summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2014-10-17systemd: try harder to bind to notify socketZbigniew Jędrzejewski-Szmek
Without the socket open we are going to crash and burn. If for whatever reason we fail during deserialization we will fail when trying to open the socket. In this case it is better to unlink the old socket and maybe lose some messages, than to continue without the notification socket. Of course this situation should not happen, but we should handle it as gracefully as possible anyway. https://bugzilla.redhat.com/show_bug.cgi?id=1099299
2014-10-17systemd: log deserialization errors as warningsZbigniew Jędrzejewski-Szmek
If we failed to parse something that we wrote ourselves, things are seriously off. This is also likely to lead to problems futher on.
2014-10-17systemd: continue switch-root even if umount failsZbigniew Jędrzejewski-Szmek
Leaving the old root around seems better than aborting the switch.
2014-10-17nspawn: fix DeviceAllow listDaniel Mack
Commit 864e17068 ("nspawn: actually allow access to /dev/net/tun in the container") added "/dev/net/tun" to the list of allowed devices but forgot to tweak the array length, which caused "/dev/kdbus/*" to be missed.
2014-10-17environment: append unit_id to error messages regarding EnvironmentFileLukas Nykryn
2014-10-17missing: remove fanotifyZbigniew Jędrzejewski-Szmek
It was only used in readahead.
2014-10-17execute: downgrade namespace error to "warning"Lennart Poettering
Also, extend the printed warning a bit, explaining the situation more verbosely.
2014-10-17namespace: add missing 'const' to parametersLennart Poettering
2014-10-17systemctl: by default interactively ask for polkit authorization, if possibleLennart Poettering
Also, allow using --no-ask-password to turn off ineractive polkit authorization.
2014-10-17execute: don't fail child when we don't have privileges to setup namespacesMichal Sekletar
If we don't have privileges to setup the namespaces then we are most likely running inside some sort of unprivileged container, hence not being able to create namespace is not a problem because spawned service can't access host system anyway.
2014-10-17Revert "sd-bus: sync kdbus.h (ABI break)"Kay Sievers
This reverts commit 1a2409e262da65a4b0ca8ab18fcf5eabd2d404ca. Support from the kdbus interface was removed. We require memfds to be supported by all clients.
2014-10-17resolve: add missing headerLukasz Skalski
Change-Id: I64f7c6b446f6d92057c35cc3d4e29bd2bad8f75b
2014-10-16terminal: log unsupported ANSI or DEC mode changesTom Gundersen
2014-10-16terminal: split ANSI from DEC mode changesTom Gundersen
2014-10-15selinux: fix potential double free crash in child processMichal Sekletar
Before returning from function we should reset ret to NULL, thus cleanup function is nop. Also context_str() returns pointer to a string containing context but not a copy, hence we must make copy it explicitly.
2014-10-15bus-proxyd: add missing flag translation for RequestNameLukasz Skalski
2014-10-14journal-remote: fix mem leak on errorZbigniew Jędrzejewski-Szmek
2014-10-14sd-bus: sync kdbus.h (ABI break)Daniel Mack
kdbus learned KDBUS_HELLO_ACCEPT_MEMFD as new connection negotiation flag. Set it by default in systemd for now.
2014-10-14bus-proxyd: improve compatibility with dbus-1Lukasz Skalski
'GetConnectionUnixProcessID', 'GetConnectionUnixUser' and 'GetConnectionSELinuxSecurityContext' methods should return 'NameHasNoOwner' error (if chosen name is not available on bus) with more detailed description - like dbus-1: Could not get PID of name 'org.freedesktop.test': no such name. Could not get UID of name 'org.freedesktop.test': no such name. Could not get security context of name 'org.freedesktop.test': no such name. Otherwise we have only laconic message without proper dbus error: Error System.Error.ENXIO: No such device or address
2014-10-14python-systemd: avoid hitting assert in __exit__Dave Reisner
Reader_close() asserts that 'args' is always NULL, but the __exit__ function forwards a non-NULL args.
2014-10-13resolved: apply label to /run/systemd/resolve/resolv.confZbigniew Jędrzejewski-Szmek
Under an SELinux system, we want the file that is created to have a proper context, different from the default for files in /run. This is so that the policy can give access to almost everyone to this file.
2014-10-13resolved: split out writing of resolv.confZbigniew Jędrzejewski-Szmek
manager_write_resolv_conf() is quite long anyway.
2014-10-13bus: check allow-interactive-auhtorization flag when doing polkitLennart Poettering
2014-10-13sd-bus: add support for new allow-interactive-authorization message header flagLennart Poettering
2014-10-13polkit: as we dropped support for the polkit bus transport, also drop its ↵Lennart Poettering
polkit policy
2014-10-13systemctl: when mangle unit names for the "isolate", suffix with ".target" ↵Lennart Poettering
rather than ".service" by default After all, we set AllowIsolate exclusively for target units so far, and this is more or less the only thing tht makes sense, hence also use ".target" as completion suffix by default.
2014-10-13systemctl: move unit action table closer to the functions that use themLennart Poettering
All other static tables we placed next to the functions that access them, so let's do this for the unit action table too.
2014-10-13fi-latin1 console keymap is no moreMarko Myllynen
http://git.altlinux.org/people/legion/packages/kbd.git?p=kbd.git;a=commitdiff;h=a88711232f3216debbb02d0171187442863ccedb
2014-10-13test-dhcp-client: add more assertsTom Gundersen
2014-10-12tmpfiles: compare return against correct errnoDave Reisner
name_to_handle_at returns -EOPNOTSUPP, not -ENOTSUP.
2014-10-12tests: fix some tests to pass in kojiZbigniew Jędrzejewski-Szmek
FAIL: test-engine ================= Cannot find cgroup mount point: No such file or directory Assertion 'r >= 0' failed at ../src/test/test-engine.c:46, function main(). Aborting. FAIL: test-sched-prio ===================== Cannot find cgroup mount point: No such file or directory Assertion 'r >= 0' failed at ../src/test/test-sched-prio.c:42, function main(). Aborting. FAIL: test-bus-cleanup ====================== Assertion 'sd_bus_open_system(&bus) >= 0' failed at ../src/libsystemd/sd-bus/test-bus-cleanup.c:40, function test_bus_open(). Aborting. after new: refcount 1
2014-10-12Set $NOTIFY_SOCKET for control procs if NotifyAccess=allBrandon L Black
2014-10-12ModernizationZbigniew Jędrzejewski-Szmek
2014-10-11terminal/grdrm: force deep modeset on enterDavid Herrmann
Usually, when our session is activated (or re-configurated) we should be able to try a page-flip to our buffer. The kernel driver should reject it if it is incompatible. As it turns out, drivers don't do this. Therefore, we now force a deep modeset if we're not sure what mode is set. This has the side-effect that we might get glitches on session-switches (depending on driver behavior). However, there's no way around this and it is what everyone does so far. Most drivers still detect if we keep the mode and so don't touch the clocks. Therefore, we just get a regular async flip.
2014-10-11sd-dhcp-client: support non-Ethernet hardware addressesDan Williams
Like Infiniband. See RFC 4390 section 2.1 for details on DHCP and Infiniband; chaddr is zeroed, hlen is set to 0, and htype is set to ARPHRD_INFINIBAND because IB hardware addresses are 20 bytes in length.
2014-10-11Report aa_change_onexec error codeMichael Scherer
Since aa_change_onexec return the error code in errno, and return -1, the current code do not give any useful information when something fail. This make apparmor easier to debug, as seen on https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760526
2014-10-10bus-proxyd: fix compatibility with old dbus-1Lukasz Skalski
'ListQueuedOwners' method should return 'NameHasNoOwner' error if chosen name is not available on bus.
2014-10-10mount-setup: skip relabelling when SELinux and SMACK not supportedEmil Renner Berthing
This is also the only place where FTW_ACTIONRETVAL is used, so this makes systemd compile without SELinux or SMACK support when the standard library doesn't support this extension.
2014-10-10fstab-generator: Honor mount.usr*= on kernel command lineTobias Hunger
This allows to configure boot loader entries for systems where the root and usr filesystems are in different subvolumes (or even on different drives).
2014-10-10kdbus: fix buffer overflow in bus_get_owner_kdbus() functionLukasz Skalski
Commit 710fc9779b7c (kdbus repo) introduced attaching items[] instead of name[] in kdbus_cmd_conn_info struct. Commit 581fe6c81 (systemd repo) caught up with this change, but item size was not properly calculated.
2014-10-10nspawn: actually allow access to /dev/net/tun in the containerLennart Poettering
It's not sufficient to just copy the device node over, we need to update the policy for it too.
2014-10-09systemctl: remove casts in formattingZbigniew Jędrzejewski-Szmek
2014-10-09journalctl: use pager for --list-bootsZbigniew Jędrzejewski-Szmek
2014-10-09sd-journal: fix sd_journal_enumerate_unique skipping valuesJan Janssen
sd_journal_enumerate_unique will lock its mmap window to prevent it from being released by calling mmap_cache_get with keep_always=true. This call may return windows that are wider, but compatible with the parameters provided to it. This can result in a mismatch where the window to be released cannot properly be selected, because we have more than one window matching the parameters of mmap_cache_release. Therefore, introduce a release_cookie to be used when releasing the window. https://bugs.freedesktop.org/show_bug.cgi?id=79380
2014-10-09sd-journal: change check to assertZbigniew Jędrzejewski-Szmek
As of 0f99f74a14 'sd-journal: verify that object start with the field name' this condition should never happen.
2014-10-09sd-journal: do not reset sd_j_enumerate_unique position on errorZbigniew Jędrzejewski-Szmek
systemctl would call sd_j_enumerate_unique() interleaved with sd_j_next(). But the latter can remove a file if it detects an error in it. In those circumstances sd_j_enumerate_unique would restart with the first file in hashmap. With many corrupted files sd_j_enumerate_unique might iterate over the list multiple times. Avoid this by jumping to the next file in unique list if possible, or setting a flag that tells sd_j_enumerate_unique that it is done otherwise.
2014-10-09service: enter SERVICE_STOP_SIGTERM state after getting "STOPPING=1"Michal Schmidt
SERVICE_STOP would mean we're running the ExecStop command. That's not the case with "STOPPING=1". Instead we should enter the same state as if we just told the service to stop, i.e. SERVICE_STOP_SIGTERM. This fixes a bug where voluntarily exiting services would hang around in deactivating state until timeout.
2014-10-09bus-proxy: allow getpeersec() to failDaniel Mack
getpeersec() will fail for non-SELinux enabled machines, so don't make that a hard error.
2014-10-09socket-proxyd: Unchecked return value from librarySusant Sahani
CID 1237543 (#1 of 1): Unchecked return value from library (CHECKED_RETURN)
2014-10-09sd-dhcp6-lease: Name the structure containing IAADDR dataPatrik Flykt
With this change the DHCP6_OPTION_IAADDR_LEN define can be removed in favor of using sizeof(). Using the name of the struct and sizeof() makes it clearer how much and what data is being copied from the DHCPv6 message.