pkg-config: export systemd{system,user}generatordir and catalogdir

[elogind.git] / src / core / execute.c

diff --git a/src/core/execute.c b/src/core/execute.c
index 5e342f8d47af71fdf1afb3faeb7a38eb9c5d69b5..43b571e043ad0b7231311e748e68b9875e8c353e 100644 (file)
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -69,6 +69,7 @@
 #include "unit.h"
 
 #define IDLE_TIMEOUT_USEC (5*USEC_PER_SEC)
+#define IDLE_TIMEOUT2_USEC (1*USEC_PER_SEC)
 
 /* This assumes there is a 'tty' group */
 #define TTY_MODE 0620
@@ -977,6 +978,35 @@ static int apply_seccomp(uint32_t *syscall_filter) {
         return 0;
 }
 
+static void do_idle_pipe_dance(int idle_pipe[4]) {
+        assert(idle_pipe);
+
+        if (idle_pipe[1] >= 0)
+                close_nointr_nofail(idle_pipe[1]);
+        if (idle_pipe[2] >= 0)
+                close_nointr_nofail(idle_pipe[2]);
+
+        if (idle_pipe[0] >= 0) {
+                int r;
+
+                r = fd_wait_for_event(idle_pipe[0], POLLHUP, IDLE_TIMEOUT_USEC);
+
+                if (idle_pipe[3] >= 0 && r == 0 /* timeout */) {
+                        /* Signal systemd that we are bored and want to continue. */
+                        write(idle_pipe[3], "x", 1);
+
+                        /* Wait for systemd to react to the signal above. */
+                        fd_wait_for_event(idle_pipe[0], POLLHUP, IDLE_TIMEOUT2_USEC);
+                }
+
+                close_nointr_nofail(idle_pipe[0]);
+
+        }
+
+        if (idle_pipe[3] >= 0)
+                close_nointr_nofail(idle_pipe[3]);
+}
+
 int exec_spawn(ExecCommand *command,
                char **argv,
                ExecContext *context,
@@ -989,7 +1019,7 @@ int exec_spawn(ExecCommand *command,
                CGroupControllerMask cgroup_mask,
                const char *cgroup_path,
                const char *unit_id,
-               int idle_pipe[2],
+               int idle_pipe[4],
                pid_t *ret) {
 
         _cleanup_strv_free_ char **files_env = NULL;
@@ -1083,14 +1113,8 @@ int exec_spawn(ExecCommand *command,
                         goto fail_child;
                 }
 
-                if (idle_pipe) {
-                        if (idle_pipe[1] >= 0)
-                                close_nointr_nofail(idle_pipe[1]);
-                        if (idle_pipe[0] >= 0) {
-                                fd_wait_for_event(idle_pipe[0], POLLHUP, IDLE_TIMEOUT_USEC);
-                                close_nointr_nofail(idle_pipe[0]);
-                        }
-                }
+                if (idle_pipe)
+                        do_idle_pipe_dance(idle_pipe);
 
                 /* Close sockets very early to make sure we don't
                  * block init reexecution because it cannot bind its
@@ -1258,6 +1282,23 @@ int exec_spawn(ExecCommand *command,
                         }
                 }
 
+#ifdef HAVE_PAM
+                if (cgroup_path && context->user && context->pam_name) {
+                        err = cg_set_task_access(SYSTEMD_CGROUP_CONTROLLER, cgroup_path, 0644, uid, gid);
+                        if (err < 0) {
+                                r = EXIT_CGROUP;
+                                goto fail_child;
+                        }
+
+
+                        err = cg_set_group_access(SYSTEMD_CGROUP_CONTROLLER, cgroup_path, 0755, uid, gid);
+                        if (err < 0) {
+                                r = EXIT_CGROUP;
+                                goto fail_child;
+                        }
+                }
+#endif
+
                 if (apply_permissions) {
                         err = enforce_groups(context, username, gid);
                         if (err < 0) {
@@ -1727,10 +1768,10 @@ int exec_context_load_environment(const ExecContext *c, char ***l) {
 
                                 strv_free(r);
                                 return k;
-                         }
+                        }
                         /* Log invalid environment variables with filename */
-                       if (p)
-                               p = strv_env_clean_log(p, pglob.gl_pathv[n]);
+                        if (p)
+                                p = strv_env_clean_log(p, pglob.gl_pathv[n]);
 
                         if (r == NULL)
                                 r = p;