Age | Commit message (Collapse) | Author |
|
|
|
|
|
This reverts commit e7d43b3cc30764138c90eaaf95d3d8f49e448890.
This broke the console terminal when booting up a container, so let's
not do this.
|
|
|
|
reconnect
|
|
Instead, force reopen it only if we really really have to.
|
|
In some circumstances, for example when start-up times out we
immediately jump into the final state, at which point we still should
try to watch the main pid so that the SIGCHLD allows us to quickly
move into dead state.
|
|
activated
|
|
also define noreturn w/o <stdnoreturn.h>
|
|
the process only has one working directory, and a race is
harmless
|
|
Also make thread_local available w/o including <threads.h>.
(as the latter hasn't been implemented, but this part is trivial)
|
|
Due to this patch, message dump (for message which includes boolean
type) is more consistent with dbus-send (which display true/false
instead of yes/no for boolean). It's only simple 'cosmetics change'.
** For dbus-send **
dbus-send --system --dest=org.freedesktop.DBus --type=method_call --print-reply / org.freedesktop.DBus.NameHasOwner string:org.freedesktop.login1
method return sender=org.freedesktop.DBus -> dest=:1.97 reply_serial=2
boolean true
** For libsystemd-bus (without this patch) **
‣ Type=method_call Endian=l Flags=0 Version=2 Serial=8
Destination=org.freedesktop.DBus Path=/org/freedesktop/DBus Interface=org.freedesktop.DBus Member=NameHasOwner
MESSAGE "s" {
STRING "org.freedesktop.login1";
};
‣ Type=method_return Endian=l Flags=1 Version=2 Serial=51 ReplySerial=8
Sender=:1.59 Destination=:1.67
UniqueName=:1.59 WellKnownNames={org.freedesktop.DBus}
MESSAGE "b" {
BOOLEAN yes;
};
For me true/false seems to be better readable than yes/no for BOOLEAN.
|
|
|
|
bus also switch over PID namespace
This is necessary to ensure that kdbus can collect creds of the
destination namespace when connecting.
|
|
If we have the priviliges we will try SO_SNDBUFFORCE/SO_RCVBUFFORCE and
only fall back to SO_SNDBUF/SO_RCVBUF if that fails.
|
|
These specifiers require NSS lookups to work, and we really shouldn't do
them from PID 1 hence. With this change they are now only supported for
user systemd instance, or when the configured user for a unit is root.
|
|
Since numbers involved are all small, behaviour was correct already.
https://bugzilla.redhat.com/show_bug.cgi?id=1043304
|
|
|
|
the transition
|
|
Previously we'd open the connection in the originating namespace, which
meant most peers of the bus would not be able to make sense of the
PID/UID/... identity of us since we didn't exist in the namespace they
run in. However they require this identity for privilege decisions,
hence disallowing access to anything from the host.
Instead, when connecting to a container, create a temporary subprocess,
make it join the container's namespace and then connect from there to
the kdbus instance. This is similar to how we do it for socket
conections already.
THis also unifies the namespacing code used by machinectl and the bus
APIs.
|
|
|
|
|
|
Needed for socketpair, recv
|
|
% build/journalctl help
Assertion 'match_is_valid(data, size)' failed at ../src/journal/sd-journal.c:227, function sd_journal_add_match(). Ignoring.
Callers cannot be expect to check all arguments always.
|
|
log message
|
|
This adds the new library call sd_journal_open_container() and a new
"-M" switch to journalctl. Particular care is taken that journalctl's
"-b" switch resolves to the current boot ID of the container, not the
host.
|
|
|
|
It was calling cfmakeraw(3) on the properties for STDIN_FILENO; cfmakeraw
sets both input and output properties. If (and only if) stdin and stdout
are the same device is this correct. Otherwise, we must change only the
input properties of stdin, and only the output properties of stdout.
|
|
|
|
|
|
|
|
|
|
The only problem is that libgen.h #defines basename to point to it's
own broken implementation instead of the GNU one. This can be fixed
by #undefining basename.
|
|
|
|
- Add space between if/for and the opening parentheses
- Place the opening brace on same line as the function (not for udev)
From the CODING_STYLE
Try to use this:
void foo() {
}
instead of this:
void foo()
{
}
|
|
|
|
.service units
|
|
|
|
Introduce IN_SET() macro to nicely check whether a value a is one of a
few listed values.
This makes writing this:
if (a == 1 || a == 7 || a == 8 || a == 9)
nicer, by allowing this:
if (IN_SET(a, 1, 7, 8, 9))
This is particularly useful for state machine enums.
|
|
Compared to greedy_realloc(), this sets all newly allocated memory to 0.
As the old variant has been used a lot for string-handling, we avoid
changing it as clearing memory is not needed there.
|
|
my e93c33d4aa broke this stupidly
|
|
|
|
We must return a negative error code from getttyname_malloc but
that would not be the case if ttyname_r returned a negative value.
ttyname_r should only return EBADF, ENOTTY, or ERANGE so it should
be safe to change.
|
|
|
|
|
|
It didn't build on arm. Let's simplify it a bit by
splitting x86 specific parts out, which should also make
things easier when arm virtualization support is added.
|
|
This way we can unify handling of credentials that are attached to
messages, or can be queried for bus name owners or connection peers.
This also adds the ability to extend incomplete credential information
with data from /proc,
Also, provide a convenience call that will automatically determine the
most appropriate credential object for an incoming message, by using the
the attached information if possible, the sending name information if
available and otherwise the peer's credentials.
|
|
Inspired by a patch by Lukas Nykryn.
|
|
PrivateTmp= namespaces
|
|
Otherwise there is some memory corruption and undefined behavior,
e.g., in my case systemd-udev was always aborted at the
_cleanup_freep_ around that code blocks.
|