Age | Commit message (Collapse) | Author |
|
CID#1271344/1271345
|
|
|
|
assert(b->pipe[0] >= 0 && b->pipe[0] >= 0);
Test the same condition twice, pretty sure we mean
assert(b->pipe[0] >= 0 && b->pipe[1] >= 0);
|
|
Fix the following gcc5 warning:
CC src/shared/libsystemd_shared_la-unit-name.lo
src/shared/unit-name.c: In function 'unit_name_is_valid':
src/shared/unit-name.c:102:34: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
if (!template_ok == TEMPLATE_VALID && at+1 == e)
^
|
|
CC src/shared/libsystemd_shared_la-time-util.lo
src/shared/time-util.c: In function 'parse_nsec':
src/shared/time-util.c:789:25: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
if (!*s != 0)
^
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=89202
https://bugs.debian.org/778656
Status quo ante can be restored with:
getfacl -p /var/log/journal/`cat /etc/machine-id`|grep -v '^#'|sort -u|sudo setfacl --set-file=- /var/log/journal/`cat /etc/machine-id`
|
|
Include <sys/socket.h> from util.h and bus-message.h in order to
build errors like the ones below on kdbus enabled systems.
./src/shared/util.h:976:32: warning: its scope is only this definition or declaration, which is probably not what you want
In file included from src/libsystemd/sd-bus/bus-kernel.c:37:0:
./src/shared/util.h:1081:28: warning: 'struct msghdr' declared inside parameter list
void cmsg_close_all(struct msghdr *mh);
^
CC src/libsystemd/sd-bus/libsystemd_la-bus-creds.lo
In file included from src/libsystemd/sd-bus/bus-creds.c:25:0:
./src/shared/util.h:976:32: warning: 'struct ucred' declared inside parameter list
int getpeercred(int fd, struct ucred *ucred);
^
|
|
This patch removes includes that are not used. The removals were found with
include-what-you-use which checks if any of the symbols from a header is
in use.
|
|
Make sure we don't inspect sun_path of unnamed sockets.
Since we cannot know if two unnamed sockets' adresses refer to the same
socket, just return false.
|
|
Just call socket_address_equal() from socket_address_matches_fd()
instead of implementing similar comparing of addresses.
|
|
Cleanup. No behavior change.
|
|
When dbus.socket is updated like this:
-ListenStream=/var/run/dbus/system_bus_socket
+ListenStream=/run/dbus/system_bus_socket
... and daemon-reload is performed, bad things happen.
During deserialization systemd does not recognize that the two paths
refer to the same named socket and replaces the socket file with a new
one. As a result, applications hang when they try talking to dbus.
Fix this by finding a match not only when the path names are equal, but
also when they point to the same inode.
In socket_address_equal() it is necessary to move the address size
comparison into the abstract sockets branch. For path name sockets the
comparison must not be done and for other families it is redundant
(their sizes are constant and checked by socket_address_verify()).
FIFOs and special files can also have multiple pathnames, so compare the
inodes for them as well. Note that previously the pathname checks used
streq_ptr(), but the paths cannot be NULL.
Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186018
|
|
Previously we always invoked the container PID 1 on /dev/console of the
container. With this change we do so only if nspawn was invoked
interactively (i.e. its stdin/stdout was connected to a TTY). In all other
cases we directly pass through the fds unmodified.
This has the benefit that nspawn can be added into shell pipelines.
https://bugs.freedesktop.org/show_bug.cgi?id=87732
|
|
With this change runlevel 2, 3, 4 are mapped to multi-user.target for
good, and 5 to graphical.target. This was already the previous mapping
but is now no longer reconfigurable, but hard-coded into the core.
This should generally simplify things, but also fix one bug: the
sysv-generator previously generated symlinks to runlevel[2-5].target
units, which possibly weren't picked up if these aliases were otherwise
only referenced by the real names "multi-user.target" and
"graphical.target".
We keep compat aliases "runlevel[2345].target" arround for cases where
this target name is explicitly requested.
|
|
The call iterates through cmsg list and closes all fds passed via
SCM_RIGHTS.
This patch also ensures the call is used wherever appropriate, where we
might get spurious fds sent and we should better close them, then leave
them lying around.
|
|
|
|
|
|
PolicyKit
|
|
|
|
|
|
|
|
Macro DEFINE_STRING_TABLE_LOOKUP expands to a new function for each
of the almost 120 tables throghout the code.
Move the its implementation to a function (guaranteed to never be inlined),
and make the macro expand to an inlined function that calls this function.
This saves a few kilobytes from the systemd binary
(David: - fix coding-style
- use 'ssize_t' to fix 32bit to 64bit propagation
- use streq_ptr())
|
|
Add missing IFLA_INET6_ADDR_GEN_MODE definition so we can build with
kernel headers < 3.17
|
|
include-what-you-use automatically does this and it makes finding
unnecessary harder to spot. The only content of poll.h is a include
of sys/poll.h so should be harmless.
|
|
This fixes various issues found by globally reordering the include
sections of all .c files.
|
|
|
|
Also, document in adjacent comments and in CODING_STYLE why we do that.
|
|
|
|
http://lists.freedesktop.org/archives/systemd-devel/2015-February/027960.html
|
|
The assert added in 7d328b5446 was wrong. Also update the comments
and make sure we don't try to shift by type size.
|
|
|
|
We were dropping the most significant bit. Add an assert to make sure it does not happen again.
Fixes a bug introduced in 7d328b544621d4b1bec936dec612947ad8bfb65a.
|
|
It ran either skip_session() or skip_user_manager(), then ran skip_slices()
iff skip_session() ran. It needs to run skip_slices() in either case.
Included is a test case demonstrating why.
|
|
quiet should really just have an effect on the stuff we dump on the
console, not what we log elsewhere.
Hence:
debug on kernel cmdline → interpreted by every tool, turns up
log levels to "debug" everywhere.
quiet on kernel cmdline → interpreted only by PID 1 (and
obviously the kernel) no alteration of the max log level, but
turns off status output.
http://lists.freedesktop.org/archives/systemd-devel/2014-December/026271.html
|
|
Check sysfs devicetree values in order to detect if we are running on a KVM
hypervisor on a powerpc architecture.
|
|
|
|
|
|
After all it is now much more like strjoin() than strappend(). At the
same time, add support for NULL sentinels, even if they are normally not
necessary.
|
|
a single user so far.
|
|
|
|
|
|
From fd.o bug 88898:
systemd-resolved fails to start:
Failed to drop capabilities: Operation not permitted
Broken in f11943c53ec181829a821c6b27acf828bab71caa.
Drop all capabilities:
1. prctl(PR_SET_KEEPCAPS, keep_capabilities != 0) // 0 when we drop all
capabilities
2. setresuid() // bye bye capabilities
3. Add CAP_SETPCAP // fails because we have no capabilities
4. Reduce capability bounding set
5. Drop capabilities
6. prctl(PR_SET_KEEPCAPS, 0)
Capabilites should always be kept after setresuid() so that the capability
bounding set can be reduced.
Based-on-a-patch-by: mustrumr97@gmail.com
https://bugs.freedesktop.org/show_bug.cgi?id=88898
We must be careful not to leave PR_SET_KEEPCAPS on. We could use the
setresuid() call to drop capabilities, but the rules when capabilities
are dropped are fairly complex, since a transition to non-zero uid must
happen. Let's instead keep the capabilities during setresuid(), and drop
them later.
|
|
If we scale our buffer to be wide enough for the format string, we
should expect that the calculation was correct.
char_array_0() invocations are removed, since snprintf nul-terminates
the output in any case.
A similar wrapper is used for strftime calls, but only in timedatectl.c.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=87354
|
|
|
|
|
|
|
|
on aarch64
|
|
Both plain opendir() and glob() will bump access time. Privileged
option O_NOATIME can be used to prevent the access time from being
updated. We already used it for subdirectories of the directories
which we were cleaning up. But for the directories specified directly
in the config files, we wouldn't do that. This means that,
paradoxically, our own temporary directories for PrivateTmp would stay
around forever, as long as one let systemd-tmpfiles-clean.service run
regularly, because they had their own glob patterns specified.
https://bugzilla.redhat.com/show_bug.cgi?id=1183684
|
|
|