Age | Commit message (Collapse) | Author |
|
Also, allow clients to alter their own objects without any further
priviliges. i.e. this allows clients to kill and lock their own sessions
without involving PK.
|
|
|
|
PolicyKit
|
|
"allow-interactive-authentication" message flag
Most of our client tools want to set this bit for all their method
calls, even though it defaults to off in sd-bus, and rightfully so.
Hence, to simplify thing, introduce a per sd_bus-object flag that sets
the default value for all messages created on the connection.
|
|
|
|
operations
This way, any bus client can make use of these calls.
|
|
|
|
Pull in new kdbus changes, namely:
- EOVERFLOW is replaces by KDBUS_RECV_RETURN_DROPPED_MSGS
- ENOMSG is merged with EAGAIN for consistency
|
|
We should never put any constraints on the IDs returned by the kernel. Use
sd_bus_get_unique_name() to retrieve the ID of a peer.
|
|
machined
This extends the bus interface, adding BindMountMachine() for bind
mounting directories from the host into the container.
|
|
|
|
|
|
parse_acl() returns the error instead of setting errno.
|
|
Found by Valgrind while testing the previous memory leak fix.
|
|
The output of gnutls_certificate_verification_status_print() needs to be
freed.
Noticed this while staring at verify_cert_authorized() to see what could
possibly confuse gcc5 on armv7hl to segfault during compilation.
|
|
This reverts commit 93a1e66efd4b0f4cda29c467d20d0f7510c0b3a8.
It broke the builds for Walters.
Kay hates it and "just knows" there are no actual users.
|
|
|
|
|
|
We would require a match against all three: patterns specified
with --to, with --from, and as positional arguments to show an
edge. This does not seem useful. Let instead the positional args
behave like they were specified in both --to and --from, which is
fairly intuitive and should be more useful.
|
|
The test would treat the first non-empty set of matches in
match_paths, match_drivers, match_types, match_names as definitive
(essentially chaining them with OR). Make those tests instead match
like other tests and require all to pass if the set of patterns is
nonempty.
|
|
|
|
So it matches what the comment says in both 32 and 64 bit systems.
|
|
For two releases those exported with version 183 by mistake, and then
they were fixed to have version 215 (015419c0df libudev: fix symbol
version for udev_queue_flush() and udev_queue_get_fd()). But that
breaks ABI compatibility for binaries compiled with udev from before
that commit. There most likely very few such binaries, if any, but as
a matter of principle we should export the old symbols too, in order
to keep full compatibility.
|
|
|
|
and 32bit on dbus1
|
|
their entirety as gvariant objects""
This reverts commit 954871d8ba15911d014f76ed2c7a9492953cf39d.
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1192726
|
|
If we cannot forward messages, include information on the peer and message
just like the xml-policy does. This helps debugging such situations and
figuring out what exactly is going wrong.
|
|
|
|
UDS sockets transmit EUID+EGID only. Don't try to fake data we don't know!
Otherwise, this might be used to override user-limits by non-root setuid
programs (by faking UID==EUID).
Now that sd-bus is fixed to always use EUID even on UDS, we can safely set
all other UID/GID fields to INVALID.
|
|
Macro DEFINE_STRING_TABLE_LOOKUP expands to a new function for each
of the almost 120 tables throghout the code.
Move the its implementation to a function (guaranteed to never be inlined),
and make the macro expand to an inlined function that calls this function.
This saves a few kilobytes from the systemd binary
(David: - fix coding-style
- use 'ssize_t' to fix 32bit to 64bit propagation
- use streq_ptr())
|
|
Too generic name.
|
|
Makes it a bit less ambiguous.
|
|
Add missing IFLA_INET6_ADDR_GEN_MODE definition so we can build with
kernel headers < 3.17
|
|
every step
|
|
|
|
|
|
After passing the fds over to the sd_bus object, we should forget them,
so that we don't close them a second time when the object goes away.
|
|
Sometimes, when we try to reply to messages we don't check return
values. This means we might miss a ECONNRESET, and will get a ENOTCONN
on next command. Treat both the same hence.
|
|
sd_event_wait() returning 0 usually means that it timed out, which means it must
have been idle. However, sd_event_wait() may return 0 in case an event was triggered
but it turned out there was nothing to do. Make the check for idle explicit to avoid
this edge-case.
|
|
but don't exit
Errors like EPERM from the kernel should certainly not be reason to
exit. Let's try to be defensive here, and try to continue on most send
errors, but possibly tell the sender about it.
|
|
synthetic_reply_method_return_strv()
That way it matches more closely the nomenclature of our other
success reply calls.
|
|
|
|
|
|
|
|
|
|
It's fine to abbreviate local variables, but it's not OK to abbreviate
function names needlessly. This is not an excercise in writing
unreadable code.
|
|
Another slice logic rework in kdbus made KDBUS_ITEM_PAYLOAD_OFF items
relative to the message header again. Catch up with that in sd-bus.
|
|
include-what-you-use automatically does this and it makes finding
unnecessary harder to spot. The only content of poll.h is a include
of sys/poll.h so should be harmless.
|
|
This fixes various issues found by globally reordering the include
sections of all .c files.
|