summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2014-10-24udev: do NOT re-label smackWaLyong Cho
If selinux is disabled and smack is only enabled, smack label is relable-ed by label_fix. To avoid, make only be labeled for selinux.
2014-10-24manager: Linux on hppa has fewer rtsigs, hence avoid using the higher ones thereLennart Poettering
https://bugs.freedesktop.org/show_bug.cgi?id=84931
2014-10-24man: remove another gendered pronounKlaus Purer
2014-10-24journald: removed gendered pronouns in commentKlaus Purer
2014-10-24man: fix minor typoLennart Poettering
2014-10-24man: add a link to the XDG basedir spec from the pam_sytemd man pageLennart Poettering
2014-10-24man: avoid gendered singular pronounsLennart Poettering
Using "their" as pronoun in these places is confusing since it is more associated with plural rather than singular, and the sentence already contains a plural. The word "her/his" apparently offends some people, hence let's avoid the problem altogether and just name the noun again.
2014-10-24man: minor addition to coredumpctl exampleLennart Poettering
2014-10-24cryptsetup: Fix timeout on dm device.Hugo Grostabussiat
Fix a bug in systemd-cryptsetup-generator which caused the drop-in setting the job timeout for the dm device unit to be written with a name different than the unit name. https://bugs.freedesktop.org/show_bug.cgi?id=84409
2014-10-24shutdown: pass own argv to /run/initramfs/shutdownMarius Tessmann
Since commit b1e90ec515408aec2702522f6f68c4920b56375b systemd passes its log settings to systemd-shutdown via command line parameters. However, systemd-shutdown doesn't pass these parameters to /run/initramfs/shutdown, causing it to fall back to the default log settings. This fixes the following bugs about the shutdown not being quiet despite "quiet" being in the kernel parameters: https://bugs.freedesktop.org/show_bug.cgi?id=79582 https://bugs.freedesktop.org/show_bug.cgi?id=57216
2014-10-24selinux: fix handling of relative paths when setting up create labelLennart Poettering
2014-10-24man: in pam_systemd, it must be "his" (or "her"), not theirLennart Poettering
2014-10-23socket: properly label socket symlinksLennart Poettering
2014-10-23socket: fix error comparisonLennart Poettering
2014-10-23label: move is_dir() to util.cLennart Poettering
2014-10-23label: unify code to make directories, symlinksLennart Poettering
2014-10-23label: don't try to create labelled directories more than onceLennart Poettering
2014-10-23selinux: clean up selinux label function namingLennart Poettering
2014-10-23selinux: simplify and unify loggingLennart Poettering
Normally we shouldn#t log from "library" functions, but SELinux is weird, hence upgrade security messages uniformly to LOG_ERR when in enforcing mode.
2014-10-23selinux: rework label query APIsLennart Poettering
APIs that query and return something cannot silently fail, they must either return something useful, or an error. Fix that. Also, properly rollback socket unit fd creation when something goes wrong with the security framework.
2014-10-23smack: we don't need the special labels exported, hence don'tLennart Poettering
2014-10-23selinux: drop 3 unused function prototypesLennart Poettering
2014-10-23smack: rework SMACK label fixing code to follow more closely the semantics ↵Lennart Poettering
of the matching selinux code
2014-10-23smack: never follow symlinks when relabellingLennart Poettering
previously mac_smack_apply(path, NULL) would operate on the symlink itself while mac_smack_apply(path, "foo") would follow the symlink. Let's clean this up an always operate on the symlink, which appears to be the safer option.
2014-10-23smack: rework smack APIs a bitLennart Poettering
a) always return negative errno error codes b) always become a noop if smack is off c) always take a NULL label as a request to remove it
2014-10-23mac: rename all calls that apply a label mac_{selinux|smack}_apply_xyz(), ↵Lennart Poettering
and all that reset it to defaults mac_{selinux|smack}_fix() Let's clean up the naming schemes a bit and use the same one for SMACK and for SELINUX.
2014-10-23selinux: make use of cleanup gcc magicLennart Poettering
2014-10-23TODOTom Gundersen
2014-10-23man: pam_systemd: some typos fixed, some info addedDaniel Mack
Just some minor nits that I stumbled over when reading the man page.
2014-10-23unit: adjust for the possibility of set_move() failingMichal Schmidt
2014-10-23hashmap: allow hashmap_move() to failMichal Schmidt
It cannot fail in the current hashmap implementation, but it may fail in alternative implementations (unless a sufficiently large reservation has been placed beforehand).
2014-10-23unit: place reservations before merging other's dependenciesMichal Schmidt
With the hashmap implementation that uses chaining the reservations merely ensure that the merging won't result in long bucket chains. With a future alternative implementation it will additionally reserve memory to make sure the merging won't fail.
2014-10-23install, cgtop: adjust hashmap_move_one() callers for -ENOMEM possibilityMichal Schmidt
That hashmap_move_one() currently cannot fail with -ENOMEM is an implementation detail, which is not possible to guarantee in general. Hashmap implementations based on anything else than chaining of individual entries may have to allocate. hashmap_move_one will not fail with -ENOMEM if a proper reservation has been made beforehand. Use reservations in install.c. In cgtop.c simply propagate the error instead of asserting.
2014-10-23test: add test for hashmap_reserve()Michal Schmidt
2014-10-23hashmap: introduce hashmap_reserve()Michal Schmidt
With the current hashmap implementation that uses chaining, placing a reservation can serve two purposes: - To optimize putting of entries if the number of entries to put is known. The reservation allocates buckets, so later resizing can be avoided. - To avoid having very long bucket chains after using hashmap_move(_one). In an alternative hashmap implementation it will serve an additional purpose: - To guarantee a subsequent hashmap_move(_one) will not fail with -ENOMEM (this never happens in the current implementation).
2014-10-23hashmap: return more information from resize_buckets()Michal Schmidt
Return 0 if no resize was needed, 1 if successfully resized and negative on error.
2014-10-23shared: split mempool implementation from hashmapsMichal Schmidt
2014-10-23resolve: make DnsScope::conflict_queue an OrderedHashmapMichal Schmidt
on_conflict_dispatch() uses hashmap_steal_first() and then does something non-trivial with it. It may care about the order.
2014-10-23sd-bus: make sd_bus::reply_callbacks a OrderedHashmapMichal Schmidt
The way process_closing() picks the first entry from reply_callbacks and works with it makes it likely that it cares about the order.
2014-10-23journal: make sd_journal::files a OrderedHashmapMichal Schmidt
Anything that uses hashmap_next() almost certainly cares about the order and needs to be an OrderedHashmap.
2014-10-23journal: make Server::user_journals an OrderedHashmapMichal Schmidt
Order matters here. It replaces oldest entries first when USER_JOURNALS_MAX is reached.
2014-10-23journal: make JournalFile::chain_cache an OrderedHashmapMichal Schmidt
The order of entries may matter here. Oldest entries are evicted first when the cache is full. (Though I don't see anything to rejuvenate entries on cache hits.)
2014-10-23install: make InstallContext::{will_install,have_installed} OrderedHashmapsMichal Schmidt
It appears order may matter here. Use OrderedHashmaps to be safe.
2014-10-23hashmap: drop assert(h) from hashmap_next()Michal Schmidt
It's handled just fine by returning NULL.
2014-10-23hashmap: hashmap_move_one() should return -ENOENT when 'other' is NULLMichal Schmidt
-ENOENT is the same return value as if 'other' were an allocated hashmap that does not contain the key. A NULL hashmap is a possible way of expressing a hashmap that contains no key.
2014-10-23test: add and improve hashmap testsMichal Schmidt
Test more corner cases and error states in several tests. Add new tests for: hashmap_move hashmap_remove hashmap_remove2 hashmap_remove_value hashmap_remove_and_replace hashmap_get2 hashmap_first In test_hashmap_many additionally test with an intentionally bad hash function.
2014-10-23test: generate tests for OrderedHashmap from Hashmap testsMichal Schmidt
test-hashmap-ordered.c is generated from test-hashmap-plain.c simply by substituting "ordered_hashmap" for "hashmap" etc. In the cases where tests rely on the order of entries, a distinction between plain and ordered hashmaps is made using the ORDERED macro, which is defined only for test-hashmap-ordered.c.
2014-10-23hashmap: add OrderedHashmap as a distinct typeMichal Schmidt
Few Hashmaps/Sets need to remember the insertion order. Most don't care about the order when iterating. It would be possible to use more compact hashmap storage in the latter cases. Add OrderedHashmap as a distinct type from Hashmap, with functions prefixed with "ordered_". For now, the functions are nothing more than inline wrappers for plain Hashmap functions.
2014-10-23mac: also rename use_{smack,selinux,apparmor}() calls so that they share the ↵Lennart Poettering
new mac_{smack,selinux,apparmor}_xyz() convention
2014-10-23mac: rename apis with mac_{selinux/smack}_ prefixWaLyong Cho