summaryrefslogtreecommitdiff
path: root/src/libsystemd
AgeCommit message (Collapse)Author
2014-11-27sd-bus: be stricter with mismatches between dbus1 and kdbus message headersLennart Poettering
2014-11-27bus-proxy: check passed parameter signature of all driver method callsLennart Poettering
2014-11-27networkd: fix kernel rtnl receive buffer overrun errorAlin Rauta
We got the following error when running systemd on a device with many ports: "rtnl: kernel receive buffer overrun Event source 'rtnl-receive-message' returned error, disabling: No buffer space available" I think the kernel socket receive buffer queue should be increased. The default value is taken from: "/proc/sys/net/core/rmem_default", but we can overwrite it using SO_RCVBUF socket option. This is already done in networkd for other sockets. For example, the bus socket (sd-bus/bus-socket.c) has a receive queue of 8MB. In our case, the default is 208KB. Increasing the buffer receive queue for manager socket to 512KB should be enough to get rid of the above error. [tomegun: bump the limit even higher to 8M]
2014-11-27bus: prefix custom endpoints with "$UID-"David Herrmann
The kdbus module will later get a policy that endpoint-names are restricted to "<uid>-<name>" just like bus-names. Make sure that systemd is already compatible to that.
2014-11-26sd-bus: make sure that when we connect to the system bus we have enough ↵Lennart Poettering
creds to make security decisions
2014-11-26sd-bus: update kdbus.h from upstreamLennart Poettering
2014-11-26sd-bus: given that the kernel now passes the auxgroups list as 32bit array ↵Lennart Poettering
to us, no need to convert to uid_t manually This way, we can save one allocation and avoid copying the array unnecesarily.
2014-11-26bus: update kdbus.h (ABI break)David Herrmann
We changed creds to u32, so fix systemd sd-bus to acknowledge that.
2014-11-26bus-kernel: when installing an activator, ask for any kind of metadata to be ↵Lennart Poettering
attached to incoming messages We don't know what the activated service might want in the end, hence enable everything current and future, just to be sure.
2014-11-26sd-bus: don't clobber return values on failure in bus_kernel_open_bus_fd()Lennart Poettering
2014-11-26sd-bus: set per-bus attach flag requirement mask to ANYLennart Poettering
On the system and user busses we create it's the receiver that chooses which metadata is attched, not the sender, hence set the requirement mask to ANY, to allow any current of future credential bit to be attached.
2014-11-26sd-bus: add suppot for renegotiating message credential attach flagsLennart Poettering
2014-11-26sd-bus: use free_and_strdup() where appropriateLennart Poettering
This simplifies things a bit and makes sure we free any previously set creds component before writing in a new one.
2014-11-25core: show log message about process triggering kdbus service activationLennart Poettering
2014-11-25sd-bus: react properly to EOVERFLOW by generating a log message about ↵Lennart Poettering
dropped broadcast messages and proceeding
2014-11-25kdbus: update header file to current upstream versionLennart Poettering
2014-11-25kdbus: minor simplificationLennart Poettering
2014-11-25sd-bus: fix error handling when receiving invalid service nameLennart Poettering
Also, properly keep track of incoming additional service names.
2014-11-25sd-bus: properly handle non-initialized audit records attached to incoming ↵Lennart Poettering
kernel messages
2014-11-25sd-bus: properly copy selinux label and description field when duplicating ↵Lennart Poettering
creds object
2014-11-25sd-bus: add supplementary groups list to creds objectLennart Poettering
2014-11-25busctl: if no parameter is specified for "busctl status" show credentials of ↵Lennart Poettering
bus owner
2014-11-25sd-bus: properly handle uninitialized audit creds from kdbusLennart Poettering
2014-11-25sd-bus: don't fail when querying creds and dbus1 refuses to tell us the ↵Lennart Poettering
selinux context
2014-11-25busctl: add new --augment-creds= switch for controlling whether shown ↵Lennart Poettering
credential data shall be augment with data from /proc
2014-11-25sd-bus: update to current kernel version, by splitting off the extended ↵Lennart Poettering
KDBUS_ITEM_PIDS structure from KDBUS_ITEM_CREDS Also: - adds support for euid, suid, fsuid, egid, sgid, fsgid fields. - makes augmentation of creds with data from /proc explicitly controllable to give apps better control over this, given that this is racy. - enables augmentation for kdbus connections (previously we only did it for dbus1). This is useful since with recent kdbus versions it is possible for clients to control the metadata they want to send. - changes sd_bus_query_sender_privilege() to take the euid of the client into consideration, if known - when we don't have permissions to read augmentation data from /proc, don't fail, just don't add the data in
2014-11-25busctl: improve readability a bitLennart Poettering
2014-11-25bus: change creds dumping order to be more close to internal storage orderLennart Poettering
2014-11-25sd-bus: don't blindly take incomplete ucred bits from AF_UNIX when ↵Lennart Poettering
constructing message
2014-11-21busctl: add --timeout= option to specify method call timeoutLennart Poettering
2014-11-21busctl: add options to control message header flags when invoking methodsLennart Poettering
2014-11-21busctl: show property values in "introspect" output, add "set-property" ↵Lennart Poettering
command, and support both a terse and a verbose output format
2014-11-21busctl: when --address is specified do not assume we connect to a full busLennart Poettering
2014-11-21busctl: use canned error message on parse failureLennart Poettering
2014-11-21sd-bus: create clean error when a property Set() call with incorrect ↵Lennart Poettering
signature is passed in
2014-11-20busctl: pass error output to stdout (rather than stderr) when generate tree ↵Lennart Poettering
for all objects This is a ton more useful when some services fail, since we continue crawling then and output everything to a pager.
2014-11-20busctl: improve output of service credsLennart Poettering
2014-11-20busctl: add new "introspect" verb for introspecting objectsLennart Poettering
2014-11-20sd-bus: refuse properties that claim to be both writable and constant at the ↵Lennart Poettering
same time
2014-11-20busctl: split out introspection parser from tree logic so that we can reuse ↵Lennart Poettering
it for a future "busctl introspect" command
2014-11-17bus-socket: fix CID#996290 Unchecked return valueSusant Sahani
2014-11-14bus-proxy: properly check for bus name prefixes when enforcing policyLennart Poettering
2014-11-14busctl: introduce busctl "get-property" command for reading and dumping ↵Lennart Poettering
object properties
2014-11-14busctl: various tweaks to "busctl tree" outputLennart Poettering
2014-11-14busctl: add new "call" command to invoke methods on a serviceLennart Poettering
2014-11-14sd-bus: add sd_bus_message_is_empty() for checking whether a message carries ↵Lennart Poettering
any body
2014-11-13sd-bus: sync with kdbus upstream (ABI break)Daniel Mack
kdbus has seen a larger update than expected lately, most notably with kdbusfs, a file system to expose the kdbus control files: * Each time a file system of this type is mounted, a new kdbus domain is created. * The layout inside each mount point is the same as before, except that domains are not hierarchically nested anymore. * Domains are therefore also unnamed now. * Unmounting a kdbusfs will automatically also detroy the associated domain. * Hence, the action of creating a kdbus domain is now as privileged as mounting a filesystem. * This way, we can get around creating dev nodes for everything, which is last but not least something that is not limited by 20-bit minor numbers. The kdbus specific bits in nspawn have all been dropped now, as nspawn can rely on the container OS to set up its own kdbus domain, simply by mounting a new instance. A new set of mounts has been added to mount things *after* the kernel modules have been loaded. For now, only kdbus is in this set, which is invoked with mount_setup_late().
2014-11-11sd-bus: pass attach flags to BUS_CREATOR_INFODaniel Mack
kdbus learned parsing the attach flags for the KDBUS_CMD_BUS_CREATOR_INFO ioctl. Bits not set in this mask will not be exported. Set that field to _KDBUS_ATTACH_ALL for now. Signed-off-by: Daniel Mack <daniel@zonque.org>
2014-11-11sd-bus: add sd_bus_message.verify_destination_id and .destination_ptrDaniel Mack
kdbus learned to accept both a numerical destination ID as well as a well-known-name. In that case, kdbus makes sure that the numerical ID is in fact the owner of the provided name and fails otherwise. This allows for race-free assertion of a bus name owner while sending a message, which is a requirement for bus-proxyd. Add two new fields to sd_bus_message, and set the numerical ID to verify_destination_id if bus_message_setup_kmsg() is called for a message with a well-known name. Also, set the destination's name in the kdbus item to .destination_ptr if it is non-NULL. Normal users should not touch these fields, and they're not publicy accessible.
2014-11-10bus: when dumping string property values escape the chars we use as ↵Lennart Poettering
end-of-line and end-of-item marks
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-12-22 23:14:55 +0000