summaryrefslogtreecommitdiff
path: root/src/machine
AgeCommit message (Collapse)Author
2015-08-24machinectl: extend the "shell" syntax to take user@container namesLennart Poettering
In order to make "machinectl shell" more similar to ssh, allow the following syntax to connect to a container under a specific username: machinectl shell lennart@fedora Also beefs up related man page documentation.
2015-08-24machinectl: make machine name parameters for "shell" and "login" optionalLennart Poettering
If no machine name is specified, imply that we connect to ".host", i.e. the local host.
2015-08-24machined: beef up PolicyKit actionsLennart Poettering
Introduce separate actions for creating login or shell sessions for the local host or a local container. By default allow local unprivileged clients to create new login sessions (which is safe, since getty will ask for username and authentication). Also, imply login privs from shell privs, as well as shell and login privs from manage privs.
2015-08-24machined: userns is only supported for container-class machinesLennart Poettering
We do not support userns for VM machines or for the host itself.
2015-08-24machinectl: don't show ".host" pseudo-machine in list by defaultLennart Poettering
Let's hide all machines whose name begins with "." by default, thus hiding the ".host" pseudo-machine, unless --all is specified. This takes inspiration from the ".host" image handling in "machinectl list-images" which also hides all images whose name starts with ".".
2015-08-24machined: introduce pseudo-machine ".host" refererring to the host systemLennart Poettering
Some of the operations machined/machinectl implement are also very useful when applied to the host system (such as machinectl login, machinectl shell or machinectl status), hence introduce a pseudo-machine by the name of ".host" in machined that refers to the host system, and may be used top execute operations on the host system with. This copies the pseudo-image ".host" machined already implements for image related commands. (This commit also adds a PK privilege for opening a PTY in a container, which was previously not accessible for non-root.)
2015-08-24machined: validate machine names at more placesLennart Poettering
When enumerating machines from /run, and when accepting machine names for operations, be more strict and always validate. Note that these checks are strictly speaking unnecessary, since enumeration happens only on the trusted /run...
2015-08-24util: make machine_name_is_valid() a macro and move it to hostname-util.hLennart Poettering
As it turns out machine_name_is_valid() does the exact same thing as hostname_is_valid() these days, as it just invoked that and checked the name length was < 64. However, hostname_is_valid() checks the length against HOST_NAME_MAX anyway (which is 64 on Linux), hence any additional check is redundant. We hence replace machine_name_is_valid() by a macro that simply maps it to hostname_is_valid() but sets the allow_trailing_dot parameter to false. We also move this this call to hostname-util.h, to the same place as the hostname_is_valid() declaration.
2015-08-24machined: always look for leader PID firstLennart Poettering
When looking for the machine belonging to a PID, always look for the leader first, only then fall back to a cgroup check. We keep direct track of the leader PID, but only indirectly of the cgroup, hence prefer the PID.
2015-08-24machinectl: add new "machinectl shell" commandLennart Poettering
This makes use of machined's new OpenShell() command and allows opening a new interactive shell in any container.
2015-08-24machined: add new OpenShell() bus callLennart Poettering
This new bus call opens an interactive shell in a container. It works like the existing OpenLogin() call, but does not involve getty, and instead opens an arbitrary command line. This is similar to "systemd-run -t -M" but is controlled by a specific PolicyKit privilege.
2015-08-17Merge pull request #977 from richardmaw-codethink/machinectl-userns-login-v2Lennart Poettering
Fix machinectl login with containers in user namespaces (v2)
2015-08-17namespace helpers: Allow entering a UID namespaceRichard Maw
To be able to use `systemd-run` or `machinectl login` on a container that is in a private user namespace, the sub-process must have entered the user namespace before connecting to the container's D-Bus, otherwise the UID and GID in the peer credentials are garbage. So we extend namespace_open and namespace_enter to support UID namespaces, and we enter the UID namespace in bus_container_connect_{socket,kernel}. namespace_open will degrade to a no-op if user namespaces are not enabled in the kernel. Special handling is required for the setns call in namespace_enter with a user namespace, since transitioning to your own namespace is forbidden, as it would result in re-entering your user namespace as root. Arguably it may be valid to check this at the call site, rather than inside namespace_enter, but it is less code to do it inside, and if the intention of calling namespace_enter is to *be* in the target namespace, rather than to transition to the target namespace, it is a reasonable approach. The check for whether the user namespace is the same must happen before entering namespaces, as we may not be able to access /proc during the intermediate transition stage. We can't instead attempt to enter the user namespace and then ignore the failure from it being the same namespace, since the error code is not distinct, and we can't compare namespaces while mid-transition.
2015-08-17Bug #944: Deletion of unnecessary checks before a few calls of systemd functionsMarkus Elfring
The following functions return immediately if a null pointer was passed. * calendar_spec_free * link_address_free * manager_free * sd_bus_unref * sd_journal_close * udev_monitor_unref * udev_unref It is therefore not needed that a function caller repeats a corresponding check. This issue was fixed by using the software Coccinelle 1.0.1.
2015-08-06machined: rework state tracking logic for machinesLennart Poettering
This splits up the stopping logic for machines into two steps: first on machine_stop() we begin with the shutdown of a machine by queuing the stop method call for it. Then, in machine_finalize() we actually remove the rest of its runtime context. This mimics closely how sessions are handled in logind. This also reworks the GC logic to strictly check the current state of the machine unit, rather than shortcutting a few cases, like for example assuming that UnitRemoved really means a machine is gone (which it isn't since Reloading might trigger it, see #376). Fixes #376.
2015-08-06machine: drop state variable from Machine objectLennart Poettering
We never made use of it, let's get rid of it.
2015-08-06logind,machined: various smaller cleanupsLennart Poettering
Use mfree() where we can. Drop unnecessary {}. Drop unnecessary variable declarations. Cast syscall invocations where explicitly don't care for the return value to (void). Reword a comment.
2015-08-06machined,logind: don't generate errors on signal match functionsLennart Poettering
If we get a weird signal, then we should log about it, but not return an error, since sd-bus will not call us again then anymore, but for these signals we match here we actually do want to be called on the next invocation.
2015-08-04machinectl: support relative host paths in copy-{from,to}Richard Maw
2015-08-04machined: Relax path checks for Copy{From,To}Richard Maw
Absolute paths should be sufficient to prevent funny business, and while path_is_safe() checks this, it also checks whether the path contains . or .. components, which while odd, aren't a security risk.
2015-07-29tree-wide: port everything over to fflush_and_check()Lennart Poettering
Some places invoked fflush() directly with their own manual error checking, let's unify all that by using fflush_and_check(). This also unifies the general error paths of fflush()+rename() file writers.
2015-07-09nss-mymachines: map userns users of containers to real user namesLennart Poettering
Given a container "foo", that maps user id $UID to container user, using user namespaces, this NSS module extenstion will now map the $UID to a name "vu-foo-$TUID" for the translated UID $UID. Similar, userns groups are mapped to "vg-foo-$TGID" for translated GIDs of $GID. This simple change should make userns users more discoverable. Also, given that many tools like "adduser" check NSS before allocating a UID, should lower the chance of UID range conflicts between tools.
2015-07-08machine: remove unused variablesThomas Hindoe Paaboel Andersen
2015-07-08property callback returns are consistentUmut Tezduyar Lindskog
It is no different to return 0 over 1 in the property callback. It is confusing to return 1 which made me think 1 has a special purpose. This way code is consistent with the rest of the tree.
2015-07-03sd-bus: introduce new sd_bus_flush_close_unref() callLennart Poettering
sd_bus_flush_close_unref() is a call that simply combines sd_bus_flush() (which writes all unwritten messages out) + sd_bus_close() (which terminates the connection, releasing all unread messages) + sd_bus_unref() (which frees the connection). The combination of this call is used pretty frequently in systemd tools right before exiting, and should also be relevant for most external clients, and is hence useful to cover in a call of its own. Previously the combination of the three calls was already done in the _cleanup_bus_close_unref_ macro, but this was only available internally. Also see #327
2015-06-17turn kdbus support into a runtime optionKay Sievers
./configure --enable/disable-kdbus can be used to set the default behavior regarding kdbus. If no kdbus kernel support is available, dbus-dameon will be used. With --enable-kdbus, the kernel command line option "kdbus=0" can be used to disable kdbus. With --disable-kdbus, the kernel command line option "kdbus=1" is required to enable kdbus support.
2015-06-17Stop talking about the "XDG" version of basename()Simon McVittie
XDG refers to X Desktop Group, a former name for freedesktop.org. This group is responsible for specifications like basedirs, .desktop files and icon naming, but as far as I know, it has never tried to redefine basename(). I think these references were meant to say XPG (X/Open Portability Guide), a precursor of POSIX. POSIX is better-known and less easily confused with XDG, and is how the basename(3) man page describes the libgen.h version of basename(). The other version of basename() is glibc-specific and is described in basename(3) as "the GNU version"; specifically mention that version, to disambiguate.
2015-06-15everywhere: port everything to sigprocmask_many() and friendsLennart Poettering
This ports a lot of manual code over to sigprocmask_many() and friends. Also, we now consistly check for sigprocmask() failures with assert_se(), since the call cannot realistically fail unless there's a programming error. Also encloses a few sd_event_add_signal() calls with (void) when we ignore the return values for it knowingly.
2015-06-14tree-wide: fix memory leaks in users of bus_map_all_properties()David Herrmann
If you use bus_map_all_properties(), you must be aware that it might touch output variables even though it may fail. This is, because we parse many different bus-properties and cannot tell how to clean them up, in case we fail deep down in the parser. Fix all callers of bus_map_all_properties() to correctly cleanup any context structures at all times.
2015-05-29util: split out signal-util.[ch] from util.[ch]Lennart Poettering
No functional changes.
2015-05-15systemctl: introduce --now for enable, disable and maskJan Synacek
https://bugs.freedesktop.org/show_bug.cgi?id=42940
2015-05-06machinectl: remove unused variableThomas Hindoe Paaboel Andersen
2015-05-05core: rework unit name validation and manipulation logicLennart Poettering
A variety of changes: - Make sure all our calls distuingish OOM from other errors if OOM is not the only error possible. - Be much stricter when parsing escaped paths, do not accept trailing or leading escaped slashes. - Change unit validation to take a bit mask for allowing plain names, instance names or template names or an combination thereof. - Refuse manipulating invalid unit name
2015-04-29sd-bus: allow passing NULL as bus parameter to sd_bus_send()Lennart Poettering
If NULL is specified for the bus it is now automatically derived from the passed in message. This commit also changes a number of invocations of sd_bus_send() to make use of this.
2015-04-29sd-bus: drop bus parameter from message callback prototypeLennart Poettering
This should simplify the prototype a bit. The bus parameter is redundant in most cases, and in the few where it matters it can be derived from the message via sd_bus_message_get_bus().
2015-04-28machined: make PropertiesChanged match more strictLennart Poettering
2015-04-28machined: make sure to track machine unit states properlyLennart Poettering
If a unit is stopped for a moment, we need to invalidate our knowledge of it, otherwise we might be confused by automatic restarts This makes reboots for nspawn containers run as service work correctly. https://bugs.freedesktop.org/show_bug.cgi?id=87428
2015-04-11shared: add terminal-util.[ch]Ronny Chevalier
2015-04-10shared: add process-util.[ch]Ronny Chevalier
2015-04-10shared: add formats-util.hRonny Chevalier
2015-03-15Add (void) where we don't care about return valueZbigniew Jędrzejewski-Szmek
2015-03-13tree-wide: there is no ENOTSUP on linuxDavid Herrmann
Replace ENOTSUP by EOPNOTSUPP as this is what linux actually uses.
2015-03-10shared: the btrfs quota field is called "referenced" not "referred"Lennart Poettering
2015-03-10man: document "machinectl export-tar" and "export-raw"Lennart Poettering
2015-03-09machinectl: remove unused variablesThomas Hindoe Paaboel Andersen
2015-03-09importd: add API for exporting container/VM imagesLennart Poettering
Also, expose it in machinectl.
2015-03-07machine: do not rely on asprintf setting arg on errorZbigniew Jędrzejewski-Szmek
Strictly speaking, the output variable is undefined if asprintf fails. We use the return value not the arg everywhere, and should we do here.
2015-03-05machinectl: minor --help text improvementsLennart Poettering
2015-03-05importd: add new bus calls for importing local tar and raw imagesLennart Poettering
This also adds "machinectl import-raw" and "machinectl import-tar" to wrap these new bus calls. THe commands basically do for local files that "machinectl pull-raw" and friends do for remote files.
2015-03-03importd: automatically grow /var/lib/machines/ loopback filesystem during ↵Lennart Poettering
downloads If /var/lib/machines is mounted as btrfs loopback file system in /var/lib/machines.raw with this change we automatically grow the file system as it fills up. After each 10M we write to it during imports, we check the free disk space, and if the fill level grows beyond 66% we increase the size of the file system to 3x the fill level (thus lowering it to 33%).