summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2017-01-10udev: add ID_INPUT_SWITCH for devices with switch capability (#5057)Peter Hutterer
2017-01-03shared: fix double free in unmask (#5005)Jan Synacek
Easily reproducible: 1) systemctl mask foo 2) systemctl unmask foo foo The problem here is that the *i that is put into todo[] is later freed in strv_uniq(), which is not directly visible from this patch. Somewhere further in the code, the string that *i pointed to is freed again. That happens only when multiple services with the same name/path are specified.
2017-01-03path-lookup: use correct cleanup function for strv (#5007)Thomas H. P. Andersen
2016-12-29machinectl: make sure that inability to get OS version isn't consider fatal ↵Lennart Poettering
for machine list (#4972) Fixes: #4918
2016-12-29core: fix sockaddr length calculation for sockaddr_pretty() (#4966)Lennart Poettering
Let's simply store the socket address length in the SocketPeer object so that we can use it when invoking sockaddr_pretty(): This fixes the issue described in #4943, but avoids calling getpeername() twice.
2016-12-29Merge pull request #4994 from poettering/private-tmp-tmpfilesMartin Pitt
automatically clean up PrivateTmp= left-overs in /var/tmp on next boot
2016-12-29machined: remove unused variable (#4993)Thomas H. P. Andersen
2016-12-29systemctl: permit "enable" and "add-wants" without any instances (#4992)Lennart Poettering
This permits "systemctl enable" and "systemctl add-wants" on template units without any specifications of an instance name, neither specified on the command line, nor specified in DefaultInstance= field of the [install] section. Fixes: #3473
2016-12-29nspawn: reword notice when /dev is pre-mounted and populated (#4971)Lennart Poettering
Fixes: #4676
2016-12-29tmpfiles: improve error message for chown()/chmod() failures (#4969)Lennart Poettering
Let's make the error message less confusing here. Fixes: #4954
2016-12-29Merge pull request #4989 from poettering/nss-einvalMartin Pitt
nss user/group name validation fixes
2016-12-29core: improve log message about missing Listen setting (#4988)Lennart Poettering
Fixes: #4987
2016-12-27core: implicitly order units with PrivateTmp= after ↵Lennart Poettering
systemd-tmpfiles-setup.service Preparation for fixing #4401.
2016-12-27nss: when we encounter an invalid user/group name or UID/GID, don't return ↵Lennart Poettering
EINVAL It's not our business to validate invalid user/group names or UID/GID. Ideally, libc would filter these out, but they don't, hence we have to filter, but let's not propagate this as error, but simply as "not found" to the caller. User name rules are pretty vaguely defined, and the rules defined by POSIX clash with reality quite heavily (for example, utmp doesn't offer enough room for user name length, and /usr/bin/chown permits separating user/group names by a single dot, even though POSIX allows dots being used in user/group names themselves.) We enforce stricter rules than POSIX for good reason, and hence in doing so we should not categorically return EINVAL on stuff we don't consider valid, but other components might. Fixes: #4983
2016-12-27util-lib: add a comment explaining the user name rules we enforceLennart Poettering
2016-12-25test-selinux: place %m after %[sf] (#4977)Evgeny Vereshchagin
"%d (%m) %s\n" crashes asan: https://github.com/google/sanitizers/issues/759 So, let's place %m after %s Fixes: ``` $ ./libtool --mode=execute ./test-selinux ... ============ test_misc ========== ASAN:DEADLYSIGNAL ================================================================= ==2981==ERROR: AddressSanitizer: SEGV on unknown address 0x000041b58ab3 (pc 0x7fd9c55a0eb2 bp 0x7fffdc2f9640 sp 0x7fffdc2f8d68 T0) #0 0x7fd9c55a0eb1 (/lib64/libasan.so.3+0xdeeb1) #1 0x7fd9c5550bbf (/lib64/libasan.so.3+0x8ebbf) #2 0x7fd9c5552cdd in __interceptor_vsnprintf (/lib64/libasan.so.3+0x90cdd) #3 0x7fd9c5063715 in log_internalv src/basic/log.c:680 #4 0x7fd9c506390a in log_internal src/basic/log.c:697 #5 0x561d398181a2 in test_misc src/test/test-selinux.c:81 #6 0x561d398185e8 in main src/test/test-selinux.c:117 #7 0x7fd9c493a400 in __libc_start_main (/lib64/libc.so.6+0x20400) #8 0x561d39817859 in _start (/home/vagrant/systemd-asan/.libs/lt-test-selinux+0x1859) AddressSanitizer can not provide additional info. SUMMARY: AddressSanitizer: SEGV (/lib64/libasan.so.3+0xdeeb1) ==2981==ABORTING ```
2016-12-25machinectl: handle EOPNOTSUPP from print_addresses (#4979)Graeme Lawes
Print addresses returns EOPNOTSUPP, not ENOSYS, when trying to print addresses for non-container machines.
2016-12-24journalctl: add remote log dir to search path when --merge is passed (#4970)Marcin Bachry
The journalctl man page says: "-m, --merge Show entries interleaved from all available journals, including remote ones.", but current version of journalctl doesn't live up to this promise. This patch simply adds "/var/log/journal/remote" to search path if --merge flag is used. Should fix issue #3618
2016-12-22networkd: Rename ProxyARP to IPv4ProxyARP (#4947)Susant Sahani
Rename the arp proxy option to IPv4ProxyARP= in order to clarify its relationship to IPv4, and map to the various IPv6 options we have. Fixes: #4768
2016-12-22resolved: correctly handle non-address RR types with /etc/hosts lookups (#4808)Martin Pitt
Fix wrong condition test in manager_etc_hosts_lookup(), which caused it to return an IPv4 answer when an IPv6 question was asked, and vice versa. Also only return success if we actually found any A or AAAA record. In systemd-resolved.service(8), point out that /etc/hosts mappings only affect address-type lookups, not other types. The test case currently disables DNSSEC in resolved, as there is a bug where "-t MX" fails due to "DNSSEC validation failed" even after "downgrading to non-DNSSEC mode". This should be dropped once that bug gets fixed. Fixes #4801
2016-12-21networkd: bond support primary slave and active slave (#4873)Susant Sahani
active_slave: Specifies the new active slave for modes that support it (active-backup, balance-alb and balance-tlb). primary slave: systemd-networks currently lacks the capability to set the primary slave in an active-backup bonding. This is necessary if you prefer one interface over the other. A common example is a eth0-wlan0 bonding on a laptop where you'd want to switch to the wired connection whenever it's available. Fixes: #2837
2016-12-21networkd: vxlan rename ARPProxy to ReduceARPProxy (#4891)Susant Sahani
Fixes: #4768
2016-12-21nspawn: unref the notify event source (#4941)Evgeny Vereshchagin
Fixes: ``` sudo ./libtool --mode=execute valgrind --leak-check=full ./systemd-nspawn -D ./CONT/ -b ... ==21224== 2,444 (656 direct, 1,788 indirect) bytes in 1 blocks are definitely lost in loss record 13 of 15 ==21224== at 0x4C2FA50: calloc (vg_replace_malloc.c:711) ==21224== by 0x4F6F565: sd_event_new (sd-event.c:431) ==21224== by 0x1210BE: run (nspawn.c:3351) ==21224== by 0x123908: main (nspawn.c:3826) ==21224== ==21224== LEAK SUMMARY: ==21224== definitely lost: 656 bytes in 1 blocks ==21224== indirectly lost: 1,788 bytes in 11 blocks ==21224== possibly lost: 0 bytes in 0 blocks ==21224== still reachable: 8,344 bytes in 3 blocks ==21224== suppressed: 0 bytes in 0 blocks ``` Closes #4934
2016-12-20calendarspec: minor refactoring and style fixDouglas Christman
2016-12-20calendarspec: improve overflow handlingDouglas Christman
Check if the parsed seconds value fits in an integer *after* multiplying by USEC_PER_SEC, otherwise a large value can trigger modulo by zero during normalization.
2016-12-20ndisc: ignore invalid SLAAC prefix lengths (#4923)Jörg Thalheim
- linux does not accept prefixes for SLAAC unequal to 64 bits: http://lxr.free-electrons.com/source/net/ipv6/addrconf.c#L2741 - when networkd tries export such a route to the kernel it will get -EINVAL and set the whole device into a failed state. - this patch will make networkd ignore such prefixes for SLAAC, but process other informations which may contain other prefixes. - Note that rfc4862 does not forbid prefix length != 64 bit
2016-12-20Merge pull request #4904 from dobyrch/calendar-range-stepLennart Poettering
calendarspec: allow repetition values with ranges
2016-12-20systemctl: do not segfault when we cannot find template unit (#4915)Zbigniew Jędrzejewski-Szmek
Core was generated by `systemctl cat test@.target test@.service'. Program terminated with signal SIGSEGV, Segmentation fault. 32 movdqu (%rdi), %xmm0 (gdb) bt -0 strrchr () at ../sysdeps/x86_64/strrchr.S:32 -1 0x00007f57fdf837fe in __GI___basename (filename=0x0) at basename.c:24 -2 0x000055b8a77d0d91 in unit_find_paths (bus=0x55b8a9242f90, unit_name=0x55b8a92428f0 "test@.service", lp=0x7ffdc9070400, fragment_path=0x7ffdc90703e0, dropin_paths=0x7ffdc90703e8) at src/systemctl/systemctl.c:2584 -3 0x000055b8a77dbae5 in cat (argc=3, argv=0x7ffdc9070678, userdata=0x0) at src/systemctl/systemctl.c:5324 -4 0x00007f57fe55fc6b in dispatch_verb (argc=5, argv=0x7ffdc9070668, verbs=0x55b8a77f1c60 <verbs>, userdata=0x0) at src/basic/verbs.c:92 -5 0x000055b8a77e477f in systemctl_main (argc=5, argv=0x7ffdc9070668) at src/systemctl/systemctl.c:8141 -6 0x000055b8a77e5572 in main (argc=5, argv=0x7ffdc9070668) at src/systemctl/systemctl.c:8412 The right behaviour is not easy in this case. Implement some "sensible" logic. Fixes #4912.
2016-12-19networkd-ndisc: handle missing mtu gracefully (#4913)Jörg Thalheim
At least bird's implementation of router advertisement does not set MTU option by default (instead it supplies an option to the user). In this case just leave MTU as it is.
2016-12-18core: downgrade "Time has been changed" to debug (#4906)Zbigniew Jędrzejewski-Szmek
That message is emitted by every systemd instance on every resume: Dec 06 08:03:38 laptop systemd[1]: Time has been changed Dec 06 08:03:38 laptop systemd[823]: Time has been changed Dec 06 08:03:38 laptop systemd[916]: Time has been changed Dec 07 08:00:32 laptop systemd[1]: Time has been changed Dec 07 08:00:32 laptop systemd[823]: Time has been changed Dec 07 08:00:32 laptop systemd[916]: Time has been changed -- Reboot -- Dec 07 08:02:46 laptop systemd[836]: Time has been changed Dec 07 08:02:46 laptop systemd[1]: Time has been changed Dec 07 08:02:46 laptop systemd[926]: Time has been changed Dec 07 19:48:12 laptop systemd[1]: Time has been changed Dec 07 19:48:12 laptop systemd[836]: Time has been changed Dec 07 19:48:12 laptop systemd[926]: Time has been changed ... Fixes #4896.
2016-12-17basic/log: use IN_SETZbigniew Jędrzejewski-Szmek
2016-12-17test-compress: fix warning about LZ4_compress_limitedOutputZbigniew Jędrzejewski-Szmek
691b90d465 fixed one spot, but missed the other one.
2016-12-17core: remove spurious newlineZbigniew Jędrzejewski-Szmek
2016-12-17debug-generator: simplify handling of arg_default_unitZbigniew Jędrzejewski-Szmek
Also free the allocated memory before exiting.
2016-12-17Use SPECIAL_DEFAULT_TARGET consistentlyZbigniew Jędrzejewski-Szmek
2016-12-17Modify mount_propagation_flags_from_string to return a normal int codeZbigniew Jędrzejewski-Szmek
This means that callers can distiguish an error from flags==0, and don't have to special-case the empty string.
2016-12-17Merge pull request #4845 from poettering/various-smaller-fixesZbigniew Jędrzejewski-Szmek
Various smaller fixes
2016-12-17coredumpctl: let gdb handle the SIGINT signal (#4901)Franck Bui
Even if pressing Ctrl-c after spawning gdb with "coredumpctl gdb" is not really useful, we should let gdb handle the signal entirely otherwise the user can be suprised to see a different behavior when gdb is started by coredumpctl vs when it's started directly. Indeed in the former case, gdb exits due to coredumpctl being killed by the signal. So this patch makes coredumpctl ignore SIGINT as long as gdb is running.
2016-12-16calendarspec: remove superfluous variablesDouglas Christman
2016-12-16calendarspec: rename fields of CalendarComponentDouglas Christman
value/range_end -> start/stop
2016-12-16calendarspec: allow repetition values with rangesDouglas Christman
"Every other hour from 9 until 5" can be written as `9..17/2:00` instead of `9,11,13,15,17:00`
2016-12-16core: make mount units from /proc/self/mountinfo possibly bind to a device ↵Franck Bui
(#4515) Since commit 9d06297, mount units from mountinfo are not bound to their devices anymore (they use the "Requires" dependency instead). This has the following drawback: if a media is mounted and the eject button is pressed then the media is unconditionally ejected leaving some inconsistent states. Since udev is the component that is reacting (no matter if the device is used or not) to the eject button, users expect that udev at least try to unmount the media properly. This patch introduces a new property "SYSTEMD_MOUNT_DEVICE_BOUND". When set on a block device, all units that requires this device will see their "Requires" dependency upgraded to a "BindTo" one. This is currently only used by cdrom devices. This patch also gives the possibility to the user to restore the previous behavior that is bind a mount unit to a device. This is achieved by passing the "x-systemd.device-bound" option to mount(8). Please note that currently this is not working because libmount treats the x-* options has comments therefore they're not available in utab for later application retrievals.
2016-12-16bootctl: fix typo (#4897)Lucas Werkmeister
2016-12-16core: prevent invalid socket symlink target dereference (#4895)Stefan Hajnoczi
socket_find_symlink_target() returns a pointer to p->address.sockaddr.un.sun_path when the first byte is non-zero without checking that this is AF_UNIX socket. Since sockaddr is a union this byte could be non-zero for AF_INET sockets. Existing callers happen to be safe but is an accident waiting to happen. Use socket_address_get_path() since it checks for AF_UNIX.
2016-12-14calendarspec: free memory when parsing fails (#4890)Doug Christman
This prevents memory leaks on strings like `*~*-*`. Fixes #4887
2016-12-14util-lib: rework rename_process() to be able to make use of PR_SET_MM_ARG_STARTLennart Poettering
PR_SET_MM_ARG_START allows us to relatively cleanly implement process renaming. However, it's only available with privileges. Hence, let's try to make use of it, and if we can't fall back to the traditional way of overriding argv[0]. This removes size restrictions on the process name shown in argv[] at least for privileged processes.
2016-12-14sysv-generator: properly translate sysv facilitiesLennart Poettering
We used the wrong return value in one case, so that our translations were thrown away. While we are at it, make sure to always initialize *ret on successful function exits. Fixes: #4762
2016-12-14machinectl: make "machinectl -E … shell" workLennart Poettering
Fixes: #4823
2016-12-14journalctl: improve wording in an errors messageLennart Poettering
Fixes: #4660
2016-12-14nspawn: flush out environment block of the -a stub init processLennart Poettering
The container detection code in virt.c we ship checks for /proc/1/environ, looking for "container=" in it. Let's make sure our "-a" init stub exposes that correctly. Without this "systemd-detect-virt" run in a "-a" container won't detect that it is being run in a container.