Disallow recursive .include, and make it unavailable in anything but
unit files.
/lib/modules/$(uname -r)/modules.devname
and apply ACLs to them if they have TAG=="uaccess" in udev rules.
/lib/modules/$(uname -r)/modules.devname
and apply ACLs to them if they have TAG=="uaccess" in udev rules.
-* matching against units is currently broken in journalctl. We really
- need another AND level in the expressions,
- i.e. sd_journal_add_conjunction().
-
* add ConditionArchitecture= or so
* teach ConditionKernelCommandLine= globs or regexes (in order to match foobar={no,0,off})
* add ConditionArchitecture= or so
* teach ConditionKernelCommandLine= globs or regexes (in order to match foobar={no,0,off})
* man: remove .include documentation, and instead push people to use .d/*.conf
* man: remove .include documentation, and instead push people to use .d/*.conf
-* disallow .include from included files
-
* safe_atod() is too naive, as it is vulnerable to locale parameters, should be locale independent.
* think about requeuing jobs when daemon-reload is issued? usecase:
* safe_atod() is too naive, as it is vulnerable to locale parameters, should be locale independent.
* think about requeuing jobs when daemon-reload is issued? usecase:
return;
r = config_parse(NULL, BOOTCHART_CONF, f,
return;
r = config_parse(NULL, BOOTCHART_CONF, f,
- NULL, config_item_table_lookup, (void*) items, true, NULL);
+ NULL, config_item_table_lookup, (void*) items, true, false, NULL);
if (r < 0)
log_warning("Failed to parse configuration file: %s", strerror(-r));
if (r < 0)
log_warning("Failed to parse configuration file: %s", strerror(-r));
STRV_FOREACH(f, u->dropin_paths) {
r = config_parse(u->id, *f, NULL,
UNIT_VTABLE(u)->sections, config_item_perf_lookup,
STRV_FOREACH(f, u->dropin_paths) {
r = config_parse(u->id, *f, NULL,
UNIT_VTABLE(u)->sections, config_item_perf_lookup,
- (void*) load_fragment_gperf_lookup, false, u);
+ (void*) load_fragment_gperf_lookup, false, false, u);
/* Now, parse the file contents */
r = config_parse(u->id, filename, f, UNIT_VTABLE(u)->sections,
config_item_perf_lookup,
/* Now, parse the file contents */
r = config_parse(u->id, filename, f, UNIT_VTABLE(u)->sections,
config_item_perf_lookup,
- (void*) load_fragment_gperf_lookup, false, u);
+ (void*) load_fragment_gperf_lookup, false, true, u);
- r = config_parse(NULL, fn, f, "Manager\0", config_item_table_lookup, (void*) items, false, NULL);
+ r = config_parse(NULL, fn, f, "Manager\0", config_item_table_lookup, (void*) items, false, false, NULL);
if (r < 0)
log_warning("Failed to parse configuration file: %s", strerror(-r));
if (r < 0)
log_warning("Failed to parse configuration file: %s", strerror(-r));
}
static int server_parse_config_file(Server *s) {
}
static int server_parse_config_file(Server *s) {
- static const char *fn = "/etc/systemd/journald.conf";
+ static const char fn[] = "/etc/systemd/journald.conf";
_cleanup_fclose_ FILE *f = NULL;
int r;
_cleanup_fclose_ FILE *f = NULL;
int r;
}
r = config_parse(NULL, fn, f, "Journal\0", config_item_perf_lookup,
}
r = config_parse(NULL, fn, f, "Journal\0", config_item_perf_lookup,
- (void*) journald_gperf_lookup, false, s);
+ (void*) journald_gperf_lookup, false, false, s);
if (r < 0)
log_warning("Failed to parse configuration file: %s", strerror(-r));
if (r < 0)
log_warning("Failed to parse configuration file: %s", strerror(-r));
}
static int manager_parse_config_file(Manager *m) {
}
static int manager_parse_config_file(Manager *m) {
- FILE *f;
- const char *fn;
+ static const char fn[] = "/etc/systemd/logind.conf";
+ _cleanup_fclose_ FILE *f = NULL;
- fn = "/etc/systemd/logind.conf";
f = fopen(fn, "re");
if (!f) {
if (errno == ENOENT)
f = fopen(fn, "re");
if (!f) {
if (errno == ENOENT)
- r = config_parse(NULL, fn, f, "Login\0", config_item_perf_lookup, (void*) logind_gperf_lookup, false, m);
+ r = config_parse(NULL, fn, f, "Login\0", config_item_perf_lookup,
+ (void*) logind_gperf_lookup, false, false, m);
if (r < 0)
log_warning("Failed to parse configuration file: %s", strerror(-r));
if (r < 0)
log_warning("Failed to parse configuration file: %s", strerror(-r));
"ERRNO=%d", error > 0 ? error : EINVAL,
"MESSAGE=[%s:%u] %s", config_file, config_line, msg,
NULL);
"ERRNO=%d", error > 0 ? error : EINVAL,
"MESSAGE=[%s:%u] %s", config_file, config_line, msg,
NULL);
- log_info("logged here: '%s': %d", msg, r);
ConfigItemLookup lookup,
void *table,
bool relaxed,
ConfigItemLookup lookup,
void *table,
bool relaxed,
char **section,
char *l,
void *userdata) {
char **section,
char *l,
void *userdata) {
return 0;
if (startswith(l, ".include ")) {
return 0;
if (startswith(l, ".include ")) {
- _cleanup_free_ char *fn;
+ _cleanup_free_ char *fn = NULL;
+
+ if (!allow_include) {
+ log_syntax(unit, LOG_ERR, filename, line, EBADMSG,
+ ".include not allowed here. Ignoring.");
+ return 0;
+ }
fn = file_in_same_dir(filename, strstrip(l+9));
if (!fn)
return -ENOMEM;
fn = file_in_same_dir(filename, strstrip(l+9));
if (!fn)
return -ENOMEM;
- return config_parse(unit, fn, NULL, sections, lookup, table, relaxed, userdata);
+ return config_parse(unit, fn, NULL, sections, lookup, table, relaxed, false, userdata);
ConfigItemLookup lookup,
void *table,
bool relaxed,
ConfigItemLookup lookup,
void *table,
bool relaxed,
_cleanup_free_ char *section = NULL, *continuation = NULL;
_cleanup_fclose_ FILE *ours = NULL;
_cleanup_free_ char *section = NULL, *continuation = NULL;
_cleanup_fclose_ FILE *ours = NULL;
ConfigItemLookup lookup,
void *table,
bool relaxed,
ConfigItemLookup lookup,
void *table,
bool relaxed,
void *userdata);
/* Generic parsers */
void *userdata);
/* Generic parsers */
}
r = config_parse(NULL, path, f, NULL,
}
r = config_parse(NULL, path, f, NULL,
- config_item_table_lookup, (void*) items, true, info);
+ config_item_table_lookup, (void*) items, true, true, info);
- r = config_parse(NULL, filename, f, NULL, config_item_table_lookup, (void*) items, true, NULL);
+ r = config_parse(NULL, filename, f, NULL, config_item_table_lookup, (void*) items, true, false, NULL);
if (r < 0) {
log_error("Failed to parse password file %s: %s", filename, strerror(-r));
goto finish;
if (r < 0) {
log_error("Failed to parse password file %s: %s", filename, strerror(-r));
goto finish;