| Age | Commit message (Collapse) | Author |
|---|
|
and so on
Fixes: #2860
|
|
chase_symlinks() currently expects a fully qualified, absolute path, relative
to the host's root as first argument. Which is useful in many ways, and similar
to the paths unlink(), rename(), open(), … expect. Sometimes it's however
useful to first prefix the specified path with the specified root directory.
Add a new call chase_symlinks_prefix() for this, that is a simple wrapper.
|
|
|
|
|
|
--directory=
As suggested in PR #3667.
This PR simply ensures that --template= can be used as alternative to
--directory= when --ephemeral is used, following the logic that for ephemeral
options the source directory is actually a template.
This does not deprecate usage of --directory= with --ephemeral, as I am not
convinced the old logic wouldn't make sense.
Fixes: #3667
|
|
This resolves any paths specified on --directory=, --template=, and --image=
before using them. This makes sure nspawn can be used correctly on symlinked
images and directory trees.
Fixes: #2001
|
|
Let's use chase_symlinks() everywhere, and stop using GNU
canonicalize_file_name() everywhere. For most cases this should not change
behaviour, however increase exposure of our function to get better tested. Most
importantly in a few cases (most notably nspawn) it can take the correct root
directory into account when chasing symlinks.
|
|
We generally try to make our destructors robust regarding NULL pointers, much
in the same way as glibc's free(). Do this also for unit_free().
Follow-up for #4748.
|
|
|
|
fclose() can also set errno, so the attempts to protect errno that the
code made were not successful. Simplify things by immediately saving
errno to r.
|
|
We have only two callers, and for neither this "optimization" is useful.
So let's drop it an save some code and a malloc.
|
|
We cannot compare filenames directly, because paths are not sortable
lexicographically, e.g. /etc/udev is "later" (has higher priority)
than /usr/lib/udev.
The on-disk format is changed to have a separate field for "file priority",
which is stored when writing the binary file, and then loaded and used in
comparisons. For data in the previous format (as generated by systemd 232),
this information is not available, and we use a trick where the offset into the
string table is used as a proxy for priority. Most of the time strings are
stored in the order in which the files were processed. This is not entirely
reliable, but is good enough to properly order /usr/lib and /etc/, which are
the two most common cases. This hack is included because it allows proper
parsing of files until the binary hwdb is regenerated.
Instead of adding a new field, I reduced the size of line_number from 64 to 32
bits, and added a 16 bit priority field, and 16 bits of padding. Adding a new
field of 16 bytes would significantly screw up alignment and increase file
size, and line number realistically don't need more than ~20 bits.
Fixes #4750.
|
|
Partial fix for #4750.
We would compare strings like "/usr/lib/udev/hwdb.d/something.hwdb" and
"/etc/udev/hwdb.db/something.hwdb" and conclude that the first has higher
priority. Since we process files in order (higher priority later), no
comparison is necessary when loading.
This partially undoes 3a04b789c6f17dff2000a3cdbeaaf86baa604524
(not in spirit, but in the implementation).
|
|
(#4773)
|
|
So let's set ForwardDelaySec to USEC_INFINITY .
Reference:
https://wiki.linuxfoundation.org/networking/bridge#does-dhcp-work-overthrough-a-bridge
|
|
|
|
Improvements for notify services (including #4212)
|
|
Setting NotifyAccess=exec allows notifications coming directly from any
control process.
|
|
|
|
So far systemd-nspawn container has been creating files under
/run/systemd/inaccessible, no matter whether it's running in user
namespace or not. That's fine for regular files, dirs, socks, fifos.
However, it's not for block and character devices, because kernel
doesn't allow them to be created under user namespace. It results
in warnings at booting like that:
====
Couldn't stat device /run/systemd/inaccessible/chr
Couldn't stat device /run/systemd/inaccessible/blk
====
Thus we need to have the cgroups whitelisting handler to silently ignore
a file, when the device path is prefixed with "-". That's exactly the
same convention used in directives like ReadOnlyPaths=. Also insert the
prefix "-" to inaccessible entries.
|
|
IMA validates file signatures based on the security.ima xattr. As of
Linux-4.7, instead of copying the IMA policy into the securityfs policy,
the IMA policy pathname can be written, allowing the IMA policy file
signature to be validated.
This patch modifies the existing code to first attempt to write the
pathname, but on failure falls back to copying the IMA policy contents.
|
|
This adds an API for retrieving an app-specific machine ID to sd-id128.
Internally it calculates HMAC-SHA256 with an 128bit app-specific ID as payload
and the machine ID as key.
(An alternative would have been to use siphash for this, which is also
cryptographically strong. However, as it only generates 64bit hashes it's not
an obvious choice for generating 128bit IDs.)
Fixes: #4667
|
|
Let's take inspiration from bluez's ELL library, and let's move our
cryptographic primitives away from libgcrypt and towards the kernel's AF_ALG
cryptographic userspace API.
In the long run we should try to remove the dependency on libgcrypt, in favour
of using only the kernel's own primitives, however this is unlikely to happen
anytime soon, as the kernel does not provide Elliptic Curve APIs to userspace
at this time, and we need them for the DNSSEC cryptographic.
This commit only covers hashing for now, symmetric encryption/decryption or
even asymetric encryption/decryption is not available for now.
"khash" is little more than a lightweight wrapper around the kernel's AF_ALG
socket API.
|
|
We assume a process can be only one of the two in service_sigchld_event.
|
|
We stay in the SERVICE_START while no READY=1 notification message has
been received. When we are in the SERVICE_START_POST state, we have
already received a ready notification. Hence we should not fail when the
cgroup becomes empty in that state.
|
|
Explicitly use python3 everywhere
|
|
This will allow us to have several managers sharing an event loop
and running in parallel, as if they were running in separate processes.
The long term-aim is to allow networkd to be split into separate
processes, so restructure the code to make this simpler.
For now we drop the exit-on-idle logic, as this was anyway severely
restricted at the moment. Once split, we will revisit this as it may
then make more sense again.
|
|
|
|
|
|
This looks like a copy&paste error from the code block above.
|
|
Since a581e45ae8f9bb5c, there's a few function calls to
unit_new_for_name which will unit_free on failure. Prior to this commit,
a failure would result in calling unit_free with a NULL unit, and hit an
assertion failure, seen at least via device_setup_unit:
Assertion 'u' failed at src/core/unit.c:519, function unit_free(). Aborting.
Fixes #4747
https://bugs.archlinux.org/task/51950
|
|
calendarspec: miscellaneous parsing and formatting fixes
|
|
Factor out repeated references to usec and remove nested ifs.
|
|
Similar to this patch from here:
http://systemd-devel.freedesktop.narkive.com/AvfCbi6c/patch-0-3-using-assert-se-on-actions-with-side-effects-on-test-cases
If the code is compiled with -DNDEBUG which is the default for
some embedded buildsystems, systemd-journald does not startup
and silently fails.
|
|
|
|
"*-*-01..03" is now formatted as "*-*-01..03" instead of "*-*-01,02,03"
|
|
Previously a string like "00:00:01..03" would fail to parse due to the
ambiguity between a decimal point and the start of a range.
|
|
"*:*:*" is now formatted as "*:*:*" instead of "*:*:00/1"
|
|
strtoul() parses leading whitespace and an optional sign;
check that the first character is a digit to prevent odd
specifications like "00: 00: 00" and "-00:+00/-1".
|
|
Forbid open ranges like "Tue.."; trailing commas are still OK.
|
|
This makes " UTC" an illegal date specification.
|
|
"*-*-*" is now equivalent to "*-*-* 00:00:00" (daily)
rather than "*-*-* *:*:*" (every second).
|
|
This is a different way to implement the fix proposed by commit
a4021390fef27f4136497328f suggested by Lennart Poettering.
In this patch we instruct PID1 to not kill "systemctl switch-root" command
started by initrd-switch-root service using the "argv[0][0]='@'" trick.
See: https://www.freedesktop.org/wiki/Software/systemd/RootStorageDaemons/ for
more details.
We had to backup argv[0] because argv is modified by dispatch_verb().
|
|
networkd: allow networkd to start in early boot
|
|
This patch handles the custom MTU field in IPv6 RA.
fixes RFE #4464
|
|
calendarspec: add support for scheduling timers at the end of the month
|
|
Fixes: #4721
|
|
"*-*~1" => The last day of every month
"*-02~3..5" => The third, fourth, and fifth last days in February
"Mon 05~07/1" => The last Monday in May
Resolves #3861
|
|
Stop looking for matches after MAX_YEAR so impossible dates like
"*-02-30" and "*-04-31" don't cause an infinite loop.
|
|
If setting the received timezone or transient hostname fails because D-Bus is
not (yet) up, store the data in the Manager object and try again after
connecting to D-Bus.
|
