Age | Commit message (Collapse) | Author |
|
We want to reuse these functions for the server library too.
|
|
|
|
|
|
Split the recevie_message callback into _raw and _udp parts and a generic
DHCPMessage handler.
Also always verify the xid/MAC, rather than only for udp messages.
|
|
We can always know the size based on the type, so let's do this inside the library.
|
|
The kernel will happily treat 0x0 as 0xffffffff, but it is for backwards
compatibility only, so let's not perpetuate this.
|
|
|
|
|
|
Several sections of the man pages included intermixed tabs and spaces;
this commit replaces all tabs with spaces.
|
|
Actually 'STDOUT' is something that doesn't appear anywhere: in the
stdlib we have 'stdin', and there's only the constant STDOUT_FILENO,
so there's no reason to use capitals. When refering to code,
STDOUT/STDOUT/STDERR are replaced with stdin/stdout/stderr, and in
other places they are replaced with normal phrases like standard
output, etc.
|
|
* standardize capitalization of STDIN, STDOUT, and STDERR
* reword some sentences for clarity
* reflow some very long lines to be shorter than ~80 characters
* add some missing <literal>, <constant>, <varname>, <option>, and <filename> tags
|
|
Commit 5ba6985b moves the UNIT_VTABLE(u)->sigchld_event before systemd
actually reaps the zombie. Which leads to service_load_pid_file accepting
zombie as a valid pid.
This fixes timeouts like:
[ 2746.602243] systemd[1]: chronyd.service stop-sigterm timed out. Killing.
[ 2836.852545] systemd[1]: chronyd.service still around after SIGKILL. Ignoring.
[ 2927.102187] systemd[1]: chronyd.service stop-final-sigterm timed out. Killing.
[ 3017.352560] systemd[1]: chronyd.service still around after final SIGKILL. Entering failed mode.
|
|
|
|
That is, without --enable-kdbus and kdbus running.
With --enable-kdbus things are more complicated, because dbus might be
necessary, if kdbus is missing at runtime. If it is not necessary,
the socket will be started, which is not imporant, but not the service.
|
|
|
|
I got some errors about lack of disk space... 100MB either way
shouldn't matter.
|
|
|
|
|
|
When invoked without -D in an arbitrary directory we should not try to
execute anything, make some validity checks first.
|
|
actual sources, so that we don't get spurious newlines in the man page output
|
|
|
|
because we don't know anything about the main pid, do so at debug level
|
|
notification messages
|
|
|
|
The behavior of this is a little cryptic in that $MAINPID must exit as
a direct result of receiving a signal in order for a listed signal to
be considered a success condition.
|
|
The conf_files_list family accepts an alternate root path to prefix all
directories in the list but path_strv_canonicalize_uniq doesn't use it.
This results in the suspicious behavior of resolving directory symlinks
based on the contents of / instead of the alternate root.
This adds a prefix argument to path_strv_canonicalize which will now
prepend the prefix, if given, to every path in the list. To avoid
answering what a relative path means when called with a root prefix
path_strv_canonicalize is now path_strv_canonicalize_absolute and only
considers absolute paths. Fortunately all users of already call
path_strv_canonicalize with a list of absolute paths.
|
|
Currently if the user logs out, the GC may never call user_stop(),
this will not terminate the systemd user and (sd-pam) of that user.
To fix this, remove the USER_CLOSING state check that is blocking the
GC from calling user_stop(). Since if user_check_gc() returns false
this means that all the sessions of the user were removed which will
make user_get_state() return USER_CLOSING.
Conclusion: that test will never be statisfied.
So we remove the USER_CLOSING check and replace it with a check inside
user_stop() this way we know that user_stop() has already queued stop
jobs, no need to redo.
This ensures that the GC will get its two steps correctly as pointed out
by Lennart:
http://lists.freedesktop.org/archives/systemd-devel/2014-February/016825.html
Note: this also fixes another bug that prevents creating the user
private dbus socket which will break communications with the user
manager.
|
|
containers
The kernel still doesn't support audit in containers, so let's make use
of seccomp and simply turn it off entirely. We can get rid of this big
as soon as the kernel is fixed again.
|
|
|
|
|
|
This was inadvertantly disturbed in e3e0314b when glob support was
added.
|
|
|
|
|
|
|
|
one operation
|
|
|
|
sd_rtnl_xxx_new_yyy()
So far we followed the rule to always indicate the "flavour" of
constructors after the "_new_" or "_open_" in the function name, so
let's keep things in sync here for rtnl and do the same.
|
|
The "sd_" prefix is supposed to be used on exported symbols only, and
not in the middle of names. Let's drop it from the cleanup macros hence,
to make things simpler.
The bus cleanup macros don't carry the "sd_" either, so this brings the
APIs a bit nearer.
|
|
into the container
|
|
|
|
|
|
|
|
during their start job
https://bugzilla.redhat.com/show_bug.cgi?id=997031
|
|
|
|
This is useful to prohibit execution of non-native processes on systems,
for example 32bit binaries on 64bit systems, this lowering the attack
service on incorrect syscall and ioctl 32→64bit mappings.
|
|
|
|
architecture support for system calls
Also, turn system call filter bus properties into complex types instead
of concatenated strings.
|
|
|
|
- Allow configuration of an errno error to return from blacklisted
syscalls, instead of immediately terminating a process.
- Fix parsing logic when libseccomp support is turned off
- Only keep the actual syscall set in the ExecContext, and generate the
string version only on demand.
|
|
|