Age | Commit message (Collapse) | Author |
|
|
|
This also allows us to drop build.h from a ton of files, hence do so.
Since we touched the #includes of those files, let's order them properly
according to CODING_STYLE.
|
|
This is highly complex code after all, we really should make sure to
only keep one implementation of this extremely difficult function
around.
|
|
The new free_and_strdup() call does pretty much the same thing these
days, no need to keep a private limited purpose version around.
|
|
|
|
|
|
|
|
Add (void) casting for a couple of functions where we knowingly ignore
the returning error code.
Use EXIT_FAILURE where appropriate.
Try to initialize structures at declaration time, or at once.
|
|
|
|
|
|
Let's teach it a new trick, and make it return NULL.
|
|
Also, make it slightly more powerful, by accepting a flags argument, and
make it safe for handling if more than one cmsg attribute happens to be
attached.
|
|
|
|
Add comment to prioq.c explaining what it does. And more importantly,
mention that we implement a Heap. It's more than annoying having to
figure out what the code actually does, without ever mentioning the word
'heap'.
|
|
|
|
sd-bus: add sd_bus_path_{encode,decode}_many() (v2)
|
|
networkd: Be opportunistic when declaring link configured
|
|
This introduces two new helpers alongside sd_bus_path_{encode,decode}(),
which work similarly to their counterparts, but accept a format-string as
input. This allows encoding and decoding multiple labels of a format
string at the same time.
|
|
Tested with a dummy service running 'sleep', modifying its CPUAffinity,
restarting the service and checking the ^Cpus_allowed entries in the
/proc/PID/status file.
|
|
|
|
Use the new code in config_parse_cpu_affinity2.
Tested by modifying CPUAffinity=... setting in /etc/systemd/system.conf
and reloading the daemon, then checking ^Cpus_allowed in /proc/1/status
to confirm the correct CPU mask is in place.
|
|
hostnamed: drop redundant code
|
|
Doing argc checks once is enough enough enough enough.
|
|
The DHCP variable in the [Network] section of the network configuration
file moves the link to the configured state according to the following:
DHCP=yes Link is configured when either DHCPv4 or DHCPv6 succeed
DHCP=ipv4 Link is configured only when DHCPv4 succeeds
DHCP=ipv6 Link is configured only when DHCPv6 succeeds
DHCP=no Neither DHCPv4 or DHCPv6 is attempted
Reported by Martin Pitt.
Fixes https://github.com/systemd/systemd/issues/1368
|
|
Introduce personality support for Linux on z Systems to run
particular services with a 64-bit or 31-bit personality.
|
|
sd-event: fix prepare priority queue comparison function
|
|
sd-dhcp6: ensure canceling lease timers and refactor setting lease
|
|
DHCPv6 suspend fixes
|
|
Otherwise a disabled event source can get swapped with an enabled one
and cause a severe sd-event malfunction.
http://lists.freedesktop.org/archives/systemd-devel/2015-September/034356.html
|
|
Add fallback for kcmp() in case __NR_kcmp is undefined
|
|
IA64 is missing this syscall as of linux-4.2.
This works around it until the necessary kernel patch gets merged.
|
|
core: make setup_pam() synchronous
|
|
exec: fix the wrong SMACK labeling of (sd-pam) daemon v3
|
|
Set accept_ra to "2" if enabled in config
|
|
|
|
This cleans up exec_child() function by moving mac_smack_apply_pid()
and setup_pam() to the same condition block, since both of them have
the same condition (i.e params->apply_permissions). It improves
readability without changing its operation.
|
|
Wait until DHCPv6 has acquired an address before announcing the link
to be configured. Log the DHCPv6 lease lost event.
|
|
Whenever a Router Advertisement is received, dhcp6_configure() will be
called. A Router Advertisment can also instruct DHCPv6 to start acquiring
IPv6 addresses in manged mode, if it previously was handling only other
information. As an Router Advertisment is also received after the DHCPv6
client has resumed from a suspend, fix the function not to assume DHCPv6
is currently running, but instead try to restart it. Handle
sd_dhcp6_start() returning -EALREADY indicating that the DHCPv6 client was
already running.
Collect all client unrefs in one place to unclutter the error handling.
Fixes https://github.com/systemd/systemd/issues/963
|
|
Update the test case to stop the ongoing Information Request exchange
before unsetting its state. To keep the test case callback verification
simpler, temporarily unset the callback function before stopping.
|
|
Prevent modifications to index, MAC address, DUID and Information
Request while the DHCPv6 client is running.
Require the DHCPv6 client to be stopped first instead of always
unconditionally restarting it if the caller calls
sd_dhcp6_client_start() more than once. With this change, handling
of for example incoming Router Advertisments becomes much easier.
|
|
When 'SmackProcessLabel=' is used in user@.service file, all processes
launched in systemd user session should be labeled as the designated name
of 'SmackProcessLabel' directive. However, if systemd has its own smack
label using '--with-smack-run-label' configuration, '(sd-pam)' is
labeled as the specific name of '--with-smack-run-label'. If
'SmackProcessLabel=' is used in user@.service file without
'--with-smack-run-label' configuration, (sd-pam) is labeled as "_" since
systemd (i.e. pid=1) is labeled as "_".
This is mainly because setup_pam() function is called before applying
smack label to child process. This patch fixes it by calling setup_pam()
after setting the smack label.
|
|
Hook more properties for transient units
|
|
This causes the kernel to accept router advertisments even if
ip forwarding is enabled for this interface.
This fixes #1340.
|
|
systemd-run can now launch units with WorkingDirectory, RootDirectory set.
|
|
If we spawn a unit with a non-empty 'PAMName=', we fork off a
child-process _inside_ the unit, known as '(sd-pam)', which watches the
session. It waits for the main-process to exit and then finishes it via
pam_close_session(3).
However, the '(sd-pam)' setup is highly asynchronous. There is no
guarantee that process gets spawned before we finish the unit setup.
Therefore, there might be a root-owned process inside of the cgroup of
the unit, thus causing cg_migrate() to error-out with EPERM.
This patch makes setup_pam() synchronous and waits for the '(sd-pam)'
setup to finish before continuing. This guarantees that setresuid(2) was
at least tried before we continue with the child setup of the real unit.
Note that if setresuid(2) fails, we already warn loudly about it. You
really must make sure that you own the passed user if using 'PAMName='.
It seems very plausible to rely on that assumption.
|
|
core: fix shutdown of --user
|
|
Add a 'destination' match rule for every SERVICE argument in addition to
the 'sender' rule. This is consistent with busctl(1), which documents
monitor as dumping "messages to or from this peer".
|
|
Shutting down a user session currently fails with:
Sep 22 22:35:38 david-t2 systemd[640]: Reached target Shutdown.
Sep 22 22:35:38 david-t2 systemd[640]: Starting Exit the Session...
Sep 22 22:35:38 david-t2 systemd[640]: Received SIGRTMIN+24 from PID 659 (kill).
Sep 22 22:35:38 david-t2 systemd[640]: Shutting down.
Sep 22 22:35:38 david-t2 systemd[640]: Not executed by init (PID 1).
Sep 22 22:35:38 david-t2 systemd[640]: Critical error while doing system shutdown: Operation not permitted
This is a regression from:
commit 287419c119ef961db487a281162ab037eba70c61
Author: Alban Crequy <alban.crequy@gmail.com>
Date: Fri Sep 18 13:37:34 2015 +0200
containers: systemd exits with non-zero code
Make sure we never ever execute systemd-shutdown from within a
user-manager. Restore the previous behavior by partially reverting given
commit.
|
|
pam: systemd-user - call selinux module
|
|
|