Age | Commit message (Collapse) | Author |
|
For ACLs to be valid, a set of entries for user, group, and other
must be always present. Always add those entries.
While at it, only add the mask ACL if it is actually required, i.e.
when at least on ACL for non-owner group or user exists.
|
|
|
|
This is much more useful in practice (equivalent to setfacl -m).
|
|
For types which adapt existing files it is generally more useful to accept
globs.
In analogy to z and Z, add recursive versions using uppercase letters.
Technically, making a accept globs is backwards incompatible, but in
practice it probably isn't yet widely used and we can assume that most
people don't create files with wildcards in names.
Functions which are used as callbacks, but not directly on items, are
renamed not to have "item_" prefix.
|
|
|
|
|
|
The data structure used by tmpfiles is changed: instead of hashmaps
mapping {path → Item*} we now have hashmaps containing
{path -> ItemArray}, where ItemArray contains a pointer
to an array of Items.
For current code it doesn't matter much, but when we add new types it
is easier to simply add a new Item for a given path, then to coalesce
multiple lines into one Item.
In the future, this change will also make it possible to remember the
file and line where each Item originates, and use that in reporting
errors. Currently this is not possible, since each Item can be created
from multiple lines.
|
|
If the path is absolute was only checked later.
Also do not check if path if absolute if we just
specified it starting with a slash.
|
|
The same algorithm as with - and @ in ExecStart= is used.
|
|
Certain conditions were checked more than once. Warning message
is improved.
|
|
Brazilian Portuguese update for CATALOG patch, according to commit
2057124e7910c4cab7e53d26e0c3749d326ae2bb ("Grammar changes to catalog")
https://bugs.freedesktop.org/show_bug.cgi?id=88588
|
|
int[] should not be used as pid_t[], even if happens to be same thing.
Also deduplicating in a quadratic loop right before sorting is unnecessary.
Remove custom greedy_realloc implementation.
|
|
Types used for pids and uids in various interfaces are unpredictable.
Too bad.
|
|
|
|
gcc 5 started warning about this.
|
|
|
|
client to it
The old "systemd-import" binary is now an internal tool. We still use it
as asynchronous backend for systemd-importd. Since the import tool might
require some IO and CPU resources (due to qcow2 explosion, and
decompression), and because we might want to run it with more minimal
priviliges we still keep it around as the worker binary to execute as
child process of importd.
machinectl now has verbs for pulling down images, cancelling them and
listing them.
|
|
|
|
syslog priority
This is useful when we execute our own programs, reading output from its
STDERR, and want to retain priority information.
|
|
|
|
This will also be used in dhcp4-client.
|
|
We will use the same in both dhcp4 and dhcp6.
|
|
|
|
used by the raw and tar importers
This gets us progress output as well xz/bzip2 support.
|
|
|
|
We use PY_LOG_COMPILER in Makefile.am for running *.py tests, which requires
automake's parallel test runner. This has only been the default from 1.13 on.
As we only require automake 1.11, add it as an option explicitly.
|
|
Since commit b7e7184 the SysV generator creates symlinks for all "Provides:" in
the LSB header. However, this is too greedy; there are cases where the
creation of a unit .service file fails because of an already existing
symlink with the same name:
- Backup files such as /etc/init.d/foo.bak still have "Provides: foo", and
thus get a foo.service -> foo.bak.service link. foo.bak would not be enabled
in rcN.d/, but we (deliberately) create units for all executables in init.d/
so that a manual "systemctl start" works. If foo.bak is processed before,
the symlink already exists.
- init.d/bar has "Provides: foo", while there also is a real init.d/foo. The
former would create a link foo.service -> bar.service, while the latter
would fail to create the real foo.service.
If we encounter an existing symlink, just remove it before writing a real unit.
Note that two init.d scripts "foo" and "bar" which both provide the same name
"common" already work. The first processed init script wins and creates the
"common.service" symlink, and the second just fails to create the symlink
again. Thus create an additional test case for this to ensure that it keeps
working sensibly.
https://bugs.debian.org/775404
|
|
We don't expect any unit generated from temporary package manager, swap, and
similar files.
|
|
dpkg itself also uses *.dpkg-dist, while .dpkg-{bak,backup,remove} are being
used by dpkg-maintscript-helper.
|
|
When deciding whether the provided name equals the file name in
sysv_translate_facility(), also consider them equal if the file name has a
".sh" suffix.
This was uncovered by commit b7e7184 which then created a symlink
"<name>.service" to itself for ".sh" suffixed init.d scripts.
For additional robustness, refuse to create symlinks to itself in add_alias().
Add test case which reproduces the bug.
https://bugs.debian.org/775889
|
|
|
|
This way, we can import CoreOS images unmodified.
|
|
In case CAP_SYS_ADMIN is missing (like in containers), one cannot fake pid in
struct ucred (uid/gid are fine if CAP_SETUID/CAP_SETGID are present).
Ensure that journald will try again to forward the messages to syslog without
faking the SCM_CREDENTIALS pid (which isn't guaranteed to succeed anyway, since
it also does the same thing if the process has already exited).
With this patch, journald will no longer silently discard messages
that are supposed to be sent to syslog in these situations.
https://bugs.debian.org/775067
|
|
This makes all functions that rely on _filter_units_by_property() (like
_systemctl_{stop,kill,try_restart}) work with unit names that contain backslash
escaped sequences (like automount units with spaces that are escaped to
"\x20").
|
|
Fix hardcoded "foo.service", test for the actual unit parameter.
|
|
Generated services which are symlinks should be tested/handled differently from
files, so ignore them in run_generator()'s result parsing.
|
|
This covers the general functionality as well as regression tests for recent
fixes like commits b7e718 and 1ed0c19.
|
|
|
|
|
|
|
|
|
|
This also adds an initial keyring for the verification, that contains
Ubuntu's and Fedora's key. We should probably add more entries sooner or
later.
|
|
Use the parallel test runner's TEST_EXTENSIONS/*_LOG_COMPILER feature
(https://www.gnu.org/software/automake/manual/html_node/Parallel-Test-Harness.html)
to run *.py tests through $(PYTHON), and only if we have python
available/enabled.
This eliminates the need of having shell wrappers, thus drop
test/rules-test.sh.
|
|
Drop globbing of rules/*.rules in the rules-test.sh wrapper and move that logic
into the actual test rule-syntax-check.py. This can still be called with
individual rules files, but when being called without arguments it will now
process all top_builddir/rules/*.rules.
Preparation for dropping the shell wrappers altogether.
|
|
When we set up a loopback device with partition probing, the udev
"change" event about the configured device is first passed on to
userspace, only the the in-kernel partition prober is started. Since
partition probing fails with EBUSY when somebody has the device open,
the probing frequently fails since udev starts probing/opening the
device as soon as it gets the notification about it, and it might do so
earlier than the kernel probing.
This patch adds a (hopefully temporary) work-around for this, that
compares the number of probed partitions of the kernel with those of
blkid and synchronously asks for reprobing until the numebrs are in
sync.
This really deserves a proper kernel fix.
|
|
|
|
|
|
|
|
files
|
|
|