Age | Commit message (Collapse) | Author |
|
Also, while we are at it, introduce some syntactic sugar for creating
ERRNO= and MESSAGE= structured logging fields.
|
|
This makes it possible to drop in logind configuration snippets from a
package or other configuration management mechanism.
Add documentation to the header of /etc/logind.conf pointing the user at
/etc/logind.conf.d/*.conf.
Introduce a new helper, conf_parse_many, to parse configuration files in
a search path.
|
|
username was already checked with isempty() and cannot be null at
this point.
CID#1237766
|
|
kdbus has seen a larger update than expected lately, most notably with
kdbusfs, a file system to expose the kdbus control files:
* Each time a file system of this type is mounted, a new kdbus
domain is created.
* The layout inside each mount point is the same as before, except
that domains are not hierarchically nested anymore.
* Domains are therefore also unnamed now.
* Unmounting a kdbusfs will automatically also detroy the
associated domain.
* Hence, the action of creating a kdbus domain is now as
privileged as mounting a filesystem.
* This way, we can get around creating dev nodes for everything,
which is last but not least something that is not limited by
20-bit minor numbers.
The kdbus specific bits in nspawn have all been dropped now, as nspawn
can rely on the container OS to set up its own kdbus domain, simply by
mounting a new instance.
A new set of mounts has been added to mount things *after* the kernel
modules have been loaded. For now, only kdbus is in this set, which is
invoked with mount_setup_late().
|
|
|
|
Usually there are a few delay inhibitors all the time (NetworkManager,
Telepathy, etc.), but I'm only interested in the block ones.
|
|
|
|
new mac_{smack,selinux,apparmor}_xyz() convention
|
|
|
|
|
|
This PMIC is found on TI AM335x based boards like the beaglebone and
beaglebone black.
root@beaglebone-white:~# udevadm info -a /dev/input/event0
Udevadm info starts with the device specified by the devpath and then
walks up the chain of parent devices. It prints for every device
found, all possible attributes in the udev rules key format.
A rule to match, can be composed by the attributes of the device
and the attributes from one single parent device.
looking at device
'/devices/ocp.3/44e0b000.i2c/i2c-0/0-0024/input/input0/event0':
KERNEL=="event0"
SUBSYSTEM=="input"
DRIVER==""
looking at parent device
'/devices/ocp.3/44e0b000.i2c/i2c-0/0-0024/input/input0':
KERNELS=="input0"
SUBSYSTEMS=="input"
DRIVERS==""
ATTRS{name}=="tps65217_pwr_but"
ATTRS{phys}==""
ATTRS{uniq}==""
ATTRS{properties}=="0"
looking at parent device '/devices/ocp.3/44e0b000.i2c/i2c-0/0-0024':
KERNELS=="0-0024"
SUBSYSTEMS=="i2c"
DRIVERS=="tps65217"
ATTRS{name}=="tps65217"
looking at parent device '/devices/ocp.3/44e0b000.i2c/i2c-0':
KERNELS=="i2c-0"
SUBSYSTEMS=="i2c"
DRIVERS==""
ATTRS{name}=="OMAP I2C adapter"
looking at parent device '/devices/ocp.3/44e0b000.i2c':
KERNELS=="44e0b000.i2c"
SUBSYSTEMS=="platform"
DRIVERS=="omap_i2c"
looking at parent device '/devices/ocp.3':
KERNELS=="ocp.3"
SUBSYSTEMS=="platform"
DRIVERS==""
|
|
This adds some log-messages to ioctl() calls where we don't really care
for the return value. It isn't strictly necessary to look for those, but
lets be sure and print warnings. This silences gcc and coverity, and also
makes sure we get reports in case something goes wrong and we didn't
expect it to fail that way.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=84201
|
|
If a session controller does not need synchronous VT switches, we allow
them to pass VT control to logind, which acknowledges all VT switches
unconditionally. This works fine with all sessions using the dbus API,
but causes out-of-sync device use if we switch to legacy sessions that
are notified via VT signals. Those are processed before logind notices
the session-switch via sysfs. Therefore, leaving the old session still
active for a short amount of time.
This, in fact, may cause the legacy session to prepare graphics devices
before the old session was deactivated, and thus, maybe causing the old
session to interfer with graphics device usage.
Fix this by releasing devices immediately before acknowledging VT
switches. This way, sessions without VT handlers are required to support
async session switching (which they do in that case, anyway).
|
|
|
|
It is redundant to store 'hash' and 'compare' function pointers in
struct Hashmap separately. The functions always comprise a pair.
Store a single pointer to struct hash_ops instead.
systemd keeps hundreds of hashmaps, so this saves a little bit of
memory.
|
|
Simplify the way we handler session-controllers and fix several
shortcomings:
* send ReleaseDevice() signals on forced session takeover
* fix mem-leaks for busnames in case VT preparation fails (non-critical)
* avoid passing pre-allocated names to helpers
|
|
|
|
Our bus-name watch helpers only remove a bus-name if it's not a
controller, anymore. If we call manager_drop_busname() before
unregistering the controller, the busname will not be dropped. Therefore,
first drop the controller, then drop the bus-name.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=82485
|
|
|
|
|
|
First, let's drop the "bus" argument, we can determine it from the
message anyway.
Secondly, determine the right callback/userdata pair automatically from
what is currently is being dispatched. This should simplify things a lot
for us, since it makes it unnecessary to pass pointers through the
original handlers through all functions when we process messages, which
might require authentication.
|
|
|
|
This is a generalization of the vtable privilege check we already have,
but exported, and hence useful when preparing for a polkit change.
This will deal with the complexity that on dbus1 one cannot trust the
capability field we retrieve via the bus, since it is read via
/proc/$$/stat (and thus might be out-of-date) rather than directly from
the message (like on kdbus) or bus connection (as for uid creds on
dbus1).
Also, port over all code to this new API.
|
|
It's unneccessary, not used, and complicates callers of the
function.
|
|
On request of Stef Walter.
|
|
sd-event does not allow multiple handlers for a single signal. However,
logind sets up signal handlers for each session with VT_PROCESS set (that
is, it has an active controller). Therefore, registering multiple such
controllers will fail.
Lets make the VT-handler global, as it's mostly trivial, anyway. This way,
the sessions don't have to take care of that and we can simply acknowledge
all VT-switch requests as we always did.
|
|
If controllers can expect logind to have "prepared" the VT (e.g. set it to
graphics mode, etc) then TakeControl() should fail if said preparation
failed (and session_restore_vt() was called).
(David: fixed up !CONFIG_VT case and errno-numbers)
|
|
Since b5eca3a2059f9399d1dc52cbcf9698674c4b1cf0 we don't attempt to GC
busses anymore when unsent messages remain that keep their reference,
when they otherwise are not referenced anymore. This means that if we
explicitly want connections to go away, we need to close them.
With this change we will no do so explicitly wherver we connect to the
bus from a main program (and thus know when the bus connection should go
away), or when we create a private bus connection, that really should go
away after our use.
This fixes connection leaks in the NSS and PAM modules.
|
|
getopt is usually good at printing out a nice error message when
commandline options are invalid. It distinguishes between an unknown
option and a known option with a missing arg. It is better to let it
do its job and not use opterr=0 unless we actually want to suppress
messages. So remove opterr=0 in the few places where it wasn't really
useful.
When an error in options is encountered, we should not print a lengthy
help() and overwhelm the user, when we know precisely what is wrong
with the commandline. In addition, since help() prints to stdout, it
should not be used except when requested with -h or --help.
Also, simplify things here and there.
|
|
String which ended in an unfinished quote were accepted, potentially
with bad memory accesses.
Reject anything which ends in a unfished quote, or contains
non-whitespace characters right after the closing quote.
_FOREACH_WORD now returns the invalid character in *state. But this return
value is not checked anywhere yet.
Also, make 'word' and 'state' variables const pointers, and rename 'w'
to 'word' in various places. Things are easier to read if the same name
is used consistently.
mbiebl_> am I correct that something like this doesn't work
mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-passwd "Unlock EncFS"'
mbiebl_> systemd seems to strip of the quotes
mbiebl_> systemctl status shows
mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-password Unlock EncFS $RootDir $MountPoint
mbiebl_> which is pretty weird
|
|
|
|
|
|
Also be more verbose in devnode_acl_all().
|
|
Special care is needed so that we get an error message if the
file failed to parse, but not when it is missing. To avoid duplicating
the same error check in every caller, add an additional 'warn' boolean
to tell config_parse whether a message should be issued.
This makes things both shorter and more robust wrt. to error reporting.
|
|
|
|
On Tue, Jul 15, 2014 at 1:52 PM, Alick Zhao <alick9188@gmail.com> wrote:
>>>
>>> So maybe ID_SOFTWARE_RADIO ?
>>
>> Hmm, SDR is more a term for a generic technology than for a device
>> class. To me it does not really sound like an administrator would know
>> what this is.
>>
>> What exactly is the device or subsystem you want to make accessible to
>> locally logged-in users only?
>
> Initially it is bladeRF, but many more are of interest: USRP, rtl-sdr,
> HackRF, ... [1]
>
> I agree an administrator might not know what SDR is, since it is
> currently still not widely known, and makes sense only for amateurs
> and researchers. But as a SDR fan, I see many new SDR peripherals
> are created recently, and expect to see more. So a generic ID seems
> reasonable to me.
>
> [1] http://en.wikipedia.org/wiki/List_of_software-defined_radios
|
|
|
|
If compositors use the new SwitchTo() logic to map F1-F12, we should allow
them to switch to unregistered VTs, too. Otherwise, the auto-spawn logic
of gettys won't trigger.
Reported-by: Jasper St. Pierre <jstpierre@mecheye.net>
Signed-off-by: David Herrmann <dh.herrmann@gmail.com>
|
|
|
|
|
|
|
|
Better be safe than sorry...
|
|
When we dropped support for creating a per-user to the "main" X11
display we stopped returning useful data in the "Display" user property.
With this change this is fixed and we again expose an appropriate
(graphical session) in the property that is useful as the "main" one, if
one is needed.
|
|
With proprietary graphics drivers, there won't be any 'drm' devices in
sysfs, so logind will never suspend the system upon closing the lid,
even if only one (internal) display is connected. This has been reported
by multiple users so far.
IMHO, it's better to suspend the system in this case for safety reasons,
to avoid having nvidia blob users' laptops overheat, for the same reason
that sleep inhibitors are overridden (LidSwitchIgnoreInhibited=yes).
|
|
THere's no reason why hibernate should be better protected then
suspendor poweroff, so sync the policies.
|
|
No functional change expected :)
|
|
attached to a bus connection
This makes callback behaviour more like sd-event or sd-resolve, and
creates proper object for unregistering callbacks.
Taking the refernce to the slot is optional. If not taken life time of
the slot will be bound to the underlying bus object (or in the case of
an async call until the reply has been recieved).
|
|
|