Age | Commit message (Collapse) | Author |
|
String which ended in an unfinished quote were accepted, potentially
with bad memory accesses.
Reject anything which ends in a unfished quote, or contains
non-whitespace characters right after the closing quote.
_FOREACH_WORD now returns the invalid character in *state. But this return
value is not checked anywhere yet.
Also, make 'word' and 'state' variables const pointers, and rename 'w'
to 'word' in various places. Things are easier to read if the same name
is used consistently.
mbiebl_> am I correct that something like this doesn't work
mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-passwd "Unlock EncFS"'
mbiebl_> systemd seems to strip of the quotes
mbiebl_> systemctl status shows
mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-password Unlock EncFS $RootDir $MountPoint
mbiebl_> which is pretty weird
|
|
|
|
This makes it easier to debug what is going on.
|
|
This requires a very recent kernel (3.15), so care should be taken
when using this functionality.
|
|
All routes added by networkd are currently set RTPROT_BOOT, which according
to the kernel means "Route installed during boot" (rtnetlink.h). But this
is not always the case as networkd changes routing after boot too. Since
the kernel gives more detailed protocols, use them.
With this patch, user-configured static routes now use RTPROT_STATIC (which
they are) and DHCP routes use RTPROT_DHCP. There is no define for IPv4LL
yet, so those are installed as RTPROT_STATIC (though perhaps RTPROT_RA is
better?).
[tomegun: fixup
src/network/networkd-link.c:972:33: error: too few arguments to function 'route_new_dynamic']
|
|
|
|
Let's settle on a single type for all address family values, even if
UNIX is very inconsitent on the precise type otherwise. Given that
socket() is the primary entrypoint for the sockets API, and that uses
"int", and "int" is relatively simple and generic, we settle on "int"
for this.
|
|
|
|
So far both "indexes" and "indices" was used. Let's clean this up, and
stick to indices, since it appears to be used more frequently.
|
|
One missing string found.
A few things had to be moved around to make it possible to test them.
|
|
event source to work
|
|
A call to sd_event_source_set_io_events() skipps calling into the kernel
if the new event-mask matches the old one. This is safe for
level-triggered sources as the kernel moves them onto the ready-list
automatically if events change. However, edge-triggered sources might not
be on the ready-list even though events are present.
A call to sd_event_source_set_io_events() with EPOLLET set might thus be
used to just move the io-source onto the ready-list so the next poll
will return it again. This is very useful to avoid starvation in
priority-based event queues.
Imagine a read() loop on an edge-triggered fd. If we cannot read data fast
enough to drain the receive queue, we might decide to skip reading for now
and schedule it for later. On edge-triggered io-sources we have to make
sure it's put on the ready-list so the next dispatch-round will return it
again if it's still the highest priority task. We could make sd-event
handle edge-triggered sources directly and allow marking them ready again.
However, it's much simpler to let the kernel do that for now via
EPOLL_CTL_MOD.
|
|
|
|
all local containers
|
|
|
|
|
|
private in-addr-util.[ch]
These are enough calls for a new file, and they are sufficiently
different from the sockaddr-related calls, hence let's split this out.
|
|
make use of it from machined
|
|
|
|
|
|
This is really just about library locations, hence clarify that we don't
assume this to be anything but that.
|
|
|
|
|
|
systemctl -H root@foobar:waldi
will now show a list of services running on container "waldi" on host
"foobar", using "root" for authenticating at "foobar".
Since entereing a container requires priviliges, this will only work
correctly for root logins.
|
|
This makes sure we actually release the bus and all the messages it
references.
|
|
When a caller drops all references to a bus and its messages while the
messages where still queue, this causes the bus to reference the
messages, and the messages to reference the bus, without anybody else
keeping a reference, which is something we so far considered a leak, and
tried to fix with a GC logic that would recognize cases like this, and
drop the reference.
This GC logic has been broken sofar, and remained unfixed. This commit
removes it altogther, replacing it with nothing. The rationale is that
simply because all refs to the bus have been dropped its queued messages
should *still* be written to the bus, even if the caller doesn't retain
any reference to either bus nor message. This means it was actually
wrong to attempt to clean up the bus in this case.
The proper way how applications should handle this is by explicitly
invoking sd_bus_close(), when they want busses to go away. This is
probably want they want to do anyway to avoid getting spurious
callbacks after they stopped using a bus.
|
|
file-hierarchy(7)
This new tool is based on "sd-path", a new (so far unexported) API for
libsystemd, that can hopefully grow into a workable API covering /opt
and more one day.
|
|
|
|
of it everywhere
|
|
This patch adds vxlan rtnl attributes to sd-rtnl
|
|
|
|
It seems unnecessary to support this, and we rather should avoid
allowing this at all, so that people don't program against this
sloppily and we end up remarshalling all the time...
|
|
sd_pid_notify() operates like sd_notify(), however operates on a
different PID (for example the parent PID of a process).
Make use of this in systemd-notify, so that message are sent from the
PID specified with --pid= rather than the usually shortlived PID of
systemd-notify itself.
This should increase the likelyhood that PID 1 can identify the cgroup
that the notification message was sent from properly.
|
|
|
|
|
|
It's not safe invoking NSS from PID 1, hence fork off worker processes
that upload the policy into the kernel for busnames.
|
|
This patch enables vti tunnel support.
example conf:
file : vti.netdev
[NetDev]
Name=vti-tun
Kind=vti
MTUBytes=1480
[Tunnel]
Local=X.X.X.X
Remote=X.X.X.X
file: vti.network
[Match]
Name=em1
[Network]
Tunnel=vti-tun
TODO:
Add more attributes for vti tunnel
IFLA_VTI_IKEY
IFLA_VTI_OKEY
|
|
This patch enables gre tunnel support.
example conf:
file : gre.netdev
[NetDev]
Name=gre-tun
Kind=gre
MTUBytes=1480
[Tunnel]
Local=X.X.X.X
Remote=X.X.X.X
file: gre.network
[Match]
Name=em1
[Network]
Tunnel=gre-tun
TODO:
Add more attributes for gre tunnel
IFLA_GRE_IFLAGS
IFLA_GRE_IFLAGS
IFLA_GRE_IKEY
IFLA_GRE_OKEY
|
|
|
|
Only accept cpu quota values in percentages, get rid of period
definition.
It's not clear whether the CFS period controllable per-cgroup even has a
future in the kernel, hence let's simplify all this, hardcode the period
to 100ms and only accept percentage based quota values.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Also, make sure we automatically destroy reply callbacks that are
floating.
|
|
Same story as for sd-bus and sd-event: allow passing NULL to store query
in in which case the query is freed automatically.
|
|
These are the counterpart of "floating" bus slots, i.e. event sources
that are bound to the lifetime of the event object itself, and thus
don't require an explicit reference to be kept.
|