Age | Commit message (Collapse) | Author |
|
|
|
pid 1 fixes, resolved fixes, and more
|
|
|
|
actually verify it
|
|
Fixes: #2338
|
|
|
|
This clean-ups timeout handling in PID 1. Specifically, instead of storing 0 in internal timeout variables as
indication for a disabled timeout, use USEC_INFINITY which is in-line with how we do this in the rest of our code
(following the logic that 0 means "no", and USEC_INFINITY means "never").
This also replace all usec_t additions with invocations to usec_add(), so that USEC_INFINITY is properly propagated,
and sd-event considers it has indication for turning off the event source.
This also alters the deserialization of the units to restart timeouts from the time they were originally started from.
Before this patch timeouts would be restarted beginning with the time of the deserialization, which could lead to
artificially prolonged timeouts if a daemon reload took place.
Finally, a new RuntimeMaxSec= setting is introduced for service units, that specifies a maximum runtime after which a
specific service is forcibly terminated. This is useful to put time limits on time-intensive processing jobs.
This also simplifies the various xyz_spawn() calls of the various types in that explicit distruction of the timers is
removed, as that is done anyway by the state change handlers, and a state change is always done when the xyz_spawn()
calls fail.
Fixes: #2249
|
|
|
|
Make sure we can properly process resource limit properties. Specifically, allow transient configuration of both the
soft and hard limit, the same way from the unit files. Previously, only the the hard rlimits could be configured but
they'd implicitly spill into the soft hard rlimits.
This also updates the client-side code to be able to parse hard/soft resource limit specifications. Since we need to
serialize two properties in bus_append_unit_property_assignment() now, the marshalling of the container around it is
now moved into the function itself. This has the benefit of shortening the calling code.
As a side effect this now beefs up the rlimit parser of "systemctl set-property" to understand time and disk sizes
where that's appropriate.
|
|
clang is apparently not smart enough to detect when a switch statement contains case statements for all possible values
of the used type. Work around that.
(And while we are at it, normalize indentation a bit)
Fixes: #2504
|
|
Let's write the property name and value in one call, when that's possible, shorthing our code a bit.
|
|
Let's simplify things a bit, and make sure we don't lose accuracy.
|
|
Clear up some confusion regarding the USec and Sec suffixes we use. In configuration files we usually use the Sec
suffix, to indicate the implied time unit if none is specified. The respective bus properties however use the USec
property, since they expose 64bit unsigned integers containing time in µs.
Before this patch timer units exposed a bus property AccuracyUSec (which hence is the correct name) but when parsing
transient property data would look for AccuracySec instead (which is incorrect). This patch ensures we look for
AccuracySec correctly, but keeps the code for AccuracyUSec in place for compatibility, but adds a warning to ensure
that apps are updated to use the right property.
|
|
This formats a struct rlimit the way rlimit_parse() expects it.
|
|
partition table
Fixes: #2483
|
|
This way we can reuse it for parsing rlimit settings in "systemctl set-property" and related commands.
|
|
This adds a new timestamp field to the Unit struct, storing when the last low-level state change took place, and make
sure this is restored after a daemon reload. This new field is useful to allow restarting of per-state timers exactly
where they originally started.
|
|
event source
This should simplify handling of time events in clients and is in-line with the USEC_INFINITY macro we already have.
This way setting a timeout to 0 indicates "elapse immediately", and a timeout of USEC_INFINITY "elapse never".
|
|
deal with overflows
|
|
|
|
Previously, if a hostanem is resolved with AF_UNSPEC specified, this would be used as indication to resolve both an
AF_INET and an AF_INET6 address. With this change this logic is altered: an AF_INET address is only resolved if there's
actually a routable IPv4 address on the specific interface, and similar an AF_INET6 address is only resolved if there's
a routable IPv6 address. With this in place, it's ensured that the returned data is actually connectable by
applications. This logic mimics glibc's resolver behaviour.
Note that if the client asks explicitly for AF_INET or AF_INET6 it will get what it asked for.
This also simplifies the logic how it is determined whether a specific lookup shall take place on a scope.
Specifically, the checks with dns_scope_good_key() are now moved out of the transaction code and into the query code,
so that we don't even create a transaction object on a specific scope if we cannot execute the resolution on it anyway.
|
|
Fixes: #2490
|
|
Make sure the --help and --version options are mentioned first, like in all our other tools.
|
|
Make sure we construct the full environment block on the heap, so that we can clean things up properly if execv()
fails.
|
|
Fix typos and a small build fix
|
|
HAVE_IDN is not defined when systemd is build without it
|
|
|
|
tmpfiles: drop /run/lock/lockdev
|
|
Hardly any software uses that any more, and better locking mechanisms like
flock() have been available for many years.
Also drop the corresponding "lock" group from sysusers.d/basic.conf.in, as
nothing else is using this.
|
|
Expose additional booleans in sd_journal and improve error messages in journalctl
|
|
|
|
Make it clear that specifing boot when there is actually only one has no
effect. This cosmetic patch improves user experience a bit.
|
|
Also introduce sd_journal_has_runtime_files() and
sd_journal_has_persistent_files() to the public API. These functions
can be used to easily find out if the open journal files are runtime
and/or persistent.
|
|
udev: net_id - for ccw bus, shorten the identifier and stip leading z…
|
|
Fix selinux check for ReloadUnit
|
|
Resolved without gcrypt
|
|
hwdb: add Samsung 305V4A axis resolutions
|
|
From https://bugzilla.redhat.com/show_bug.cgi?id=1294022
|
|
|
|
It's not used anywhere else.
|
|
Preparation to make gcrypt optional.
|
|
|
|
remove duplication
|
|
Fixes:
-bash-4.3# echo 1 >/sys/fs/selinux/enforce
-bash-4.3# runcon -t systemd_test_start_t systemctl start hola
-bash-4.3# sesearch --allow -s systemd_test_reload_t -c service
Found 1 semantic av rules:
allow systemd_test_reload_t systemd_unit_file_t : service reload ;
-bash-4.3# runcon -t systemd_test_reload_t systemctl reload hola
Failed to reload hola.service: Access denied
See system logs and 'systemctl status hola.service' for details.
-bash-4.3# journalctl -b | grep -i user_avc | grep reload
USER_AVC pid=1 uid=0 auid=4294967295 ses=4294967295 subj=system_u:system_r:init_t:s0
msg='
avc: denied { start } for auid=0 uid=0 gid=0 path="/etc/systemd/system/hola.service" cmdline="systemctl reload hola"
scontext=unconfined_u:unconfined_r:systemd_test_reload_t:s0-s0:c0.c1023
tcontext=system_u:object_r:systemd_unit_file_t:s0
tclass=service
See
https://fedoraproject.org/wiki/Features/SELinuxSystemdAccessControl#Documentation
|
|
bootctl: replace readdir() loops with FOREACH_DIRENT
|
|
|
|
|
|
Resolved 2
|
|
basic: fix touch() creating files with 07777 mode
|
|
mode_t is unsigned, so MODE_INVALID < 0 can never be true.
This fixes a possible DoS where any user could fill /run by writing to
a world-writable /run/systemd/show-status.
|