| Age | Commit message (Collapse) | Author |
|---|
|
|
|
When we try to send a signal on a connection we didn't hae the time to
process the Disconnected message yet, don't generate multiple warning
messages, but only a single debug message.
https://bugs.freedesktop.org/show_bug.cgi?id=75874
|
|
Since the index is already post-incremented when the array is appended
to, this assertion can be wrongly reached when the array is at capacity
(with the NULL terminator). The bug is reproducible on shutdown with
the following settings in /etc/systemd/system.conf:
LogTarget=journal-or-kmsg
LogColor=yes
LogLocation=yes
Reported by Thermi on IRC.
|
|
Bring some arrays that are used for DEFINE_STRING_TABLE_LOOKUP() in the
same order than the enums they reference.
Also, pass the corresponding _MAX value to the array initalizer where
appropriate.
|
|
Activator connections may upload policy when registering to the bus.
This patch contains code to translate between BusNamePolicy objects and
the kdbus specific items.
|
|
There are three directives to specify bus name polices in .busname
files:
* AllowUser [username] [access]
* AllowGroup [groupname] [access]
* AllowWorld [access]
Where [access] is one of
* 'see': The user/group/world is allowed to see a name on the bus
* 'talk': The user/group/world is allowed to talk to a name
* 'own': The user/group/world is allowed to own a name
There is no user added yet in this commit.
|
|
|
|
When the manager receives a SIGUSR2 signal, it opens a memory stream
with open_memstream(), uses the returned file handle for logging, and
dumps the logged content with log_dump().
However, the char* buffer is only safe to use after the file handle has
been flushed with fflush, as the man pages states:
When the stream is closed (fclose(3)) or flushed (fflush(3)), the
locations pointed to by ptr and sizeloc are updated to contain,
respectively, a pointer to the buffer and the current size of the
buffer.
These values remain valid only as long as the caller performs no
further output on the stream. If further output is performed, then the
stream must again be flushed before trying to access these variables.
Without that call, dump remains NULL and the daemon crashes in
log_dump().
|
|
When a busname unit enters BUSNAME_FAILURE_SERVICE_FAILED_PERMANENT, the
serialization will not be able to look up the result as string via
busname_result_to_string(). This leads to an assertion trap during
daemon-reexec.
|
|
When run in an initrd and no root= argument is set (or is set to
root=gpt-auto) we will automatically look for the root partition on the
same disk the EFI ESP is located on.
Since we look for swap, /home and /srv on the disk the root partition is
located on, we hence have a fully discoverable chain:
Firmware discovers the EFI ESP partition → the initrd discovers the
root partition → the host OS discovers swap, /home, and /srv.
Note that this requires an EFI boot loader that sets the
LoaderDevicePartUUID EFI variable, such as Gummiboot.
|
|
|
|
Already split variable assignments before invoking the callback. And
drop "rd." settings if we are not in an initrd.
|
|
|
|
|
|
|
|
already explicitly set
|
|
|
|
define for the max number of rlimits, too
|
|
portable value (uint64_t) -1
|
|
Inexplicably, 550a40ec ('core: do not print invalid utf-8 in error
messages') only fixed two paths. Convert all of them now.
|
|
This mirrors set_consume and makes the common use a bit nicer.
|
|
object
|
|
|
|
load-fragment.c
The parse code actually checked for specific lvalue names, which is
really wrong for supposedly generic parsers...
|
|
Let's keep specific config parsers close to where they are needed. Only
the really generic ones should be defined in conf-parser.[ch].
|
|
Let's make the scope of the show-status stuff a bit smaller, and make it
private to the core, rather than shared API in shared/.
|
|
"level" is a bit too generic, let's clarify what kind of level we are
referring to here.
|
|
As discussed on the ML these are useful to manage runtime directories
below /run for services.
|
|
|
|
allocate a thread
|
|
This is primarily useful for services that need to track clients which
reference certain objects they maintain, or which explicitly want to
subscribe to certain events. Something like this is done in a large
number of services, and not trivial to do. Hence, let's unify this at
one place.
This also ports over PID 1 to use this to ensure that subscriptions to
job and manager events are correctly tracked. As a side-effect this
makes sure we properly serialize and restore the track list across
daemon reexec/reload, which didn't work correctly before.
This also simplifies how we distribute messages to broadcast to the
direct busses: we only track subscriptions for the API bus and
implicitly assume that all direct busses are subscribed. This should be
a pretty OK simplification since clients connected via direct bus
connections are shortlived anyway.
|
|
|
|
|
|
|
|
|
|
This new unit settings allows restricting which address families are
available to processes. This is an effective way to minimize the attack
surface of services, by turning off entire network stacks for them.
This is based on seccomp, and does not work on x86-32, since seccomp
cannot filter socketcall() syscalls on that platform.
|
|
for us
|
|
As pointed-out by clang -Wunreachable-code.
No behaviour changes.
|
|
remotely
|
|
BlockIOAccounting= for all units at once
|
|
With loaded_policy set to true mount_setup() relabels /dev properly.
|
|
next_elapse_monotonic() should map to the "NextElapseUSecMonotonic"
property and next_elapse_realtime() to "NextElapseUSecRealtime" one.
This makes "systemctl list-timers" compute and show the correct times.
https://bugs.freedesktop.org/show_bug.cgi?id=75272
|
|
hence don't bother
|
|
|
|
We expose the control group of the units on the bus, so let's also
expose the root control group.
|
|
of the message
|
|
for sizes
According to Wikipedia it is customary to specify hardware metrics and
transfer speeds to the basis 1000 (SI decimal), while software metrics
and physical volatile memory (RAM) sizes to the basis 1024 (IEC binary).
So far we specified everything in IEC, let's fix that and be more
true to what's otherwise customary. Since we don't want to parse "Mi"
instead of "M" we document each time what the context used is.
|
|
particular devices nodes
|
|
|
|
This permit to switch to a specific apparmor profile when starting a daemon. This
will result in a non operation if apparmor is disabled.
It also add a new build requirement on libapparmor for using this feature.
|
