Age | Commit message (Collapse) | Author |
|
- report actual load error for units which could not be loaded
- make unit_find_paths() report all kinds of errors it encounters
(for consistency)
- consistently handle not-found errors in cat() and edit()
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=87505
Let's make timesyncd less chatty.
|
|
The assert added in 7d328b5446 was wrong. Also update the comments
and make sure we don't try to shift by type size.
|
|
|
|
Let's downgrade the statistics output from LOG_INFO to LOG_DEBUG.
https://bugs.freedesktop.org/show_bug.cgi?id=88926
|
|
nspawn containers currently block module loading in all cases, with
no option to disable it. This allows an admin, specifically setting
capability=CAP_SYS_MODULE or capability=all to load modules.
|
|
We were dropping the most significant bit. Add an assert to make sure it does not happen again.
Fixes a bug introduced in 7d328b544621d4b1bec936dec612947ad8bfb65a.
|
|
|
|
It ran either skip_session() or skip_user_manager(), then ran skip_slices()
iff skip_session() ran. It needs to run skip_slices() in either case.
Included is a test case demonstrating why.
|
|
quiet should really just have an effect on the stuff we dump on the
console, not what we log elsewhere.
Hence:
debug on kernel cmdline → interpreted by every tool, turns up
log levels to "debug" everywhere.
quiet on kernel cmdline → interpreted only by PID 1 (and
obviously the kernel) no alteration of the max log level, but
turns off status output.
http://lists.freedesktop.org/archives/systemd-devel/2014-December/026271.html
|
|
Check sysfs devicetree values in order to detect if we are running on a KVM
hypervisor on a powerpc architecture.
|
|
|
|
|
|
|
|
This one was acutally used to free xattr
|
|
|
|
Add the missing "static" to actually make this a cache.
|
|
|
|
|
|
|
|
missing.h
|
|
|
|
|
|
|
|
./test-dhcp-client would attempt to operate fd 0, i.e. stdin.
For example, './test-dhcp-client </dev/null' would fail with EPERM
because /dev/null cannot be used with epoll.
https://bugzilla.redhat.com/show_bug.cgi?id=1076119
|
|
After all it is now much more like strjoin() than strappend(). At the
same time, add support for NULL sentinels, even if they are normally not
necessary.
|
|
Let's return the fd we found as return value in systemd_netlink_fd(),
instead of using call-by-reference.
|
|
|
|
instead of defining our own string tables
|
|
a single user so far.
|
|
|
|
When booting with systemd-bootchart, default to call the systemd binary
rather than the init binary on disk, which might be another init system.
Collecting data only works with booting systemd.
|
|
On my computer, the minimum brightness enforced by clamping in
backlight is too bright.
Let udev property ID_BACKLIGHT_CLAMP control whether the brightness
is clamped or not.
|
|
Simplify the check from commit 05f73ad to only apply the warning to regular
files instead of enumerating device nodes.
|
|
Using /dev/urandom as a key is valid for swap, do not
warn if this devices are world readable.
|
|
Still keep the non-socket activation code around for starting from the commandline, but
will likely drop that too in the future.
|
|
|
|
Default to timing out after 120 seconds without a network connection. Setting a
timeout of 0 disables the timeout.
|
|
In both cases exit the event loop.
|
|
|
|
|
|
From fd.o bug 88898:
systemd-resolved fails to start:
Failed to drop capabilities: Operation not permitted
Broken in f11943c53ec181829a821c6b27acf828bab71caa.
Drop all capabilities:
1. prctl(PR_SET_KEEPCAPS, keep_capabilities != 0) // 0 when we drop all
capabilities
2. setresuid() // bye bye capabilities
3. Add CAP_SETPCAP // fails because we have no capabilities
4. Reduce capability bounding set
5. Drop capabilities
6. prctl(PR_SET_KEEPCAPS, 0)
Capabilites should always be kept after setresuid() so that the capability
bounding set can be reduced.
Based-on-a-patch-by: mustrumr97@gmail.com
https://bugs.freedesktop.org/show_bug.cgi?id=88898
We must be careful not to leave PR_SET_KEEPCAPS on. We could use the
setresuid() call to drop capabilities, but the rules when capabilities
are dropped are fairly complex, since a transition to non-zero uid must
happen. Let's instead keep the capabilities during setresuid(), and drop
them later.
|
|
This was broken when the code was rearranged in "1e2fd62d70ff
core/load-fragment.c: correct argument sign and split up long lines"
|
|
If we scale our buffer to be wide enough for the format string, we
should expect that the calculation was correct.
char_array_0() invocations are removed, since snprintf nul-terminates
the output in any case.
A similar wrapper is used for strftime calls, but only in timedatectl.c.
|
|
|
|
In the test, p is a path to a directory, always absolute. dent->d_name
is a single path component, so they cannot be equal. The comparison
was wrong also for other reasons: D type supports globs, so direct
comparisons using streq are not enough.
|
|
https://github.com/docker/docker/issues/10280
|
|
|
|
We would otherwise wait for the interface to be completely configured, which
could take considerable time with IPv4LL. As a result nspawn was very slow
at obtaining IP addresses.
|
|
In addition to the loopback device, also explicitly configured devices to be ignored.
Suggested by Charles Devereaux <systemd@guylhem.net>.
|