summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2014-11-05sd-bus: by default allow all creds to be passed alongLennart Poettering
2014-11-05core: introduce new Delegate=yes/no property controlling creation of cgroup ↵Lennart Poettering
subhierarchies For priviliged units this resource control property ensures that the processes have all controllers systemd manages enabled. For unpriviliged services (those with User= set) this ensures that access rights to the service cgroup is granted to the user in question, to create further subgroups. Note that this only applies to the name=systemd hierarchy though, as access to other controllers is not safe for unpriviliged processes. Delegate=yes should be set for container scopes where a systemd instance inside the container shall manage the hierarchies below its own cgroup and have access to all controllers. Delegate=yes should also be set for user@.service, so that systemd --user can run, controlling its own cgroup tree. This commit changes machined, systemd-nspawn@.service and user@.service to set this boolean, in order to ensure that container management will just work, and the user systemd instance can run fine.
2014-11-05libsystemd-network: don't use unaligned helpers in _packed_ structsTom Gundersen
The compiler will do this for us.
2014-11-05shared: unaligned - use void* instead of unaligned be16_t*Tom Gundersen
2014-11-05sd-pppoe: whitespaceTom Gundersen
2014-11-05test: hashmap-plain - make coverity happyTom Gundersen
Check return value of hashmap_ensure_allocated(). CID#1250807.
2014-11-05test: fileio - make coverity happyTom Gundersen
Explicitly check the length of the read. Fixes CID#1250803.
2014-11-05shared: ptyfwd - make coverity happyTom Gundersen
Explicitly ignore return value of ioctl to set window size. Fixes CID#1250804 and CID#1250800.
2014-11-05manager: Ensure user's systemd runtime directory exists.Colin Guthrie
This mirrors code in dbus.c when creating the private socket and avoids error messages like: systemd[1353]: bind(/run/user/603/systemd/notify) failed: No such file or directory systemd[1353]: Failed to fully start up daemon: No such file or directory
2014-11-05sd-bus: sync up with new kdbus metadata attachment logic (ABI break)Daniel Mack
The metadata logic in kdbus has seen a rework, and the only mandatory change we have to follow for now is that attach_flags in kdbus_cmd_hello is now split into two parts, attach_flags_send and attach_flags_recv.
2014-11-05udev: avoid magic constants in kernel-cmdline parsersDavid Herrmann
Lets recognize the fact that startswith() returns a pointer to the tail on success. Use it instead of hard-coding string-lengths as magic constants.
2014-11-05udev: Fix parsing of udev.event-timeout kernel parameter.Richard W.M. Jones
2014-11-04util: when sealing memfds, also use F_SEAL_SEALLennart Poettering
Let's be strict here, since its better to be safe than sorry.
2014-11-04sd-bus: rename sd_bus_get_server_id() to sd_bus_get_owner_id()Lennart Poettering
In kdbus a "server id" is mostly a misnomer, as there isn't any "server" involved anymore. Let's rename this to "owner" id hence, since it is an ID that is picked by the owner of a bus or direct connection. This matches nicely the sd_bus_get_owner_creds() call we already have.
2014-11-04sd-bus,sd-event: unify error handling of object descriptionsLennart Poettering
a) When getting the description return ENXIO if none is set b) Allow setting a description to NULL c) return ECHILD on fork() like for other calls
2014-11-04sd-bus: make use of free_and_strdup() where it makes senseLennart Poettering
2014-11-04sd-bus: also allow setting descriptions on bus slotsLennart Poettering
2014-11-04sd-event: implicitly set signal event source's descriptions to the signal nameLennart Poettering
2014-11-04sd-event: rename sd_event_source_set_name() to sd_event_source_get_name()Lennart Poettering
To mirror the recent name change of the concept for sd_bus objects, follow the same logic for sd_event_source objects, too.
2014-11-04test: use assert_se in test_hashmap_moveMichal Schmidt
2014-11-04sd-bus: rename "connection name" to "description" for the sd-bus API tooLennart Poettering
kdbus recently renamed this concept, and so should we in what we expose in userspace.
2014-11-04sd-bus: sync kdbus.h (ABI break)Daniel Mack
Catch up with some changes in kdbus.h: * KDBUS_{ITEM,ATTACH}_CONN_NAME were renamed to KDBUS_{ITEM,ATTACH}_CONN_DESCRIPTION, so the term 'name' is not overloaded as much. * The item types were re-ordered a little so they are lined up to the order of the corresponding KDBUS_ATTACH flags * A new item type KDBUS_ITEM_OWNED_NAME was introduced, designated to store a struct kdbus_name in item->name. KDBUS_ITEM_NAME soley stores data in item->str now * Some kerneldoc fixes
2014-11-04barrier: explicitly ignore return values of barrier_place()David Herrmann
The barrier implementation tracks remote states internally. There is no need to check the return value of any barrier_*() function if the caller is not interested in the result. The barrier helpers only return the state of the remote side, which is usually not interesting as later calls to barrier_sync() will catch this, anyway. Shut up coverity by explicitly ignoring return values of barrier_place() if we're not interested in it.
2014-11-04util: introduce negative_errno()David Herrmann
Imagine a constructor like this: int object_new(void **out) { void *my_object; int r; ... r = ioctl(...); if (r < 0) return -errno; ... *out = my_object; return 0; } We have a lot of those in systemd. If you now call those, gcc might inline the call and optimize it. However, gcc cannot know that "errno" is negative if "r" is. Therefore, a caller like this will produce warnings: r = object_new(&obj); if (r < 0) return r; obj->xyz = "foobar"; In case the ioctl in the constructor fails, gcc might assume "errno" is 0 and thus the error-handling is not triggered. Therefore, "obj" is uninitialized, but accessed. Gcc will warn about that. The new negative_errno() helper can be used to mitigate those warnings. The helper is guaranteed to return a negative integer. Furthermore, it spills out runtime warnings if "errno" is non-negative. Instead of returning "-errno", you can use: return negative_errno(); gcc will no longer assume that this can return >=0, thus, it will not warn about it. Use this new helper in libsystemd-terminal to fix some grdev-drm warnings.
2014-11-04Properly define the __NR_memfd_create macro for MIPSVicente Olivert Riera
This macro exists for MIPS since v3.17: https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=42944521af97a3b25516f15f3149aec3779656dc
2014-11-04localectl: fix localectl set-x11-keymap syntax descriptionJan Synacek
This complements the fix in: commit cd4c6fb12598435fe24431f1dd616f9582f0e3bd Author: Jan Synacek <jsynacek@redhat.com> Date: Mon Oct 20 12:43:39 2014 +0200 man: fix localectl set-x11-keymap syntax description
2014-11-04journald: include audit message type number in MESSAGE= stringLennart Poettering
2014-11-04journal: also consider audit fields with '-' validLennart Poettering
2014-11-04audit: improve the audit messages we generateLennart Poettering
always pass along comm, as documented by audit. Always set the correct comm value.
2014-11-04journald: don't pass around SO_TIMESTAMP timestamp for audit, which we don't ↵Lennart Poettering
have anyway
2014-11-04journal: when dumping log data with missing COMM fields, show "unknown" insteadLennart Poettering
A small readability improvement...
2014-11-04journald: suppress low-level audit text prefix in MESSAGE= fieldLennart Poettering
Let's make the log output more readable, and the header can be reconstructed in full from the other fields
2014-11-04journald: properly decode audit's proctitle= fieldLennart Poettering
2014-11-04journald: enable audit in the kernel when initializingLennart Poettering
Similar to auditd actually turn on auditing as we are starting. This way we can operate entirely without auditd around.
2014-11-03journald: there's no point in turning on SO_TIMESTAMP for audit sockets, ↵Lennart Poettering
audit doesn't support timestamps anyway
2014-11-03journald: fix memory leak on error pathLennart Poettering
2014-11-03journald: also check journal file size to deduce if it is emptyLennart Poettering
2014-11-03journalctl: add new --vacuum-size= and --vacuum-time= commands to clean up ↵Lennart Poettering
journal files based on a size/time limit This is equivalent to the effect of SystemMaxUse= and RetentionSec=, however can be invoked directly instead of implicitly.
2014-11-03journald: fix minor memory leakLennart Poettering
2014-11-03core: introduce ConditionSecurity=auditLennart Poettering
And conditionalize journald audit support with it
2014-11-03journald: if available pull audit messages from the kernel into journal logsLennart Poettering
2014-11-03journald: remove a number of malloc()s from the syslog message handlingLennart Poettering
2014-11-03journald: constify all things!Lennart Poettering
2014-11-03sd-pppoe: include ppp_defs.hLukas Nykryn
On older kernels before this patch: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=e8b671460410c8fd996c8a1c228b718c547cc236 ppp-ioctl.h did not pull in ppp_defs.h which results in build errors
2014-11-02manager: do not print timing when running in test modeZbigniew Jędrzejewski-Szmek
2014-11-02Raise level of 'Found dependency...' linesZbigniew Jędrzejewski-Szmek
This way they always show up together with 'Found ordering cycle...'. Ordering cycles are a serious error and a major pain to debug. If quiet is enabled, only the first and the last line of output are shown: systemd[1]: Found ordering cycle on basic.target/start systemd[1]: Breaking ordering cycle by deleting job timers.target/start systemd[1]: Job timers.target/start deleted to break ordering cycle starting with basic.target/start which isn't particularly enlightening. So just show the whole message at the same level. https://bugzilla.redhat.com/show_bug.cgi?id=1158206
2014-11-01sd-pppoe: fix some leaksTom Gundersen
2014-11-01libsystemd-networkd: introduce sd-pppoe libraryTom Gundersen
This library negotiates a PPPoE channel. It handles the discovery stage and leaves the session stage to the kernel. A further PPP library is needed to actually set up a PPP unit (negotatie LCP, IPCP and do authentication), so in isolation this is not yet very useful. The test program has two modes: # ./test-pppoe will create a veth tunnel in a new network namespace, start pppoe-server on one end and this client library on the other. The pppd server will time out as no LCP is performed, and the client will then shut down gracefully. # ./test-pppoe eth0 will run the client on eth0 (or any other netdev), and requires a PPPoE server to be reachable on the local link.
2014-11-01libudev: Use correct free functionColin Walters
FILE * wants cleanup_fclose(). Spotted by udev hwdb segfaulting in gnome-continuous' buildroot construction.
2014-11-01scsi_id: fix usage spellingJoe Lawrence
s/threat/treat/g