Age | Commit message (Collapse) | Author |
|
remove_directory will always return 0 so this can never happen.
Besides that, d->path and d are freed so we would end up with
a null pointer dereference anyway.
|
|
Fix machinectl login with containers in user namespaces (v2)
|
|
Delete unnecessary checks before some function calls
|
|
Regression: 'journalctl -f -t unmatched' doesn't block properly
|
|
To be able to use `systemd-run` or `machinectl login` on a container
that is in a private user namespace, the sub-process must have entered
the user namespace before connecting to the container's D-Bus, otherwise
the UID and GID in the peer credentials are garbage.
So we extend namespace_open and namespace_enter to support UID namespaces,
and we enter the UID namespace in bus_container_connect_{socket,kernel}.
namespace_open will degrade to a no-op if user namespaces are not enabled
in the kernel.
Special handling is required for the setns call in namespace_enter with
a user namespace, since transitioning to your own namespace is forbidden,
as it would result in re-entering your user namespace as root.
Arguably it may be valid to check this at the call site, rather than
inside namespace_enter, but it is less code to do it inside, and if the
intention of calling namespace_enter is to *be* in the target namespace,
rather than to transition to the target namespace, it is a reasonable
approach.
The check for whether the user namespace is the same must happen before
entering namespaces, as we may not be able to access /proc during the
intermediate transition stage.
We can't instead attempt to enter the user namespace and then ignore
the failure from it being the same namespace, since the error code is
not distinct, and we can't compare namespaces while mid-transition.
|
|
The following functions return immediately if a null pointer was passed.
* calendar_spec_free
* link_address_free
* manager_free
* sd_bus_unref
* sd_journal_close
* udev_monitor_unref
* udev_unref
It is therefore not needed that a function caller repeats a corresponding check.
This issue was fixed by using the software Coccinelle 1.0.1.
|
|
tree-wide: generate EBADF when we get invalid fds
|
|
sd-bus: always fill in sd_bus_error paramters, on error
|
|
resolved: debugging improvements
|
|
Previously the following command:
$ journalctl -f -t unmatchedtag12345
... would block when called with criteria that did not match any
journal lines. Once log lines appeared that matched the criteria
they were displayed.
Commit 02ab86c732576a71179ce12e97d44c289833236d broke this
behavior and the journal was not followed, but the command
exits with '-- No entries --' displayed.
This commit fixes the issue.
More information downstream:
https://bugzilla.redhat.com/show_bug.cgi?id=1253649
|
|
The function "free" is documented in the way that no action shall occur for
a passed null pointer. It is therefore not needed that a function caller
repeats a corresponding check.
http://stackoverflow.com/questions/18775608/free-a-null-pointer-anyway-or-check-first
This issue was fixed by using the software Coccinelle 1.0.1.
|
|
The function "mfree" should be called instead of "free" at a specific
source code place.
|
|
|
|
Whenever one of our calls is invoked with a non-NULL, writable
sd_bus_error parameter, let's fill in some valid error on failure. We
previously only filled in remote errors, but never local errors, which is
hard to handle by users. Hence, let's clean this up to always fill in
the error.
This introduces a new bus_assert_return() macro that works like
assert_return() but optionally also initializes a bus_error struct.
Fixes #224.
Based on a patch by Umut Tezduyar.
|
|
Allow arbitrary file paths to be passed to nspawn (v3)
|
|
|
|
|
|
resolved: enable synthesizing of A, AAAA and PTR records for "localhost"
|
|
nss-myhostname: use LOOPBACK_IFINDEX instead of if_nametoindex("lo")
|
|
There's no reason to explicitly turn off bus activation for resolved
here. The reason this was done before was that the code was copied from
nss-resolve, which has a fallback to glibc's nss-dns if resolved is not
reachable. However, such a logic makes no sense for resolve-host since
such a fallback doesn't make sense here, which means we can actually
turn on activation. Let's do it hence.
|
|
sd-bus: do not connect to dbus-1 socket when kdbus is available
|
|
This is a follow-up to #907, and makes the same change for all our other
public APIs.
|
|
We should never allow leaking of "localhost" queries onto the network,
even if there's an explicit domain rotue set for this.
|
|
Let's make sure that clients querying resolved via the bus for A, AAAA
or PTR records for "localhost" get a synthesized, local reply, so that
we do not hit the network.
This makes part of nss-myhostname redundant, if used in conjunction.
However, given that nss-resolve shall be optional we need to keep this
code in both places for now.
|
|
Given that we already hardocde the loopback ifindex, following the
kernel's own logic, we can replace the invocation of
if_nametoindex("lo") with LOOPBACK_IFINDEX.
|
|
Since dacd6cee76a08331b8c8616c5f30f70ee49aa2f9 the two OOM's are
ignored as the value of r will be overwritten and we only log in
the fail section anyway.
This patch jumps to fail on OOM.
Note that this is different behavior compared to both the current
code and previous to dacd6cee76a08331b8c8616c5f30f70ee49aa2f9. Before
that commit we would log that saving the inhibit data failed, but
still write the file, though without the WHO/WHY section.
CID# 1313545
|
|
sd-daemon: return EBADF for invalid fd numbers
|
|
support reboot -f for kexec kernel
|
|
treewide: trivial issues detected by smatch
|
|
Fix error message:
-->--
Code should not be reached 'Unknown action.' at
src/systemctl/systemctl.c:6382, function halt_now(). Aborting.
Aborted
--<--
when executing 'reboot -f' from a system running a kexec kernel.
|
|
|
|
add_automount() was only used on EFI systems, compile it conditionally
to avoid the warning.
|
|
We should not fall back to dbus-1 and connect to the proxy when kdbus
returns an error that indicates that kdbus is running but just does not
accept new connections because of quota limits or something similar.
Using is_kdbus_available() in libsystemd/ requires it to move from
shared/ to libsystemd/.
Based on a patch from David Herrmann:
https://github.com/systemd/systemd/pull/886
|
|
The partition-type flags are defined independently for every partition-type. Apply
them only to the types where they are defined, and not to the ESP, which does not
appear to share the same set of flags.
https://github.com/systemd/systemd/issues/920
|
|
|
|
Coverity #1299013
|
|
event cannot be NULL due to assert
|
|
bus can never be NULL due to assert
|
|
: characters can be entered with the \: escape sequence.
|
|
Overlayfs uses , as an option separator and : as a list separator. These
characters are both valid in file paths, so overlayfs allows file paths
which contain these characters to backslash escape these values.
|
|
This modifies the strv in-place, replacing strings with their escaped
version. It's mostly just a convenience function for when you need to
join a strv together because it's passed as a string to something, and
the separator needs escaping.
|
|
This is for shell-style \ escaping rather than quoting, which while it
has the same effect in produced shell commands, is not exclusively
useful for shell commands.
shell_escape would be useful for producing sed commands, as you would be
able to \ escape the normal special characters, plus whichever argument
separator was chosen; or it could be used to escape arguments passed to
the overlayfs mount command.
|
|
: characters in bind paths can be entered as the \: escape sequence.
|
|
strv_split_extract is to strv_split_quotes as extract_first_word was to
unquote_first_word.
Now there's extract_first_word for extracting a single argument,
extract_many_words for extracting a bounded number of arguments,
and strv_split_extract for extracting an arbitrary number of arguments.
|
|
This now accepts : characters with the \: escape sequence.
Other escape sequences are also interpreted, but having a \ in your file
path is less likely than :, so this shouldn't break anyone's existing
tools.
|
|
If EXTRACT_DONT_COALESCE_SEPARATORS is passed, then leading separators,
trailing separators and spans of multiple separators aren't skipped, and
empty arguments from before, after or between separators may be extracted.
|
|
This adds an EXTRACT_QUOTES option to allow the previous behaviour, of
not interpreting any character inside ' or " quotes as separators.
|
|
It now takes a separators argument, which defaults to WHITESPACE if NULL
is passed.
|
|
To add a flag to allow an empty string to be parsed as an argument, we
need to be able to distinguish between the end of the string, and after
the end of the string, so when we *do* reach the end, let's set *p to
this state.
|
|
This is so that, when called in a loop, unquote_first_word can
distinguish between reaching the end of a string because it has consumed
all the input before the end, and consuming all the input.
This is important because we later add a flag that allows
char *in = "";
char *out;
unquote_first_word(&in, &out, flags);
To put "" in out, and set in = NULL, so the trailing empty string of the
input can be consumed, and mark that the input has been consumed.
|