Age | Commit message (Collapse) | Author |
|
- Really warn in all error cases, not just some. We need to make sure
that all errors are logged to not confuse the user.
- Explicitly check for EINVAL error code before claiming anything about
invalid escapes, could be ENOMEM after all.
|
|
This is quite a lot of code these days, hence move it to its own source
file.
|
|
Let's introduce a common function that makes relative paths absolute and
warns about any errors while doing so.
|
|
get_current_dir_name() can return a variety of errors, not just ENOMEM,
hence don't blindly turn its errors to ENOMEM, but return correct errors
in path_make_absolute_cwd().
This trickles down into a couple of other functions, some of which
receive unrelated minor fixes too with this commit.
|
|
Modernize the code a bit:
- Get rid of FOREACH_WORD_SEPARATOR() loop in favour of a
extract_first_word() loop.
- Remove find_binary()'s "local" flag. It's not reasonably possible to
look for binaries on remote systems, we hence should not pretend we
could.
- When we cannot find a suitable binary, return the last error returned
from access() rather than ENOENT unconditionally.
- Rework fsck_exists() and mkfs_exists() to return 1 on success, 0 if
the implementation is missing and negative on real errors. This is
more like we do it in other functions.
- Make sure we also detect direct fsck symlinks to "true", rather than
just absolute ones to /bin/true.
|
|
util: Replace state with separate booleans in extract_first_word
|
|
btrfs quota beef up and various other unrelated changes
|
|
This simplifies the logic and uniformizes the way single and double
quotes are handled. In the end, the code is about 40 lines shorter.
Tested by running the excellent test cases from test-util. Also
installed the systemd binaries including this patch and booted a
system with it, everything looked normal.
|
|
extract_first_word understands "\'string" but doesn't understand "\"string"
fixed this inconsistency.
|
|
With this change we understand more than just leaf quota groups for
btrfs file systems. Specifically:
- When we create a subvolume we can now optionally add the new subvolume
to all qgroups its parent subvolume was member of too. Alternatively
it is also possible to insert an intermediary quota group between the
parent's qgroups and the subvolume's leaf qgroup, which is useful for
a concept of "subtree" qgroups, that contain a subvolume and all its
children.
- The remove logic for subvolumes has been updated to optionally remove
any leaf qgroups or "subtree" qgroups, following the logic above.
- The snapshot logic for subvolumes has been updated to replicate the
original qgroup setup of the source, if it follows the "subtree"
design described above. It will not cover qgroup setups that introduce
arbitrary qgroups, especially those orthogonal to the subvolume
hierarchy.
This also tries to be more graceful when setting up /var/lib/machines as
btrfs. For example, if mkfs.btrfs is missing we don't even try to set it
up as loopback device.
Fixes #1559
Fixes #1129
|
|
Simplify the call, and add dir_is_populated() as inverse call, in order
to make some checks easier to read.
|
|
nspawn: skip /sys-as-tmpfs if we don't use private-network
|
|
Since v3.11/7dc5dbc ("sysfs: Restrict mounting sysfs"), the kernel
doesn't allow mounting sysfs if you don't have CAP_SYS_ADMIN rights over
the network namespace.
So the mounting /sys as a tmpfs code introduced in
d8fc6a000fe21b0c1ba27fbfed8b42d00b349a4b doesn't work with user
namespaces if we don't use private-net. The reason is that we mount
sysfs inside the container and we're in the network namespace of the host
but we don't have CAP_SYS_ADMIN over that namespace.
To fix that, we mount /sys as a sysfs (instead of tmpfs) if we don't use
private network and ignore the /sys-as-a-tmpfs code if we find that /sys
is already mounted as sysfs.
Fixes #1555
|
|
|
|
A bit snake-oilish, but can't hurt.
|
|
systemd-run can launch units with OOMScoreAdjust
|
|
bus proxy fixes, and more
|
|
|
|
Track the number of matches installed for a given multicast group, and leave the
group once no matches depend on it.
In order to handle passed-in sockets that are already members of multicast groups
we initialize the refcount based on the membership once we take over the socket.
This way we will leave the socket in the state we found it once we finish with
it.
On kernels that do not fully support reading out the multicast group membership
we fall back to never leaving any groups (as before).
|
|
btrfs doesn't do that automatically, hence let's do that explicitly each
time.
|
|
Just add " UTC" to the end of the event expression. Works for the
special expressions.
|
|
|
|
to time-util.h. They take an extra argument `bool utc`.
|
|
|
|
|
|
Before, we'd always reset acquired terminals, which is not really
desired, as we expose a setting TTYReset= which is supposed to control
whether the TTY is reset or not. Previously that setting would only
enable a second resetting of the TTY, which is of course pointless...
Hence, move the implicit resetting out of acquire_terminal() and make
the callers do it if they need it.
|
|
With this change we'll open the shell's tty right from machined and then
pass it to the transient unit we create. This way we make sure the pty
is opened exactly as long as the transient service is around, and no
longer, and vice versa. This way pty forwarders do not have to deal with
EIO problems due to vhangup, as the pty is open all the time from the
point we set things up to the point where the service goes away.
|
|
|
|
The child process is shortliving, hence always set O_NOCTTY so that the
tty doesn't quickly become controlling TTY and then gives it up again.
Also set O_CLOEXEC, because it's cleaner, and doesn't affect the parent
anyway.
|
|
cache harddisk passwords in the kernel keyring
|
|
The way to escape a literal dollar sign is to write "$$". But this does
not work right if it's at the beginning of the argument. Fix it.
|
|
This adds support for caching harddisk passwords in the kernel keyring
if it is available, thus supporting caching without Plymouth being
around.
This is also useful for hooking up "gdm-auto-login" with the collected
boot-time harddisk password, in order to support gnome keyring
passphrase unlocking via the HDD password, if it is the same.
Any passwords added to the kernel keyring this way have a timeout of
2.5min at which time they are purged from the kernel.
|
|
smack: label /etc/passwd and friends as '_' smack label when --with-smack-run-label' is enabled (v3)
|
|
Fixes Coverity #1325768
|
|
--with-smack-run-label' is enabled
systemd-sysusers.service unit creates system users and groups and it
could update /etc/passwd, /etc/group, /etc/shadow and /etc/gshadow.
Those files should have '_' smack label because of accessibility.
However, if systemd has its own smack label using '--with-smack-run-label'
configuration, systemd-sysusers process spawned by systemd(pid:1) has
its parent smack label and eventually updated files also is set as its
parent smack label.
This patch fixes that bug by labeling updated files as '_' smack label
when --with-smack-run-label' is enabled.
|
|
Drop custom types. Drop unnecessary macros. Fix whitespace. Add asserts.
|
|
Make the API of the new helpers more similar to the old wrapper.
In particular we now return the hash as a byte string to avoid
any endianness problems.
|
|
Even more fixes
|
|
hashmap/siphash24: refactor hash functions
|
|
|
|
|
|
Add support for naming fds for socket activation and more
|
|
This adds support for naming file descriptors passed using socket
activation. The names are passed in a new $LISTEN_FDNAMES= environment
variable, that matches the existign $LISTEN_FDS= one and contains a
colon-separated list of names.
This also adds support for naming fds submitted to the per-service fd
store using FDNAME= in the sd_notify() message.
This also adds a new FileDescriptorName= setting for socket unit files
to set the name for fds created by socket units.
This also adds a new call sd_listen_fds_with_names(), that is similar to
sd_listen_fds(), but also returns the names of the fds.
systemd-activate gained the new --fdname= switch to specify a name for
testing socket activation.
This is based on #1247 by Maciej Wereski.
Fixes #1247.
|
|
A variety of journal vacuuming improvements, plus an nspawn fix
|
|
Make sure all variable-length inputs are properly terminated or that
their length is encoded in some way. This avoids ambiguity of
adjacent inputs.
E.g., in case of a hash function taking two strings, compressing "ab"
followed by "c" is now distinct from "a" followed by "bc".
|
|
All our hash functions are based on siphash24(), factor out
siphash_init() and siphash24_finalize() and pass the siphash
state to the hash functions rather than the hash key.
This simplifies the hash functions, and in particular makes
composition simpler as calling siphash24_compress() repeatedly
on separate chunks of input has the same effect as first
concatenating the input and then calling siphash23_compress()
on the result.
|
|
|
|
This allows the input to siphash24_compress to be decomposed into
smaller chunks and the function to be called on each individual
chunk.
|
|
finalization step
The last compression is special as it deals with the length byte, and padding. Move
it to the finalization step in preparation for making compression decomposable.
|
|
|