summaryrefslogtreecommitdiff
path: root/src
AgeCommit message (Collapse)Author
2017-02-07dissect: make sure to manually follow symlinks when mounting dissected imageLennart Poettering
If the dissected image contains symlinks for the mount points we need we need to make sure to follow this with chase_symlinks() so that we don't leave the image.
2017-02-07core: actually make "+" prefix in ReadOnlyPaths=, InaccessiblePaths=, ↵Lennart Poettering
ReadWritablePaths= work 5327c910d2fc1ae91bd0b891be92b30379c7467b claimed to add support for "+" for prefixing paths with the configured RootDirectory=. But actually it only implemented it in the backend, it did not add support for it to the configuration file parsers. Fix that now.
2017-02-07core: add a per-unit setting MountAPIVFS= for mounting /dev, /proc, /sys in ↵Lennart Poettering
conjunction with RootDirectory= This adds a boolean unit file setting MountAPIVFS=. If set, the three main API VFS mounts will be mounted for the service. This only has an effect on RootDirectory=, which it makes a ton times more useful. (This is basically the /dev + /proc + /sys mounting code posted in the original #4727, but rebased on current git, and with the automatic logic replaced by explicit logic controlled by a unit file setting)
2017-02-07core: fix minor memleak in namespace.cLennart Poettering
The source_malloc field wants to be freed, too.
2017-02-07Merge pull request #5225 from poettering/seccomp-socketEvgeny Vereshchagin
make RestrictAddressFamilies= officially a NOP on i386
2017-02-06systemd-mount: add missing fsck argument (#5238)Lukas Rusak
2017-02-06seccomp: RestrictAddressFamilies= is not supported on i386/s390/s390x, make ↵Lennart Poettering
it a NOP See: #5215
2017-02-06Merge pull request #5237 from keszybz/explicit-bzeroLennart Poettering
Use `explicit_bzero`
2017-02-06cgls: look at the right variable in error path (#5234)Zbigniew Jędrzejewski-Szmek
CID #1370779.
2017-02-05journalctl: replace string_erase with memset('x')Zbigniew Jędrzejewski-Szmek
The compiler should not be able to optimize out the memset, because optarg is global memory. In this case, not making the argument an empty string is nicer, so just use an open-coded version of string_erase from before the explicit_bzero change.
2017-02-05treewide: replace homegrown memory_erase with explicit_bzeroZbigniew Jędrzejewski-Szmek
explicit_bzero was added in glibc 2.25. Make use of it. explicit_bzero is hardcoded to zero the memory, so string erase now truncates the string, instead of overwriting it with 'x'. This causes a visible difference only in the journalctl case.
2017-02-05resolved: downgrade "processing query..." message to debug (#5233)Felipe Sateler
It doesn't really add much value in normal operation and just spams the log.
2017-02-05Merge pull request #5223 from keszybz/root-workdirMartin Pitt
Fix WorkDir=~ with empty User=
2017-02-05build-sys,man: describe systemd-umount and hook it up to installation (#5227)Zbigniew Jędrzejewski-Szmek
2017-02-05seccomp: don't ever try to add an ABI before removing the default native ABI ↵Evgeny Vereshchagin
(#5230) https://github.com/systemd/systemd/issues/5215#issuecomment-277156262 libseccomp does not allow you to add architectures to a filter that doesn't match the byte ordering of the architectures already added to the filter (it would be a mess, not to mention largely pointless) and since systemd attempts to add an ABI before removing the default native ABI, you will always fail on Power (either due to ppc or ppc64le). The fix is to remove the native ABI before adding a new ABI so you don't run into problems with byte ordering. You would likely see the same failure on a MIPS system. Thanks @pcmoore!
2017-02-05core/timer: downgrade message about random time addition (#5229)Zbigniew Jędrzejewski-Szmek
This seems like something that shouldn't be higher then debug level, even if it does not get emitted too often. Fixes #5228.
2017-02-04Silence two "unused function af_lookup" warnings (#5222)Zbigniew Jędrzejewski-Szmek
Gcc7 is smarter about detecting unused functions and detects those two functions which are unused in tests. But gperf generates them for us, so let's instead of removing tell gcc that we know they might be unused in the test code. In file included from ../src/test/test-af-list.c:29:0: ./src/basic/af-from-name.h:140:1: warning: ‘lookup_af’ defined but not used [-Wunused-function] lookup_af (register const char *str, register size_t len) ^~~~~~~~~ In file included from ../src/test/test-arphrd-list.c:29:0: ./src/basic/arphrd-from-name.h:125:1: warning: ‘lookup_arphrd’ defined but not used [-Wunused-function] lookup_arphrd (register const char *str, register size_t len) ^~~~~~~~~~~~~
2017-02-04systemd-mount features and improvements (#5067)Lukas Rusak
systemd-mount --unmount /some/path systemd-mount --umount /some/path systemd-mount -u /some/path systemd-unmount /some/path all do the same thing that one could expect from the name.
2017-02-03Merge pull request #4973 from poettering/run-raceMartin Pitt
run: fix race for "systemd-run --wait"
2017-02-03core/execute: pass the username to utmp/wtmp databaseZbigniew Jędrzejewski-Szmek
Before previous commit, username would be NULL for root, and set only for other users. So the argument passed to utmp_put_init_process() would be "root" for other users and NULL for root. Seems strange. Instead, always pass the username if available.
2017-02-03core/execute: set HOME, USER also for root usersZbigniew Jędrzejewski-Szmek
This changes the environment for services running as root from: LANG=C.utf8 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin INVOCATION_ID=ffbdec203c69499a9b83199333e31555 JOURNAL_STREAM=8:1614518 to LANG=C.utf8 PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin HOME=/root LOGNAME=root USER=root SHELL=/bin/sh INVOCATION_ID=15a077963d7b4ca0b82c91dc6519f87c JOURNAL_STREAM=8:1616718 Making the environment special for the root user complicates things unnecessarily. This change simplifies both our logic (by making the setting of the variables unconditional), and should also simplify the logic in services (particularly scripts). Fixes #5124.
2017-02-03time-util: Fix overflow check introduce in commit f977849 (#5216)Benjamin Robin
2017-02-03run: exit early in --pty if service failedLennart Poettering
This reworks systemd-run so that in --pty mode we watch the unit state the way we do it in --wait mode. Whenever we notice that the service is in failed or inactive state finish right-away, but first write all unwritten characters we can read from the master TTY device. This makes sure that when the TTY service fails before it opens the slave PTY device we properly notice that and exit early, so that borked start parameters result in immediate systemd-run failure. Previously, we'd not notice this at all, as a PTY slave that never was opened won't result in POLLHUP events, and we'd hence simply keep reading from it forever. In essence, --pty now enables the same unit watching logic that --wait enables. However, unless --wait is specified we won#t show the final summary, hence the effective difference should be pretty minimal. Fixes: #3915
2017-02-03run: explicitly close pty forwarder before printing summaryLennart Poettering
If the PTY forwarder is still around our TTY will have borked settings, regarding newlines, hence explicitly close it before showing the summary, so that it looks pretty.
2017-02-03run: complain when --pty is used together with --no-block, which makes no senseLennart Poettering
2017-02-03sd-event: when an event source fails, don't assume the type of it is still setLennart Poettering
If a callback of an event source returns an error, then the event source might already be half-destroyed, if the callback dropped all refs. Hence, don't assume that the type is still valid, and save it before we issue the callback.
2017-02-03Merge pull request #5213 from keszybz/systemctl-root-catLennart Poettering
Two fixes to path lookup when --root is used
2017-02-02logind: Don't try to emit a change signal for the 'Sessions' property (#5211)afrantzis
The 'Sessions' property for both org.freedesktop.login1.User and org.freedesktop.login1.Seat is marked as EmitsChangedSignal(false). Trying to emit a change signal that includes the 'Sessions' property leads to the signal not being sent at all. Fixes #5210.
2017-02-02Merge pull request #5212 from poettering/time-rangeZbigniew Jędrzejewski-Szmek
time handling fixes
2017-02-02ptyfwd: set event source description strings for all event sources of a ↵Lennart Poettering
ptyfwd object
2017-02-02run: fix race for "systemd-run --wait"Lennart Poettering
D-Bus is inherently racy when a function returns an object path for a newly allocated object the client shall watch: as the object already exists before the client can subscribe to it, it might lose messages from it. Let's fix this, by explicitly querying unit properties right after subscribing to its property changes. Fixes: #4920
2017-02-02cgls: --machine= expects an argument, indicate that in log messagesLennart Poettering
We gnerally suffix file settings and cmdline options that expect ags with "=" to indicate that. Do so here, too.
2017-02-02time-util: add overflow checking to monotonic timestamp specificationsLennart Poettering
2017-02-02time-util: when formatting usec_t as raw integers use PRIu64Lennart Poettering
After all, usec_t is defined as uint64_t, and not as unsigned long long.
2017-02-02time-util: when converting to time_t do something useful in 2038Lennart Poettering
On systems where time_t is 32bit we should invalidate the timeval/timespec instead of proceeding with a potentially overflown value.
2017-02-02time-util: refuse formatting/parsing times that we can't storeLennart Poettering
usec_t is always 64bit, which means it can cover quite a number of years. However, 4 digit year display and glibc limitations around time_t limit what we can actually parse and format. Let's make this explicit, so that we never end up formatting dates we can#t parse and vice versa. Note that this is really just about formatting/parsing. Internal calculations with times outside of the formattable range are not affected.
2017-02-02time: time_t is signed, and mktime() is happy to return negative timeLennart Poettering
Passing a year such as 1960 to mktime() will result in a negative return value. This is quite confusing, as the man page claims that on failure the call will return -1... Given that our own usec_t type is unsigned, and we can't express times before 1970 hence, let's consider all negative times returned by mktime() as invalid, regardless if just -1, or anything else negative.
2017-02-02nspawn: shown exec() command is misleadingLennart Poettering
There's no point in updating exec_target for each binary we try to execute, if we override it right-away anyway... Let's just do this once, and include all binaries we try each time. Follow-up for 1a68e1e543fd8f899503bec00585a16ada296ef7.
2017-02-02systemctl: 'show' don't exit with a failure status if the requested property ↵Franck Bui
does not exist (#5201) "systemctl show -pUnknown <service>" used to exit with '0' even if the property passed by '-p' doesn't exist. But since commit 3dced37b7c2c9a5c733817 (v231+), it exits with a failure status. "systemctl show" is supposed to be scriptable and therefore its behavior is supposed to be stable. This patch restores the old behavior on which a couple of scripts already rely now. Also when the requested property doesn't exist, it always logs it at the debug level since this part of the code is only used by the show command. Fixes: #5118
2017-02-02systemctl: also use chase_symlinks for dropinsZbigniew Jędrzejewski-Szmek
The general rule is: - code in shared/ should take an "original_root" argument (possibly NULL) and pass it along down to chase_symlinks - code in core/ should always use specify original_root==NULL, since we don't support running the manager from non-root directory - code in systemctl and other tools should pass arg_root. For any code that is called from tools which support --root, chase_symlinks must be used to look up paths.
2017-02-02systemctl: do not prepend arg_root twice when catting unitsZbigniew Jędrzejewski-Szmek
The paths in lookup_paths already contain the arg_root prefix. Fixes #5190.
2017-02-02core/mount: remove repeated wordZbigniew Jędrzejewski-Szmek
2017-02-02Merge pull request #5204 from keszybz/masked-warning-cleanupLennart Poettering
Cleanup of error code mismatch for masked units
2017-02-02Merge pull request #5202 from keszybz/cgls-unitsLennart Poettering
systemd-cgls --unit --user-unit
2017-02-01Merge pull request #5203 from poettering/dotdotZbigniew Jędrzejewski-Szmek
trivial unification of checking for "." and ".." when iterating through directories...
2017-02-01cgls: allow --unit, --user-unit to take optional argumentZbigniew Jędrzejewski-Szmek
The following are all equivalent: --unit foo.service bar.service --unit=foo.service bar.service --unit=foo.service --unit=bar.service foo.service bar.service --unit Similarly for --user-unit. The only case that doesn't work well is when --unit and --user-unit are mixed: --unit=foo.service --user-unit=bar.service We'll treat both names as user units. I think this is OK.
2017-02-01cgls: add --user-unit to show user unitsZbigniew Jędrzejewski-Szmek
2017-02-01cgls: add --unit to show unitsZbigniew Jędrzejewski-Szmek
$ systemd-cgls -u systemd-journald.service machine.slice I opted for a "global" switch, instead of modifying the behaviour of just one argument. It seem to be a more useful setting, since usually one will want to query one or more units, and not mix unit names with paths. Closes #5156.
2017-02-01shared/cgroup-show: extract funtion to query unit cgroup pathZbigniew Jędrzejewski-Szmek
…and use it where possible.
2017-02-01cgtop: use common function to query cgroup rootZbigniew Jędrzejewski-Szmek
show_cgroup_get_root_and_warn is renamed to show_cgroup_get_path_and_warn because it now optionally allows querying a non-root path. This removes duplicated code and teaches cgtop to combine -M with a root prefix: $ systemd-cgtop -M myprecious /system.slice ...