Age | Commit message (Collapse) | Author |
|
|
|
gcc does not know that errno cannot be negative, and warns
about unitialized variables later on. Kill the warnings by
returning -errno only after checking that errno is positive.
|
|
No longer allow dots at the beginning or end of host names, Or double
dots.
https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1152187/comments/14
|
|
/var/log/journal
If we notice that we unprivileged and not in any of the groups which
have access to /var/log/journal, print a nice message about which groups
do.
This checks and prints all groups that are in the default ACL for
/var/log/journal, which is not necessarily correct for all journal
files, but pretty close.
|
|
|
|
|
|
|
|
Currently, PrivateTmp=yes means that the service cannot see the /tmp
shared by rest of the system and is isolated from other services using
PrivateTmp, but users can access and modify /tmp as seen by the
service.
Move the private /tmp and /var/tmp directories into a 0077-mode
directory. This way unpriviledged users on the system cannot see (or
modify) /tmp as seen by the service.
|
|
All Execs within the service, will get mounted the same
/tmp and /var/tmp directories, if service is configured with
PrivateTmp=yes. Temporary directories are cleaned up by service
itself in addition to systemd-tmpfiles. Directory which is mounted
as inaccessible is created at runtime in /run/systemd.
|
|
Commit 984a2be4 failed to adjust this caller of status_printf().
|
|
|
|
|
|
This follows the suggestions from:
http://lists.freedesktop.org/archives/systemd-devel/2013-March/009363.html
|
|
|
|
Ephemeral status lines do not end with a newline and they expect to be
overwritten by the next printed status line.
|
|
|
|
Also split out some fileio functions to fileio.c and provide a SELinux
aware pendant in fileio-label.c
see https://bugzilla.redhat.com/show_bug.cgi?id=881577
|
|
order in the efivars fs is probably not useful
This also introduces a new FOREACH_DIRENT macro and makes use of it.
|
|
This reverts commit 2826d14091e43ed3397d862dee79d09d0115c84e.
We never should generate log messages from a library.
|
|
[zj: Reworded message s/to watch/to add watch on/ to make it clear
that it was the watch init action that failed, and not the
"process of watching". I think this way it'll be clearer to
people who don't know what inotify does.]
|
|
See the linked references for why we should not do this.
|
|
|
|
|
|
that work on .d/ directories
This unifies much of the logic behind them:
- All four will now ofllow the rule that the earlier file and earlier
assignment in the .d/ directories wins. Before, sysctl was the only
outlier, where the later setting always won.
- All four now support getopt() and --help on the command line.
- All four can now handle specification of configuration file names on
the command line to apply. The tools will automatically find them, and
apply them. Previously only tmpfiles could do that. This is useful for
%post scripts in RPMs and suchlike.
- This fixes various error path issues in conf_files_list()
|
|
Inner library calls should not invoke log_oom(), that's something for
main programs, not library calls.
Don't read through uninitialized memory if a file ends in a continuation
line.
Add comments for the non-obvious bits.
Don't choke on comment lines that are continuation lines.
Simplify some things.
|
|
|
|
Now, actually check if the environment variable names and values used
are valid, before accepting them. With this in place are at some places
more rigid than POSIX, and less rigid at others. For example, this code
allows lower-case environment variables (which POSIX suggests not to
use), but it will not allow non-UTF8 variable values.
All in all this should be a good middle ground of what to allow and what
not to allow as environment variables.
(This also splits out all environment related calls into env-util.[ch])
|
|
Based-on-patch-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
cppcheck reported:
[src/bootchart/svg.c:791]: (error) Mismatching allocation and deallocation: f
|
|
|
|
|
|
|
|
Variable definitions can be written on more than one line - if each ends
with a backslash, then is concatenated with a previous one. Only
backslash and unix end of line (\n) are treated as a continuation.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=58083
[zj: squashed two patches together; cleaned up grammar; removed
comment about ignoring trailing backslash -- it is not ignored.]
Document continuation support in systemd.exec
|
|
Also adds a pair of bus calls for this to the daemon.
|
|
systemctl list-dependencies lists all unit's dependecies and
recursively expands all subsidiary target units into a tree.
Primary purpose for this command is to show all units which are
enabled in specified target.
|
|
|
|
specified
New file output.h with output flags and modes.
--full parameter also for cgls and loginctl.
Include 'all' parameter in flags (show_cgroup_by_path, show_cgroup,
show_cgroup_and_extra, show_cgroup_and_extra_by_spec).
get_process_cmdline with max_length == 0 will not ellipsize output.
Replace LINE_MAX with 0 in some calls of get_process_cmdline.
[zj: Default to --full when under pager for clgs.
Drop '-f' since it wasn't documented and didn't actually work.
Reindent a bit.
]
|
|
|
|
|
|
|
|
|
|
processes without
|
|
|
|
displaying them
|
|
|
|
The glibc default (as shown by the command line tool "date") doesn't put a comma there,
and so we shouldn't either.
|
|
-1 was used to signal failure, but the type was unsigned.
https://bugs.freedesktop.org/show_bug.cgi?id=56644
|
|
Some filesystem magics are too big to fit in 31 bits,
and are wrapped to negative. f_type is an int on 32 bits, so
it is signed, and we get a warning on comparison.
|
|
|
|
Draw trees more similar to pstree/findmnt/lsblk/...
|
|
|