Age | Commit message (Collapse) | Author |
|
It does not use any functions from libcap directly. The CAP_* constants in use
through this file come from "missing.h" which will import <linux/capability.h>
and complement it with CAP_* constants not defined by the current kernel
headers.
Add an explicit import of our "capability.h" since it does use the function
capability_bounding_set_drop from that header file. Previously, that header was
implicitly imported through through "cap-list.h".
Tested that "systemd-nspawn" builds cleanly and works after this change.
|
|
Since the manpage already talks about shell-compatibility, it should be
more accurate about what needs to be escaped and how.
|
|
This directory is not used by systemd.
Tested by running a full build, running `make install` and comparing the file
list in the target trees and making sure that `make distcheck` still works.
|
|
Do not use the dbus-1.pc pkgconfig settings to determine dbus directories. Use
directories relative to ${sysconfdir} and ${datadir} instead.
This approach was suggested by Simon McVittie in:
http://lists.freedesktop.org/archives/systemd-devel/2014-October/024388.html
Tested by building and installing systemd without the dbus-devel installed.
Without this patch, the dbus files and directories end up in the root of the
filesystem. With this patch, they end up in the same locations as previously
(assuming default ${sysconfdir} and ${datadir}) whether dbus-devel is present
or not. Also made sure that `make check` works without dbus-devel installed.
|
|
In any case, the compiler generates the same code inline and never
actually calls the library function.
|
|
The new test-cap-list introduced in commit 2822da4fb7f891 uses the included
table of capabilities. However, it uses cap_last_cap() which probes the kernel
for the last available capability. On an older kernel (e.g. 3.10 from RHEL 7)
that causes the test to fail with the following message:
Assertion '!capability_to_name(cap_last_cap()+1)' failed at src/test/test-cap-list.c:30, function main(). Aborting.
Fix it by exporting the size of the static table and using it in the test
instead of the dynamic one from the current kernel.
Tested by successfully running ./test-cap-list and the whole `make check` test
suite with this patch on a RHEL 7 host.
|
|
|
|
|
|
The file was moved from src/libsystemd-network to src/systemd in commit
7a6f1457462840 ("sd-lldp: minor header cleanup").
This fixes "make distcheck".
|
|
The new polkit file was introduced in commit d04c1fb8e21560 ("machined:
introduce polkit for OpenLogin() call").
|
|
|
|
subvolumes
We make use of the btrfs subvol crtime for this, and for gpt images of a
manually managed xattr, if we can.
|
|
|
|
|
|
|
|
internet
|
|
|
|
|
|
|
|
name object
|
|
|
|
|
|
Pretty much everywhere else we use the generic term "machine" when
referring to containers in API, so let's do though in sd-bus too. In
particular, since the concept of a "container" exists in sd-bus too, but
as part of the marshalling system.
|
|
There is alot of cleanup that will have to happen to turn on
-fstrict-aliasing, but I think our code should be "correct" to the rule.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=87037
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=87587
|
|
|
|
services, objects, interfaces, members, and signatures
|
|
|
|
|
|
This way "machinectl login" can be opened up to run without privileges.
|
|
Accidentally forgot to commit this. Sorry!
|
|
After all, pretty much all our tools include it, and it should hence be
shared.
Also move sysfs-show.h from core/ to login/, since it has no point to
exist in core.
|
|
|
|
|
|
on a pty and returns the pty master fd to the client
This is a one-stop solution for "machinectl login", and should simplify
getting logins in containers.
|
|
a PID instead of a container name
|
|
|
|
|
|
|
|
files from core
Stuff in src/shared or src/libsystemd should *never* include code from
src/core or any of the tools, so don't do that here either. It's not OK!
|
|
sd_bus_creds_get_well_known_names() fails with -ENODATA in case the
message has no names attached, which is intended behavior if the
remote connection didn't own any names at the time of sending.
The function already deals with 'sender_names' being an empty strv,
so we can just continue in such cases.
|
|
Messages to destinations that are not currently owned by any bus connection
will cause kdbus related function to return with either -ENXIO or -ESRCH.
Such conditions should not make the proxyd terminate but send a sane
SD_BUS_ERROR_NAME_HAS_NO_OWNER error reply to the proxied connection.
|
|
|
|
|
|
|
|
For that, ask machined for a container PTY and use that.
|
|
container
Then, port "machinectl" over to make use of it.
|
|
|
|
was newline-terinated anyway
|