| Age | Commit message (Collapse) | Author |
|---|
|
This commit is a first attempt to isolate the udev code from the
remaining code base. It intentionally does not modify any files
but purely delete files which, on a first examination, appear to
not be needed. This is a sweeping commit which may easily have
missed needed code. Files can be retrieved by doing a checkout
from the previous commit:
git checkout 2944f347d0 -- <filename>
|
|
The behaviour of the common name##_from_string conversion is surprising.
It accepts not only the strings from name##_table but also any number
that falls within the range of the table. The order of items in most of
our tables is an internal affair. It should not be visible to the user.
I know of a case where the surprising numeric conversion leads to a crash.
We will allow the direct numeric conversion only for the tables where the
mapping of strings to numeric values has an external meaning. This holds
for the following lookup tables:
- netlink_family, ioprio_class, ip_tos, sched_policy - their numeric
values are stable as they are defined by the Linux kernel interface.
- log_level, log_facility_unshifted - the well-known syslog interface.
We allow the user to use numeric values whose string names systemd does
not know. For instance, the user may want to test a new kernel featuring
a scheduling policy that did not exist when his systemd version was
released. A slightly unpleasant effect of this is that the
name##_to_string conversion cannot return pointers to constant strings
anymore. The strings have to be allocated on demand and freed by the
caller.
|
|
Reply of dbus_message_new_method_return was check twice and
path from unit_dbus_path was not.
|
|
This allows unprivileged clients to check for the used virtualization
even when lacking the privileges that some of the virtualization tests
require.
https://bugzilla.gnome.org/show_bug.cgi?id=684801
|
|
can reuse it in logind
|
|
a) Instead of parsing the bus messages inside of selinux-access.c
simply pass everything pre-parsed in the functions
b) implement the access checking with a macro that resolves to nothing
on non-selinux builds
c) split out the selinux checks into their own sources
selinux-util.[ch]
d) this unifies the job creation code behind the D-Bus calls
Manager.StartUnit() and Unit.Start().
|
|
Note: I did s/MANAGER/SYSTEMD/ everywhere, even though it makes the
patch quite verbose. Nevertheless, keeping MANAGER prefix in some
places, and SYSTEMD prefix in others would just lead to confusion down
the road. Better to rip off the band-aid now.
|
|
|
|
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch adds the ability to look at the calling process that is trying to
do dbus calls into systemd, then it checks with the SELinux policy to see if
the calling process is allowed to do the activity.
The basic idea is we want to allow NetworkManager_t to be able to start and
stop ntpd.service, but not necessarly mysqld.service.
Similarly we want to allow a root admin webadm_t that can only manage the
apache environment. systemctl enable httpd.service, systemctl disable
iptables.service bad.
To make this code cleaner, we really need to refactor the dbus-manager.c code.
This has just become a huge if-then-else blob, which makes doing the correct
check difficult.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
iEYEARECAAYFAlBJBi8ACgkQrlYvE4MpobOzTwCdEUikbvRWUCwOb83KlVF0Nuy5
lRAAnjZZNuc19Z+aNxm3k3nwD4p/JYco
=yops
-----END PGP SIGNATURE-----
|
|
times
This only adds the fields to the D-Bus interfaces but doesn't fill them
in with anything useful yet. Gummiboot exposes the necessary bits of
information to use however and as soon as I get my fingers on a proper
UEFI laptop I'll hook up the remaining bits.
Since we want to stabilize the D-Bus interface soon and include it in
the stability promise we should get the last fixes in, hence this change
now.
|
|
It made no sense, and since we are documenting the bus calls now and
want to include them in our stability promise we really should get it
cleaned up sooner, not later.
|
|
|
|
This is to match strappend() and the other string related functions.
|
|
|
|
Clients should always watch /dev/watchdog directly, instead of going
indirect. Let's keep our stacks small.
|
|
People should use systemd.pc if anything at all to determine these
directories, and people should not assume that the bus fields are part
of the supported API, so let's just drop this.
|
|
This option never made much sense. It was originally intended to make
sure that the usual startup output of sysv scripts goes to the terminal.
However, since SysV scripts started from a terminal would not output to
that terminal, but rather /dev/console this effect was more often than
not actually taking place. Nowadays systemd has much nicer boot time
status output than SysV which makes the sysv output redundant. Finally,
all output of services goes to the journal anyway, and is not lost.
Hence, let's drop this option, and simplify things a bit.
|
|
Command systemctl stop foo.service, will print error message, when
foo.service is unknown to systemd, i.e. there is no unit file loaded for
this service.
https://bugzilla.redhat.com/show_bug.cgi?id=732874
|
|
NotifySocket= is hardly useful, people should use $NOTIFY_SOCKET if
anything.
RunningAs= suggests people had a choice of running user mode as PID 1 or
vice versa, so remove this too.
|
|
|
|
|
|
The pointer to the end of the string was not advanced after adding
the "cgroups-missing" taint. If "local-hwclock" was detected too,
it would overwrite the previous string.
With 'e' always pointing to the end of the string, removing the last
delimiter is easier.
|
|
|
|
|
|
This breaks D-Bus interface slightly, but since the D-Bus API isn't
covered by the interface stability promise this should be OK.
|
|
|
|
The ability to set MountAuto=no and SwapAuto=no was useful during the
adoption phase of systemd, so that distributions could stick to their
classic mount scripts a bit longer. It is about time to get rid of it
now.
|
|
Merging of jobs can result in more than one client being interested in a job.
|
|
|
|
|
|
We finally got the OK from all contributors with non-trivial commits to
relicense systemd from GPL2+ to LGPL2.1+.
Some udev bits continue to be GPL2+ for now, but we are looking into
relicensing them too, to allow free copy/paste of all code within
systemd.
The bits that used to be MIT continue to be MIT.
The big benefit of the relicensing is that closed source code may now
link against libsystemd-login.so and friends.
|
|
|
