summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2016-07-21bootctl: make use of STRV_FOREACH() where we canLennart Poettering
2016-07-21bootctl: rework to use common verbs parsing, and add searching of ESP pathLennart Poettering
This rearranges bootctl a bit, so that it uses the usual verbs parsing routines, and automatically searches the ESP in /boot, /efi or /boot/efi, thus increasing compatibility with mainstream distros that insist on /boot/efi. This also adds minimal support for running bootctl in a container environment: when run inside a container verification of the ESP via raw block device access, trusting the container manager to mount the ESP correctly. Moreover, EFI variables are not accessed when running in the container.
2016-07-21bootctl: fix error message checkLennart Poettering
2016-07-21bootctl: minor coding style improvementsLennart Poettering
2016-07-21nspawn: if an ESP is part of the disk image to operate on, mount it to /efi ↵Lennart Poettering
or /boot Matching the behaviour of gpt-auto-generator, if we find an ESP while dissecting a container image, mount it to /efi or /boot if those dirs exist and are empty. This should enable us to run "bootctl" inside a container and do the right thing.
2016-07-21gpt-generator: use /efi as mount point for the ESP if it existsLennart Poettering
Let's make the EFI generator a bit smarter: if /efi exists it is used as mount point for the ESP, otherwise /boot is used. This should increase compatibility with distros which use legacy boot loaders that insist on having /boot as something that isn't the ESP.
2016-07-21Merge pull request #3770 from AlexanderKurtz/masterLennart Poettering
bootctl: Always use upper case for "/EFI/BOOT" and "/EFI/BOOT/BOOT*.EFI".
2016-07-21core: remove duplicate includes (#3771)Thomas H. P. Andersen
2016-07-21bootctl: Always use upper case for "/EFI/BOOT" and "/EFI/BOOT/BOOT*.EFI".Alexander Kurtz
If the ESP is not mounted with "iocharset=ascii", but with "iocharset=utf8" (which is for example the default in Debian), the file system becomes case sensitive. This means that a file created as "FooBarBaz" cannot be accessed as "foobarbaz" since those are then considered different files. Moreover, a file created as "FooBar" can then also not be accessed as "foobar", and it also prevents such a file from being created, as both would use the same 8.3 short name "FOOBAR". Even though the UEFI specification [0] does give the canonical spelling for the files mentioned above, not all implementations completely conform to that, so it's possible that those files would already exist, but with a different spelling, causing subtle bugs when scanning or modifying the ESP. While the proper fix would of course be that everybody conformed to the standard, we can work around this problem by just referencing the files by their 8.3 short names, i.e. using upper case. Fixes: #3740 [0] <http://www.uefi.org/specifications>, version 2.6, section 3.5.1.1
2016-07-21bootctl: Use lower case string constants in case-insensitive comparisons.Alexander Kurtz
2016-07-20namespace: fix wrong return value from mount(2) (#3758)Topi Miettinen
Fix bug introduced by #3263: mount(2) return value is 0 or -1, not errno. Thanks to Evgeny Vereshchagin (@evverx) for reporting.
2016-07-20namespace: minor improvementsLennart Poettering
We generally try to avoid strerror(), due to its threads-unsafety, let's do this here, too. Also, let's be tiny bit more explanatory with the log messages, and let's shorten a few things.
2016-07-20core: hide legacy bus propertiesLennart Poettering
We usually hide legacy bus properties from introspection. Let's do that for the InaccessibleDirectories= properties too. The properties stay accessible if requested, but they won't be listed anymore if people introspect the unit.
2016-07-19Merge pull request #3685 from kinvolk/alessandro/inaccessible-pathsLennart Poettering
namespace: unify limit behavior on non-directory paths
2016-07-19sd-journal: suppress empty linesLennart Poettering
Let's make sure our logging APIs is in sync with how stdout/stderr logging works.
2016-07-19doc,core: Read{Write,Only}Paths= and InaccessiblePaths=Alessandro Puccetti
This patch renames Read{Write,Only}Directories= and InaccessibleDirectories= to Read{Write,Only}Paths= and InaccessiblePaths=, previous names are kept as aliases but they are not advertised in the documentation. Renamed variables: `read_write_dirs` --> `read_write_paths` `read_only_dirs` --> `read_only_paths` `inaccessible_dirs` --> `inaccessible_paths`
2016-07-19namespace: unify limit behavior on non-directory pathsAlessandro Puccetti
Despite the name, `Read{Write,Only}Directories=` already allows for regular file paths to be masked. This commit adds the same behavior to `InaccessibleDirectories=` and makes it explicit in the doc. This patch introduces `/run/systemd/inaccessible/{reg,dir,chr,blk,fifo,sock}` {dile,device}nodes and mounts on the appropriate one the paths specified in `InacessibleDirectories=`. Based on Luca's patch from https://github.com/systemd/systemd/pull/3327
2016-07-19journalctl: make sure that journalctl's --all switch also has an effect on ↵Lennart Poettering
json output With this change, binary record data is formatted as string if --all is specified when using json output. This is inline with the effect of --all on the other available output modes. Fixes: #3416
2016-07-19sd-journal: when formatting log messages, implicitly strip trailing whitespaceLennart Poettering
When converting log messages from human readable text into binary records to send off to journald in sd_journal_print(), strip trailing whitespace in the log message. This way, handling of logs made via syslog(), stdout/stderr and sd_journal_print() are treated the same way: trailing (but not leading) whitespace is automatically removed, in particular \n and \r. Note that in case of syslog() and stdout/stderr based logging the stripping takes place server-side though, while for the native protocol based transport this takes place client-side. This is because in the former cases conversion from free-form human-readable strings into structured, binary log records takes place on the server-side while for journal-native logging it happens on the client side, and after conversion into binary records we probably shouldn't alter the data anymore. See: #3416
2016-07-19kernel-install: recognize /boot/efi mountpoint (#3751)Harald Hoyer
install everything in /boot/efi, if this is a mountpoint
2016-07-18resolved: replace bitwise and with logical andThomas Hindoe Paaboel Andersen
2016-07-18treewide: remove unused variablesThomas Hindoe Paaboel Andersen
2016-07-18basic: fix whitespaceThomas Hindoe Paaboel Andersen
2016-07-18network: fix indentationThomas Hindoe Paaboel Andersen
2016-07-18sd-boot: Fix waiting for keyboard input (#3735)Jan Janssen
WaitForKeyEx may never return on some UEFI systems depending on firmware, hardware configuration and the phase of the moon. Use ConIn->WaitForKey unconditionally instead. Fixes #3632
2016-07-18nspawn: decrease mkdir error logging in /sys to debug priority (#3748)tblume
Such mkdir errors happen for example when trying to mkdir /sys/fs/selinux. /sys is documented to be readonly in the container, so mkdir errors below /sys can be expected. They shouldn't be logged as warnings since they lead users to think that there is something wrong.
2016-07-18Merge pull request #3745 from keszybz/fix-make-nulstr-confusionLennart Poettering
Fix make nulstr confusion
2016-07-18Merge pull request #3746 from keszybz/trivial-fixesDaniel Mack
Trivial fixes
2016-07-17Drop parentheses in two placesZbigniew Jędrzejewski-Szmek
2016-07-17systemd-resolve: remove spurious newline with no global settingsZbigniew Jędrzejewski-Szmek
2016-07-17systemd-resolve: use plural "DNS Servers"Zbigniew Jędrzejewski-Szmek
Usually multiple DNS servers are configured, and it looks strange to have singular in the heading.
2016-07-17basic/strv: add an extra NUL after strings in strv_make_nulstrZbigniew Jędrzejewski-Szmek
strv_make_nulstr was creating a nulstr which was not a valid nulstr, because it was missing the terminating NUL. This didn't cause any issues, because strv_parse_nulstr correctly parsed the result, using the separately specified length. But it's confusing to have something called nulstr which really isn't. It is likely that somebody will try to use strv_make_nulstr() in some other place, incorrectly. This patch changes strv_parse_nulstr() to produce a valid nulstr, and changes the output length parameter to be the minimum number of bytes which can be later on parsed by strv_parse_nulstr(). This allows the only user in ask-password-api to be slightly simplified. Based-on-patch-by: Jean-Sébastien Bour <jean-sebastien@bour.name> Fixes #3689.
2016-07-17basic/strv: exhibit strv_make_nulstr missing final NUL char ↵Jean-Sébastien Bour
(systemd/systemd#3689)
2016-07-16manager: don't skip sigchld handler for main and control pid for services ↵Lukáš Nykrýn
(#3738) During stop when service has one "regular" pid one main pid and one control pid and the sighld for the regular one is processed first the unit_tidy_watch_pids will skip the main and control pid and does not remove them from u->pids(). But then we skip the sigchld event because we already did one in the iteration and there are two pids in u->pids. v2: Use general unit_main_pid() and unit_control_pid() instead of reaching directly to service structure.
2016-07-15networkd: fix for 3692 (#3699)Susant Sahani
We should look that the kind is invalid rather than pointer is NULL.
2016-07-15tree-wide: get rid of selinux_context_t (#3732)Zbigniew Jędrzejewski-Szmek
https://github.com/SELinuxProject/selinux/commit/9eb9c9327563014ad6a807814e7975424642d5b9 deprecated selinux_context_t. Replace with a simple char* everywhere. Alternative fix for #3719.
2016-07-15udev: Line buffer 'udev monitor' output (#3733)Stef Walter
Callers of the 'udev monitor' tool expect to see output when an event occurs. The stdio buffering defeats that. This patch switches it to line buffering.
2016-07-15macros: provide %_systemdgeneratordir and %_systemdusergeneratordir (#3672)Zbigniew Jędrzejewski-Szmek
... as requested in https://lists.fedoraproject.org/archives/list/devel@lists.fedoraproject.org/message/DJ7HDNRM5JGBSA4HL3UWW5ZGLQDJ6Y7M/. Adding the macro makes it marginally easier to create generators for outside projects. I opted for "generatordir" and "usergeneratordir" to match %unitdir and %userunitdir. OTOH, "_systemd" prefix makes it obvious that this is related to systemd. "%_generatordir" would be to generic of a name.
2016-07-14network-ndisc: avoid VLAs (#3725)Daniel Mack
Do not allocate objects of dynamic and potentially large size on the stack to avoid both clang compilation errors and unpredictable runtime behavior on exotic platforms. Use the heap for that instead. While at it, refactor the code a bit. Access 's->domain' via NDISC_DNSSL_DOMAIN(), and refrain from allocating 'x' independently, but rather reuse 's' if we're dealing with a new entry to the set. Fixes #3717
2016-07-14Merge pull request #3709 from poettering/journald-shutdown-syncZbigniew Jędrzejewski-Szmek
journald-related shutdown fixes for slow I/O
2016-07-14Fix tablet detection, by replicating decision tree of non-multi-touch axes ↵Andreas Pokorny
(#3724) Signed-off-by: Andreas Pokorny <andreas.pokorny@canonical.com>
2016-07-14basic/mount-util: recognize ocfs2 as network fs (#3713)Valentin Vidić
2016-07-12shutdown: already sync IO before we enter the final killing spreeLennart Poettering
This way, slow IO journald has to wait for can't cause it to reach the killing spree timeout and is hit by SIGKILL in addition to SIGTERM.
2016-07-12shutdown: use 90s SIGKILL timeoutLennart Poettering
There's really no reason to use 10s here, let's instead default to 90s like we do for everything else. The SIGKILL during the final killing spree is in most regards the fourth level of a safety net, after all: any normal service should have already been stopped during the normal service shutdown logic, first via SIGTERM and then SIGKILL, and then also via SIGTERM during the finall killing spree before we send SIGKILL. And as a fourth level safety net it should only be required in exceptional cases, which means it's safe to rais the default timeout, as normal shutdowns should never be delayed by it. Note that journald excludes itself from the normal service shutdown, and relies on the final killing spree to terminate it (this is because it wants to cover the normal shutdown phase's complete logging). If the system's IO is excessively slow, then the 10s might not be enough for journald to sync everything to disk and logs might get lost during shutdown.
2016-07-12Various fixes for typos found by lintian (#3705)Michael Biebl
2016-07-12seccomp: only abort on syscall name resolution failures (#3701)Luca Bruno
seccomp_syscall_resolve_name() can return a mix of positive and negative (pseudo-) syscall numbers, while errors are signaled via __NR_SCMP_ERROR. This commit lets the syscall filter parser only abort on real parsing failures, letting libseccomp handle pseudo-syscall number on its own and allowing proper multiplexed syscalls filtering.
2016-07-11treewide: fix typos and remove accidental repetition of wordsTorstein Husebø
2016-07-08udevadm: explicitly relabel /etc/udev/hwdb.bin after rename (#3686)Michal Sekletar
This is basically the same change as ea68351.
2016-07-08Merge pull request #3680 from joukewitteveen/pam-envEvgeny Vereshchagin
Follow up on #3503 (pass service env vars to PAM sessions)
2016-07-08execute: Do not alter call-by-ref parameter on failureJouke Witteveen
Prevent free from being called on (a part of) the call-by-reference variable env when setup_pam fails.