| Age | Commit message (Collapse) | Author |
|---|
|
This way we are sure that /dev/net/tun has been given the right permissions before we try to connect to it.
Ideally, we should create tun/tap devices over netlink, and then this whole issue would go away.
|
|
netdev
|
|
|
|
If BusPolicy= was passed, the parser function will have created
an ExecContext->bus_endpoint object, along with policy information.
In that case, create a kdbus endpoint, and pass its path name to the
namespace logic, to it will be mounted over the actual 'bus' node.
At endpoint creation time, no policy is updloaded. That is done after
fork(), through a separate call. This is necessary because we don't
know the real uid of the process earlier than that.
|
|
|
|
If a path to a previously created custom kdbus endpoint is passed in,
bind-mount a new devtmpfs that contains a 'bus' node, which in turn in
bind-mounted with the custom endpoint. This tmpfs then mounted over the
kdbus subtree that refers to the current bus.
This way, we can fake the bus node in order to lock down services with
a kdbus custom endpoint policy.
|
|
Add a new directive called BusPolicy to define custom endpoint policies. If
one such directive is given, an endpoint object in the service's ExecContext is
created and the given policy is added to it.
|
|
Custom endpoints are alternative connection points to a bus, allowing
specific policy to be uploaded.
Add two functions to bus-kernel. One to create such endpoints, and another
one for setting a policy for them.
|
|
Add types to describe endpoints and associated policy entries,
and add a BusEndpoint instace to ExecContext.
|
|
In order to re-use the policy definitions, factor them out into their own
files.
|
|
|
|
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760613
|
|
|
|
The LSB sites have moved, so update the URL.
|
|
This factors out one conditional branch that has grown way too big, and
makes the code more readable by using return statements rather than jump
labels.
|
|
This way, the list of arguments to that function gets more comprehensive,
and we can get around passing lots of NULL and 0 arguments from socket.c,
swap.c and mount.c.
It also allows for splitting up the code in exec_spawn().
While at it, make ExecContext const in execute.c.
|
|
in systemd(1)
Based on a suggestion of Ken Coar.
|
|
They are closely related, so let's move them together, and clean up the
.c file naming while we are at it.
|
|
|
|
|
|
|
|
Fixes https://bugs.freedesktop.org/show_bug.cgi?id=83134.
|
|
Don't wait for the link to be fully synchronised.
|
|
link_update()
This allows us also to simplify link_has_carrier() a bit.
|
|
|
|
|
|
Fixup for v208-615-g718db96199.
|
|
If a user specifies multiple X11 keymaps, with a (at least the first
one) nonempty variant, and we don't match the whole combo, use
a converted keymap which includes the variant in preference to
the default, variantless, keymap.
E.g.: We would convert X11 config "layout=fr variant=mac" to "fr-mac",
but "layout=fr,us variant=mac," to "fr", because we don't have a
converted keymap which would match "fr,us", and we don't have a legacy
mapping for "fr,us". This is unexpected, and if we cannot match both,
it is still better to match the primary mapping and use "fr-mac".
|
|
|
|
Converting X11 to legacy keymaps and back is a fucking mess. Let's
make it at least possible to request detailed logs of what is being
changed and why (LOG_DEBUG level).
At LOG_INFO level, we would log the requested change of X11 or console
keymap, but not the resulting change after conversion to console or X11.
Make sure that every change of configuration on disk has a matching
line in the logs.
|
|
It was mostly a duplicate of free_and_strdup().
|
|
Very unlikely to trigger, but in principle strv_free
could be called twice: once explictly, and once from cleanup.
|
|
|
|
|
|
|
|
Functions either should generate error messages for everything they do
themselves, or for nothing and let the caller do it. But they certainly
shouldn't generate errors for some messages but not for others. Since
the function in this case is one that generates messages on its own, it
really should do that for everything, not just for some things, hence.
|
|
Yum was creating <container>/var/run/yum.pid and hence this directory
was created before filesystem package could create the symlink
/var/run -> /run.
This should be now fixed in yum.
|
|
It seems the return code of systemctl daemon-reload can be !=0 in some
circumstances, which causes a failure of the unit and breaks booting in
the initrd.
|
|
The check, if the directory/file already exists is only executed, if
there is a symlink target specified. In case of "/root", there is none,
so it is unconditionally tried to create the directory.
In case of a readonly filesystem, errno != EEXIST, but errno == EROFS,
so base_filesystem_create() and switch_root does not succeed.
This patch checks for existance not only in the symlink case.
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=634736
|
|
timeout"
This reverts commit 665c6a9eab46b0b253af6566ca9fc70c866b3fcd.
On Tue, Sep 2, 2014 at 3:17 PM, Miroslav Lichvar <mlichvar@redhat.com> wrote:
>
> With the other patch allowing missed replies included it's now getting
> stuck as there is no timer to send the 2nd and 3rd request.
|
|
Original patch from: Miroslav Lichvar <mlichvar@redhat.com>
|
|
After receiving a reply from the server, allow two missed replies before
switching to another server to avoid unnecessary clock hopping when
packets are getting lost in the network.
|
|
|
|
When all servers are exhausted, wait for one poll interval before trying
to connect again to the first server in the list. Also, keep increasing
the polling interval to make sure a client not getting any valid replies
will not send requests to any server more frequently than is allowed by
the maximum polling interval.
|
|
Reported by Thomas H.P. Andersen <phomes@gmail.com>.
|
|
blueness> poettering, was there a reason for not removing
50-firmware.rules when you nuked userland firmware
loading?
Followup for v216-119-gbe2ea723b1.
|
|
Simplify the way we handler session-controllers and fix several
shortcomings:
* send ReleaseDevice() signals on forced session takeover
* fix mem-leaks for busnames in case VT preparation fails (non-critical)
* avoid passing pre-allocated names to helpers
|
|
|
|
|
