summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2014-02-18nspawn: x86 is special with its socketcall() semantics, be permissive in the ↵Lennart Poettering
seccomp setup
2014-02-18seccomp: add helper call to add all secondary archs to a seccomp filterLennart Poettering
And make use of it where appropriate for executing services and for nspawn.
2014-02-18nspawn: allow 32-bit chroots from 64-bit hostsDave Reisner
Arch Linux uses nspawn as a container for building packages and needs to be able to start a 32bit chroot from a 64bit host. 24fb11120756 disrupted this feature when seccomp handling was added.
2014-02-18load-modules: properly return a failing error code if some module fails to loadLennart Poettering
This is the missing part of b857193b1def5172e3641ca1d5bc9e08ae81aac4.
2014-02-18machinectl: remove unused --no-ask-passwordThomas Hindoe Paaboel Andersen
2014-02-18machinectl: add bash completionThomas Hindoe Paaboel Andersen
2014-02-18man: minor fixes to networkd pageTom Gundersen
Also enforce that we don't allow setting the Broadcast for IPv6 addresses.
2014-02-18libsystemd-dhcp: Add a full DHCP address acquisition test casePatrik Flykt
Upon startup the DHCP library will immediately send a DHCP Discover. Handle the additional DHCP Discover checking and DHCP Offer sending in test_addr_acq_recv_discover(). Write a zero UDP checksum, the received XID and the faked MAC address into place to create a DHCP message the library can accept. Follow exactly the same steps when receiving a DHCP Request in test_addr_acq_recv_request() and send the Ack. Check that the proper addresses have been found by the DHCP library before exiting the main loop and finishing the test.
2014-02-18libsystemd-dhcp: Factor out test code for DHCP message verificationPatrik Flykt
Add a callback function that will handle the test case specific checking.
2014-02-18libsystemd-dhcp: Add capability to print out test stepsPatrik Flykt
2014-02-18sd-rtnl-message: store reference to the bus in the messageTom Gundersen
This mimics the sd-bus api, as we may need it in the future.
2014-02-17Remove unused variable and two function stubsZbigniew Jędrzejewski-Szmek
2014-02-18util: generalize code that checks whether PIDs are alive or unwaited forLennart Poettering
2014-02-17doc: update punctuationJan Engelhardt
Resolve spotted issues related to missing or extraneous commas, dashes.
2014-02-17core: more exact test on the procfs special string "(deleted)"Jan Engelhardt
In other parts of systemd, the code checks for " (deleted)", but in one instance, it did not (yet). Make it do the same.
2014-02-17networkd: act on lease only if there is oneUmut Tezduyar Lindskog
Interface could go down before acquiring a dhcp lease
2014-02-17Fix gperf syntaxJasper St. Pierre
If we put a closing bracket on its own line, gperf will complain about empty lines. Only occurs if the option in question is disabled. So fix the m4 macros to work properly in both cases.
2014-02-17core: warn when unit files with unsupported options are parsedLennart Poettering
2014-02-17core: store and expose SELinuxContext field normalized as bool + stringLennart Poettering
2014-02-17main: make gcc shut upLennart Poettering
2014-02-17core: fixate show_status earlier, so that we actually print the welcome messageLennart Poettering
Previously, we'd fixed show_state only after printing the welcome message which had the effect that the welcome message was almost always suppressed.
2014-02-17core: find the closest parent slice that has a specfic cgroup controller ↵Lennart Poettering
enabled when enabling/disabling cgroup controllers for units
2014-02-17core: fix property changes in transient unitsLennart Poettering
2014-02-17unit: slice dependencies should not be subject to DefaultDependenciesLennart Poettering
2014-02-17main: don't set no_new_privs when using SystemCallArchitectures= system-wideLennart Poettering
After all, we want to allow userspace to get new privs...
2014-02-17nspawn: netns_fd can be removed nowLennart Poettering
2014-02-17core: rework cgroup mask propagationLennart Poettering
Previously a cgroup setting down tree would result in cgroup membership additions being propagated up the tree and to the siblings, however a unit could never lose cgroup memberships again. With this change we'll make sure that both cgroup additions and removals propagate properly.
2014-02-17Pass log config from systemd to systemd-shutdownZbigniew Jędrzejewski-Szmek
If PID 1 debug logging is enabled, it is nice to keep those settings when switching to systemd-shutdown binary, independently of whether this was done through /proc/cmdline options, or through runtime manipulations.
2014-02-17Some modernizationsZbigniew Jędrzejewski-Szmek
2014-02-17Extract looping over /proc/cmdline into a shared functionZbigniew Jędrzejewski-Szmek
In cryptsetup-generator automatic cleanup had to be replaced with manual cleanup, and the code gets a bit longer. But existing code had the issue that it returned negative values from main(), which was wrong, so should be reworked anyway.
2014-02-17logind: close race on session state during loginsDjalal Harouni
At login there is a small race window where session_get_state() will return SESSION_ACTIVE instead of SESSION_OPENING. This must be fixed since during that time there are calls to session_save() to save session states and we want to write the correct state. When we queue the start scope and service jobs, we wait for both of them to finish before calling and continue processing in: "session_jobs_reply() => session_send_create_reply()" to create the session fifo and notify clients. However, in the match_job_removed() D-Bus signal, we may hit situations where the scope job has successfully finished and we are still waiting for the user service job to finish. During that time the "session->scope_job" will be freed and set to NULL, this makes session_get_state() return SESSION_ACTIVE before it is really active, it should return SESSION_OPENING since we are still waiting for the service job to finish in order to create the session fifo. To fix this, we also check if the session fifo fd was created, if so then the session has entered the SESSION_ACTIVE state, if not then it is still in the SESSION_OPENING state and it is waiting for the scope and service jobs to finish.
2014-02-16sd-dhcp: silently ignore malformed packetsTom Gundersen
This fixes a regression introduced in e5002702.
2014-02-16sd-rtnl: do not require ifindex to be set for SETLINK messagesTom Gundersen
The kernel will then look up the ifindex itself based on the name. This should be used very carefully as it is racey. [This was a left-over hunk from my previous nspawn patch.]
2014-02-16nspawn: typo fix in helpThomas Hindoe Paaboel Andersen
2014-02-16nspawn: add new --network-bridge= switchTom Gundersen
This adds the host side of the veth link to the given bridge. Also refactor the creation of the veth interfaces a bit to set it up from the host rather than the container. This simplifies the addition to the bridge, but otherwise the behavior is unchanged.
2014-02-16Add white space between _XZ_FEATURE_ and _SECCOMP_FEATURE_Djalal Harouni
2014-02-16bus: fix match_parse for unquoted matchesSimon Peeters
2014-02-16core: check for return value from get_process_stateYuxuan Shui
Fix for commit e10c9985bb.
2014-02-15sd-dhcp: network - don't hardcode portsTom Gundersen
We want to reuse these functions for the server library too.
2014-02-15sd-rtnl: always include linux/rtnetlink.hTom Gundersen
2014-02-15sd-dhcp: minimum options size is part of the protocolTom Gundersen
2014-02-15sd-dhcp-client: explicitly handle raw and udp messagesTom Gundersen
Split the recevie_message callback into _raw and _udp parts and a generic DHCPMessage handler. Also always verify the xid/MAC, rather than only for udp messages.
2014-02-15sd-rtnl: message_open_container - don't take a 'size' argumentTom Gundersen
We can always know the size based on the type, so let's do this inside the library.
2014-02-15sd-rtnl: link flags - don't allow change = 0Tom Gundersen
The kernel will happily treat 0x0 as 0xffffffff, but it is for backwards compatibility only, so let's not perpetuate this.
2014-02-14Fix prototype of get_process_stateZbigniew Jędrzejewski-Szmek
2014-02-15util: fix mismatching function signatureKay Sievers
2014-02-14core: fix detection of dead processesYuxuan Shui
Commit 5ba6985b moves the UNIT_VTABLE(u)->sigchld_event before systemd actually reaps the zombie. Which leads to service_load_pid_file accepting zombie as a valid pid. This fixes timeouts like: [ 2746.602243] systemd[1]: chronyd.service stop-sigterm timed out. Killing. [ 2836.852545] systemd[1]: chronyd.service still around after SIGKILL. Ignoring. [ 2927.102187] systemd[1]: chronyd.service stop-final-sigterm timed out. Killing. [ 3017.352560] systemd[1]: chronyd.service still around after final SIGKILL. Entering failed mode.
2014-02-14nspawn: if we don't find bash, try shLennart Poettering
2014-02-14nspawn: don't accept just any tree to executeLennart Poettering
When invoked without -D in an arbitrary directory we should not try to execute anything, make some validity checks first.
2014-02-14localectl: log error if bus_map_all_properties() failsDjalal Harouni