Age | Commit message (Collapse) | Author |
|
Mapping files as MAP_SHARED is handled by the kernel as 'writable'
mapping. Always! Even with PROT_READ. Reason for that is,
mprotect(PROT_WRITE) could change the mapping underneath and currently
there is no kernel infrastructure to add protection there. This might
change in the future, but until then, map sealed files as MAP_PRIVATE so
we don't get EPERM.
|
|
On systems without properly setup systemd, cg_get_root_path returns
-ENOENT. This means that busctl doesn't display much information.
busctl monitor also fails whenever it intercepts messages.
This fix fakes creates a fake "/" root cgroup which lets busctl work
on such systems.
|
|
|
|
First, let's drop the "bus" argument, we can determine it from the
message anyway.
Secondly, determine the right callback/userdata pair automatically from
what is currently is being dispatched. This should simplify things a lot
for us, since it makes it unnecessary to pass pointers through the
original handlers through all functions when we process messages, which
might require authentication.
|
|
|
|
Remove the sd_ prefix from internal functions and get rid of the sd_memfd
type. As a memfd is now just a native file descriptor, we can get rid of our
own wrapper type, and also use close() and dup() on them directly.
|
|
Unlike earlier versions, the syscall only takes 2 arguments in its
final version, not 3.
|
|
Don't expose generic kernel API via libsystemd, but keep the code internal
for our own usage.
|
|
|
|
|
|
|
|
|
|
|
|
This is a generalization of the vtable privilege check we already have,
but exported, and hence useful when preparing for a polkit change.
This will deal with the complexity that on dbus1 one cannot trust the
capability field we retrieve via the bus, since it is read via
/proc/$$/stat (and thus might be out-of-date) rather than directly from
the message (like on kdbus) or bus connection (as for uid creds on
dbus1).
Also, port over all code to this new API.
|
|
|
|
information
|
|
|
|
It's unneccessary, not used, and complicates callers of the
function.
|
|
makes ethernet addresses look funny
|
|
For now this only exposes the domain name (DHCP Option 15), and not
the search string (DHCP Option 119), which will be implemented in
a follow-up patch.
|
|
This is not certain to be likely.
Lennart says: a frequent usecase is invoking some function regularly in intervals
in such a case every single iteration we'll have to rearm
|
|
Rather than recalculating the next timeout on every loop, we only do it when something changed.
|
|
Suggested by Kay and Lennart.
|
|
The link is the 'object', so make this in line with our usual naming convention.
Suggested by Kay and Lennart.
|
|
i is being used incorrectly. It is used to refer to the number of
indexes calculated so far (out of k). However, it is also incremented
when a new hash key is being used. This means that the results are
inconsistent with the desired behavior described in PORTING-DBUS1
document.
The expected result is that for the default values of m and k (512, 8)
the 1st hash key should produce 4 indexes. The second hash key is used
for the next 4 and overall 8 indexes into m are calculated.
The current behavior results in 6 indexes being calculated, 4 coming
from hash key 1 and 2 others from hash key 5.
|
|
This is the state when we are waiting for udev to initialize the device, and waiting for
libudev and rtnl to be in sync. In the future we probably will also be waiting for nl80211.
At this point we do not yet have enough information to know whether or not networkd should
be handling the device.
|
|
rather than number of queries currently referenced
This way a query that blocks for a longer time, and whose reference has
been dropped won't block subsequent lookups from finishing.
|
|
|
|
|
|
The source file got much too large, hence split up the sources into
multiple per-object files, similar in style to resolved.
|
|
Also, output the collected information in "networkctl".
|
|
In contrast to the DHCP/IPv4LL/ICMP6 APIs sd-network is not a protocol
implementation but a client API for networkd, hence move it into
libsystemd proper.
|
|
In the long run this should become a full fledged client to networkd
(but not before networkd learns bus support). For now, just pull
interesting data out of networkd, udev, and rtnl and present it to the
user, in a simple but useful output.
|
|
|
|
Since b5eca3a2059f9399d1dc52cbcf9698674c4b1cf0 we don't attempt to GC
busses anymore when unsent messages remain that keep their reference,
when they otherwise are not referenced anymore. This means that if we
explicitly want connections to go away, we need to close them.
With this change we will no do so explicitly wherver we connect to the
bus from a main program (and thus know when the bus connection should go
away), or when we create a private bus connection, that really should go
away after our use.
This fixes connection leaks in the NSS and PAM modules.
|
|
getopt is usually good at printing out a nice error message when
commandline options are invalid. It distinguishes between an unknown
option and a known option with a missing arg. It is better to let it
do its job and not use opterr=0 unless we actually want to suppress
messages. So remove opterr=0 in the few places where it wasn't really
useful.
When an error in options is encountered, we should not print a lengthy
help() and overwhelm the user, when we know precisely what is wrong
with the commandline. In addition, since help() prints to stdout, it
should not be used except when requested with -h or --help.
Also, simplify things here and there.
|
|
|
|
In practice this shouldn't make much difference, but
sometimes our headers might be newer, and we want to
test them.
|
|
String which ended in an unfinished quote were accepted, potentially
with bad memory accesses.
Reject anything which ends in a unfished quote, or contains
non-whitespace characters right after the closing quote.
_FOREACH_WORD now returns the invalid character in *state. But this return
value is not checked anywhere yet.
Also, make 'word' and 'state' variables const pointers, and rename 'w'
to 'word' in various places. Things are easier to read if the same name
is used consistently.
mbiebl_> am I correct that something like this doesn't work
mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-passwd "Unlock EncFS"'
mbiebl_> systemd seems to strip of the quotes
mbiebl_> systemctl status shows
mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-password Unlock EncFS $RootDir $MountPoint
mbiebl_> which is pretty weird
|
|
|
|
This makes it easier to debug what is going on.
|
|
This requires a very recent kernel (3.15), so care should be taken
when using this functionality.
|
|
All routes added by networkd are currently set RTPROT_BOOT, which according
to the kernel means "Route installed during boot" (rtnetlink.h). But this
is not always the case as networkd changes routing after boot too. Since
the kernel gives more detailed protocols, use them.
With this patch, user-configured static routes now use RTPROT_STATIC (which
they are) and DHCP routes use RTPROT_DHCP. There is no define for IPv4LL
yet, so those are installed as RTPROT_STATIC (though perhaps RTPROT_RA is
better?).
[tomegun: fixup
src/network/networkd-link.c:972:33: error: too few arguments to function 'route_new_dynamic']
|
|
|
|
Let's settle on a single type for all address family values, even if
UNIX is very inconsitent on the precise type otherwise. Given that
socket() is the primary entrypoint for the sockets API, and that uses
"int", and "int" is relatively simple and generic, we settle on "int"
for this.
|
|
|
|
So far both "indexes" and "indices" was used. Let's clean this up, and
stick to indices, since it appears to be used more frequently.
|
|
One missing string found.
A few things had to be moved around to make it possible to test them.
|
|
event source to work
|
|
A call to sd_event_source_set_io_events() skipps calling into the kernel
if the new event-mask matches the old one. This is safe for
level-triggered sources as the kernel moves them onto the ready-list
automatically if events change. However, edge-triggered sources might not
be on the ready-list even though events are present.
A call to sd_event_source_set_io_events() with EPOLLET set might thus be
used to just move the io-source onto the ready-list so the next poll
will return it again. This is very useful to avoid starvation in
priority-based event queues.
Imagine a read() loop on an edge-triggered fd. If we cannot read data fast
enough to drain the receive queue, we might decide to skip reading for now
and schedule it for later. On edge-triggered io-sources we have to make
sure it's put on the ready-list so the next dispatch-round will return it
again if it's still the highest priority task. We could make sd-event
handle edge-triggered sources directly and allow marking them ready again.
However, it's much simpler to let the kernel do that for now via
EPOLL_CTL_MOD.
|