summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2015-01-11Simplify execute_directory()Zbigniew Jędrzejewski-Szmek
Remove the optional sepearate opening of the directory, it would be just too complicated with the change to multiple directories. Move the middle of execute_directory() to a seperate function to make it easier to grok.
2015-01-11bus-proxy: implement 'at_console'David Herrmann
The 'at_console' policy-category allows to apply policy-items to clients depending on whether they're run from within a valid user-session or not. We use sd_uid_get_seats() to check whether a user has a valid seat (which excludes remote-sessions like ssh).
2015-01-11bus-proxy: print message direction in policy logsDavid Herrmann
Make sure to print "dbus-1 to kernel" or "kernel to dbus-1" in policy logs to better diagnose the situation.
2015-01-11bus-proxy: fix receiver policy on dbus-1 to kdbus signalsDavid Herrmann
If a dbus-1 client sends a broadcasted signal via the bus-proxy to kdbus, the bus-proxy has no idea who the receiver is. Classic dbus-daemon has bus-access and can perform policy checks for each receiver, but we cant. Instead, we know the kernel will perform receiver policy checks for broadcasts, so we can skip the policy check and just push it into the kernel. This fixes wpa_supplicant which has DENY rules on receive_type=signal for non-root. As we never know the target, we always DENY all broadcasts from wpa_supplicant. Note that will still perform receiver-policy checks for signals that we get from the kernel back to us. In those cases, we know the receiver (which is us).
2015-01-11bus-proxy: fix swapped path/interface debug messagesDavid Herrmann
The policy debug messages swapped "path=" and "interface=", fix this.
2015-01-11bus-proxy: fix policy for expected/non-expected reply tagsDavid Herrmann
dbus-1 distinguishes expected and non-expected replies. An expected reply is a reply that is sent as answer to a previously forwarded method-call before the timeout fires. Those replies are, by default, forwarded and DENY policy tags are ignored on them (unless explicitly stated otherwise). We don't track reply-windows in the bus-proxy as the kernel already does this. Furthermore, the kernel prohibits any non-expected replies (which breaks dbus-1, but it was an odd feature, anyway). Therefore, skip policy checks on replies and always let the kernel deal with it! To be correct, we should still process DENY tags marked as send_expected_reply=true (which is *NOT* the default!). However, so far we don't parse those attributes, and no-one really uses it, so lets not implement it for now. It's marked as TODO if anyone feels like fixing it.
2015-01-11log: fix log_full_errno() with custom facilitiesDavid Herrmann
Make sure to extract the log-priority when comparing against max-log-level, otherwise, we will always drop those messages. This fixes bus-proxyd to properly send warnings on policy blocks.
2015-01-10kdbus.h: updateKay Sievers
2015-01-09loginctl: make session/user arguments optional for a number commands, and ↵Lennart Poettering
imply calling session/user instead This turns "lock-session", "activate", "unlock-session", "enable-linger", "disable-linger" into commands that take no argument, optionally in which case the callers session/user is implied.
2015-01-09sd-bus: even if we need a cookie when sending a message there's no need to ↵Lennart Poettering
needlessly send it if we don't actually need it
2015-01-09bus-proxy: make sure we have creds when two legacy clients talk to each otherLennart Poettering
2015-01-09bus-proxy-test: show parsed system/session policyLennart Poettering
2015-01-09bus-proxy: eat up "*" matches, they are pointlessLennart Poettering
2015-01-09bus-proxy: dbus-daemon implies that connections from UIDs that are identical ↵Lennart Poettering
to the bus owner should be allowed Hence, copy this behaviour for bus-proxy too.
2015-01-09bus-proxyd: xml - consider empty tags as recvKay Sievers
2015-01-09bus-proxy: make sure sure eavesdrop= XML attributes are properly handledLennart Poettering
2015-01-09logind: unify how we cast between uid_t and pointers for hashmap keysLennart Poettering
2015-01-09logind: when a bus call is done on a session, user or seat, optionally ↵Lennart Poettering
determine them from the caller credentials More specifically, if an operation is requested on a session with an empty name, the caller's session is used. If an operation is requested on a seat with an empty name, the seat of the caller's session is used. Finally, if an operation on the user with UID -1 is requested, the user of the client's session is used (and not the UID of the client!).
2015-01-09logind: include "self" object links in dbus introspectionLennart Poettering
Makes "busctl introspect" a lot more fun.
2015-01-09loginctl: make "loginctl session-status" without session ID show the ↵Lennart Poettering
caller's session status Similar for user-status and seat-status.
2015-01-09core: modernize execution code a bitLennart Poettering
Among other things, avoid log_struct() unless we really need it. Also, use "r" as variable to store function errors in, instead of "err". "r" is pretty much what we use everywhere else, hence using the same here make sense. FInally, in the child, when we want to log, make sure to open the logging framework first, since it is explicitly closed in preparation for the exec().
2015-01-09journal: do not check for number of filesZbigniew Jędrzejewski-Szmek
Now that we bump rlimit, we do not really know how many files we can open. Remove the check. https://bugzilla.redhat.com/show_bug.cgi?id=1179980
2015-01-09systemctl: add missing output modes to help messageRonny Chevalier
2015-01-09bus: append bloom-filter to all signalsDavid Herrmann
Make sure to append bloom-filters to all signal-messages, not only broadcasts.
2015-01-08core: check both EPERM and EACCES for OOM adjustmentsLennart Poettering
2015-01-08core: make EPERM errors when applying OOM adjustment for forked processes ↵Lennart Poettering
non-fatal This should be useful for user namespaces.
2015-01-08loginctl: port to generic verbs.h APILennart Poettering
2015-01-08machined: when cloning a raw disk image, also set the NOCOW flagLennart Poettering
2015-01-08man: bring machinectl man page up-to-dateLennart Poettering
2015-01-08man: bring systemctl man page and --help text into the same orderLennart Poettering
2015-01-08systemctl,loginctl: start polkit agent for all polkit enabled operationsLennart Poettering
2015-01-08machinectl: given that machinectl invokes a number of polkit enabled ↵Lennart Poettering
methods, start the polkit agent on terminals
2015-01-08machinectl: show most recent log output in "machinectl status", tooLennart Poettering
2015-01-08loginctl: show the 10 most recent log user/session log lines in "loginctl ↵Lennart Poettering
user-status" and "loginctl session-status"
2015-01-08cryptsetup: support header= optionAndrey Chaser
https://bugs.freedesktop.org/show_bug.cgi?id=66396
2015-01-08test-verbs: add unit tests for verbs minilibDave Reisner
2015-01-08bus-proxyd: fix EPERM on repliesDavid Herrmann
Imagine a kdbus peer sending a method-call without EXPECT_REPLY set through the proxy to a dbus1 peer. The proxy turns the missing EXPECT_REPLY flag into a dbus1 NO_REPLY_EXPECTED flag. However, if the receipient ignores that flag (valid dbus1 behavior) and sends a reply, the proxy will try to forward it to the original peer. This will fail with EPERM as the kernel didn't track the reply. We have two options now: Either we ignore EPERM for reply messages, or we track reply-windows in the proxy so we can properly ignore replies if EXPECT_REPLY wasn't set. This commit chose the first option: ignore EPERM for replies. The only down-side is that replies without matching method call will no longer be forwarded by the proxy. This works on dbus1, though. Nobody sane does this, so lets ignore it.
2015-01-08bus-proxyd: optimize replies if they're not requestedDavid Herrmann
If a caller does not request a reply, dont send it. This skips message creation and speeds up NO_REPLY_EXPECTED cases. Note that sd-bus still handles this case internally, but if we handle it in bus-proxyd, we can skip the whole message creation step.
2015-01-08bus-proxy: augment credentials from /proc for cmdline updateDavid Herrmann
dbus1 does not provide cmdline, so we have to augment our credentials from /proc to beautify the bus-proxyd cmdline. We dont use this for anything but beautification, so there shouldn't be any problems due to /proc pid-recycling races. This fixes bus-proxyd to no longer display 'xxxxxxxxxxxxxxxxxxxxxxxxxxx' in its cmdline.
2015-01-08nspawn: fix error message when mknod failsTom Gundersen
2015-01-08path-util: plug leakTom Gundersen
2015-01-08dbus1-generator: fix array sentinalDavid Herrmann
Add a {} sentinal entry so the config-iterator can properly iterate all array elements. Fixes a segfault in the dbus1-generator.
2015-01-08sd-bus: fix copy-paste errorLukasz Skalski
2015-01-08journal: bump RLIMIT_NOFILE when journal files to 16K (if possible)Lennart Poettering
When there are a lot of split out journal files, we might run out of fds quicker then we want. Hence: bump RLIMIT_NOFILE to 16K if possible. Do these even for journalctl. On Fedora the soft RLIMIT_NOFILE is at 1K, the hard at 4K by default for normal user processes, this code hence bumps this up for users to 4K. https://bugzilla.redhat.com/show_bug.cgi?id=1179980
2015-01-08udevadm: don't hit an assert when obsolete parameters are passedLennart Poettering
https://bugzilla.redhat.com/show_bug.cgi?id=1178051
2015-01-08util: make it easy to initialize the crtime from the current time in ↵Lennart Poettering
fd_setcrtime()
2015-01-08import: also set NOCOW for gpt disk imagesLennart Poettering
Given the write patterns on disk images, we better should turn COW off for them. In particular as the file systems used inside the disk images should do their own data integrity checks anyway and we don't need multiple layers of it.
2015-01-08journald: turn off COW for journal files on btrfsLennart Poettering
btrfs' COW logic results in heavily fragment journal files, which is detrimental for perfomance. Hence, turn off COW for journal files as we create them. Turning off COW comes at the cost of data integrity guarantees, but this should be acceptable, given that we do our own checksumming, and generally have a pretty conservative write pattern. Also see discussion on linux-btrfs: http://www.spinics.net/lists/linux-btrfs/msg41001.html
2015-01-07util: upgrade default $TERM from vt102 to vt220 if we have no idea about the ↵Lennart Poettering
connected terminal So far, if we had no knowledge about the correct $TERM we defaulted to v102, as a safe, conservative choice. However, the terminfo data for vt102 is not aware of pageup/pagedown, which makes "less" much harder work with than necessary. Setting vt220 allows them to work correctly. "vt220" should be a sufficiently safe choice too, given that xterm, gnome-terminal and the linux console all strive to implement vt220 as baseline, already to pass pageup/pagedown correctly to apps. Effectively, with this change "journalctl -e" run inside a "systemd-nspawn" terminal will now run a pager where pageup/pagedown works, which is quite an improvement of usability for containers.
2015-01-07bus-util: fix error number output when waiting for jobLennart Poettering