summaryrefslogtreecommitdiff
path: root/src/util.h
AgeCommit message (Collapse)Author
2010-09-21manager: measure startup timesLennart Poettering
2010-09-16vconsole: add new utility to initialize the virtual consoleLennart Poettering
2010-09-15util: use waitid() instead of waitpid() everywhere to avoid confusion due to ↵Lennart Poettering
SIGSTOP
2010-09-15util: introduce waitpid_loop()Lennart Poettering
2010-08-25systemctl: show timestamps for state changesLennart Poettering
2010-08-20mount: properly handle LABEL="" in fstabLennart Poettering
2010-08-20dbus: follow standardized fdo PropertiesChanged signal specLennart Poettering
2010-08-20service/systemctl: don't consider LSB exit codes 5 and 6 as failure, and ↵Lennart Poettering
decode exit codes in systemctl
2010-08-17nss: don't disable nscd anymore, since it doesn't make sense to ↵Lennart Poettering
socket-activate nscd anyway
2010-08-17emacs: disable tabs in .h files, tooLennart Poettering
2010-08-16systemctl: add support for delayed shutdown, similar to sysv in styleLennart Poettering
2010-08-11main: disable nscd properly, if possibleLennart Poettering
2010-08-11gc: remove a lot of unused codeLennart Poettering
2010-08-11selinux: split off selinux calls into seperate file label.cLennart Poettering
2010-08-11systemctl: beef up highlighting of service states a littleLennart Poettering
2010-08-03Systemd is causing mislabeled devices to be created and then attempting to ↵Daniel J Walsh
read them. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 07/28/2010 05:57 AM, Kay Sievers wrote: > On Wed, Jul 28, 2010 at 11:43, Lennart Poettering > <lennart@poettering.net> wrote: >> On Mon, 26.07.10 16:42, Daniel J Walsh (dwalsh@redhat.com) wrote: >>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file >>> type=1400 audit(1280174589.476:7): avc: denied { read } for pid=1 >>> comm="systemd" name="autofs" dev=devtmpfs ino=9482 >>> scontext=system_u:system_r:init_t:s0 >>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file >>> type=1400 audit(1280174589.476:8): avc: denied { read } for pid=1 >>> comm="systemd" name="autofs" dev=devtmpfs ino=9482 >>> scontext=system_u:system_r:init_t:s0 >>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file >>> >>> Lennart, we talked about this earlier. I think this is caused by the >>> modprobe calls to create /dev/autofs. Since udev is not created at the >>> point that init loads the kernel modules, the devices get created with >>> the wrong label. Once udev starts the labels get fixed. >>> >>> I can allow init_t to read device_t chr_files. >> >> Hmm, I think a cleaner fix would be to make systemd relabel this device >> properly before accessing it? Given that this is only one device this >> should not be a problem for us to maintain, I think? How would the >> fixing of the label work? Would we have to spawn restorecon for this, or >> can we actually do this in C without too much work? > > I guess we can just do what udev is doing, and call setfilecon(), with > a context of an earlier matchpathcon(). > > Kay > _______________________________________________ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > http://lists.freedesktop.org/mailman/listinfo/systemd-devel Here is the updated patch with a fix for the labeling of /dev/autofs -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.14 (GNU/Linux) Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/ iEYEARECAAYFAkxQMyoACgkQrlYvE4MpobNviACfWgxsjW2xzz1qznFex8RVAQHf gIEAmwRmRcLvGqYtwQaZ3WKIg8wmrwNk =pC2e
2010-07-20device: do not merge devicesLennart Poettering
Don't try to merge devices that have been created via dependencies when they appear in the system and can be recognized as the same. Instead, simply continue to maintain them independently of each other, however with the same state cycle. Why? Because otherwise we'd have a hard time to seperate the dependencies after the devices are unplugged again and we hence cannot be sure anymore that next time the device is plugged in it will carry the same names. Example: if one depndency refers to dev-sda.device and another one to dev-by-id-xxxyyy.device we only learn at time of plug in of the device that it is actually the same device that was ment. In the moment the device is unplugged again we won't know anymore their relation to each other and the next time the harddisk is plugged it might even appear as dev-by-id-xxxyyy.device and dev-sdb.service. To ensure the dependencies continue to have the meaning they were intended to have let's hence keep the .device objects seperate all the time, even when they are plugged in. This patch also introduces a new Following= property which points from the various .device units of a specific device to the main .device unit for it. This can be used by the client side to figure out the relation of the .device units to each other and even filter units from display.
2010-07-12cgroup: reimplement the last bit of libcgroup functionality nativelyLennart Poettering
2010-07-10execute: add ability to configure the kill signalLennart Poettering
2010-07-08install: various improvementsLennart Poettering
Rename --start to --realize, to make things less confusing when doing "systemctl stop --realize foo.service". Introduce --realize=reload. Don't talk to systemd when run within a chroot, or when systemd isn't running.
2010-07-08cgls: beef up control group dumping and introduce cgls toolLennart Poettering
2010-07-08execute: support minimal environment variable replacement when executing ↵Lennart Poettering
processes
2010-07-07util: introduce cunescape_length()Lennart Poettering
2010-07-07util: implement safe_atolu based on safe_atolli/safe_atoi, depending on word ↵Lennart Poettering
size
2010-07-07main: show welcome message on bootLennart Poettering
2010-07-07manager: optionally print status updates to console on bootLennart Poettering
2010-07-05systemctl: show cgroup contents in statusLennart Poettering
2010-07-05systemctl: implement 'status' commandLennart Poettering
2010-07-04dbus: complete exec coverageLennart Poettering
2010-07-01socket: make various socket/pipe options configurableLennart Poettering
2010-07-01core: rename struct timestamp to dual_timestamp to avoid name clash with IP ↵Lennart Poettering
system headers
2010-06-23pam: dont use $XDG_SESSION_COOKIE since CK wants that to be secret. Come up ↵Lennart Poettering
with our own $XDG_SESSION_ID based on /proc/self/sessionid if that is available
2010-06-21pam: implement systemd PAM module and generelize cgroup API for that a bitLennart Poettering
2010-06-18install: make systemd-install useful for installation of template instancesLennart Poettering
2010-06-18systemctl: add /dev/initctl fallbackLennart Poettering
2010-06-18systemctl: warn users via wall that the system goes downLennart Poettering
2010-06-17manager: expose a few special units via SIGRTMIN+x signalsLennart Poettering
2010-06-17util: implement parse_pid() functionLennart Poettering
2010-06-16service: optionally call into PAM when dropping priviligesLennart Poettering
2010-06-16util: introduce random_ull()Lennart Poettering
2010-06-16util: introduce readlink_and_make_absolute()Lennart Poettering
2010-05-24path: add .path unit type for monitoring filesLennart Poettering
2010-05-24timer: fully implement timer unitsLennart Poettering
2010-05-22manager: canonicalize search paths and filter out non-existing paths and ↵Lennart Poettering
those pointing to the same fs directory
2010-05-22execute: only reset those signals to the default we really need to reset to ↵Lennart Poettering
the default
2010-05-18main: ignore EPERM in TIOCSTTY when opening terminal for crash shellLennart Poettering
2010-05-16build-sys: move source files to subdirectoryLennart Poettering