summaryrefslogtreecommitdiff
path: root/src/libsystemd
AgeCommit message (Collapse)Author
2015-09-16sd-bus: correct size calculation in DBus fd receiveMichal Schmidt
The size of the allocated array for received file descriptors was incorrectly calculated. This did not matter when a single file descriptor was received, but for more descriptors the allocation was insufficient.
2015-09-16basic: nicer assert messagesMichal Schmidt
Make sure the assert expression is not macro-expanded before stringification. This makes several assertion failure messages more readable. As an example: assert(streq("foo", "bar")); I'd rather see this: Assertion 'streq("foo", "bar")' failed at foo.c:5, function main(). Aborting. ...than this, though awesome, incomprehensible truncated mess: Assertion '(__extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p (( "foo")) && __builtin_constant_p (("bar")) && (__s1_len = strlen (("foo")), __s2_ len = strlen (("bar")), (!((size_t)(const void *)((("foo")) + 1) - (size_t)(cons t void *)(("foo")) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((("bar") ) + 1) - (size_t)(const void *)(("bar")) == 1) || __s2_len >= 4)) ? __builtin_st rcmp (("foo"), ("bar")) : (__builtin_constant_p (("foo")) && ((size_t)(const voi d *)((("foo")) + 1) - (size_t)(const void *)(("foo")) == 1) && (__s1_len = strle n (("foo")), __s1_len < 4) ? (__builtin_constant_p (("bar")) && ((size_t)(const void *)((("bar")) + 1) - (size_t)(const void *)(("bar")) == 1) ? __builtin_strcm p (("foo"), ("bar")) : (__extension__ ({ const unsigned char *__s2 = (const unsi gned char *) (const char *) (("bar")); int __result = (((const unsigned char *) (const char *) (("foo")))[0] - __s2[0]); if (__s1_len > 0 && __result == 0) { __ result = (((const unsigned char *) (const char *) (("foo")))[1] - __s2[1]); if ( __s1_len > 1 && __result == 0) { __result = (((const unsigned char *) (const cha r *) (("foo")))[2] - __s2[2]); if (__s1_len > 2 && __result == 0) __result = ((( const unsigned char *) (const char *) (("foo")))[3] - __s2[3]); } } __result; }) )) : (__builtin_constant_p (("bar")) && ((size_t)(const void *)((("bar")) + 1) - (size_t)(const void *)(("bar")) == 1) && (__s2_len = strlen (("bar")), __s2_len < 4) ? (__builtin_constant_p (("foo")) && ((size_t)(const void *)((("foo")) + 1 ) - (size_t)(const void *)(("foo")) == 1) ? __builtin_strcmp (("foo"), ("bar")) : (- (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (cons t char *) (("foo")); int __result = (((const unsigned char *) (const char *) ((" bar")))[0] - __s2[0]); if (__s2_len > 0 && __result == 0) { __result = (((const unsigned char *) (const char *) (("bar")))[1] - __s2[1]); if (__s2_len > 1 && __ result == 0) { __result = (((const unsigned char *) (const char *) (("bar")))[2] - __s2[2]); if (__s2_len > 2 && __result == 0)
2015-09-10tree-wide: never use the off_t unless glibc makes us use itLennart Poettering
off_t is a really weird type as it is usually 64bit these days (at least in sane programs), but could theoretically be 32bit. We don't support off_t as 32bit builds though, but still constantly deal with safely converting from off_t to other types and back for no point. Hence, never use the type anymore. Always use uint64_t instead. This has various benefits, including that we can expose these values directly as D-Bus properties, and also that the values parse the same in all cases.
2015-09-09tree-wide: make use of the fact that strv_free() returns NULLLennart Poettering
Another Coccinelle patch.
2015-09-09Merge pull request #1218 from poettering/safe-fcloseDaniel Mack
util: introduce safe_fclose() and port everything over to it
2015-09-09util: introduce safe_fclose() and port everything over to itLennart Poettering
Adds a coccinelle script to port things over automatically.
2015-09-09Merge pull request #1216 from poettering/coccinelle-fixes-2Daniel Mack
Coccinelle fixes 2
2015-09-09tree-wide: update empty-if coccinelle script to cover empty-while and moreLennart Poettering
Let's also clean up single-line while and for blocks.
2015-09-09sd-bus: drop weird empty linesDavid Herrmann
We should never put empty lines between `if` and `else if`, unless we use braces.
2015-09-09sd_pid_notify_with_fds: fix computing msg_controllenMaciej Wereski
CMSG_SPACE(0) may return value other than 0. This caused sendmsg to fail with EINVAL, when have_pid or n_fds was 0.
2015-09-09tree-wide: drop {} from one-line if blocksLennart Poettering
Patch via coccinelle.
2015-09-09tree-wide: use coccinelle to patch a lot of code to use mfree()Lennart Poettering
This replaces this: free(p); p = NULL; by this: p = mfree(p); Change generated using coccinelle. Semantic patch is added to the sources.
2015-09-08sd-login: fix sd_seat_get_active() to return ENODATAsystemd/v226David Herrmann
This seems to be an oversight from: 707b66c66381c899d7ef640e158ffdd5bcff4deb We have to return ENODATA instead of ENOENT if a requested entry is non-present. Also fix the call-site in udev to check for these errors.
2015-09-07sd-bus: when connecting to a container AF_UNIX bus, return errorLennart Poettering
When forking of a child process for connecting to a container, pass the preicse connection error to the calling process. We already did this correctly for kdbus busses, let's do so for dbus1 busses, too.
2015-09-07sd-event: make sure to create a signal queue for the right signalLennart Poettering
We should never access the "signal" part of the event source unless the event source is actually for a signal. In this case it's a child pid handler however, hence make sure to use the right signal. This is a fix for PR #1177, which in turn was a fix for 9da4cb2be260ed123f2676cb85cb350c527b1492.
2015-09-06sd-event: fix call to event_make_signal_dataThomas Hindoe Paaboel Andersen
This looks like a typo from commit 9da4cb2b where it was added.
2015-09-06Merge pull request #1162 from dvdhrm/bus-recursive-nodesLennart Poettering
sd-bus: make introspection data non-recursive
2015-09-05sd-bus: make introspection data non-recursiveDavid Herrmann
Currently, our introspection data looks like this: <node> <interface name="org.freedesktop.DBus.Peer"> ... </interface> <interface name="org.freedesktop.DBus.Introspectable"> ... </interface> <interface name="org.freedesktop.DBus.Properties"> ... </interface> <node name="org"/> <node name="org/freedesktop"/> <node name="org/freedesktop/login1"/> <node name="org/freedesktop/login1/user"/> <node name="org/freedesktop/login1/user/self"/> <node name="org/freedesktop/login1/user/_1000"/> <node name="org/freedesktop/login1/seat"/> <node name="org/freedesktop/login1/seat/self"/> <node name="org/freedesktop/login1/seat/seat0"/> <node name="org/freedesktop/login1/session"/> <node name="org/freedesktop/login1/session/self"/> <node name="org/freedesktop/login1/session/c1"/> </node> (ordered alphabetically for better visibility) This is grossly incorrect. The spec says that we're allowed to return non-directed children, however, it does not allow us to return data recursively in multiple parents. If we return "org", then we must not return anything else that starts with "org/". It is unclear, whether we can include child-nodes as a tree. Moreover, it is usually not what the caller wants. Hence, this patch changes sd-bus to never return introspection data recursively. Instead, only a single child-layer is returned. This patch relies on enumerators to never return hierarchies. If someone registers an enumerator via sd_bus_add_enumerator, they better register sub-enumerators if they support *TRUE* hierarchies. Each enumerator is treated as a single layer and not filtered. Enumerators are still allowed to return nested data. However, that data is still required to be a single hierarchy. For instance, returning "/org/foo" and "/com/bar" is fine, but including "/com" or "/org" in that dataset is not. This should be the default for enumerators and I see no reason to filter in sd-bus. Moreover, filtering that data-set would require to sort the strv by path and then do prefix-filtering. This is O(n log n), which would be fine, but still better to avoid. Fixes #664.
2015-09-05sd-bus: derive uid from cgroup if possibleDavid Herrmann
Whenever we run in a user context, sd_bus_{default_user,open_user}() and friends should always connect to the user-bus of the current context, instead of deriving the uid from getuid(). This allows us running programs via sudo/su, without the nasty side-effect of accidentally connecting to the root user-bus. This patch enforces the idea of making su/sudo *not* opening sessions by default. That is, all they do is raising privileges, but keeping everything set as before. You can still use su/sudo to open real sessions by requesting a login-session (or loading pam_systemd otherwise). However, in this case XDG_RUNTIME_DIR= will not be set (as usual in these cases), hence, you will not be able to connect to *any* user-bus. Long story short: With this patch applied, both: - ./busctl --user - sudo ./busctl --user ..will successfully connect to the user-bus of the local user. Fixes #390.
2015-09-05Merge pull request #1140 from poettering/sd-event-signalsDavid Herrmann
A variety of sd-event, sd-login and cgroup fixes
2015-09-05sd-login: add new sd_pid_get_cgroup() APILennart Poettering
This adds a new sd_pid_get_cgroup() call to sd-login which may be used to query the control path of a process. This is useful for programs when making use of delegation units, in order to figure out which subtree has been delegated. In light of the unified control group hierarchy this is finally safe to do, hence let's add a proper API for it, to make it easier to use this.
2015-09-04tests: Skip tests which need to access /sys/fs/cgroup if that is not availableMartin Pitt
Commit efdb023 ("core: unified cgroup hierarchy support") introduced a new error ENOEXEC in cg_unified() if /sys/fs/cgroup/ is not available. Adjust the "skip" checks in various tests accordingly. Add a corresponding "skip" check to test-bus-creds as well, as sd_bus_creds_new_from_pid() now calls cg_unified() as well. This re-fixes "make check" in build chroots without /sys/fs/cgroup. https://github.com/systemd/systemd/issues/1132
2015-09-04sd-login: rework error handlingLennart Poettering
Makre sure we always return sensible errors for the various, following the same rules, and document them in a comment in sd-login.c. Also, update all relevant man pages accordingly.
2015-09-04sd-event: make sure RT signals are not droppedLennart Poettering
RT signals operate in a queue, and we should be careful to never merge two queued signals into one. Hence, makes sure we only ever dequeue a single signal at a time and leave the remaining ones queued in the signalfd. In order to implement correct priorities for the signals introduce one signalfd per priority, so that we only process the highest priority signal at a time.
2015-09-04audit: audit calls should return ENODATA when process are not in an audit ↵Lennart Poettering
session ENODATA is how we usually indicate such "missing info" cases, so we should do this here, too.
2015-09-04util: add new uid_is_valid() callLennart Poettering
This simply factors out the uid validation checks from parse_uid() and uses them everywhere. This simply verifies that the passed UID is neither 64bit -1 nor 32bit -1.
2015-09-01sd-bus: when connecting to a container, don't fall back to host busLennart Poettering
We should never connect to the host bus as fallback if connecting to a container failed via one method. Otherwise connecting to a dbus1 container will always result in a connection to the host.
2015-09-01sd-bus: when connecting to a kdbus container bus pass error upLennart Poettering
We rely on the correct error used when opening the kdbus device node, hence let's make sure we pass it up from the namespaced child process to the process which actually wants to connect.
2015-09-01sd-login: improve error handlingLennart Poettering
let's return ENXIO whenever we don't know something rather than ENOENT. ENOENT suggests this was really about a file or directory, while ENXIO is a more generic "not found" indicator.
2015-08-31sd-event: improve debug message when we fail to remove and fd from an epollLennart Poettering
Let's help users to debug issues with epoll fd removal by printing the name of the event source.
2015-08-30sd-bus: Fix incorrect cleanup attribute in bus_match_to_string()Cristian Rodríguez
Must be _cleanup_fclose_ not _cleanup_free_
2015-08-27Merge pull request #1057 from poettering/resolve-drop-res-queryTom Gundersen
sd-resolve: drop res_query() API
2015-08-27Merge pull request #1055 from poettering/dhcp-updatesTom Gundersen
Various networkd and dhcp updates
2015-08-27sd-resolve: drop res_query() APILennart Poettering
Querying low-level DNS RRs should be done via resolved now, not via glibc's awful res_query() API anymore. Let's not introduce an async wrapper for it hence.
2015-08-27tree-wide: we place the opening bracket on the same line as the function nameLennart Poettering
Let's do this everywhere the same way.
2015-08-27sd-bus: do not connect to dbus-1 socket when kdbus is availableDavid Herrmann
We should not fall back to dbus-1 and connect to the proxy when kdbus returns an error that indicates that kdbus is running but just does not accept new connections because of quota limits or something similar. Based on a patch by Kay.
2015-08-27Revert "sd-bus: do not connect to dbus-1 socket when kdbus is available"David Herrmann
This reverts commit d4d00020d6ad855d65d31020fefa5003e1bb477f. The idea of the commit is broken and needs to be reworked. We really cannot reduce the bus-addresses to a single address. We always will have systemd with native clients and legacy clients at the same time, so we also need both addresses at the same time.
2015-08-27sd-bus: rename bloom-tag to arg0-hasDavid Herrmann
We use dashes in our bloom-tags. Make sure the newly introduced arg0has tag uses the same style. Note that the external dbus-tags don't use dashes, though. They are defined in the spec and we need to keep compatibility there.
2015-08-27Merge pull request #1036 from poettering/sd-bus-arg0hasDavid Herrmann
sd-bus: introduce new match type "arg0has=" for matching arrays of st…
2015-08-27Merge pull request #1024 from poettering/sd-bus-explicitDavid Herrmann
sd-bus: introduce new SD_BUS_VTABLE_PROPERTY_EXPLICIT flag
2015-08-27sd-bus: it's not a user error to query the error contained in a bus messageLennart Poettering
It's an OK way to check whether a message contains an erro, let's not consider this a loggable assertion event.
2015-08-26dhcp,network: implement RFC 4833 (DHCP Timezone option)Lennart Poettering
This one is simply to add: encode the tzdata timezone in the DHCP options and optionally make use of it.
2015-08-25sd-bus: introduce new match type "arg0has=" for matching arrays of stringsLennart Poettering
Previously, sd-bus inofficially already supported bus matches that tested a string against an array of strings ("as"). This was done via an enhanced way to interpret "arg0=" matches. This is problematic however, since clients have no way to determine if their respective implementation understood strv matches or not, thus allowing invalid matches to be installed without a way to detect that. This patch changes the logic to only allow such matches with a new "arg0has=" syntax. This has the benefit that non-conforming implementations will return a parse error and a client application may thus efficiently detect support for the match type. Matches of this type are useful for "udev"-like systems that "tag" objects with a number of strings, and clients need to be able to match against any of these "tags". The name "has" takes inspiration from Python's ".has_key()" construct.
2015-08-25sd-bus: introduce new SD_BUS_VTABLE_PROPERTY_EXPLICIT flagLennart Poettering
This allows marking properties as "explicit". Properties marked like this are included in the introspection, but are avoided in GetAll() property queries, PropertiesChanged() signals and in in GetManaged() object manager calls and InterfacesAdded() signals. Expensive properties may be marked that way, and they will be retrievable when explicitly being requested, but never in "blanket" all-property queries and signals. This flag may be combined with the flags for "const" and "emit-validation" properties, but not with "emit-validation", as that is only useful for properties whose value shall be sent in "blanket" all-property signals. The "explicit" flag is also exposed in the introspection data via a new annotation.
2015-08-24machined: validate machine names at more placesLennart Poettering
When enumerating machines from /run, and when accepting machine names for operations, be more strict and always validate. Note that these checks are strictly speaking unnecessary, since enumeration happens only on the trusted /run...
2015-08-24util: make machine_name_is_valid() a macro and move it to hostname-util.hLennart Poettering
As it turns out machine_name_is_valid() does the exact same thing as hostname_is_valid() these days, as it just invoked that and checked the name length was < 64. However, hostname_is_valid() checks the length against HOST_NAME_MAX anyway (which is 64 on Linux), hence any additional check is redundant. We hence replace machine_name_is_valid() by a macro that simply maps it to hostname_is_valid() but sets the allow_trailing_dot parameter to false. We also move this this call to hostname-util.h, to the same place as the hostname_is_valid() declaration.
2015-08-24Merge pull request #1012 from gentoo-root/masterTom Gundersen
sd-device: fix enumeration of devices without subsystem
2015-08-24sd-bus: don't list activators as proper peersDavid Herrmann
If a connection passed KDBUS_HELLO_ACTIVATOR, it cannot do I/O on the bus. Hence, we should not treat it as proper peer. To actually query it, you have to explicitly ask for activators. This makes kdbus in-line with what dbus-daemon does.
2015-08-24Revert "sd-bus: include queried path in GetManagedObjects"David Herrmann
This reverts commit 92d16a53e385781a55d9231d9f8f89c1747ab0e4. As it turns out, this is not how ObjectManager is supposed to work. It is just a special behavior of BlueZ, but no-one else implements it this way. Revert the patch as discussed on github, and as such revert to the previous behavior (as described in the spec).
2015-08-22sd-device: fix enumeration of devices without subsystemMaxim Mikityanskiy
Prior to commit c32eb440bab953a0169cd207dfef5cad16dfb340, libudev's function udev_enumerate_scan_devices() had behaved differently. If parent match was added with udev_enumerate_add_match_parent(), udev_enumerate_scan_devices() did not return error if some child devices had no subsystem symlink in sysfs. An example of such devices is USB endpoints /sys/bus/usb/devices/*/ep_*. If there was a parent match against USB device, old implementation of udev_enumerate_scan_devices() did not treat ep_* device directories without subsystem symlink as error and just ignored them, but new implementation returns -ENOENT (also ignoring these devices) though correctly enumerates all other matching devices. To compare, you could look at 96df036fe3d25525a44f5efdb2fc8560e82e6cfd, in src/libudev/libudev-enumerate.c, function parent_add_child(): if (!match_subsystem(enumerate, udev_device_get_subsystem(dev))) goto nomatch; udev_device_get_subsystem() was returning NULL, match_subsystem() was returning false, and USB endpoint device was ignored. New parent_add_child() from src/libsystemd/sd-device/device-enumerator.c checks return value of sd_device_get_subsystem() and fails if subsystem was not found. Absence of subsystem symlink should not be really treated as error because all enumerations of children of USB devices will fail with -ENOENT. This new behavior also breaks system-config-printer. So restore old behavior and treat absence of subsystem symlink as no match.