Age | Commit message (Collapse) | Author |
|
|
|
Only 34 of 74 tools need libselinux linked, and libselinux is a pain
with its unconditional library constructor.
|
|
|
|
|
|
Always use the macros for downcasting.
Remove a few obviously pointless casts.
|
|
The UNIT() macro upcasts from specific unit types to the base Unit.
Use it everywhere, rather than accessing the 'meta' member directly.
|
|
Now that objects of all unit types are allocated the exact amount of
memory they need, the Unit union has lost its purpose. Remove it.
"Unit" is a more natural name for the base unit class than "Meta", so
rename Meta to Unit.
Access to members of the base class gets simplified.
|
|
The storage of the unit objects on the heap is currently not very
efficient. For every unit object we allocate a chunk of memory as large
as the biggest unit type, although there are significant differences in
the units' real requirements.
pahole shows the following sizes of structs:
488 Target
496 Snapshot
512 Device
528 Path
560 Timer
576 Automount
1080 Socket
1160 Swap
1168 Service
1280 Mount
Usually there aren't many targets or snapshots in the system, but Device
is one of the most common unit types and for every one we waste
1280 - 512 = 768 bytes.
Fix it by allocating only the right amount for the given unit type.
On my machine (x86_64, with 39 LVM volumes) this decreases systemd's
USS (unique set size) by more than 300 KB.
|
|
When we merge units that some kind of object points to, those pointers
might become invalidated, and needs to be updated. Introduce a UnitRef
struct which links up all the unit references, to ensure corrected
references.
At the same time, drop configured_sockets in the Service object, and
replace it by proper UNIT_TRIGGERS resp. UNIT_TRIGGERED_BY dependencies,
which allow us to simplify a lot of code.
|
|
|
|
cpu+cpuacct to the default
|
|
configuration settings built by gperf
|
|
|
|
around when isolating
|
|
Just some lame spelling corrections with no functionality.
|
|
|
|
Also, there are most likely dead symlinks in there, so let's ignore
ENOENT when we relabel.
https://bugzilla.redhat.com/show_bug.cgi?id=680169
|
|
|
|
just the reload job
|
|
pulled indirectly
|
|
weaker counterpart of Conflicts=, similar to Wants= vs. Requires=
|
|
|
|
root dir
|
|
mount unit
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=614619
|
|
|
|
|
|
|
|
|
|
remove the one that is "conflicted"
This gives the writer of units control which unit is kept and which is
stopped when two units conflict.
|
|
|
|
read them.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 07/28/2010 05:57 AM, Kay Sievers wrote:
> On Wed, Jul 28, 2010 at 11:43, Lennart Poettering
> <lennart@poettering.net> wrote:
>> On Mon, 26.07.10 16:42, Daniel J Walsh (dwalsh@redhat.com) wrote:
>>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file
>>> type=1400 audit(1280174589.476:7): avc: denied { read } for pid=1
>>> comm="systemd" name="autofs" dev=devtmpfs ino=9482
>>> scontext=system_u:system_r:init_t:s0
>>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file
>>> type=1400 audit(1280174589.476:8): avc: denied { read } for pid=1
>>> comm="systemd" name="autofs" dev=devtmpfs ino=9482
>>> scontext=system_u:system_r:init_t:s0
>>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file
>>>
>>> Lennart, we talked about this earlier. I think this is caused by the
>>> modprobe calls to create /dev/autofs. Since udev is not created at the
>>> point that init loads the kernel modules, the devices get created with
>>> the wrong label. Once udev starts the labels get fixed.
>>>
>>> I can allow init_t to read device_t chr_files.
>>
>> Hmm, I think a cleaner fix would be to make systemd relabel this device
>> properly before accessing it? Given that this is only one device this
>> should not be a problem for us to maintain, I think? How would the
>> fixing of the label work? Would we have to spawn restorecon for this, or
>> can we actually do this in C without too much work?
>
> I guess we can just do what udev is doing, and call setfilecon(), with
> a context of an earlier matchpathcon().
>
> Kay
> _______________________________________________
> systemd-devel mailing list
> systemd-devel@lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Here is the updated patch with a fix for the labeling of /dev/autofs
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.14 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkxQMyoACgkQrlYvE4MpobNviACfWgxsjW2xzz1qznFex8RVAQHf
gIEAmwRmRcLvGqYtwQaZ3WKIg8wmrwNk
=pC2e
|
|
|
|
anymore
|
|
|
|
|
|
|
|
|
|
|
|
one step
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
before udev is active
|
|
|
|
|