Age | Commit message (Collapse) | Author |
|
|
|
If we invoke agents, we should make sure we actually can kill them
again. I mean, it's probably not our job to cleanup the signals if our
tools are invoked in weird contexts, but at least we should make sure,
that the subprocesses we invoke and intend to control work as intended.
Also see:
http://lists.freedesktop.org/archives/systemd-devel/2014-August/022460.html
|
|
handlers when one sigaction() fails
After all, we usually don't check for failures here, and it is better to
do as much as we can...
|
|
BPF_XOR was introduced in kernel 3.7
|
|
This reverts commit 41a451cc2901a5deb985aea4cc8de204a22e5612.
This breaks checks for masking of units file, since we invoke
null_or_empty_path() on the resulting path.
|
|
This patch modifies unit_file_get_list which will now return
hashmap of structures where f->path is *without* root_dir prefix.
This change should be ok, because current code either does not use
root_dir at all or calls basename() on the f->path.
|
|
When this system-wide start-up timeout is hit we execute one of the
failure actions already implemented for services that fail.
This should not only be useful on embedded devices, but also on laptops
which have the power-button reachable when the lid is closed. This
devices, when in a backpack might get powered on by accident due to the
easily reachable power button. We want to make sure that the system
turns itself off if it starts up due this after a while.
When the system manages to fully start-up logind will suspend the
machine by default if the lid is closed. However, in some cases we don't
even get as far as logind, and the boot hangs much earlier, for example
because we ask for a LUKS password that nobody ever enters.
Yeah, this is a real-life problem on my Yoga 13, which has one of those
easily accessible power buttons, even if the device is closed.
|
|
|
|
We don't have the correct __NR_memfd_create syscall number yet, so set it to
0xffffffff for now to prevent compile time errors.
|
|
The MAXSIZE() macro takes two types and returns the size of the larger
one. It is much simpler to use than MAX(sizeof(A), sizeof(B)) and also
avoids any compiler-extensions, unlike CONST_MAX() and MAX() (which are
needed to avoid evaluating arguments more than once). This was suggested
by Daniele Nicolodi <daniele@grinta.net>.
Also make resolved use this macro instead of CONST_MAX(). This enhances
readability quite a bit.
|
|
|
|
Unlike strv_find_prefix() the new call will return a pointer to the
suffix of the item we found, instead of the whole item. This is more
closer inline with what startswith() does, and allows us to simplify a
couple of invocations.
|
|
safe_close()
Save/restore errno, like we do in safe_close(). And don't fork a thread
if the parameter is already negative.
|
|
|
|
This way we can use it on non-const strings, and don't end up with a
const'ified result.
This is similar to libc's strstr() which also takes a const string but
returns a non-const one.
|
|
|
|
Previously systemctl died with message
-bash-4.2# systemctl --root /rawhi list-unit-files
(src/systemctl/systemctl.c:868) Out of memory.
in the case that no unit files were found in the --root
or the directory did not exist.
So lets return ENOENT in the case that --root does not exist
and empty list in the case that there are no unit files.
|
|
|
|
else is proper UTF8
|
|
If a name was passed in as function argument, trust it, and don't do utf-8
encoding for them. Callers are obliged to check the names themselves, and
escape them in case they use anything they got from the outside world.
|
|
As memfds are now created by proper kernel API, and not by our functions, we
can't rely on names being escaped/unescaped according to our current logic.
Thus, the only safe way is to remove the escaping and when reading names,
just escape names that are not properly encoded in UTF-8.
Also, remove assert(name) lines from the memfd creation functions, as we
explictly allow name to be NULL.
|
|
Now, that the memfd stuff is not exported anymore, we can simplify a few
things:
Use assert() instead of assert_return(), since this is used internally
only, and we should be less permissive then.
No need to pass an allocated fd back by call-by-reference, we can just
directly return it.
|
|
This reverts commit cf8bd44339b00330fdbc91041d6731ba8aba9fec.
Needs more discussion on the mailing list.
|
|
UIDs/GIDs from
This way we can guarantee a limited amount of compatibility with
login.defs, by generate an appopriate "r" line out of it, on package
installation.
|
|
This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.
Implementation of label_get_child_label derived from xinetd.
Reviewed-by: Paul Moore <pmoore@redhat.com>
|
|
|
|
|
|
|
|
writable
https://bugs.freedesktop.org/show_bug.cgi?id=81169
|
|
Remove the sd_ prefix from internal functions and get rid of the sd_memfd
type. As a memfd is now just a native file descriptor, we can get rid of our
own wrapper type, and also use close() and dup() on them directly.
|
|
We now have a sd_memfd_freep helper, use it if applicable.
|
|
We need to map sealed files as MAP_PRIVATE so far as the kernel treats
MAP_SHARED as writable mapping (you can run mprotect(PROT_WRITE) at any
time on those). However, unsealed files must be mapped as MAP_SHARED.
Otherwise, we never end up writing to the real file.
|
|
We use memfds for sealing. Lets not bother with memfds created without
MFD_ALLOW_SEALING for now. They're equivalent to random shmem files, so
don't bother treating them as sealable memfds.
|
|
No reason to open /dev/kdbus/control if we want memfds. memfd_create() is
always available.
|
|
Fix the memfd.h header to use handy features like #pragma, cleanup-funcs
and util.h. Also drop the EXTERN-C macros.
|
|
Unlike earlier versions, the syscall only takes 2 arguments in its
final version, not 3.
|
|
Don't expose generic kernel API via libsystemd, but keep the code internal
for our own usage.
|
|
|
|
|
|
only, and for all tools
Previously, we ended up parsing some of them three times: in main.c when
processing the kernel cmdline, in main.c when processing the process
cmdline (only for containers), and in log.c again.
Let's streamline this, and only parse them in log.c
In PID 1 also make sure we parse "quiet" first, and then override this
with the more specific checks in log.c
|
|
|
|
The CONST_MAX() macro is similar to MAX(), but verifies that both
arguments have the same type and are constant expressions. Furthermore,
the result of CONST_MAX() is again a constant-expression.
CONST_MAX() avoids any statement-expressions and other non-trivial
expression-types. This avoids rather arbitrary restrictions in both GCC
and LLVM, which both either fail with statement-expressions inside
type-declarations or statement-expressions inside static-const
initializations.
If anybody knows how to circumvent this, please feel free to unify
CONST_MAX() and MAX().
|
|
We must add 'const' to local variables in statement-expressions to
guarantee that the macros can produce constant-expressions if given such.
GCC seems to ignore this, but LLVM/clang requires it (understandably).
|
|
for both validating domains and host names
|
|
makes ethernet addresses look funny
|
|
This should have the benefit that cg_set_attribute() returns ENOENT
instead of EACCESS when we use it for non-existing attributes.
|
|
|
|
http://lists.freedesktop.org/archives/systemd-devel/2014-July/021591.html
|
|
This makes strappenda3 redundant, so we remove its usage and
definition. Add a few tests along the way for sanity.
|
|
Avoids triggering timers prematurely on systems with significantly inaccurate
clocks, or some embedded platforms that lack one entirely.
|