summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2014-11-25busctl: add new --augment-creds= switch for controlling whether shown ↵Lennart Poettering
credential data shall be augment with data from /proc
2014-11-25sd-bus: update to current kernel version, by splitting off the extended ↵Lennart Poettering
KDBUS_ITEM_PIDS structure from KDBUS_ITEM_CREDS Also: - adds support for euid, suid, fsuid, egid, sgid, fsgid fields. - makes augmentation of creds with data from /proc explicitly controllable to give apps better control over this, given that this is racy. - enables augmentation for kdbus connections (previously we only did it for dbus1). This is useful since with recent kdbus versions it is possible for clients to control the metadata they want to send. - changes sd_bus_query_sender_privilege() to take the euid of the client into consideration, if known - when we don't have permissions to read augmentation data from /proc, don't fail, just don't add the data in
2014-11-25busctl: improve readability a bitLennart Poettering
2014-11-25bus: change creds dumping order to be more close to internal storage orderLennart Poettering
2014-11-25util: skip incomplete ucred information in getpeersec()Lennart Poettering
2014-11-25sd-bus: don't blindly take incomplete ucred bits from AF_UNIX when ↵Lennart Poettering
constructing message
2014-11-25localed: verify xkb keymaps after pk-queriesDavid Herrmann
Make sure not to run xkb-keymap validation twice if pk-queries are used. Move it below pk-checks.
2014-11-25terminal/idev: forward xkb-messagesDavid Herrmann
Properly forward all XKB messages. You can use XKB_LOG_VERBOSITY= to control the amount of messages sent by XKB. We explicitly set XKB_LOG_LEVEL to 7 you can use SYSTEMD_LOG_LEVEL to control the log-level generically.
2014-11-25terminal/idev: avoid magic numbersDavid Herrmann
Use XKB_CONTEXT_NO_FLAGS instead of magic 0.
2014-11-24terminal/idev: use compose tablesDavid Herrmann
Before forwarding keyboard events, feed them into possible compose tables. This enables Compose-key and Dead-key features. Few notes: * REPEAT events are never fed into compose tables. It just doesn't make sense and is usually not wanted. Compose-sequences are usually hard to remember and take time to type. Thus, the REPEAT event of the Compose-key itself would often cancel the compose sequence already. * Stop resolving symbols for UP events. Anything but keycodes is never associated to a physical key, but is a one-time action. There is nothing like UP events for key-symbols! * Cancel compose-sequences on Multi-Key UP. See the inline comment. We should make this configurable!
2014-11-24terminal/idev: add compose-file supportDavid Herrmann
Add support for compose files to idev-keyboard. This requires libxkbcommon-0.5.0, which is pretty new, but should be fine. We don't use the compose-files, yet. Further commits will put life into them.
2014-11-24smack: introduce new SmackProcessLabel optionWaLyong Cho
In service file, if the file has some of special SMACK label in ExecStart= and systemd has no permission for the special SMACK label then permission error will occurred. To resolve this, systemd should be able to set its SMACK label to something accessible of ExecStart=. So introduce new SmackProcessLabel. If label is specified with SmackProcessLabel= then the child systemd will set its label to that. To successfully execute the ExecStart=, accessible label should be specified with SmackProcessLabel=. Additionally, by SMACK policy, if the file in ExecStart= has no SMACK64EXEC then the executed process will have given label by SmackProcessLabel=. But if the file has SMACK64EXEC then the SMACK64EXEC label will be overridden. [zj: reword man page]
2014-11-24gpt-auto-generator: properly ignore valueZbigniew Jędrzejewski-Szmek
A negative return code was treated as a true value.
2014-11-24localed: validate xkb keymapsDavid Herrmann
Introduce a new optional dependency on libxkbcommon for systemd-localed. Whenever the x11 keymap settings are changed, use libxkbcommon to compile the keymap. If the compilation fails, print a warning so users will get notified. On compilation failure, we still update the keymap settings for now. This patch just introduces the xkbcommon infrastructure to have keymap validation in place. We can later decide if/how we want to enforce this.
2014-11-24cryptsetup: default to no hash when keyfile is specifiedZbigniew Jędrzejewski-Szmek
For plain dm-crypt devices, the behavior of cryptsetup package is to ignore the hash algorithm when a key file is provided. It seems wrong to ignore a hash when it is explicitly specified, but we should default to no hash if the keyfile is specified. https://bugs.freedesktop.org/show_bug.cgi?id=52630
2014-11-23manager: only issue overmount warning when the check succeededZbigniew Jędrzejewski-Szmek
If for any reason the check failed (selinux?), we would still issue the warning. Check the return status.
2014-11-23manager: let manager_free() handle NULLsZbigniew Jędrzejewski-Szmek
This makes the calling code a bit simpler.
2014-11-23dbus: return non-zero return value in the case that prefix won't matchLukas Nykryn
strv_extend returns 0 in the case of success which means that else if (bus_track_deserialize_item(&m->deserialized_subscribed, l) == 0) log_warning("Unknown serialization item '%s'", l); will be printed when value is added correctly.
2014-11-23test: support empty environment variables in unit filesIago López Galeiras
Also update TODO, empty environment variables in Environment= and EnvironmentFile= options work.
2014-11-22systemctl: show BindsTo/BoundBy in list-dependenciesZbigniew Jędrzejewski-Szmek
Suggested-by: Peter Mattern <matternp@arcor.de> http://lists.freedesktop.org/archives/systemd-devel/2014-November/025437.html
2014-11-22nspawn: ignore EEXIST when mounting tmpfsRichard Schütz
commit 79d80fc1466512d0ca211f4bfcd9de5f2f816a5a introduced a regression that prevents mounting a tmpfs if the mount point already exits in the container's root file system. This commit fixes the problem by ignoring EEXIST.
2014-11-22Do not check for existence of remote binariesZbigniew Jędrzejewski-Szmek
systemd-run would fail when run with -M or -H and an absolute path, if this path did not exists locally. Allow it to continue, since we don't have a nice way of checking if the binary exists remotely. The case where -M or -H is used and a local path is unchanged, and we still iterate over $PATH to find the binary. We need to convert to an absolute path, and we don't have a nice mechanism to check remotely, so we assume that the binary will be located in the same place locally and remotely. http://lists.freedesktop.org/archives/systemd-devel/2014-November/025418.html
2014-11-22missing: add IFLA_BRPORT_LEARNING and friendsZbigniew Jędrzejewski-Szmek
IFLA_BRPORT_LEARNING was added in v3.10-rc4-583-g9ba18891f7, and IFLA_BRPORT_UNICAST_FLOOD in v3.10-rc4-584-g867a59436f.
2014-11-22missing: add __NR_getrandom for a few more archsZbigniew Jędrzejewski-Szmek
Mips has getrandom() too, but there's just too many variants for me too care. Either someone who cares does it, or they get compile-time warnings with old kernel headers.
2014-11-21selinux-access: fix broken ternary operatorLukas Nykryn
it seems to be a typo introduced by ebcf1f97de4f6b1580ae55eb56b1a3939fe6b602 - _r = selinux_access_check(_b, _m, _u->source_path ?:_u->fragment_path, (permission), &_error); \ + ({ Unit *_unit = (unit); selinux_generic_access_check(bus,message, _unit->fragment_path ?: _unit->fragment_path, permission,error); })
2014-11-21busctl: add --timeout= option to specify method call timeoutLennart Poettering
2014-11-21busctl: add options to control message header flags when invoking methodsLennart Poettering
2014-11-21nspawn: Add try-{host,guest} journal link modesMartin Pitt
--link-journal={host,guest} fail if the host does not have persistent journalling enabled and /var/log/journal/ does not exist. Even worse, as there is no stdout/err any more, there is no error message to point that out. Introduce two new modes "try-host" and "try-guest" which don't fail in this case, and instead just silently skip the guest journal setup. Change -j to mean "try-guest" instead of "guest", and fix the wrong --help output for it (it said "host" before). Change systemd-nspawn@.service.in to use "try-guest" so that this unit works with both persistent and non-persistent journals on the host without failing. https://bugs.debian.org/770275
2014-11-21busctl: show property values in "introspect" output, add "set-property" ↵Lennart Poettering
command, and support both a terse and a verbose output format
2014-11-21busctl: when --address is specified do not assume we connect to a full busLennart Poettering
2014-11-21busctl: use canned error message on parse failureLennart Poettering
2014-11-21sd-bus: create clean error when a property Set() call with incorrect ↵Lennart Poettering
signature is passed in
2014-11-21build: avoid trailing whitespace in feature stringLennart Poettering
2014-11-21util: add functions getting proc cwd and rootJakub Filak
/proc/[pid]/cwd and /proc/[pid]/root are symliks to corresponding directories The added functions returns values of that symlinks.
2014-11-20sd-dhcp-lease: fix copy-paste error asserting wrong function argumentThomas Haller
2014-11-20busctl: pass error output to stdout (rather than stderr) when generate tree ↵Lennart Poettering
for all objects This is a ton more useful when some services fail, since we continue crawling then and output everything to a pager.
2014-11-20busctl: improve output of service credsLennart Poettering
2014-11-20busctl: add new "introspect" verb for introspecting objectsLennart Poettering
2014-11-20sd-bus: refuse properties that claim to be both writable and constant at the ↵Lennart Poettering
same time
2014-11-20core: watchdog bus properties cannot be both writable and constantLennart Poettering
2014-11-20tests: fix minor memory leakLennart Poettering
2014-11-20set: make set_consume() actually free the allocated string if the string ↵Lennart Poettering
already is in the set
2014-11-20busctl: split out introspection parser from tree logic so that we can reuse ↵Lennart Poettering
it for a future "busctl introspect" command
2014-11-19sd-dhcp-lease: load/save client IDDan Williams
The lease is usually tied to the client ID, so users of the lease may want to know what client ID it was acquired with.
2014-11-19sd-dhcp-client: allow getting/setting the client IDDan Williams
The client identifier can be in many different formats, not just the one that systemd creates from the Ethernet MAC address. Non- ethernet interfaces may have different client IDs formats. Users may also have custom client IDs that the wish to use to preserve lease options delivered by servers configured with the existing client ID.
2014-11-18sd-dhcp-lease: expose load/save functionsTom Gundersen
Based on patch by Dan Williams.
2014-11-18sd-dhcp-client: fix REBOOT state handlingDan Williams
client->secs wasn't getting set in the REBOOT state, causing an assertion. REBOOT should work the same way as INIT, per RFC 2131: secs 2 Filled in by client, seconds elapsed since client began address acquisition or renewal process. REBOOT is necessary because some DHCP servers (eg on home routers) do not hand back the same IP address unless the 'ciaddr' field is filled with that address, which DISCOVER cannot do per the RFCs. This leads to multiple leases on machine reboot or DHCP client restart.
2014-11-17namespace: unchecked return value from librarySusant Sahani
fix: CID 1237553 (#1 of 6): Unchecked return value from library (CHECKED_RETURN CID 1237553 (#3 of 6): Unchecked return value from library (CHECKED_RETURN) CID 1237553 (#4 of 6): Unchecked return value from library (CHECKED_RETURN) CID 1237553 (#5 of 6): Unchecked return value from library (CHECKED_RETURN CID 1237553 (#6 of 6): Unchecked return value from library (CHECKED_RETURN)
2014-11-17bus-socket: fix CID#996290 Unchecked return valueSusant Sahani
2014-11-17resolve: fix CID#1237549 Unchecked return valueSusant Sahani