summaryrefslogtreecommitdiff
path: root/TODO
AgeCommit message (Collapse)Author
2013-12-10bus: introduce "trusted" bus concept and encode access control in object vtablesLennart Poettering
Introduces a new concept of "trusted" vs. "untrusted" busses. For the latter libsystemd-bus will automatically do per-method access control, for the former all access is automatically granted. Per-method access control is encoded in the vtables: by default all methods are only accessible to privileged clients. If the SD_BUS_VTABLE_UNPRIVILEGED flag is set for a method it is accessible to unprivileged clients too. By default whether a client is privileged is determined via checking for its CAP_SYS_ADMIN capability, but this can be altered via the SD_BUS_VTABLE_CAPABILITY() macro that can be ORed into the flags field of the method. Writable properties are also subject to SD_BUS_VTABLE_UNPRIVILEGED and SD_BUS_VTABLE_CAPABILITY() for controlling write access to them. Note however that read access is unrestricted, as PropertiesChanged messages might send out the values anyway as an unrestricted broadcast. By default the system bus is set to "untrusted" and the user bus is "trusted" since per-method access control on the latter is unnecessary. On dbus1 busses we check the UID of the caller rather than the configured capability since the capability cannot be determined without race. On kdbus the capability is checked if possible from the attached meta-data of a message and otherwise queried from the sending peer. This also decorates the vtables of the various daemons we ship with these flags.
2013-12-10test: rework run_qemuRonny Chevalier
It tries to find a suitable QEMU binary and will use KVM if present. We can now configure QEMU from outside with 4 variables : - $QEMU_BIN : path to QEMU's binary - $KERNEL_APPEND : arguments appended to kernel cmdline - $KERNEL_BIN : path to a kernel Default /boot/vmlinuz-$KERNEL_VER - $INITRD : path to an initramfs Default /boot/initramfs-${KERNEL_VER}.img - $QEMU_SMP : number of CPU simulated by QEMU. Default 1 (from Alexander Graf's script: http://www.spinics.net/lists/kvm/msg72389.html)
2013-12-10update TODOLennart Poettering
2013-12-08Trim TODOZbigniew Jędrzejewski-Szmek
2013-12-04TODO: add networkd entriesTom Gundersen
2013-12-03core: use normal library call to query list of current namesLennart Poettering
2013-12-03bus: make sd_bus_request_name() and sd_bus_release_name() behave more like ↵Lennart Poettering
other calls Instead of returning an enum of return codes, make them return error codes like kdbus does internally. Also, document this behaviour so that clients can stick to it. (Also rework bus-control.c to always have to functions for dbus1 vs. kernel implementation of the various calls.)
2013-12-02catalog: determine language from the filenameZbigniew Jędrzejewski-Szmek
2013-12-02bus: add .busname unit type to implement kdbus-style bus activationLennart Poettering
2013-12-02nspawn: make sure /dev/kdbus in the container is world accessibleLennart Poettering
2013-12-02bus: when replying to an incoming message and the vtable contains the ↵Lennart Poettering
expected return signature generate an error if the response message doesn't match it
2013-11-30systemctl: add "systemctl cat"Shawn Landden
2013-11-30bus: do kdbus only if this is enabled on the configure switchLennart Poettering
Since we want to retain the ability to break kernel ←→ userspace ABI after the next release, let's not make use by default of kdbus, so that people with future kernels will not suddenly break with current systemd versions. kdbus support is left in all builds but must now be explicitly requested at runtime (for example via setting $DBUS_SESSION_BUS). Via a configure switch the old behaviour can be restored. In fact, we change autogen.sh to do this, so that git builds (which run autogen.sh) get kdbus by default, but tarball builds (which ue the configure defaults) do not get it, and hence this stays out of the distros by default.
2013-11-30update TODOLennart Poettering
2013-11-30bus: include unique and well known names in credentials objectLennart Poettering
2013-11-28clean up TODOLennart Poettering
2013-11-28man: get rid of shell script example in systemd-socket-proxyd man pageLennart Poettering
2013-11-27TODO: add sd-rtnl itemsTom Gundersen
2013-11-27Revert "socket-proxyd: Add --listener option for listener/destination pairs."Lennart Poettering
This reverts commit adcf4c81c58511b67644e17fa743d1729d3c9ccf. We have a better solution for the problem of making two processes run in the same namespace, and --listener is not needed hence and should be dropped. Conflicts: man/systemd-socket-proxyd.xml
2013-11-27updates for TODO and READMELukasz Skalski
* library support for setns() system call was added to glibc version 2.14 (setns() call is use in src/machine/machinectl.c and src/libsystemd-bus-container.c) * utf8 validation call are already exported (via sd-utf8.c file) - commit - 369c583b3fb3d672ef469d53141e274ec9d2e8a7
2013-11-27journal: add a test case for flushing messages out of a series of journal ↵Lennart Poettering
files into a single new one
2013-11-26tree-wide usage of %m specifier instead of strerror(errno)Daniel Buch
Also for log_error() except where a specific error is specified e.g. errno ? strerror(errno) : "Some user specified message"
2013-11-25shutdown: during final killing spree also send SIGHUP in addition to SIGTERM ↵Lennart Poettering
to deal with shells This makes shutdown a bit faster if debug-shell.service is enabled.
2013-11-25socket-proxyd: Add --listener option for listener/destination pairs.David Strauss
2013-11-23Update TODODavid Strauss
2013-11-22build-sys: move more files from core/ to share/ that are generic enoughLennart Poettering
2013-11-22bus: also add error parameter to object find and enumerator callbacksLennart Poettering
Just in order to bring things inline with the method and property callbacks.
2013-11-21bus: restore selinux access control to PID 1 for propertiesLennart Poettering
2013-11-21timer: make timer accuracy configurableLennart Poettering
And make it default to 1min
2013-11-21bus: rework message handlers to always take an error argumentLennart Poettering
Message handler callbacks can be simplified drastically if the dispatcher automatically replies to method calls if errors are returned. Thus: add an sd_bus_error argument to all message handlers. When we dispatch a message handler and it returns negative or a set sd_bus_error we send this as message error back to the client. This means errors returned by handlers by default are given back to clients instead of rippling all the way up to the event loop, which is desirable to make things robust. As a side-effect we can now easily turn the SELinux checks into normal function calls, since the method call dispatcher will generate the right error replies automatically now. Also, make sure we always pass the error structure to all property and method handlers as last argument to follow the usual style of passing variables for return values as last argument.
2013-11-21bus: the :no-sender hack is now unnecessary, since the new library doesn't ↵Lennart Poettering
require this anymore
2013-11-21bus: let's simplify things by getting rid of unnecessary bus parametersLennart Poettering
2013-11-21bus: add API calls to escape string components of objects pathsLennart Poettering
2013-11-21sd-event: try to move timer wakeups to the same spot within each minuteLennart Poettering
2013-11-21socket: fix segfaultLennart Poettering
2013-11-20core: convert PID 1 to libsystemd-busLennart Poettering
This patch converts PID 1 to libsystemd-bus and thus drops the dependency on libdbus. The only remaining code using libdbus is a test case that validates our bus marshalling against libdbus' marshalling, and this dependency can be turned off. This patch also adds a couple of things to libsystem-bus, that are necessary to make the port work: - Synthesizing of "Disconnected" messages when bus connections are severed. - Support for attaching multiple vtables for the same interface on the same path. This patch also fixes the SetDefaultTarget() and GetDefaultTarget() bus calls which used an inappropriate signature. As a side effect we will now generate PropertiesChanged messages which carry property contents, rather than just invalidation information.
2013-11-16Fix RemainAfterExit services keeping a hold on consoleOlivier Brunel
When a service exits succesfully and has RemainAfterExit set, its hold on the console (in m->n_on_console) wasn't released since the unit state didn't change.
2013-11-14Update TODOZbigniew Jędrzejewski-Szmek
2013-11-11timer: consider (usec_t) -1 an invalid timestampLennart Poettering
2013-11-10bus: we really need to get rid of the :no-sender hackLennart Poettering
This is where a hack from PID 1 spilled into the client side. We need to get rid of this as soon as PID 1 is converted to libsystemd-bus.
2013-11-09man,units: fix installation of systemd-nspawn@.service and add exampleZbigniew Jędrzejewski-Szmek
2013-11-09bus: let magic ":no-sender" pass the validationKay Sievers
2013-11-08localectl: port over to bus_log_create_error()Lennart Poettering
2013-11-08shutdown: unify handling of reboot() syscall a bitLennart Poettering
2013-11-08systemctl: restore ability to directly connect to PID1 from systemctlLennart Poettering
2013-11-08update TODOLennart Poettering
2013-11-07update TODOLennart Poettering
2013-11-07update TODOLennart Poettering
2013-11-07test: remove duplicated codeRonny Chevalier
2013-11-07socket-proxyd: The proxy can now accept multiple sockets (but only to one ↵David Strauss
remote host).