Age | Commit message (Collapse) | Author |
|
basic/ can be used by everything
cannot use anything outside of basic/
libsystemd/ can use basic/
cannot use shared/
shared/ can use libsystemd/
|
|
A number of fields do not apply to all processes, including: there a
processes without a controlling tty, without parent process, without
service, user services or session. To distuingish these cases from the
case where we simply don't have the data, always return ENXIO for them,
while returning ENODATA for the case where we really lack the
information.
Also update the credentials dumping code to show this properly. Fields
that are known but do not apply are now shown as "n/a".
Note that this also changes some of the calls in process-util.c and
cgroup-util.c to return ENXIO for these cases.
|
|
|
|
This patch removes includes that are not used. The removals were found with
include-what-you-use which checks if any of the symbols from a header is
in use.
|
|
And conditionalize journald audit support with it
|
|
|
|
of this
|
|
when pid is set to 0 use /proc/self
|
|
This way we can unify handling of credentials that are attached to
messages, or can be queried for bus name owners or connection peers.
This also adds the ability to extend incomplete credential information
with data from /proc,
Also, provide a convenience call that will automatically determine the
most appropriate credential object for an incoming message, by using the
the attached information if possible, the sending name information if
available and otherwise the peer's credentials.
|
|
this anymore to skip audit session ID retrieval
As audit is still broken in containers we need a reliable way how we can
determine whether the audit data we read from 7proc is actually useful.
Previously we used CAP_AUDIT_CONTROL for this, since nspawn removed that
from the nspawn container. This has changed a while back however, which
means we used audit data of host system in the container.
This adds an explicit container check to the audit calls, so that all
audit data is turned off in containers.
This should fix session creation with pam_systemd/logind in nspawn containers.
|
|
Also split out some fileio functions to fileio.c and provide a SELinux
aware pendant in fileio-label.c
see https://bugzilla.redhat.com/show_bug.cgi?id=881577
|
|
We finally got the OK from all contributors with non-trivial commits to
relicense systemd from GPL2+ to LGPL2.1+.
Some udev bits continue to be GPL2+ for now, but we are looking into
relicensing them too, to allow free copy/paste of all code within
systemd.
The bits that used to be MIT continue to be MIT.
The big benefit of the relicensing is that closed source code may now
link against libsystemd-login.so and friends.
|
|
internal libraries
Before:
$ ldd /lib/systemd/systemd-timestamp
linux-vdso.so.1 => (0x00007fffb05ff000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f90aac57000)
libcap.so.2 => /lib64/libcap.so.2 (0x00007f90aaa53000)
librt.so.1 => /lib64/librt.so.1 (0x00007f90aa84a000)
libc.so.6 => /lib64/libc.so.6 (0x00007f90aa494000)
/lib64/ld-linux-x86-64.so.2 (0x00007f90aae90000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f90aa290000)
libattr.so.1 => /lib64/libattr.so.1 (0x00007f90aa08a000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f90a9e6e000)
After:
$ ldd systemd-timestamp
linux-vdso.so.1 => (0x00007fff3cbff000)
libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f5eaa1c3000)
librt.so.1 => /lib64/librt.so.1 (0x00007f5ea9fbb000)
libc.so.6 => /lib64/libc.so.6 (0x00007f5ea9c04000)
/lib64/ld-linux-x86-64.so.2 (0x00007f5eaa3fc000)
libdl.so.2 => /lib64/libdl.so.2 (0x00007f5ea9a00000)
libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f5ea97e4000)
|