summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2015-02-04nspawn: Allow module loading if CAP_SYS_MODULE is requestedJay Faulkner
nspawn containers currently block module loading in all cases, with no option to disable it. This allows an admin, specifically setting capability=CAP_SYS_MODULE or capability=all to load modules.
2015-02-04shared/capability: don't be too frugal on space for capsTom Gundersen
We were dropping the most significant bit. Add an assert to make sure it does not happen again. Fixes a bug introduced in 7d328b544621d4b1bec936dec612947ad8bfb65a.
2015-02-03tmpfiles: fix compilation without acl supportZbigniew Jędrzejewski-Szmek
2015-02-04cg_path_get_user_unit(): Did not correctly parse user-unit templates.Luke Shumaker
It ran either skip_session() or skip_user_manager(), then ran skip_slices() iff skip_session() ran. It needs to run skip_slices() in either case. Included is a test case demonstrating why.
2015-02-04core: don't reset log level to NOTICE if we get quiet on the kernel cmdlineLennart Poettering
quiet should really just have an effect on the stuff we dump on the console, not what we log elsewhere. Hence: debug on kernel cmdline → interpreted by every tool, turns up log levels to "debug" everywhere. quiet on kernel cmdline → interpreted only by PID 1 (and obviously the kernel) no alteration of the max log level, but turns off status output. http://lists.freedesktop.org/archives/systemd-devel/2014-December/026271.html
2015-02-04virt: add detect_vm_devicetree for powerpc archesChris J Arges
Check sysfs devicetree values in order to detect if we are running on a KVM hypervisor on a powerpc architecture.
2015-02-03networkd: refactor socket activation a bitTom Gundersen
2015-02-03sd-rtnl: allow sd_rtnl_open_fd() to be used on bound socketsTom Gundersen
2015-02-03networkd: handle suspend eventsTom Gundersen
2015-02-03partial revert of fed6df8Thomas Hindoe Paaboel Andersen
This one was acutally used to free xattr
2015-02-03core: open up DefaultDependencies= property for transient unitsLennart Poettering
2015-02-03core: busname_supported() should cache what it detectsJohannes Hölzl
Add the missing "static" to actually make this a cache.
2015-02-03journald: fix some xsprrintf() buffer size falloutLennart Poettering
2015-02-03core: use some nice macros where appropriateLennart Poettering
2015-02-03loopback-setup: simplify code a bitLennart Poettering
2015-02-03loopback-setup: no need to redefine LOOPBACK_IFINDEX, we already have it in ↵Lennart Poettering
missing.h
2015-02-02network-address,test-network: avoid undefined behaviourZbigniew Jędrzejewski-Szmek
2015-02-02shared/async: simplify asynchronous_job a bitZbigniew Jędrzejewski-Szmek
2015-02-02test-dhcp-client: add a kludge to make valgrind happyZbigniew Jędrzejewski-Szmek
2015-02-02test-dhcp-client: open a real udp socket for test executionZbigniew Jędrzejewski-Szmek
./test-dhcp-client would attempt to operate fd 0, i.e. stdin. For example, './test-dhcp-client </dev/null' would fail with EPERM because /dev/null cannot be used with epoll. https://bugzilla.redhat.com/show_bug.cgi?id=1076119
2015-02-03util: rework strappenda(), and rename it strjoina()Lennart Poettering
After all it is now much more like strjoin() than strappend(). At the same time, add support for NULL sentinels, even if they are normally not necessary.
2015-02-02networkd: minor simplificationLennart Poettering
Let's return the fd we found as return value in systemd_netlink_fd(), instead of using call-by-reference.
2015-02-02remove unused variablesThomas Hindoe Paaboel Andersen
2015-02-02tmpfiles: let's always use DEFINE_PRIVATE_STRING_TABLE_LOOKUP_TO_STRING() ↵Lennart Poettering
instead of defining our own string tables
2015-02-02time-util: let's make xstrftime() useful for everybody, even if we only have ↵Lennart Poettering
a single user so far.
2015-02-02macro: document that DECIMAL_STR_MAX contains space for the trailing NUL byteLennart Poettering
2015-02-02bootchart: Ensure that systemd is the init called after using bootchartSebastien Bacher
When booting with systemd-bootchart, default to call the systemd binary rather than the init binary on disk, which might be another init system. Collecting data only works with booting systemd.
2015-02-02backlight: let udev properties override clampingTopi Miettinen
On my computer, the minimum brightness enforced by clamping in backlight is too bright. Let udev property ID_BACKLIGHT_CLAMP control whether the brightness is clamped or not.
2015-02-02cryptsetup: only warn on real key filesMartin Pitt
Simplify the check from commit 05f73ad to only apply the warning to regular files instead of enumerating device nodes.
2015-02-02cryptsetup: Do not warn If the key is /dev/*randomCristian Rodríguez
Using /dev/urandom as a key is valid for swap, do not warn if this devices are world readable.
2015-02-02networkd: support socket activationTom Gundersen
Still keep the non-socket activation code around for starting from the commandline, but will likely drop that too in the future.
2015-02-02sd-rtnl: introduce sd_rtnl_new_from_netlinkTom Gundersen
2015-02-02networkd-wait-online: add timeoutTom Gundersen
Default to timing out after 120 seconds without a network connection. Setting a timeout of 0 disables the timeout.
2015-02-02sd-event: treat NULL callback for timer events like sig eventsTom Gundersen
In both cases exit the event loop.
2015-02-02networkd-wait-online: support globbing for ignored devicesTom Gundersen
2015-02-01shared/capability: go frugal on space for capsZbigniew Jędrzejewski-Szmek
2015-02-01Fix dropping of all capabilitiesZbigniew Jędrzejewski-Szmek
From fd.o bug 88898: systemd-resolved fails to start: Failed to drop capabilities: Operation not permitted Broken in f11943c53ec181829a821c6b27acf828bab71caa. Drop all capabilities: 1. prctl(PR_SET_KEEPCAPS, keep_capabilities != 0) // 0 when we drop all capabilities 2. setresuid() // bye bye capabilities 3. Add CAP_SETPCAP // fails because we have no capabilities 4. Reduce capability bounding set 5. Drop capabilities 6. prctl(PR_SET_KEEPCAPS, 0) Capabilites should always be kept after setresuid() so that the capability bounding set can be reduced. Based-on-a-patch-by: mustrumr97@gmail.com https://bugs.freedesktop.org/show_bug.cgi?id=88898 We must be careful not to leave PR_SET_KEEPCAPS on. We could use the setresuid() call to drop capabilities, but the rules when capabilities are dropped are fairly complex, since a transition to non-zero uid must happen. Let's instead keep the capabilities during setresuid(), and drop them later.
2015-02-01config_parse_set_status: put signals in the correct setMichael Olbrich
This was broken when the code was rearranged in "1e2fd62d70ff core/load-fragment.c: correct argument sign and split up long lines"
2015-02-01Add a snprinf wrapper which checks that the buffer was big enoughZbigniew Jędrzejewski-Szmek
If we scale our buffer to be wide enough for the format string, we should expect that the calculation was correct. char_array_0() invocations are removed, since snprintf nul-terminates the output in any case. A similar wrapper is used for strftime calls, but only in timedatectl.c.
2015-02-01tmpfiles: accurately report creation resultsZbigniew Jędrzejewski-Szmek
2015-02-01tmpfiles: remove dead branchZbigniew Jędrzejewski-Szmek
In the test, p is a path to a directory, always absolute. dent->d_name is a single path component, so they cannot be equal. The comparison was wrong also for other reasons: D type supports globs, so direct comparisons using streq are not enough.
2015-01-31core/cgroup: fix embarrassing typoZbigniew Jędrzejewski-Szmek
https://github.com/docker/docker/issues/10280
2015-01-31test-dhcp-client: remove linebreakZbigniew Jędrzejewski-Szmek
2015-01-31networkd: dhcp-server - start as soon as addresses have been setTom Gundersen
We would otherwise wait for the interface to be completely configured, which could take considerable time with IPv4LL. As a result nspawn was very slow at obtaining IP addresses.
2015-01-31networkd-wait-online: allow specific devices to be ignoredTom Gundersen
In addition to the loopback device, also explicitly configured devices to be ignored. Suggested by Charles Devereaux <systemd@guylhem.net>.
2015-01-31sd-rtnl: don't fail event handler when callback failsTom Gundersen
As in sd-bus, simply log at debug level when a callback fails, but don't fail the event handler. Otherwise any error returned by any callback will disable the rtnl event handler. We should only do that on serious internal errors in sd-rtnl that we know cannot be recovered from.
2015-01-30core: make setting the shutdown watchdog configuration via dbus workMaxim Mikityanskiy
https://bugs.freedesktop.org/show_bug.cgi?id=88284
2015-01-30Revert "sd-bus: change serialization of kdbus messages to qualify in their ↵Kay Sievers
entirety as gvariant objects" This breaks booting with kdbus. This reverts commit b381de4197157748ed96e469fcc372c23f842ae1.
2015-01-30Revert "core: make setting the shutdown watchdog configuration via dbus work"Kay Sievers
This reverts commit df6e44c4affced590b0d19c594d9301ffd436591. systemd --version segfaults. Starting program: /usr/lib/systemd/systemd --version Missing separate debuginfos, use: debuginfo-install systemd-216-16.fc21.x86_64 [Thread debugging using libthread_db enabled] Using host libthread_db library "/lib64/libthread_db.so.1". systemd 218 +PAM +AUDIT +SELINUX +IMA -APPARMOR +SMACK +SYSVINIT +UTMP +LIBCRYPTSETUP +GCRYPT +GNUTLS +ACL +XZ -LZ4 +SECCOMP +BLKID +ELFUTILS +KMOD +IDN Program received signal SIGSEGV, Segmentation fault. 0x000055555557c9be in main (argc=2, argv=0x7fffffffe4d8) at src/core/main.c:1832 1832 arg_shutdown_watchdog = m->shutdown_watchdog; (gdb) bt (gdb) bt full m = 0x0
2015-01-28systemctl: refuse --host with catZbigniew Jędrzejewski-Szmek
This might be fixed one day, but for now it's better to fail. https://bugzilla.redhat.com/show_bug.cgi?id=1186952