| Age | Commit message (Collapse) | Author |
|---|
|
When dbus.socket is updated like this:
-ListenStream=/var/run/dbus/system_bus_socket
+ListenStream=/run/dbus/system_bus_socket
... and daemon-reload is performed, bad things happen.
During deserialization systemd does not recognize that the two paths
refer to the same named socket and replaces the socket file with a new
one. As a result, applications hang when they try talking to dbus.
Fix this by finding a match not only when the path names are equal, but
also when they point to the same inode.
In socket_address_equal() it is necessary to move the address size
comparison into the abstract sockets branch. For path name sockets the
comparison must not be done and for other families it is redundant
(their sizes are constant and checked by socket_address_verify()).
FIFOs and special files can also have multiple pathnames, so compare the
inodes for them as well. Note that previously the pathname checks used
streq_ptr(), but the paths cannot be NULL.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186018
|
|
With this change runlevel 2, 3, 4 are mapped to multi-user.target for
good, and 5 to graphical.target. This was already the previous mapping
but is now no longer reconfigurable, but hard-coded into the core.
This should generally simplify things, but also fix one bug: the
sysv-generator previously generated symlinks to runlevel[2-5].target
units, which possibly weren't picked up if these aliases were otherwise
only referenced by the real names "multi-user.target" and
"graphical.target".
We keep compat aliases "runlevel[2345].target" arround for cases where
this target name is explicitly requested.
|
|
- Always issue selinux access check as early as possible, and PK check
as late as possible.
- Introduce a new policykit action for altering environment
- Open most remaining bus calls to unprivileged clients via PK
|
|
Also, allow clients to alter their own objects without any further
priviliges. i.e. this allows clients to kill and lock their own sessions
without involving PK.
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1192726
|
|
include-what-you-use automatically does this and it makes finding
unnecessary harder to spot. The only content of poll.h is a include
of sys/poll.h so should be harmless.
|
|
This fixes various issues found by globally reordering the include
sections of all .c files.
|
|
|
|
Better safe than sorry, if drivers are stupid, and reset immediately on
device closing if the timeout could not be initialized.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=777735
|
|
Otherwise we cannot even invoke systemd-exit.service anymore, thus not
even exit.
https://bugs.freedesktop.org/show_bug.cgi?id=83100
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=759320
|
|
If a service has an ExecStop= program that uses the socket the service was
activated by to tell it to terminate, then that should not be used as
trigger to start the service again.
http://lists.freedesktop.org/archives/systemd-devel/2015-February/028058.html
|
|
The log message talks specifically about services, though it actually
applies to any kind of unit.
|
|
execute.c only uses basename (the GNU version in <string.h>)
|
|
|
|
quiet should really just have an effect on the stuff we dump on the
console, not what we log elsewhere.
Hence:
debug on kernel cmdline → interpreted by every tool, turns up
log levels to "debug" everywhere.
quiet on kernel cmdline → interpreted only by PID 1 (and
obviously the kernel) no alteration of the max log level, but
turns off status output.
http://lists.freedesktop.org/archives/systemd-devel/2014-December/026271.html
|
|
|
|
Add the missing "static" to actually make this a cache.
|
|
|
|
|
|
missing.h
|
|
After all it is now much more like strjoin() than strappend(). At the
same time, add support for NULL sentinels, even if they are normally not
necessary.
|
|
This was broken when the code was rearranged in "1e2fd62d70ff
core/load-fragment.c: correct argument sign and split up long lines"
|
|
If we scale our buffer to be wide enough for the format string, we
should expect that the calculation was correct.
char_array_0() invocations are removed, since snprintf nul-terminates
the output in any case.
A similar wrapper is used for strftime calls, but only in timedatectl.c.
|
|
https://github.com/docker/docker/issues/10280
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=88284
|
|
This reverts commit df6e44c4affced590b0d19c594d9301ffd436591.
systemd --version segfaults.
Starting program: /usr/lib/systemd/systemd --version
Missing separate debuginfos, use: debuginfo-install systemd-216-16.fc21.x86_64
[Thread debugging using libthread_db enabled]
Using host libthread_db library "/lib64/libthread_db.so.1".
systemd 218
+PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN
Program received signal SIGSEGV, Segmentation fault.
0x000055555557c9be in main (argc=2, argv=0x7fffffffe4d8) at src/core/main.c:1832
1832 arg_shutdown_watchdog = m->shutdown_watchdog;
(gdb) bt
(gdb) bt full
m = 0x0
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=88284
|
|
Add unit dependencies for dynamic (i. e. not from fstab) mounts. With that,
mount units properly bind to their underlying device, and thus get
automatically stopped/unmounted when the underlying device goes away.
This cleans up stale mounts from unplugged devices.
Thanks to Lennart Poettering for pointing out the fix!
|
|
changing unit state
Unit _start() and _stop() implementations can fail with -EAGAIN to delay
execution temporarily. Thus, we should not output status messages before
invoking these calls, but after, and only when we know that the
invocation actually made a change.
|
|
|
|
on the console too
|
|
This should be useful for cases where clean rebooting doesn't work, and
the user wants to hurry up the reboot.
|
|
dispatch one of them at a time
If two start jobs for two seperate .swap device nodes are queued, which
then turns out to be referring to the same device node, refuse
dispatching more than one of them at the same time.
This should solve an issue when the same swap partition is found via GPT
auto-discovery and via /etc/fstab, where one uses a symlink path, and
the other the raw devce node. So far we might have ended up invoking
mkswap on the same node at the very same time with the two device node
names.
With this change only one mkswap should be executed at a time. THis
mkswap should have immediate effect on the other swap unit, due to the
state in /proc/swaps changing, and thus suppressing actual invocation of
the second mkswap.
http://lists.freedesktop.org/archives/systemd-devel/2015-January/027314.html
|
|
|
|
|
|
http://lists.freedesktop.org/archives/systemd-devel/2015-January/027428.html
|
|
|
|
Current systemd requires kernel >= 3.7 per the README file
but CONFIG_USB_DEVICEFS disappeared from the kernel in
upstream commit fb28d58b72aa9215b26f1d5478462af394a4d253
(kernel 3.5-rc1)
|
|
/dev when shutting down
After all, mounts below these directories are pretty much guaranteed to
be virtual, and it's hence unnecessary to unmount them during shutdown.
Moreover, in less-priviliged containers we might lack the rights to
unmount them, hence don't even try.
http://lists.freedesktop.org/archives/systemd-devel/2015-January/027113.html
|
|
them anymore
|
|
This is exposed the memory.usage_in_bytes cgroup property on the bus,
and makes "systemctl status" show it in its default output.
|
|
With this change the pull protocol implementation processes will pass
progress data to importd which then passes this information on via the
bus. We use sd_notify() as generic transport for this communication,
making importd listen to them, while matching the incoming messages to
the right transfer.
|
|
|
|
Types used for pids and uids in various interfaces are unpredictable.
Too bad.
|
|
|
|
|
|
The kernel module system is not namespaced, so no container should ever
modify global options. Make sure we set the kdbus attach_flags_mask only
on a real boot as PID1.
|
|
Whenever a process performs an action on an object, the kernel uses the
EUID of the process to do permission checks and to apply on any newly
created objects. The UID of a process is only used if someone *ELSE* acts
on the process. That is, the UID of a process defines who owns the
process, the EUID defines what privileges are used by this process when
performing an action.
Process limits, on the other hand, are always applied to the real UID, not
the effective UID. This is, because a process has a user object linked,
which always corresponds to its UID. A process never has a user object
linked for its EUID. Thus, accounting (and limits) is always done on the
real UID.
This commit fixes all sd-bus users to use the EUID when performing
privilege checks and alike. Furthermore, it fixes unix-creds to be parsed
as EUID, not UID (as the kernel always takes the EUID on UDS). Anyone
using UID (eg., to do user-accounting) has to fall back to the EUID as UDS
does not transmit the UID.
|
|
|
|
Commit 3bd5c3 added a check for EACCES, but missed the minus sign.
|
