summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2016-10-11udevadm: use parse_sec instead of atoi for timeout option (#4331)Stefan Schweter
log_error method is used instead of fprintf
2016-10-10Merge pull request #4337 from poettering/exit-codeZbigniew Jędrzejewski-Szmek
Fix for #4275 and more
2016-10-10resolved: initialize variable (#4338)Thomas H. P. Andersen
r was not initialized and would be used if "tcp" was the only option used for the stub. We should initialize it to 0 to indicate that no error happened in the udp case.
2016-10-10Merge pull request #4336 from dandedrick/journal-remote-non-blockingMartin Pitt
Journal remote non blocking
2016-10-10core: simplify if branches a bitLennart Poettering
We do the same thing in two branches, let's merge them. Let's also add an explanatory comment, while we are at it.
2016-10-10core: make use of IN_SET() in various places in mount.cLennart Poettering
2016-10-10core: when determining whether a process exit status is clean, consider ↵Lennart Poettering
whether it is a command or a daemon SIGTERM should be considered a clean exit code for daemons (i.e. long-running processes, as a daemon without SIGTERM handler may be shut down without issues via SIGTERM still) while it should not be considered a clean exit code for commands (i.e. short-running processes). Let's add two different clean checking modes for this, and use the right one at the appropriate places. Fixes: #4275
2016-10-10core: lower exit status "level" at one placeLennart Poettering
When we print information about PID 1's crashdump subprocess failing. In this case we *know* that we do not generate LSB exit codes, as it's basically PID 1 itself that exited there.
2016-10-10main: use strdup instead of free_and_strdup to initialize default unit (#4335)0xAX
Previously we've used free_and_strdup() to fill arg_default_unit with unit name, If we didn't pass default unit name through a kernel command line or command line arguments. But we can use just strdup() instead of free_and_strdup() for this, because we will start fill arg_default_unit only if it wasn't set before.
2016-10-10exit-status: kill is_clean_exit_lsb(), move logic to sysv-generatorLennart Poettering
Let's get rid of is_clean_exit_lsb(), let's move the logic for the special handling of the two LSB exit codes into the sysv-generator by writing out appropriate SuccessExitStatus= lines if the LSB header exists. This is not only semantically more correct, bug also fixes a bug as the code in service.c that chose between is_clean_exit_lsb() and is_clean_exit() based this check on whether a native unit files was available for the unit. However, that check was bogus since a long time, since the SysV generator was introduced and native SysV script support was removed from PID 1, as in that case a unit file always existed.
2016-10-10journal-remote: make the child pipe non-blockingDan Dedrick
We are going to add this child as a source to our event loop so we don't want to block when reading data from it as this will prevent us from processing other events. Specifically this will block the signalfds which means if we are waiting for data from curl we won't handle SIGTERM or SIGINT until we happen to get more data.
2016-10-10install: let's always refer to the actual setting in errorsLennart Poettering
2016-10-10exit-status: reorder the exit status switch tableLennart Poettering
Let's make sure it's in the same order as the actual enum defining the exit statuses.
2016-10-10exit-status: remove ExitStatus typedefLennart Poettering
Do not make up our own type for ExitStatus, but use the type used by POSIX for this, which is "int". In particular as we never used that type outside of the definition of exit_status_to_string() where we internally cast the paramter to (int) every single time we used it. Hence, let's simplify things, drop the type and use the kernel type directly.
2016-10-10networkd: rename Rename CheckSum → Checksum (#4312)Susant Sahani
2016-10-10Merge pull request #4332 from keszybz/nspawn-arguments-3Lennart Poettering
nspawn --private-users parsing, v2
2016-10-10tree-wide: pass return value of make_null_stdio() to warning instead of ↵0xAX
errno (#4328) as @poettering suggested in the #4320
2016-10-10Merge pull request #4310 from keszybz/nspawn-autodetectEvgeny Vereshchagin
Autodetect systemd version in containers started by systemd-nspawn
2016-10-10nspawn: better error messages for parsing errorsZbigniew Jędrzejewski-Szmek
In particular, the check for arg_uid_range <= 0 is moved to the end, so that "foobar:0" gives "Failed to parse UID", and not "UID range cannot be 0.".
2016-10-10nspawn,man: fix parsing of numeric args for --private-users, accept any booleanZbigniew Jędrzejewski-Szmek
This is like the previous reverted commit, but any boolean is still accepted, not just "yes" and "no". Man page is adjusted to match the code.
2016-10-10Revert "nspawn: fix parsing of numeric arguments for --private-users"Zbigniew Jędrzejewski-Szmek
This reverts commit bfd292ec35c7b768f9fb5cff4d921f3133e62b19.
2016-10-10login: drop fedora-specific PAM config, add note to DISTRO_PORTING (#4314)Felipe Sateler
It is impossible to ship a fully generic PAM configuration upstream. Therefore, ship a minimal configuration with the systemd --user requirements, and add a note to DISTRO_PORTING documenting this. Fixes #4284
2016-10-10Merge pull request #4323 from keszybz/resolved-in-usernsLennart Poettering
A fix to get resolved to start in userns
2016-10-09main: initialize default unit little later (#4321)0xAX
systemd fills arg_default_unit during startup with default.target value. But arg_default_unit may be overwritten in parse_argv() or parse_proc_cmdline_item(). Let's check value of arg_default_unit after calls of parse_argv() and parse_proc_cmdline_item() and fill it with default.target if it wasn't filled before. In this way we will not spend unnecessary time to for filling arg_default_unit with default.target.
2016-10-09tree-wide: print warning in a failure case of make_null_stdio() (#4320)0xAX
The make_null_stdio() may fail. Let's check its result and print warning message instead of keeping silence.
2016-10-09resolved: also disable stub listener on EPERMZbigniew Jędrzejewski-Szmek
When running in a user namespace without private networking, resolved would fail to start. There isn't much difference between EADDRINUSE and EPERM, so treat them the same, except for the warning message text.
2016-10-09resolved: simplify error handling in manager_dns_stub_{udp,tcp}_fd()Zbigniew Jędrzejewski-Szmek
Make sure an error is always printed… When systemd-resolved is started in a user namespace without private network, it would fail on setsockopt, but the error wouldn't be particularly informative: "Failed to start manager: permission denied."
2016-10-10Merge pull request #4319 from keszybz/nspawn-argumentsEvgeny Vereshchagin
Nspawn arguments parsing and man page update
2016-10-09sd-boot: trigger to record further logs to tcg 2.0 final event log area (#4302)Lans Zhang
According to TCG EFI Protocol Specification for TPM 2.0 family, all events generated after the invocation of EFI_TCG2_GET_EVENT_LOG shall be stored in an instance of an EFI_CONFIGURATION_TABLE aka EFI TCG 2.0 final events table. Hence, it is necessary to trigger the internal switch through calling get_event_log() in order to allow to retrieve the logs from OS runtime. msekletar: > I've looked at EDK2 and indeed log entry is added to FinalEventsTable only after > EFI_TCG2_PROTOCOL.GetEventLog was called[1][2]. Also, same patch was currently > merged to shim by Peter Jones [3]. [1] https://github.com/tianocore/edk2/blob/master/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c#L698 [2] https://github.com/tianocore/edk2/blob/master/SecurityPkg/Tcg/Tcg2Dxe/Tcg2Dxe.c#L824 [3] rhinstaller/shim#64
2016-10-09nspawn: fix parsing of numeric arguments for --private-usersZbigniew Jędrzejewski-Szmek
The documentation says lists "yes", "no", "pick", and numeric arguments. But parse_boolean was attempted first, so various numeric arguments were misinterpreted. In particular, this fixes --private-users=0 to mean the same thing as --private-users=0:65536. While at it, use strndupa to avoid some error handling. Also give a better error for an empty UID range. I think it's likely that people will use --private-users=0:0 thinking that the argument means UID:GID.
2016-10-09nspawn: reindent tableZbigniew Jędrzejewski-Szmek
2016-10-08nspawn: also fall back to legacy cgroup hierarchy for old containersZbigniew Jędrzejewski-Szmek
Current systemd version detection routine cannot detect systemd 230, only systmed >= 231. This means that we'll still use the legacy hierarchy in some cases where we wouldn't have too. If somebody figures out a nice way to detect systemd 230 this can be later improved.
2016-10-08machinectl: enable pager on help (#4313)0xAX
as its output is fairly long.
2016-10-08nspawn: use mixed cgroup hierarchy only when container has new systemdZbigniew Jędrzejewski-Szmek
systemd-soon-to-be-released-232 is able to deal with the mixed hierarchy. So make an educated guess, and use the mixed hierarchy in that case. Tested by running the host with mixed hierarchy (i.e. simply using a recent kernel with systemd from git), and booting first a container with older systemd, and then one with a newer systemd. Fixes #4008.
2016-10-08nspawn: fix spurious reboot if container process returns 133Zbigniew Jędrzejewski-Szmek
2016-10-08nspawn: move the main loop body out to a new functionZbigniew Jędrzejewski-Szmek
The new function has 416 lines by itself! "return log_error_errno" is used to nicely reduce the volume of error handling code. A few minor issues are fixed on the way: - positive value was used as error value (EIO), causing systemd-nspawn to return success, even though it shouldn't. - In two places random values were used as error status, when the actual value was in an unusual place (etc_password_lock, notify_socket). Those are the only functional changes. There is another potential issue, which is marked with a comment, and left unresolved: the container can also return 133 by itself, causing a spurious reboot.
2016-10-08nspawn: check env var first, detect secondZbigniew Jędrzejewski-Szmek
If we are going to use the env var to override the detection result anyway, there is not point in doing the detection, especially that it can fail.
2016-10-08path-util: add a function to peek into a container and guess systemd versionZbigniew Jędrzejewski-Szmek
This is a bit crude and only works for new systemd versions which have libsystemd-shared.
2016-10-08systemd-resolve: use sha256 for local-part of openpgp key (#4193)Stefan Schweter
2016-10-08networkd: address add support to configure flags (#4201)Susant Sahani
This patch enables to configure IFA_F_HOMEADDRESS IFA_F_NODAD IFA_F_MANAGETEMPADDR IFA_F_NOPREFIXROUTE IFA_F_MCAUTOJOIN
2016-10-07Merge pull request #4061 from dm0-/coreos-1545Lennart Poettering
resolved: add an option to disable the stub resolver
2016-10-07resolved: add an option to control the DNS stub listenerDavid Michael
2016-10-07Merge pull request #4304 from poettering/notify-nul-checkLennart Poettering
3 minor improvements for notification message handling
2016-10-07core: only warn on short reads on signal fdZbigniew Jędrzejewski-Szmek
2016-10-07networkd: remote checksum offload for vxlan (#4110)Susant Sahani
This patch adds support to remote checksum checksum offload to VXLAN. This patch adds RemoteCheckSumTx and RemoteCheckSumRx vxlan configuration to enable remote checksum offload for transmit and receive on the VXLAN tunnel.
2016-10-07architecture: Add support for the RISC-V architecture. (#4305)rwmjones
RISC-V is an open source ISA in development since 2010 at UCB. For more information, see https://riscv.org/ I am adding RISC-V support to Fedora: https://fedoraproject.org/wiki/Architectures/RISC-V There are three major variants of the architecture (32-, 64- and 128-bit). The 128-bit variant is a paper exercise, but the other two really exist in silicon. RISC-V is always little endian. On Linux, the default kernel uname(2) can return "riscv" for all variants. However a patch was added recently which makes the kernel return one of "riscv32" or "riscv64" (or in future "riscv128"). So systemd should be prepared to handle any of "riscv", "riscv32" or "riscv64" (in future, "riscv128" but that is not included in the current patch). If the kernel returns "riscv" then you need to use the pointer size in order to know the real variant. The Fedora/RISC-V kernel only ever returns "riscv64" since we're only doing Fedora for 64 bit at the moment, and we've patched the kernel so it doesn't return "riscv". As well as the major bitsize variants, there are also architecture extensions. However I'm trying to ensure that uname(2) does *not* return any other information about those in utsname.machine, so that we don't end up with "riscv64abcde" nonsense. Instead those extensions will be exposed in /proc/cpuinfo similar to how flags work in x86.
2016-10-07manager: tighten incoming notification message checksLennart Poettering
Let's not accept datagrams with embedded NUL bytes. Previously we'd simply ignore everything after the first NUL byte. But given that sending us that is pretty ugly let's instead complain and refuse. With this change we'll only accept messages that have exactly zero or one NUL bytes at the very end of the datagram.
2016-10-07manager: be stricter with incomining notifications, warn properly about too ↵Lennart Poettering
large ones Let's make the kernel let us know the full, original datagram size of the incoming message. If it's larger than the buffer space provided by us, drop the whole message with a warning. Before this change the kernel would truncate the message for us to the buffer space provided, and we'd not complain about this, and simply process the incomplete message as far as it made sense.
2016-10-07manager: don't ever busy loop when we get a notification message we can't ↵Lennart Poettering
process If the kernel doesn't permit us to dequeue/process an incoming notification datagram message it's still better to stop processing the notification messages altogether than to enter a busy loop where we keep getting notified but can't do a thing about it. With this change, manager_dispatch_notify_fd() behaviour is changed like this: - if an error indicating a spurious wake-up is seen on recvmsg(), ignore it (EAGAIN/EINTR) - if any other error is seen on recvmsg() propagate it, thus disabling processing of further wakeups - if any error is seen on later code in the function, warn about it but do not propagate it, as in this cas we're not going to busy loop as the offending message is already dequeued.
2016-10-06core: add possibility to set action for ctrl-alt-del burst (#4105)Lukáš Nykrýn
For some certification, it should not be possible to reboot the machine through ctrl-alt-delete. Currently we suggest our customers to mask the ctrl-alt-delete target, but that is obviously not enough. Patching the keymaps to disable that is really not a way to go for them, because the settings need to be easily checked by some SCAP tools.