summaryrefslogtreecommitdiff
path: root/src/shared
AgeCommit message (Collapse)Author
2014-12-19machined/machinectl: add logic to show list of available imagesLennart Poettering
This adds a new bus call to machined that enumerates /var/lib/container and returns all trees stored in it, distuingishing three types: - GPT disk images, which are files suffixed with ".gpt" - directory trees - btrfs subvolumes
2014-12-19util: when creating temporary filename for atomic creation of files, add an ↵Lennart Poettering
extra "#" to the name That way, we have a simple, somewhat reliable way to detect such temporary files, by simply checking if they start with ".#".
2014-12-19import: add new minimal tool "systemd-import" for pulling down foreign ↵Lennart Poettering
containers and install them locally This adds a simply but powerful tool for downloading container images from the most popular container solution used today. Use it like this: # systemd-import pull-dck mattdm/fedora # systemd-nspawn -M fedora This will donwload the layers for "mattdm/fedora", and make them available locally as /var/lib/container/fedora. The tool is pretty complete, as long as it's only about pulling down images, or updating them. Pushing or searching is not supported yet.
2014-12-19util: add generalization of verb parsing for command line toolsLennart Poettering
We should move loginctl, timedatectl, machinectl over to use this new API instead of a manual one.
2014-12-19util: make sure rm_rf() can be called on symlinks (with the effect of ↵Lennart Poettering
deleting it)
2014-12-19strv: ass new strv_is_uniq() and strv_reverse() callsLennart Poettering
2014-12-18Treat a trailing backslash as an errorZbigniew Jędrzejewski-Szmek
Commit a2a5291b3f5 changed the parser to reject unfinished quoted strings. Unfortunately it introduced an error where a trailing backslash would case an infinite loop. Of course this must fixed, but the question is what to to instead. Allowing trailing backslashes and treating them as normal characters would be one option, but this seems suboptimal. First, there would be inconsistency between handling of quoting and of backslashes. Second, a trailing backslash is most likely an error, at it seems better to point it out to the user than to try to continue. Updated rules: ExecStart=/bin/echo \\ → OK, prints a backslash ExecStart=/bin/echo \ → error ExecStart=/bin/echo "x → error ExecStart=/bin/echo "x"y → error
2014-12-18tree-wide: make condition_free_list return NULLZbigniew Jędrzejewski-Szmek
2014-12-18path-util: fix breakage in path_is_mount_pointDave Reisner
This fixes 2 problems introduced by 6feeeab0bc: 1) If name_to_handle_at returns ENOSYS for the child, we'll wrongly return -ENOSYS when it returns the same for the parent. Immediately jump to the fallback logic when we get ENOSYS. 2) If name_to_handle_at returns EOPNOTSUPP for the child but suceeds for the parent, we'll be comparing an uninitialized value (mount_id) to an initialized value (mount_id_parent). Initialize the mount_id variables to invalid mount_ids to avoid this.
2014-12-18core: use raw_clone instead of fork in signal handlerZbigniew Jędrzejewski-Szmek
fork() is not async-signal-safe and calling it from the signal handler could result in a deadlock when at_fork() handlers are called. Using the raw clone() syscall sidesteps that problem. The tricky part is that raise() does not work, since getpid() does not work. Add raw_getpid() to get the real pid, and use kill() instead of raise(). https://bugs.freedesktop.org/show_bug.cgi?id=86604
2014-12-17path: make the check for unsupported name_to_handle_at symmetricZbigniew Jędrzejewski-Szmek
If child supports, but the parent does not, or when the child does not support, but the parent does, assume the child is a mount point. Only if neither supports use the fallback.
2014-12-17path: follow symbolic link for parent path (2)Umut Tezduyar Lindskog
c0e57ba9e22ee937722958d8b912ade2a37f206d fixed the fallback path. We should do the same for name_to_handle_at().
2014-12-18machinectl: add new commands for copying files from/to containersLennart Poettering
2014-12-18util: in make_stdio() use dup2() rather than dup3()Lennart Poettering
dup3() allows setting O_CLOEXEC which we are not interested in. However, it also fails if called with the same fd as input and output, which is something we don't want. Hence use dup2(). Also, we need to explicitly turn off O_CLOEXEC for the fds, in case the input fd was O_CLOEXEC and < 3.
2014-12-17nspawn: fix invocation of the raw clone() system call on s390 and crisKen Werner
Since the order of the first and second arguments of the raw clone() system call is reversed on s390 and cris it needs to be invoked differently.
2014-12-16path: follow symbolic link for parent pathUmut Tezduyar Lindskog
[zj: When we lstat the target path, symlinks above the last component will be followed by both stat and lstat. So when we look at the parent, we should follow symlinks.]
2014-12-17shared: strv - add strv_clear()Tom Gundersen
This frees the elements of the strv without freeing the strv itself.
2014-12-16shared: path-util - memory leakTom Gundersen
2014-12-16fix compiler warningSusant Sahani
src/shared/utf8.c:268:13: warning: unused variable 'd' [-Wunused-variable] int d;
2014-12-16systemctl: refuse to edit runtime dropins when they already exist in /etcZbigniew Jędrzejewski-Szmek
The check for existing unit files and dropins is unified. path_join() is updated to not insert duplicate separators.
2014-12-16Move dropin listing to sharedZbigniew Jędrzejewski-Szmek
No functional change. This is in preparation for using this in systemctl in the future.
2014-12-15shared: add minimal JSON tokenizerLennart Poettering
2014-12-15udev: builtin-hwdb - port to sd-hwdbTom Gundersen
2014-12-15shared: time-dst: Avoid buffer overflowMartin Pitt
Commit 681f9718 introduced an additional null terminator for the zone names. Increase the allocation of "transitions" to actually make room for this.
2014-12-13configure.ac: add a generic --enable-debug, replace --enable-hashmap-debugMichal Schmidt
There will be more debugging options later. --enable-debug will enable them all. --enable-debug=hashmap will enable only hashmap debugging. Also rename the C #define to ENABLE_DEBUG_* pattern.
2014-12-13shared/hashmap.h: fix commentMichal Schmidt
An early version used underscore prefixes for internal functions, but the current version uses the prefix "internal_".
2014-12-12nspawn: allow spawning ephemeral nspawn containers based on the root file ↵Lennart Poettering
system of the OS This works now: # systemd-nspawn -xb -D / -M foobar Which boots up an ephemeral container, based on the host's root file system. Or in other words: you can now run the very same host OS you booted your system with also in a container, on top of it, without having it interfere. Great for testing whether the init system you are hacking on still boots without reboot the system!
2014-12-12copy: use btrfs reflinking only whe we know we copy full filesLennart Poettering
2014-12-12nspawn: beef up nspawn with some btrfs magicLennart Poettering
This adds --template= to duplicate an OS tree as btrfs snpashot and run it This also adds --ephemeral or -x to create a snapshot of an OS tree and boot that, removing it after exit.
2014-12-12copy: teach copy_bytes() btrfs reflink magicLennart Poettering
2014-12-12shared: add new btrfs-util.[ch] helpers for doing common btrfs operationLennart Poettering
2014-12-12shared: missing.h should include btrfs.h, before redefining some of its ↵Lennart Poettering
definitions
2014-12-12util: minor simplification for loop_write() and loop_read()Lennart Poettering
2014-12-12seccomp-util.h: make sure seccomp-util.h can be included aloneLennart Poettering
2014-12-12path-util: no need to check whether p is absolute twiceLennart Poettering
2014-12-12util: document why we have alloca_align()Lennart Poettering
2014-12-12util: when using basename() for creating temporary files, verify the ↵Lennart Poettering
resulting name is actually valid Also, rename filename_is_safe() to filename_is_valid(), since it actually does a full validation for what the kernel will accept as file name, it's not just a heuristic.
2014-12-11tree-wide: use our memset() macros instead of memset() itselfLennart Poettering
2014-12-11shared: correct spacing near eol in code commentsTorstein Husebø
2014-12-10scope: make attachment of initial PIDs a bit more robustLennart Poettering
2014-12-10core: properly pass unit file state to clients via the busLennart Poettering
2014-12-10sd-bus: move common errors src/shared/bus-errors.h → ↵Lennart Poettering
src/libsystemd/sd-bus/bus-common-errors.h Stuff in src/shared/ should not use stuff from src/libsystemd/ really.
2014-12-10virt: when detecting containers and /run/systemd/container cannot be read, ↵Lennart Poettering
check /proc/1/environ This way, we should be in a slightly better situation if a container is booted up with only a shell as PID 1. In that case /run/systemd/container will not be populated, and a check for it hence be ineffective. Checking /proc/1/environ doesn't fully fix the problem though, as the file is only accessible with privileges. This means if PID 1 is not systemd, and if privileges have been dropped the container detection will continue to fail.
2014-12-09treewide: sanitize loop_writeZbigniew Jędrzejewski-Szmek
loop_write() didn't follow the usual systemd rules and returned status partially in errno and required extensive checks from callers. Some of the callers dealt with this properly, but many did not, treating partial writes as successful. Simplify things by conforming to usual rules.
2014-12-10util: introduce our own gperf based capability listLennart Poettering
This way, we can ensure we have a more complete, up-to-date list of capabilities around, always.
2014-12-10core: unify how we iterate over inotify eventsLennart Poettering
Let's add some syntactic sugar for iterating through inotify events, and use it everywhere.
2014-12-09bus-proxy: cloning smack labelPrzemyslaw Kedzierski
When dbus client connects to systemd-bus-proxyd through Unix domain socket proxy takes client's smack label and sets for itself. It is done before and independent of dropping privileges. The reason of such soluton is fact that tests of access rights performed by lsm may take place inside kernel, not only in userspace of recipient of message. The bus-proxyd needs CAP_MAC_ADMIN to manipulate its label. In case of systemd running in system mode, CAP_MAC_ADMIN should be added to CapabilityBoundingSet in service file of bus-proxyd. In case of systemd running in user mode ('systemd --user') it can be achieved by addition Capabilities=cap_mac_admin=i and SecureBits=keep-caps to user@.service file and setting cap_mac_admin+ei on bus-proxyd binary.
2014-12-09sd-bus: get rid of PID starttime conceptLennart Poettering
As kdbus no longer exports this, remove all traces from sd-bus too
2014-12-08sd-bus: rework ELF error mapping table magicLennart Poettering
The ELF magic cannot work for consumers of our shard library, since they are in a different module. Hence make all the ELF magic private, and instead introduce a public function to register additional static mapping table.
2014-12-06remove duplicated includesThomas Hindoe Paaboel Andersen