Age | Commit message (Collapse) | Author |
|
The argument given to the __attribute__((cleanup)) functions is the
address of the variable that's going out of scope. It cannot be NULL.
The "if (!s)" check in set_freep() is pointless.
Perhaps "if (!*s)" was intented. But that's pointless too, because
set_free()/set_free_free() are OK to call with a NULL argument (just
like free()).
Setting "*s = NULL" is pointless, because the variable that s points
to is about to go out of scope.
The same holds for strv_freep().
|
|
Improve test coverage a bit with tests for
close_many
strappend (to cover all ways through strnappend)
|
|
In order to maintain compatibility with older initrds which do not have
AllowIsolate=yes set for their target units, fallback to JOB_REPLACE if
JOB_ISOLATE doesn't work, but complain about it.
|
|
Make sure the pager does not have to buffer an unbounded number of log
messages, by default.
|
|
|
|
This reverts commit 0ea9530d401827e299c6e04a433e69a7a2a89d80.
attribute(cleanup) can only be used inside functions (*of, sysfd
are leaked).
Cleanup functions are only called once when exiting scope (*f
is leaked twice).
|
|
|
|
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=868383
Primary reason to do this is to ensure "-e" works as intended, and is
not ignored because the user set his own LESS variable.
|
|
$ journalctl -be
is what you want :)
https://bugzilla.redhat.com/show_bug.cgi?id=867841
|
|
use _cleanup_{close_,fclose_} to close streams and file descriptors
|
|
SMACK is the Simple Mandatory Access Control Kernel, a minimal
approach to Access Control implemented as a kernel LSM.
The kernel exposes the smackfs filesystem API through which access
rules can be loaded. At boot time, we want to load the access rules
as early as possible to ensure all early boot steps are checked by Smack.
This patch mounts smackfs at the new location at /sys/fs/smackfs for
kernels 3.8 and above. The /smack mountpoint is not supported.
After mounting smackfs, rules are loaded from the usual location.
For more information about Smack see:
http://www.kernel.org/doc/Documentation/security/Smack.txt
|
|
move mount_setup_early() call to main.c, before security module setup,
so there are no more repeat calls.
|
|
arguments in PID 1
https://bugzilla.redhat.com/show_bug.cgi?id=880025
|
|
|
|
It's better to explictly check, instead of just documenting it.
The return value from init is changed from 1 to -1 on error.
Python seems to ignore 1 every second time. Looks like a bug
in Python, but the return value doesn't seem to be documented
anywhere, and -1 works as expected... so let's just use that.
|
|
ENODEV because the device is gone
https://bugzilla.redhat.com/show_bug.cgi?id=907890
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=56072
https://bugzilla.redhat.com/show_bug.cgi?id=880353
|
|
|
|
|
|
|
|
|
|
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=61491
|
|
|
|
The man page says so. Right now 0 would be returned if the data was encrypted,
1 otherwise.
|
|
sd_journal_get_fd(j) is called j.fileno(), for compatiblity with
Python conventions for file-like objects.
More importantly, those new .seek_head() and .seek_tail() do not
call .get_next(). This is better, if one wants to skip before
retrieving an entry.
|
|
This way python code follows the original interface more closely.
Also, .seek(0, journal.SEEK_END) was just to much to type.
|
|
First of all, 'try: ... except: ...' (with no exception specified) is
always a no-no, since it catches all BaseExceptions, which includes ^C
and other stuff which should almost never be caught.
Now the conversion is stricter, and only one conversion is attempted,
and only a ValueEror is caught. It seems reasonable to catch ValueErrors,
since the entries in the journal are not verified, and any erroneous
application might log a field which cannot be converted. The consumer
of events must only check if a field is an instance of bytes and can
otherwise assume that the conversion was performed correctly.
Order of arguments in Reader.__init__ has been changed to match order
in _Reader.__init__.
Conversions have been updated to work under Python 2 and 3.
|
|
Dropping the distribution specific #ifdefs in
88516c0c952b9502e8ef1d6a1481af61b0fb422d broke the .sh suffix stripping
since we now always used the else clause of the rc. check.
We eventually want to drop the rc. prefix stripping, but for now we
assume that no sysv init script uses both an rc. prefix and .sh suffix,
so make the check for the .sh suffix and rc. prefix mutually exclusive.
|
|
Since sd_journal_reliable_fd wasn't exported before, it is as if
it was added now. Library "current" number must be bumped.
michich> Someone links with the fixed version and produces a RPM with
his program. The RPM will happily install on a system with an
old systemd version (the deps will appear fine), but the
program will fail to run.
|
|
sd_journal_reliable_fd was added in 85210bffd836, but it was
exported under the wrong name. Not too many users I guess.
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=917404
|
|
If XDG_RUNTIME_DIR contains a character like ":" (for instance if it's
formed from an X11 display name), then it isn't valid to substitute
it into a D-Bus address without escaping.
http://bugs.freedesktop.org/show_bug.cgi?id=60499
|
|
Forked processes can keep the old fd alive triggering epoll over and
over again else.
https://bugs.freedesktop.org/show_bug.cgi?id=61697
|
|
This allows switch-root to work correctly if a unit is active both before and
after the switch-root, but its dependencies change. Before the patch, any
dependencies added to active units by switch-root will not be pulled, in
particular filesystems configured in /etc/fstab would not be activated if
local-fs.target was active in the initrd.
It is not clear to me if there is a bug in the REPLACE handling, or if it is
working as expected and that we really want to use ISOLATE instead as this patch
does.
|
|
If we can't successfully query any ntpd units, set CanNTP to false.
GNOME wants to use this to grey out the NTP switch in the UI.
https://bugs.freedesktop.org/show_bug.cgi?id=61816
|
|
This reverts commit 39b83cdab37623a546344622db9bbbc784c15df5.
|
|
|
|
|
|
this addresses the bug at:
https://bugs.freedesktop.org/show_bug.cgi?id=59311
https://bugzilla.redhat.com/show_bug.cgi?id=895299
hostnamectl is supposed to allow a range of special characters for
the 'pretty' hostname:
$ hostnamectl set-hostname --pretty "Nathaniels Desktop !@#$%"
..however, it rejects apostrophes, double quotes, and backslashes.
The manual for hostnamectl suggests that this should be allowed.
It makes sense to reject \0, \n, etc. pretty_string_is_safe() is
the same as string_is_safe(), but allows more special characters.
|
|
This follows the suggestions from:
http://lists.freedesktop.org/archives/systemd-devel/2013-March/009363.html
|
|
|
|
files
Previously all journal files were owned by "adm". In order to allow
specific users to read the journal files without granting it access to
the full "adm" powers, introduce a new specific group for this.
"systemd-journal" has to be created by the packaging scripts manually at
installation time. It's a good idea to assign a static UID/GID to this
group, since /var/log/journal might be shared across machines via NFS.
This commit also grants read access to the journal files by default to
members of the "wheel" and "adm" groups via file system ACLs, since
these "almost-root" groups should be able to see what's going on on the
system. These ACLs are created by "make install". Packagers probably
need to duplicate this logic in their postinst scripts.
This also adds documentation how to grant access to the journal to
additional users or groups via fs ACLs.
|
|
|
|
Thinking about it we should probably not hide bugs by falling back to
audit when we have our own session information anyway.
|
|
|
|
journal files
We should always go by our own cgroup hierarchy before using foreign
schemes such as audit, so let's do that for the split out logic too.
|
|
This reverts commit 8330847e949fc0c26b16910e5240eef1fe2c330a.
Conflicts:
src/fstab-generator/fstab-generator.c
|
|
cgroup path rather than audit
Previously for cases like "su" or "sudo" where a session is attempted to
be created from within an existing one we used the audit session ID to
detect this and in such a case we simple returned the session data of
the original session a second time.
With this change we will now use the cgroup path of the calling path to
determine the old session, i.e. we only rely on our own session
identification scheme, instead of audits.
We will continue to keep the audit session ID and ours in sync however,
to avoid unnecessary confusion.
|