 4 23:13:31 2014 +0200
test: use fabs on doubles
The commit was right, so no reason to revert it, but the test was broken
before and only worked by coincidence. Convert "0,5" to "0.5" so we don't
depend on locales for double conversion (or well, we depend on "C" which
seems reasonable).
|
|
|
|
|
|
- systemd[1]: hello.service: main process exited, code= dumped, status=3/QUIT
- systemd-coredump[2541]: Failed to generate stack trace: Unwinding not supported for this architecture
- systemd-coredump[2541]: Process 1024 (hello) of user 154 dumped core.
|
|
|
|
Missed to add the SD_BUS_PROPERTY for no_delay.
|
|
TCP_DEFER_ACCEPT Allow a listener to be awakened only when data
arrives on the socket. If TCP_DEFER_ACCEPT set on a server-side
listening socket, the TCP/IP stack will not to wait for the final
ACK packet and not to initiate the process until the first packet
of real data has arrived. After sending the SYN/ACK, the server will
then wait for a data packet from a client. Now, only three packets
will be sent over the network, and the connection establishment delay
will be significantly reduced.
|