summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2016-08-07Merge pull request #3914 from keszybz/fix-man-linksLennart Poettering
Fix man links
2016-08-07man: add a table of possible exit statuses (#3910)Zbigniew Jędrzejewski-Szmek
2016-08-06Merge pull request #3884 from poettering/private-usersZbigniew Jędrzejewski-Szmek
2016-08-06man: fix some internal man page referencesZbigniew Jędrzejewski-Szmek
sd_journal-query_enumerate was an early draft, the name was changed to sd_j_enumerate_fields.
2016-08-06man: provide html links to a bunch of external man pagesZbigniew Jędrzejewski-Szmek
2016-08-06journal-gatewayd: fix segfault with certain request (#3893)Yi EungJun
When client requests to get logs with `follow` and `KEY=match` that doesn't match any log entry, journal-gatewayd segfaulted. Make request_reader_entries to return zero in such case to wait for matching entries. This fixes https://github.com/systemd/systemd/issues/3873.
2016-08-06journal-gatewayd: add --directory option (#3913)Yi EungJun
Serve journals in the specified directory instead of default journals.
2016-08-06Merge pull request #3911 from crrodriguez/asan-fixesLennart Poettering
Asan fixes
2016-08-06buildsys,journal: allow -fsanitize=address without VALGRIND definedCristian Rodríguez
Fixed (master) versions of libtool pass -fsanitize=address correctly into CFLAGS and LDFLAGS allowing ASAN to be used without any special configure tricks..however ASAN triggers in lookup3.c for the same reasons valgrind does. take the alternative codepath if __SANITIZE_ADDRESS__ is defined as well.
2016-08-06test: fix stack overflow reported by ASANCristian Rodríguez
It was meant to write to q instead of t FAIL: test-id128 ================ ================================================================= ==125770==ERROR: AddressSanitizer: stack-buffer-overflow on address 0x7ffd4615bd31 at pc 0x7a2f41b1bf33 bp 0x7ffd4615b750 sp 0x7ffd4615b748 WRITE of size 1 at 0x7ffd4615bd31 thread T0 #0 0x7a2f41b1bf32 in id128_to_uuid_string src/libsystemd/sd-id128/id128-util.c:42 #1 0x401f73 in main src/test/test-id128.c:147 #2 0x7a2f41336341 in __libc_start_main (/lib64/libc.so.6+0x20341) #3 0x401129 in _start (/home/crrodriguez/scm/systemd/.libs/test-id128+0x401129) Address 0x7ffd4615bd31 is located in stack of thread T0 at offset 1409 in frame #0 0x401205 in main src/test/test-id128.c:37 This frame has 23 object(s): [32, 40) 'b' [96, 112) 'id' [160, 176) 'id2' [224, 240) 'a' [288, 304) 'b' [352, 368) 'a' [416, 432) 'b' [480, 496) 'a' [544, 560) 'b' [608, 624) 'a' [672, 688) 'b' [736, 752) 'a' [800, 816) 'b' [864, 880) 'a' [928, 944) 'b' [992, 1008) 'a' [1056, 1072) 'b' [1120, 1136) 'a' [1184, 1200) 'b' [1248, 1264) 'a' [1312, 1328) 'b' [1376, 1409) 't' <== Memory access at offset 1409 overflows this variable [1472, 1509) 'q' HINT: this may be a false positive if your program uses some custom stack unwind mechanism or swapcontext (longjmp and C++ exceptions *are* supported) SUMMARY: AddressSanitizer: stack-buffer-overflow src/libsystemd/sd-id128/id128-util.c:42 in id128_to_uuid_string Shadow bytes around the buggy address: 0x100028c23750: f2 f2 00 00 f4 f4 f2 f2 f2 f2 00 00 f4 f4 f2 f2 0x100028c23760: f2 f2 00 00 f4 f4 f2 f2 f2 f2 00 00 f4 f4 f2 f2 0x100028c23770: f2 f2 00 00 f4 f4 f2 f2 f2 f2 00 00 f4 f4 f2 f2 0x100028c23780: f2 f2 00 00 f4 f4 f2 f2 f2 f2 00 00 f4 f4 f2 f2 0x100028c23790: f2 f2 00 00 f4 f4 f2 f2 f2 f2 00 00 f4 f4 f2 f2 =>0x100028c237a0: f2 f2 00 00 00 00[01]f4 f4 f4 f2 f2 f2 f2 00 00 0x100028c237b0: 00 00 05 f4 f4 f4 00 00 00 00 00 00 00 00 00 00 0x100028c237c0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x100028c237d0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x100028c237e0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0x100028c237f0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 Shadow byte legend (one shadow byte represents 8 application bytes): Addressable: 00 Partially addressable: 01 02 03 04 05 06 07 Heap left redzone: fa Heap right redzone: fb Freed heap region: fd Stack left redzone: f1 Stack mid redzone: f2 Stack right redzone: f3 Stack partial redzone: f4 Stack after return: f5 Stack use after scope: f8 Global redzone: f9 Global init order: f6 Poisoned by user: f7 Container overflow: fc Array cookie: ac Intra object redzone: bb ASan internal: fe Left alloca redzone: ca Right alloca redzone: cb ==125770==ABORTING FAIL test-id128 (exit status: 1)
2016-08-06test: test-sigbus must be skipped when -fsanitize=address is usedCristian Rodríguez
ASAN is unable to handle it.
2016-08-05Merge pull request #3818 from poettering/exit-status-envZbigniew Jędrzejewski-Szmek
beef up /var/tmp and /tmp handling; set $SERVICE_RESULT/$EXIT_CODE/$EXIT_STATUS on ExecStop= and make sure root/nobody are always resolvable
2016-08-06networkd: add support to set STP (#3903)Susant Sahani
fixes #3881
2016-08-05Merge pull request #3900 from keszybz/fix-3607Lennart Poettering
Fix 3607
2016-08-05socket: add helper function to remove code duplicationZbigniew Jędrzejewski-Szmek
2016-08-05core/socket: include remote address in the message when dropping connectionZbigniew Jędrzejewski-Szmek
Without the address the message is not very useful. Aug 04 23:52:21 rawhide systemd[1]: testlimit.socket: Too many incoming connections (4) from source ::1, dropping connection.
2016-08-05systemd: do not serialize peer, bump count when deserializing socket insteadZbigniew Jędrzejewski-Szmek
2016-08-05core/service: serialize and deserialize accept_socketZbigniew Jędrzejewski-Szmek
This fixes an issue during reexec — the count of connections would be lost: [zbyszek@fedora-rawhide ~]$ systemctl status testlimit.socket | grep Connected Accepted: 1; Connected: 1 [zbyszek@fedora-rawhide ~]$ sudo systemctl daemon-reexec [zbyszek@fedora-rawhide ~]$ systemctl status testlimit.socket | grep Connected Accepted: 1; Connected: 0 With the patch, Connected count is preserved. Also add "Accept Socket" to the dump output for services.
2016-08-05core/socket: rework SocketPeer refcountingZbigniew Jędrzejewski-Szmek
Make functions and definitions that don't need to be shared local to socket.c.
2016-08-05Merge pull request #3902 from poettering/parse-niceRonny Chevalier
util-lib: unify parsing of nice level values
2016-08-05util-lib: unify parsing of nice level valuesLennart Poettering
This adds parse_nice() that parses a nice level and ensures it is in the right range, via a new nice_is_valid() helper. It then ports over a number of users to this. No functional changes.
2016-08-05networkd: do not set NOARP unconditionally (#3891)Zbigniew Jędrzejewski-Szmek
Fixes #3890.
2016-08-05fileio: fix MIN/MAX mixup (#3896)Vito Caputo
The intention is to clamp the value to READ_FULL_BYTES_MAX, which would be the minimum of the two.
2016-08-05journal-remote: remove unnecessary gnutls includes (#3895)Vito Caputo
journal-(gatewayd,remote).c don't actually utilize libgnutls even when HAVE_GNUTLS is defined.
2016-08-04systemd: convert peers_by_address to a setZbigniew Jędrzejewski-Szmek
2016-08-04basic/set: remove some spurious spacesZbigniew Jędrzejewski-Szmek
2016-08-04core: only set the watchdog variables in ExecStart= linesLennart Poettering
2016-08-04core: remember first unit failure, not last unit failureLennart Poettering
Previously, the result value of a unit was overriden with each failure that took place, so that the result always reported the last failure that took place. With this commit this is changed, so that the first failure taking place is stored instead. This should normally not matter much as multiple failures are sufficiently uncommon. However, it improves one behaviour: if we send SIGABRT to a service due to a watchdog timeout, then this currently would be reported as "coredump" failure, rather than the "watchodg" failure it really is. Hence, in order to report information about the type of the failure, and not about the effect of it, let's change this from all unit type to store the first, not the last failure. This addresses the issue pointed out here: https://github.com/systemd/systemd/pull/3818#discussion_r73433520
2016-08-04update TODOLennart Poettering
2016-08-04nss-systemd: resolve root/nobody staticallyLennart Poettering
Let's extend nss-systemd to also synthesize user/group entries for the UIDs/GIDs 0 and 65534 which have special kernel meaning. Given that nss-systemd is listed in /etc/nsswitch.conf only very late any explicit listing in /etc/passwd or /etc/group takes precedence. This functionality is useful in minimal container-like setups that lack /etc/passwd files (or only have incompletely populated ones).
2016-08-04core: set $SERVICE_RESULT, $EXIT_CODE and $EXIT_STATUS in ↵Lennart Poettering
ExecStop=/ExecStopPost= commands This should simplify monitoring tools for services, by passing the most basic information about service result/exit information via environment variables, thus making it unnecessary to retrieve them explicitly via the bus.
2016-08-04main: use pager for --dump-configuration-items (#3894)0xAX
2016-08-04fileio: fix read_full_stream() bugs (#3887)Vito Caputo
read_full_stream() _always_ allocated twice the memory needed, due to only breaking the realloc() && fread() loop when fread() returned 0, requiring another iteration and exponentially enlarged buffer just to discover the EOF condition. This also caused file sizes >2MiB && <= 4MiB to erroneously be treated as E2BIG, due to the inappropriately doubled buffer size exceeding 4*1024*1024. Also made the 4*1024*1024 magic number a READ_FULL_BYTES_MAX constant.
2016-08-04Merge pull request #3892 from toanju/fix-brvlan-error-on-normal-bridgeLennart Poettering
networkd: apply bridge vlan configuration correct
2016-08-04networkd: apply bridge vlan configuration correctTobias Jungel
bridge vlan configuration was applied even if it wasn't configured. fixes #3876
2016-08-04core: use the correct APIs to determine whether a dual timestamp is initializedLennart Poettering
2016-08-04core: move masking of chroot/permission masking into service_spawn()Lennart Poettering
Let's fix up the flags fields in service_spawn() rather than its callers, in order to simplify things a bit.
2016-08-04core: turn various execution flags into a proper flags parameterLennart Poettering
The ExecParameters structure contains a number of bit-flags, that were so far exposed as bool:1, change this to a proper, single binary bit flag field. This makes things a bit more expressive, and is helpful as we add more flags, since these booleans are passed around in various callers, for example service_spawn(), whose signature can be made much shorter now. Not all bit booleans from ExecParameters are moved into the flags field for now, but this can be added later.
2016-08-04util-lib: rework /tmp and /var/tmp handling codeLennart Poettering
Beef up the existing var_tmp() call, rename it to var_tmp_dir() and add a matching tmp_dir() call (the former looks for the place for /var/tmp, the latter for /tmp). Both calls check $TMPDIR, $TEMP, $TMP, following the algorithm Python3 uses. All dirs are validated before use. secure_getenv() is used in order to limite exposure in suid binaries. This also ports a couple of users over to these new APIs. The var_tmp() return parameter is changed from an allocated buffer the caller will own to a const string either pointing into environ[], or into a static const buffer. Given that environ[] is mostly considered constant (and this is exposed in the very well-known getenv() call), this should be OK behaviour and allows us to avoid memory allocations in most cases. Note that $TMPDIR and friends override both /var/tmp and /tmp usage if set.
2016-08-04Merge pull request #2471 from michaelolbrich/transient-mountsLennart Poettering
allow transient mounts and automounts
2016-08-04Merge pull request #3885 from keszybz/help-outputLennart Poettering
Update help for "short-full" and shorten to 80 columns
2016-08-04networkd: add support to configure NOARP/ARP for interface (#3854)Susant Sahani
https://lists.freedesktop.org/archives/systemd-devel/2016-August/037268.html
2016-08-04networkd: remove route if carrier is lost (#3831)Susant Sahani
Fixes #3669.
2016-08-04src/test: add tests for parse_percent_unbounded (#3889)Jonathan Boulle
2016-08-04man: describe list-dependencies --allZbigniew Jędrzejewski-Szmek
Meaning of --all was mentioned in list-dependencies description, but the this effect should also be mentioned in the description of the option itself.
2016-08-04nspawn,resolve: short --help output to fit within 80 columnsZbigniew Jędrzejewski-Szmek
make dist-check-help FTW!
2016-08-04journalctl,systemctl: add "short-full", "short-unix" mode to --helpZbigniew Jędrzejewski-Szmek
2016-08-04util-lib: add parse_percent_unbounded() for percentages over 100% (#3886)David Michael
This permits CPUQuota to accept greater values as documented.
2016-08-03Merge pull request #3820 from poettering/nspawn-resolvconfZbigniew Jędrzejewski-Szmek
nspawn resolv.conf handling improvements, and inherit $TERM all the way through nspawn → console login
2016-08-04hwdb: fix hwdb entry for numeric-only Lenovo *40, *50 and *60 seriesPeter Hutterer
Commit e5bc3f4fdc matches on e.g. a T440s, but not a T440 (i.e. the one without a suffix).