summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2015-01-13machined: refuse certain operation on non-container machines, since they ↵Lennart Poettering
cannot work elsewhere
2015-01-13import: make sure we don't mangle file ownerships with the local passwd ↵Lennart Poettering
database when untarring
2015-01-13nspawn: add new option "--port=" for exposing container ports on the local hostLennart Poettering
This exposes an IP port on the container as local port using DNAT.
2015-01-13networkd: add minimal IP forwarding and masquerading support to .network filesLennart Poettering
This adds two new settings to networkd's .network files: IPForwarding=yes and IPMasquerade=yes. The former controls the "forwarding" sysctl setting of the interface, thus controlling whether IP forwarding shall be enabled on the specific interface. The latter controls whether a firewall rule shall be installed that exposes traffic coming from the interface as coming from the local host to all other interfaces. This also enables both options by default for container network interfaces, thus making "systemd-nspawn --network-veth" have network connectivity out of the box.
2015-01-13shared: add minimal firewall manipulation helpers for establishing NAT ↵Lennart Poettering
rules, using libiptc
2015-01-13core: Fix EACCES check for OOM adjustmentsMartin Pitt
Commit 3bd5c3 added a check for EACCES, but missed the minus sign.
2015-01-12udev: link_config - modernize a bit and fix leakesTom Gundersen
Not all of the link_config struct was getting freed.
2015-01-12network-intenal: user _cleanup_ macro in parse_ifnameTom Gundersen
2015-01-12core/mount: remove "fail" againZbigniew Jędrzejewski-Szmek
deb6120920 'man: there's actually no "fail" fstab option, but only "nofail" removed it from our documentation, which I missed. fstab(5) only mentions "auto", "noauto", and "nofail". Stick to those three.
2015-01-12sd-bus: sync kdbus.h (API break)Daniel Mack
Just a simple variable rename, and a dropped flag that sd-bus didn't make use of.
2015-01-12core/mount: use isempty() to check for empty stringsDaniel Mack
strempty() will return an empty string in case the input parameter is a NULL pointer. The correct test to check for an empty string is isempty(), so use that instead. This fixes a regression from commit 17a1c59 ("core/mount: filter out noauto,auto,nofail,fail options").
2015-01-11udev: Add builtin/rule to export evdev information as udev propertiesCarlos Garnacho
This rule is only run on tablet/touchscreen devices, and extracts their size in millimeters, as it can be found out through their struct input_absinfo. The first usecase is exporting device size from tablets/touchscreens. This may be useful to separate policy and application at the time of mapping these devices to the available outputs in windowing environments that don't offer that information as readily (eg. Wayland). This way the compositor can stay deterministic, and the mix-and-match heuristics are performed outside. Conceivably, size/resolution information can be changed through EVIOCSABS anywhere else, but we're only interested in values prior to any calibration, this rule is thus only run on "add", and no tracking of changes is performed. This should only remain a problem if calibration were automatically applied by an earlier udev rule (read: don't). v2: Folded rationale into commit log, made a builtin, set properties on device nodes themselves v3: Use inline function instead of macro for mm. size calculation, use DECIMAL_STR_MAX, other code style issues v4: Made rule more selective v5: Minor style issues, renamed to a more generic builtin, refined rule further.
2015-01-11fstab-util: fix priority parsing and add testZbigniew Jędrzejewski-Szmek
2015-01-11shared/util: respect buffer boundary on incomplete escape sequencesZbigniew Jędrzejewski-Szmek
cunescape_length_with_prefix() is called with the length as an argument, so it cannot rely on the buffer being NUL terminated. Move the length check before accessing the memory. When an incomplete escape sequence was given at the end of the buffer, c_l_w_p() would read past the end of the buffer. Fix this and add a test.
2015-01-11core/load-fragment: avoid allocating 0 bytes when given an invalid commandZbigniew Jędrzejewski-Szmek
With a command line like "@/something" we would allocate an array with 0 elements. Avoid that, and add a test too.
2015-01-11test-unit-file: don't access out-of-bounds memoryZbigniew Jędrzejewski-Szmek
Fixes an error introduced by me when the test was added.
2015-01-11core/mount: filter out noauto,auto,nofail,fail optionsZbigniew Jędrzejewski-Szmek
We passed the full option string from fstab to /bin/mount. It would in turn pass the full option string to its helper, if it needed to invoke one. Some helpers would ignore things like "nofail", but others would be confused. We could try to get all helpers to ignore those "meta-options", but it seems better to simply filter them out. In our model, /bin/mount simply has no business in knowing whether the mount was configured as fail or nofail, auto or noauto, in the fstab. If systemd tells invokes a command to mount something, and it fails, it should always return an error. It seems cleaner to filter out the option, since then there's no doubt how the command should behave. https://bugzilla.redhat.com/show_bug.cgi?id=1177823
2015-01-11Support negated fstab optionsZbigniew Jędrzejewski-Szmek
We would ignore options like "fail" and "auto", and for any option which takes a value the first assignment would win. Repeated and options equivalent to the default are rarely used, but they have been documented forever, and people might use them. Especially on the kernel command line it is easier to append a repeated or negated option at the end.
2015-01-11cryptsetup-generator: remove duplicated functionZbigniew Jędrzejewski-Szmek
2015-01-11fstab-util: detect out-of-range pri= assignmentsZbigniew Jędrzejewski-Szmek
We would silently ignore them. One would have to be crazy to do assign an out of range value, but simply ignoring it bothers me.
2015-01-11Add new function to filter fstab optionsZbigniew Jędrzejewski-Szmek
This fixes parsing of options in shared/generator.c. Existing code had some issues: - it would treate whitespace and semicolons as seperators. fstab(5) is pretty clear that only commas matter. And the syntax does not allow for spaces to be inserted in the field in fstab. Whitespace might be escaped, but then it should not seperate options. Treat whitespace and semicolons as any other character. - it assumed that x-systemd.device-timeout would always be followed by "=". But this is not guaranteed, hasmntopt will return this option even if there's no value. Uninitialized memory could be read. - some error paths would log, and inconsistently, some would just return an error code. Filtering is split out to a separate function and tests are added. Similar code paths in other places are adjusted to use the new function.
2015-01-11network: apply static addresses in specified orderZbigniew Jędrzejewski-Szmek
https://bugs.freedesktop.org/show_bug.cgi?id=83270
2015-01-11shared/list: add LIST_APPENDZbigniew Jędrzejewski-Szmek
2015-01-11path-lookup: allow /run to override /etc in generator searchZbigniew Jędrzejewski-Szmek
Generators are different than unit files: they are never automatically generated, so there's no point in allowing /etc to override /run. On the other hand, overriding /etc might be useful in some cases.
2015-01-11test-path-lookup: add simple test for path lookup functionsZbigniew Jędrzejewski-Szmek
2015-01-11test-util: make sure that masking and overriding worksZbigniew Jędrzejewski-Szmek
2015-01-11Implement masking and overriding of generatorsZbigniew Jędrzejewski-Szmek
Sometimes it is necessary to stop a generator from running. Either because of a bug, or for testing, or some other reason. The only way to do that would be to rename or chmod the generator binary, which is inconvenient and does not survive upgrades. Allow masking and overriding generators similarly to units and other configuration files. For the systemd instance, masking would be more common, rather than overriding generators. For the user instances, it may also be useful for users to have generators in $XDG_CONFIG_HOME to augment or override system-wide generators. Directories are searched according to the usual scheme (/usr/lib, /usr/local/lib, /run, /etc), and files with the same name in higher priority directories override files with the same name in lower priority directories. Empty files and links to /dev/null mask a given name. https://bugs.freedesktop.org/show_bug.cgi?id=87230
2015-01-11Simplify execute_directory()Zbigniew Jędrzejewski-Szmek
Remove the optional sepearate opening of the directory, it would be just too complicated with the change to multiple directories. Move the middle of execute_directory() to a seperate function to make it easier to grok.
2015-01-11bus-proxy: implement 'at_console'David Herrmann
The 'at_console' policy-category allows to apply policy-items to clients depending on whether they're run from within a valid user-session or not. We use sd_uid_get_seats() to check whether a user has a valid seat (which excludes remote-sessions like ssh).
2015-01-11bus-proxy: print message direction in policy logsDavid Herrmann
Make sure to print "dbus-1 to kernel" or "kernel to dbus-1" in policy logs to better diagnose the situation.
2015-01-11bus-proxy: fix receiver policy on dbus-1 to kdbus signalsDavid Herrmann
If a dbus-1 client sends a broadcasted signal via the bus-proxy to kdbus, the bus-proxy has no idea who the receiver is. Classic dbus-daemon has bus-access and can perform policy checks for each receiver, but we cant. Instead, we know the kernel will perform receiver policy checks for broadcasts, so we can skip the policy check and just push it into the kernel. This fixes wpa_supplicant which has DENY rules on receive_type=signal for non-root. As we never know the target, we always DENY all broadcasts from wpa_supplicant. Note that will still perform receiver-policy checks for signals that we get from the kernel back to us. In those cases, we know the receiver (which is us).
2015-01-11bus-proxy: fix swapped path/interface debug messagesDavid Herrmann
The policy debug messages swapped "path=" and "interface=", fix this.
2015-01-11bus-proxy: fix policy for expected/non-expected reply tagsDavid Herrmann
dbus-1 distinguishes expected and non-expected replies. An expected reply is a reply that is sent as answer to a previously forwarded method-call before the timeout fires. Those replies are, by default, forwarded and DENY policy tags are ignored on them (unless explicitly stated otherwise). We don't track reply-windows in the bus-proxy as the kernel already does this. Furthermore, the kernel prohibits any non-expected replies (which breaks dbus-1, but it was an odd feature, anyway). Therefore, skip policy checks on replies and always let the kernel deal with it! To be correct, we should still process DENY tags marked as send_expected_reply=true (which is *NOT* the default!). However, so far we don't parse those attributes, and no-one really uses it, so lets not implement it for now. It's marked as TODO if anyone feels like fixing it.
2015-01-11log: fix log_full_errno() with custom facilitiesDavid Herrmann
Make sure to extract the log-priority when comparing against max-log-level, otherwise, we will always drop those messages. This fixes bus-proxyd to properly send warnings on policy blocks.
2015-01-10kdbus.h: updateKay Sievers
2015-01-09loginctl: make session/user arguments optional for a number commands, and ↵Lennart Poettering
imply calling session/user instead This turns "lock-session", "activate", "unlock-session", "enable-linger", "disable-linger" into commands that take no argument, optionally in which case the callers session/user is implied.
2015-01-09sd-bus: even if we need a cookie when sending a message there's no need to ↵Lennart Poettering
needlessly send it if we don't actually need it
2015-01-09bus-proxy: make sure we have creds when two legacy clients talk to each otherLennart Poettering
2015-01-09bus-proxy-test: show parsed system/session policyLennart Poettering
2015-01-09bus-proxy: eat up "*" matches, they are pointlessLennart Poettering
2015-01-09bus-proxy: dbus-daemon implies that connections from UIDs that are identical ↵Lennart Poettering
to the bus owner should be allowed Hence, copy this behaviour for bus-proxy too.
2015-01-09bus-proxyd: xml - consider empty tags as recvKay Sievers
2015-01-09bus-proxy: make sure sure eavesdrop= XML attributes are properly handledLennart Poettering
2015-01-09logind: unify how we cast between uid_t and pointers for hashmap keysLennart Poettering
2015-01-09logind: when a bus call is done on a session, user or seat, optionally ↵Lennart Poettering
determine them from the caller credentials More specifically, if an operation is requested on a session with an empty name, the caller's session is used. If an operation is requested on a seat with an empty name, the seat of the caller's session is used. Finally, if an operation on the user with UID -1 is requested, the user of the client's session is used (and not the UID of the client!).
2015-01-09logind: include "self" object links in dbus introspectionLennart Poettering
Makes "busctl introspect" a lot more fun.
2015-01-09loginctl: make "loginctl session-status" without session ID show the ↵Lennart Poettering
caller's session status Similar for user-status and seat-status.
2015-01-09core: modernize execution code a bitLennart Poettering
Among other things, avoid log_struct() unless we really need it. Also, use "r" as variable to store function errors in, instead of "err". "r" is pretty much what we use everywhere else, hence using the same here make sense. FInally, in the child, when we want to log, make sure to open the logging framework first, since it is explicitly closed in preparation for the exec().
2015-01-09journal: do not check for number of filesZbigniew Jędrzejewski-Szmek
Now that we bump rlimit, we do not really know how many files we can open. Remove the check. https://bugzilla.redhat.com/show_bug.cgi?id=1179980
2015-01-09systemctl: add missing output modes to help messageRonny Chevalier