Age | Commit message (Collapse) | Author |
|
Add a 'destination' match rule for every SERVICE argument in addition to
the 'sender' rule. This is consistent with busctl(1), which documents
monitor as dumping "messages to or from this peer".
|
|
sd-bus: introduce new sd_bus_default_flush_close() call
|
|
Let's underline the header line of the table shown by cgtop, how it is
customary for tables. In order to do this, let's introduce new ANSI
underline macros, and clean up the existing ones as side effect.
|
|
|
|
If code enqueues a message on one of the default busses, but doesn't
sync on it, and immediately drops the reference to the bus again, it
will stay queued and consume memory. Intrdouce a new call
sd_bus_default_flush_close() that can be invoked at the end of programs
(or threads) and flushes out all unsent messages on any of the default
busses.
|
|
The size of the allocated array for received file descriptors was
incorrectly calculated. This did not matter when a single file
descriptor was received, but for more descriptors the allocation was
insufficient.
|
|
Make sure the assert expression is not macro-expanded before
stringification. This makes several assertion failure messages more
readable.
As an example:
assert(streq("foo", "bar"));
I'd rather see this:
Assertion 'streq("foo", "bar")' failed at foo.c:5, function main(). Aborting.
...than this, though awesome, incomprehensible truncated mess:
Assertion '(__extension__ ({ size_t __s1_len, __s2_len; (__builtin_constant_p ((
"foo")) && __builtin_constant_p (("bar")) && (__s1_len = strlen (("foo")), __s2_
len = strlen (("bar")), (!((size_t)(const void *)((("foo")) + 1) - (size_t)(cons
t void *)(("foo")) == 1) || __s1_len >= 4) && (!((size_t)(const void *)((("bar")
) + 1) - (size_t)(const void *)(("bar")) == 1) || __s2_len >= 4)) ? __builtin_st
rcmp (("foo"), ("bar")) : (__builtin_constant_p (("foo")) && ((size_t)(const voi
d *)((("foo")) + 1) - (size_t)(const void *)(("foo")) == 1) && (__s1_len = strle
n (("foo")), __s1_len < 4) ? (__builtin_constant_p (("bar")) && ((size_t)(const
void *)((("bar")) + 1) - (size_t)(const void *)(("bar")) == 1) ? __builtin_strcm
p (("foo"), ("bar")) : (__extension__ ({ const unsigned char *__s2 = (const unsi
gned char *) (const char *) (("bar")); int __result = (((const unsigned char *)
(const char *) (("foo")))[0] - __s2[0]); if (__s1_len > 0 && __result == 0) { __
result = (((const unsigned char *) (const char *) (("foo")))[1] - __s2[1]); if (
__s1_len > 1 && __result == 0) { __result = (((const unsigned char *) (const cha
r *) (("foo")))[2] - __s2[2]); if (__s1_len > 2 && __result == 0) __result = (((
const unsigned char *) (const char *) (("foo")))[3] - __s2[3]); } } __result; })
)) : (__builtin_constant_p (("bar")) && ((size_t)(const void *)((("bar")) + 1) -
(size_t)(const void *)(("bar")) == 1) && (__s2_len = strlen (("bar")), __s2_len
< 4) ? (__builtin_constant_p (("foo")) && ((size_t)(const void *)((("foo")) + 1
) - (size_t)(const void *)(("foo")) == 1) ? __builtin_strcmp (("foo"), ("bar"))
: (- (__extension__ ({ const unsigned char *__s2 = (const unsigned char *) (cons
t char *) (("foo")); int __result = (((const unsigned char *) (const char *) (("
bar")))[0] - __s2[0]); if (__s2_len > 0 && __result == 0) { __result = (((const
unsigned char *) (const char *) (("bar")))[1] - __s2[1]); if (__s2_len > 1 && __
result == 0) { __result = (((const unsigned char *) (const char *) (("bar")))[2]
- __s2[2]); if (__s2_len > 2 && __result == 0)
|
|
off_t is a really weird type as it is usually 64bit these days (at least
in sane programs), but could theoretically be 32bit. We don't support
off_t as 32bit builds though, but still constantly deal with safely
converting from off_t to other types and back for no point.
Hence, never use the type anymore. Always use uint64_t instead. This has
various benefits, including that we can expose these values directly as
D-Bus properties, and also that the values parse the same in all cases.
|
|
Another Coccinelle patch.
|
|
util: introduce safe_fclose() and port everything over to it
|
|
Adds a coccinelle script to port things over automatically.
|
|
Coccinelle fixes 2
|
|
Let's also clean up single-line while and for blocks.
|
|
We should never put empty lines between `if` and `else if`, unless we use
braces.
|
|
CMSG_SPACE(0) may return value other than 0. This caused sendmsg to fail
with EINVAL, when have_pid or n_fds was 0.
|
|
Patch via coccinelle.
|
|
This replaces this:
free(p);
p = NULL;
by this:
p = mfree(p);
Change generated using coccinelle. Semantic patch is added to the
sources.
|
|
This seems to be an oversight from:
707b66c66381c899d7ef640e158ffdd5bcff4deb
We have to return ENODATA instead of ENOENT if a requested entry is
non-present. Also fix the call-site in udev to check for these errors.
|
|
When forking of a child process for connecting to a container, pass
the preicse connection error to the calling process.
We already did this correctly for kdbus busses, let's do so for dbus1
busses, too.
|
|
We should never access the "signal" part of the event source unless the
event source is actually for a signal. In this case it's a child pid
handler however, hence make sure to use the right signal.
This is a fix for PR #1177, which in turn was a fix for
9da4cb2be260ed123f2676cb85cb350c527b1492.
|
|
This looks like a typo from commit 9da4cb2b where it was added.
|
|
sd-bus: make introspection data non-recursive
|
|
Currently, our introspection data looks like this:
<node>
<interface name="org.freedesktop.DBus.Peer">
...
</interface>
<interface name="org.freedesktop.DBus.Introspectable">
...
</interface>
<interface name="org.freedesktop.DBus.Properties">
...
</interface>
<node name="org"/>
<node name="org/freedesktop"/>
<node name="org/freedesktop/login1"/>
<node name="org/freedesktop/login1/user"/>
<node name="org/freedesktop/login1/user/self"/>
<node name="org/freedesktop/login1/user/_1000"/>
<node name="org/freedesktop/login1/seat"/>
<node name="org/freedesktop/login1/seat/self"/>
<node name="org/freedesktop/login1/seat/seat0"/>
<node name="org/freedesktop/login1/session"/>
<node name="org/freedesktop/login1/session/self"/>
<node name="org/freedesktop/login1/session/c1"/>
</node>
(ordered alphabetically for better visibility)
This is grossly incorrect. The spec says that we're allowed to return
non-directed children, however, it does not allow us to return data
recursively in multiple parents. If we return "org", then we must not
return anything else that starts with "org/".
It is unclear, whether we can include child-nodes as a tree. Moreover, it
is usually not what the caller wants. Hence, this patch changes sd-bus to
never return introspection data recursively. Instead, only a single
child-layer is returned.
This patch relies on enumerators to never return hierarchies. If someone
registers an enumerator via sd_bus_add_enumerator, they better register
sub-enumerators if they support *TRUE* hierarchies. Each enumerator is
treated as a single layer and not filtered.
Enumerators are still allowed to return nested data. However, that data
is still required to be a single hierarchy. For instance, returning
"/org/foo" and "/com/bar" is fine, but including "/com" or "/org" in that
dataset is not.
This should be the default for enumerators and I see no reason to filter
in sd-bus. Moreover, filtering that data-set would require to sort the
strv by path and then do prefix-filtering. This is O(n log n), which
would be fine, but still better to avoid.
Fixes #664.
|
|
Whenever we run in a user context, sd_bus_{default_user,open_user}() and
friends should always connect to the user-bus of the current context,
instead of deriving the uid from getuid(). This allows us running
programs via sudo/su, without the nasty side-effect of accidentally
connecting to the root user-bus.
This patch enforces the idea of making su/sudo *not* opening sessions by
default. That is, all they do is raising privileges, but keeping
everything set as before. You can still use su/sudo to open real sessions
by requesting a login-session (or loading pam_systemd otherwise).
However, in this case XDG_RUNTIME_DIR= will not be set (as usual in these
cases), hence, you will not be able to connect to *any* user-bus.
Long story short: With this patch applied, both:
- ./busctl --user
- sudo ./busctl --user
..will successfully connect to the user-bus of the local user.
Fixes #390.
|
|
A variety of sd-event, sd-login and cgroup fixes
|
|
This adds a new sd_pid_get_cgroup() call to sd-login which may be used
to query the control path of a process. This is useful for programs when
making use of delegation units, in order to figure out which subtree has
been delegated.
In light of the unified control group hierarchy this is finally safe to
do, hence let's add a proper API for it, to make it easier to use this.
|
|
Commit efdb023 ("core: unified cgroup hierarchy support") introduced a new
error ENOEXEC in cg_unified() if /sys/fs/cgroup/ is not available. Adjust the
"skip" checks in various tests accordingly.
Add a corresponding "skip" check to test-bus-creds as well, as
sd_bus_creds_new_from_pid() now calls cg_unified() as well.
This re-fixes "make check" in build chroots without /sys/fs/cgroup.
https://github.com/systemd/systemd/issues/1132
|
|
Makre sure we always return sensible errors for the various, following
the same rules, and document them in a comment in sd-login.c. Also,
update all relevant man pages accordingly.
|
|
RT signals operate in a queue, and we should be careful to never merge
two queued signals into one. Hence, makes sure we only ever dequeue a
single signal at a time and leave the remaining ones queued in the
signalfd. In order to implement correct priorities for the signals
introduce one signalfd per priority, so that we only process the highest
priority signal at a time.
|
|
session
ENODATA is how we usually indicate such "missing info" cases, so we
should do this here, too.
|
|
This simply factors out the uid validation checks from parse_uid() and
uses them everywhere. This simply verifies that the passed UID is
neither 64bit -1 nor 32bit -1.
|
|
We should never connect to the host bus as fallback if connecting to a
container failed via one method. Otherwise connecting to a dbus1
container will always result in a connection to the host.
|
|
We rely on the correct error used when opening the kdbus device node,
hence let's make sure we pass it up from the namespaced child process to
the process which actually wants to connect.
|
|
let's return ENXIO whenever we don't know something rather than ENOENT.
ENOENT suggests this was really about a file or directory, while ENXIO
is a more generic "not found" indicator.
|
|
Let's help users to debug issues with epoll fd removal by printing the
name of the event source.
|
|
Must be _cleanup_fclose_ not _cleanup_free_
|
|
sd-resolve: drop res_query() API
|
|
Various networkd and dhcp updates
|
|
Querying low-level DNS RRs should be done via resolved now, not via
glibc's awful res_query() API anymore. Let's not introduce an async
wrapper for it hence.
|
|
Let's do this everywhere the same way.
|
|
We should not fall back to dbus-1 and connect to the proxy when kdbus
returns an error that indicates that kdbus is running but just does not
accept new connections because of quota limits or something similar.
Based on a patch by Kay.
|
|
This reverts commit d4d00020d6ad855d65d31020fefa5003e1bb477f. The idea of
the commit is broken and needs to be reworked. We really cannot reduce
the bus-addresses to a single address. We always will have systemd with
native clients and legacy clients at the same time, so we also need both
addresses at the same time.
|
|
We use dashes in our bloom-tags. Make sure the newly introduced arg0has
tag uses the same style.
Note that the external dbus-tags don't use dashes, though. They are
defined in the spec and we need to keep compatibility there.
|
|
sd-bus: introduce new match type "arg0has=" for matching arrays of st…
|
|
sd-bus: introduce new SD_BUS_VTABLE_PROPERTY_EXPLICIT flag
|
|
It's an OK way to check whether a message contains an erro, let's not
consider this a loggable assertion event.
|
|
This one is simply to add: encode the tzdata timezone in the DHCP
options and optionally make use of it.
|
|
Previously, sd-bus inofficially already supported bus matches that
tested a string against an array of strings ("as"). This was done via an
enhanced way to interpret "arg0=" matches. This is problematic however,
since clients have no way to determine if their respective
implementation understood strv matches or not, thus allowing invalid
matches to be installed without a way to detect that.
This patch changes the logic to only allow such matches with a new
"arg0has=" syntax. This has the benefit that non-conforming
implementations will return a parse error and a client application may
thus efficiently detect support for the match type.
Matches of this type are useful for "udev"-like systems that "tag" objects
with a number of strings, and clients need to be able to match against
any of these "tags".
The name "has" takes inspiration from Python's ".has_key()" construct.
|
|
This allows marking properties as "explicit". Properties marked like
this are included in the introspection, but are avoided in GetAll()
property queries, PropertiesChanged() signals and in in GetManaged()
object manager calls and InterfacesAdded() signals.
Expensive properties may be marked that way, and they will be
retrievable when explicitly being requested, but never in "blanket"
all-property queries and signals.
This flag may be combined with the flags for "const" and
"emit-validation" properties, but not with "emit-validation", as that
is only useful for properties whose value shall be sent in "blanket"
all-property signals.
The "explicit" flag is also exposed in the introspection data via a new
annotation.
|
|
When enumerating machines from /run, and when accepting machine names
for operations, be more strict and always validate.
Note that these checks are strictly speaking unnecessary, since
enumeration happens only on the trusted /run...
|