summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2015-02-25journal: make skipping of exhausted journal files effective againMichal Schmidt
Commit 668c965af "journal: skipping of exhausted journal files is bad if direction changed" fixed a correctness issue, but it also significantly limited the cases where the optimization that skips exhausted journal files could apply. As a result, some journalctl queries are much slower in v219 than in v218. (e.g. queries where a "--since" cutoff should have quickly eliminated older journal files from consideration, but didn't.) If already in the initial iteration find_location_with_matches() finds no entry, the journal file's location is not updated. This is fine, except that: - We must update at least f->last_direction. The optimization relies on it. Let's separate that from journal_file_save_location() and update it immediately after the direction checks. - The optimization was conditional on "f->current_offset > 0", but it would always be 0 in this scenario. This check is unnecessary for the optimization.
2015-02-24po: simplify one sentenceZbigniew Jędrzejewski-Szmek
2015-02-24systemd: add getrandom syscall numbers for MIPSAaro Koskinen
Add getrandom syscall numbers for MIPS. Based on Linux 3.17 kernel (commit 42944521af97a3b25516f15f3149aec3779656dc, "MIPS: Wire up new syscalls getrandom and memfd_create").
2015-02-24bootchart: svg: fix checking of list endAaro Koskinen
If we have less samples than expected, systemd-bootchart will crash.
2015-02-25bootctl: fix mem leaksThomas Hindoe Paaboel Andersen
CID#1271347/1271348
2015-02-24machined: fix check if host directory could be openedThomas Hindoe Paaboel Andersen
CID#1271351
2015-02-24acl-util: avoid freeing uninitialized pointerThomas Hindoe Paaboel Andersen
CID#1271344/1271345
2015-02-24importd: enable btrfs quota in /var/lib/machines, if necessaryLennart Poettering
2015-02-24machined/machinectl: when "machinectl image-status" is used without ↵Lennart Poettering
arguments show statistics about pool
2015-02-24shared: fix wrong assertion in barrier_set_role()Cristian Rodríguez
assert(b->pipe[0] >= 0 && b->pipe[0] >= 0); Test the same condition twice, pretty sure we mean assert(b->pipe[0] >= 0 && b->pipe[1] >= 0);
2015-02-24machined: actually open up methods to unprivileged clients on dbus1Lennart Poettering
Many of machined's operations are now opened up to unprivileged clients via PolicyKit. Open up the dbus policy so that we can actually make these calls. kdbus doesn't reuqire this, hence this wasn't noticed before.
2015-02-24importd: create a loopback btrfs file system for /var/lib/machines, if necessaryLennart Poettering
When manipulating container and VM images we need efficient and atomic directory snapshots and file copies, as well as disk quota. btrfs provides this, legacy file systems do not. Hence, implicitly create a loopback file system in /var/lib/machines.raw and mount it to /var/lib/machines, if that directory is not on btrfs anyway. This is done implicitly and transparently the first time the user invokes "machinectl import-xyz". This allows us to take benefit of btrfs features for container management without actually having the rest of the system use btrfs. The loopback is sized 500M initially. Patches to grow it dynamically are to follow.
2015-02-24id128: add new sd_id128_is_null() callLennart Poettering
2015-02-24import: print nice warning if we need btrfs but /var/lib/machines is not btrfsLennart Poettering
2015-02-24test-hashmap: fix gcc5 warningDaniel Mack
gcc5 spits out a warning about test-hashmap.c: CC src/test/test-hashmap.o src/test/test-hashmap.c: In function ‘test_string_compare_func’: src/test/test-hashmap.c:76:79: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses]
2015-02-24shared/unit-name: fix gcc5 warningDaniel Mack
Fix the following gcc5 warning: CC src/shared/libsystemd_shared_la-unit-name.lo src/shared/unit-name.c: In function 'unit_name_is_valid': src/shared/unit-name.c:102:34: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] if (!template_ok == TEMPLATE_VALID && at+1 == e) ^
2015-02-24systemctl: bump NOFILE only for systemctl_mainZbigniew Jędrzejewski-Szmek
It is not necessary when running as telinit, etc. https://bugzilla.redhat.com/show_bug.cgi?id=1184712
2015-02-24bootchart: fix default init pathMartin Pitt
Commit 6e1bf7ab99 used the wrong directory; we need rootlibexecdir, not rootlibdir, as the latter is something like /lib/x86_64-linux-gnu/ on multi-arch systems. https://launchpad.net/bugs/1423867
2015-02-24sd-bus: test-bus-kernel-benchmark: don't rely on fixed unique namesDaniel Mack
The kernel part of kdbus does not allow userspace to make any assumption on which unique address the first user on the bus will get. Instead, use sd_bus_get_unique_name() to get the server's address.
2015-02-24test-time: test "infinity" parsing in nanosecondsDaniel Mack
2015-02-24shared/time-util: fix gcc5 warningDaniel Mack
CC src/shared/libsystemd_shared_la-time-util.lo src/shared/time-util.c: In function 'parse_nsec': src/shared/time-util.c:789:25: warning: logical not is only applied to the left hand side of comparison [-Wlogical-not-parentheses] if (!*s != 0) ^
2015-02-24sd-bus: sync kdbus.hDaniel Mack
Follow two small changes in the kdbus API: * Flags are now returned in cmd->return_flags by KDBUS_CMD_NAME_ACQUIRE * struct kdbus_item_list has been dropped. The information stored in this struct was redundant since awhile already, as all commands report their returned slice size anyway.
2015-02-23systemctl: support auditd.service betterZbigniew Jędrzejewski-Szmek
We would print the filename header before trying to open the file. But since the header was printed to stdout, and the error to stderr, the error would appear on the terminal before the header. It is cleaner to open the file first, then and only then print the header. Also exit on first error. We shouldn't report success if we were unable to open a file.
2015-02-23systemctl: check validity of PID we receivedZbigniew Jędrzejewski-Szmek
2015-02-23resolved: use == for comparing unsigned against zeroZbigniew Jędrzejewski-Szmek
2015-02-23tmpfiles: avoid creating duplicate acl entriesZbigniew Jędrzejewski-Szmek
https://bugs.freedesktop.org/show_bug.cgi?id=89202 https://bugs.debian.org/778656 Status quo ante can be restored with: getfacl -p /var/log/journal/`cat /etc/machine-id`|grep -v '^#'|sort -u|sudo setfacl --set-file=- /var/log/journal/`cat /etc/machine-id`
2015-02-23libsystemd: revert one hunk of duplicate ifdef removalZbigniew Jędrzejewski-Szmek
This change exposed a bug in kernel headers: /usr/include/linux/if_bridge.h:184:20: error: field 'ip6' has incomplete type struct in6_addr ip6; ^ /usr/include/linux/if_tunnel.h:76:19: error: field 'prefix' has incomplete type struct in6_addr prefix; ^
2015-02-24sd-bus, shared: fix includesDaniel Mack
Include <sys/socket.h> from util.h and bus-message.h in order to build errors like the ones below on kdbus enabled systems. ./src/shared/util.h:976:32: warning: its scope is only this definition or declaration, which is probably not what you want In file included from src/libsystemd/sd-bus/bus-kernel.c:37:0: ./src/shared/util.h:1081:28: warning: 'struct msghdr' declared inside parameter list void cmsg_close_all(struct msghdr *mh); ^ CC src/libsystemd/sd-bus/libsystemd_la-bus-creds.lo In file included from src/libsystemd/sd-bus/bus-creds.c:25:0: ./src/shared/util.h:976:32: warning: 'struct ucred' declared inside parameter list int getpeercred(int fd, struct ucred *ucred); ^
2015-02-23remove unused includesThomas Hindoe Paaboel Andersen
This patch removes includes that are not used. The removals were found with include-what-you-use which checks if any of the symbols from a header is in use.
2015-02-23nspawn: fix whitespace and typo in partition table blurbJan Synacek
2015-02-21logind: fix a typo in a polkit descriptionPiotr Drąg
2015-02-20build-sys: update gitignoreKay Sievers
2015-02-20shared: handle unnamed sockets in socket_address_equal()Michal Schmidt
Make sure we don't inspect sun_path of unnamed sockets. Since we cannot know if two unnamed sockets' adresses refer to the same socket, just return false.
2015-02-20shared: avoid semi-duplicating socket_address_equal()Michal Schmidt
Just call socket_address_equal() from socket_address_matches_fd() instead of implementing similar comparing of addresses.
2015-02-20shared: use SocketAddress in socket_address_matches_fd()Michal Schmidt
Cleanup. No behavior change.
2015-02-20core, shared: in deserializing, match same files reached via different pathsMichal Schmidt
When dbus.socket is updated like this: -ListenStream=/var/run/dbus/system_bus_socket +ListenStream=/run/dbus/system_bus_socket ... and daemon-reload is performed, bad things happen. During deserialization systemd does not recognize that the two paths refer to the same named socket and replaces the socket file with a new one. As a result, applications hang when they try talking to dbus. Fix this by finding a match not only when the path names are equal, but also when they point to the same inode. In socket_address_equal() it is necessary to move the address size comparison into the abstract sockets branch. For path name sockets the comparison must not be done and for other families it is redundant (their sizes are constant and checked by socket_address_verify()). FIFOs and special files can also have multiple pathnames, so compare the inodes for them as well. Note that previously the pathname checks used streq_ptr(), but the paths cannot be NULL. Fixes: https://bugzilla.redhat.com/show_bug.cgi?id=1186018
2015-02-19bus: sync with kdbus.git (ABI break)David Herrmann
This syncs up the new KDBUS_CMD_CONN_INFO behavior: - attach-flags are passed in .attach_flags, instead of directly merged with the command flags.
2015-02-19nspawn: chown basic device nodes to userns rootLennart Poettering
2015-02-19nspawn: fix build on non-selinux systemsLennart Poettering
2015-02-19nspawn: add basic user namespacing supportLennart Poettering
(This is incomplete, /proc and /sys are still owned by root from outside the container, not inside)
2015-02-19sysv-generator: fix wrong "Overwriting existing symlink" warningsMartin Pitt
Fix result testing of is_symlink() to ignore negative results, which happen if the file name does not exist at all. In this case we do not want a warning and unlink the non-existing link. https://bugs.debian.org/778700
2015-02-18nspawn: when connected to pipes for stdin/stdout, pass them as-is to PID 1Lennart Poettering
Previously we always invoked the container PID 1 on /dev/console of the container. With this change we do so only if nspawn was invoked interactively (i.e. its stdin/stdout was connected to a TTY). In all other cases we directly pass through the fds unmodified. This has the benefit that nspawn can be added into shell pipelines. https://bugs.freedesktop.org/show_bug.cgi?id=87732
2015-02-18systemd-boot: fix alignment of version in tableThomas Hindoe Paaboel Andersen
2015-02-18everywhere: remove configurability of sysv runlevel to target mappingLennart Poettering
With this change runlevel 2, 3, 4 are mapped to multi-user.target for good, and 5 to graphical.target. This was already the previous mapping but is now no longer reconfigurable, but hard-coded into the core. This should generally simplify things, but also fix one bug: the sysv-generator previously generated symlinks to runlevel[2-5].target units, which possibly weren't picked up if these aliases were otherwise only referenced by the real names "multi-user.target" and "graphical.target". We keep compat aliases "runlevel[2345].target" arround for cases where this target name is explicitly requested.
2015-02-18run: if we fail to set a property assignment then really failLennart Poettering
2015-02-18nspawn: add support for --property= to set scope propertiesLennart Poettering
This is similar to systemd-run's --property= setting.
2015-02-18shared: introduce cmsg_close_all() callLennart Poettering
The call iterates through cmsg list and closes all fds passed via SCM_RIGHTS. This patch also ensures the call is used wherever appropriate, where we might get spurious fds sent and we should better close them, then leave them lying around.
2015-02-18systemctl: allow interactive authorization for all bus callsLennart Poettering
Make use of the new sd_bus_set_allow_interactive_authorization() call to globally enable interactive authorization. Also, turn on PK agent for more calls. This allows us to make use of the sd_bus_call_method() convencience helper at more places.
2015-02-18systemctl: let's make use of FOREACH_STRING() where we canLennart Poettering
2015-02-18core: rework policykit hookupLennart Poettering
- Always issue selinux access check as early as possible, and PK check as late as possible. - Introduce a new policykit action for altering environment - Open most remaining bus calls to unprivileged clients via PK