summaryrefslogtreecommitdiff
path: root/src/core/ima-setup.c
AgeCommit message (Collapse)Author
2015-06-11ima-setup: write policy one line at a timeZbigniew Jędrzejewski-Szmek
ima_write_policy() expects data to be written as one or more rules, no more than PAGE_SIZE at a time. Easiest way to ensure that we are not splitting rules is to read and write one line at a time. https://bugzilla.redhat.com/show_bug.cgi?id=1226948
2015-06-04Partially revert "ma-setup: simplify"Zbigniew Jędrzejewski-Szmek
copy_bytes() tries to do the write in chunks, but ima kernel code needs every rule to be written in one write. Writing the whole file at once avoids the issue. http://lists.freedesktop.org/archives/systemd-devel/2015-June/032623.html http://sourceforge.net/p/linux-ima/mailman/message/34145236/ https://bugzilla.redhat.com/show_bug.cgi?id=1226948
2015-02-23remove unused includesThomas Hindoe Paaboel Andersen
This patch removes includes that are not used. The removals were found with include-what-you-use which checks if any of the symbols from a header is in use.
2014-12-12copy: use btrfs reflinking only whe we know we copy full filesLennart Poettering
2014-12-09ima-setup: simplifyZbigniew Jędrzejewski-Szmek
2014-12-09treewide: sanitize loop_writeZbigniew Jędrzejewski-Szmek
loop_write() didn't follow the usual systemd rules and returned status partially in errno and required extensive checks from callers. Some of the callers dealt with this properly, but many did not, treating partial writes as successful. Simplify things by conforming to usual rules.
2014-11-28treewide: use log_*_errno whenever %m is in the format stringMichal Schmidt
If the format string contains %m, clearly errno must have a meaningful value, so we might as well use log_*_errno to have ERRNO= logged. Using: find . -name '*.[ch]' | xargs sed -r -i -e \ 's/log_(debug|info|notice|warning|error|emergency)\((".*%m.*")/log_\1_errno(errno, \2/' Plus some whitespace, linewrap, and indent adjustments.
2014-04-26core: reindent {selinux, ima, smack}-setup.cWill Woods
7-space indentation is just too weird to leave alone. Make it 8 spaces, as per CODING_STYLE. No other changes.
2014-03-18util: replace close_nointr_nofail() by a more useful safe_close()Lennart Poettering
safe_close() automatically becomes a NOP when a negative fd is passed, and returns -1 unconditionally. This makes it easy to write lines like this: fd = safe_close(fd); Which will close an fd if it is open, and reset the fd variable correctly. By making use of this new scheme we can drop a > 200 lines of code that was required to test for non-negative fds or to reset the closed fd variable afterwards.
2013-03-07core: move mount_setup_early() to main.cNathaniel Chen
move mount_setup_early() call to main.c, before security module setup, so there are no more repeat calls.
2012-04-12relicense to LGPLv2.1 (with exceptions)Lennart Poettering
We finally got the OK from all contributors with non-trivial commits to relicense systemd from GPL2+ to LGPL2.1+. Some udev bits continue to be GPL2+ for now, but we are looking into relicensing them too, to allow free copy/paste of all code within systemd. The bits that used to be MIT continue to be MIT. The big benefit of the relicensing is that closed source code may now link against libsystemd-login.so and friends.
2012-04-11move libsystemd_core.la sources into core/Kay Sievers