Age | Commit message (Collapse) | Author |
|
Various operations done by systemd-tmpfiles may only be safely done at
boot (e.g. removal of X lockfiles in /tmp, creation of /run/nologin).
Other operations may be done at any point in time (e.g. setting the
ownership on /{run,var}/log/journal). This distinction is largely
orthogonal to the type of operation.
A new switch --unsafe is added, and operations which should only be
executed during bootup are marked with an exclamation mark in the
configuration files. systemd-tmpfiles.service is modified to use this
switch, and guards are added so it is hard to re-start it by mistake.
If we install a new version of systemd, we actually want to enforce
some changes to tmpfiles configuration immediately. This should now be
possible to do safely, so distribution packages can be modified to
execute the "safe" subset at package installation time.
/run/nologin creation is split out into a separate service, to make it
easy to override.
https://bugzilla.redhat.com/show_bug.cgi?id=1043212
https://bugzilla.redhat.com/show_bug.cgi?id=1045849
|
|
before parsing
|
|
to non-existing service
|
|
Also, don't show machine name by default as this might cause timeouts on
non-responding peers.
|
|
including it in the log strings
|
|
|
|
This allows userspace to fake kdbus creds via struct ucred in the proxy,
without making the recieving side choke on the missing fields of the
kdbus struct, more precisel pid_starttime and tid
|
|
Introduce new call getpeercred() which internally just uses SO_PEERCRED
but checks if the returned data is actually useful due to namespace
quirks.
|
|
|
|
|
|
|
|
Previously we invalidated the peeked signature as soon as the caller
would recurse into a container, making stack based handling difficult.
With this change we will keep the peeked signature around until the user
advances to the next field.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
then read message
There's no EOF generated for AF_UNIX/SOCK_DGRAM sockets, hence let's
wait for the child first to see if it succeeded, only then read the socket.
|
|
useful as message creds
|
|
instead
|
|
|
|
if no properties with a change flag are in the interface
|
|
|
|
systemd-delta /run/systemd/system will show all unit overrides
in /run, etc.
|
|
Also, fix highlighting, add more debug statements, make const tables
static and global, run path_kill_slashes only at entry.
|
|
|
|
|
|
|
|
|
|
Let's try to standardize on a single non-cryptographic hash algorithm,
and for that SipHash appears to be the best answer.
With this change there are two other hash functions left in systemd: an
older version of MurmurHash embedded into libudev for the bloom filters
in udev messages (which is hard to update, given that the we probably
should stay compatible with older versions of the library). And lookup3
in the journal files (which we could replace for new files, but which is
probably not worth the work).
|
|
|
|
|
|
Units from user services underneath user@.service would not be detected
properly.
|
|
|
|
Also, introduce a new environment variable named $WATCHDOG_PID which
cotnains the PID of the process that is supposed to send the keep-alive
events. This is similar how $LISTEN_FDS and $LISTEN_PID work together,
and protects against confusing processes further down the process tree
due to inherited environment.
|
|
|
|
SipHash appears to be the new gold standard for hashing smaller strings
for hashtables these days, so let's make use of it.
|
|
|
|
|
|
This reverts commit 9818fa6d6d32d87a3e1b96934a54523ea6b02879.
The proxy does not work anymore with this patch.
|
|
|
|
Reuse existing functionality when adding T2 Rebinding support.
|
|
Factor out common code from timeout T1 handling and starting of
the DHCP client.
|
|
Expiration of T1 timeout takes the client to the Rebinding state,
where it attempts to renew its lease. Start by opening a DCHP unicast
socket as there now is a proper IP address set.
Compute the resend timer as half of the remaining time down to a
minimum of 60 seconds (RFC2131). Modify DHCP Request sending to send
only UDP DHCP data when unicasting. Also modify DHCP Ack/Nak
receiving such that the client_receive_ack() takes care of using
either the full IP, UDP, DHCP packet or only the DHCP payload
depending whether the client is in Requesting or Renewing state.
Finally always report DHCP_EVENT_IP_ACQUIRE from Requesting state
and only DHCP_EVENT_IP_CHANGE if the IP address was modified when
the lease was renewed.
|
|
Create a helper functions setting up an unicast DHCP UDP socket and
sending data. Add function stubs for the test program.
[tomegun: initialize structs when allocating, and drop unneccesary 'err']
|
|
|