Age | Commit message (Collapse) | Author |
|
A service with PrivateNetwork= cannot access abstract namespace sockets
of the host anymore, hence let's better not use abstract namespace
sockets for this, since we want to make sure that PrivateNetwork=
is useful and doesn't break sd_notify().
|
|
|
|
if PrivateDevices=yes is used we need to make sure we can still
create /dev/null and so on.
|
|
A terminated connection is a runtime error and not a developer mistake,
hence don't use assert_return() to check for it.
|
|
Let's automatically initialize the kill, exec and cgroup contexts of the
various unit types when the object is constructed, instead of
invididually in type-specific code.
Also, when PrivateDevices= is set, set DevicePolicy= to closed.
|
|
|
|
|
|
and /var/tmp are mounted
|
|
long-running daemons
|
|
|
|
Also mount /dev/kdbus, /dev/mqueue and /dev/hugepages into the /dev for
namespaced services.
|
|
|
|
|
|
Otherwise we would fail with -EINVAL. Thanks to Brandon Philips
<brandon.philips@coreos.com>, for reporting the bug.
|
|
Init-Reboot is tried if a client IP address has been given when
the DHCP client is started. In Init-Reboot, start by sending a
broadcast DHCP Request including the supplied client IP address
but without the server identifier. After sending the request,
enter Reboot state.
If a DHCP Ack is received, proceed to Bound state as usual. If a
DHCP Nak is received or the first timeout triggers, start the
address acquisition over from DHCP Init state.
See RFC 2131, sections 4.3.2, 4.4, 4.4.1 and 4.4.2 for details.
|
|
This causes the DHCP client struct initialization and DHCP client
starting to be factored out into functions of their own.
|
|
|
|
Remove identical checksum function implementation from the test
case code.
|
|
|
|
|
|
|
|
|
|
Add a new config 'Activating' directive which denotes whether a busname
is actually registered on the bus. It defaults to 'yes'.
If set to 'no', the .busname unit only uploads policy, which will remain
active as long as the unit is running.
|
|
|
|
messages queued for it
This way we can be sure that the service the messages are ultimately
intended for finds all fields it might need.
|
|
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=76335
|
|
number of fixed strings
|
|
|
|
|
|
negotiate it, refuse to take it
This makes sure we don't mishandle if developers specificy a different
AcceptFileDescriptors= setting in .busname units then they set for the
bus connection in the activated program.
|
|
AcceptFD= defaults to true, thus making sure that by default fd passing
is enabled for all activatable names. Since for normal bus connections
fd passing is enabled too by default this makes sure fd passing works
correctly regardless whether a service is already activated or not.
Making this configurable on both busname units and in bus connections is
messy, but unavoidable since busnames are established and may queue
messages before the connection feature negotiation is done by the
service eventually activated. Conversely, feature negotiation on bus
connections takes place before the connection acquires its names.
Of course, this means developers really should make sure to keep the
settings in .busname units in sync with what they later intend to
negotiate.
|
|
|
|
safe_close() automatically becomes a NOP when a negative fd is passed,
and returns -1 unconditionally. This makes it easy to write lines like
this:
fd = safe_close(fd);
Which will close an fd if it is open, and reset the fd variable
correctly.
By making use of this new scheme we can drop a > 200 lines of code that
was required to test for non-negative fds or to reset the closed fd
variable afterwards.
|
|
|
|
|
|
|
|
|
|
The default slack caused there to be a delay before timers fired. Solve it
by setting timers that should trigger immediately to trigger far in the past.
This brings down the ideal-case dhcp lease acquisition time from about 500ms to
about 50ms (over a veth pair, so no network latency involved).
All the rest of the time (except for ~0.5ms) is spent in the bind() call in,
dhcp_network_bind_raw_socket(). I don't know if there is anything to be done
about that though...
|
|
It seems that resources are properly deallocated by MHD_destroy_response,
even if enqueuing the request fails.
Also replace a trivial printf with alloca and fixup log message
(it'll now be something like "Connection from CN=some.host.name",
which seems clear enough.)
|
|
This chunk got lost in one of the rebases :(
|
|
new verb "poweroff"
There's really no point to send the reboot SIGINT from machinectl
directly, if machined can do that anyway. This saves code, and
makes machinectl network transparent for these verbs. And while we are
at it we can easily add a "poweroff" verb in addition to "reboot". Yay!
|
|
"leader"
|
|
|
|
Given that glibc searches for /dev/shm by just looking for any tmpfs we
should be more careful with providing tmpfs instances arbitrary code
might end up writing to.
|
|
|
|
|
|
indicating a failure state
(Subject to --no-legend)
|
|
|
|
--system
-H --host
-M --machine
--service-type (options: simple forking oneshot dbus notify idle)
--uid
--gid
--nice
--setenv
-p --property (options read from bus_append_unit_property_assignment)
|