Age | Commit message (Collapse) | Author |
|
Commit aedd401 introduced new unit file state, UNIT_FILE_INDIRECT. Unit file is
said to have indirect state if it contains [Install] section which has only
Also= directive. Thus, if enable of such unit file is requested then some other
unit file gets enabled.
Whether or not unit file is in indirect state can be determined by calling
unit_file_can_install. Function unit_file_get_list populates list of unit files
present in given lookup location. So far it did call unit_file_can_install in a
way that would prevent finding out about unit files in indirect state. Such unit
file would be incorrectly marked as static.
Fixes following assertion in test-install,
Assertion 'p->state == s' failed at src/test/test-install.c:59, function main(). Aborting.
[1] 26868 abort (core dumped) ./test-install
|
|
install: explicitly return 0 on success
|
|
Maybe there is some left-over value stored in r from previous function
call. Let's make sure we always return consistent error code when we reach end of
the function body.
Fixes following crash of test-install,
Assertion 'r == 0' failed at src/test/test-install.c:52, function main(). Aborting.
[1] 11703 abort (core dumped) ./test-install
|
|
Fix for issue https://github.com/systemd/systemd/issues/139
- Implement fixes suggested by @teg to -v2
- Implement fixes suggested by @zonque to -v3 and -v4
|
|
bus-proxy: ignore 'log' attributes in XML policy
|
|
'log' is unsupported but nothing to warn about. Ignore it just like we
ignore 'eavesdrop'.
|
|
sd-netlink cleanups
|
|
core: fix reversed dependency check in unit_check_unneeded
|
|
The kernel bonding layer allows passing an array of ARP IP targets as
bond-configuration. Due to the weird implementation of arrays in netlink
(which we haven't figure out a generic way to support, yet), we usually
hard-code the supported array-sizes. However, this should not be exported
from sd-netlink.
Instead, make sure the caller just uses it's current hack of enumerating
the types, and the sd-netlink core will have it's own list of supported
array-sizes (to be removed in future extensions, btw!). If either does not
match, we will just return a normal error.
Note that we provide 2 constants for ARP_IP_TARGETS_MAX now. However, both
have very different reasons:
- the constant in netdev-bond.c is used to warn the user that the given
number of targets might not be supported by the kernel (even though the
kernel might increase that number at _any_ time)
- the constant in sd-netlink is solely used due to us missing a proper
array implementation. Once that's supported in the type-system, it can
be removed without notice
Last but not least, this patch turns the log_error() into a log_warning().
Given that the previous condition was off-by-one, anyway, it never hit at
the right time. Thus, it was probably of no real use.
|
|
Explicitly export the root type-system to the type-system callers. This
avoids treating NULL as root, which for one really looks backwards (NULL
is usually a leaf, not root), and secondly prevents us from properly
debugging calling into non-nested types.
Also rename the root to "type_system_root". Once we support more than
rtnl, well will have to revisit that, anyway.
|
|
Empty type-systems are just fine. Avoid the nasty hack in
union-type-systems that treat empty type-systems as invalid. Instead check
for the actual types-array and make sure it's non-NULL (which is even true
for empty type-systems, due to "empty_types" array).
|
|
In sd-netlink-message, we always guarantee that the currently selected
type-system is non-NULL. Otherwise, we would be unable to parse any types
in the current container level. Hence, this assertion must be true:
message->container_type_system[m->n_containers] != NULL
During message_new() we currently do not verify that this assertion is
true. Instead, we blindly access nl_type->type_system and use it (which
might be NULL for basic types and unions). Fix this, by explicitly
checking that the root-level type is nested.
Note that this is *not* a strict requirement of netlink, but it's a strict
requirement for all message types we currently support. Furthermore, all
the callers of message_new() already verify that only supported types are
passed, therefore, this is a pure cosmetic check. However, it might be
needed on the future, so make sure we don't trap into this once we change
the type-system.
|
|
The NETLINK_TYPE_META pseudo-type is actually equivalent to an empty
nested type. Drop it and define an empty type-system instead.
This also has the nice side-effect that m->container_type_system[0] is
never NULL (which has really nasty side-effects if you try to read
attributes).
|
|
Right now we store the maximum type-ID of a type-system. This prevents us
from creating empty type-systems. Store the "count" instead, which should
be treated as max+1.
Note that type_system_union_protocol_get_type_system() currently has a
nasty hack to treat empty type-systems as invalid. This might need some
modification later on as well.
|
|
size_t is usually 64bit and int 32bit on a 64bit machine. This probably
does not matter for netlink message sizes, but nevertheless, avoid
hard-coding it anywhere.
|
|
Same as NLType, move NLTypeSystem into netlink-types.c and hide it from
the outside. Provide an accessor function for the 'max' field that is used
to allocate suitable array sizes.
Note that this will probably be removed later on, anyway. Once we support
bigger type-systems, it just seems impractical to allocate such big arrays
for each container entry. An RBTree would probably do just fine.
|
|
If we extend NLType to support arrays and further extended types, we
really want to avoid hard-coding the type-layout outside of
netlink-types.c. We already avoid accessing nl_type->type_system outside
of netlink-types.c, extend this to also avoid accessing any other fields.
Provide accessor functions for nl_type->type and nl_type->size and then
move NLType away from the type-system header.
With this in place, follow-up patches can safely turn "type_system" and
"type_system_union" into a real "union { }", and then add another type for
arrays.
|
|
Make sure we never access type->type_system or type->type_system_union
directly. This is an implementation detail of the type-system and we
should always use the accessors. Right now, they only exist for 2-level
accesses (type-system to type-system). This patch introduces the 1-level
accessors (type to type-system) and makes use of it.
This patch makes sure the proper assertions are in place, so we never
accidentally access sub-type-systems for non-nested/union types.
Note that this places hard-asserts on the accessors. This should be fine,
as we expect callers to only access sub type-systems if they *know*
they're dealing with nested types.
|
|
The NLA_ names are used to name real datatypes we extract out of netlink
messages. The kernel has an internal enum with the same names
(NLA_foobar), which is *NOT* binary compatible to our types. Furthermore,
we support a different set of types than the kernel (as we try to treat
some kernel peculiarities as our own types to simplify the API).
Rename NLA_ to NETLINK_TYPE_ to make clear that this is our own set of
types.
|
|
install: fix minor bad memory access
|
|
Commit v218-247-g11c6f69 broke the output of the utility. "%1$" PRIu64
"x" expands to "%1$lux", essentially "%lux", which shows the problem.
u and x cannot be combined, u wins as the type character, and x gets
emitted verbatim to stdout.
References: https://bugzilla.redhat.com/show_bug.cgi?id=1227503
|
|
|
|
coverity fixes in udev
|
|
|
|
Fixes CID#1296243.
|
|
Fixes CID#1297430.
|
|
This fixes CID#1304688.
|
|
This fixes CID#1292782.
|
|
bootchart: fix per-cpu & small scales.
|
|
Closes systemd/systemd#330
|
|
This was introduced by commit be7d9ff730cb88d7c6a8 and breaks
StopWhenUnneeded=true in the presence of a Requisite dependency.
|
|
SMACK v02: support modify rules and add default executed process label
|
|
This fully synchronizes the content of a "make dist" and a "git archive"
tar ball.
http://lists.freedesktop.org/archives/systemd-devel/2015-June/033214.html
|
|
export sd_bus_object_added() / _removed()
|
|
This is expected on non-systemd systems, so just log it at debug level.
This fixes issue #309.
|
|
Similar to SmackProcessLabel=, if this configuration is set, systemd
executes processes with given SMACK label. If unit has
SmackProcessLabel=, this config is overwritten.
But, do NOT be confused with SMACK64EXEC of execute file. This default
execute process label(and also label which is set by
SmackProcessLabel=) is set fork-ed process SMACK subject label and
used to access the execute file.
If the execution file has also SMACK64EXEC, finally executed process
has SMACK64EXEC subject.
While if the execution file has no SMACK64EXEC, the executed process
has label of this config(or label which is set by
SmackProcessLabel=). Because if execution file has no SMACK64EXEC then
excuted process inherits label from caller process(in this case, the
caller is systemd).
|
|
Smack is also able to have modification rules of existing rules. In
this case, the rule has additional argument to modify previous
rule. /sys/fs/smackfs/load2 node can only take three arguments:
subject object access. So if modification rules are written to
/sys/fs/smackfs/load2, EINVAL error is happen. Those modification
rules have to be written to /sys/fs/smackfs/change-rule.
To distinguish access with operation of cipso2, split write_rules()
for each operation. And, in write access rules, parse the rule and if
the rule has four argument then write into
/sys/fs/smackfs/change-rule.
https://lwn.net/Articles/532340/
fwrite() or fputs() are fancy functions to write byte stream such like
regular file. But special files on linux such like proc, sysfs are not
stream of bytes. Those special files on linux have to be written with
specific size.
By this reason, in some of many case, fputs() was failed to write
buffer to smack load2 node.
The write operation for the smack nodes should be performed with
write().
|
|
Fixes #306.
|
|
This properly avoids setting DBUS_SESSION_BUS_ADDRESS if kdbus
is loaded (or built into the kernel) but not wanted.
|
|
Replaces strerror() usage with log_netdev_error_errno()
|
|
hashmap: debug - lock access to the global hashmap list
|
|
This may be used from multi-threaded programs (say through nss-resolve),
so we must protect the global list.
This is still only relevant for debug builds, so we do not try to handle
cases where the locking fail, but simply assert.
|
|
In such a case let's suppress the warning (downgrade to LOG_DEBUG),
under the assumption that the user has no config file to update in its
place, but a symlink that points to something like resolved's
automatically managed resolve.conf file.
While we are at it, also stop complaining if we cannot write /etc/resolv.conf
due to a read-only disk, given that there's little we could do about it.
|
|
cgroup-util: actually use the path callback
|
|
systemctl: fix edit when EDITOR contains arguments
|
|
a tiny hashmap cleanup
|
|
We allow to specify a callback but then ignore the result. Looks like a trivial typo.
From 7b3fd6313c4b07b6f822a9f979d0c22350a401d9#diff-f010fa21ba7b659b519c122743e55604
|
|
Correctly support cases when the EDITOR environment variable and friends
also contain arguments. For example, to run emacs in terminal only, one
can say:
EDITOR="emacs -nw" systemctl edit myservice
|
|
import/pull: fix for the name/reference overwrite
|
|
When pulling by image digest the identifiers that
were produced by parsing image digest were later
overwritten by code parsing image tag.
This resulted in invalid identifiers being used
when contacting the remote endpoint, resulting in 404.
Reported here:
http://lists.freedesktop.org/archives/systemd-devel/2015-June/033039.html
|