summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2015-08-27selinux: drop mac_selinux_unit_access_check_strv()David Herrmann
It is not acceptable to load unit files during enable/disable operations just to figure out the selinux labels. systemd implements lazy loading for units, so the selinux hooks need to follow it. This drops the mac_selinux_unit_access_check_strv() helper which implements a non-acceptable policy check. If anyone cares for that functionality, you really should pass a callback+userdata to the helpers in src/shared/install.c which does policy checks on each touched file. See #1050 on github for more.
2015-08-27sd-bus: rename bloom-tag to arg0-hasDavid Herrmann
We use dashes in our bloom-tags. Make sure the newly introduced arg0has tag uses the same style. Note that the external dbus-tags don't use dashes, though. They are defined in the spec and we need to keep compatibility there.
2015-08-27Merge pull request #1036 from poettering/sd-bus-arg0hasDavid Herrmann
sd-bus: introduce new match type "arg0has=" for matching arrays of st…
2015-08-27Merge pull request #1024 from poettering/sd-bus-explicitDavid Herrmann
sd-bus: introduce new SD_BUS_VTABLE_PROPERTY_EXPLICIT flag
2015-08-27udev: control - add FIXME comment to remove work-aroundKay Sievers
2015-08-26sd-dhcp6: fix domainname memleakDavid Herrmann
strv_extend() does not consume the passed entry, hence, we must properly free it. Furthermore, we should *not* use strv_consume() as we do greedy allocations on 'ret'; and greedy-allocations should only be used for short lived objects or caches. Fix the domainname parser to properly free temporary storage when done.
2015-08-26sd-dhcp: don't randomly ref objectsDavid Herrmann
In our API design, getter-functions don't ref objects. Calls like foo_get_bar() will not ref 'bar'. We never do that and there is no real reason to do it in single threaded APIs. If you need a ref-count, you better take it yourself *BEFORE* doing anything else on the parent object (as this might invalidate your pointer). Right now, sd_dhcp?_get_lease() refs the lease it returns. A lot of code-paths in systemd do not expect this and thus leak the lease reference. Fix this by changing the API to not ref returned objects.
2015-08-26Merge pull request #1047 from poettering/machinectl-TERMDavid Herrmann
machinectl: pass $TERM into "machinectl shell" sessions
2015-08-26Merge pull request #1044 from d-hatayama/fix_systemctl_abspathMartin Pitt
selinux: fix regression of systemctl subcommands when absolute unit file paths are specified
2015-08-26Merge pull request #998 from vbatts/tar_nosparse_flagLennart Poettering
import: don't create sparse tar archives
2015-08-26machinectl: pass $TERM into "machinectl shell" sessionsLennart Poettering
2015-08-26manager: close hostname fd *after* removing it epollLennart Poettering
Otherwise the epoll removal will fail and result in a warning.
2015-08-26resolved: dump cache and zone contents to syslog on SIGUSR1Lennart Poettering
2015-08-26selinux: fix regression of systemctl subcommands when absolute unit file ↵HATAYAMA Daisuke
paths are specified The commit 4938696301a914ec26bcfc60bb99a1e9624e3789 overlooked the fact that unit files can be specified as unit file paths, not unit file names, wrongly passing a unit file path to the 1st argument of manager_load_unit() that handles it as a unit file name. As a result, the following 4 systemctl subcommands: enable disable reenable link mask unmask fail with the following error message: # systemctl enable /usr/lib/systemd/system/kdump.service Failed to execute operation: Unit name /usr/lib/systemd/system/kdump.service is not valid. # systemctl disable /usr/lib/systemd/system/kdump.service Failed to execute operation: Unit name /usr/lib/systemd/system/kdump.service is not valid. # systemctl reenable /usr/lib/systemd/system/kdump.service Failed to execute operation: Unit name /usr/lib/systemd/system/kdump.service is not valid. # cp /usr/lib/systemd/system/kdump.service /tmp/ # systemctl link /tmp/kdump.service Failed to execute operation: Unit name /tmp/kdump.service is not valid. # systemctl mask /usr/lib/systemd/system/kdump.service Failed to execute operation: Unit name /usr/lib/systemd/system/kdump.service is not valid. # systemctl unmask /usr/lib/systemd/system/kdump.service Failed to execute operation: Unit name /usr/lib/systemd/system/kdump.service is not valid. To fix the issue, first check whether a unit file is passed as a unit file name or a unit file path, and then pass the unit file to the appropreate argument of manager_load_unit(). By the way, even with this commit mask and unmask reject unit file paths as follows and this is a correct behavior: # systemctl mask /usr/lib/systemd/system/kdump.service Failed to execute operation: Invalid argument # systemctl unmask /usr/lib/systemd/system/kdump.service Failed to execute operation: Invalid argument
2015-08-26Merge pull request #1043 from phomes/masterDaniel Mack
test-util: fix a memleak
2015-08-25Merge pull request #1039 from poettering/nspawn-machine-templateDaniel Mack
nspawn: make sure --template= and --machine= my be combined
2015-08-25Merge pull request #1038 from poettering/coredumpctl-directoryDaniel Mack
Add --directory= option for reading alternate journal
2015-08-25Merge pull request #1040 from poettering/cgroup-path-fixDaniel Mack
fix "systemctl status idontexist.service" showing the full cgroup tree
2015-08-25test-util: fix a memleakThomas Hindoe Paaboel Andersen
2015-08-25resolve: fix regression in dns-scopeDaniel Mack
Bring back a return statement 106784eb errornously removed. Thanks to @phomes for reporting.
2015-08-25Merge pull request #1041 from phomes/masterDaniel Mack
trivial cleanups
2015-08-25Merge pull request #1034 from poettering/resolved-fixes-2Daniel Mack
various resolved fixes
2015-08-25machinectl: remove unused variableThomas Hindoe Paaboel Andersen
2015-08-25execute: make the invalid entry of the enum -1Thomas Hindoe Paaboel Andersen
Set _EXEC_UTMP_MODE_INVALID to -1. This matches the return value from string_table_lookup.
2015-08-25core: report root cgroup as "/" over the busLennart Poettering
Internally, the root cgroup is stored as the empty string in Unit.cgroup_path, and "no cgroup" as NULL. Unfortunately, D-Bus does not know a NULL concept, hence when reporting the cgroup to clients we should turn the root cgroup into "/", and leave the empty string for the "no cgroup" case. This should make sure that "systemctl status -- -.slice" works correctly and shows the entire cgroup tree.
2015-08-25Revert "systemctl: properly handle empty control group paths in "status""Lennart Poettering
This reverts commit b04c25f9ef6359ed0ae403bdbfe4df840aba0f58.
2015-08-25nspawn: make sure --template= and --machine= my be combinedLennart Poettering
Fixes #1018. Based on a patch from Seth Jennings.
2015-08-25coredumpctl: Add --directory option for reading alternate journalStef Walter
In the Cockpit integration tests we hang onton the journal files for a failed test and would like to inspect them using coredumpctl. This commit adds the ability to specify an alternate directory for coredumpctl to read the journal from.
2015-08-25sd-bus: introduce new match type "arg0has=" for matching arrays of stringsLennart Poettering
Previously, sd-bus inofficially already supported bus matches that tested a string against an array of strings ("as"). This was done via an enhanced way to interpret "arg0=" matches. This is problematic however, since clients have no way to determine if their respective implementation understood strv matches or not, thus allowing invalid matches to be installed without a way to detect that. This patch changes the logic to only allow such matches with a new "arg0has=" syntax. This has the benefit that non-conforming implementations will return a parse error and a client application may thus efficiently detect support for the match type. Matches of this type are useful for "udev"-like systems that "tag" objects with a number of strings, and clients need to be able to match against any of these "tags". The name "has" takes inspiration from Python's ".has_key()" construct.
2015-08-25resolved: add comments to DNS_PACKET_MAKE_FLAGS() clarifying DNS vs LLMNRLennart Poettering
Some flags are defined differently on unicast DNS and LLMNR, let's document this in the DNS_PACKET_MAKE_FLAGS() macro.
2015-08-25resolved: make packet flags logic more expressive againLennart Poettering
This partially reverts 106784ebb7b303ae471851100a773ad2aebf5b80, ad readds separate DNS_PACKET_MAKE_FLAGS() invocations for the LLMNR and DNS case. This is important since SOme flags have different names and meanings on LLMNR and on DNS and we should clarify that via the comments and how we put things together.
2015-08-25resolved: rename DNS UDP socket to 'dns_udp_fd'Lennart Poettering
This hopefully makes this a bit more expressive and clarifies that the fd is not used for the DNS TCP socket. This also mimics how the LLMNR UDP fd is named in the manager object.
2015-08-25bus-util: make more properties settable in --property=Lennart Poettering
Add a couple of new properties to the supported set we can pass in systemd-run's and systemd-nspawn's --property= switch.
2015-08-25core: drop spurious new lineLennart Poettering
2015-08-25machine: policykit string fixesLennart Poettering
2015-08-25Merge pull request #1022 from poettering/machinectl-shellTom Gundersen
Add new "machinectl shell" command for su(1)-like behaviour
2015-08-25Merge pull request #1029 from jsynacek/unprivileged-wall-message-v2Lennart Poettering
logind/systemctl: introduce SetWallMessage and --message
2015-08-25resolved: allow dns_cache_put() without a questionDaniel Mack
Currently, dns_cache_put() does a number of things: 1) It unconditionally removes all keys contained in the passed question before adding keys from the newly arrived answers. 2) It puts positive entries into the cache for all RRs contained in the answer. 3) It creates negative entries in the cache for all keys in the question that are not answered. Allow passing q = NULL in the parameters and skip 1) and 3), so we can use that function for mDNS responses. In this case, the question is irrelevant, we are interested in all answers we got.
2015-08-25sd-network: make LLMNR specific config parser genericDaniel Mack
Rename the enum, the lookup functions and the parser for LLMNRSupport so the type can be reused for mDNS.
2015-08-25resolved: move assertionDaniel Mack
Make a scope with invalid protocol state fail as soon as possible.
2015-08-25resolved: use switch-case statements for protocol detailsDaniel Mack
With more protocols to come, switch repetitive if-else blocks with a switch-case statements.
2015-08-25logind/systemctl: introduce SetWallMessage and --messageJan Synacek
Enable unprivileged users to set wall message on a shutdown operation. When the message is set via the --message option, it is logged together with the default shutdown message. $ systemctl reboot --message "Applied kernel updates." $ journalctl -b -1 ... systemd-logind[27]: System is rebooting. (Applied kernel updates.) ...
2015-08-25resolved: remove runtime check for previously asserted conditionDaniel Mack
2015-08-25sd-bus: introduce new SD_BUS_VTABLE_PROPERTY_EXPLICIT flagLennart Poettering
This allows marking properties as "explicit". Properties marked like this are included in the introspection, but are avoided in GetAll() property queries, PropertiesChanged() signals and in in GetManaged() object manager calls and InterfacesAdded() signals. Expensive properties may be marked that way, and they will be retrievable when explicitly being requested, but never in "blanket" all-property queries and signals. This flag may be combined with the flags for "const" and "emit-validation" properties, but not with "emit-validation", as that is only useful for properties whose value shall be sent in "blanket" all-property signals. The "explicit" flag is also exposed in the introspection data via a new annotation.
2015-08-24resolved: change error code when trying to resolve direct LLMNR PTR RRsLennart Poettering
If we try to resoolve an LLMNR PTR RR we shall connect via TCP directly to the specified IP address. We already refuse to do this if the address to resolve is of a different address family as the transaction's scope. The error returned was EAFNOSUPPORT. Let's change this to ESRCH which is how we indicate "not server available" when connecting for LLMNR or DNS, since that's what this really is: we have no server we could connect to in this address family. This allows us to ensure that no server errors are always handled the same way.
2015-08-24resolve-host: support parsing numeric interface namesLennart Poettering
If the user specifies an interface by its ifindex we should handle this nicely. Hence let's try to parse the ifindex as a number before we try to resolve it as an interface name.
2015-08-24resolved: remove duplicate handling of "no servers" query resultLennart Poettering
So far we handled immediate "no server" query results differently from "no server" results we ran into during operation: the former would cause the dns_query_go() call to fail with ESRCH, the later would result in the query completion callback to be called. Remove the duplicate codepaths, by always going through the completion callback. This allows us to remove quite a number of lines for handling the ESRCH. This commit should not alter behaviour at all.
2015-08-24resolved: replace transaction list by hashmapLennart Poettering
Right now we keep track of ongoing transactions in a linked listed for each scope. Replace this by a hashmap that is indexed by the RR key. Given that all ongoing transactions will be placed in pretty much the same scopes usually this should optimize behaviour. We used to require a list here, since we wanted to do "superset" query checks, but this became obsolete since transactions are now single-key instead of multi-key.
2015-08-24machinectl: extend the "shell" syntax to take user@container namesLennart Poettering
In order to make "machinectl shell" more similar to ssh, allow the following syntax to connect to a container under a specific username: machinectl shell lennart@fedora Also beefs up related man page documentation.
2015-08-24machinectl: make machine name parameters for "shell" and "login" optionalLennart Poettering
If no machine name is specified, imply that we connect to ".host", i.e. the local host.