Age | Commit message (Collapse) | Author |
|
Before, we'd always reset acquired terminals, which is not really
desired, as we expose a setting TTYReset= which is supposed to control
whether the TTY is reset or not. Previously that setting would only
enable a second resetting of the TTY, which is of course pointless...
Hence, move the implicit resetting out of acquire_terminal() and make
the callers do it if they need it.
|
|
With this change we'll open the shell's tty right from machined and then
pass it to the transient unit we create. This way we make sure the pty
is opened exactly as long as the transient service is around, and no
longer, and vice versa. This way pty forwarders do not have to deal with
EIO problems due to vhangup, as the pty is open all the time from the
point we set things up to the point where the service goes away.
|
|
When starting a transient service, allow setting stdin/stdout/stderr fds
for it, by passing them in via the bus.
This also simplifies some of the serialization code for units.
|
|
|
|
Previously, we'd allocate the TTY, spawn a service on it, but
immediately start processing the TTY and forwarding it to whatever the
commnd was started on. This is however problematic, as the TTY might get
actually opened only much later by the service. We'll hence first get
EIOs on the master as the other side is still closed, and hence
considered it hung up and terminated the session.
With this change we add a flag to the pty forwarding logic:
PTY_FORWARD_IGNORE_INITIAL_VHANGUP. If set, we'll ignore all hangups
(i.e. EIOs) on the master PTY until the first byte is successfully read.
From that point on we consider a hangup/EIO a regular connection termination. This
way, we handle the race: when we get EIO initially we'll ignore it,
until the connection is properly set up, at which time we start
honouring it.
|
|
The child process is shortliving, hence always set O_NOCTTY so that the
tty doesn't quickly become controlling TTY and then gives it up again.
Also set O_CLOEXEC, because it's cleaner, and doesn't affect the parent
anyway.
|
|
|
|
|
|
cache harddisk passwords in the kernel keyring
|
|
import: hash URL in paths if they are too long
|
|
Fix env expansion
|
|
The way to escape a literal dollar sign is to write "$$". But this does
not work right if it's at the beginning of the argument. Fix it.
|
|
Regardless of whether we're going to spawn a crash shell or not, let the
kernel reap zombies. It's more consistent this way.
|
|
Instead of freezing in PID1 and letting the forked child freeze or
reboot when exec("/bin/sh") fails, just wait for the child's
exit and then do the freeze_or_reboot in PID1 as usual.
This means that when both crash_shell and crash_reboot are enabled, the
system will reboot after the shell exits.
|
|
"data" is always NULL (and unused) in config_parse_crash_chvt().
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1266775
|
|
Since having /etc/mtab as a regular file is now a fatal error, stop
mentioning irrelevant minor consequences.
|
|
This adds support for caching harddisk passwords in the kernel keyring
if it is available, thus supporting caching without Plymouth being
around.
This is also useful for hooking up "gdm-auto-login" with the collected
boot-time harddisk password, in order to support gnome keyring
passphrase unlocking via the HDD password, if it is the same.
Any passwords added to the kernel keyring this way have a timeout of
2.5min at which time they are purged from the kernel.
|
|
smack: label /etc/passwd and friends as '_' smack label when --with-smack-run-label' is enabled (v3)
|
|
analyze: minor fixes according to review
|
|
service: fix memory leak in service_add_fd_store()
|
|
fixes Coverity #1325767
|
|
Fixes Coverity #1325768
|
|
--with-smack-run-label' is enabled
systemd-sysusers.service unit creates system users and groups and it
could update /etc/passwd, /etc/group, /etc/shadow and /etc/gshadow.
Those files should have '_' smack label because of accessibility.
However, if systemd has its own smack label using '--with-smack-run-label'
configuration, systemd-sysusers process spawned by systemd(pid:1) has
its parent smack label and eventually updated files also is set as its
parent smack label.
This patch fixes that bug by labeling updated files as '_' smack label
when --with-smack-run-label' is enabled.
|
|
+ use _cleanup_host_info in acquire_host_info()
+ revert the first strempty() to show "Linux" string in case
os_pretty_name is missing.
|
|
Analyze without hostnamed [V3]
|
|
|
|
|
|
|
|
Drop custom types. Drop unnecessary macros. Fix whitespace. Add asserts.
|
|
Make the API of the new helpers more similar to the old wrapper.
In particular we now return the hash as a byte string to avoid
any endianness problems.
|
|
Primarily clean-up error logging: log either all or no error messages in
the various functions. Mostly this means the actual password querying
calls no longer will log on their own, but the callers have to do so.
Contains various other fixes too, for example ports some code over to
use the clean-up macro.
Should contain no functional changes.
|
|
test: hashmap - increase number of entries for crippled hash test
|
|
Even more fixes
|
|
The purpose of testing with the crippled hash function is to cover
the otherwise very unlikely codepath in bucket_calculate_dib() where
it has to fall back to recomputing the hash value.
This unlikely path was not covered by test-hashmap anymore after
57217c8f "test: hashmap - cripple the hash function by truncating the
input rather than the output".
Restore the test coverage by increasing the number of entries in the test.
The number was determined empirically by checking with lcov.
|
|
hashmap/siphash24: refactor hash functions
|
|
|
|
|
|
|
|
Add support for naming fds for socket activation and more
|
|
networkd: document ability to disable MACAddressPolicy
|
|
libsystemd: sd-device - translate / vs. ! in sysname
|
|
This adds support for naming file descriptors passed using socket
activation. The names are passed in a new $LISTEN_FDNAMES= environment
variable, that matches the existign $LISTEN_FDS= one and contains a
colon-separated list of names.
This also adds support for naming fds submitted to the per-service fd
store using FDNAME= in the sd_notify() message.
This also adds a new FileDescriptorName= setting for socket unit files
to set the name for fds created by socket units.
This also adds a new call sd_listen_fds_with_names(), that is similar to
sd_listen_fds(), but also returns the names of the fds.
systemd-activate gained the new --fdname= switch to specify a name for
testing socket activation.
This is based on #1247 by Maciej Wereski.
Fixes #1247.
|
|
A variety of journal vacuuming improvements, plus an nspawn fix
|
|
Let's simplify the fd collection code a bit, and return the number of
collected fds as positive integer, the way it's customary in our usual
code.
|
|
|
|
We shouldn't exit the loop early, otherwise our duplicate backing
partition check won't work.
|
|
While it is currently possible to either not set MACAddressPolicy or set
it to a value different from "persistent" or "random", it is not obvious
that a user can do so. Add a policy, "none", which simply retains kernel
MAC addresses (same as not filling in the policy at all) and document it
so that users are aware of this setting.
Signed-off-by: Jacob Keller <jacob.keller@gmail.com>
|
|
The kernel replaces '/' in device names with '!', we translate that back
to '/' in sysname, when taking sysname as input, we should translate it
back again.
|
|
journal-remote: typo in log_error when no sources are specified
[tomegun: this was a pun, but let's not do that]
|