Age | Commit message (Collapse) | Author |
|
By using our homegrown function we can dispense with all the iffdefery.
|
|
This appears to be the right time to do it for SOCK_STREAM
unix sockets.
Also: condition bus_get_owner_creds_dbus1 was reversed. Split
it out to a separate variable for clarity and fix.
https://bugzilla.redhat.com/show_bug.cgi?id=1224211
|
|
SELinux information cannot be retrieved this way, since we are
using stream unix sockets and SCM_SECURITY does not work for
them.
SCM_CREDENTIALS use dropped to be consistent. We also should
get this information at connection time.
https://bugzilla.redhat.com/show_bug.cgi?id=1224211
"SCM_SECURITY was only added for datagram sockets."
|
|
Also reorder the code a bit to be easier to parse.
|
|
build-sys: always dist *.policy.in files
|
|
Unconditionally dist org.freedesktop.{import1,machine1}.policy.in, like all the
other *.policy.in files. This avoids missing policy files in the tarball.
Spotted by "make distcheck" failure with --disable-importd.
|
|
build-sys: don't suppress irrelevant warnings
|
|
Revert "hwdb: actually search /run/udev/hwdb.d"
|
|
|
|
util:bind_remount_recursive() fix "use after free" - 2
|
|
cryptsetup: craft a unique ID with the source device
|
|
sd-bus: add async convenience method call API
|
|
networkd: actually always use AddressFamilyBoolean as the bit mask it is
|
|
set_consume() does not return -EEXIST, but 0, in case the key is already
in the Set.
|
|
This reverts commit 46be6129d3e52556eb0f2ae4d07818f9f3f7af7a.
|
|
If cryptsetup is called with a source device as argv[3], then craft the
ID for the password agent with a unique device path.
If possible "/dev/block/<maj>:<min>" is used, otherwise the original
argv[3] is used.
This enables password agents like petera [1] to provide a password
according to the source device. The original ID did not carry enough
information and was more targeted for a human readable string, which
is specified in the "Message" field anyway.
With this patch the ID of the ask.XXX ini file looks like this:
ID=cryptsetup:/dev/block/<maj>:<min>
[1] https://github.com/npmccallum/petera
|
|
|
|
hwdb: actually search /run/udev/hwdb.d
|
|
rules: whitelist xvd* devices
|
|
The documentation claims hwdb entries may be placed in the volatile
/run/udev/hwdb.d directory but nothing actually looked at it.
|
|
Xen disks need to be whitelisted as well.
|
|
|
|
We do not trigger these warnings so no need to suppress them.
|
|
tree-wide: remove spurious space
|
|
Revert "networkd: create "kernel" setting for IPForwarding"
|
|
|
|
|
|
man: systemd.link - explain random MAC addresses
|
|
Two of the bits in the MAC address are set unconditioanlly, and the rest is randomized,
make this clear in the documentation (as it currently read as if it was all random).
|
|
kmod-setup: split warn flags
|
|
Traditionally, we used to warn about ipv6 being a module or being
unavailable. This was changed in b4aa82f16 ("kmod-setup: don't warn
when ipv6 can't be loaded") in a way that neither of the two conditions
will cause a log message.
Now, while running a setup without any IPv6 is completely fine and
shouldn't cause any warning, we should still warn about ipv6 being a
module instead of built-in.
To achieve this, split the boolean warn flag into two: one for a
feature not being built-in but shipped as a module, and one to
print an error when a module is entirely unavailable.
We will, however, still warn if kmod returns anything else than
-ENOENT in the attempt of loading the module, and at the very least,
turn the message into a debug log.
|
|
util:bind_remount_recursive() fix "use after free"
|
|
set_consume(done, x) consumes x with free(x)
but
mount(…, x, …) uses it afterwards.
coverity CID 1299006
|
|
README.md: add Coverity scan status badge
|
|
|
|
kmod-setup: don't warn when ipv6 can't be loaded (FDO bug #87475)
|
|
systemd-bootchart: Trivial typo fix in warning
|
|
Signed-off-by: Gianpaolo Macario <gmacario@gmail.com>
|
|
Add README.md
|
|
A README.md allows us to include a badge for the current build status of
Semaphore CI. Keep other information in this file minimal, and avoid
information duplication but point readers to the official README.
|
|
Right now we always pass KDBUS_ITEM_ATTACH_FLAGS_RECV to
KDBUS_CMD_BUS_MAKE, effectively forcing every bus connection to do the
same during KDBUS_CMD_HELLO. This used to be a workaround to make sure all
metadata is always present. However, we refrained from that approach and
intend to make all metadata collection solely rely on /proc access
restrictions. Therefore, there is no need to force the send-flags mask on
newly created buses.
|
|
Not having IPv6 is a valid setup. Let's not print a warning in that
case.
Addresses:
https://bugs.freedesktop.org/show_bug.cgi?id=87475
|
|
The previous implementation of user_elect_display() could easily end up
overwriting the user’s valid graphical session with a new TTY session.
For example, consider the situation where there is one session:
c1, type = SESSION_X11, !stopping, class = SESSION_USER
it is initially elected as the user’s display (i.e. u->display = c1).
If another session is started, on a different VT, the sessions_by_user
list becomes:
c1, type = SESSION_X11, !stopping, class = SESSION_USER
c2, type = SESSION_TTY, !stopping, class = SESSION_USER
In the previous code, graphical = c1 and text = c2, as expected.
However, neither graphical nor text fulfil the conditions for setting
u->display = graphical (because neither is better than u->display), so
the code falls through to check the text variable. The conditions for
this match, as u->display->type != SESSION_TTY (it’s actually
SESSION_X11). Hence u->display is set to c2, which is incorrect, because
session c1 is still valid.
Refactor user_elect_display() to use a more explicit filter and
pre-order comparison over the sessions. This can be demonstrated to be
stable and only ever ‘upgrade’ the session to a more graphical one.
https://bugs.freedesktop.org/show_bug.cgi?id=90769
|
|
fstab-generator: cescape device name in root-fsck service
|
|
core: Remove "old kernel" warning if PR_SET_CHILD_SUBREAPER fails
|
|
This made sense when systemd ran on older kernels, nowdays not so much.
|
|
systemd-mailing-devs/1432753344-31461-1-git-send-email-jonathan.boulle@coreos.com
fix extraneous space in equality check
|
|
Sync with upstream.
|
|
sd-event: don't touch fd's accross forks
|
|
core/mount: skip incomplete mountinfo entries
|