summaryrefslogtreecommitdiff
path: root/src/shared
AgeCommit message (Collapse)Author
2014-07-31Reject invalid quoted stringsZbigniew Jędrzejewski-Szmek
String which ended in an unfinished quote were accepted, potentially with bad memory accesses. Reject anything which ends in a unfished quote, or contains non-whitespace characters right after the closing quote. _FOREACH_WORD now returns the invalid character in *state. But this return value is not checked anywhere yet. Also, make 'word' and 'state' variables const pointers, and rename 'w' to 'word' in various places. Things are easier to read if the same name is used consistently. mbiebl_> am I correct that something like this doesn't work mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-passwd "Unlock EncFS"' mbiebl_> systemd seems to strip of the quotes mbiebl_> systemctl status shows mbiebl_> ExecStart=/usr/bin/encfs --extpass='/bin/systemd-ask-password Unlock EncFS $RootDir $MountPoint mbiebl_> which is pretty weird
2014-07-30resolved: when answer A or AAAA questions, order responses by whether ↵Lennart Poettering
addresses are link-local or not
2014-07-29resolved: when resolving an address PTR record via llmnr, make a tcp ↵Lennart Poettering
connection by default
2014-07-29resolve: add llmnr responder side for UDP and TCPLennart Poettering
Name defending is still missing.
2014-07-29time-util: add and use USEC/NSEC_INFINIYKay Sievers
2014-07-27parse_boolean: require exact matchesAnsgar Burchardt
Require exact matches in all cases instead of treating strings starting with 't' ('f') as true (false). This is required for config_parse_protect_system to parse ProtectSystem=full correctly: it uses parse_boolean and only tries a more specific parsing function if that did not return a valid result. Thus "full" was treated as "false" before.
2014-07-27core: only set the kernel's timezone when the RTC runs in local timeKay Sievers
We can not reliably manage any notion of local time. Every daylight saving time change or time zone change by traveling will make the time jump, and the local time might jump backwards which creates unsolvable problems with file timestamps. We will no longer tell the kernel our local time zone and leave everything set to UTC. This will effectively turn FAT timestamps into UTC timestamps. If and only if the machine is configured to read the RTC in local time mode, the kernel's time zone will be configured, but systemd-timesysnc will disable the kernel's system time to RTC syncing. In this mode, the RTC will not be managed, and external tools like Windows bootups are expected to manage the RTC's time. https://bugs.freedesktop.org/show_bug.cgi?id=81538
2014-07-26Add utility function to append root to pathZbigniew Jędrzejewski-Szmek
2014-07-26Always check asprintf return codeKarel Zak
There is a small number of the places in sources where we don't check asprintf() return code and assume that after error the function returns NULL pointer via the first argument. That's wrong, after error the content of pointer is undefined.
2014-07-24time-util: add clock_boottime_or_monotonicTom Gundersen
CLOCK_BOOTTIME is not supported by timerfd on older kernels, so for the time beeing, use this helper instead which will fallback to CLOCK_MONOTONIC if CLOCK_BOOTTIME is not supported.
2014-07-21Merge systemd-verify with systemd-analyzeZbigniew Jędrzejewski-Szmek
2014-07-21Add IFLA_VTI defines to missing.hJean-André Santoni
2014-07-21sysusers: fix selinux context of backup filesZbigniew Jędrzejewski-Szmek
Also, fix fopen_temporary_label to set proper context. By chance, all users so far used the same context, so the error didn't matter. Also, check return value from label_init(). https://bugzilla.redhat.com/show_bug.cgi?id=1121806
2014-07-20systemd-verify: check man pagesZbigniew Jędrzejewski-Szmek
2014-07-20path-lookup: make SYSTEMD_UNIT_PATH more flexibleZbigniew Jędrzejewski-Szmek
It can now contain more than one directory, and can be used to only prepend, not totally override, the normal load path.
2014-07-20Add quotes to warning messageZbigniew Jędrzejewski-Szmek
The message for SYSTEMD_LOG_LEVEL= looked a bit strange.
2014-07-19core: remove systemd_running_as lookup functionsZbigniew Jędrzejewski-Szmek
They are unused and unlikely to ever be.
2014-07-19barrier: suppress false-positive warningDavid Herrmann
If poll() returns, one of both revents must be set, thus "buf" is set by either clause. This is non-obvious for code-checkers so add an "else continue;" clause to suppress "uninitialized variable" warnings.
2014-07-18Be more verbose when bind or listen failsZbigniew Jędrzejewski-Szmek
Also be more verbose in devnode_acl_all().
2014-07-18barrier: initalize file descriptors with -1Zbigniew Jędrzejewski-Szmek
Explicitly initalize descriptors using explicit assignment like bus_error. This makes barriers follow the same conventions as everything else and makes things a bit simpler too. Rename barier_init to barier_create so it is obvious that it is not about initialization. Remove some parens, etc.
2014-07-18in-addr-util: remove family_to_string() APILennart Poettering
we already have a more complete one with af_to_name(), that is generated from the header files, no need to duplicate this.
2014-07-18change type for address family to "int"Lennart Poettering
Let's settle on a single type for all address family values, even if UNIX is very inconsitent on the precise type otherwise. Given that socket() is the primary entrypoint for the sockets API, and that uses "int", and "int" is relatively simple and generic, we settle on "int" for this.
2014-07-18systemd-detect-virt: detect s390 virtualizationThomas Blume
A system that is running on a logical partition (LPAR) provided by PR/SM has access to physical hardware (except CPU). It is true that PR/SM abstracts the hardware, but only for sharing purposes. Details are statet at: http://publib.boulder.ibm.com/infocenter/eserver/v1r2/topic/eicaz/eicazzlpar.htm -->-- In other words, PR/SM transforms physical resources into virtual resources so that many logical partitions can share the same physical resources. --<-- Still, from the OS point of view, the shared virtual resource is real hardware. ConditionVirtualization must be set to false if the OS runs directly on PR/SM (e.g. in an LPAR). [zj: reorder code so that variables are not allocated when #if-def is false. Add commit message.]
2014-07-18resolved: add LLMNR support for looking up namesLennart Poettering
2014-07-18shared: rename PROTO_ADDRESS_SIZE() to FAMILY_ADDRESS_SIZE()Lennart Poettering
We mostly use "family" to refer to AF_INET, AF_INET6, etc, let's use this terminology here, too
2014-07-17nss-util: be a tiny bit more compatible with glibc's lookup behaviour ↵Lennart Poettering
regarding IPv6 Check for RES_USE_INET6 before we prefer IPv6 over IPv4, for all our NSS modules. (Not that the DNS resolver that is configured with this matters to us, but hey, let's try to be compatible).
2014-07-17detect-virt: Fix Xen domU discoveryThomas Blume
The conditional for detection xen virtualization contained a little mistake. It is checking for i to be empty: 'if (!i) {', but it must check for cap instead, because: 'cap = strsep(&i, ",")' will set cap to the discovered value and i to the next value after the separator. Hence, i would be empty, if there is only control_d in domcap, leading to a wrong domU detection. https://bugs.freedesktop.org/show_bug.cgi?id=77271
2014-07-17shared: add PTY helperDavid Herrmann
This Pty API wraps the ugliness that is POSIX PTY. It takes care of: - edge-triggered HUP handling (avoid heavy CPU-usage on vhangup) - HUP vs. input-queue draining (handle HUP _after_ draining the whole input queue) - SIGCHLD vs. HUP (HUP is no reliable way to catch PTY deaths, always use SIGCHLD. Otherwise, vhangup() and friends will break.) - Output queue buffering (async EPOLLOUT handling) - synchronous setup (via Barrier API) At the same time, the PTY API does not execve(). It simply fork()s and leaves everything else to the caller. Usually, they execve() but we support other setups, too. This will be needed by multiple UI binaries (systemd-console, systemd-er, ...) so it's placed in src/shared/. It's not strictly related to libsystemd-terminal, so it's not included there.
2014-07-17nspawn: use Barrier API instead of eventfd-utilDavid Herrmann
The Barrier-API simplifies cross-fork() synchronization a lot. Replace the hard-coded eventfd-util implementation and drop it. Compared to the old API, Barriers also handle exit() of the remote side as abortion. This way, segfaults will not cause the parent to deadlock. EINTR handling is currently ignored for any barrier-waits. This can easily be added, but it isn't needed so far so I dropped it. EINTR handling in general is ugly, anyway. You need to deal with pselect/ppoll/... variants and make sure not to unblock signals at the wrong times. So genrally, there's little use in adding it.
2014-07-17shared: add generic IPC barrierDavid Herrmann
The "Barrier" object is a simple inter-process barrier implementation. It allows placing synchronization points and waiting for the other side to reach it. Additionally, it has an abortion-mechanism as second-layer synchronization to send abortion-events asynchronously to the other side. The API is usually used to synchronize processes during fork(). However, it can be extended to pass state through execve() so you could synchronize beyond execve(). Usually, it's used like this (error-handling replaced by assert() for simplicity): Barrier b; r = barrier_init(&b); assert_se(r >= 0); pid = fork(); assert_se(pid >= 0); if (pid == 0) { barrier_set_role(&b, BARRIER_CHILD); ...do child post-setup... if (CHILD_SETUP_FAILED) exit(1); ...child setup done... barrier_place(&b); if (!barrier_sync(&b)) { /* parent setup failed */ exit(1); } barrier_destroy(&b); /* redundant as execve() and exit() imply this */ /* parent & child setup successful */ execve(...); } barrier_set_role(&b, BARRIER_PARENT); ...do parent post-setup... if (PARENT_SETUP_FAILED) { barrier_abort(&b); /* send abortion event */ barrier_wait_abortion(&b); /* wait for child to abort (exit() implies abortion) */ barrier_destroy(&b); ...bail out... } ...parent setup done... barrier_place(&b); if (!barrier_sync(&b)) { ...child setup failed... ; barrier_destroy(&b); ...bail out... } barrier_destroy(&b); ...child setup successfull... This is the most basic API. Using barrier_place() to place barriers and barrier_sync() to perform a full synchronization between both processes. barrier_abort() places an abortion barrier which superceeds any other barriers, exit() (or barrier_destroy()) places an abortion-barrier that queues behind existing barriers (thus *not* replacing existing barriers unlike barrier_abort()). This example uses hard-synchronization with wait_abortion(), sync() and friends. These are all optional. Barriers are highly dynamic and can be used for one-way synchronization or even no synchronization at all (postponing it for later). The sync() call performs a full two-way synchronization. The API is documented and should be fairly self-explanatory. A test-suite shows some special semantics regarding abortion, wait_next() and exit(). Internally, barriers use two eventfds and a pipe. The pipe is used to detect exit()s of the remote side as eventfds do not allow that. The eventfds are used to place barriers, one for each side. Barriers itself are numbered, but the numbers are reused once both sides reached the same barrier, thus you cannot address barriers by the index. Moreover, the numbering is implicit and we only store a counter. This makes the implementation itself very lightweight, which is probably negligible considering that we need 3 FDs for a barrier.. Last but not least: This barrier implementation is quite heavy. It's definitely not meant for fast IPC synchronization. However, it's very easy to use. And given the *HUGE* overhead of fork(), the barrier-overhead should be negligible.
2014-07-16test-tables: add new entriesZbigniew Jędrzejewski-Szmek
One missing string found. A few things had to be moved around to make it possible to test them.
2014-07-16Be more careful when checking for empty filesZbigniew Jędrzejewski-Szmek
If we want to avoid reading a totally empty file, it seems better to check after we have opened the file, not before.
2014-07-16Let config_parse open file where applicableZbigniew Jędrzejewski-Szmek
Special care is needed so that we get an error message if the file failed to parse, but not when it is missing. To avoid duplicating the same error check in every caller, add an additional 'warn' boolean to tell config_parse whether a message should be issued. This makes things both shorter and more robust wrt. to error reporting.
2014-07-16resolved: add CNAME lookup supportLennart Poettering
2014-07-16missing.h: add IFLA_MACVLAN_FLAGSZbigniew Jędrzejewski-Szmek
Now we are getting into kernel < 3.4 territory... https://bugs.freedesktop.org/show_bug.cgi?id=80095
2014-07-16resolved: support for TCP DNS queriesLennart Poettering
2014-07-16shared: include stdbool.h in mkdir.hSjoerd Simons
2014-07-15Constify ConfigTableItem tablesZbigniew Jędrzejewski-Szmek
2014-07-15shared/socket-label: fix error messageZbigniew Jędrzejewski-Szmek
Was: Failed to listen on [::]:2000: Success
2014-07-15shared/socket-util: add function to query remote addressZbigniew Jędrzejewski-Szmek
2014-07-16resolve: add distinct bus error code for hosts that exist but lack A or AAAA ↵Lennart Poettering
records
2014-07-16resolved: add a DNS client stub resolverLennart Poettering
Let's turn resolved into a something truly useful: a fully asynchronous DNS stub resolver that subscribes to network changes. (More to come: caching, LLMNR, mDNS/DNS-SD, DNSSEC, IDN, NSS module)
2014-07-13fileio: quote more shell characters in envfilesMantas Mikulėnas
Turns out, making strings shell-proof is harder than expected: # machinectl set-hostname "foo|poweroff" && . /etc/machine-info (This could be simplified by quoting *and* escaping all characters, which is harmless in shell but unnecessary.)
2014-07-13path-lookup: don't make ~/.local/share/systemd/user a symlinkTanu Kaskinen
We already encourage upstreams to keep the default configuration separate from user customizations for software that is installed in the system location. Let's allow that separation also for software that is installed in the home directory. Some discussion: http://thread.gmane.org/gmane.comp.sysutils.systemd.devel/19627
2014-07-13Add function to open temp files in selinux modeZbigniew Jędrzejewski-Szmek
2014-07-11shared: fix coding-style for ring-buffer implementationDavid Herrmann
We use "typedef struct Ring Ring" with camel-case for internal objects. So rename "struct ring" to "Ring".
2014-07-11shared: add MIN3 macroDavid Herrmann
This is like MIN but evaluates 3 arguments. We already have MAX3, so add the equivalent for MIN.
2014-07-11endian: explicitly include endian.h wherever we want to use __BYTE_ORDERLennart Poettering
2014-07-11always check for __BYTE_ORDER == __BIG_ENDIAN when checking for endianessLennart Poettering
Let's always stick to glibc's way to determine byte order, and not mix autoconf-specific checks with gcc checks.
2014-07-11util: fix has cc check and add testZbigniew Jędrzejewski-Szmek