summaryrefslogtreecommitdiff
path: root/src/basic/socket-util.c
AgeCommit message (Collapse)Author
2016-07-22core: add a concept of "dynamic" user ids, that are allocated as long as a ↵Lennart Poettering
service is running This adds a new boolean setting DynamicUser= to service files. If set, a new user will be allocated dynamically when the unit is started, and released when it is stopped. The user ID is allocated from the range 61184..65519. The user will not be added to /etc/passwd (but an NSS module to be added later should make it show up in getent passwd). For now, care should be taken that the service writes no files to disk, since this might result in files owned by UIDs that might get assigned dynamically to a different service later on. Later patches will tighten sandboxing in order to ensure that this cannot happen, except for a few selected directories. A simple way to test this is: systemd-run -p DynamicUser=1 /bin/sleep 99999
2016-06-15socket-util: Run the fallback when the kernel complains about the null ↵Kai Ruhnau
buffer (#3541) Calling recv with a NULL buffer returns EFAULT instead of EOPNOTSUPP on older kernels (3.14). Fixes #3407 Signed-off-by: Kai Ruhnau <kai.ruhnau@target-sg.com>
2016-06-15tree-wide: htonl() is weird, let's use htobe32() instead (#3538)Lennart Poettering
Super-important change, yeah!
2016-05-09util-lib: add new ifname_valid() call that validates interface namesLennart Poettering
Make use of this in nspawn at a couple of places. A later commit should port more code over to this, including networkd.
2016-05-06core: rework how we flush incoming traffic when a socket unit goes downLennart Poettering
Previously, we'd simply close and reopen the socket file descriptors. This is problematic however, as we won't transition through the SOCKET_CHOWN state then, and thus the file ownership won't be correct for the sockets. Rework the flushing logic, and actually read any queued data from the sockets for flushing, and accept any queued messages and disconnect them.
2016-02-24treewide: fix typos and then/that useTorstein Husebø
2016-02-16networkd: FIONREAD is not reliable on some socketsLennart Poettering
Fixes: #2457
2016-02-10coredump: rework coredumping logicLennart Poettering
This reworks the coredumping logic so that the coredump handler invoked from the kernel only collects runtime data about the crashed process, and then submits it for processing to a socket-activate coredump service, which extracts a stacktrace and writes the coredump to disk. This has a number of benefits: the disk IO and stack trace generation may take a substantial amount of resources, and hence should better be managed by PID 1, so that resource management applies. This patch uses RuntimeMaxSec=, Nice=, OOMScoreAdjust= and various sandboxing settings to ensure that the coredump handler doesn't take away unbounded resources from normally priorized processes. This logic is also nice since this makes sure the coredump processing and storage is delayed correctly until /var/systemd/coredump is mounted and writable. Fixes: #2286
2016-02-10tree-wide: remove Emacs lines from all filesDaniel Mack
This should be handled fine now by .dir-locals.el, so need to carry that stuff in every file.
2016-01-22Merge pull request #2080 from ↵Daniel Mack
chaloulo/split-mode-host-remove-port-from-journal-filename journal-remote: split-mode=host, remove port from journal filename
2015-12-10Use /proc/net/sockstat6 to detect IPv6 supportJorgen Schaefer
The file /sys/module/ipv6 does not exist in all container implementations (e.g. Virtuozzo). Using /proc/net/sockstat6 detects IPv6 support reliably in these environments, too. This file does not exist when the kernel is not compiled with IPv6 support, or if IPv6 support is disabled, so simply checking for existence should be a suitable check. Fixes #2059
2015-12-03journal: unbreak sd_journal_sendvZbigniew Jędrzejewski-Szmek
Borked since commit 3ee897d6c2401effbc82f5eef35fce405781d6c8 Author: Lennart Poettering <lennart@poettering.net> Date: Wed Sep 23 01:00:04 2015 +0200 tree-wide: port more code to use send_one_fd() and receive_one_fd() because here our fd is not connected and we need to specify the address.
2015-12-01basic: re-sort includesThomas Hindoe Paaboel Andersen
My previous patch to only include what we use accidentially placed the added inlcudes in non-sorted order.
2015-12-01journal-remote: split-mode=host, remove port from journal filenameKlearchos Chaloulos
When constructing the journal filename to store logs from a remote host, remove the port of the tcp connection, as the port will change with every reboot/connection loss between sender/reveiver machines. Having the port in the filename will cause a new journal file to be created for every reboot or connection loss. For the implementation, a new argument "bool include_port" is added to the getpeername_pretty() function. This is passed to the sockaddr_pretty() function. The value of the include_port argument is set to true in all calls of getpeername_pretty(), except for 2 calls in journal-remote.c, where it is set to false.
2015-11-30basic: include only what we useThomas Hindoe Paaboel Andersen
This is a cleaned up result of running iwyu but without forward declarations on src/basic.
2015-10-27util-lib: split out allocation calls into alloc-util.[ch]Lennart Poettering
2015-10-27user-util: move UID/GID related macros from macro.h to user-util.hLennart Poettering
2015-10-27util-lib: move string table stuff into its own string-table.[ch]Lennart Poettering
2015-10-27util-lib: split string parsing related calls from util.[ch] into parse-util.[ch]Lennart Poettering
2015-10-26socket-util: move remaining socket-related calls from util.[ch] to ↵Lennart Poettering
socket-util.[ch]
2015-10-26util-lib: move ether_addr_to_string() into ether-addr-util.cLennart Poettering
2015-10-24util-lib: split our string related calls from util.[ch] into its own file ↵Lennart Poettering
string-util.[ch] There are more than enough calls doing string manipulations to deserve its own files, hence do something about it. This patch also sorts the #include blocks of all files that needed to be updated, according to the sorting suggestions from CODING_STYLE. Since pretty much every file needs our string manipulation functions this effectively means that most files have sorted #include blocks now. Also touches a few unrelated include files.
2015-07-31basic: fix error/memleak in socket-utilDavid Herrmann
Probably a typo, checking 'ret' instead of the return value 'p'. This might cause the function to return failure, even though it succeeded. Furthermore, it might leak resources.
2015-07-29socket-util: library calls shouldn't log on their ownLennart Poettering
Instead, make sure that all callers log properly.
2015-06-11build-sys: split internal basic/ library from shared/Kay Sievers
basic/ can be used by everything cannot use anything outside of basic/ libsystemd/ can use basic/ cannot use shared/ shared/ can use libsystemd/