| Age | Commit message (Collapse) | Author |
|---|
|
Currently, PrivateTmp=yes means that the service cannot see the /tmp
shared by rest of the system and is isolated from other services using
PrivateTmp, but users can access and modify /tmp as seen by the
service.
Move the private /tmp and /var/tmp directories into a 0077-mode
directory. This way unpriviledged users on the system cannot see (or
modify) /tmp as seen by the service.
|
|
All Execs within the service, will get mounted the same
/tmp and /var/tmp directories, if service is configured with
PrivateTmp=yes. Temporary directories are cleaned up by service
itself in addition to systemd-tmpfiles. Directory which is mounted
as inaccessible is created at runtime in /run/systemd.
|
|
Commit 984a2be4 failed to adjust this caller of status_printf().
|
|
|
|
|
|
This follows the suggestions from:
http://lists.freedesktop.org/archives/systemd-devel/2013-March/009363.html
|
|
|
|
Ephemeral status lines do not end with a newline and they expect to be
overwritten by the next printed status line.
|
|
|
|
Also split out some fileio functions to fileio.c and provide a SELinux
aware pendant in fileio-label.c
see https://bugzilla.redhat.com/show_bug.cgi?id=881577
|
|
order in the efivars fs is probably not useful
This also introduces a new FOREACH_DIRENT macro and makes use of it.
|
|
This reverts commit 2826d14091e43ed3397d862dee79d09d0115c84e.
We never should generate log messages from a library.
|
|
[zj: Reworded message s/to watch/to add watch on/ to make it clear
that it was the watch init action that failed, and not the
"process of watching". I think this way it'll be clearer to
people who don't know what inotify does.]
|
|
See the linked references for why we should not do this.
|
|
|
|
|
|
that work on .d/ directories
This unifies much of the logic behind them:
- All four will now ofllow the rule that the earlier file and earlier
assignment in the .d/ directories wins. Before, sysctl was the only
outlier, where the later setting always won.
- All four now support getopt() and --help on the command line.
- All four can now handle specification of configuration file names on
the command line to apply. The tools will automatically find them, and
apply them. Previously only tmpfiles could do that. This is useful for
%post scripts in RPMs and suchlike.
- This fixes various error path issues in conf_files_list()
|
|
Inner library calls should not invoke log_oom(), that's something for
main programs, not library calls.
Don't read through uninitialized memory if a file ends in a continuation
line.
Add comments for the non-obvious bits.
Don't choke on comment lines that are continuation lines.
Simplify some things.
|
|
|
|
Now, actually check if the environment variable names and values used
are valid, before accepting them. With this in place are at some places
more rigid than POSIX, and less rigid at others. For example, this code
allows lower-case environment variables (which POSIX suggests not to
use), but it will not allow non-UTF8 variable values.
All in all this should be a good middle ground of what to allow and what
not to allow as environment variables.
(This also splits out all environment related calls into env-util.[ch])
|
|
Based-on-patch-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
cppcheck reported:
[src/bootchart/svg.c:791]: (error) Mismatching allocation and deallocation: f
|
|
|
|
|
|
|
|
Variable definitions can be written on more than one line - if each ends
with a backslash, then is concatenated with a previous one. Only
backslash and unix end of line (\n) are treated as a continuation.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=58083
[zj: squashed two patches together; cleaned up grammar; removed
comment about ignoring trailing backslash -- it is not ignored.]
Document continuation support in systemd.exec
|
|
Also adds a pair of bus calls for this to the daemon.
|
|
systemctl list-dependencies lists all unit's dependecies and
recursively expands all subsidiary target units into a tree.
Primary purpose for this command is to show all units which are
enabled in specified target.
|
|
|
|
specified
New file output.h with output flags and modes.
--full parameter also for cgls and loginctl.
Include 'all' parameter in flags (show_cgroup_by_path, show_cgroup,
show_cgroup_and_extra, show_cgroup_and_extra_by_spec).
get_process_cmdline with max_length == 0 will not ellipsize output.
Replace LINE_MAX with 0 in some calls of get_process_cmdline.
[zj: Default to --full when under pager for clgs.
Drop '-f' since it wasn't documented and didn't actually work.
Reindent a bit.
]
|
|
|
|
|
|
|
|
|
|
processes without
|
|
|
|
displaying them
|
|
|
|
The glibc default (as shown by the command line tool "date") doesn't put a comma there,
and so we shouldn't either.
|
|
-1 was used to signal failure, but the type was unsigned.
https://bugs.freedesktop.org/show_bug.cgi?id=56644
|
|
Some filesystem magics are too big to fit in 31 bits,
and are wrapped to negative. f_type is an int on 32 bits, so
it is signed, and we get a warning on comparison.
|
|
|
|
Draw trees more similar to pstree/findmnt/lsblk/...
|
|
|
|
When printing cgroup and sysfs hierarchies, avoid using UTF-8 box drawing
characters if the locale is not UTF-8.
https://bugzilla.redhat.com/show_bug.cgi?id=871153
|
|
journalctl and vconsole-setup both implement utf8 locale detection.
Let's have a common function for it.
The next patch will add another use.
|
|
The behaviour of the common name##_from_string conversion is surprising.
It accepts not only the strings from name##_table but also any number
that falls within the range of the table. The order of items in most of
our tables is an internal affair. It should not be visible to the user.
I know of a case where the surprising numeric conversion leads to a crash.
We will allow the direct numeric conversion only for the tables where the
mapping of strings to numeric values has an external meaning. This holds
for the following lookup tables:
- netlink_family, ioprio_class, ip_tos, sched_policy - their numeric
values are stable as they are defined by the Linux kernel interface.
- log_level, log_facility_unshifted - the well-known syslog interface.
We allow the user to use numeric values whose string names systemd does
not know. For instance, the user may want to test a new kernel featuring
a scheduling policy that did not exist when his systemd version was
released. A slightly unpleasant effect of this is that the
name##_to_string conversion cannot return pointers to constant strings
anymore. The strings have to be allocated on demand and freed by the
caller.
|
|
strtol() and friends may set EINVAL if no conversion was performed, but
they are not required to do so. In practice they don't. We need to check
for it.
https://bugzilla.redhat.com/show_bug.cgi?id=870577
|
|
commit 49371bb fixed the observed division by zero, but missed another
occurrence of the same bug. It was also not the optimal fix. We can
simply make the divisor a constant by swapping it with the compared
value.
|
|
In early userspace, if kernel initialization happens extremely quickly,
a call to systemd-timestamp can potentially result in division by zero.
Ensure that the check in timespec_load, which only makes sense if tv_sec
is greater than zero, is guarded by this condition.
|
|
|
