Age | Commit message (Collapse) | Author |
|
Fix for 4beac74e69.
Thanks, Ronny!
|
|
When selinux calls our callback with a log message, it specifies the
type as AVC or INFO/WARNING/ERROR. The question is how to map this to
audit types and/or log priorities. SELINUX_AVC maps to AUDIT_USER_AVC
reasonably, but for the other messages we have no idea, hence we use
AUDIT_USER_AVC for everything. When not using audit logging, we can
map those selinux levels to LOG_INFO/WARNING/ERROR etc.
Also update comment which was not valid anymore in light of journald
sucking in audit logs, and was actually wrong from the beginning —
libselinux uses the callback for everything, not just avcs.
This stemmed out of https://bugzilla.redhat.com/show_bug.cgi?id=1195330,
but does not solve it.
|
|
We actually only use the journal when showing status. Move setrlimit call
so it is only called for status.
https://bugzilla.redhat.com/show_bug.cgi?id=1184712
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
https://bugs.freedesktop.org/show_bug.cgi?id=89885
|
|
The Trust TB7300 (relabelled Waltop?) tablet has a scrollwheel which shows
up as a /dev/input/event# node all by itself. Currently input_id does not
set any ID_INPUT_FOO attr on this causing it it to not be recognized by
Xorg / libinput.
This commit fixes this by marking it with ID_INPUT_KEY.
Reported-by: Sjoerd Timmer <themba@randomdata.nl>
|
|
Make test_pointer / test_keys return a boolean indicating whether or not
they've set any properties on the device.
|
|
Remove whitespaces before opening parentheses, mostly before test_bit.
|
|
shuts up valgrind/sanitizers
|
|
access modes or ownership
|
|
CID #996297.
|
|
This shouldn't really fail and anyway not much we can do about it.
CID #996292, #996294, #996295.
|
|
CID #996284.
|
|
|
|
|
|
This code appears to follow the following convention:
- all errors are logged at point of origin
- oom errors abort execution, non-oom errors are logged but
execution continues.
Make sure all ooms result in a log message, and remove warning which could
not be reached. Downgrade non-fatal errors to warnings.
|
|
No functional change intended. Just splitting this out to make
it easier to edit in the future.
|
|
compuler figure that out...
|
|
|
|
A stateless system has a tmpfs as root file system. That obviously
does not have any block device associated with it. So try falling back
to the device of the /usr filesystem if the root filesystem fails.
|
|
Just a couple of trivial oversights.
|
|
/boot does not exist on a stateless system, so do not get
confused by that.
|
|
We are talking about one member of a group of things (resource limits, signals,
timeouts), without specifying which one. An indenfinite article is in order.
When we are talking about the control process, it's a specific one, so the
definite article is used.
|
|
Followup for 7a03974a6f.
|
|
- No need to add "Error, " prefix, we already have that as metadata.
- Also use double quotes for path names, as in most other places.
- Remove stray newline at end of message.
- Downgrade error messages after which we continue to warnings.
|
|
|
|
|
|
Whenever we provide a bus API that allows clients to create and manage
server-side objects, we need to provide a unique name for these objects.
There are two ways to provide them:
1) Let the server choose a name and return it as method reply.
2) Let the client pass its name of choice in the method arguments.
The first method is the easiest one to implement. However, it suffers from
a race condition: If a client creates an object asynchronously, it cannot
destroy that object until it received the method reply. It cannot know the
name of the new object, thus, it cannot destroy it. Furthermore, this
method enforces a round-trip. If the client _depends_ on the method call
to succeed (eg., it would close() the connection if it failed), the client
usually has no reason to wait for the method reply. Instead, the client
can immediately schedule further method calls on the newly created object
(in case the API guarantees in-order method-call handling).
The second method fixes both problems: The client passes an object name
with the method-call. The server uses it to create the object. Therefore,
the client can schedule object destruction even if the object-creation
hasn't finished, yet (again, requiring in-order method-call handling).
Furthermore, the client can schedule further method calls on the newly
created object, before the constructor returned.
There're two problems to solve, though:
1) Object names are usually defined via dbus object paths, which are
usually globally namespaced. Therefore, multiple clients must be able
to choose unique object names without interference.
2) If multiple libraries share the same bus connection, they must be
able to choose unique object names without interference.
The first problem is solved easily by prefixing a name with the
unique-bus-name of a connection. The server side must enforce this and
reject any other name.
The second problem is solved by providing unique suffixes from within
sd-bus. As long as sd-bus always returns a fresh new ID, if requested,
multiple libraries will never interfere. This implementation re-uses
bus->cookie as ID generator, which already provides unique IDs for each
bus connection.
This patch introduces two new helpers:
bus_path_encode_unique(sd_bus *bus,
const char *prefix,
const char *sender_id,
const char *external_id,
char **ret_path);
This creates a new object-path via the template
'/prefix/sender_id/external_id'. That is, it appends two new labels to
the given prefix. If 'sender_id' is NULL, it will use
bus->unique_name, if 'external_id' is NULL, it will allocate a fresh,
unique cookie from bus->cookie.
bus_path_decode_unique(const char *path,
const char *prefix,
char **ret_sender,
char **ret_external);
This reverses what bus_path_encode_unique() did. It parses 'path' from
the template '/prefix/sender/external' and returns both suffix-labels
in 'ret_sender' and 'ret_external'. In case the template does not
match, 0 is returned and both output arguments are set to NULL.
Otherwise, 1 is returned and the output arguments contain the decoded
labels.
Note: Client-side allocated IDs are inspired by the Wayland protocol
(which itself was inspired by X11). Wayland uses those IDs heavily
to avoid round-trips. Clients can create server-side objects and
send method calls without any round-trip and waiting for any object
IDs to be returned. But unlike Wayland, DBus uses gobally namespaced
object names. Therefore, we have to add the extra step by adding the
unique-name of the bus connection.
|
|
This is like bus_label_unescape() but takes a maximum length instead of
relying on NULL-terminated strings. This is highly useful to unescape
labels that are not at the end of a path.
|
|
We _always_ return NULL from destructors to allow direct assignments to
the variable holding the object. Especially on hashmaps, which treat NULL
as empty hashmap, this is pretty neat.
|
|
udev uses inotify to implement a scheme where when the user closes
a writable device node, a change uevent is forcefully generated.
In the case of block devices, it actually requests a partition rescan.
This currently can't be synchronized with "udevadm settle", i.e. this
is not reliable in a script:
sfdisk --change-id /dev/sda 1 81
udevadm settle
mount /dev/sda1 /foo
The settle call doesn't synchronize there, so at the same time we try
to mount the device, udevd is busy removing the partition device nodes and
readding them again. The mount call often happens in that moment where the
partition node has been removed but not readded yet.
This exact issue was fixed long ago:
http://git.kernel.org/cgit/linux/hotplug/udev.git/commit/?id=bb38678e3ccc02bcd970ccde3d8166a40edf92d3
but that fix is no longer valid now that sequence numbers are no longer
used.
Fix this by forcing another mainloop iteration after handling inotify events
before unblocking settle. If the inotify event caused us to generate a
"change" event, we'll pick that up in the following loop iteration, before
we reach the end of the loop where we respond to settle's control message,
unblocking it.
|
|
Commit 9ea28c55a2 (udev: remove seqnum API and all assumptions about
seqnums) introduced a regresion, ignoring the timeout option when
waiting until the event queue is empty.
Previously, if the udev event queue was not empty when the timeout was
expired, udevadm settle was returning with exit code 1. To check if the
queue is empty, you could invoke udevadm settle with timeout=0. This
patch restores the previous behavior.
(David: fixed timeout==0 handling and dropped redundant assignment)
|
|
|
|
|
|
Parse properties in the form
EVDEV_ABS_00="<min>:<max>:<res>:<fuzz>:<flat>"
and apply them to the kernel device. Future processes that open that device
will see the updated EV_ABS range.
This is particularly useful for touchpads that don't provide a resolution in
the kernel driver but can be fixed up through hwdb entries (e.g. bcm5974).
All values in the property are optional, e.g. a string of "::45" is valid to
set the resolution to 45.
The order intentionally orders resolution before fuzz and flat despite it
being the last element in the absinfo struct. The use-case for setting
fuzz/flat is almost non-existent, resolution is probably the most common case
we'll need.
To avoid multiple hwdb invocations for the same device, replace the
hwdb "keyboard:" prefix with "evdev:" and drop the separate 60-keyboard.rules
file. The new 60-evdev.rules is called for all event nodes
anyway, we don't need a separate rules file and second callout to the hwdb
builtin.
|
|
No functional changes, just to make the next patch easier to review
|
|
No changes in the mapping, but previously we opened the device only on
successful parsing. Now we open the mapping as soon as we have a value that
looks interesting. Since errors are supposed to be the exception, not the
rule, this is probably fine.
|
|
Rather than building a map and looping through the map, immediately call the
ioctl when we have a successfully parsed property.
This has a side-effect: before the maximum number of ioctls was limited to the
size of the map (1024), now it is unlimited.
|
|
No point parsing the properties if we can't get the devnode to apply them
later. Plus, this makes future additions easier to slot in.
|
|
|
|
|
|
|
|
|
|
|