summaryrefslogtreecommitdiff
path: root/src/shared/util.c
AgeCommit message (Collapse)Author
2014-02-11util: modernize readlink_malloc() a bitLennart Poettering
2014-02-11util: drop parse_user_at_host() since its unused nowLennart Poettering
2014-02-03conf-parser: warn when we open configuration files with weird access bitsLennart Poettering
2014-01-31use memzero(foo, length); for all memset(foo, 0, length); callsGreg KH
In trying to track down a stupid linker bug, I noticed a bunch of memset() calls that should be using memzero() to make it more "obvious" that the options are correct (i.e. 0 is not the length, but the data to set). So fix up all current calls to memset(foo, 0, length) to memzero(foo, length).
2014-01-28Base mkostemp_safe on mkostempZbigniew Jędrzejewski-Szmek
It is nice to wrap umask handling and return convention, but glibc's mkostemp is async-signal-safe already.
2014-01-28Get rid of write_safeZbigniew Jędrzejewski-Szmek
Current glibc implementation is safe. Kernel does this atomically, and write is actually implemented through writev. So if write is async-signal-safe, than writev pretty much must be too.
2014-01-28always use the same code for creating temporary filesLennart Poettering
Let's unify our code here, and also always specifiy O_CLOEXEC.
2014-01-28util: pick slightly safer open() flags when creating temporary filesLennart Poettering
2014-01-28util: pass original flags value to mkostemp(), in open_tmpfile()Lennart Poettering
2014-01-28util: simplify mkostemp_safe()Lennart Poettering
Make it use dev_urandom() and endswith().
2014-01-28util: introduce new dev_urandom() call that is like random_bytes() but ↵Lennart Poettering
doesn't fall back to PRNG
2014-01-28util: modernize loop_read() and loop_write() a bitLennart Poettering
Let's make use of fd_wait_for_event() here, instead of rolling our own.
2014-01-27journal: guarantee async-signal-safety in sd_journald_sendvZbigniew Jędrzejewski-Szmek
signal(7) provides a list of functions which may be called from a signal handler. Other functions, which only call those functions and don't access global memory and are reentrant are also safe. sd_j_sendv was mostly OK, but would call mkostemp and writev in a fallback path, which are unsafe. Being able to call sd_j_sendv in a async-signal-safe way is important because it allows it be used in signal handlers. Safety is achieved by replacing mkostemp with open(O_TMPFILE) and an open-coded writev replacement which uses write. Unfortunately, O_TMPFILE is only available on kernels >= 3.11. When O_TMPFILE is unavailable, an open-coded mkostemp is used. https://bugzilla.gnome.org/show_bug.cgi?id=722889
2014-01-27Replace mkostemp+unlink with open(O_TMPFILE)Zbigniew Jędrzejewski-Szmek
This will only work on Linux >= 3.11, and probably not on all filesystems. Fallback code is provided.
2014-01-27resolve: update sd-resolve to match the other APIs in style and functionalityLennart Poettering
2014-01-05shared: util.c: unify split and split_quotedSimon Peeters
2014-01-05util.c: use read_one_line_file where possibleSimon Peeters
2014-01-05shared: procfs_file_alloca: handle pid==0Simon Peeters
when pid is set to 0 use /proc/self
2013-12-24util: don't accept an empty peer label as validLennart Poettering
2013-12-24util: unify SO_PEERCRED/SO_PEERSEC invocationsLennart Poettering
Introduce new call getpeercred() which internally just uses SO_PEERCRED but checks if the returned data is actually useful due to namespace quirks.
2013-12-23util: when we try to read /proc/cmdline in a container, read /proc/1/cmdline ↵Lennart Poettering
instead
2013-12-22shared: switch our hash table implementation over to SipHashLennart Poettering
SipHash appears to be the new gold standard for hashing smaller strings for hashtables these days, so let's make use of it.
2013-12-21util: replace readdir_r with readdirFlorian Weimer
This fixes rm_rf_children_dangerous to detect errors during directory reading. Previously, it could dereference an uninitialized pointer.
2013-12-18service: watch main pid even in final statesLennart Poettering
In some circumstances, for example when start-up times out we immediately jump into the final state, at which point we still should try to watch the main pid so that the SIGCHLD allows us to quickly move into dead state.
2013-12-17_noreturn_ --> noreturn for C11 compatShawn Landden
also define noreturn w/o <stdnoreturn.h>
2013-12-17util: no need for in_initrd() cache to be thread-localShawn Landden
the process only has one working directory, and a race is harmless
2013-12-17__thread --> thread_local for C11 compatShawn Landden
Also make thread_local available w/o including <threads.h>. (as the latter hasn't been implemented, but this part is trivial)
2013-12-17bus: when entering an existing namespace to connect to a container's system ↵Lennart Poettering
bus also switch over PID namespace This is necessary to ensure that kdbus can collect creds of the destination namespace when connecting.
2013-12-16util: try harder to increase the send/recv buffers of socketsLennart Poettering
If we have the priviliges we will try SO_SNDBUFFORCE/SO_RCVBUFFORCE and only fall back to SO_SNDBUF/SO_RCVBUF if that fails.
2013-12-16core: refuse doing %h, %s, %U specifier resolving in PID 1Lennart Poettering
These specifiers require NSS lookups to work, and we really shouldn't do them from PID 1 hence. With this change they are now only supported for user systemd instance, or when the configured user for a unit is root.
2013-12-14util: when joining a namespace make sure to reset all uids to 0 afterLennart Poettering
the transition
2013-12-14bus: when connecting to a container's kdbus instance, enter namespace firstLennart Poettering
Previously we'd open the connection in the originating namespace, which meant most peers of the bus would not be able to make sense of the PID/UID/... identity of us since we didn't exist in the namespace they run in. However they require this identity for privilege decisions, hence disallowing access to anything from the host. Instead, when connecting to a container, create a temporary subprocess, make it join the container's namespace and then connect from there to the kdbus instance. This is similar to how we do it for socket conections already. THis also unifies the namespacing code used by machinectl and the bus APIs.
2013-12-10util: check for overflow in greedy_realloc()Lennart Poettering
2013-12-06Get rid of our reimplementation of basenameZbigniew Jędrzejewski-Szmek
The only problem is that libgen.h #defines basename to point to it's own broken implementation instead of the GNU one. This can be fixed by #undefining basename.
2013-12-05util: fix misuse of memcmpYuxuan Shui
2013-12-03trivial coding style clean upsThomas Hindoe Paaboel Andersen
- Add space between if/for and the opening parentheses - Place the opening brace on same line as the function (not for udev) From the CODING_STYLE Try to use this: void foo() { } instead of this: void foo() { }
2013-12-01util: add greedy_realloc0()David Herrmann
Compared to greedy_realloc(), this sets all newly allocated memory to 0. As the old variant has been used a lot for string-handling, we avoid changing it as clearing memory is not needed there.
2013-11-30systemctl: add "systemctl cat"Shawn Landden
2013-12-01util.c: check if return value from ttyname_r is > 0 instead of != 0Thomas Hindoe Paaboel Andersen
We must return a negative error code from getttyname_malloc but that would not be the case if ttyname_r returned a negative value. ttyname_r should only return EBADF, ENOTTY, or ERANGE so it should be safe to change.
2013-11-28bus: add new sd_bus_creds object to encapsulate process credentialsLennart Poettering
This way we can unify handling of credentials that are attached to messages, or can be queried for bus name owners or connection peers. This also adds the ability to extend incomplete credential information with data from /proc, Also, provide a convenience call that will automatically determine the most appropriate credential object for an incoming message, by using the the attached information if possible, the sending name information if available and otherwise the peer's credentials.
2013-11-28util: fix handling of trailing whitespace in split_quoted()Lennart Poettering
Inspired by a patch by Lukas Nykryn.
2013-11-27service: add the ability for units to join other unit's PrivateNetwork= and ↵Lennart Poettering
PrivateTmp= namespaces
2013-11-25shutdown: during final killing spree also send SIGHUP in addition to SIGTERM ↵Lennart Poettering
to deal with shells This makes shutdown a bit faster if debug-shell.service is enabled.
2013-11-21bus: add API calls to escape string components of objects pathsLennart Poettering
2013-11-18Remove duplicate includesKarel Zak
2013-11-13Resolve /dev/console to the active tty instead of just "tty0"Olivier Brunel
When resolving /dev/console one would often get "tty0" meaning the active VT. Resolving to the actual tty (e.g. "tty1") will notably help on boot when determining whether or not PID1 can output to the console.
2013-11-08shutdown: unify handling of reboot() syscall a bitLennart Poettering
2013-11-08Remove dead code and unexport some callsLennart Poettering
"make check-api-unused" informs us about code that is not used anymore or that is exported but only used internally. Fix these all over the place.
2013-11-07util: add circle to special chars we can drawLennart Poettering
2013-11-06util: unify reading of /proc/cmdlineLennart Poettering
Instead of individually checking for containers in each user do this once in a new call proc_cmdline() that read the file only if we are not in a container.