summaryrefslogtreecommitdiff
path: root/src/shared
AgeCommit message (Collapse)Author
2015-02-20shared: handle unnamed sockets in socket_address_equal()Michal Schmidt
Make sure we don't inspect sun_path of unnamed sockets. Since we cannot know if two unnamed sockets' adresses refer to the same socket, just return false.
2015-02-20shared: avoid semi-duplicating socket_address_equal()Michal Schmidt
Just call socket_address_equal() from socket_address_matches_fd() instead of implementing similar comparing of addresses.
2015-02-20shared: use SocketAddress in socket_address_matches_fd()Michal Schmidt
Cleanup. No behavior change.
2015-02-20core, shared: in deserializing, match same files reached via different pathsMichal Schmidt
When dbus.socket is updated like this: -ListenStream=/var/run/dbus/system_bus_socket +ListenStream=/run/dbus/system_bus_socket ... and daemon-reload is performed, bad things happen. During deserialization systemd does not recognize that the two paths refer to the same named socket and replaces the socket file with a new one. As a result, applications hang when they try talking to dbus. Fix this by finding a match not only when the path names are equal, but also when they point to the same inode. In socket_address_equal() it is necessary to move the address size comparison into the abstract sockets branch. For path name sockets the comparison must not be done and for other families it is redundant (their sizes are constant and checked by socket_address_verify()). FIFOs and special files can also have multiple pathnames, so compare the inodes for them as well. Note that previously the pathname checks used streq_ptr(), but the paths cannot be NULL. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186018
2015-02-18nspawn: when connected to pipes for stdin/stdout, pass them as-is to PID 1Lennart Poettering
Previously we always invoked the container PID 1 on /dev/console of the container. With this change we do so only if nspawn was invoked interactively (i.e. its stdin/stdout was connected to a TTY). In all other cases we directly pass through the fds unmodified. This has the benefit that nspawn can be added into shell pipelines. https://bugs.freedesktop.org/show_bug.cgi?id=87732
2015-02-18everywhere: remove configurability of sysv runlevel to target mappingLennart Poettering
With this change runlevel 2, 3, 4 are mapped to multi-user.target for good, and 5 to graphical.target. This was already the previous mapping but is now no longer reconfigurable, but hard-coded into the core. This should generally simplify things, but also fix one bug: the sysv-generator previously generated symlinks to runlevel[2-5].target units, which possibly weren't picked up if these aliases were otherwise only referenced by the real names "multi-user.target" and "graphical.target". We keep compat aliases "runlevel[2345].target" arround for cases where this target name is explicitly requested.
2015-02-18shared: introduce cmsg_close_all() callLennart Poettering
The call iterates through cmsg list and closes all fds passed via SCM_RIGHTS. This patch also ensures the call is used wherever appropriate, where we might get spurious fds sent and we should better close them, then leave them lying around.
2015-02-18systemctl: let's make use of FOREACH_STRING() where we canLennart Poettering
2015-02-18Add gettext supportDidier Roche
2015-02-18machined: open up most of machined's commands to unprivileged clients via ↵Lennart Poettering
PolicyKit
2015-02-17bootctl: add sd-boot supportKay Sievers
2015-02-16Transpose args in strv_fnmatch() to be more ooZbigniew Jędrzejewski-Szmek
2015-02-16Add helper for fnmatch over strvZbigniew Jędrzejewski-Szmek
2015-02-14util: use a shared lookup function for string tablesBruno Bottazzini
Macro DEFINE_STRING_TABLE_LOOKUP expands to a new function for each of the almost 120 tables throghout the code. Move the its implementation to a function (guaranteed to never be inlined), and make the macro expand to an inlined function that calls this function. This saves a few kilobytes from the systemd binary (David: - fix coding-style - use 'ssize_t' to fix 32bit to 64bit propagation - use streq_ptr())
2015-02-14sd-rtnl: add missing IFLA_INET6_ADDR_GEN_MODE definitionDjalal Harouni
Add missing IFLA_INET6_ADDR_GEN_MODE definition so we can build with kernel headers < 3.17
2015-02-12include <poll.h> instead of <sys/poll.h>Thomas Hindoe Paaboel Andersen
include-what-you-use automatically does this and it makes finding unnecessary harder to spot. The only content of poll.h is a include of sys/poll.h so should be harmless.
2015-02-12Add missing includes in header filesThomas Hindoe Paaboel Andersen
This fixes various issues found by globally reordering the include sections of all .c files.
2015-02-11missing: add __NR_getrandom for powerpc architectureMarcel Holtmann
2015-02-11tree-wide: whenever we include libgen.h, immediately undefine basename()Lennart Poettering
Also, document in adjacent comments and in CODING_STYLE why we do that.
2015-02-10shared: untabifyLennart Poettering
2015-02-05shared/log: read /proc/cmdline only in daemonsZbigniew Jędrzejewski-Szmek
http://lists.freedesktop.org/archives/systemd-devel/2015-February/027960.html
2015-02-04shared/capabilities: simplify assertions about bitsZbigniew Jędrzejewski-Szmek
The assert added in 7d328b5446 was wrong. Also update the comments and make sure we don't try to shift by type size.
2015-02-04shared/util: drop duplicate log2u64 functionZbigniew Jędrzejewski-Szmek
2015-02-04shared/capability: don't be too frugal on space for capsTom Gundersen
We were dropping the most significant bit. Add an assert to make sure it does not happen again. Fixes a bug introduced in 7d328b544621d4b1bec936dec612947ad8bfb65a.
2015-02-04cg_path_get_user_unit(): Did not correctly parse user-unit templates.Luke Shumaker
It ran either skip_session() or skip_user_manager(), then ran skip_slices() iff skip_session() ran. It needs to run skip_slices() in either case. Included is a test case demonstrating why.
2015-02-04core: don't reset log level to NOTICE if we get quiet on the kernel cmdlineLennart Poettering
quiet should really just have an effect on the stuff we dump on the console, not what we log elsewhere. Hence: debug on kernel cmdline → interpreted by every tool, turns up log levels to "debug" everywhere. quiet on kernel cmdline → interpreted only by PID 1 (and obviously the kernel) no alteration of the max log level, but turns off status output. http://lists.freedesktop.org/archives/systemd-devel/2014-December/026271.html
2015-02-04virt: add detect_vm_devicetree for powerpc archesChris J Arges
Check sysfs devicetree values in order to detect if we are running on a KVM hypervisor on a powerpc architecture.
2015-02-03core: use some nice macros where appropriateLennart Poettering
2015-02-02shared/async: simplify asynchronous_job a bitZbigniew Jędrzejewski-Szmek
2015-02-03util: rework strappenda(), and rename it strjoina()Lennart Poettering
After all it is now much more like strjoin() than strappend(). At the same time, add support for NULL sentinels, even if they are normally not necessary.
2015-02-02time-util: let's make xstrftime() useful for everybody, even if we only have ↵Lennart Poettering
a single user so far.
2015-02-02macro: document that DECIMAL_STR_MAX contains space for the trailing NUL byteLennart Poettering
2015-02-01shared/capability: go frugal on space for capsZbigniew Jędrzejewski-Szmek
2015-02-01Fix dropping of all capabilitiesZbigniew Jędrzejewski-Szmek
From fd.o bug 88898: systemd-resolved fails to start: Failed to drop capabilities: Operation not permitted Broken in f11943c53ec181829a821c6b27acf828bab71caa. Drop all capabilities: 1. prctl(PR_SET_KEEPCAPS, keep_capabilities != 0) // 0 when we drop all capabilities 2. setresuid() // bye bye capabilities 3. Add CAP_SETPCAP // fails because we have no capabilities 4. Reduce capability bounding set 5. Drop capabilities 6. prctl(PR_SET_KEEPCAPS, 0) Capabilites should always be kept after setresuid() so that the capability bounding set can be reduced. Based-on-a-patch-by: mustrumr97@gmail.com https://bugs.freedesktop.org/show_bug.cgi?id=88898 We must be careful not to leave PR_SET_KEEPCAPS on. We could use the setresuid() call to drop capabilities, but the rules when capabilities are dropped are fairly complex, since a transition to non-zero uid must happen. Let's instead keep the capabilities during setresuid(), and drop them later.
2015-02-01Add a snprinf wrapper which checks that the buffer was big enoughZbigniew Jędrzejewski-Szmek
If we scale our buffer to be wide enough for the format string, we should expect that the calculation was correct. char_array_0() invocations are removed, since snprintf nul-terminates the output in any case. A similar wrapper is used for strftime calls, but only in timedatectl.c.
2015-01-29coredump: drop caps while we are processing the coredumpLennart Poettering
https://bugs.freedesktop.org/show_bug.cgi?id=87354
2015-01-28util: add comment explaining hostname_is_valid()Lennart Poettering
2015-01-28list: properly skip over first item in LIST_FOREACH_OTHERSLennart Poettering
2015-01-28list: add macro for iterating through a list an item is in, skipping the itemLennart Poettering
2015-01-27missing: define correct syscall numbers for memfd_create() and getrandom() ↵Michael Olbrich
on aarch64
2015-01-24tmpfiles: do not bump access times of directories we are cleaning upZbigniew Jędrzejewski-Szmek
Both plain opendir() and glob() will bump access time. Privileged option O_NOATIME can be used to prevent the access time from being updated. We already used it for subdirectories of the directories which we were cleaning up. But for the directories specified directly in the config files, we wouldn't do that. This means that, paradoxically, our own temporary directories for PrivateTmp would stay around forever, as long as one let systemd-tmpfiles-clean.service run regularly, because they had their own glob patterns specified. https://bugzilla.redhat.com/show_bug.cgi?id=1183684
2015-01-23#pragma once here and thereZbigniew Jędrzejewski-Szmek
2015-01-23build-sys: fix build on compilers without static_assertZbigniew Jędrzejewski-Szmek
Build would fail when assert was used on the same line in different files #included together. https://bugs.freedesktop.org/show_bug.cgi?id=87339
2015-01-23core: add a property that shows the current memory usage of a unitLennart Poettering
This is exposed the memory.usage_in_bytes cgroup property on the bus, and makes "systemctl status" show it in its default output.
2015-01-22cgroup-show: remove duplicated checkZbigniew Jędrzejewski-Szmek
After 3637713a20 it is not necessary anymore.
2015-01-23importd: when listing transfers, show progress percentageLennart Poettering
With this change the pull protocol implementation processes will pass progress data to importd which then passes this information on via the bus. We use sd_notify() as generic transport for this communication, making importd listen to them, while matching the incoming messages to the right transfer.
2015-01-22cgroup-show: don't hit assert, when the extra pids array is emptyLennart Poettering
2015-01-22import: only define the _to_string() enum mapping function, thus making gcc ↵Lennart Poettering
shut up
2015-01-22import: rename --verify=sum to --verify=checksumLennart Poettering
This is how we call it internally, and also a bit more descriptive.
2015-01-22shared/acl-util: add mask only when needed, always add base ACLsZbigniew Jędrzejewski-Szmek
For ACLs to be valid, a set of entries for user, group, and other must be always present. Always add those entries. While at it, only add the mask ACL if it is actually required, i.e. when at least on ACL for non-owner group or user exists.