| Age | Commit message (Collapse) | Author |
|---|
|
|
|
|
|
We use "typedef struct Ring Ring" with camel-case for internal objects.
So rename "struct ring" to "Ring".
|
|
|
|
private in-addr-util.[ch]
These are enough calls for a new file, and they are sufficiently
different from the sockaddr-related calls, hence let's split this out.
|
|
|
|
|
|
Better safe than sorry.
|
|
Otherwise the test fails because specifier_runtime() returns -ENOTSUP
when XDG_RUNTIME_DIR is not set.
|
|
|
|
add tests for:
- unit_instance_is_valid
- unit_prefix_is_valid
- unit_name_change_suffix
- unit_name_build
- unit_name_is_instance
- build_subslice
- unit_name_to_instance
- unit_name_escape
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
add tests for:
- filename_is_safe
- ascii_strlower
- files_same
- is_valid_documentation_url
- file_in_same_dir
- endswith
- close_nointr
- unlink_noerrno
- readlink_and_make_absolute
- read_one_char
- ignore_signals
- strshorten
|
|
|
|
|
|
do all-unit preset operations
The new "systemctl preset-all" command may now be used to put all
installed units back into the enable/disable state the vendor/admin
encoded in preset files.
Also, introduce "systemctl --preset-mode=enable-only" and "systemctl
--preset-mode=disable-only" to only apply the enable or only the disable
operations of a "systemctl preset" or "systemctl preset-all" operation.
"systemctl preset-all" implements this RFE:
https://bugzilla.redhat.com/show_bug.cgi?id=630174
|
|
|
|
add tests for:
- hashmap_remove_and_put
- hashmap_first_key
- hashmap_last
- hashmap_steal_first_key
- hashmap_clear_free_free
|
|
|
|
|
|
Enforcement is still missing, but at least we can parse it now.
|
|
also mounting /etc read-only
Also, rename ProtectedHome= to ProtectHome=, to simplify things a bit.
With this in place we now have two neat options ProtectSystem= and
ProtectHome= for protecting the OS itself (and optionally its
configuration), and for protecting the user's data.
|
|
ReadOnlySystem= uses fs namespaces to mount /usr and /boot read-only for
a service.
ProtectedHome= uses fs namespaces to mount /home and /run/user
inaccessible or read-only for a service.
This patch also enables these settings for all our long-running services.
Together they should be good building block for a minimal service
sandbox, removing the ability for services to modify the operating
system or access the user's private data.
|
|
|
|
|
|
No functional change expected :)
|
|
|
|
New "struct ring" object that implements a basic ring buffer for arbitrary
byte-streams. A new basic runtime test is also added.
This will be needed for our pty helpers for systemd-console and friends.
|
|
Sounds easy, turns out to be horrible to implement: ALIGN_POWER2 returns
the next higher power of 2. clz(0) is undefined, same is true for
left-shift-overflows, yey, C rocks!
|
|
It's used for the FailureAction property as well.
|
|
test-path-utils attempts to find itself, but if the binary is not
in current directory, the test would fail.
|
|
The way the kernel namespaces have been implemented breaks assumptions
udev made regarding uevent sequence numbers. Creating devices in a
namespace "steals" uevents and its sequence numbers from the host. It
confuses the "udevadmin settle" logic, which might block until util a
timeout is reached, even when no uevent is pending.
Remove any assumptions about sequence numbers and deprecate libudev's
API exposing these numbers; none of that can reliably be used anymore
when namespaces are involved.
|
|
In contrast to a filename-only argument, find_binary() did not
actually check if an path exists, allowing the code to fail later on.
This was OK, but it seems nicer to treat both paths identically.
Also take advantage of path_make_absolute_cwd doing strdup() by itself
if necessary to simplify.
|
|
Modifies find_binary() to accept NULL in the second argument.
fsck.type lookup logic moved to new fsck_exists() function, with a test.
|
|
This patch fixes the broken test-cases for sd-rtnl and add support for ipip
and sit tunnel.
[tomegun: minor fixups]
|
|
Added support for tunneling netlink attrributes (ipip, gre, sit).
These works with kernel module ipip, gre and sit . The test cases are
moved to a separate file and manual test as well because they require
respective kernel modules as well.
|
|
|
|
safe_close_pair() is more like safe_close(), except that it handles
pairs of fds, and doesn't make and misleading allusion, as it works
similarly well for socketpairs() as for pipe()s...
|
|
number of fixed strings
|
|
safe_close() automatically becomes a NOP when a negative fd is passed,
and returns -1 unconditionally. This makes it easy to write lines like
this:
fd = safe_close(fd);
Which will close an fd if it is open, and reset the fd variable
correctly.
By making use of this new scheme we can drop a > 200 lines of code that
was required to test for non-negative fds or to reset the closed fd
variable afterwards.
|
|
|
|
This is very useful when debugging sd-bus to look at messages.
|
|
them fully log out
|
|
first argument
|
