Age | Commit message (Collapse) | Author |
|
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=89248
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=42940
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=90385
|
|
GNU memmem() requires a nonnull first parameter. Let's introduce
memmem_safe() that removes this restriction for zero-length parameters,
and make use of it where appropriate.
http://lists.freedesktop.org/archives/systemd-devel/2015-May/031705.html
|
|
|
|
So far a number of utilities implemented their own calls for this, unify
them in prefix_root() and prefix_roota(). The former uses heap memory,
the latter allocates from the stack via alloca().
Port over most users of a --root= logic.
|
|
If a symlink to a combined cgroup hierarchy already exists and points to
the right path, skip it. This avoids an error when the cgroups are set
manually before calling nspawn.
|
|
In this usecase, the file will never be materialized
with linkat().
|
|
This allows us to simplify the ctrl_msg handler. Eventually all this global state should move to
a Manager object or so.
|
|
All other types exported from install.h should be namespaces like this,
hence namespace InstallInfo the same way.
Also, remove external forward definition of UnitFileScope type.
|
|
It's primarily just a property of the Manager object after all, and we
try to refer to PID 1 as "manager" instead of "systemd", hence let's to
stick to this here too.
|
|
This changes log_unit_info() (and friends) to take a real Unit* object
insted of just a unit name as parameter. The call will now prefix all
logged messages with the unit name, thus allowing the unit name to be
dropped from the various passed romat strings, simplifying invocations
drastically, and unifying log output across messages. Also, UNIT= vs.
USER_UNIT= is now derived from the Manager object attached to the Unit
object, instead of getpid(). This has the benefit of correcting the
field for --test runs.
Also contains a couple of other logging improvements:
- Drops a couple of strerror() invocations in favour of using %m.
- Not only .mount units now warn if a symlinks exist for the mount
point already, .automount units do that too, now.
- A few invocations of log_struct() that didn't actually pass any
additional structured data have been replaced by simpler invocations
of log_unit_info() and friends.
- For structured data a new LOG_UNIT_MESSAGE() macro has been added,
that works like LOG_MESSAGE() but prefixes the message with the unit
name. Similar, there's now LOG_LINK_MESSAGE() and
LOG_NETDEV_MESSAGE().
- For structured data new LOG_UNIT_ID(), LOG_LINK_INTERFACE(),
LOG_NETDEV_INTERFACE() macros have been added that generate the
necessary per object fields. The old log_unit_struct() call has been
removed in favour of these new macros used in raw log_struct()
invocations. In addition to removing one more function call this
allows generated structured log messages that contain two object
fields, as necessary for example for network interfaces that are
joined into another network interface, and whose messages shall be
indexed by both.
- The LOG_ERRNO() macro has been removed, in favour of
log_struct_errno(). The latter has the benefit of ensuring that %m in
format strings is properly resolved to the specified error number.
- A number of logging messages have been converted to use
log_unit_info() instead of log_info()
- The client code in sysv-generator no longer #includes core code from
src/core/.
- log_unit_full_errno() has been removed, log_unit_full() instead takes
an errno now, too.
- log_unit_info(), log_link_info(), log_netdev_info() and friends, now
avoid double evaluation of their parameters
|
|
Under the assumption that strcmp() is cheaper than memory allocation,
let's avoid the allocation, if the new value is identical to the old.
|
|
|
|
In the initrafms, generate a systemd-fsck-root.service to replace
systemd-fsck@<sysroot-device>.service. This way, after we transition
to the real root, systemd-fsck-root.service is marked as already done.
This introduces an unnecessary synchronization point, because
systemd-fsck@* is ordered after systemd-fsck-root also in the
initramfs. In practice this shouldn't be a problem.
https://bugzilla.redhat.com/show_bug.cgi?id=1201979
C.f. 956eaf2b8d6c9999024705ddadc7393bc707de02.
|
|
|
|
Continuing the general trend of splitting up util.[ch]. I specifically
want to reuse this code in https://github.com/GNOME/libglnx and
having it split up will make future copy-pasting easier.
|
|
machined is getting an EACCES when trying to create the lock file for
images because the mode on /run/systemd/nspawn/locks is 0600.
mkdir("/run/systemd/nspawn/locks", 0600) = -1 EEXIST (File exists)
stat("/run/systemd/nspawn/locks", {st_mode=S_IFDIR|0600, st_size=40, ...}) = 0
open("/run/systemd/nspawn/locks/inode-41:256", O_RDWR|O_CREAT|O_NOCTTY|O_NOFOLLOW|O_CLOEXEC, 0600) = -1 EACCES (Permission denied)
This commit adjusts the mode to 0700 to correct the issue.
|
|
from unit names
Let's better be safe then sorry.
|
|
A variety of changes:
- Make sure all our calls distuingish OOM from other errors if OOM is
not the only error possible.
- Be much stricter when parsing escaped paths, do not accept trailing or
leading escaped slashes.
- Change unit validation to take a bit mask for allowing plain names,
instance names or template names or an combination thereof.
- Refuse manipulating invalid unit name
|
|
We should be more strict when verifying paths with path_is_safe() for
potentially dangerous constructs, and that includes lengths of
PATH_MAX-1 and larger. Be more accurate here.
|
|
|
|
This makes it obvious that those functions are only usable in the
initramfs.
Also, add a warning when noauto, nofail, or automount is used for the
root fs, instead of silently ignoring. Using those options would be a
sign of significant misconfiguration, and if we bother to check for
them, than let's go all the way and complain.
Other various small cleanups and reformattings elsewhere.
|
|
|
|
instance of a process
units are organized in slice trees, not only for the system instance,
but also for user systemd instances, expose this properly.
|
|
Various cleanups, be stricter when parsing unit paths.
Most importantly: return the root slice "-.slice" when asked for slice
of paths that contain no slice component.
|
|
A number of fields do not apply to all processes, including: there a
processes without a controlling tty, without parent process, without
service, user services or session. To distuingish these cases from the
case where we simply don't have the data, always return ENXIO for them,
while returning ENODATA for the case where we really lack the
information.
Also update the credentials dumping code to show this properly. Fields
that are known but do not apply are now shown as "n/a".
Note that this also changes some of the calls in process-util.c and
cgroup-util.c to return ENXIO for these cases.
|
|
status set membership
|
|
|
|
|
|
Instead of looking up the tty from STDIN, let utmp_wall() take an argument
to specify an origin tty for the wall message. Only if that argument is
NULL do the STDIN lookup.
Also add an void *userdata argument that is handed back to the callback
function.
|
|
test for mount points
It's a very recent kernel addition, but certainly makes sense to
support.
|
|
When parsing a unit with a trailing slash after an escaped line break, like
ExecStart=/bin/echo 'foo \
bar'
the split() function (through config_parse()) asserted and crashed pid 1:
Assertion 'current[*l + 1] == quotechars[0]' failed at ../src/shared/util.c:583, function split(). Aborting.
Fix this by returning an error in this case ("trailing garbage").
Add corresponding test case. Also fix the missing "unit" argument of
config_parse_exec() in the comment.
https://launchpad.net/bugs/1447243
|
|
- fix some memory leaks on error conditions
- handle all error cases properly, and log about failures
- move HAVE_ACL and no-HAVE_ACL code closer to each other
|
|
When deleting a read-only subsvolume with a sub-subvolume, we need to
mark it writable first, otherwise the removal will not work.
|
|
When creating recursive read-only snapshots we need to mark the snapshot
writable immediately before creating subsnapshots within it, otherwise
the operation for it will fail.
|
|
If we get passed an fd that does not refer to a regular file or
directory, we should not issue btrfs ioctls on it, since it might end up
in a device driver or similar (note that DRM for example uses the same
ioctl numbers as some file system ioctls).
Hence, let's make sure to always check if something is a regular file or
directory, or is on btrfs before invoking the respective ioctls. It's
better to be safe than sorry.
|
|
Let's unify the code that checks whether an fd is on btrfs a bit.
(Also, rename btrfs_is_snapshot() to btrfs_is_subvol(), since that's
usually how this is referred to in our code)
|
|
attributes
Before invoking file system ioctls we need to make sure that the
specified fd actually refers to a file system object, and not a device
node or similar. Otherwise we might by accident invoke unrelated device
driver ioctls. For example, DRM ioctls use the same ioctl numbers as the
various file system ioctls.
|
|
|
|
|
|
the other log functions
|
|
|
|
|
|
This should not be used for any new code, as we don't set errno in new code,
but there are several legacy users, so let's keep it in shared.
|
|
|
|
This is like bus_label_unescape() but takes a maximum length instead of
relying on NULL-terminated strings. This is highly useful to unescape
labels that are not at the end of a path.
|
|
We _always_ return NULL from destructors to allow direct assignments to
the variable holding the object. Especially on hashmaps, which treat NULL
as empty hashmap, this is pretty neat.
|
|
|