~lukeshu/systemd - Unnamed repository; edit this file 'description' to name the repository.

Age	Commit message (Collapse)	Author
2015-02-13	bus-proxy: also consider ENOTCONN a clean termination condition	Lennart Poettering
	Sometimes, when we try to reply to messages we don't check return values. This means we might miss a ECONNRESET, and will get a ENOTCONN on next command. Treat both the same hence.
2015-02-13	bus-proxy: whenever we cannot forward a message, report this back to caller, ↵	Lennart Poettering
	but don't exit Errors like EPERM from the kernel should certainly not be reason to exit. Let's try to be defensive here, and try to continue on most send errors, but possibly tell the sender about it.
2015-02-13	bus-proxy: minor simplifications	Lennart Poettering

2015-02-13	bus-proxy: no need to negate error codes, log_error_errno() already does it	Lennart Poettering

2015-02-13	bus-proxy: tell Coverity we don't care about these return values	Lennart Poettering

2015-02-13	bus-proxy: we don't pointlessly abbreviate function names	Lennart Poettering
	It's fine to abbreviate local variables, but it's not OK to abbreviate function names needlessly. This is not an excercise in writing unreadable code.
2015-02-12	include <poll.h> instead of <sys/poll.h>	Thomas Hindoe Paaboel Andersen
	include-what-you-use automatically does this and it makes finding unnecessary harder to spot. The only content of poll.h is a include of sys/poll.h so should be harmless.
2015-01-18	bus: use EUID over UID and fix unix-creds	David Herrmann
	Whenever a process performs an action on an object, the kernel uses the EUID of the process to do permission checks and to apply on any newly created objects. The UID of a process is only used if someone ELSE acts on the process. That is, the UID of a process defines who owns the process, the EUID defines what privileges are used by this process when performing an action. Process limits, on the other hand, are always applied to the real UID, not the effective UID. This is, because a process has a user object linked, which always corresponds to its UID. A process never has a user object linked for its EUID. Thus, accounting (and limits) is always done on the real UID. This commit fixes all sd-bus users to use the EUID when performing privilege checks and alike. Furthermore, it fixes unix-creds to be parsed as EUID, not UID (as the kernel always takes the EUID on UDS). Anyone using UID (eg., to do user-accounting) has to fall back to the EUID as UDS does not transmit the UID.
2015-01-18	bus-proxy: fake all UIDs/GIDs, not just the real UID/GID	David Herrmann
	Make sure we tell the kernel to fake all UIDs/GIDs. Otherwise, the remote side has no chance of querying our effective UID (which is usually what they're interested in).
2015-01-17	bus-proxy: don't print error-messages if we check multiple dests	David Herrmann
	If we test the policy against multiple destination names, we really should not print warnings if one of the names results in DENY. Instead, pass the whole array of names to the policy and let it deal with it.
2015-01-17	bus-proxy: share policy between threads	David Herrmann
	This implements a shared policy cache with read-write locks. We no longer parse the XML policy in each thread. This will allow us to easily implement ReloadConfig().
2015-01-17	bus-proxy: extract proxy into Proxy object	David Herrmann
	Move all the proxy code into a "struct Proxy" object that can be used from multiple binaries. We now dropped SMACK as we have to refactor it to work properly. We can introduce it later on.