summaryrefslogtreecommitdiff
path: root/src/basic
AgeCommit message (Collapse)Author
2015-09-16basic: nicer xsprintf and xstrftime assert messagesMichal Schmidt
It's nicer if the assertion failure message from a bad use of xsprintf actually mentions xsprintf instead of the expression the macro is implemented as. The assert_message_se macro was added in the previous commit as an internal helper, but it can also be used for customizing assertion failure messages like in this case. Example: char buf[10]; xsprintf(buf, "This is a %s message.\n", "long"); Before: Assertion '(size_t) snprintf(buf, ELEMENTSOF(buf), "This is a %s message.\n", "long") < ELEMENTSOF(buf)' failed at foo.c:6, function main(). Aborting. After: Assertion 'xsprintf: buf[] must be big enough' failed at foo.c:6, function main(). Aborting.
2015-09-16basic: nicer assert messagesMichal Schmidt
Make sure the assert expression is not macro-expanded before stringification. This makes several assertion failure messages more readable. As an example: assert(streq("foo", "bar")); I'd rather see this: Assertion 'streq("foo", "bar")' failed at foo.c:5, function main(). Aborting. ...than this, though awesome, incomprehensible truncated mess: Assertion '(__extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p (( "foo")) && __builtin_constant_p (("bar")) && (__s1_len = strlen (("foo")), __s2_ len = strlen (("bar")), (!((size_t)(const void *)((("foo")) + 1) - (size_t)(cons t void *)(("foo")) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((("bar") ) + 1) - (size_t)(const void *)(("bar")) == 1) || __s2_len >= 4)) ? __builtin_st rcmp (("foo"), ("bar")) : (__builtin_constant_p (("foo")) && ((size_t)(const voi d *)((("foo")) + 1) - (size_t)(const void *)(("foo")) == 1) && (__s1_len = strle n (("foo")), __s1_len < 4) ? (__builtin_constant_p (("bar")) && ((size_t)(const void *)((("bar")) + 1) - (size_t)(const void *)(("bar")) == 1) ? __builtin_strcm p (("foo"), ("bar")) : (__extension__ ({ const unsigned char *__s2 = (const unsi gned char *) (const char *) (("bar")); int __result = (((const unsigned char *) (const char *) (("foo")))[0] - __s2[0]); if (__s1_len > 0 && __result == 0) { __ result = (((const unsigned char *) (const char *) (("foo")))[1] - __s2[1]); if ( __s1_len > 1 && __result == 0) { __result = (((const unsigned char *) (const cha r *) (("foo")))[2] - __s2[2]); if (__s1_len > 2 && __result == 0) __result = ((( const unsigned char *) (const char *) (("foo")))[3] - __s2[3]); } } __result; }) )) : (__builtin_constant_p (("bar")) && ((size_t)(const void *)((("bar")) + 1) - (size_t)(const void *)(("bar")) == 1) && (__s2_len = strlen (("bar")), __s2_len < 4) ? (__builtin_constant_p (("foo")) && ((size_t)(const void *)((("foo")) + 1 ) - (size_t)(const void *)(("foo")) == 1) ? __builtin_strcmp (("foo"), ("bar")) : (- (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (cons t char *) (("foo")); int __result = (((const unsigned char *) (const char *) ((" bar")))[0] - __s2[0]); if (__s2_len > 0 && __result == 0) { __result = (((const unsigned char *) (const char *) (("bar")))[1] - __s2[1]); if (__s2_len > 1 && __ result == 0) { __result = (((const unsigned char *) (const char *) (("bar")))[2] - __s2[2]); if (__s2_len > 2 && __result == 0)
2015-09-16basic: make sure argument of ELEMENTSOF is an arrayMichal Schmidt
Using ELEMENTSOF on a pointer will result in a compilation error.
2015-09-11core: refactor cpu shares/blockio weight cgroup logicLennart Poettering
Let's stop using the "unsigned long" type for weights/shares, and let's just use uint64_t for this, as that's what we expose on the bus. Unify parsers, and always validate the range for these fields. Correct the default blockio weight to 500, since that's what the kernel actually uses. When parsing the weight/shares settings from unit files accept the empty string as a way to reset the weight/shares value. When getting it via the bus, uniformly map (uint64_t) -1 to unset. Open up StartupCPUShares= and StartupBlockIOWeight= to transient units.
2015-09-11util: remove ring.[ch] + pty.[ch] and testsLennart Poettering
This was used by consoled, which was removed, let's remove this too now.
2015-09-10Merge pull request #1239 from poettering/cgroup-pidsDaniel Mack
core: add support for the "pids" cgroup controller
2015-09-10core: add support for the "pids" cgroup controllerLennart Poettering
This adds support for the new "pids" cgroup controller of 4.3 kernels. It allows accounting the number of tasks in a cgroup and enforcing limits on it. This adds two new setting TasksAccounting= and TasksMax= to each unit, as well as a gloabl option DefaultTasksAccounting=. This also updated "cgtop" to optionally make use of the new kernel-provided accounting. systemctl has been updated to show the number of tasks for each service if it is available. This patch also adds correct support for undoing memory limits for units using a MemoryLimit=infinity syntax. We do the same for TasksMax= now and hence keep things in sync here.
2015-09-10tree-wide: never use the off_t unless glibc makes us use itLennart Poettering
off_t is a really weird type as it is usually 64bit these days (at least in sane programs), but could theoretically be 32bit. We don't support off_t as 32bit builds though, but still constantly deal with safely converting from off_t to other types and back for no point. Hence, never use the type anymore. Always use uint64_t instead. This has various benefits, including that we can expose these values directly as D-Bus properties, and also that the values parse the same in all cases.
2015-09-09Merge pull request #1218 from poettering/safe-fcloseDaniel Mack
util: introduce safe_fclose() and port everything over to it
2015-09-09util: introduce safe_fclose() and port everything over to itLennart Poettering
Adds a coccinelle script to port things over automatically.
2015-09-09locale: kill free_and_replace()Daniel Mack
That function really makes little sense, as the open-coded variant is much more readable. Also, if the 2nd argument is NULL, mfree() is a much better candidate. Convert the only users of this function in localed, and then remove it entirely.
2015-09-09smack: introduce new mac_smack_copy() functionSangjung Woo
This adds a new mac_smack_copy() function in order to read the smack label from the source and apply it to the destination.
2015-09-09Merge pull request #1210 from poettering/import-fixesDaniel Mack
cgroup fix, nspawn fix, plus change to download .nspawn files in importd
2015-09-09tree-wide: drop {} from one-line if blocksLennart Poettering
Patch via coccinelle.
2015-09-09tree-wide: don't do assignments within if checksLennart Poettering
Turn this: if ((r = foo()) < 0) { ... into this: r = foo(); if (r < 0) { ...
2015-09-09tree-wide: use coccinelle to patch a lot of code to use mfree()Lennart Poettering
This replaces this: free(p); p = NULL; by this: p = mfree(p); Change generated using coccinelle. Semantic patch is added to the sources.
2015-09-08cgroups: make sure the "devices" controller's enum is named the same way as ↵Lennart Poettering
the controller in the kernel Follow-up to 5bf8002a3a6723ce50331c024122078552fb600a.
2015-09-08Merge pull request #1190 from poettering/rework-virtDaniel Mack
basic: rework virtualization detection API
2015-09-08cgroup-util: fix devices controllerMartin Pitt
Commit efdb0237 accidentally changed the name of the "devices" cgroup controller to "device".
2015-09-07basic: rework virtualization detection APILennart Poettering
Introduce a proper enum, and don't pass around string ids anymore. This simplifies things quite a bit, and makes virtualization detection more similar to architecture detection.
2015-09-07Merge pull request #1165 from poettering/nspawn-filesTom Gundersen
various fixes to the core, logind, machined, nspawn
2015-09-06nspawn: add new .nspawn files for container settingsLennart Poettering
.nspawn fiels are simple settings files that may accompany container images and directories and contain settings otherwise passed on the nspawn command line. This provides an efficient way to attach execution data directly to containers.
2015-09-06core: pass details to polkit for some unit actionsMichael Chapman
The following details are passed: - unit: the primary name of the unit upon which the action was invoked (i.e. after resolving any aliases); - verb: one of 'start', 'stop', 'reload', 'restart', 'try-restart', 'reload-or-restart', 'reload-or-try-restart', 'kill', 'reset-failed', or 'set-property', corresponding to the systemctl verb used to invoke the action. Typical use of these details in a polkit policy rule might be: // Allow alice to manage example.service; // fall back to implicit authorization otherwise. polkit.addRule(function(action, subject) { if (action.id == "org.freedesktop.systemd1.manage-units" && action.lookup("unit") == "example.service" && subject.user == "alice") { return polkit.Result.YES; } }); We also supply a custom polkit message that includes the unit's name and the requested operation.
2015-09-04nspawn: enable all controllers we can for the "payload" subcgroup we createLennart Poettering
In the unified hierarchy delegating controller access is safe, hence make sure to enable all controllers for the "payload" subcgroup if we create it, so that the container will have all controllers enabled the nspawn service itself has.
2015-09-04cgroup: always read the supported controllers from the root cgroup of the ↵Lennart Poettering
local container Otherwise we might end up thinking that we support more controllers than actually enabled for the container we are running in.
2015-09-04cgroup: fix potential access of uninitialized variableLennart Poettering
2015-09-04cgroup-util: make cg_pid_get_path() return -ENODATA when controller can't be ↵Lennart Poettering
found If the controller managed by systemd cannot found in /proc/$PID/cgroup, return ENODATA, the usual error for cases where the data being looked for does not exist, even if the process does.
2015-09-04cgroup: fix potential bad memory accessLennart Poettering
2015-09-04cgroup: make sure cg_is_empty_recursive() returns 1 for non-existing cgroupsLennart Poettering
Previously, on the legacy hierarchy a non-existing cgroup was considered identical to an empty one, but the unified hierarchy the check for a non-existing one returned ENOENT.
2015-09-04cgroup: when comparing agent paths, use path_equal()Lennart Poettering
After all a path is a path is a path and we should use path_equal() to comapre those.
2015-09-04audit: audit calls should return ENODATA when process are not in an audit ↵Lennart Poettering
session ENODATA is how we usually indicate such "missing info" cases, so we should do this here, too.
2015-09-04util: document why parse_uid() returns ENXIOLennart Poettering
parse_uid() returns EINVAL for invalid strings, but ENXIO for the (uid_t) -1 user ids in order to distinguish these two cases. Document this.
2015-09-04cgroup: move controller to dirname translation into join_path_legacy()Lennart Poettering
Let's simplify things a bit.
2015-09-04util: add new uid_is_valid() callLennart Poettering
This simply factors out the uid validation checks from parse_uid() and uses them everywhere. This simply verifies that the passed UID is neither 64bit -1 nor 32bit -1.
2015-09-04macro: introduce new PID_TO_PTR macros and make use of themLennart Poettering
This adds a new PID_TO_PTR() macro, plus PTR_TO_PID() and makes use of it wherever we maintain processes in a hash table. Previously we sometimes used LONG_TO_PTR() and other times ULONG_TO_PTR() for that, hence let's make this more explicit and clean up things.
2015-09-03cg_get_path: Removed unreachable statementreverendhomer
controller cannot be NULL because if-statement in L509 has return Coverity #1322379
2015-09-02tree-wide: fix indentationThomas Hindoe Paaboel Andersen
2015-09-02Merge pull request #1116 from poettering/unified-rebasedLennart Poettering
core: unified cgroup hierarchy support
2015-09-02Merge pull request #1112 from poettering/sd-bus-container-fixesDavid Herrmann
machined and sd-bus container fixes
2015-09-02virt: detect parallels virtualizationEvgeny Vereshchagin
inspired by http://people.redhat.com/~rjones/virt-what/ see: * http://git.annexia.org/?p=virt-what.git;a=blob;f=virt-what.in;h=a5ed33ef3e4bfa3281c9589eccac4d92dff1babe;hb=HEAD#l200 * http://git.annexia.org/?p=virt-what.git;a=blob;f=virt-what.in;h=a5ed33ef3e4bfa3281c9589eccac4d92dff1babe;hb=HEAD#l253
2015-09-01core: unified cgroup hierarchy supportLennart Poettering
This patch set adds full support the new unified cgroup hierarchy logic of modern kernels. A new kernel command line option "systemd.unified_cgroup_hierarchy=1" is added. If specified the unified hierarchy is mounted to /sys/fs/cgroup instead of a tmpfs. No further hierarchies are mounted. The kernel command line option defaults to off. We can turn it on by default as soon as the kernel's APIs regarding this are stabilized (but even then downstream distros might want to turn this off, as this will break any tools that access cgroupfs directly). It is possibly to choose for each boot individually whether the unified or the legacy hierarchy is used. nspawn will by default provide the legacy hierarchy to containers if the host is using it, and the unified otherwise. However it is possible to run containers with the unified hierarchy on a legacy host and vice versa, by setting the $UNIFIED_CGROUP_HIERARCHY environment variable for nspawn to 1 or 0, respectively. The unified hierarchy provides reliable cgroup empty notifications for the first time, via inotify. To make use of this we maintain one manager-wide inotify fd, and each cgroup to it. This patch also removes cg_delete() which is unused now. On kernel 4.2 only the "memory" controller is compatible with the unified hierarchy, hence that's the only controller systemd exposes when booted in unified heirarchy mode. This introduces a new enum for enumerating supported controllers, plus a related enum for the mask bits mapping to it. The core is changed to make use of this everywhere. This moves PID 1 into a new "init.scope" implicit scope unit in the root slice. This is necessary since on the unified hierarchy cgroups may either contain subgroups or processes but not both. PID 1 hence has to move out of the root cgroup (strictly speaking the root cgroup is the only one where processes and subgroups are still allowed, but in order to support containers nicey, we move PID 1 into the new scope in all cases.) This new unit is also used on legacy hierarchy setups. It's actually pretty useful on all systems, as it can then be used to filter journal messages coming from PID 1, and so on. The root slice ("-.slice") is now implicitly created and started (and does not require a unit file on disk anymore), since that's where "init.scope" is located and the slice needs to be started before the scope can. To check whether we are in unified or legacy hierarchy mode we use statfs() on /sys/fs/cgroup. If the .f_type field reports tmpfs we are in legacy mode, if it reports cgroupfs we are in unified mode. This patch set carefuly makes sure that cgls and cgtop continue to work as desired. When invoking nspawn as a service it will implicitly create two subcgroups in the cgroup it is using, one to move the nspawn process into, the other to move the actual container processes into. This is done because of the requirement that cgroups may either contain processes or other subgroups.
2015-09-01Merge pull request #1098 from filbranden/cpuaffinity2Lennart Poettering
Getting rid of FOREACH_WORD_QUOTED and some more cleanup in config_parse_cpu_affinity2
2015-09-01Merge pull request #1107 from msekletar/selinux-get-raw-contextLennart Poettering
selinux: always use *_raw API from libselinux
2015-09-01machined: introduce a ptsname_namespace() call and make use of itLennart Poettering
The call is like ptsname() but does not assume the pty path was accessible in the local namespace. It uses the same internal ioctl though.
2015-09-01machined: call unlockpt() in container, not hostLennart Poettering
It makes assumptions about the pty path, hence better call it in the container namespace rather than the host.
2015-09-01Merge pull request #1111 from poettering/more-cgroup-fixesTom Gundersen
More cgroup fixes
2015-09-01cgroup: the root cgroup is always populatedLennart Poettering
2015-09-01cgroup: drop "ignore_self" argument from cg_is_empty()Lennart Poettering
In all cases where the function (or cg_is_empty_recursive()) ignoring the calling process is actually wrong, as a process keeps a cgroup busy regardless if its the current one or another. Hence, let's simplify things and drop the "ignore_self" parameter.
2015-09-01cgroup: small cleanups and coding style fixesLennart Poettering
A number of simplications and adjustments to brings things closer to our coding style.
2015-09-01cgroup: don't allow hidden cgroupsLennart Poettering
We really should care for all cgroups, and not allow hidden ones.