| Age | Commit message (Collapse) | Author |
|---|
|
new mac_{smack,selinux,apparmor}_xyz() convention
|
|
|
|
move label apis to selinux-util.ch or smack-util.ch appropriately.
|
|
Even when termninated normally, systemd-journal-upload would return
something positive which would be interpreted as failure.
|
|
Repetetive messages can be annoying when running with
SYSTEMD_LOG_LEVEL=debug, but they are sometimes very useful
when debugging problems. Add log_trace which is like log_debug
but becomes a noop unless LOG_TRACE is defined during compilation.
This makes it easy to enable very verbose logging for a subset
of programs when compiling from source.
|
|
|
|
Precision of INT_MAX does not work as I expected it to.
https://bugzilla.redhat.com/show_bug.cgi?id=1154334
|
|
Do our best verify that we can actually write the state file
before upload commences to avoid duplicate messages on the server.
|
|
socknameinfo_pretty() would fail for addresses without reverse DNS,
but we do not want that to happen.
|
|
|
|
Return a proper code instead of simply NULL for failure.
|
|
|
|
|
|
This possibility was recently added, and it makes debugging much nicer.
|
|
|
|
Systemd 209 started setting $WATCHDOG_PID, and sd-daemon watch was
modified to check for this variable. This means that
sd_watchdog_enabled() stopped working with previous versions of
systemd. But sd-event is a public library and API and we must keep it
working even when a program compiled with a newer version of the
libary is used on a system running an older version of the manager.
getenv() and unsetenv() are fairly expensive calls, so optimize
sd_watchdog_enabled() by not calling them when unnecessary.
man: centralize the description of $WATCHDOG_PID and $WATCHDOG_USEC in
the sd_watchdog_enabled manpage. It is better not to repeat the same
stuff in two places.
|
|
systemd-journal-flush.service
This new command will ask the journal daemon to flush all log data
stored in /run to /var, and wait for it to complete. This is useful, so
that in case of Storage=persistent we can order systemd-tmpfiles-setup
afterwards, to ensure any possibly newly created directory in /var/log
gets proper access mode and owners.
|
|
|
|
string_is_safe()
After all, we know have this as generic validator, so let's be correct
and use it wherver applicable.
|
|
sd_bus_get_owner_creds() was only halfly ported over to
_cleanup_bus_creds_unref_.
|
|
runtime journal is migrated to system journal when only
"/run/systemd/journal/flushed" exist. It's ok but according to this
the system journal directory size(max use) can be over the config. If
journal is not rotated during some time the journal directory can be
remained as over the config(or default) size. To avoid, do
server_vacuum just after the system journal migration from runtime.
|
|
If it really is missing it should be safe to create it.
Also see:
http://lists.freedesktop.org/archives/systemd-devel/2014-August/022726.html
|
|
names
|
|
kdbus learned a new ioctl to tell userspace about a bus creator's
credentials, which is what we need to implement sd_bus_get_owner_creds() for
kdbus.
Move the function from sd-bus.c to bus-control.c to be able to reuse
the bus_populate_creds_from_items() helper.
|
|
sd_bus_get_peer_creds()
Clean up the function namespace by renaming the following:
sd_bus_get_owner_uid() → sd_bus_get_name_creds_uid()
sd_bus_get_owner_machine_id() → sd_bus_get_name_machine_id()
sd_bus_get_peer_creds() → sd_bus_get_owner_creds()
|
|
We will re-use the code to walk items in order to populate a creds object,
so let's factor it out first.
|
|
kdbus learned a new command to query a bus creator's credentials. Sync
kdbus.h first, which also renames some struct to more generic terms.
That is, however, not an ABI break this time.
|
|
We can simplify our code quite a bit if we explicitly check for the
ifindex being 1 on Linux as a loopback check. Apparently, this is
hardcoded on Linux on the kernel, and effectively exported to userspace
via rtnl and such, hence we should be able to rely on it.
|
|
|
|
Don't handle clock_gettime() errors gracefully but use assert_se().
|
|
The -l (lock) has been temporary disabled due to conflict with
udev (https://bugs.freedesktop.org/show_bug.cgi?id=79576)
The problem is fixed since util-linux v2.25 (Jul 2014).
|
|
kdbus_msg.timeout_ns now takes an absolute value, based on CLOCK_MONOTONIC,
in order to eventually support automatically restarted syscalls.
Signed-off-by: Daniel Mack <daniel@zonque.org>
|
|
In kdbus.h, the following details changed:
* All commands gained a 'kernel_flags' field to report the flags supported
by the driver. Before, this was done in the 'flags' field in a
bidirectional way, which turned out to be a problem for the code in
sd-bus, as many parts of it reuse the same ioctl struct more than once
and consider them to be owned by userspace.
* Name listings are now returned by a new struct instead of reusing struct
kdbus_cmd_name for that matter. This way, we don't add more unneeded
fields to it and make the API cleaner.
* 'conn_flags' was renamed to 'flags' in struct kdbus_cmd_hello to make
the API a bit more unified.
|
|
This could overflow on 32bit, where size_t is the same as unsigned.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=76745
|
|
- mkdir_p_prefix: It has never been used
- mkdir_parents_prefix_label: Unused since 1434ae6fd49f8377b0ddbd4c675736e0d3226ea6
|
|
|
|
|
|
provides us with
|
|
This reverts commit b0f84d4d7832659f2216bda7a7cdf51f5e79c6eb.
get_creds_by_name() already translate the error nicely, we just need to
make use of it.
|
|
|
|
kdbus.h now has KDBUS_ATTACH_COMM split into KDBUS_ATTACH_TID_COMM and
KDBUS_ATTACH_PID_COMM. The items were split already, so the change in
systemd is easy.
|
|
In kdbus.h, the 'features' field has been dropped again. Instead of
negotiating features that way, we decided to make the kernel return the
set of supported flags in each ioctl struct's .flags field, in both the
success and error cases.
|
|
Without the socket open we are going to crash and burn. If for
whatever reason we fail during deserialization we will fail when
trying to open the socket. In this case it is better to unlink the old
socket and maybe lose some messages, than to continue without the
notification socket.
Of course this situation should not happen, but we should handle
it as gracefully as possible anyway.
https://bugzilla.redhat.com/show_bug.cgi?id=1099299
|
|
If we failed to parse something that we wrote ourselves,
things are seriously off. This is also likely to lead to
problems futher on.
|
|
Leaving the old root around seems better than aborting the
switch.
|
|
Commit 864e17068 ("nspawn: actually allow access to /dev/net/tun in the
container") added "/dev/net/tun" to the list of allowed devices but forgot
to tweak the array length, which caused "/dev/kdbus/*" to be missed.
|
|
|
|
It was only used in readahead.
|
|
Also, extend the printed warning a bit, explaining the situation more
verbosely.
|
