Age | Commit message (Collapse) | Author |
|
|
|
sd-bus: add sd_bus_path_{encode,decode}_many() (v2)
|
|
networkd: Be opportunistic when declaring link configured
|
|
This introduces two new helpers alongside sd_bus_path_{encode,decode}(),
which work similarly to their counterparts, but accept a format-string as
input. This allows encoding and decoding multiple labels of a format
string at the same time.
|
|
Tested with a dummy service running 'sleep', modifying its CPUAffinity,
restarting the service and checking the ^Cpus_allowed entries in the
/proc/PID/status file.
|
|
|
|
Use the new code in config_parse_cpu_affinity2.
Tested by modifying CPUAffinity=... setting in /etc/systemd/system.conf
and reloading the daemon, then checking ^Cpus_allowed in /proc/1/status
to confirm the correct CPU mask is in place.
|
|
hostnamed: drop redundant code
|
|
Doing argc checks once is enough enough enough enough.
|
|
The DHCP variable in the [Network] section of the network configuration
file moves the link to the configured state according to the following:
DHCP=yes Link is configured when either DHCPv4 or DHCPv6 succeed
DHCP=ipv4 Link is configured only when DHCPv4 succeeds
DHCP=ipv6 Link is configured only when DHCPv6 succeeds
DHCP=no Neither DHCPv4 or DHCPv6 is attempted
Reported by Martin Pitt.
Fixes https://github.com/systemd/systemd/issues/1368
|
|
Introduce personality support for Linux on z Systems to run
particular services with a 64-bit or 31-bit personality.
|
|
sd-event: fix prepare priority queue comparison function
|
|
sd-dhcp6: ensure canceling lease timers and refactor setting lease
|
|
DHCPv6 suspend fixes
|
|
Otherwise a disabled event source can get swapped with an enabled one
and cause a severe sd-event malfunction.
http://lists.freedesktop.org/archives/systemd-devel/2015-September/034356.html
|
|
Add fallback for kcmp() in case __NR_kcmp is undefined
|
|
IA64 is missing this syscall as of linux-4.2.
This works around it until the necessary kernel patch gets merged.
|
|
core: make setup_pam() synchronous
|
|
exec: fix the wrong SMACK labeling of (sd-pam) daemon v3
|
|
Set accept_ra to "2" if enabled in config
|
|
|
|
This cleans up exec_child() function by moving mac_smack_apply_pid()
and setup_pam() to the same condition block, since both of them have
the same condition (i.e params->apply_permissions). It improves
readability without changing its operation.
|
|
Wait until DHCPv6 has acquired an address before announcing the link
to be configured. Log the DHCPv6 lease lost event.
|
|
Whenever a Router Advertisement is received, dhcp6_configure() will be
called. A Router Advertisment can also instruct DHCPv6 to start acquiring
IPv6 addresses in manged mode, if it previously was handling only other
information. As an Router Advertisment is also received after the DHCPv6
client has resumed from a suspend, fix the function not to assume DHCPv6
is currently running, but instead try to restart it. Handle
sd_dhcp6_start() returning -EALREADY indicating that the DHCPv6 client was
already running.
Collect all client unrefs in one place to unclutter the error handling.
Fixes https://github.com/systemd/systemd/issues/963
|
|
Update the test case to stop the ongoing Information Request exchange
before unsetting its state. To keep the test case callback verification
simpler, temporarily unset the callback function before stopping.
|
|
Prevent modifications to index, MAC address, DUID and Information
Request while the DHCPv6 client is running.
Require the DHCPv6 client to be stopped first instead of always
unconditionally restarting it if the caller calls
sd_dhcp6_client_start() more than once. With this change, handling
of for example incoming Router Advertisments becomes much easier.
|
|
When 'SmackProcessLabel=' is used in user@.service file, all processes
launched in systemd user session should be labeled as the designated name
of 'SmackProcessLabel' directive. However, if systemd has its own smack
label using '--with-smack-run-label' configuration, '(sd-pam)' is
labeled as the specific name of '--with-smack-run-label'. If
'SmackProcessLabel=' is used in user@.service file without
'--with-smack-run-label' configuration, (sd-pam) is labeled as "_" since
systemd (i.e. pid=1) is labeled as "_".
This is mainly because setup_pam() function is called before applying
smack label to child process. This patch fixes it by calling setup_pam()
after setting the smack label.
|
|
Hook more properties for transient units
|
|
This causes the kernel to accept router advertisments even if
ip forwarding is enabled for this interface.
This fixes #1340.
|
|
systemd-run can now launch units with WorkingDirectory, RootDirectory set.
|
|
If we spawn a unit with a non-empty 'PAMName=', we fork off a
child-process _inside_ the unit, known as '(sd-pam)', which watches the
session. It waits for the main-process to exit and then finishes it via
pam_close_session(3).
However, the '(sd-pam)' setup is highly asynchronous. There is no
guarantee that process gets spawned before we finish the unit setup.
Therefore, there might be a root-owned process inside of the cgroup of
the unit, thus causing cg_migrate() to error-out with EPERM.
This patch makes setup_pam() synchronous and waits for the '(sd-pam)'
setup to finish before continuing. This guarantees that setresuid(2) was
at least tried before we continue with the child setup of the real unit.
Note that if setresuid(2) fails, we already warn loudly about it. You
really must make sure that you own the passed user if using 'PAMName='.
It seems very plausible to rely on that assumption.
|
|
core: fix shutdown of --user
|
|
Add a 'destination' match rule for every SERVICE argument in addition to
the 'sender' rule. This is consistent with busctl(1), which documents
monitor as dumping "messages to or from this peer".
|
|
Shutting down a user session currently fails with:
Sep 22 22:35:38 david-t2 systemd[640]: Reached target Shutdown.
Sep 22 22:35:38 david-t2 systemd[640]: Starting Exit the Session...
Sep 22 22:35:38 david-t2 systemd[640]: Received SIGRTMIN+24 from PID 659 (kill).
Sep 22 22:35:38 david-t2 systemd[640]: Shutting down.
Sep 22 22:35:38 david-t2 systemd[640]: Not executed by init (PID 1).
Sep 22 22:35:38 david-t2 systemd[640]: Critical error while doing system shutdown: Operation not permitted
This is a regression from:
commit 287419c119ef961db487a281162ab037eba70c61
Author: Alban Crequy <alban.crequy@gmail.com>
Date: Fri Sep 18 13:37:34 2015 +0200
containers: systemd exits with non-zero code
Make sure we never ever execute systemd-shutdown from within a
user-manager. Restore the previous behavior by partially reverting given
commit.
|
|
pam: systemd-user - call selinux module
|
|
|
|
https://bugzilla.redhat.com/show_bug.cgi?id=1262933
|
|
sd-bus: introduce new sd_bus_default_flush_close() call
|
|
Fixup WWN bytes for big-endian systems
|
|
A variety of mostly unrelated fixes
|
|
core: add support for usb functionfs v3
|
|
Fixes #1330
|
|
By using these parameters functionfs service can specify ffs descriptors
and strings which should be written to ep0.
|
|
For handling functionfs endpoints additional socket type is added.
|
|
|
|
No need to keep both functions, settle on uid_is_valid() for everything.
|
|
Of course, because Linux is broken we cannot actually really order it,
and must keep linux/fs.h after sys/mount.h... Yay for Linux!
|
|
Never log when we fail due to OOM when translating enums, let the caller
do that. Translating basic types like enums should be something where
the caller logs, not the translatior functions.
Return -1 when NULL is passed to all enum parser functions.
The non-fallback versions of the enum translator calls already handle
NULL as failure, instead of hitting an assert, and we should do this
here, too.
|
|
Let's always keep space for the full help text. (We used to do that, but
recently another line of help was added which broke this.)
|
|
When 0 bytes are to be written, make sure to go into read() at least
once, in order to validate the parameters, such as the passed fd.
Return error on huge values, add a couple of asserts and casts where
appropriate.
|