summaryrefslogtreecommitdiff
path: root/src/shared
AgeCommit message (Collapse)Author
2014-12-18machinectl: add new commands for copying files from/to containersLennart Poettering
2014-12-18util: in make_stdio() use dup2() rather than dup3()Lennart Poettering
dup3() allows setting O_CLOEXEC which we are not interested in. However, it also fails if called with the same fd as input and output, which is something we don't want. Hence use dup2(). Also, we need to explicitly turn off O_CLOEXEC for the fds, in case the input fd was O_CLOEXEC and < 3.
2014-12-17nspawn: fix invocation of the raw clone() system call on s390 and crisKen Werner
Since the order of the first and second arguments of the raw clone() system call is reversed on s390 and cris it needs to be invoked differently.
2014-12-16path: follow symbolic link for parent pathUmut Tezduyar Lindskog
[zj: When we lstat the target path, symlinks above the last component will be followed by both stat and lstat. So when we look at the parent, we should follow symlinks.]
2014-12-17shared: strv - add strv_clear()Tom Gundersen
This frees the elements of the strv without freeing the strv itself.
2014-12-16shared: path-util - memory leakTom Gundersen
2014-12-16fix compiler warningSusant Sahani
src/shared/utf8.c:268:13: warning: unused variable 'd' [-Wunused-variable] int d;
2014-12-16systemctl: refuse to edit runtime dropins when they already exist in /etcZbigniew Jędrzejewski-Szmek
The check for existing unit files and dropins is unified. path_join() is updated to not insert duplicate separators.
2014-12-16Move dropin listing to sharedZbigniew Jędrzejewski-Szmek
No functional change. This is in preparation for using this in systemctl in the future.
2014-12-15shared: add minimal JSON tokenizerLennart Poettering
2014-12-15udev: builtin-hwdb - port to sd-hwdbTom Gundersen
2014-12-15shared: time-dst: Avoid buffer overflowMartin Pitt
Commit 681f9718 introduced an additional null terminator for the zone names. Increase the allocation of "transitions" to actually make room for this.
2014-12-13configure.ac: add a generic --enable-debug, replace --enable-hashmap-debugMichal Schmidt
There will be more debugging options later. --enable-debug will enable them all. --enable-debug=hashmap will enable only hashmap debugging. Also rename the C #define to ENABLE_DEBUG_* pattern.
2014-12-13shared/hashmap.h: fix commentMichal Schmidt
An early version used underscore prefixes for internal functions, but the current version uses the prefix "internal_".
2014-12-12nspawn: allow spawning ephemeral nspawn containers based on the root file ↵Lennart Poettering
system of the OS This works now: # systemd-nspawn -xb -D / -M foobar Which boots up an ephemeral container, based on the host's root file system. Or in other words: you can now run the very same host OS you booted your system with also in a container, on top of it, without having it interfere. Great for testing whether the init system you are hacking on still boots without reboot the system!
2014-12-12copy: use btrfs reflinking only whe we know we copy full filesLennart Poettering
2014-12-12nspawn: beef up nspawn with some btrfs magicLennart Poettering
This adds --template= to duplicate an OS tree as btrfs snpashot and run it This also adds --ephemeral or -x to create a snapshot of an OS tree and boot that, removing it after exit.
2014-12-12copy: teach copy_bytes() btrfs reflink magicLennart Poettering
2014-12-12shared: add new btrfs-util.[ch] helpers for doing common btrfs operationLennart Poettering
2014-12-12shared: missing.h should include btrfs.h, before redefining some of its ↵Lennart Poettering
definitions
2014-12-12util: minor simplification for loop_write() and loop_read()Lennart Poettering
2014-12-12seccomp-util.h: make sure seccomp-util.h can be included aloneLennart Poettering
2014-12-12path-util: no need to check whether p is absolute twiceLennart Poettering
2014-12-12util: document why we have alloca_align()Lennart Poettering
2014-12-12util: when using basename() for creating temporary files, verify the ↵Lennart Poettering
resulting name is actually valid Also, rename filename_is_safe() to filename_is_valid(), since it actually does a full validation for what the kernel will accept as file name, it's not just a heuristic.
2014-12-11tree-wide: use our memset() macros instead of memset() itselfLennart Poettering
2014-12-11shared: correct spacing near eol in code commentsTorstein Husebø
2014-12-10scope: make attachment of initial PIDs a bit more robustLennart Poettering
2014-12-10core: properly pass unit file state to clients via the busLennart Poettering
2014-12-10sd-bus: move common errors src/shared/bus-errors.h → ↵Lennart Poettering
src/libsystemd/sd-bus/bus-common-errors.h Stuff in src/shared/ should not use stuff from src/libsystemd/ really.
2014-12-10virt: when detecting containers and /run/systemd/container cannot be read, ↵Lennart Poettering
check /proc/1/environ This way, we should be in a slightly better situation if a container is booted up with only a shell as PID 1. In that case /run/systemd/container will not be populated, and a check for it hence be ineffective. Checking /proc/1/environ doesn't fully fix the problem though, as the file is only accessible with privileges. This means if PID 1 is not systemd, and if privileges have been dropped the container detection will continue to fail.
2014-12-09treewide: sanitize loop_writeZbigniew Jędrzejewski-Szmek
loop_write() didn't follow the usual systemd rules and returned status partially in errno and required extensive checks from callers. Some of the callers dealt with this properly, but many did not, treating partial writes as successful. Simplify things by conforming to usual rules.
2014-12-10util: introduce our own gperf based capability listLennart Poettering
This way, we can ensure we have a more complete, up-to-date list of capabilities around, always.
2014-12-10core: unify how we iterate over inotify eventsLennart Poettering
Let's add some syntactic sugar for iterating through inotify events, and use it everywhere.
2014-12-09bus-proxy: cloning smack labelPrzemyslaw Kedzierski
When dbus client connects to systemd-bus-proxyd through Unix domain socket proxy takes client's smack label and sets for itself. It is done before and independent of dropping privileges. The reason of such soluton is fact that tests of access rights performed by lsm may take place inside kernel, not only in userspace of recipient of message. The bus-proxyd needs CAP_MAC_ADMIN to manipulate its label. In case of systemd running in system mode, CAP_MAC_ADMIN should be added to CapabilityBoundingSet in service file of bus-proxyd. In case of systemd running in user mode ('systemd --user') it can be achieved by addition Capabilities=cap_mac_admin=i and SecureBits=keep-caps to user@.service file and setting cap_mac_admin+ei on bus-proxyd binary.
2014-12-09sd-bus: get rid of PID starttime conceptLennart Poettering
As kdbus no longer exports this, remove all traces from sd-bus too
2014-12-08sd-bus: rework ELF error mapping table magicLennart Poettering
The ELF magic cannot work for consumers of our shard library, since they are in a different module. Hence make all the ELF magic private, and instead introduce a public function to register additional static mapping table.
2014-12-06remove duplicated includesThomas Hindoe Paaboel Andersen
2014-12-04missing: define NET_NAME_UNKNOWNColin Walters
It's only exposed to userspace since commit 685343fc3ba61a1f6eef361b786601123db16c28 Author: Tom Gundersen <teg@jklm.no> AuthorDate: Mon Jul 14 16:37:22 2014 +0200 Commit: David S. Miller <davem@davemloft.net> CommitDate: Tue Jul 15 16:12:01 2014 -0700 to the kernel.
2014-12-04missing: apparently, there's a world beyond x86..David Herrmann
..so make them cry and print a warning if __NR_memfd_create is not defined. This should make syscall() fail with -ENOSYS, thus trigger a suitable runtime error-path.
2014-12-04smack-util: remove warning when building without SMACK supportLennart Poettering
2014-12-04selinux: figure out selinux context applied on exec() before closing all fdsMichal Sekletar
We need original socket_fd around otherwise mac_selinux_get_child_mls_label fails with -EINVAL return code. Also don't call setexeccon twice but rather pass context value of SELinuxContext option as an extra argument.
2014-12-04utf8: minor simplificationsLennart Poettering
2014-12-04utf8: when escaping unprintable unichars, escape the whole unichar, not just ↵Lennart Poettering
the first byte of it
2014-12-04utf8: intruduce utf8_escape_non_printableWaLyong Cho
2014-12-03util: don't shadow variableThomas Hindoe Paaboel Andersen
environ is already defined in unistd.h
2014-12-03strv: add calls to add two entries to an strv at onceLennart Poettering
2014-12-03machine-id-setup: add a machine_id_commit call to commit on disk a transient ↵Didier Roche
machine-id If /etc was read only at boot time with an empty /etc/machine-id, the latter will be mounted as a tmpfs and get reset at each boot. If the system becomes rw later, this functionality enables to commit in a race-free manner the transient machine-id to disk.
2014-12-02shared: add format helpers for printing MAC addressesTom Gundersen
Use these in networctl.
2014-12-02shared: udev-util - add hwdb cleanup macroTom Gundersen