Age | Commit message (Collapse) | Author |
|
These use the (deprecated) IPv4 address classes to deduce the corresponding subnet masks. This is useful when addresses
without subnet masks and prefix lengths are given.
Make use of these new functions from sd-dhcp-lease.
|
|
Some comment fixes and header cleanups in kdbus.h, and the task capability
meta information has been factored out to its own struct.
|
|
|
|
Let's give coverity a hint what's going on here.
|
|
This reverts commit b1543c4c93855b61b40118e9f14a0423dac2e078.
We check b->address anyway, no need to check the return value,
especially given that the other #ifdef branch don't get the same
treatment.
|
|
If we run in the container then we run in a mount namespace. If namespace dies
then kernel should do unmounting for us, hence we skip unmounting in containers.
Also, it may be the case that we no longer have capability to do umount,
because we are running in the unprivileged container.
See: http://lists.freedesktop.org/archives/systemd-devel/2014-October/023536.html
|
|
|
|
Reported-by: sztanpet on irc
|
|
Function queries system hostname and applies changes only when necessary. Also,
migrate all client of sethostname to sethostname_idempotent while at it.
|
|
Commit 74055aa762 'journalctl: add new --flush command and make use of
it in systemd-journal-flush.service' broke flushing because journald
checks for the /run/systemd/journal/flushed file before opening the
permanent journal. When the creation of this file was postponed,
flushing stoppage ensued.
|
|
On an ro fs, systemctl disable ... would fail silently.
|
|
After all we have lots of those.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=85447
|
|
http://bugs.debian.org/766598
|
|
We should use the data if we can (if stdin/stdout is an AF_UNIX socket),
but still work if we can't (if stdin/stdout are pipes, like in the SSH
case).
This effectively reverts 55534fb5e4742b0db9ae5e1e0202c53804147697
|
|
sd_bus_error, just go on
sd_bus_error_setfv() must initialize the sd_bus_error value to some
sensible value and then return a good errno code matching that. If it
cannot work at all it should set the error statically to the OOM error.
But if it can work half-way (i.e. initialize the name, but not the
message) it should do so and still return the correct errno number for
it.
This effectively reverts 8bf13eb1e02b9977ae1cd331ae5dc7305a305a09
|
|
|
|
|
|
|
|
Let's make parse_usec() and parse_nsec() work similar
|
|
|
|
In order to make object destruction easier (in particular in combination
with _cleanup_) we usually make destructors deal with NULL objects as
NOPs. Change the calendar spec destructor to follow the same scheme.
|
|
fail if we can't set it
This partially undos 2f905e821e0342c36f5a5d3a51d53aabccc800bd
|
|
|
|
If selinux is disabled and smack is only enabled, smack label is
relable-ed by label_fix. To avoid, make only be labeled for selinux.
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=84931
|
|
|
|
Fix a bug in systemd-cryptsetup-generator which caused the drop-in
setting the job timeout for the dm device unit to be written with a
name different than the unit name.
https://bugs.freedesktop.org/show_bug.cgi?id=84409
|
|
Since commit b1e90ec515408aec2702522f6f68c4920b56375b systemd passes
its log settings to systemd-shutdown via command line parameters.
However, systemd-shutdown doesn't pass these parameters to
/run/initramfs/shutdown, causing it to fall back to the default log
settings.
This fixes the following bugs about the shutdown not being quiet
despite "quiet" being in the kernel parameters:
https://bugs.freedesktop.org/show_bug.cgi?id=79582
https://bugs.freedesktop.org/show_bug.cgi?id=57216
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Normally we shouldn#t log from "library" functions, but SELinux is
weird, hence upgrade security messages uniformly to LOG_ERR when in
enforcing mode.
|
|
APIs that query and return something cannot silently fail, they must
either return something useful, or an error. Fix that.
Also, properly rollback socket unit fd creation when something goes
wrong with the security framework.
|
|
|
|
|
|
of the matching selinux code
|
|
previously mac_smack_apply(path, NULL) would operate on the symlink
itself while mac_smack_apply(path, "foo") would follow the symlink.
Let's clean this up an always operate on the symlink, which appears to
be the safer option.
|
|
a) always return negative errno error codes
b) always become a noop if smack is off
c) always take a NULL label as a request to remove it
|
|
and all that reset it to defaults mac_{selinux|smack}_fix()
Let's clean up the naming schemes a bit and use the same one for SMACK
and for SELINUX.
|
|
|
|
|
|
It cannot fail in the current hashmap implementation, but it may fail in
alternative implementations (unless a sufficiently large reservation has
been placed beforehand).
|
|
With the hashmap implementation that uses chaining the reservations
merely ensure that the merging won't result in long bucket chains.
With a future alternative implementation it will additionally reserve
memory to make sure the merging won't fail.
|
|
That hashmap_move_one() currently cannot fail with -ENOMEM is an
implementation detail, which is not possible to guarantee in general.
Hashmap implementations based on anything else than chaining of
individual entries may have to allocate.
hashmap_move_one will not fail with -ENOMEM if a proper reservation has
been made beforehand. Use reservations in install.c.
In cgtop.c simply propagate the error instead of asserting.
|
|
|