summaryrefslogtreecommitdiff
path: root/src/shared
AgeCommit message (Collapse)Author
2014-02-24smack: rework security labeling for multiple frameworksŁukasz Stelmach
2014-02-24smack: relabel directories and files created by systemdŁukasz Stelmach
Systemd creates directories in /dev. These directories will get the label of systemd, which is the label of the System domain, which is not accessable to everyone. Relabel the directories, files and symlinks created so that they can be generally used. Based on a patch by Casey Schaufler <casey@schaufler-ca.com>.
2014-02-24virt: make Virtualization an anonymous enumThomas Hindoe Paaboel Andersen
This makes llvm happy when we assign an error code to the variable.
2014-02-23core: clean up some confusing regarding SI decimal and IEC binary suffixes ↵Lennart Poettering
for sizes According to Wikipedia it is customary to specify hardware metrics and transfer speeds to the basis 1000 (SI decimal), while software metrics and physical volatile memory (RAM) sizes to the basis 1024 (IEC binary). So far we specified everything in IEC, let's fix that and be more true to what's otherwise customary. Since we don't want to parse "Mi" instead of "M" we document each time what the context used is.
2014-02-23src/shared/ cannot reference symbols from librariesKay Sievers
../src/shared/unit-name.c:462: error: undefined reference to 'sd_bus_label_escape' ../src/shared/unit-name.c:477: error: undefined reference to 'sd_bus_label_unescape' collect2: error: ld returned 1 exit status
2014-02-21net-util: match on the driver as exposed by ethtool if DRIVER not setTom Gundersen
Also fix a copy-paste error that broke matching on interface name.
2014-02-21man: don't document ".include" in configuration files anymore as first step ↵Lennart Poettering
to deprecate them one day
2014-02-21ptyfwd: reset nonblocking modeLennart Poettering
Apparently bash doesn't turn off non-blocking mode on stdin/stdout when reading from it, so be nice to bash. Ideally bash would do this on its own for robustness reasons, though. https://bugs.freedesktop.org/show_bug.cgi?id=70622
2014-02-21.network/.netdev/.link: allow to match on architectureTom Gundersen
2014-02-21shared/architecture.h: fix preprocessor directivesDaniel Mack
Use 'if defined()', not 'ifdef defined()'. Fixes the following warning. CC src/shared/architecture.lo In file included from src/shared/architecture.c:24:0: src/shared/architecture.h:89:17: warning: extra tokens at end of #ifdef directive [enabled by default] # ifdef defined(WORDS_BIGENDIAN) ^
2014-02-21core: Add AppArmor profile switchingMichael Scherer
This permit to switch to a specific apparmor profile when starting a daemon. This will result in a non operation if apparmor is disabled. It also add a new build requirement on libapparmor for using this feature.
2014-02-21missing: simplificationsLennart Poettering
2014-02-21build-sys: Add setns() functions if not in the C library.Holger Schurig
Debian Stable is still using glibc 2.13, which doesn't provide the setns(). So we detect this and provide a tiny wrapper that issues the setns syscall towards the kernel.
2014-02-21core: add new ConditionArchitecture() that checks the architecture returned ↵Lennart Poettering
by uname()'s machine field.
2014-02-20net-util: match - allow globbingTom Gundersen
For now support globbing for interface name and path.
2014-02-20network/link: Match - filter on kernel cmdline, host and virtTom Gundersen
2014-02-20condition: split out most of condition handling into libsystemd-shardTom Gundersen
The parts that require linknig to libcap, libselinux and friends stays in libsystemd-core.
2014-02-20macro: add nice macro for disabling -Wnonnull temporarilyLennart Poettering
2014-02-20macro: introduce nice macro for disabling -Wmissing-prototypes warnigsLennart Poettering
2014-02-20macro: introduce a nice macro for disabling -Wformat-nonliteral temporarilyLennart Poettering
2014-02-20util: get rid of warnings around assert_cc() macroLennart Poettering
Suggested by Holger Schurig.
2014-02-19util: simplify get_ctty()Lennart Poettering
2014-02-19make gcc shut upLennart Poettering
If -flto is used then gcc will generate a lot more warnings than before, among them a number of use-without-initialization warnings. Most of them without are false positives, but let's make them go away, because it doesn't really matter.
2014-02-19label: minor optimizationsLennart Poettering
2014-02-19missing.h: add some IFLA_* constantsTom Gundersen
These were added to the kernel between 3.5 and 3.9, let's not require such recent kernels (yet).
2014-02-19core: add Personality= option for units to set the personality for spawned ↵Lennart Poettering
processes
2014-02-18nspawn: add new --personality= switch to make it easier to run 32bit ↵Lennart Poettering
containers on a 64bit host
2014-02-18seccomp: add helper call to add all secondary archs to a seccomp filterLennart Poettering
And make use of it where appropriate for executing services and for nspawn.
2014-02-18util: generalize code that checks whether PIDs are alive or unwaited forLennart Poettering
2014-02-17doc: update punctuationJan Engelhardt
Resolve spotted issues related to missing or extraneous commas, dashes.
2014-02-17core: fixate show_status earlier, so that we actually print the welcome messageLennart Poettering
Previously, we'd fixed show_state only after printing the welcome message which had the effect that the welcome message was almost always suppressed.
2014-02-17core: find the closest parent slice that has a specfic cgroup controller ↵Lennart Poettering
enabled when enabling/disabling cgroup controllers for units
2014-02-17Pass log config from systemd to systemd-shutdownZbigniew Jędrzejewski-Szmek
If PID 1 debug logging is enabled, it is nice to keep those settings when switching to systemd-shutdown binary, independently of whether this was done through /proc/cmdline options, or through runtime manipulations.
2014-02-17Extract looping over /proc/cmdline into a shared functionZbigniew Jędrzejewski-Szmek
In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-14Fix prototype of get_process_stateZbigniew Jędrzejewski-Szmek
2014-02-15util: fix mismatching function signatureKay Sievers
2014-02-14core: fix detection of dead processesYuxuan Shui
Commit 5ba6985b moves the UNIT_VTABLE(u)->sigchld_event before systemd actually reaps the zombie. Which leads to service_load_pid_file accepting zombie as a valid pid. This fixes timeouts like: [ 2746.602243] systemd[1]: chronyd.service stop-sigterm timed out. Killing. [ 2836.852545] systemd[1]: chronyd.service still around after SIGKILL. Ignoring. [ 2927.102187] systemd[1]: chronyd.service stop-final-sigterm timed out. Killing. [ 3017.352560] systemd[1]: chronyd.service still around after final SIGKILL. Entering failed mode.
2014-02-14shared: include root when canonicalizing conf pathsMichael Marineau
The conf_files_list family accepts an alternate root path to prefix all directories in the list but path_strv_canonicalize_uniq doesn't use it. This results in the suspicious behavior of resolving directory symlinks based on the contents of / instead of the alternate root. This adds a prefix argument to path_strv_canonicalize which will now prepend the prefix, if given, to every path in the list. To avoid answering what a relative path means when called with a root prefix path_strv_canonicalize is now path_strv_canonicalize_absolute and only considers absolute paths. Fortunately all users of already call path_strv_canonicalize with a list of absolute paths.
2014-02-13everywhere: always use O_CLOEXEC where it makes senseLennart Poettering
2014-02-13everywhere: make use of new0() and macro() macros, and stop using perror()Lennart Poettering
2014-02-13core: add SystemCallArchitectures= unit setting to allow disabling of non-nativeLennart Poettering
architecture support for system calls Also, turn system call filter bus properties into complex types instead of concatenated strings.
2014-02-12syscallfilter: port to libseccompRonny Chevalier
2014-02-12pager: support SYSTEMD_LESS environment variableJason A. Donenfeld
This allows customization of the arguments used by less. The main motivation is that some folks might not like having --no-init on every invocation of less.
2014-02-12nspawn: newer kernels (>= 3.14) allow resetting the audit loginuid, make use ↵Lennart Poettering
of this
2014-02-11journald: log provenience of signalsZbigniew Jędrzejewski-Szmek
2014-02-11efi: fix Undefined reference efi_loader_get_boot_usec when EFI support is ↵Cristian Rodríguez
disabled
2014-02-11machined: optionally, allow registration of pre-existing units (scopesLennart Poettering
or services) as machine with machined
2014-02-11util: modernize readlink_malloc() a bitLennart Poettering
2014-02-11util: drop parse_user_at_host() since its unused nowLennart Poettering
2014-02-10exec: Add SELinuxContext configuration itemMichael Scherer
This permit to let system administrators decide of the domain of a service. This can be used with templated units to have each service in a différent domain ( for example, a per customer database, using MLS or anything ), or can be used to force a non selinux enabled system (jvm, erlang, etc) to start in a different domain for each service.