| Age | Commit message (Collapse) | Author |
|---|
|
This ports a lot of manual code over to sigprocmask_many() and friends.
Also, we now consistly check for sigprocmask() failures with
assert_se(), since the call cannot realistically fail unless there's a
programming error.
Also encloses a few sd_event_add_signal() calls with (void) when we
ignore the return values for it knowingly.
|
|
Rename sd_rtnl to sd_netlink to prepare for further netlink-protocol support. Anything rtnl specific still uses the sd_rtnl prefix, but the generic parts (including the bus and message objects) are now called sd_netlink.
|
|
|
|
ima-setup: write policy one line at a time
|
|
|
|
CID 996302: Error handling issues (CHECKED_RETURN)
|
|
sd-rtnl: make joining broadcast groups implicit
|
|
|
|
-ENOSYS is returned from kmod_module_probe_insert_module() if a module isn't
available, not -ENOENT. Don't spit out a warning in that case unless the
warn_if_unavailable flag is set.
Also factor out the condition into an own variable for better readability.
|
|
ima_write_policy() expects data to be written as one or more
rules, no more than PAGE_SIZE at a time. Easiest way to ensure
that we are not splitting rules is to read and write one line at
a time.
https://bugzilla.redhat.com/show_bug.cgi?id=1226948
|
|
(Also, downgrade message from LOG_ERROR to LOG_WARNING, after all we
don't care much and just proceed)
|
|
Without the boolean bus_name_good services as well as cgroup_realized
for units a unit of Type=dbus and ExecReload sending SIGHUP to $MAINPID
will be terminated if systemd will be daemon reloaded.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=746151
https://bugs.freedesktop.org/show_bug.cgi?id=78311
https://bugzilla.opensuse.org/show_bug.cgi?id=934077
|
|
It's only marginally shorter then the usual for() loop, but certainly
more readable.
|
|
|
|
mask/handlers
Also, when the child is potentially long-running make sure to set a
death signal.
Also, ignore the result of the reset operations explicitly by casting
them to (void).
|
|
but don't do anything else. We still want to kill as much as
possible.
Coverity CID#996306
|
|
Also reorder the code a bit to be easier to parse.
|
|
|
|
Traditionally, we used to warn about ipv6 being a module or being
unavailable. This was changed in b4aa82f16 ("kmod-setup: don't warn
when ipv6 can't be loaded") in a way that neither of the two conditions
will cause a log message.
Now, while running a setup without any IPv6 is completely fine and
shouldn't cause any warning, we should still warn about ipv6 being a
module instead of built-in.
To achieve this, split the boolean warn flag into two: one for a
feature not being built-in but shipped as a module, and one to
print an error when a module is entirely unavailable.
We will, however, still warn if kmod returns anything else than
-ENOENT in the attempt of loading the module, and at the very least,
turn the message into a debug log.
|
|
kmod-setup: don't warn when ipv6 can't be loaded (FDO bug #87475)
|
|
Not having IPv6 is a valid setup. Let's not print a warning in that
case.
Addresses:
https://bugs.freedesktop.org/show_bug.cgi?id=87475
|
|
This made sense when systemd ran on older kernels, nowdays not so much.
|
|
core/mount: skip incomplete mountinfo entries
|
|
Skip /proc/mountinfo entries for which libmount returns a NULL pointer
for 'source' or 'target'. This happened on Semaphore CI's build servers
when the test suite is run.
|
|
copy_bytes() tries to do the write in chunks, but ima kernel code
needs every rule to be written in one write. Writing the whole file
at once avoids the issue.
http://lists.freedesktop.org/archives/systemd-devel/2015-June/032623.html
http://sourceforge.net/p/linux-ima/mailman/message/34145236/
https://bugzilla.redhat.com/show_bug.cgi?id=1226948
|
|
|
|
The cunescape() helper function used to handle unknown escaping sequences
gracefully by copying them over verbatim.
Commit 527b7a42 ("util: rework cunescape(), improve error handling") added
a flag to make that behavior optional, and changed to default to error out
with -EINVAL otherwise.
However, config_parse_exec(), which is used to parse the
Exec{Start,Stop}{Post,Pre,} directives of unit files, was not changed along
with that commit, which means that directives with improperly escaped
command line strings are no longer parsed.
Relevant bugreports include:
https://bugs.freedesktop.org/show_bug.cgi?id=90794
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=787256
Fix this by passing UNESCAPE_RELAX to config_parse_exec() in order to
restore the original behavior.
|
|
A small typo in ee818b8 caused /home to be put in read-only instead of
/usr when ProtectSystem was enabled (ie: not set to "no").
|
|
No functional changes.
|
|
This makes path_is_mount_point() consistent with fd_is_mount_point() wrt.
flags.
|
|
|
|
This patch simplify swapon usage in systemd. The command swapon(8)
since util-linux v2.26 supports "-o <list>". The idea is exactly the
same like for mount(8). The -o specifies options in fstab-compatible
way. For systemd it means that it does not have to care about things
like "discard" or another swapon specific options.
swapon -o <options-from-fstab>
For backward compatibility the code cares about "Priority:" swap unit
field (for a case when Priority: is set, but pri= in the Options: is
missing).
References: http://lists.freedesktop.org/archives/systemd-devel/2014-October/023576.html
|
|
http://lists.freedesktop.org/archives/systemd-devel/2015-May/032100.html
|
|
|
|
restarts
|
|
|
|
|
|
|
|
http://lists.freedesktop.org/archives/systemd-devel/2015-May/032025.html
|
|
try-restart
Previously, if a service A depended on a service B via Requires=, and A
was not running and B restarted this would trigger a start of A as well,
since the restart was propagated as restart independently of the state
of A.
This patch ensures that a restart of B would be propagated as a
try-restart to A, thus not changing its state if it isn't up.
http://lists.freedesktop.org/archives/systemd-devel/2015-May/032061.html
|
|
|
|
This reverts the primary effect of be7d9ff730cb88d7c6a869dd5c47754c78ceaef2.
After all Requisite= should be close to Requires=, without the one
exception that it doesn't pull in dependencies on start. However,
reverse deps on stop/restart should be treated the same way as for
Restart=, and this is already documented in the man page, hence stick to
it.
http://lists.freedesktop.org/archives/systemd-devel/2015-May/032049.html
|
|
http://lists.freedesktop.org/archives/systemd-devel/2015-May/032059.html
|
|
No distro ships that old systemd versions anyway, hence let's drop
support for live-upgrades for them. Offline updates are still supported.
And live-upgrades will only lose the job queue, hence basically still
work...
|
|
This extends on bea355dac94e82697aa98e25d80ee4248263bf92, and extends
the ratelimiter to not only be used for StopWhenUnneeded=1 units but
also for units that have BindsTo= on a unit that is dead.
http://lists.freedesktop.org/archives/systemd-devel/2015-April/030224.html
|
|
|
|
Otherwise we might end up in an endless stop loop.
http://lists.freedesktop.org/archives/systemd-devel/2015-April/030224.html
|
|
Fixes a regression introduced in be7d9ff730cb88d7c6a869dd5c47754c78ceaef2.
|
|
gone from *all* lines
Devices might be referenced by multiple mount points in
/proc/self/mountinfo, hence we should consider them unmounted only after
they disappeared from all lines, not just from one.
http://lists.freedesktop.org/archives/systemd-devel/2015-May/032026.html
|
|
Change device_found_node() to also create a .device unit if a device is not
known by udev; this is the case for "tentative" devices picked up by mountinfo
(DEVICE_FOUND_MOUNT). With that we can record the "found" attribute on the
unit.
Change device_setup_unit() to also accept a NULL udev_device, and don't
add the extra udev information in that case.
Previously device_found_node() would not create a .device unit, and
unit_add_node_link() would then create a "dead" stub one via
manager_load_unit(), so we lost the "found" attribute and unmounted everything
from that device.
https://launchpad.net/bugs/1444402
http://lists.freedesktop.org/archives/systemd-devel/2015-May/031658.html
|
