| Age | Commit message (Collapse) | Author |
|---|
|
Also make thread_local available w/o including <threads.h>.
(as the latter hasn't been implemented, but this part is trivial)
|
|
bus also switch over PID namespace
This is necessary to ensure that kdbus can collect creds of the
destination namespace when connecting.
|
|
If we have the priviliges we will try SO_SNDBUFFORCE/SO_RCVBUFFORCE and
only fall back to SO_SNDBUF/SO_RCVBUF if that fails.
|
|
These specifiers require NSS lookups to work, and we really shouldn't do
them from PID 1 hence. With this change they are now only supported for
user systemd instance, or when the configured user for a unit is root.
|
|
the transition
|
|
Previously we'd open the connection in the originating namespace, which
meant most peers of the bus would not be able to make sense of the
PID/UID/... identity of us since we didn't exist in the namespace they
run in. However they require this identity for privilege decisions,
hence disallowing access to anything from the host.
Instead, when connecting to a container, create a temporary subprocess,
make it join the container's namespace and then connect from there to
the kdbus instance. This is similar to how we do it for socket
conections already.
THis also unifies the namespacing code used by machinectl and the bus
APIs.
|
|
|
|
The only problem is that libgen.h #defines basename to point to it's
own broken implementation instead of the GNU one. This can be fixed
by #undefining basename.
|
|
|
|
- Add space between if/for and the opening parentheses
- Place the opening brace on same line as the function (not for udev)
From the CODING_STYLE
Try to use this:
void foo() {
}
instead of this:
void foo()
{
}
|
|
Compared to greedy_realloc(), this sets all newly allocated memory to 0.
As the old variant has been used a lot for string-handling, we avoid
changing it as clearing memory is not needed there.
|
|
|
|
We must return a negative error code from getttyname_malloc but
that would not be the case if ttyname_r returned a negative value.
ttyname_r should only return EBADF, ENOTTY, or ERANGE so it should
be safe to change.
|
|
This way we can unify handling of credentials that are attached to
messages, or can be queried for bus name owners or connection peers.
This also adds the ability to extend incomplete credential information
with data from /proc,
Also, provide a convenience call that will automatically determine the
most appropriate credential object for an incoming message, by using the
the attached information if possible, the sending name information if
available and otherwise the peer's credentials.
|
|
Inspired by a patch by Lukas Nykryn.
|
|
PrivateTmp= namespaces
|
|
to deal with shells
This makes shutdown a bit faster if debug-shell.service is enabled.
|
|
|
|
|
|
When resolving /dev/console one would often get "tty0" meaning the active VT.
Resolving to the actual tty (e.g. "tty1") will notably help on boot when
determining whether or not PID1 can output to the console.
|
|
|
|
"make check-api-unused" informs us about code that is not used anymore
or that is exported but only used internally. Fix these all over the
place.
|
|
|
|
Instead of individually checking for containers in each user do this
once in a new call proc_cmdline() that read the file only if we are not
in a container.
|
|
This introduces a new key NamePolicy, which takes an ordered list of naming
policies. The first successful one is applide. If all fail the value of Name
(if any) is used.
The possible policies are 'onboard', 'slot', 'path' and 'mac'.
This patch introduces a default link file, which replaces the equivalent udev
rule.
|
|
|
|
When set to 0 this will stop tools like the backlight and rfkill tools to
restore state from previous boot. This is useful in case the stored state
is bogus to the extent that it is preventing you from resetting it (e.g.,
the backlight settings cause the screen to be off on boot on a system where
the backlight can not be adjusted directly from the keyboard).
|
|
glob_extend() would completely fail to work, or return incorrect
data if it wasn't being passed the current getopt "optarg" variable
as it used the global variable, instead of the passed parameters.
|
|
Fixes minor leak in error path in device.c.
|
|
rename old versions to ascii_*
Do not take into account zerowidth characters, but do consider double-wide characters.
Import needed utf8 helper code from glib.
v3: rebase ontop of utf8 restructuring work
[zj: tweak the algorithm a bit, move new code to separate file]
|
|
Triggered false negatives when encoding a string which needed every
character to be escaped, e.g. "LABEL=/".
|
|
We were already creating the file if it was missing, and this way
containers can reconfigure the file without running into problems.
This also makes resolv.conf handling more alike to handling of
/etc/localtime, which is also not a bind mount.
|
|
|
|
Let read()/write() report any error/EOF.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=69887
Based-on-a-patch-by: Hans Petter Jansson <hpj@copyleft.no>
|
|
In the process, rename udev_encode_string which is poorly named for what
it does. It deals specifically with encoding names that udev creates and
has its own rules: utf8 is valid but some ascii is not (e.g. path
separators), and everything else is simply escaped. Rename it to
encode_devnode_name.
|
|
Resolves a longstanding bug which caused this function to wrongly
handle (escape) valid utf8 characters.
|
|
Condition that is checked is taken from upower:
active(anon) < free swap * 0.98
This is really stupid, because the kernel knows the situation better,
e.g. there could be two swap files, and then hibernation would be
impossible despite passing this check, or the kernel could start
supporting compressed swap and/or compressed hibernation images, and
then this this check would be too stringent. Nevertheless, until
we have something better, this should at least return a true negative
if there's no swap.
Logging of capabilities in the journal is changed to not strip leading
zeros. I consider this more readable anyway.
http://cgit.freedesktop.org/upower/tree/src/up-daemon.c#n613
https://bugzilla.redhat.com/show_bug.cgi?id=1007059
|
|
Fixup for ac4c8d6da8b5e.
|
|
bash allows them, and so should we.
string_has_cc is changed to allow tabs, and if they are not wanted,
they must be now checked for explicitly. There are two other callers,
apart from the env file loaders, and one already checked anyway, and
the other is changed to check.
https://bugs.freedesktop.org/show_bug.cgi?id=68592
https://bugs.gentoo.org/show_bug.cgi?id=481554
|
|
I guess it's easier and cleaner anyway to use simple static inline
functions instead of defines.
|
|
|
|
So far, we would show up to 128 bytes from a message, simply
cutting of the rest. With multiline messages, it is quite common
for a message to be longer than that, and this model doesn't really
work anymore.
A new limit is added: up to 3 lines will be shown, unless --full is
used (c.f. first line below). The limit for bytes is extended to 300
bytes. An ellipsis will always be used, if some form of truncation
occurs. If the tail of the message is cut off, either because of
length or line limit, dots will be shown at the end of the last
line. If this last line is short, the dots will be simply appended. If
the last line is too long for that, it will be ellipsized with dots at
the very end.
Note that the limits are in bytes, not characters, and we suck at
outputting unicode strings (c.f. last three lines below).
Aug 11 10:46:21 fedora python[67]: test message
line
line...
Aug 11 10:50:47 fedora python[76]: test message word word word word word word word word word word word wor...
Aug 11 10:55:11 fedora python[83]: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx...
Aug 11 11:03:21 fedora python[90]: ąąąąąąąąąąąąąąąąąąąąąąąąąąąąąą...
Aug 11 11:03:53 fedora python[97]: aąąąąąąąąąąąąąąąąąąąąąąąąąąąąąą...
Aug 11 11:25:45 fedora python[121]: aąąąąąąąąąąąąąąąąąąąąąąąąąąąąąąąąąą�...
|
|
|
|
If we pass a variable to open()'s flags parameter it really wants a mode
parameter too, otherwise some gcc version whine. Hence, pass 0 in that
case.
|
|
|
|
If you have a ASCII only terminal, there is no way to set the charmap to
ANSI_X3.4-1968, other than using LC_CTYPE=C.
We don't want to assume a UTF-8 capable terminal in this case and only
do so, if LANG, LC_ALL and LC_CTYPE are unset.
|
|
I think this is the most important of the capabilities bitmasks to log.
|
|
ncp is also used for Netware mount point, recognize it as such. Fixes
https://bugzilla.novell.com/show_bug.cgi?id=828905.
|
|
The kernel adds those when the file is deleted,
but we don't really care if the file is still there
or not. The downside is that if the filename ends
in ' (deleted)', this part of the filename will be
removed. Too bad.
|
