| Age | Commit message (Collapse) | Author |
|---|
|
Previous code would only return correct results when discard
was the last option.
While at it, avoid incorrect behaviour for (invalid) 'pri' option
not followed by '=...', and also do not return -1 as the error code.
|
|
Process possible "discard" values from /etc/fstab.
|
|
This adds --disable-utmp option to configure. If it is used, all
utmp-related functionality, including querying runlevel support,
is removed.
|
|
|
|
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.
Implementation of label_get_child_mls_label derived from xinetd.
Reviewed-by: Paul Moore <pmoore@redhat.com>
|
|
Gcc is spewing some warnings about uninitialized variables.
Let's get rid of the noise.
|
|
|
|
Second error path must free the (potentially) allocated memory in the
first code chunk before returning.
Found by coverity. Fixes: CID#1237750
|
|
It is redundant to store 'hash' and 'compare' function pointers in
struct Hashmap separately. The functions always comprise a pair.
Store a single pointer to struct hash_ops instead.
systemd keeps hundreds of hashmaps, so this saves a little bit of
memory.
|
|
|
|
Found with Coverity. Fixes: CID#996438
|
|
The line under the last switch statement *loaded_policy = true;
would never be executed. As all switch cases return 0. Thus the
policy would never be marked as loaded.
Found with Coverity. Fixes: CID#1237785
|
|
Close the dir instead of attempt to free it.
Introduced in 874310b7b68c4c0d36ff07397db30a959bb7dae5
Found with coverity. Fixes: CID#996368
|
|
Mark two function parameters as const
|
|
|
|
If BusPolicy= was passed, the parser function will have created
an ExecContext->bus_endpoint object, along with policy information.
In that case, create a kdbus endpoint, and pass its path name to the
namespace logic, to it will be mounted over the actual 'bus' node.
At endpoint creation time, no policy is updloaded. That is done after
fork(), through a separate call. This is necessary because we don't
know the real uid of the process earlier than that.
|
|
If a path to a previously created custom kdbus endpoint is passed in,
bind-mount a new devtmpfs that contains a 'bus' node, which in turn in
bind-mounted with the custom endpoint. This tmpfs then mounted over the
kdbus subtree that refers to the current bus.
This way, we can fake the bus node in order to lock down services with
a kdbus custom endpoint policy.
|
|
Add a new directive called BusPolicy to define custom endpoint policies. If
one such directive is given, an endpoint object in the service's ExecContext is
created and the given policy is added to it.
|
|
Add types to describe endpoints and associated policy entries,
and add a BusEndpoint instace to ExecContext.
|
|
In order to re-use the policy definitions, factor them out into their own
files.
|
|
This factors out one conditional branch that has grown way too big, and
makes the code more readable by using return statements rather than jump
labels.
|
|
This way, the list of arguments to that function gets more comprehensive,
and we can get around passing lots of NULL and 0 arguments from socket.c,
swap.c and mount.c.
It also allows for splitting up the code in exec_spawn().
While at it, make ExecContext const in execute.c.
|
|
Fixup for v208-615-g718db96199.
|
|
The fact that unit names have to be quoted can be a bit surprising.
Show quotes in the hint commandline, but only after checking that this
is necessary, since quotes are visually heavy and usually not needed.
https://bugs.freedesktop.org/show_bug.cgi?id=82832
|
|
|
|
|
|
removes code duplication
also move switch-root to shared
|
|
|
|
We'll stay in "initializing" until basic.target has reached, at which
point we will enter "starting".
This is preparation so that we can change the startip timeout to only
apply to the first phase of startup, not the full procedure.
|
|
Also, change the default action on a system start-up timeout to powering off.
|
|
|
|
When this system-wide start-up timeout is hit we execute one of the
failure actions already implemented for services that fail.
This should not only be useful on embedded devices, but also on laptops
which have the power-button reachable when the lid is closed. This
devices, when in a backpack might get powered on by accident due to the
easily reachable power button. We want to make sure that the system
turns itself off if it starts up due this after a while.
When the system manages to fully start-up logind will suspend the
machine by default if the lid is closed. However, in some cases we don't
even get as far as logind, and the boot hangs much earlier, for example
because we ask for a LUKS password that nobody ever enters.
Yeah, this is a real-life problem on my Yoga 13, which has one of those
easily accessible power buttons, even if the device is closed.
|
|
This is useful for services that simply want to run something on
shutdown, but not at bootup. They should only set ExecStop= but leave
ExecStart= unset.
|
|
|
|
time differently
|
|
|
|
and STOPPING=1 sd_notify() messages
|
|
the same units
|
|
|
|
Unlike strv_find_prefix() the new call will return a pointer to the
suffix of the item we found, instead of the whole item. This is more
closer inline with what startswith() does, and allows us to simplify a
couple of invocations.
|
|
|
|
|
|
need to duplicate that
|
|
|
|
operate on a root directory that's not /
This should make sure no UUID from the host systemd-machine-id-setup is
running on leaks onto a disk image that is provisioned with the tool.
|
|
|
|
|
|
|
|
This is what we have done so far for all other time values, and hence we
should do this here. This indicates the default unit of time values
specified here, if they don't contain a unit.
|
|
This reverts commit cf8bd44339b00330fdbc91041d6731ba8aba9fec.
Needs more discussion on the mailing list.
|
