Age | Commit message (Collapse) | Author |
|
On the contrary of env, the added function returns all characters
cescaped, because it improves reproducibility.
|
|
For IPv6, the kernel returns EINVAL if a route is added with the
RTA_GATEWAY attribute set to in6addr_any (::). A route without a
gateway is useful in some situations, such as layer 3 tunneling
(sit, gre, etc.).
This patch prevents the RTA_GATEWAY attribute from being added
when route.in_addr is ip6addr_any (::).
|
|
This also makes the source port less predicatable.
|
|
This makes it possible to drop in logind configuration snippets from a
package or other configuration management mechanism.
Add documentation to the header of /etc/logind.conf pointing the user at
/etc/logind.conf.d/*.conf.
Introduce a new helper, conf_parse_many, to parse configuration files in
a search path.
|
|
Several different systemd tools define a nulstr containing a standard
series of configuration file directories, in /etc, /run, /usr/local/lib,
/usr/lib, and (#ifdef HAVE_SPLIT_USR) /lib. Factor that logic out into
a new helper macro, CONF_DIRS_NULSTR.
|
|
systemd-journald would refuse to start if it received an unknown
socket from systemd. This is annoying, because the failure more for
systemd-journald is unpleasant: systemd will keep restarting journald,
but most likely the same error will occur every time. It is better
to continue. journald will try to open missing sockets on its own,
so things should mostly work.
One question is whether to close the sockets which cannot be parsed or
to keep them open. Either way we might lose some messages. This
failure is most likely for the audit socket (selinux issues), which
can be opened multiple times so this not a problem, so I decided to
keep them open because it makes it easier to debug the issue after the
system is fully started.
|
|
systemd stops adding automatic dependencies on swap.target to swap
units. If a dependency is required, it has to be added by unit
configuration. fstab-generator did that already, except that now it is
modified to create a Requires or Wants type dependency, depending on
whether nofail is specified in /etc/fstab. This makes .swap units
obey the nofail/noauto options more or less the same as .mount units.
Documentation is extended to clarify that, and to make
systemd.mount(5) and system.swap(5) more similar. The gist is not
changed, because current behaviour actually matches existing
documentation.
https://bugs.freedesktop.org/show_bug.cgi?id=86488
|
|
When booting in quiet mode, fatal messages would not be shown at all to the user.
https://bugzilla.redhat.com/show_bug.cgi?id=1155468
|
|
This adds a new log_emergency() function, which is equivalent to
log_error() for non-PID-1, and logs at the highest priority for PID 1.
Some messages which occur before freezing are converted to use it.
|
|
|
|
dbus1 only checks if these files parse correctly so let's do the same for now.
|
|
it passes with the bus proxy enforcement
|
|
creds to make security decisions
|
|
Let's ask for the security relevant bits in a race-free way, and augment
the rest from /proc.
|
|
need to FREE them after all
|
|
When checking if the transaction is destructive, we need to check if the
previously installed job is a superset of the new job (and hence the new
job will fold into the installed one without changing it), not the other
way around.
|
|
job_type_is_conflicting(X, JOB_NOP) correctly gives: false.
job_type_allows_late_merge(JOB_NOP) && job_type_is_superset(X, JOB_NOP)
correctly gives: true.
|
|
Several functions called from transaction_activate() need to correctly
handle the case where a JOB_NOP job is being checked against a unit's
pending job. The assumption that JOB_NOP never merges with other job
types was correct, but since the job_type_is_*() functions are
implemented using the merge lookup, they need to special-case JOB_NOP
to avoid hitting assertion failures.
|
|
|
|
|
|
to us, no need to convert to uid_t manually
This way, we can save one allocation and avoid copying the array
unnecesarily.
|
|
We changed creds to u32, so fix systemd sd-bus to acknowledge that.
|
|
This makes udevadm trigger mirror udevadm info, except that multiple
device names can be specified. Instructions in 60-keyboard.hwdb should
now actually work.
udevadm(8) is updated, but it could use a bit more polishing.
https://bugs.freedesktop.org/show_bug.cgi?id=82311
|
|
The idea is to unify the way that devices can be specified.
|
|
attached to incoming messages
We don't know what the activated service might want in the end, hence
enable everything current and future, just to be sure.
|
|
|
|
On the system and user busses we create it's the receiver that chooses
which metadata is attched, not the sender, hence set the requirement
mask to ANY, to allow any current of future credential bit to be
attached.
|
|
|
|
This simplifies things a bit and makes sure we free any previously set
creds component before writing in a new one.
|
|
|
|
|
|
dropped broadcast messages and proceeding
|
|
|
|
|
|
|
|
Also, properly keep track of incoming additional service names.
|
|
kernel messages
|
|
creds object
|
|
|
|
bus owner
|
|
|
|
selinux context
|
|
credential data shall be augment with data from /proc
|
|
KDBUS_ITEM_PIDS structure from KDBUS_ITEM_CREDS
Also:
- adds support for euid, suid, fsuid, egid, sgid, fsgid fields.
- makes augmentation of creds with data from /proc explicitly
controllable to give apps better control over this, given that this is
racy.
- enables augmentation for kdbus connections (previously we only did it
for dbus1). This is useful since with recent kdbus versions it is
possible for clients to control the metadata they want to send.
- changes sd_bus_query_sender_privilege() to take the euid of the client
into consideration, if known
- when we don't have permissions to read augmentation data from /proc,
don't fail, just don't add the data in
|
|
|
|
|
|
|
|
constructing message
|
|
Make sure not to run xkb-keymap validation twice if pk-queries are used.
Move it below pk-checks.
|
|
Properly forward all XKB messages. You can use XKB_LOG_VERBOSITY= to
control the amount of messages sent by XKB. We explicitly set
XKB_LOG_LEVEL to 7 you can use SYSTEMD_LOG_LEVEL to control the log-level
generically.
|