summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2015-09-06sd-event: fix call to event_make_signal_dataThomas Hindoe Paaboel Andersen
This looks like a typo from commit 9da4cb2b where it was added.
2015-09-06Merge pull request #1153 from evverx/dot-alias-handlingLennart Poettering
analyze: add "alias" handling to dot subcommand
2015-09-06analyze: add "alias" handling to dot subcommandEvgeny Vereshchagin
`systemd-analyze dot default.target` works fine
2015-09-06Merge pull request #1159 from AnchorCat/polkit-details/v2Lennart Poettering
Provide unit name and operation in manage-units polkit checks (v2)
2015-09-06Merge pull request #1162 from dvdhrm/bus-recursive-nodesLennart Poettering
sd-bus: make introspection data non-recursive
2015-09-05sd-bus: make introspection data non-recursiveDavid Herrmann
Currently, our introspection data looks like this: <node> <interface name="org.freedesktop.DBus.Peer"> ... </interface> <interface name="org.freedesktop.DBus.Introspectable"> ... </interface> <interface name="org.freedesktop.DBus.Properties"> ... </interface> <node name="org"/> <node name="org/freedesktop"/> <node name="org/freedesktop/login1"/> <node name="org/freedesktop/login1/user"/> <node name="org/freedesktop/login1/user/self"/> <node name="org/freedesktop/login1/user/_1000"/> <node name="org/freedesktop/login1/seat"/> <node name="org/freedesktop/login1/seat/self"/> <node name="org/freedesktop/login1/seat/seat0"/> <node name="org/freedesktop/login1/session"/> <node name="org/freedesktop/login1/session/self"/> <node name="org/freedesktop/login1/session/c1"/> </node> (ordered alphabetically for better visibility) This is grossly incorrect. The spec says that we're allowed to return non-directed children, however, it does not allow us to return data recursively in multiple parents. If we return "org", then we must not return anything else that starts with "org/". It is unclear, whether we can include child-nodes as a tree. Moreover, it is usually not what the caller wants. Hence, this patch changes sd-bus to never return introspection data recursively. Instead, only a single child-layer is returned. This patch relies on enumerators to never return hierarchies. If someone registers an enumerator via sd_bus_add_enumerator, they better register sub-enumerators if they support *TRUE* hierarchies. Each enumerator is treated as a single layer and not filtered. Enumerators are still allowed to return nested data. However, that data is still required to be a single hierarchy. For instance, returning "/org/foo" and "/com/bar" is fine, but including "/com" or "/org" in that dataset is not. This should be the default for enumerators and I see no reason to filter in sd-bus. Moreover, filtering that data-set would require to sort the strv by path and then do prefix-filtering. This is O(n log n), which would be fine, but still better to avoid. Fixes #664.
2015-09-05sd-bus: derive uid from cgroup if possibleDavid Herrmann
Whenever we run in a user context, sd_bus_{default_user,open_user}() and friends should always connect to the user-bus of the current context, instead of deriving the uid from getuid(). This allows us running programs via sudo/su, without the nasty side-effect of accidentally connecting to the root user-bus. This patch enforces the idea of making su/sudo *not* opening sessions by default. That is, all they do is raising privileges, but keeping everything set as before. You can still use su/sudo to open real sessions by requesting a login-session (or loading pam_systemd otherwise). However, in this case XDG_RUNTIME_DIR= will not be set (as usual in these cases), hence, you will not be able to connect to *any* user-bus. Long story short: With this patch applied, both: - ./busctl --user - sudo ./busctl --user ..will successfully connect to the user-bus of the local user. Fixes #390.
2015-09-06core: pass details to polkit for some unit actionsMichael Chapman
The following details are passed: - unit: the primary name of the unit upon which the action was invoked (i.e. after resolving any aliases); - verb: one of 'start', 'stop', 'reload', 'restart', 'try-restart', 'reload-or-restart', 'reload-or-try-restart', 'kill', 'reset-failed', or 'set-property', corresponding to the systemctl verb used to invoke the action. Typical use of these details in a polkit policy rule might be: // Allow alice to manage example.service; // fall back to implicit authorization otherwise. polkit.addRule(function(action, subject) { if (action.id == "org.freedesktop.systemd1.manage-units" && action.lookup("unit") == "example.service" && subject.user == "alice") { return polkit.Result.YES; } }); We also supply a custom polkit message that includes the unit's name and the requested operation.
2015-09-06bus-util: support details in CheckAuthorization callsMichael Chapman
Extra details for an action can be supplied when calling polkit's CheckAuthorization method. Details are a list of key/value string pairs. Custom policy can use these details when making authorization decisions.
2015-09-05Merge pull request #1140 from poettering/sd-event-signalsDavid Herrmann
A variety of sd-event, sd-login and cgroup fixes
2015-09-05sd-login: minor header commenting improvementsLennart Poettering
2015-09-05sd-login: add new sd_pid_get_cgroup() APILennart Poettering
This adds a new sd_pid_get_cgroup() call to sd-login which may be used to query the control path of a process. This is useful for programs when making use of delegation units, in order to figure out which subtree has been delegated. In light of the unified control group hierarchy this is finally safe to do, hence let's add a proper API for it, to make it easier to use this.
2015-09-05Merge pull request #1157 from dvdhrm/logind-wallfixDaniel Mack
login: fix NULL-deref on wall_message
2015-09-05login: fix NULL-deref on wall_messageDavid Herrmann
We treat an empty wall-message equal to a NULL wall-message since: commit 5744f59a3ee883ef3a78214bd5236157acdc35ba Author: Lennart Poettering <lennart@poettering.net> Date: Fri Sep 4 10:34:47 2015 +0200 logind: treat an empty wall message like a NULL one Fix the shutdown scheduler to not deref a NULL pointer, but properly check for an empty wall-message. Fixes: #1120
2015-09-05Merge pull request #1149 from martinpitt/fix-dhcp-error-codesLennart Poettering
networkd: adjust error codes for nonexisting DHCP data
2015-09-04networkd: adjust error codes for nonexisting DHCP dataMartin Pitt
Commit 0339cd770 changed libsystemd-network's error code for missing DHCP lease data from ENOENT to ENODATA. Adjust networkd accordingly. This fixes interfaces being stuck in "degraded/configuring" mode forever. https://github.com/systemd/systemd/issues/1147
2015-09-04tests: Skip tests which need to access /sys/fs/cgroup if that is not availableMartin Pitt
Commit efdb023 ("core: unified cgroup hierarchy support") introduced a new error ENOEXEC in cg_unified() if /sys/fs/cgroup/ is not available. Adjust the "skip" checks in various tests accordingly. Add a corresponding "skip" check to test-bus-creds as well, as sd_bus_creds_new_from_pid() now calls cg_unified() as well. This re-fixes "make check" in build chroots without /sys/fs/cgroup. https://github.com/systemd/systemd/issues/1132
2015-09-04logind: when parsing a boolean via sd-bus the type must be "int"Lennart Poettering
And not bool.
2015-09-04logind: treat an empty wall message like a NULL oneLennart Poettering
2015-09-04cgroups: delegation to unprivileged services is safe in the unified hierarchyLennart Poettering
Delegation to unpriviliged processes is safe in the unified hierarchy, hence allow it. This has the benefit of permitting "systemd --user" instances to further partition their resources between user services.
2015-09-04sd-login: rework error handlingLennart Poettering
Makre sure we always return sensible errors for the various, following the same rules, and document them in a comment in sd-login.c. Also, update all relevant man pages accordingly.
2015-09-04sd-event: make sure RT signals are not droppedLennart Poettering
RT signals operate in a queue, and we should be careful to never merge two queued signals into one. Hence, makes sure we only ever dequeue a single signal at a time and leave the remaining ones queued in the signalfd. In order to implement correct priorities for the signals introduce one signalfd per priority, so that we only process the highest priority signal at a time.
2015-09-04test: add one more test case for parse_pid()Lennart Poettering
2015-09-04nspawn: enable all controllers we can for the "payload" subcgroup we createLennart Poettering
In the unified hierarchy delegating controller access is safe, hence make sure to enable all controllers for the "payload" subcgroup if we create it, so that the container will have all controllers enabled the nspawn service itself has.
2015-09-04cgroup: always read the supported controllers from the root cgroup of the ↵Lennart Poettering
local container Otherwise we might end up thinking that we support more controllers than actually enabled for the container we are running in.
2015-09-04cgroup: fix potential access of uninitialized variableLennart Poettering
2015-09-04cgroup-util: make cg_pid_get_path() return -ENODATA when controller can't be ↵Lennart Poettering
found If the controller managed by systemd cannot found in /proc/$PID/cgroup, return ENODATA, the usual error for cases where the data being looked for does not exist, even if the process does.
2015-09-04cgroup: fix potential bad memory accessLennart Poettering
2015-09-04cgroup: make sure cg_is_empty_recursive() returns 1 for non-existing cgroupsLennart Poettering
Previously, on the legacy hierarchy a non-existing cgroup was considered identical to an empty one, but the unified hierarchy the check for a non-existing one returned ENOENT.
2015-09-04cgroup: when comparing agent paths, use path_equal()Lennart Poettering
After all a path is a path is a path and we should use path_equal() to comapre those.
2015-09-04audit: audit calls should return ENODATA when process are not in an audit ↵Lennart Poettering
session ENODATA is how we usually indicate such "missing info" cases, so we should do this here, too.
2015-09-04util: document why parse_uid() returns ENXIOLennart Poettering
parse_uid() returns EINVAL for invalid strings, but ENXIO for the (uid_t) -1 user ids in order to distinguish these two cases. Document this.
2015-09-04core: split up manager_get_unit_by_pid()Lennart Poettering
Let's move the actual cgroup part of it into a new separate function manager_get_unit_by_pid_cgroup(), and then make manager_get_unit_by_pid() just a wrapper that also checks the two pid hashmaps. Then, let's make sure the various calls that want to deliver events to the owners of a PID check both hashmaps and the cgroup and deliver the event to *each* of them. OTOH make sure bus calls like GetUnitByPID() continue to check the PID hashmaps first and the cgroup only as fallback.
2015-09-04cgroup: move controller to dirname translation into join_path_legacy()Lennart Poettering
Let's simplify things a bit.
2015-09-04util: add new uid_is_valid() callLennart Poettering
This simply factors out the uid validation checks from parse_uid() and uses them everywhere. This simply verifies that the passed UID is neither 64bit -1 nor 32bit -1.
2015-09-04macro: introduce new PID_TO_PTR macros and make use of themLennart Poettering
This adds a new PID_TO_PTR() macro, plus PTR_TO_PID() and makes use of it wherever we maintain processes in a hash table. Previously we sometimes used LONG_TO_PTR() and other times ULONG_TO_PTR() for that, hence let's make this more explicit and clean up things.
2015-09-03udev: ignore ENOEXEC from cgroup lookupDavid Herrmann
The recent cgroup-rework changed the error code for un-mounted cgroupfs to ENOEXEC. Make sure udev ignores it just like ENOENT and does not spill warnings on the screen.
2015-09-03cg_get_path: Removed unreachable statementreverendhomer
controller cannot be NULL because if-statement in L509 has return Coverity #1322379
2015-09-03Merge pull request #1123 from phomes/scope-no-bool-vs-intLennart Poettering
scope: do not compare a bool return with "<= 0"
2015-09-02tree-wide: fix indentationThomas Hindoe Paaboel Andersen
2015-09-02scope: do not compare a bool return with "<= 0"Thomas Hindoe Paaboel Andersen
2015-09-02Merge pull request #1119 from teg/virtio-namesKay Sievers
udev: net_id - support predictable ifnames on virtio buses
2015-09-02udev: net_id - support predictable ifnames on virtio busesTom Gundersen
Virtio buses are undeterministically enumerated, so we cannot use them as a basis for deterministic naming (see bf81e792f3c0). However, we are guaranteed that there is only ever one virtio bus for every parent device, so we can simply skip over the virtio buses when naming the devices.
2015-09-02Merge pull request #1116 from poettering/unified-rebasedLennart Poettering
core: unified cgroup hierarchy support
2015-09-02Merge pull request #1112 from poettering/sd-bus-container-fixesDavid Herrmann
machined and sd-bus container fixes
2015-09-02virt: detect parallels virtualizationEvgeny Vereshchagin
inspired by http://people.redhat.com/~rjones/virt-what/ see: * http://git.annexia.org/?p=virt-what.git;a=blob;f=virt-what.in;h=a5ed33ef3e4bfa3281c9589eccac4d92dff1babe;hb=HEAD#l200 * http://git.annexia.org/?p=virt-what.git;a=blob;f=virt-what.in;h=a5ed33ef3e4bfa3281c9589eccac4d92dff1babe;hb=HEAD#l253
2015-09-01core: unified cgroup hierarchy supportLennart Poettering
This patch set adds full support the new unified cgroup hierarchy logic of modern kernels. A new kernel command line option "systemd.unified_cgroup_hierarchy=1" is added. If specified the unified hierarchy is mounted to /sys/fs/cgroup instead of a tmpfs. No further hierarchies are mounted. The kernel command line option defaults to off. We can turn it on by default as soon as the kernel's APIs regarding this are stabilized (but even then downstream distros might want to turn this off, as this will break any tools that access cgroupfs directly). It is possibly to choose for each boot individually whether the unified or the legacy hierarchy is used. nspawn will by default provide the legacy hierarchy to containers if the host is using it, and the unified otherwise. However it is possible to run containers with the unified hierarchy on a legacy host and vice versa, by setting the $UNIFIED_CGROUP_HIERARCHY environment variable for nspawn to 1 or 0, respectively. The unified hierarchy provides reliable cgroup empty notifications for the first time, via inotify. To make use of this we maintain one manager-wide inotify fd, and each cgroup to it. This patch also removes cg_delete() which is unused now. On kernel 4.2 only the "memory" controller is compatible with the unified hierarchy, hence that's the only controller systemd exposes when booted in unified heirarchy mode. This introduces a new enum for enumerating supported controllers, plus a related enum for the mask bits mapping to it. The core is changed to make use of this everywhere. This moves PID 1 into a new "init.scope" implicit scope unit in the root slice. This is necessary since on the unified hierarchy cgroups may either contain subgroups or processes but not both. PID 1 hence has to move out of the root cgroup (strictly speaking the root cgroup is the only one where processes and subgroups are still allowed, but in order to support containers nicey, we move PID 1 into the new scope in all cases.) This new unit is also used on legacy hierarchy setups. It's actually pretty useful on all systems, as it can then be used to filter journal messages coming from PID 1, and so on. The root slice ("-.slice") is now implicitly created and started (and does not require a unit file on disk anymore), since that's where "init.scope" is located and the slice needs to be started before the scope can. To check whether we are in unified or legacy hierarchy mode we use statfs() on /sys/fs/cgroup. If the .f_type field reports tmpfs we are in legacy mode, if it reports cgroupfs we are in unified mode. This patch set carefuly makes sure that cgls and cgtop continue to work as desired. When invoking nspawn as a service it will implicitly create two subcgroups in the cgroup it is using, one to move the nspawn process into, the other to move the actual container processes into. This is done because of the requirement that cgroups may either contain processes or other subgroups.
2015-09-01Merge pull request #1098 from filbranden/cpuaffinity2Lennart Poettering
Getting rid of FOREACH_WORD_QUOTED and some more cleanup in config_parse_cpu_affinity2
2015-09-01Merge pull request #1107 from msekletar/selinux-get-raw-contextLennart Poettering
selinux: always use *_raw API from libselinux
2015-09-01sd-bus: when connecting to a container, don't fall back to host busLennart Poettering
We should never connect to the host bus as fallback if connecting to a container failed via one method. Otherwise connecting to a dbus1 container will always result in a connection to the host.