summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2016-05-11logind: introduce LockedHint and SetLockedHint (#3238)Victor Toso
Desktop environments can keep this property up to date to allow applications to easily track session's Lock status.
2016-05-11coredump: use next_datagram_size_fd instead of ioctl(FIONREAD) (#3237)Evgeny Vereshchagin
We need to be sure that the size returned here actually matches what we will read with recvmsg() next Fixes #2984
2016-05-10Merge pull request #3220 from keszybz/install-fixesLennart Poettering
Fix "preset-all" with dangling symlinks and install-section hint emitted too eagerly
2016-05-09locale-util: mark special_glyph() as _const_Zbigniew Jędrzejewski-Szmek
_const_ means that the caller can assume that the function will return the same result every time (and will not modify global memory). special_glyph() meets this: even though it depends on global memory, that part of global memory is not expected to change. This allows the calls to special_glyph() to be optimized, even if -flto is not used.
2016-05-09tree-wide: rename draw_special_char to special_glyphZbigniew Jędrzejewski-Szmek
That function doesn't draw anything on it's own, just returns a string, which sometimes is more than one character. Also remove "DRAW_" prefix from character names, TREE_* and ARROW and BLACK_CIRCLE are unambigous on their own, don't draw anything, and are always used as an argument to special_glyph(). Rename "DASH" to "MDASH", as there's more than one type of dash.
2016-05-09shared/install: use "→" instead of "pointing to" for a symlinkZbigniew Jędrzejewski-Szmek
It's quite a bit shorter and just as readable. (The full sentence with "pointing to" was added to replace a text that used "ln -s %s %s". Using the "ln" syntax is indeed unclear, because it's not obvious which is the source and which is the target, and because symlink(2) uses the opposite order to ln(1). But with the unicode arrow there should be no ambiguity.)
2016-05-09shared/install: do not print warning when a unit is already enabledZbigniew Jędrzejewski-Szmek
Executing 'systemctl enable' on the same unit twice would cause a warning about a missing [Install] section to be printed. To avoid this, count all symlinks that "would" be created, and return 1 no matter if we actually created a symlink or skipped creation because it already exists.
2016-05-09shared/install: handle dangling aliases as an explicit case, report nicelyZbigniew Jędrzejewski-Szmek
This fixes 'preset-all' with a unit that is a dangling symlink. $ systemctl --root=/ preset-all Unit syslog.service is an alias to a unit that is not present, ignoring. Unit auditd.service is masked, ignoring. Unit NetworkManager.service is masked, ignoring.
2016-05-09shared/install: add some more debug messages and commentsZbigniew Jędrzejewski-Szmek
$ systemctl --root=/ preset foobar.service Cannot find unit foobar.service. Failed to preset: No such file or directory. $ systemctl --root=/ preset foobar@.service Cannot find unit foobar@.service. Failed to preset: No such file or directory. $ systemctl --root=/ preset foobar@blah.service Cannot find unit foobar@blah.service or foobar@.service. Failed to preset: No such file or directory.
2016-05-09nspawn: only remove veth links we created ourselvesLennart Poettering
Let's make sure we don't remove veth links that existed before nspawn was invoked. https://github.com/systemd/systemd/pull/3209#discussion_r62439999
2016-05-09network: Make sure we log about parse errors for ifname listsLennart Poettering
Fix-up for 93e2822684b37a4eeef03775a7a1f44a3055d7b2
2016-05-09networkd: reworkd LLDP emission to allow control of propagation levelLennart Poettering
This allows selecting the propagation level of emitted LLDP packets (specifically: the destination MAC address of the packets). This is useful because it allows generating LLDP packets that optionally cross certain types of bridges. See 802.11ab-2009, Table 7-1 for details.
2016-05-09tree-wide: port more code to use ifname_valid()Lennart Poettering
2016-05-09nspawn: add new --network-zone= switch for automatically managed bridge devicesLennart Poettering
This adds a new concept of network "zones", which are little more than bridge devices that are automatically managed by nspawn: when the first container referencing a bridge is started, the bridge device is created, when the last container referencing it is removed the bridge device is removed again. Besides this logic --network-zone= is pretty much identical to --network-bridge=. The usecase for this is to make it easy to run multiple related containers (think MySQL in one and Apache in another) in a common, named virtual Ethernet broadcast zone, that only exists as long as one of them is running, and fully automatically managed otherwise.
2016-05-09util-lib: add new ifname_valid() call that validates interface namesLennart Poettering
Make use of this in nspawn at a couple of places. A later commit should port more code over to this, including networkd.
2016-05-08Merge pull request #3202 from poettering/socket-fixesMartin Pitt
don't reopen socket fds when reloading the daemon
2016-05-07shared/install: simplify error handling conditionals in a few placesZbigniew Jędrzejewski-Szmek
2016-05-07core/mount: add helper function for mount statesZbigniew Jędrzejewski-Szmek
2016-05-07Merge pull request #3205 from poettering/iaidZbigniew Jędrzejewski-Szmek
more dhcp fixes
2016-05-07Merge pull request #3160 from htejun/cgroup-fixes-rev2Zbigniew Jędrzejewski-Szmek
Cgroup fixes.
2016-05-07Merge pull request #3215 from keszybz/news-and-other-small-cleanupsLennart Poettering
News and other small cleanups
2016-05-07Merge pull request #3191 from poettering/cgroups-agent-dgramEvgeny Vereshchagin
core: use an AF_UNIX/SOCK_DGRAM socket for cgroup agent notification
2016-05-07systemctl: do not print header if no units will be listedZbigniew Jędrzejewski-Szmek
"0 units listed." is still printed.
2016-05-07systemctl: rewrite code to explicitly take care of n_units==0 caseZbigniew Jędrzejewski-Szmek
Coverity was complaing, but it was a false positive (CID #1354669). Nevertheless, it's better to rewrite the code so that units is never null.
2016-05-06core: dump TriggerLimitIntervalSec and TriggerLimitBurst tooEvgeny Vereshchagin
2016-05-06core: expose TriggerLimitIntervalUSecEvgeny Vereshchagin
Before: $ systemctl show --property TriggerLimitIntervalSec test.socket TriggerLimitIntervalSec=2000000 After: $ systemctl show --property TriggerLimitIntervalUSec test.socket TriggerLimitIntervalUSec=2s
2016-05-06core: update the right mtime after finishing writing of transient units (#3203)Lennart Poettering
Fixes: #3194
2016-05-06networkd: move the IAID configuration option into the [DHCP] sectionLennart Poettering
It's only relevant to DHCP, and it should be where the DUID is configured too.
2016-05-06systemctl: indentation fixLennart Poettering
2016-05-06core: rework how we flush incoming traffic when a socket unit goes downLennart Poettering
Previously, we'd simply close and reopen the socket file descriptors. This is problematic however, as we won't transition through the SOCKET_CHOWN state then, and thus the file ownership won't be correct for the sockets. Rework the flushing logic, and actually read any queued data from the sockets for flushing, and accept any queued messages and disconnect them.
2016-05-06core: don't implicit open missing socket fds on daemon reloadLennart Poettering
Previously, when the daemon was reloaded and the configuration of a socket unit file was changed so that a different set of socket ports was defined for the socket we'd simply reopen the socket fds not yet open. This is problematic however, as this means the SOCKET_CHOWN state is not run for them, and thus their UID/GID is not corrected. With this change, don't open the missing file descriptors, but log about this issue, and ask the user to restart the socket explicit, to make sure all missing fds are opened. Fixes: #3171
2016-05-06core: split out selinux label retrieval logic into a function of its ownLennart Poettering
This should bring no behavioural change.
2016-05-06Merge pull request #3201 from ssahani/net-wordLennart Poettering
networkd lib: cleanup FOREACH_WORD
2016-05-06networkd: route fix commentSusant Sahani
2016-05-06networkd: cleanup FOREACH_WORDSusant Sahani
2016-05-05Merge pull request #3190 from poettering/logind-fixesZbigniew Jędrzejewski-Szmek
2016-05-06Merge pull request #3198 from poettering/trigger-timeout-defaultsEvgeny Vereshchagin
change trigger timeout defaults
2016-05-05logind: drop pointless UINT64_C() macro useLennart Poettering
2016-05-05logind: enforce a limit on inhibitors we hand outLennart Poettering
For similar reasons as the recent addition of a limit on sessions. Note that we don't enforce a limit on inhibitors per-user currently, but there's an implicit one, since each inhibitor takes up one fd, and fds are limited via RLIMIT_NOFILE, and the limit on the number of processes per user.
2016-05-05logind: expose more configuration settings as bus propertiesLennart Poettering
2016-05-05logind: don't include session lists in PropertyChanged messagesLennart Poettering
If we have a lot of simultaneous sessions we really shouldn't send the full list of active sessions with each PropertyChanged message for user and seat objects, as that can become quite substantial data, we probably shouldn't dump on the bus on each login and logout. Note that the global list of sessions doesn't send out changes like this either, it only supports requesting the session list with ListSessions(). If cients want to get notified about sessions coming and going they should subscribe to SessionNew and SessionRemoved signals, and clients generally do that already. This is kind of an API break, but then again the fact that this was included was never documented.
2016-05-05logind: process session/inhibitor fds at higher priorityLennart Poettering
Let's make sure we process session and inhibitor pipe fds (that signal sessions/inhibtors going away) at a higher priority than new bus calls that might create new sessions or inhibitors. This helps ensuring that the number of open sessions stays minimal.
2016-05-05logind: enforce a limit on current user sessionsLennart Poettering
We really should put limits on all resources we manage, hence add one to the number of concurrent sessions, too. This was previously unbounded, hence set a relatively high limit of 8K by default. Note that most PAM setups will actually invoke pam_systemd prefixed with "-", so that the return code of pam_systemd is ignored, and the login attempt succeeds anyway. On systems like this the session will be created but is not tracked by systemd.
2016-05-05core: fix owner user/group output in socket dumpLennart Poettering
The unit file settings are called SocketUser= and SocketGroup= hence name these fields that way in the "systemd-analyze dump" output too. https://github.com/systemd/systemd/issues/3171#issuecomment-216216995
2016-05-05core: change default trigger limits for socket unitsLennart Poettering
Let's lower the default values a bit, and pick different defaults for Accept=yes and Accept=no sockets. Fixes: #3167
2016-05-05journald: stack allocation cannot failLennart Poettering
No need to check whether alloca() failed...
2016-05-05tree-wide: introduce new SOCKADDR_UN_LEN() macro, and use it everywhereLennart Poettering
The macro determines the right length of a AF_UNIX "struct sockaddr_un" to pass to connect() or bind(). It automatically figures out if the socket refers to an abstract namespace socket, or a socket in the file system, and properly handles the full length of the path field. This macro is not only safer, but also simpler to use, than the usual offsetof() + strlen() logic.
2016-05-05test-networkd-conf: fix memleakThomas Hindoe Paaboel Andersen
2016-05-05networkd: fix memleak in config_parse_duid_rawdataThomas Hindoe Paaboel Andersen
2016-05-05core: use an AF_UNIX/SOCK_DGRAM socket for cgroup agent notificationLennart Poettering
dbus-daemon currently uses a backlog of 30 on its D-bus system bus socket. On overloaded systems this means that only 30 connections may be queued without dbus-daemon processing them before further connection attempts fail. Our cgroups-agent binary so far used D-Bus for its messaging, and hitting this limit hence may result in us losing cgroup empty messages. This patch adds a seperate cgroup agent socket of type AF_UNIX/SOCK_DGRAM. Since sockets of these types need no connection set up, no listen() backlog applies. Our cgroup-agent binary will hence simply block as long as it can't enqueue its datagram message, so that we won't lose cgroup empty messages as likely anymore. This also rearranges the ordering of the processing of SIGCHLD signals, service notification messages (sd_notify()...) and the two types of cgroup notifications (inotify for the unified hierarchy support, and agent for the classic hierarchy support). We now always process events for these in the following order: 1. service notification messages (SD_EVENT_PRIORITY_NORMAL-7) 2. SIGCHLD signals (SD_EVENT_PRIORITY_NORMAL-6) 3. cgroup inotify and cgroup agent (SD_EVENT_PRIORITY_NORMAL-5) This is because when receiving SIGCHLD we invalidate PID information, which we need to process the service notification messages which are bound to PIDs. Hence the order between the first two items. And we want to process SIGCHLD metadata to detect whether a service is gone, before using cgroup notifications, to decide when a service is gone, since the former carries more useful metadata. Related to this: https://bugs.freedesktop.org/show_bug.cgi?id=95264 https://github.com/systemd/systemd/issues/1961