Age | Commit message (Collapse) | Author |
|
This introduces two new helpers alongside sd_bus_path_{encode,decode}(),
which work similarly to their counterparts, but accept a format-string as
input. This allows encoding and decoding multiple labels of a format
string at the same time.
|
|
sd-event: fix prepare priority queue comparison function
|
|
sd-dhcp6: ensure canceling lease timers and refactor setting lease
|
|
DHCPv6 suspend fixes
|
|
Otherwise a disabled event source can get swapped with an enabled one
and cause a severe sd-event malfunction.
http://lists.freedesktop.org/archives/systemd-devel/2015-September/034356.html
|
|
units: run ldconfig also when cache is unpopulated
|
|
Add fallback for kcmp() in case __NR_kcmp is undefined
|
|
IA64 is missing this syscall as of linux-4.2.
This works around it until the necessary kernel patch gets merged.
|
|
|
|
core: make setup_pam() synchronous
|
|
build: remove AC_FUNC_MALLOC
|
|
exec: fix the wrong SMACK labeling of (sd-pam) daemon v3
|
|
man: systemd-run: run bash with --send-sighup
|
|
Set accept_ra to "2" if enabled in config
|
|
What is the rationale to have AC_FUNC_MALLOC? It does not actually
abort the configure run if an "unsuitable" malloc was found, and
instead just replaces malloc by rpl_malloc, for which systemd however
has no definition, either.
Remove the call.
|
|
When bash is interactive it ignores SIGTERM.
SIGHUP indicates to bash that the connection has been
severed. `systemctl stop` doesn't wait TimeoutStopSec secs.
|
|
|
|
This cleans up exec_child() function by moving mac_smack_apply_pid()
and setup_pam() to the same condition block, since both of them have
the same condition (i.e params->apply_permissions). It improves
readability without changing its operation.
|
|
Wait until DHCPv6 has acquired an address before announcing the link
to be configured. Log the DHCPv6 lease lost event.
|
|
Whenever a Router Advertisement is received, dhcp6_configure() will be
called. A Router Advertisment can also instruct DHCPv6 to start acquiring
IPv6 addresses in manged mode, if it previously was handling only other
information. As an Router Advertisment is also received after the DHCPv6
client has resumed from a suspend, fix the function not to assume DHCPv6
is currently running, but instead try to restart it. Handle
sd_dhcp6_start() returning -EALREADY indicating that the DHCPv6 client was
already running.
Collect all client unrefs in one place to unclutter the error handling.
Fixes https://github.com/systemd/systemd/issues/963
|
|
Update the test case to stop the ongoing Information Request exchange
before unsetting its state. To keep the test case callback verification
simpler, temporarily unset the callback function before stopping.
|
|
Prevent modifications to index, MAC address, DUID and Information
Request while the DHCPv6 client is running.
Require the DHCPv6 client to be stopped first instead of always
unconditionally restarting it if the caller calls
sd_dhcp6_client_start() more than once. With this change, handling
of for example incoming Router Advertisments becomes much easier.
|
|
When 'SmackProcessLabel=' is used in user@.service file, all processes
launched in systemd user session should be labeled as the designated name
of 'SmackProcessLabel' directive. However, if systemd has its own smack
label using '--with-smack-run-label' configuration, '(sd-pam)' is
labeled as the specific name of '--with-smack-run-label'. If
'SmackProcessLabel=' is used in user@.service file without
'--with-smack-run-label' configuration, (sd-pam) is labeled as "_" since
systemd (i.e. pid=1) is labeled as "_".
This is mainly because setup_pam() function is called before applying
smack label to child process. This patch fixes it by calling setup_pam()
after setting the smack label.
|
|
Check behavior of -Werror=shadow before deciding to use it
|
|
|
|
Hook more properties for transient units
|
|
This causes the kernel to accept router advertisments even if
ip forwarding is enabled for this interface.
This fixes #1340.
|
|
systemd-run can now launch units with WorkingDirectory, RootDirectory set.
|
|
If we spawn a unit with a non-empty 'PAMName=', we fork off a
child-process _inside_ the unit, known as '(sd-pam)', which watches the
session. It waits for the main-process to exit and then finishes it via
pam_close_session(3).
However, the '(sd-pam)' setup is highly asynchronous. There is no
guarantee that process gets spawned before we finish the unit setup.
Therefore, there might be a root-owned process inside of the cgroup of
the unit, thus causing cg_migrate() to error-out with EPERM.
This patch makes setup_pam() synchronous and waits for the '(sd-pam)'
setup to finish before continuing. This guarantees that setresuid(2) was
at least tried before we continue with the child setup of the real unit.
Note that if setresuid(2) fails, we already warn loudly about it. You
really must make sure that you own the passed user if using 'PAMName='.
It seems very plausible to rely on that assumption.
|
|
core: fix shutdown of --user
|
|
busctl: also monitor messages to SERVICE arguments
|
|
Add a 'destination' match rule for every SERVICE argument in addition to
the 'sender' rule. This is consistent with busctl(1), which documents
monitor as dumping "messages to or from this peer".
|
|
Shutting down a user session currently fails with:
Sep 22 22:35:38 david-t2 systemd[640]: Reached target Shutdown.
Sep 22 22:35:38 david-t2 systemd[640]: Starting Exit the Session...
Sep 22 22:35:38 david-t2 systemd[640]: Received SIGRTMIN+24 from PID 659 (kill).
Sep 22 22:35:38 david-t2 systemd[640]: Shutting down.
Sep 22 22:35:38 david-t2 systemd[640]: Not executed by init (PID 1).
Sep 22 22:35:38 david-t2 systemd[640]: Critical error while doing system shutdown: Operation not permitted
This is a regression from:
commit 287419c119ef961db487a281162ab037eba70c61
Author: Alban Crequy <alban.crequy@gmail.com>
Date: Fri Sep 18 13:37:34 2015 +0200
containers: systemd exits with non-zero code
Make sure we never ever execute systemd-shutdown from within a
user-manager. Restore the previous behavior by partially reverting given
commit.
|
|
build-sys: add new test binaries to .gitignore
|
|
|
|
gcc versions 4.6 and earlier used to complain when a local variable
shadows a global function, 4.7 and above only complain if a local
variable shadows a global variable.
Fix this by checking whether gcc 4.7+ behavior is in place before
deciding to use -Werror=shadow in $(CFLAGS), by using a custom test
program source that shadows a global function with a local variable and
confirming that -Werror=shadow does not make the compile to break.
Tested:
- On gcc 4.7 and 4.8, confirmed nothing changed (other than the order of
the -Werror=shadow argument, going to the end of CFLAGS.)
- On gcc 4.6, confirmed by looking at the config.log output that the
check for -Werror=shadow failed and it was not included in CFLAGS.
- Ran `make V=1` to confirm -Werror=shadow was still in use, introduced
a bogus shadowing issue and confirmed it was caught when building with
a recent gcc.
|
|
The variables should be quoted inside [...] to avoid double macro
expansion. This is currently not an issue, since the values (-W...) are
not really macros, but we might as well just fix that issue now.
Tested by re-running autogen.sh and comparing the value of OUR_CFLAGS in
the generated Makefile. Ran a full build from a clean tree to confirm
no other issues were introduced.
|
|
pam: systemd-user - call selinux module
|
|
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1262933
|
|
|
|
sd-bus: introduce new sd_bus_default_flush_close() call
|
|
Fixup WWN bytes for big-endian systems
|
|
A variety of mostly unrelated fixes
|
|
core: add support for usb functionfs v3
|
|
Fixes #1330
|
|
Apparently, yum is obsolete, and dnf is the new yum. Mention only dnf
hence, and don't mention yum anymore.
|
|
|
|
By using these parameters functionfs service can specify ffs descriptors
and strings which should be written to ep0.
|
|
For handling functionfs endpoints additional socket type is added.
|