| Age | Commit message (Collapse) | Author |
|---|
|
sendfile_full() by it
|
|
|
|
Our initrd interface specifies that the verb is in argv[1].
This is where systemd passes it to systemd-shutdown, but getopt
permutes argv[]. This confuses dracut's shutdown script:
Shutdown called with argument '--log-level'. Rebooting!
getopt can be convinced to not permute argv[] by having '-' as the first
character of optstring. Let's use it. This requires changing the way
non-option arguments (in our case, the verb) are processed.
This fixes a bug where the system would reboot instead of powering off.
|
|
|
|
|
|
The SELinux policy defines no context for some files. E.g.:
$ matchpathcon /run/lock/subsys /dev/mqueue
/run/lock/subsys <<none>>
/dev/mqueue <<none>>
We still need to be able to create them.
In this case selabel_lookup_raw() returns ENOENT. We should then skip
setfscreatecon(), but still return success.
It was broken since c34255bdb2 ("label: unify code to make directories,
symlinks").
|
|
|
|
Not all switch roots are like base_filesystem_create() wants them
to look like. They might even boot, if they are RO and don't have the FS
layout. Just ignore the error and switch_root nevertheless.
base_filesystem_create() should have logged, what went wrong.
|
|
We do this in the clean shutdown path in shutdown.c, hence we should do
is for "reboot -f", too.
|
|
We really don't want to get lost in adding fridge, car, plane, drone, or
whatever else, hence add a generic term "embedded" cover all the cases
where the computer is just part of something bigger, and not at the
focus of things.
|
|
Now that we only have one file with condition implementations around, we
can drop the -util suffix and simplify things a bit.
|
|
That way only one file with condition code remaining, in src/shared/,
rather than src/core/.
Next step: dropping the "-util" suffix from condition-util.[ch].
|
|
Yes, sometimes I develop OCD.
|
|
fatal for a start job if not met
|
|
|
|
|
|
|
|
Also, implement the negation check inside of condition_test() instead of
individually in each test function.
|
|
|
|
|
|
The initialization performed by systemd-vconsole-setup is reset
when changing console drivers (say from vgacon to fbcon), so we
need to run it in that case.
See
http://lists.freedesktop.org/archives/systemd-devel/2014-October/023919.html
http://lists.freedesktop.org/archives/systemd-devel/2014-October/024423.html
http://lists.freedesktop.org/archives/systemd-devel/2014-November/024881.html
This commit adds a udev rule to make systemd-vconsole-setup get run when
the fbcon device becomes available.
(david: moved into new file 90-vconsole.rules instead of 71-seats.rules;
build-failures are on me, not on Ray)
|
|
When used in an initramfs, it's expected that the hwdb.bin file is
not present (it makes for a very large initramfs otherwise).
While it's nice to tell the user about this, as it's not strictly
speaking an error we really shouldn't be so forceful in our
reporting.
|
|
|
|
unquote_first_word()
|
|
Thanks to Daniele Medri
|
|
|
|
subhierarchies
For priviliged units this resource control property ensures that the
processes have all controllers systemd manages enabled.
For unpriviliged services (those with User= set) this ensures that
access rights to the service cgroup is granted to the user in question,
to create further subgroups. Note that this only applies to the
name=systemd hierarchy though, as access to other controllers is not
safe for unpriviliged processes.
Delegate=yes should be set for container scopes where a systemd instance
inside the container shall manage the hierarchies below its own cgroup
and have access to all controllers.
Delegate=yes should also be set for user@.service, so that systemd
--user can run, controlling its own cgroup tree.
This commit changes machined, systemd-nspawn@.service and user@.service
to set this boolean, in order to ensure that container management will
just work, and the user systemd instance can run fine.
|
|
The compiler will do this for us.
|
|
|
|
|
|
Check return value of hashmap_ensure_allocated().
CID#1250807.
|
|
Explicitly check the length of the read.
Fixes CID#1250803.
|
|
Explicitly ignore return value of ioctl to set window size.
Fixes CID#1250804 and CID#1250800.
|
|
This mirrors code in dbus.c when creating the private socket and
avoids error messages like:
systemd[1353]: bind(/run/user/603/systemd/notify) failed: No such file or directory
systemd[1353]: Failed to fully start up daemon: No such file or directory
|
|
The metadata logic in kdbus has seen a rework, and the only mandatory
change we have to follow for now is that attach_flags in kdbus_cmd_hello
is now split into two parts, attach_flags_send and attach_flags_recv.
|
|
Lets recognize the fact that startswith() returns a pointer to the tail on
success. Use it instead of hard-coding string-lengths as magic constants.
|
|
|
|
Let's be strict here, since its better to be safe than sorry.
|
|
In kdbus a "server id" is mostly a misnomer, as there isn't any "server"
involved anymore. Let's rename this to "owner" id hence, since it is an
ID that is picked by the owner of a bus or direct connection. This
matches nicely the sd_bus_get_owner_creds() call we already have.
|
|
a) When getting the description return ENXIO if none is set
b) Allow setting a description to NULL
c) return ECHILD on fork() like for other calls
|
|
|
|
|
|
|
|
To mirror the recent name change of the concept for sd_bus objects,
follow the same logic for sd_event_source objects, too.
|
|
|
|
kdbus recently renamed this concept, and so should we in what we expose
in userspace.
|
|
Catch up with some changes in kdbus.h:
* KDBUS_{ITEM,ATTACH}_CONN_NAME were renamed to
KDBUS_{ITEM,ATTACH}_CONN_DESCRIPTION, so the term 'name' is not
overloaded as much.
* The item types were re-ordered a little so they are lined up to the
order of the corresponding KDBUS_ATTACH flags
* A new item type KDBUS_ITEM_OWNED_NAME was introduced, designated to
store a struct kdbus_name in item->name. KDBUS_ITEM_NAME soley
stores data in item->str now
* Some kerneldoc fixes
|
|
The barrier implementation tracks remote states internally. There is no
need to check the return value of any barrier_*() function if the caller
is not interested in the result. The barrier helpers only return the state
of the remote side, which is usually not interesting as later calls to
barrier_sync() will catch this, anyway.
Shut up coverity by explicitly ignoring return values of barrier_place()
if we're not interested in it.
|
|
Imagine a constructor like this:
int object_new(void **out) {
void *my_object;
int r;
...
r = ioctl(...);
if (r < 0)
return -errno;
...
*out = my_object;
return 0;
}
We have a lot of those in systemd. If you now call those, gcc might inline
the call and optimize it. However, gcc cannot know that "errno" is
negative if "r" is. Therefore, a caller like this will produce warnings:
r = object_new(&obj);
if (r < 0)
return r;
obj->xyz = "foobar";
In case the ioctl in the constructor fails, gcc might assume "errno" is 0
and thus the error-handling is not triggered. Therefore, "obj" is
uninitialized, but accessed. Gcc will warn about that.
The new negative_errno() helper can be used to mitigate those warnings.
The helper is guaranteed to return a negative integer. Furthermore, it
spills out runtime warnings if "errno" is non-negative.
Instead of returning "-errno", you can use:
return negative_errno();
gcc will no longer assume that this can return >=0, thus, it will not warn
about it.
Use this new helper in libsystemd-terminal to fix some grdev-drm warnings.
|
|
This macro exists for MIPS since v3.17:
https://git.kernel.org/cgit/linux/kernel/git/stable/linux-stable.git/commit/?id=42944521af97a3b25516f15f3149aec3779656dc
|
