Age | Commit message (Collapse) | Author | |
---|---|---|---|
2010-09-27 | sysv: optionally disable of SysV init/rcN.d support at compile time | Fabiano Fidencio | |
This patch adds a cpp definition HAVE_SYSV_COMPAT that is used to isolate code dealing with /etc/init.d and /etc/rcN.d for systems where it does not make sense (one that does not use sysv or one that is fully systemd native). The patch tries to be as little intrusive as possible, however in order to minimize the number of #ifdef'ed regions I've reordered some code in path-lookup.c:lookup_paths_init() where all code dealing with sysv is now isolated under running_as == MANAGER_SYSTEM as well. Moreover, In struct Service, some fields were rearranged to reduce the number of ifdefs. Lennart's suggestions were fixed and squashed with the original patch, that was sent by Gustavo Sverzut Barbieri (barbieri@profusion.mobi). | |||
2010-09-17 | ask-password: add minimal framework to allow services query SSL/harddisk ↵ | Lennart Poettering | |
passphrases from the user | |||
2010-09-16 | locale: initialize locale from /etc/locale by default | Lennart Poettering | |
2010-09-15 | util: use waitid() instead of waitpid() everywhere to avoid confusion due to ↵ | Lennart Poettering | |
SIGSTOP | |||
2010-09-08 | main: when we encounter 'emergency' on the kernel cmdline start the ↵ | Lennart Poettering | |
emergency shell | |||
2010-09-06 | systemctl: make --version a little bit more verbose | Lennart Poettering | |
2010-08-31 | systemctl: rework exit codes for all utility programs to follow LSB or other ↵ | Lennart Poettering | |
standards | |||
2010-08-30 | console: rework automatic getty on kernel console logic again | Lennart Poettering | |
It is essential that the gettys are proper dependencies from getty.target so that they aren't killed and immediately restarted on runlevel changes. Hence rework the logic to implicitly add console gettys to getty.target as dependencies. This also adds an automatic hvc console for virtualizers. https://bugzilla.redhat.com/show_bug.cgi?id=501720 | |||
2010-08-25 | mount: rework automatic mounting to follow the 'nofail' option in fstab | Lennart Poettering | |
2010-08-25 | mount: add global configuration options for handling of auto mounts | Lennart Poettering | |
2010-08-17 | main: restore an accidentally removed 'else' | Tero Roponen | |
I just noticed this when reading the latest commits. | |||
2010-08-17 | main: properly fallback to rescue.target if default.target is hosed | Lennart Poettering | |
2010-08-17 | modprobe: kill support for nomodules | Lennart Poettering | |
this should happen in the kernel itself, not be controlled from userspace, if at all. So let's kill this here. | |||
2010-08-17 | nss: don't disable nscd anymore, since it doesn't make sense to ↵ | Lennart Poettering | |
socket-activate nscd anyway | |||
2010-08-17 | auto-getty: rework auto console getty logic to work in conjunction with ↵ | Lennart Poettering | |
single user mode | |||
2010-08-14 | emacs: make sure nobody accidently adds tabs to our sources | Lennart Poettering | |
2010-08-12 | main: log build time features on startup | Lennart Poettering | |
2010-08-11 | main: disable nscd properly, if possible | Lennart Poettering | |
2010-08-11 | selinux: split off selinux calls into seperate file label.c | Lennart Poettering | |
2010-08-11 | clang: fix numerous little issues found with clang-analyzer | Lennart Poettering | |
2010-08-09 | service: hide output of sysv scripts if quiet is passed on the kernel cmdline | Lennart Poettering | |
2010-08-06 | main: automatically spawn a getty on the kernel configured serial console | Lennart Poettering | |
2010-08-03 | Systemd is causing mislabeled devices to be created and then attempting to ↵ | Daniel J Walsh | |
read them. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/28/2010 05:57 AM, Kay Sievers wrote: > On Wed, Jul 28, 2010 at 11:43, Lennart Poettering > <lennart@poettering.net> wrote: >> On Mon, 26.07.10 16:42, Daniel J Walsh (dwalsh@redhat.com) wrote: >>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file >>> type=1400 audit(1280174589.476:7): avc: denied { read } for pid=1 >>> comm="systemd" name="autofs" dev=devtmpfs ino=9482 >>> scontext=system_u:system_r:init_t:s0 >>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file >>> type=1400 audit(1280174589.476:8): avc: denied { read } for pid=1 >>> comm="systemd" name="autofs" dev=devtmpfs ino=9482 >>> scontext=system_u:system_r:init_t:s0 >>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file >>> >>> Lennart, we talked about this earlier. I think this is caused by the >>> modprobe calls to create /dev/autofs. Since udev is not created at the >>> point that init loads the kernel modules, the devices get created with >>> the wrong label. Once udev starts the labels get fixed. >>> >>> I can allow init_t to read device_t chr_files. >> >> Hmm, I think a cleaner fix would be to make systemd relabel this device >> properly before accessing it? Given that this is only one device this >> should not be a problem for us to maintain, I think? How would the >> fixing of the label work? Would we have to spawn restorecon for this, or >> can we actually do this in C without too much work? > > I guess we can just do what udev is doing, and call setfilecon(), with > a context of an earlier matchpathcon(). > > Kay > _______________________________________________ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > http://lists.freedesktop.org/mailman/listinfo/systemd-devel Here is the updated patch with a fix for the labeling of /dev/autofs -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkxQMyoACgkQrlYvE4MpobNviACfWgxsjW2xzz1qznFex8RVAQHf gIEAmwRmRcLvGqYtwQaZ3WKIg8wmrwNk =pC2e | |||
2010-07-24 | main: disable NSS disabling logic for now, since this is incompatible with rpm | Lennart Poettering | |
2010-07-20 | systemctl: always disable color when output goes into a file | Lennart Poettering | |
2010-07-20 | manager: write serialization to /dev/.systemd/ instead of /dev/shm | Lennart Poettering | |
2010-07-16 | main: disable nscd if we can to avoid deadlock, just in case | Lennart Poettering | |
2010-07-13 | main: introduce -D as quick acess to debugging | Lennart Poettering | |
2010-07-13 | main: replace --running-as= by --session and --system do mimic related tools ↵ | Lennart Poettering | |
and D-Bus | |||
2010-07-10 | systemctl: show exec status of all exited programs | Lennart Poettering | |
2010-07-09 | main: introduce $SYSTEMD_SKIP_API_MOUNTS to disable mounting of API FS | Lennart Poettering | |
2010-07-08 | dbus: make errors reported via D-Bus more useful | Lennart Poettering | |
2010-07-07 | util: use quoted word parsing where applicable | Lennart Poettering | |
2010-07-07 | log: bump up a number of log messages so that they are shown even if debug ↵ | Lennart Poettering | |
logging is disabled, for diagnostic purposes | |||
2010-07-07 | main: always log when we reexecute or reload | Lennart Poettering | |
2010-07-07 | main: lower default log level to INFO | Lennart Poettering | |
2010-07-07 | main: show welcome string only when asked for | Lennart Poettering | |
2010-07-07 | main: implement manager configuration file | Lennart Poettering | |
2010-07-07 | main: show welcome message on boot | Lennart Poettering | |
2010-07-07 | manager: optionally print status updates to console on boot | Lennart Poettering | |
2010-07-06 | main: add a native implementation of the 'nomodules' kernel option ↵ | Lennart Poettering | |
understood by fedora init scripts | |||
2010-06-24 | minor fixes to help texts | Lennart Poettering | |
2010-06-23 | man: start documenting systemd itself | Lennart Poettering | |
2010-06-19 | don't use 'long long' unless we have a really good reason to | Lennart Poettering | |
2010-06-19 | manager: get rid of destinction between running_as=system and ↵ | Lennart Poettering | |
running_as=init, as there is little value in it and we cannot really test this | |||
2010-06-18 | main: don't segfault when --log-color is passed without parameter | Lennart Poettering | |
2010-06-18 | init: call telinit in case we are run as init and not pid1 | Lennart Poettering | |
2010-06-18 | systemctl: add verbs for special units | Lennart Poettering | |
2010-06-17 | log: make color/location logging optional | Lennart Poettering | |
2010-06-16 | service: optionally call into PAM when dropping priviliges | Lennart Poettering | |