Age | Commit message (Collapse) | Author |
|
We cannot rely on "errno" to be non-zero on failure, if we perform
multiple glibc calls. That is, if the first eventfd() call fails, but the
second succeeds, we cleanup the barrier but return 0.
Fix this by always testing the return value immediately. This should also
fix all the coverity warnings.
|
|
In pty.c there was both an include of our pty.h and the system installed pty.h.
The latter contains only two functions openpty and forkpty. We use neither so
I assume it was a typo and removed it. We still compile and pass all tests.
|
|
Change the other spot too.
|
|
Suggested by Zbigniew.
|
|
Make it clear in the code that ignoring a failed safe_ato?() is intentional.
|
|
systemctl would print 'CPUQuotaPerSecUSec=(null)' for no limit. This
does not look right.
Since USEC_INFINITY is one of the valid values, format_timespan()
could return NULL, and we should wrap every use of it in strna() or
similar. But most callers didn't do that, and it seems more robust to
return a string ("infinity") that makes sense most of the time, even
if in some places the result will not be grammatically correct.
|
|
This adds --disable-utmp option to configure. If it is used, all
utmp-related functionality, including querying runlevel support,
is removed.
|
|
We replace the idiom "X && !(*foo = 0)" with "X && ((*foo = 0), true)".
This is not a functional change, but should hopefully make it less
likely that people and static analyzers believe there is a typo here
(i.e., to make it clear that the intention was not "X && *foo != 0").
Thanks to David Herrmann for the suggestion.
|
|
|
|
This commit introduces possibility to call parse_env_file_internal() and hand
over extra argument where we will accumulate how many items were successfully
parsed and pushed by callback. We make use of this in parse_env_file() and
return number of parsed items on success instead of always returning zero.
As a side-effect this commit should fix bug that locale settings in
/etc/locale.conf are not overriden by options passed via kernel command line.
|
|
src/shared/label.c:255:15: warning: unused variable 'l' [-Wunused-variable]
char *l = NULL;
^
|
|
Lets not unnecessarily rely on __WORDSIZE, which is not clearly specified
by any spec. Use explicit size comparisons if we're not interested in the
WORDSIZE, anyway.
(David: adjust commit message to explain why we do this)
|
|
|
|
The alloca_align() helper is the alloca() equivalent of posix_memalign().
As there is no such function provided by glibc, we simply account for
additional memory and return a pointer offset into the allocated memory to
grant the alignment.
Furthermore, alloca0_align() is added, which simply clears the allocated
memory.
|
|
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.
Implementation of label_get_child_mls_label derived from xinetd.
Reviewed-by: Paul Moore <pmoore@redhat.com>
|
|
Also modernize a few other things and add comments to explain CID #1237503
and CID #1237504.
|
|
|
|
|
|
TIOCSIG is linux specific, so include the linux ioctl header to make sure
it's defined. We currently rely on some rather non-obvious recursive
includes. Make sure its always defined regardless of the system headers.
|
|
Found by Coverity. Fixes CID #1237746.
|
|
Check memory allocation. Found by Coverity.
Fixes CID #1237644.
|
|
We only break out of the previous loop if fd >= 0 so there is no
use in checking it again.
Found by coverity. Fixes: CID#1237577
|
|
The recently allocated "printed" is not freed on error path.
Found by coverity. Fixes: CID#1237745
|
|
|
|
When hashmap_replace detects no such key exists yet, it calls hashmap_put that
performs the same check again. Avoid that by splitting the core of hashmap_put
into a separate function.
|
|
The following hashmap_* and set_* functions/macros have never had any
users in systemd's history:
*_iterate_backwards
*_iterate_skip
*_last
*_FOREACH_BACKWARDS
Remove this dead code.
|
|
It is redundant to store 'hash' and 'compare' function pointers in
struct Hashmap separately. The functions always comprise a pair.
Store a single pointer to struct hash_ops instead.
systemd keeps hundreds of hashmaps, so this saves a little bit of
memory.
|
|
|
|
The LSB sites have moved, so update the URL.
|
|
It was mostly a duplicate of free_and_strdup().
|
|
Functions either should generate error messages for everything they do
themselves, or for nothing and let the caller do it. But they certainly
shouldn't generate errors for some messages but not for others. Since
the function in this case is one that generates messages on its own, it
really should do that for everything, not just for some things, hence.
|
|
The check, if the directory/file already exists is only executed, if
there is a symlink target specified. In case of "/root", there is none,
so it is unconditionally tried to create the directory.
In case of a readonly filesystem, errno != EEXIST, but errno == EROFS,
so base_filesystem_create() and switch_root does not succeed.
This patch checks for existance not only in the symlink case.
|
|
|
|
This was added in 3.8, but we should building with 3.7 headers.
Reported by Samuli Suominen <ssuominen@gentoo.org>.
|
|
|
|
|
|
removes code duplication
also move switch-root to shared
|
|
Similar to container_of(), we now use unique variable names for the bascic
math macros MAX, MIN, CLAMP, LESS_BY. Furthermore, unit tests are added to
verify they work as expected.
For a rationale, see:
commit fb835651aff79a1e7fc5795086c9b26e59a8e6ca
Author: David Herrmann <dh.herrmann@gmail.com>
Date: Fri Aug 22 14:41:37 2014 +0200
shared: make container_of() use unique variable names
|
|
Before forking, block all signals, and unblock them afterwards. This way
the child will have them blocked, and we won't lose them.
|
|
This is a useful helper, make it global. It will be required for
libsystemd-terminal, at minimum.
|
|
If you stack container_of() macros, you will get warnings due to shadowing
variables of the parent context. To avoid this, use unique names for
variables.
Two new helpers are added:
UNIQ: This evaluates to a truly unique value never returned by any
evaluation of this macro. It's a shortcut for __COUNTER__.
UNIQ_T: Takes two arguments and concatenates them. It is a shortcut for
CONCATENATE, but meant to defined typed local variables.
As you usually want to use variables that you just defined, you need to
reference the same unique value at least two times. However, UNIQ returns
a new value on each evaluation, therefore, you have to pass the unique
values into the macro like this:
#define my_macro(a, b) __max_macro(UNIQ, UNIQ, (a), (b))
#define __my_macro(uniqa, uniqb, a, b) ({
typeof(a) UNIQ_T(A, uniqa) = (a);
typeof(b) UNIQ_T(B, uniqb) = (b);
MY_UNSAFE_MACRO(UNIQ_T(A, uniqa), UNIQ_T(B, uniqb));
})
This way, MY_UNSAFE_MACRO() can safely evaluate it's arguments multiple
times as they are local variables. But you can also stack invocations to
the macro my_macro() without clashing names.
This is the same as if you did:
#define my_macro(a, b) __max_macro(__COUNTER__, __COUNTER__, (a), (b))
#define __my_macro(prefixa, prefixb, a, b) ({
typeof(a) CONCATENATE(A, prefixa) = (a);
typeof(b) CONCATENATE(B, prefixb) = (b);
MY_UNSAFE_MACRO(CONCATENATE(A, prefixa), CONCATENATE(B, prefixb));
})
...but in my opinion, the first macro is easier to write and read.
This patch starts by converting container_of() to use this new helper.
Other macros may follow (like MIN, MAX, CLAMP, ...).
|
|
The UNIQUE() macro works fine if used in un-stacked macros. However, once
you stack them like:
MAX(MIN(a, b),
CLAMP(MAX(c, d), e, f))
you will get warnings due to shadowing other variables. gcc uses the last
line of a macro expansion as value for __LINE__, therefore, we cannot even
avoid this by splitting the expressions across lines.
Remove the only user of UNIQUE() so we introduce a new helper in
follow-ups.
|
|
|
|
|
|
If we invoke agents, we should make sure we actually can kill them
again. I mean, it's probably not our job to cleanup the signals if our
tools are invoked in weird contexts, but at least we should make sure,
that the subprocesses we invoke and intend to control work as intended.
Also see:
http://lists.freedesktop.org/archives/systemd-devel/2014-August/022460.html
|
|
handlers when one sigaction() fails
After all, we usually don't check for failures here, and it is better to
do as much as we can...
|
|
BPF_XOR was introduced in kernel 3.7
|
|
This reverts commit 41a451cc2901a5deb985aea4cc8de204a22e5612.
This breaks checks for masking of units file, since we invoke
null_or_empty_path() on the resulting path.
|
|
This patch modifies unit_file_get_list which will now return
hashmap of structures where f->path is *without* root_dir prefix.
This change should be ok, because current code either does not use
root_dir at all or calls basename() on the f->path.
|
|
When this system-wide start-up timeout is hit we execute one of the
failure actions already implemented for services that fail.
This should not only be useful on embedded devices, but also on laptops
which have the power-button reachable when the lid is closed. This
devices, when in a backpack might get powered on by accident due to the
easily reachable power button. We want to make sure that the system
turns itself off if it starts up due this after a while.
When the system manages to fully start-up logind will suspend the
machine by default if the lid is closed. However, in some cases we don't
even get as far as logind, and the boot hangs much earlier, for example
because we ask for a LUKS password that nobody ever enters.
Yeah, this is a real-life problem on my Yoga 13, which has one of those
easily accessible power buttons, even if the device is closed.
|