summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2016-10-15virt: add possibility to skip the check for chroot (#4374)Lukáš Nykrýn
https://bugzilla.redhat.com/show_bug.cgi?id=1379852
2016-10-14core: make settings for unified cgroup hierarchy supersede the ones for ↵Tejun Heo
legacy hierarchy (#4269) There are overlapping control group resource settings for the unified and legacy hierarchies. To help transition, the settings are translated back and forth. When both versions of a given setting are present, the one matching the cgroup hierarchy type in use is used. Unfortunately, this is more confusing to use and document than necessary because there is no clear static precedence. Update the translation logic so that the settings for the unified hierarchy are always preferred. systemd.resource-control man page is updated to reflect the change and reorganized so that the deprecated settings are at the end in its own section.
2016-10-14nspawn: remove unused variable (#4369)Thomas H. P. Andersen
2016-10-13Merge pull request #4243 from ↵Lennart Poettering
endocode/djalal/sandbox-first-protection-kernelmodules-v1 core:sandbox: Add ProtectKernelModules= and some fixes
2016-10-13Merge pull request #653 from dvdhrm/bus-goldZbigniew Jędrzejewski-Szmek
2016-10-13Merge pull request #4363 from stefan-it/replace-while-loopsDaniel Mack
basic,coredump: use for loop instead of while
2016-10-13nspawn: cleanup and chown the synced cgroup hierarchy (#4223)Evgeny Vereshchagin
Fixes: #4181
2016-10-13Merge pull request #4362 from poettering/journalbootlistfixZbigniew Jędrzejewski-Szmek
2016-10-12coredump: use for() loop instead of while()Stefan Schweter
2016-10-12basic: use for() loop instead of while()Stefan Schweter
2016-10-12Merge pull request #4358 from fsateler/pam-configLennart Poettering
Pam config fixes
2016-10-12journalctl: say in which directory we vacuum stuffLennart Poettering
Fixes: #4060
2016-10-12journalctl: don't claim the journal was stored on diskLennart Poettering
Let's just say that the journal takes up space in the file system, not on disk, as tmpfs is definitely a file system, but not a disk. Fixes: #4059
2016-10-12journal: refuse opening journal files from the future for writingLennart Poettering
Never permit that we write to journal files that have newer timestamps than our local wallclock has. If we'd accept that, then the entries in the file might end up not being ordered strictly. Let's refuse this with ETXTBSY, and then immediately rotate to use a new file, so that each file remains strictly ordered also be wallclock internally.
2016-10-12journald: automatically rotate journal files when the clock jumps backwardsLennart Poettering
As soon as we notice that the clock jumps backwards, rotate journal files. This is beneficial, as this makes sure that the entries in journal files remain strictly ordered internally, and thus the bisection algorithm applied on it is not confused. This should help avoiding borked wallclock-based bisection on journal files as witnessed in #4278.
2016-10-12journald: use the event loop dispatch timestamp for journal entriesLennart Poettering
Let's use the earliest linearized event timestamp for journal entries we have: the event dispatch timestamp from the event loop, instead of requerying the timestamp at the time of writing. This makes the time a bit more accurate, allows us to query the kernel time one time less per event loop, and also makes sure we always use the same timestamp for both attempts to write an entry to a journal file.
2016-10-12journal: when iterating through entry arrays and we hit an invalid one keep ↵Lennart Poettering
going When iterating through partially synced journal files we need to be prepared for hitting with invalid entries (specifically: non-initialized). Instead of generated an error and giving up, let's simply try to preceed with the next one that is valid (and debug log about this). This reworks the logic introduced with caeab8f626e709569cc492b75eb7e119076059e7 to iteration in both directions, and tries to look for valid entries located after the invalid one. It also extends the behaviour to both iterating through the global entry array and per-data object entry arrays. Fixes: #4088
2016-10-12journal: add an explicit check for uninitialized objectsLennart Poettering
Let's make dissecting of borked journal files more expressive: if we encounter an object whose first 8 bytes are all zeroes, then let's assume the object was simply never initialized, and say so. Previously, this would be detected as "overly short object", which is true too in a away, but it's a lot more helpful printing different debug options for the case where the size is not initialized at all and where the size is initialized to some bogus value. No function behaviour change, only a different log messages for both cases.
2016-10-12journal: also check that our entry arrays are properly orderedLennart Poettering
Let's and extra check, reusing check_properly_ordered() also for journal_file_next_entry_for_data().
2016-10-12journal: split out check for properly ordered arrays into its own functionLennart Poettering
This adds a new call check_properly_ordered(), which we can reuse later, and makes the code a bit more readable.
2016-10-12journal: split out array index inc/dec code into a new call bump_array_index()Lennart Poettering
This allows us to share a bit more code between journal_file_next_entry() and journal_file_next_entry_for_data().
2016-10-12journal: when we encounter a broken journal file, add some debug loggingLennart Poettering
Let's make it easier to figure out when we see an invalid journal file, why we consider it invalid, and add some minimal debug logging for it. This log output is normally not seen (after all, this all is library code), unless debug logging is exlicitly turned on.
2016-10-12Avoid forever loop for journalctl --list-boots command (#4278)hese10
When date is changed in system to future and normal user logs to new journal file, and then date is changed back to present time, the "journalctl --list-boot" command goes to forever loop. This commit tries to fix this problem by checking first the boot id list if the found boot id was already in that list. If it is found, then stopping the boot id find loop.
2016-10-12systemd-user: add pam_unix account moduleFelipe Sateler
Otherwise systemd-user@ fails because systemd validates the account Fixes: #4342
2016-10-12test: add test to make sure that ProtectKernelModules=yes disconnect mount ↵Djalal Harouni
propagation
2016-10-12core: make sure to dump ProtectKernelModules= valueDjalal Harouni
2016-10-12core: check protect_kernel_modules and private_devices in order to setup NNPDjalal Harouni
2016-10-12core:sandbox: lets make /lib/modules/ inaccessible on ProtectKernelModules=Djalal Harouni
Lets go further and make /lib/modules/ inaccessible for services that do not have business with modules, this is a minor improvment but it may help on setups with custom modules and they are limited... in regard of kernel auto-load feature. This change introduce NameSpaceInfo struct which we may embed later inside ExecContext but for now lets just reduce the argument number to setup_namespace() and merge ProtectKernelModules feature.
2016-10-12test: add test to make sure that CAP_SYS_RAWIO was removed on PrivateDevices=yesDjalal Harouni
2016-10-12core:sandbox: remove CAP_SYS_RAWIO on PrivateDevices=yesDjalal Harouni
The rawio system calls were filtered, but CAP_SYS_RAWIO allows to access raw data through /proc, ioctl and some other exotic system calls...
2016-10-12test: add capability tests for ProtectKernelModules=Djalal Harouni
This just adds capabilities test.
2016-10-12core:sandbox: Add ProtectKernelModules= optionDjalal Harouni
This is useful to turn off explicit module load and unload operations on modular kernels. This option removes CAP_SYS_MODULE from the capability bounding set for the unit, and installs a system call filter to block module system calls. This option will not prevent the kernel from loading modules using the module auto-load feature which is a system wide operation.
2016-10-12Merge pull request #4351 from keszybz/nspawn-debuggingLennart Poettering
Enhance nspawn debug logs for mount/unmount operations
2016-10-12Allow block and char classes in DeviceAllow bus properties (#4353)Zbigniew Jędrzejewski-Szmek
Allowed paths are unified betwen the configuration file parses and the bus property checker. The biggest change is that the bus code now allows "block-" and "char-" classes. In addition, path_startswith("/dev") was used in the bus code, and startswith("/dev") was used in the config file code. It seems reasonable to use path_startswith() which allows a slightly broader class of strings. Fixes #3935.
2016-10-11networkd: add dbus interface for lease raw options (#3528)Andrew Jeddeloh
Add a dbus object to represent dhcp leases and their raw options (i.e. options 224-254).
2016-10-11core/main: get rid from excess check of ACTION_TEST (#4350)0xAX
If `--test` command line option was passed, the systemd set skip_setup to true during bootup. But after this we check again that arg_action is test or help and opens pager depends on result. We should skip setup in a case when `--test` is passed, but it is also safe to set skip_setup in a case of `--help`. So let's remove first check and move skip_setup = true to the second check.
2016-10-11missing: add a bunch of mount flagsZbigniew Jędrzejewski-Szmek
2016-10-11nspawn: let's mount(/tmp) inside the user namespace (#4340)Evgeny Vereshchagin
Fixes: host# systemd-nspawn -D ... -U -b systemd.unit=multi-user.target ... $ grep /tmp /proc/self/mountinfo 154 145 0:41 / /tmp rw - tmpfs tmpfs rw,seclabel,uid=1036124160,gid=1036124160 $ umount /tmp umount: /root/tmp: not mounted $ systemctl poweroff ... [FAILED] Failed unmounting Temporary Directory.
2016-10-11nspawn,mount-util: add [u]mount_verbose and use it in nspawnZbigniew Jędrzejewski-Szmek
This makes it easier to debug failed nspawn invocations: Mounting sysfs on /var/lib/machines/fedora-rawhide/sys (MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV "")... Mounting tmpfs on /var/lib/machines/fedora-rawhide/dev (MS_NOSUID|MS_STRICTATIME "mode=755,uid=1450901504,gid=1450901504")... Mounting tmpfs on /var/lib/machines/fedora-rawhide/dev/shm (MS_NOSUID|MS_NODEV|MS_STRICTATIME "mode=1777,uid=1450901504,gid=1450901504")... Mounting tmpfs on /var/lib/machines/fedora-rawhide/run (MS_NOSUID|MS_NODEV|MS_STRICTATIME "mode=755,uid=1450901504,gid=1450901504")... Bind-mounting /sys/fs/selinux on /var/lib/machines/fedora-rawhide/sys/fs/selinux (MS_BIND "")... Remounting /var/lib/machines/fedora-rawhide/sys/fs/selinux (MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_BIND|MS_REMOUNT "")... Mounting proc on /proc (MS_NOSUID|MS_NOEXEC|MS_NODEV "")... Bind-mounting /proc/sys on /proc/sys (MS_BIND "")... Remounting /proc/sys (MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_BIND|MS_REMOUNT "")... Bind-mounting /proc/sysrq-trigger on /proc/sysrq-trigger (MS_BIND "")... Remounting /proc/sysrq-trigger (MS_RDONLY|MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_BIND|MS_REMOUNT "")... Mounting tmpfs on /tmp (MS_STRICTATIME "mode=1777,uid=0,gid=0")... Mounting tmpfs on /sys/fs/cgroup (MS_NOSUID|MS_NOEXEC|MS_NODEV|MS_STRICTATIME "mode=755,uid=0,gid=0")... Mounting cgroup on /sys/fs/cgroup/systemd (MS_NOSUID|MS_NOEXEC|MS_NODEV "none,name=systemd,xattr")... Failed to mount cgroup on /sys/fs/cgroup/systemd (MS_NOSUID|MS_NOEXEC|MS_NODEV "none,name=systemd,xattr"): No such file or directory
2016-10-11nspawn: small cleanups in get_controllers()Zbigniew Jędrzejewski-Szmek
- check for oom after strdup - no need to truncate the line since we're only extracting one field anyway - use STR_IN_SET
2016-10-11nspawn: simplify arg_us_cgns passingZbigniew Jędrzejewski-Szmek
We would check the condition cg_ns_supported() twice. No functional change.
2016-10-11core: chown() any TTY used for stdin, not just when StandardInput=tty is ↵Lennart Poettering
used (#4347) If stdin is supplied as an fd for transient units (using the StandardInputFileDescriptor pseudo-property for transient units), then we should also fix up the TTY ownership, not just when we opened the TTY ourselves. This simply drops the explicit is_terminal_input()-based check. Note that chown_terminal() internally does a much more appropriate isatty()-based check anyway, hence we can drop this without replacement. Fixes: #4260
2016-10-11resolve: remove unsed counter (#4349)Thomas H. P. Andersen
It was introduced but never used in 45ec7efb.
2016-10-11Merge pull request #4348 from poettering/docfixesZbigniew Jędrzejewski-Szmek
Various smaller documentation fixes.
2016-10-11Merge pull request #4067 from poettering/invocation-idZbigniew Jędrzejewski-Szmek
Add an "invocation ID" concept to the service manager
2016-10-11man: avoid using the term "loaded" for units currently in memory, since we ↵Lennart Poettering
also have a unit state of that name Fixes: #3971
2016-10-11pager: tiny beautificationLennart Poettering
2016-10-11udevadm: use parse_sec instead of atoi for timeout option (#4331)Stefan Schweter
log_error method is used instead of fprintf
2016-10-10Merge pull request #4337 from poettering/exit-codeZbigniew Jędrzejewski-Szmek
Fix for #4275 and more
2016-10-10resolved: initialize variable (#4338)Thomas H. P. Andersen
r was not initialized and would be used if "tcp" was the only option used for the stub. We should initialize it to 0 to indicate that no error happened in the udp case.