summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2013-03-20Make PrivateTmp dirs also inaccessible from the outsideZbigniew Jędrzejewski-Szmek
Currently, PrivateTmp=yes means that the service cannot see the /tmp shared by rest of the system and is isolated from other services using PrivateTmp, but users can access and modify /tmp as seen by the service. Move the private /tmp and /var/tmp directories into a 0077-mode directory. This way unpriviledged users on the system cannot see (or modify) /tmp as seen by the service.
2013-03-20libudev: avoid potential misaligned accessesJan Engelhardt
clang reports: src/libudev/libudev-util.c:665:35: warning: cast from "const unsigned char *" to "unsigned int *" increases required alignment from 1 to 4 [-Wcast-align]
2013-03-20libude: remove special handling of "device" link, it should not be usedKay Sievers
2013-03-19journalct: beef up entry listingZbigniew Jędrzejewski-Szmek
The ability to dump catalog entries in full and by id is added.
2013-03-19systemd-python: small cleanupsZbigniew Jędrzejewski-Szmek
- separate methods with two empty lines for clarity - avoid malloc(0) by specyfing private data size as -1 - add method name in error messages
2013-03-19systemd-python: add journal.get_catalog()Zbigniew Jędrzejewski-Szmek
This one wraps sd_journal_get_catalog_from_message_id. Thanks to Python namespacing, we can stick to a shorter name.
2013-03-19systemd-python: add _Reader.get_catalog()Zbigniew Jędrzejewski-Szmek
This one wraps sd_journaal_get_catalog.
2013-03-19systemd-python: add _Reader.closed attributeZbigniew Jędrzejewski-Szmek
This should make the file interface of _Reader complete.
2013-03-19journalctl: use _cleanup_ in one functionZbigniew Jędrzejewski-Szmek
2013-03-19keymap: Remap microphone mute and touchpad toggle for Lenovo U300sOzan Çağlayan
Separate out Ideapad U300s to its own line and add Microphone mute key. Signed-off-by: Martin Pitt <martinpitt@gnome.org>
2013-03-19keymap: Fix touchpad toggling on Lenovo IdeaPad U300sOzan Çağlayan
IdeaPad U300s needs mapping 0xf1 to f21 just like Lenovo V480. Signed-off-by: Martin Pitt <martinpitt@gnome.org>
2013-03-18logind: exploit previous cleanups and simplify returnsZbigniew Jędrzejewski-Szmek
2013-03-18logind: Make more use of cleanup macrosColin Walters
2013-03-18Use bus_maybe_send_reply() where applicableColin Walters
This is a followup to: commit 1a37b9b9043ef83e9900e460a9a1fccced3acf89 It will fix denial messages from dbus-daemon between gdm and systemd-logind on logging into GNOME due to this. See the previous commit for more details.
2013-03-18sd-journal: do not require path to be absoluteZbigniew Jędrzejewski-Szmek
Seems natural to be able to specify relative directory, e.g. with journalctl -D. And even if, this should be checked in front-end code, not in the library.
2013-03-18journal,shared: add _cleanup_journal_close_Zbigniew Jędrzejewski-Szmek
2013-03-18journal: use _cleanup_Zbigniew Jędrzejewski-Szmek
One log_debug() moved to match order in other functions.
2013-03-18journal: use sd_journal_close on error in sd_journal_newZbigniew Jędrzejewski-Szmek
2013-03-18systemd-python: allow Reader to be used as a context managerZbigniew Jędrzejewski-Szmek
2013-03-18test-strv.c: test STRV_FOREACH_PAIR macroDaniel Buch
2013-03-18udev: ifdef all firmware special handlingKay Sievers
2013-03-18udev: make firmware loading optional and disable by defaultTom Gundersen
Distros that whish to support old kernels should set --with-firmware-dirs="/usr/lib/firmware/updates:/usr/lib/firmware" to retain the old behaviour.
2013-03-16journal: pass the *pid* to sd_pid_get_owner_uid()Kay Sievers
2013-03-15timer: fix grammar in messageZbigniew Jędrzejewski-Szmek
2013-03-15core: reuse the same /tmp, /var/tmp and inaccessible dirMichal Sekletar
All Execs within the service, will get mounted the same /tmp and /var/tmp directories, if service is configured with PrivateTmp=yes. Temporary directories are cleaned up by service itself in addition to systemd-tmpfiles. Directory which is mounted as inaccessible is created at runtime in /run/systemd.
2013-03-15smack-setup: enable Smack/CIPSO mappingNathaniel Chen
CIPSO is the Common IP Security Option, an IETF standard for setting security levels for a process sending packets. In Smack kernels, CIPSO headers are mapped to Smack labels automatically, but can be changed. This patch writes label/category mappings from /etc/smack/cipso/ to /sys/fs/smackfs/cipso2. The mapping format is "%s%4d%4d"["%4d"]... For more information about Smack and CIPSO, see: https://kernel.org/doc/Documentation/security/Smack.txt
2013-03-15smack-setup: extract rule writing into a separate functionZbigniew Jędrzejewski-Szmek
Check all errors.
2013-03-15core: keep mountinfo .mounts until late shutdownUmut Tezduyar
.mount units coming from /proc/self/mountinfo file are unmounted after local-fs.target is reached during shutdown. Problem: .mount units popping up in mountinfo file are added to systemd without any dependency. For that reason, they are the first one to be unmounted during shutdown. Whichever program mounted the file system deserves a chance to also unmount it. This patch ensures that /proc/self/mountinfo units will be unmounted after local-fs.target during shutdown (if they haven't been unmounted already)
2013-03-15systemd-python: add systemd.daemon wrapping sd-daemonZbigniew Jędrzejewski-Szmek
Please see the documentation (e.g. pydoc3 systemd.daemon) for full description. As usual, systemd._daemon wraps the raw interface, while systemd.daemon provides the more pythonic API. sd_listen_fds, sd_booted, sd_is_fifo, sd_is_socket, sd_is_socket_unix, sd_is_socket_inet, sd_is_mq, and SD_LISTEN_FDS_START are currently wrapped.
2013-03-15systemd-activate: pass environment variables throughZbigniew Jędrzejewski-Szmek
I need this to test half-installed socket-activated python script, which requires PYTHONPATH and LD_LIBRARY_PATH set. I assume that other people might find it useful to. -E VAR passes through VAR from the environment, while -E VAR=value sets VAR=value. systemd-activate -E PYTHONPATH=/var/tmp/inst1/usr/lib64/python3.3/site-packages -E LD_LIBRARY_PATH=/var/tmp/inst1/usr/lib -l 2000 python3 -c 'from systemd.daemon import listen_fds; print(listen_fds())'
2013-03-15nspawn: don't make assumptions about the size of pid_tLennart Poettering
2013-03-15logind: explicitly create state directories during early initializationLennart Poettering
Strictly speaking this isn't necessary for the /run/systemd/seats/ directory, since that is created anyway as the first seat is found, and seat0 is always found. But let's be explicit here, and also create the sessions/ and users/ directories, so that people can always install inotify watches from very early on, even when nobody logged in yet.
2013-03-15sd-booted: update sd_booted() check a bitLennart Poettering
Previously we were testing whether /sys/fs/cgroup/systemd/ was a mount point. This might be problematic however, when the cgroup trees are bind mounted into a container from the host (which should be absolutely valid), which might create the impression that the container was running systemd, but only the host actually is. Replace this by a check for the existance of the directory /run/systemd/system/, which should work unconditionally, since /run can never be a bind mount but *must* be a tmpfs on systemd systems, which is flushed at boots. This means that data in /run always reflects information about the current boot, and only of the local container, which makes it the perfect choice for a check like this. (As side effect this is nice to Ubuntu people who now use logind with the systemd cgroup hierarchy, where the old sd_booted() check misdetects systemd, even though they still run legacy Upstart.)
2013-03-15strv: fix STRV_FOREACH_PAIR macro definitionLennart Poettering
2013-03-15Make initrd.target the default target in the initrdHarald Hoyer
First, rename root-fs.target to initrd-root-fs.target to clarify its usage. Mount units with "x-initrd-rootfs.mount" are now ordered before initrd-root-fs.target. As we sometimes construct /sysroot mounts in /etc/fstab in the initrd, we want these to be mounted before the initrd-root-fs.target is active. initrd.target can be the default target in the initrd. (normal startup) : : v basic.target | ______________________/| / | | sysroot.mount | | | v | initrd-root-fs.target | | | v | initrd-parse-etc.service (custom initrd services) | | v | (sysroot-usr.mount and | various mounts marked | with fstab option | x-initrd.mount) | | | v | initrd-fs.target | | \______________________ | \| v initrd.target | v initrd-cleanup.service isolates to initrd-switch-root.target | v ______________________/| / | | initrd-udevadm-cleanup-db.service | | (custom initrd services) | | | \______________________ | \| v initrd-switch-root.target | v initrd-switch-root.service | v switch-root
2013-03-14main: don't mount /sys, /dev and friends when we run with PID != 1Lennart Poettering
Back from old times when we developed systemd on non-systemd hosts we still mounted the missing directories such as the cgroup stuff even when running with a PID != 1. There's no point for that anymore, so let's just do that if we are actually PID 1, and never otherwise. https://bugs.freedesktop.org/show_bug.cgi?id=62354
2013-03-13fileio: use _cleanup_Zbigniew Jędrzejewski-Szmek
2013-03-13systemctl: remove unused variableMichal Sekletar
2013-03-13tmpfiles: add missing missing.h includeZbigniew Jędrzejewski-Szmek
mbiebl> src/tmpfiles/tmpfiles.c:221:13: error: ‘MAX_HANDLE_SZ’ undeclared (first use in this function) Fixup for 427b47c4abaf4b5.
2013-03-13initctl: catch write error, use _cleanup_Zbigniew Jędrzejewski-Szmek
!= operator always returns something nonnegative, so the error condition was not caught.
2013-03-13journalctl: show systemd messages about unit for -uZbigniew Jędrzejewski-Szmek
journalctl -u unit is not very useful, because it doesn't show systemd messages about starting, stopping, coredumps, etc, like systemctl status unit does. Make it show the same information using the same rules. If somebody really want to see just messages from by the unit, it is easy enough to use _SYSTEMD_UNIT=...
2013-03-13logs-show: export logic to add matches for unitsZbigniew Jędrzejewski-Szmek
After that functions which add matches, show_journal_by_unit and show_journal_by_user_unit, become nearly identical, so I merged them into one function.
2013-03-13libudev: implement udev_device_set_attribute_value()Hannes Reinecke
2013-03-13core: single unit_kill implementation for all unit typesMichal Schmidt
There are very few differences in the implementations of the kill method in the unit types that have one. Let's unify them. This does not yet unify unit_kill() with unit_kill_context().
2013-03-13util, manager: and mempset() and use itMichal Schmidt
Just like mempcpy() is almost identical to memcpy() except the useful return value, so is the relation of mempset() to memset().
2013-03-13manager: use more stpcpy()Michal Schmidt
2013-03-13tmpfiles: --clean -- check for bind mounts of the same filesystem and skip themKay Sievers
2013-03-13cryptsetup-generator: use _cleanup_ where possibleHarald Hoyer
2013-03-13add initrd-fs.target and root-fs.targetHarald Hoyer
Instead of using local-fs*.target in the initrd, use root-fs.target for sysroot.mount and initrd-fs.target for /sysroot/usr and friends. Using local-fs.target would mean to carry over the activated local-fs.target to the isolated initrd-switch-root.target and thus in the real root. Having local-fs.target already active after deserialization causes ordering problems with the real root services and targets. We better isolate to targets for initrd-switch-root.target, which are only available in the initrd.
2013-03-12man,html: say 'systemd 198' in the headerZbigniew Jędrzejewski-Szmek
This should help readers of the man or HTML pages know if the documentation is out of date. An alternative to use a date generated from 'git log' was considered, but since we try to keep user visible documentation up to date, showing the project version should be enough.