summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2014-05-25nspawn: make nspawn robust to container failureDjalal Harouni
nspawn and the container child use eventfd to wait and notify each other that they are ready so the container setup can be completed. However in its current form the wait/notify event ignore errors that may especially affect the child (container). On errors the child will jump to the "child_fail" label and terminate with _exit(EXIT_FAILURE) without notifying the parent. Since the eventfd is created without the "EFD_NONBLOCK" flag, this leaves the parent blocking on the eventfd_read() call. The container can also be killed at any moment before execv() and the parent will not receive notifications. We can fix this by using cheap mechanisms, the new high level eventfd API and handle SIGCHLD signals: * Keep the cheap eventfd and EFD_NONBLOCK flag. * Introduce eventfd states for parent and child to sync. Child notifies parent with EVENTFD_CHILD_SUCCEEDED on success or EVENTFD_CHILD_FAILED on failure and before _exit(). This prevents the parent from waiting on an event that will never come. * If the child is killed before execv() or before notifying the parent, we install a NOP handler for SIGCHLD which will interrupt blocking calls with EINTR. This gives a chance to the parent to call wait() and terminate in main(). * If there are no errors, parent will block SIGCHLD, restore default handler and notify child which will do execv(), then parent will pass control to process_pty() to do its magic. This was exposed in part by: https://bugs.freedesktop.org/show_bug.cgi?id=76193 Reported-by: Tobias Hunger tobias.hunger@gmail.com
2014-05-25nspawn: move container wait logic into wait_for_container()Djalal Harouni
Move the container wait logic into its own wait_for_container() function and add two status codes: CONTAINER_TERMINATED or CONTAINER_REBOOTED. The status will be stored in its argument, this way we handle: a) Return negative on failures. b) Return zero on success and set the status to either CONTAINER_REBOOTED or CONTAINER_TERMINATED. These status codes are used to terminate nspawn or loop again in case of CONTAINER_REBOOTED.
2014-05-25test-path-util: add tests for path_make_relative()Tanu Kaskinen
2014-05-25path-util: fix missing terminating zeroTanu Kaskinen
There was this code: if (to_path_len > 0) memcpy(p, to_path, to_path_len); That didn't add the terminating zero, so the resulting string was corrupt if this code path was taken. Using strcpy() instead of memcpy() solves this issue, and also simplifies the code. Previously there was special handling for shortening "../../" to "../..", but that has now been replaced by a path_kill_slashes() call, which also makes the result prettier in case the input contains redundant slashes that would otherwise be copied to the result.
2014-05-25Use %m instead of strerror(errno) where appropiateCristian Rodríguez
2014-05-25test-unit-file: skip if unit_file_get_list returns permission deniedCristian Rodríguez
2014-05-24Fix several small typosJonathan Boulle
2014-05-24detect-virt: Remove string for Microsoft virtualization detection in DMI ↵Reyad Attiyat
vendor string array. The string "Microsoft Corporation" is used in the Surface Tablet's DMI vendor ID. https://bugs.freedesktop.org/show_bug.cgi?id=78312
2014-05-24core: timer - switch to touch_file()Kay Sievers
2014-05-24timedated: refuse manual system time updates when automatic timesync is enabledKay Sievers
2014-05-24clock-util: clock_[sg]et_time() -> clock_[sg]et_hwclock()Kay Sievers
2014-05-24timesyncd: only update stamp file when we are synchronizedKay Sievers
Create initial stamp file with compiled-in time to prevent bootups with clocks in the future from storing invalid timestamps. At shutdown, only update the timestamp if we got an authoritative time to store.
2014-05-24shared: add touch_file() and let touch() always update timestampKay Sievers
2014-05-24shared: rename hwclock.[ch] to clock-util.[ch]Kay Sievers
2014-05-24sd-network: avoid false positive compiler warning caused by LTOTom Gundersen
Djalal Harouni <tixxdz@opendz.org>: There is also this one genrated by LTO, IMO it's a false positive since we do *check* for "lease" but the code is not consistent since in that code path, "lease" is initialized to NULL in other places, except for this one: src/resolve/resolved-manager.c: In function 'manager_update_resolv_conf': src/libsystemd-network/sd-dhcp-lease.c:67:18: warning: 'lease' may be used uninitialized in this function [-Wmaybe-uninitialized] if (lease->dns_size) { ^ src/network/sd-network.c:146:24: note: 'lease' was declared here sd_dhcp_lease *lease; ^
2014-05-22socket: properly handle if our service vanished during runtimeLennart Poettering
2014-05-22core: remove unused varsLennart Poettering
2014-05-22core: never consider failure when reading drop-ins fatalLennart Poettering
drop-ins don't carry the main configuration of a unit, hence read them if we can't, complain if we cannot, but don't fail.
2014-05-22conf-parser: never consider it an error if we cannot load a drop-in file ↵Lennart Poettering
because it is missing After all, we want to be able to boot with /etc empty one day...
2014-05-22nspawn: restore journal directory is empty checkLennart Poettering
This undoes part of commit e6a4a517befe559adf6d1dbbadf425c3538849c9. Instead of removing the error message about non-empty journal bind mount directories, simply downgrade the message to a warning and proceed.
2014-05-22cgroups: simplify CPUQuota= logicLennart Poettering
Only accept cpu quota values in percentages, get rid of period definition. It's not clear whether the CFS period controllable per-cgroup even has a future in the kernel, hence let's simplify all this, hardcode the period to 100ms and only accept percentage based quota values.
2014-05-22time-util: make sure USEC_PER_SEC and friends are actually of type usec_tLennart Poettering
2014-05-22logind: also escape external data when saving to /runLennart Poettering
Better be safe than sorry...
2014-05-22machine: escape fields we store in /run, so that they can be properly ↵Lennart Poettering
unescaped by parse_env_file()
2014-05-22nspawn: allow to bind mount journal on top of a non empty container journal ↵Djalal Harouni
dentry Currently if nspawn was called with --link-journal=host or --link-journal=auto and the right /var/log/journal/machine-id/ exists then the bind mount the subdirectory into the container might fail due to the ~/mycontainer/var/log/journal/machine-id/ of the container not being empty. There is no reason to check if the container journal subdir is empty since there will be a bind mount on top of it. The user asked for a bind mount so give it. Note: a next call with --link-journal=guest may fail due to the /var/log/journal/machine-id/ on the host not being empty. https://bugs.freedesktop.org/show_bug.cgi?id=76193 Reported-by: Tobias Hunger <tobias.hunger@gmail.com>
2014-05-22cgroups: always propagate controller membership to siblings, for all controllersLennart Poettering
This is the behaviour the kernel cgroup rework exposes for all controllers, hence let's do this already now for all cases.
2014-05-22cgroup: rework startup logicLennart Poettering
Introduce a (unsigned long) -1 as "unset" state for cpu shares/block io weights, and keep the startup unit set around all the time.
2014-05-22core: add startup resource control optionWaLyong Cho
Similar to CPUShares= and BlockIOWeight= respectively. However only assign the specified weight during startup. Each control group attribute is re-assigned as weight by CPUShares=weight and BlockIOWeight=weight after startup. If not CPUShares= or BlockIOWeight= be specified, then the attribute is re-assigned to each default attribute value. (default cpu.shares=1024, blkio.weight=1000) If only CPUShares=weight or BlockIOWeight=weight be specified, then that implies StartupCPUShares=weight and StartupBlockIOWeight=weight.
2014-05-22Revert "update gitignore"Kay Sievers
This reverts commit 351efdc7a4d900a1aebca517dd0b46b89cdd7306.
2014-05-21sd-dhcp-client: factor out dhcp packet allocationTom Gundersen
2014-05-21sd-dhcp: rely on FIONREAD workingTom Gundersen
This fallback will anyway never get tested, so rip it out.
2014-05-21sd-dhcp: option_append - support falling back to 'sname' and 'file'Tom Gundersen
2014-05-21sd-dhcp: make sure we can not fill options so much that there is no space ↵Tom Gundersen
for END
2014-05-21networkd: link - serialize link when addresses changeTom Gundersen
Thanks to Kay for tracking this down.
2014-05-21update gitignoreKay Sievers
2014-05-21util: fix a gcc compiler warningLennart Poettering
2014-05-21timesyncd: use STR_IN_SET()Kay Sievers
2014-05-21timesyncd: fix english language typoLennart Poettering
2014-05-21logind: don't apply RemoveIPC= to system usersLennart Poettering
We shouldn't destroy IPC objects of system users on logout. http://lists.freedesktop.org/archives/systemd-devel/2014-April/018373.html This introduces SYSTEM_UID_MAX defined to the maximum UID of system users. This value is determined compile-time, either as configure switch or from /etc/login.defs. (We don't read that file at runtime, since this is really a choice for a system builder, not the end user.) While we are at it we then also update journald to use SYSTEM_UID_MAX when we decide whether to split out log data for a specific client.
2014-05-20dhcp-lease: add support for parsing a few more dhcp optionsTom Gundersen
2014-05-20dhcp-lease: refactor lease parsingTom Gundersen
Use helper functions, and add some more sanity checking/asserts.
2014-05-20sd-dhcp: refactor parse_optionsTom Gundersen
Similar to the previous patch, exchange a length and a pointer with only one offset variable. Also fix the type of the options to be uint8_t[], rather than uint8_t*.
2014-05-20sd-dhcp: refactor dhcp_option_appendTom Gundersen
Store a pointer to the options in the DHCPMessage struct, and pass this together with an offset around, rather than a uint8_t**. This avoids us having to (re)compute the pointer; and changes dhcp_option_append from adjusting both the pointer to the next option and the remaining size of the options, to just adjusting the current offset. This makes the code a bit simpler to follow IMHO, but there should be no functional change.
2014-05-21timesyncd: save clock to disk everytime we get an NTP fix, and bump clock at ↵Lennart Poettering
boot using this This is useful to make sure the system clock stays monotonic even on systems that lack an RTC. Also, why we are at it, also use the systemd release time for bumping the clock, since it's a slightly less bad than starting with jan 1st, 1970. This also moves timesyncd into the early bootphase, in order to make sure this initial bump is guaranteed to have finished by the time we start real daemons which might write to the file systemd and thus shouldn't leave 1970's timestamps all over the place...
2014-05-20udevadm-settle: fixed return code for empty queueHarald Hoyer
If the udev queue is empty and "/run/udev/queue" does not exist, "udevadm settle" would return with EXIT_FAILURE, because the inotify on "/run/udev/queue" would fail with ENOENT. This patch lets "udevadm settle" exit with EXIT_SUCCESS in this case.
2014-05-19networkd: introduce sit tunnelSusant Sahani
This patch introduces sit tunnel support to networkd Example conf: file: sit.netdev [NetDev] Name=sit-tun Kind=sit MTUBytes=1480 [Tunnel] Local=10.65.223.238 Remote=10.65.223.239 file: sit.network [Match] Name=em1 [Network] Tunnel=sit-tun [tomegun: rebased]
2014-05-19networkd-wait-online: wait for addresses to be configuredTom Gundersen
2014-05-19timesyncd: only attempt to connect when an address is configuredTom Gundersen
For now, we accept both link-local and routable addresses, maybe we want to restrict ourselves to routable addresses only.
2014-05-19networkd/sd-network: extend operational statesTom Gundersen
Expose states 'degraded' or 'routable' if a link has a site/link-local or a routable address, respectively.
2014-05-19networkd/sd-network: expose statically configured NTP serversTom Gundersen