summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2014-10-22sd-bus: fix transition left-overs in sd_bus_get_owner_creds()Daniel Mack
sd_bus_get_owner_creds() was only halfly ported over to _cleanup_bus_creds_unref_.
2014-10-22journal: do server_vacuum for sigusr1WaLyong Cho
runtime journal is migrated to system journal when only "/run/systemd/journal/flushed" exist. It's ok but according to this the system journal directory size(max use) can be over the config. If journal is not rotated during some time the journal directory can be remained as over the config(or default) size. To avoid, do server_vacuum just after the system journal migration from runtime.
2014-10-22firstboot: don't prohibit re-generating the machine id on the current root fsLennart Poettering
If it really is missing it should be safe to create it. Also see: http://lists.freedesktop.org/archives/systemd-devel/2014-August/022726.html
2014-10-22journalctl: don't introduce numeric constants with special names, give them ↵Lennart Poettering
names
2014-10-22sd-bus: implement sd_bus_get_owner_creds() for kdbusDaniel Mack
kdbus learned a new ioctl to tell userspace about a bus creator's credentials, which is what we need to implement sd_bus_get_owner_creds() for kdbus. Move the function from sd-bus.c to bus-control.c to be able to reuse the bus_populate_creds_from_items() helper.
2014-10-22sd-bus: rename sd_bus_get_owner_uid(), sd_bus_get_owner_machine_id() and ↵Daniel Mack
sd_bus_get_peer_creds() Clean up the function namespace by renaming the following: sd_bus_get_owner_uid() → sd_bus_get_name_creds_uid() sd_bus_get_owner_machine_id() → sd_bus_get_name_machine_id() sd_bus_get_peer_creds() → sd_bus_get_owner_creds()
2014-10-22sd-bus: factor out creds item iteratorDaniel Mack
We will re-use the code to walk items in order to populate a creds object, so let's factor it out first.
2014-10-22sd-bus: sync kdbus.hDaniel Mack
kdbus learned a new command to query a bus creator's credentials. Sync kdbus.h first, which also renames some struct to more generic terms. That is, however, not an ABI break this time.
2014-10-22resolved: simplify detection of packets from the loopback deviceLennart Poettering
We can simplify our code quite a bit if we explicitly check for the ifindex being 1 on Linux as a loopback check. Apparently, this is hardcoded on Linux on the kernel, and effectively exported to userspace via rtnl and such, hence we should be able to rely on it.
2014-10-22networkd: Fix a couple of typosTorstein Husebø
2014-10-22sd-bus: assert clock_gettime()'s return valueDaniel Mack
Don't handle clock_gettime() errors gracefully but use assert_se().
2014-10-22fsck: re-enable fsck -lKarel Zak
The -l (lock) has been temporary disabled due to conflict with udev (https://bugs.freedesktop.org/show_bug.cgi?id=79576) The problem is fixed since util-linux v2.25 (Jul 2014).
2014-10-21sd-bus: sync kdbus.h (API change: switch to absolute timeouts)Daniel Mack
kdbus_msg.timeout_ns now takes an absolute value, based on CLOCK_MONOTONIC, in order to eventually support automatically restarted syscalls. Signed-off-by: Daniel Mack <daniel@zonque.org>
2014-10-21sd-bus: sync kdbus.h (ABI break)Daniel Mack
In kdbus.h, the following details changed: * All commands gained a 'kernel_flags' field to report the flags supported by the driver. Before, this was done in the 'flags' field in a bidirectional way, which turned out to be a problem for the code in sd-bus, as many parts of it reuse the same ioctl struct more than once and consider them to be owned by userspace. * Name listings are now returned by a new struct instead of reusing struct kdbus_cmd_name for that matter. This way, we don't add more unneeded fields to it and make the API cleaner. * 'conn_flags' was renamed to 'flags' in struct kdbus_cmd_hello to make the API a bit more unified.
2014-10-21strv: use realloc_multiply() to check for multiplication overflowMichal Schmidt
This could overflow on 32bit, where size_t is the same as unsigned.
2014-10-21strv: add an additional overflow check when enlarging strv()sLennart Poettering
https://bugs.freedesktop.org/show_bug.cgi?id=76745
2014-10-21shared: remove unused functionsRonny Chevalier
- mkdir_p_prefix: It has never been used - mkdir_parents_prefix_label: Unused since 1434ae6fd49f8377b0ddbd4c675736e0d3226ea6
2014-10-21util: avoid duplication of TIME_T_MAXRonny Chevalier
2014-10-20sd-journal: consistently use ternary operator for all direction checksChristian Hesse
2014-10-20bus-proxy: let's make use of the translated errors get_creds_by_name() ↵Lennart Poettering
provides us with
2014-10-20Revert "bus-proxyd: improve compatibility with dbus-1"Lennart Poettering
This reverts commit b0f84d4d7832659f2216bda7a7cdf51f5e79c6eb. get_creds_by_name() already translate the error nicely, we just need to make use of it.
2014-10-20kdbus: free returned buffer when the memory is no longer neededLukasz Skalski
2014-10-20sd-bus: sync kdbus.h (ABI break)Daniel Mack
kdbus.h now has KDBUS_ATTACH_COMM split into KDBUS_ATTACH_TID_COMM and KDBUS_ATTACH_PID_COMM. The items were split already, so the change in systemd is easy.
2014-10-18sd-bus: sync kdbus.h (ABI break)Daniel Mack
In kdbus.h, the 'features' field has been dropped again. Instead of negotiating features that way, we decided to make the kernel return the set of supported flags in each ioctl struct's .flags field, in both the success and error cases.
2014-10-17systemd: try harder to bind to notify socketZbigniew Jędrzejewski-Szmek
Without the socket open we are going to crash and burn. If for whatever reason we fail during deserialization we will fail when trying to open the socket. In this case it is better to unlink the old socket and maybe lose some messages, than to continue without the notification socket. Of course this situation should not happen, but we should handle it as gracefully as possible anyway. https://bugzilla.redhat.com/show_bug.cgi?id=1099299
2014-10-17systemd: log deserialization errors as warningsZbigniew Jędrzejewski-Szmek
If we failed to parse something that we wrote ourselves, things are seriously off. This is also likely to lead to problems futher on.
2014-10-17systemd: continue switch-root even if umount failsZbigniew Jędrzejewski-Szmek
Leaving the old root around seems better than aborting the switch.
2014-10-17nspawn: fix DeviceAllow listDaniel Mack
Commit 864e17068 ("nspawn: actually allow access to /dev/net/tun in the container") added "/dev/net/tun" to the list of allowed devices but forgot to tweak the array length, which caused "/dev/kdbus/*" to be missed.
2014-10-17environment: append unit_id to error messages regarding EnvironmentFileLukas Nykryn
2014-10-17missing: remove fanotifyZbigniew Jędrzejewski-Szmek
It was only used in readahead.
2014-10-17execute: downgrade namespace error to "warning"Lennart Poettering
Also, extend the printed warning a bit, explaining the situation more verbosely.
2014-10-17namespace: add missing 'const' to parametersLennart Poettering
2014-10-17systemctl: by default interactively ask for polkit authorization, if possibleLennart Poettering
Also, allow using --no-ask-password to turn off ineractive polkit authorization.
2014-10-17execute: don't fail child when we don't have privileges to setup namespacesMichal Sekletar
If we don't have privileges to setup the namespaces then we are most likely running inside some sort of unprivileged container, hence not being able to create namespace is not a problem because spawned service can't access host system anyway.
2014-10-17Revert "sd-bus: sync kdbus.h (ABI break)"Kay Sievers
This reverts commit 1a2409e262da65a4b0ca8ab18fcf5eabd2d404ca. Support from the kdbus interface was removed. We require memfds to be supported by all clients.
2014-10-17resolve: add missing headerLukasz Skalski
Change-Id: I64f7c6b446f6d92057c35cc3d4e29bd2bad8f75b
2014-10-16terminal: log unsupported ANSI or DEC mode changesTom Gundersen
2014-10-16terminal: split ANSI from DEC mode changesTom Gundersen
2014-10-15selinux: fix potential double free crash in child processMichal Sekletar
Before returning from function we should reset ret to NULL, thus cleanup function is nop. Also context_str() returns pointer to a string containing context but not a copy, hence we must make copy it explicitly.
2014-10-15bus-proxyd: add missing flag translation for RequestNameLukasz Skalski
2014-10-14journal-remote: fix mem leak on errorZbigniew Jędrzejewski-Szmek
2014-10-14sd-bus: sync kdbus.h (ABI break)Daniel Mack
kdbus learned KDBUS_HELLO_ACCEPT_MEMFD as new connection negotiation flag. Set it by default in systemd for now.
2014-10-14bus-proxyd: improve compatibility with dbus-1Lukasz Skalski
'GetConnectionUnixProcessID', 'GetConnectionUnixUser' and 'GetConnectionSELinuxSecurityContext' methods should return 'NameHasNoOwner' error (if chosen name is not available on bus) with more detailed description - like dbus-1: Could not get PID of name 'org.freedesktop.test': no such name. Could not get UID of name 'org.freedesktop.test': no such name. Could not get security context of name 'org.freedesktop.test': no such name. Otherwise we have only laconic message without proper dbus error: Error System.Error.ENXIO: No such device or address
2014-10-14python-systemd: avoid hitting assert in __exit__Dave Reisner
Reader_close() asserts that 'args' is always NULL, but the __exit__ function forwards a non-NULL args.
2014-10-13resolved: apply label to /run/systemd/resolve/resolv.confZbigniew Jędrzejewski-Szmek
Under an SELinux system, we want the file that is created to have a proper context, different from the default for files in /run. This is so that the policy can give access to almost everyone to this file.
2014-10-13resolved: split out writing of resolv.confZbigniew Jędrzejewski-Szmek
manager_write_resolv_conf() is quite long anyway.
2014-10-13bus: check allow-interactive-auhtorization flag when doing polkitLennart Poettering
2014-10-13sd-bus: add support for new allow-interactive-authorization message header flagLennart Poettering
2014-10-13polkit: as we dropped support for the polkit bus transport, also drop its ↵Lennart Poettering
polkit policy
2014-10-13systemctl: when mangle unit names for the "isolate", suffix with ".target" ↵Lennart Poettering
rather than ".service" by default After all, we set AllowIsolate exclusively for target units so far, and this is more or less the only thing tht makes sense, hence also use ".target" as completion suffix by default.