Age | Commit message (Collapse) | Author |
|
Otherwise it might be passed in as 0, which is a valid fd, but usually
does not refer to a real endpoint.
|
|
CID#1297436
|
|
|
|
|
|
Whenever systemd is re-executed, it tries to create a system bus via
kdbus. If the system did not have kdbus loaded during bootup, but the
module is loaded later on manually, this will cause two system buses
running (kdbus and dbus-daemon in parallel).
This patch makes sure we never try to create kdbus buses if it wasn't
explicitly requested on the command-line.
|
|
from unit names
Let's better be safe then sorry.
|
|
|
|
A variety of changes:
- Make sure all our calls distuingish OOM from other errors if OOM is
not the only error possible.
- Be much stricter when parsing escaped paths, do not accept trailing or
leading escaped slashes.
- Change unit validation to take a bit mask for allowing plain names,
instance names or template names or an combination thereof.
- Refuse manipulating invalid unit name
|
|
Do not calculate the cgroup path manually, just use normal unit fields
and calls for that.
|
|
Introduce a new call unit_type_supported() and make use of it
everywhere.
Also, drop Manager parameter from per-type supported method prototype.
|
|
As perparation for future incompatible kdbus kernel API changes.
|
|
These looked like a mass-replace gone slightly wrong – two statements
with no { }'s, and no error checking.
|
|
|
|
After all it can be derived from the message directly, and already is.
|
|
If NULL is specified for the bus it is now automatically derived from
the passed in message.
This commit also changes a number of invocations of sd_bus_send() to
make use of this.
|
|
This should simplify the prototype a bit. The bus parameter is redundant
in most cases, and in the few where it matters it can be derived from
the message via sd_bus_message_get_bus().
|
|
|
|
|
|
status set membership
|
|
|
|
src/core/unit.c: In function 'unit_coldplug':
src/core/unit.c:2884:18: warning: unused variable 'i' [-Wunused-variable]
Iterator i;
^
src/core/unit.c:2883:15: warning: unused variable 'other' [-Wunused-variable]
Unit *other;
^
|
|
Also, place the scope unit in failed state.
|
|
This is yet another attempt to fix coldplugging order (more especially,
the problem which happens when one creates a job during coldplugging and
it references a not-yet-coldplugged unit).
Now we forcibly coldplug all units which participate in jobs. This
is a superset of previously implemented handling of the UNIT_TRIGGERS
dependencies, so that handling is removed.
http://lists.freedesktop.org/archives/systemd-devel/2015-April/031212.html
https://bugs.freedesktop.org/show_bug.cgi?id=88401 (once again)
|
|
|
|
http://lists.freedesktop.org/archives/systemd-devel/2015-April/031187.html
|
|
It's better to continue as good as we can, than to totally fail. Hence,
let's log about the failure and continue.
|
|
Let's make sure that we don't enqueue triggering jobs for units before
those units are actually fully loaded.
http://lists.freedesktop.org/archives/systemd-devel/2015-April/031176.html
https://bugs.freedesktop.org/show_bug.cgi?id=88401
|
|
Fixes:
CC src/core/libsystemd_core_la-device.lo
src/core/device.c: In function 'device_serialize':
src/core/device.c:169:1: warning: control reaches end of non-void function [-Wreturn-type]
}
^
|
|
This reverts commit 6e392c9c45643d106673c6643ac8bf4e65da13c1.
We really shouldn't invent external state keeping hashmaps, if we can
keep this state in the units themselves.
|
|
This reworks how we enter tentative state and does so only when a device
was previously not announced via udev. The previous check actually just
checked whether a new state bit was set, which is not correct.
Also, to be able to reliably maintain the tentative state across daemon
reloads, we need to serialize and deserialize it.
|
|
|
|
As reported my Maciej Wereski:
http://lists.freedesktop.org/archives/systemd-devel/2015-February/028320.html
|
|
http://lists.freedesktop.org/archives/systemd-devel/2015-April/031094.html
|
|
So far we authenticate direct connections primarily at connection time,
but let's also do this for each method individually, by attaching the
creds we need for that right away.
|
|
The module is currently no auto-loadable (and this is unlikely to change
anytime soon, given it's API is via getsockopt/setsockopt). It is needed
by networkd and nspawn currently.
Users who really don't like the module to be loaded have the option to
blacklist it still, or not compile it at all. But for all others this
should make things work out-of-the-box.
|
|
|
|
The original idea of systemd.pc was to contain arch-independent system
and systemd information. By exposing libdir as part of the fields (added
in eb39a6239c631873db62f6a942e6cb3dab0a2db4), it started to carry
arch-dependent data, thus breaking multilib systems. It was then moved
to pkgconfiglibdir to deal with this (in
aec432c6134146e138124c4130be2ee89dca07fa), but actually the right
approach is to simply not include libdir in the .pc file at all.
THis patch hence more or less reverts both commits again, and moves the
.pc file back into pkgconfigdatadir.
As alternative for querying the systems primary libdir there's now
"systemd-path system-library-arch", hence a more correct alternative
exists for querying this variable from the .pc file.
|
|
|
|
|
|
|
|
If there's no remaining process to kill, skip the SIGKILL states if
SIGKILL is disabled.
Effectively this doesn't change much since if there's nothing to kill
with SIGTERM or SIGABRT then there's also nothing to kill with SIGKILL.
However, this avoids confusion with the state engine jumping through
SIGKILL states for no reason...
|
|
|
|
|
|
|
|
|
|
Also, when we do permissions checks using creds, verify that we don't do
so based on augmented creds, as extra safety check.
|
|
The key was parsed properly, but the warning was still generated.
|
|
When selinux calls our callback with a log message, it specifies the
type as AVC or INFO/WARNING/ERROR. The question is how to map this to
audit types and/or log priorities. SELINUX_AVC maps to AUDIT_USER_AVC
reasonably, but for the other messages we have no idea, hence we use
AUDIT_USER_AVC for everything. When not using audit logging, we can
map those selinux levels to LOG_INFO/WARNING/ERROR etc.
Also update comment which was not valid anymore in light of journald
sucking in audit logs, and was actually wrong from the beginning —
libselinux uses the callback for everything, not just avcs.
This stemmed out of https://bugzilla.redhat.com/show_bug.cgi?id=1195330,
but does not solve it.
|
|
|
|
|