chiark / gitweb /
elogind.git
4 years agotmpfiles: port to unquote_many_words()
daurnimator [Mon, 9 Mar 2015 19:11:44 +0000 (15:11 -0400)]
tmpfiles: port to unquote_many_words()

4 years agoshared: the btrfs quota field is called "referenced" not "referred"
Lennart Poettering [Tue, 10 Mar 2015 14:55:58 +0000 (15:55 +0100)]
shared: the btrfs quota field is called "referenced" not "referred"

4 years agoupdate TODO
Lennart Poettering [Tue, 10 Mar 2015 14:48:04 +0000 (15:48 +0100)]
update TODO

4 years agoman: document "machinectl export-tar" and "export-raw"
Lennart Poettering [Tue, 10 Mar 2015 14:47:45 +0000 (15:47 +0100)]
man: document "machinectl export-tar" and "export-raw"

4 years agoadd REMOTE_ADDR and REMOTE_PORT for Accept=yes
Shawn Landden [Tue, 10 Mar 2015 11:41:59 +0000 (04:41 -0700)]
add REMOTE_ADDR and REMOTE_PORT for Accept=yes

4 years agofsckd: clean up log messages
Didier Roche [Tue, 10 Mar 2015 09:18:00 +0000 (10:18 +0100)]
fsckd: clean up log messages

Avoid double logs printing. Not that we don't return
manager_update_global_progress() to the handler callback as if the console or
plymouth isn't available momentarily, we still desire to handle future
fd progress events if those are available again (like cancellation, reports…)

4 years agofsckd: Reduce the SAK window when writing to console
Didier Roche [Tue, 10 Mar 2015 08:57:38 +0000 (09:57 +0100)]
fsckd: Reduce the SAK window when writing to console

We don't want to keep /dev/console open all the time, but only open it when
needed, to avoid interfering with SAK.

4 years agoAdd type specifier for int
Thomas Hindoe Paaboel Andersen [Tue, 10 Mar 2015 04:25:28 +0000 (05:25 +0100)]
Add type specifier for int

4 years agologs-show: fix check of loop_read_exact
Thomas Hindoe Paaboel Andersen [Tue, 10 Mar 2015 04:18:26 +0000 (05:18 +0100)]
logs-show: fix check of loop_read_exact

just a typo fix

4 years agoIntroduce loop_read_exact helper
Zbigniew Jędrzejewski-Szmek [Tue, 10 Mar 2015 01:23:53 +0000 (21:23 -0400)]
Introduce loop_read_exact helper

Usually when using loop_read(), we want to read the full buffer.
Add a helper that mirrors loop_write(), and returns 0 when full buffer
was read, and an error otherwise.

Use -ENODATA for the short read, to distinguish it from a read error.

4 years agoefivars: itialize variable
Zbigniew Jędrzejewski-Szmek [Tue, 10 Mar 2015 00:41:00 +0000 (20:41 -0400)]
efivars: itialize variable

Introduced a few commits ago.

4 years agobootchart: use _cleanup_
Zbigniew Jędrzejewski-Szmek [Tue, 10 Mar 2015 00:11:25 +0000 (20:11 -0400)]
bootchart: use _cleanup_

4 years agoAdd missing includes
Zbigniew Jędrzejewski-Szmek [Tue, 10 Mar 2015 00:02:59 +0000 (20:02 -0400)]
Add missing includes

audit.h uses uint32_t and bool.
log.h uses abs.

4 years agojournalctl: unlink without checking with access first
Zbigniew Jędrzejewski-Szmek [Mon, 9 Mar 2015 22:58:47 +0000 (18:58 -0400)]
journalctl: unlink without checking with access first

It is more elegant to do this in one step.

Coverity complains about the TOCTOU difference, but it is not an
actual problem (CID #1237777).

4 years agojournal: fix return code
Zbigniew Jędrzejewski-Szmek [Mon, 9 Mar 2015 21:46:30 +0000 (17:46 -0400)]
journal: fix return code

Introduced in fa6ac76083b8ff.

Might be related to CID #1261724, but I don't know if coverity can
recurse this deep.

4 years agojournal-file: update format string to remove cast
Zbigniew Jędrzejewski-Szmek [Mon, 9 Mar 2015 21:22:50 +0000 (17:22 -0400)]
journal-file: update format string to remove cast

4 years agojournal: align comments to make them more legible
Zbigniew Jędrzejewski-Szmek [Mon, 9 Mar 2015 21:10:33 +0000 (17:10 -0400)]
journal: align comments to make them more legible

4 years agolibudev: add missing hunks
Tom Gundersen [Thu, 5 Mar 2015 17:08:50 +0000 (18:08 +0100)]
libudev: add missing hunks

This should have been committed with
  udev_device_add_property - implicitly mark properties for saving to db

4 years agolibudev: udev_device_read_db - drop unused argument
Tom Gundersen [Mon, 9 Mar 2015 22:22:43 +0000 (23:22 +0100)]
libudev: udev_device_read_db - drop unused argument

4 years agolibudev: udev_device_add_property - implicitly mark properties for saving to db
Tom Gundersen [Thu, 5 Mar 2015 17:08:50 +0000 (18:08 +0100)]
libudev: udev_device_add_property - implicitly mark properties for saving to db

Properties should only be saved to the db when added to the udev_device by udevd, and only if
the property does not start with a '.'. Make this implicit rather than expose the marking of
properties.

4 years agoudev/libudev: event - move {OLD_,}INTERFACE handling from udevd to libudev
Tom Gundersen [Thu, 5 Mar 2015 16:44:12 +0000 (17:44 +0100)]
udev/libudev: event - move {OLD_,}INTERFACE handling from udevd to libudev

This should be internal to the library as it is only about reflecting the sysfs state in the udev_device.

4 years agolibudev: private - make property_from_string_parse* static
Tom Gundersen [Thu, 5 Mar 2015 16:26:58 +0000 (17:26 +0100)]
libudev: private - make property_from_string_parse* static

4 years agoman: document machinectl import-tar and import-raw
Lennart Poettering [Mon, 9 Mar 2015 20:34:32 +0000 (21:34 +0100)]
man: document machinectl import-tar and import-raw

4 years agoupdate TODO
Lennart Poettering [Mon, 9 Mar 2015 19:06:18 +0000 (20:06 +0100)]
update TODO

4 years agoudev: simplify event_queue_update() and add debug logging
Tom Gundersen [Mon, 9 Mar 2015 21:19:52 +0000 (22:19 +0100)]
udev: simplify event_queue_update() and add debug logging

This essentially replaces
  open("/run/udev/queue", O_WRONLY|O_CREAT|O_CLOEXEC|O_TRUNC|O_NOFOLLOW, 0444)
with
  open("/run/udev/queue", O_WRONLY|O_CREAT|O_CLOEXEC|O_NOCTTY, 0644),
which is ok for our purposes.

4 years agoefivars: use greedy_realloc
Zbigniew Jędrzejewski-Szmek [Mon, 9 Mar 2015 20:09:16 +0000 (16:09 -0400)]
efivars: use greedy_realloc

4 years agoefivars: use more _cleanup_
Zbigniew Jędrzejewski-Szmek [Mon, 9 Mar 2015 20:04:42 +0000 (16:04 -0400)]
efivars: use more _cleanup_

Also rename r to buf, since r is customarily reserved for the return value.

4 years agoefivars: do binary and before converting to bool
Zbigniew Jędrzejewski-Szmek [Mon, 9 Mar 2015 19:57:56 +0000 (15:57 -0400)]
efivars: do binary and before converting to bool

I'm pretty sure that this is what was meant here.

4 years agoefivars: rename last remaining err to r
Zbigniew Jędrzejewski-Szmek [Mon, 9 Mar 2015 19:55:24 +0000 (15:55 -0400)]
efivars: rename last remaining err to r

4 years agoefivars: modernization
Zbigniew Jędrzejewski-Szmek [Mon, 9 Mar 2015 19:54:39 +0000 (15:54 -0400)]
efivars: modernization

Fix return value if unlink fails.

4 years agoboot/efi: do not assign variable twice
Zbigniew Jędrzejewski-Szmek [Mon, 9 Mar 2015 19:12:17 +0000 (15:12 -0400)]
boot/efi: do not assign variable twice

If the highlighted line did not move outside of the visible
region, it should not be necessary to update idx_last.

CID #1287137, #1287138.

4 years agomachinectl: remove unused variables
Thomas Hindoe Paaboel Andersen [Mon, 9 Mar 2015 20:08:22 +0000 (21:08 +0100)]
machinectl: remove unused variables

4 years agofsck: modernize error handling
Lennart Poettering [Mon, 9 Mar 2015 18:57:39 +0000 (19:57 +0100)]
fsck: modernize error handling

4 years agofsck: use _cleanup_close_pair_ where appropriate
Lennart Poettering [Mon, 9 Mar 2015 18:50:37 +0000 (19:50 +0100)]
fsck: use _cleanup_close_pair_ where appropriate

4 years agofsckd: make sure we free the connection event source before we close the connection fd
Lennart Poettering [Mon, 9 Mar 2015 18:41:01 +0000 (19:41 +0100)]
fsckd: make sure we free the connection event source before we close the connection fd

4 years agofsckd: don't allow unbounded numbers of clients
Lennart Poettering [Mon, 9 Mar 2015 18:36:46 +0000 (19:36 +0100)]
fsckd: don't allow unbounded numbers of clients

4 years agofsckd: make sure unprivileged clients cannot play games with fsckd
Lennart Poettering [Mon, 9 Mar 2015 18:34:10 +0000 (19:34 +0100)]
fsckd: make sure unprivileged clients cannot play games with fsckd

4 years agofsckd: free client event source before we close its fd
Lennart Poettering [Mon, 9 Mar 2015 18:33:49 +0000 (19:33 +0100)]
fsckd: free client event source before we close its fd

4 years agopo: update French translation
Sylvain Plantefève [Mon, 9 Mar 2015 17:36:59 +0000 (18:36 +0100)]
po: update French translation

Add strings for importd, following 587fec427c80b6c34dcf1d7570f891fcb652a7c5

4 years agofsck: rename functions to reflect some object orientation
Lennart Poettering [Mon, 9 Mar 2015 18:23:36 +0000 (19:23 +0100)]
fsck: rename functions to reflect some object orientation

Let's clean up the function naming scheme and put the object they
operate on first in the name, the way OO programming usually does it.

Also, let's make sure can properly destroy half-initialized Manager
objects.

4 years agofsck: don't read invalid data
Lennart Poettering [Mon, 9 Mar 2015 17:58:05 +0000 (18:58 +0100)]
fsck: don't read invalid data

4 years agofsckd: internaly check if a client already was cancelled
Lennart Poettering [Mon, 9 Mar 2015 17:57:58 +0000 (18:57 +0100)]
fsckd: internaly check if a client already was cancelled

4 years agofsck: simplify client destruction logic
Lennart Poettering [Mon, 9 Mar 2015 17:57:11 +0000 (18:57 +0100)]
fsck: simplify client destruction logic

4 years agofsckd: rework plymouth connection management
Lennart Poettering [Mon, 9 Mar 2015 17:45:50 +0000 (18:45 +0100)]
fsckd: rework plymouth connection management

- the even source should not be freed before the fd for it is closed

- read() returns an ssize_t and we need to handle it as such

- properly handle errors from read()

- reuse on_plymouth_disconnect() whenever we disconnect from plymouth,
  and rename it plymouth_disconnect hence()

4 years agofscd: fix error handling
Lennart Poettering [Mon, 9 Mar 2015 17:30:37 +0000 (18:30 +0100)]
fscd: fix error handling

4 years agofsck: no need for a temporary variable
Lennart Poettering [Mon, 9 Mar 2015 17:30:18 +0000 (18:30 +0100)]
fsck: no need for a temporary variable

4 years agofsckd: fix error handling when sending cancel request to fsck client
Lennart Poettering [Mon, 9 Mar 2015 17:29:08 +0000 (18:29 +0100)]
fsckd: fix error handling when sending cancel request to fsck client

4 years agofsck: unify exit path for connect_plymouth()
Lennart Poettering [Mon, 9 Mar 2015 17:21:34 +0000 (18:21 +0100)]
fsck: unify exit path for connect_plymouth()

4 years agofsck: use only a single exit code ternary operator
Lennart Poettering [Mon, 9 Mar 2015 17:19:56 +0000 (18:19 +0100)]
fsck: use only a single exit code ternary operator

4 years agofsck: simplification
Lennart Poettering [Mon, 9 Mar 2015 17:19:23 +0000 (18:19 +0100)]
fsck: simplification

4 years agofsckd: the error code is actually returned in 'fd'
Lennart Poettering [Mon, 9 Mar 2015 17:16:54 +0000 (18:16 +0100)]
fsckd: the error code is actually returned in 'fd'

Also, we don't use {} for single-line if-blocks.

4 years agofsckd: simplify code a bit
Lennart Poettering [Mon, 9 Mar 2015 17:16:36 +0000 (18:16 +0100)]
fsckd: simplify code a bit

4 years agofsckd: make use of safe_close()'s return value
Lennart Poettering [Mon, 9 Mar 2015 17:16:20 +0000 (18:16 +0100)]
fsckd: make use of safe_close()'s return value

4 years agoman: document that ExecStartPre= is not the place to start long-running processes
Lennart Poettering [Mon, 9 Mar 2015 17:01:47 +0000 (18:01 +0100)]
man: document that ExecStartPre= is not the place to start long-running processes

4 years agobuild-sys: add one more Makefile symlink
Lennart Poettering [Mon, 9 Mar 2015 16:55:59 +0000 (17:55 +0100)]
build-sys: add one more Makefile symlink

4 years agoimportd: add API for exporting container/VM images
Lennart Poettering [Mon, 9 Mar 2015 16:55:07 +0000 (17:55 +0100)]
importd: add API for exporting container/VM images

Also, expose it in machinectl.

4 years agoudev: use inttypes.h types wherever appropriate
Lennart Poettering [Sun, 8 Mar 2015 23:09:46 +0000 (00:09 +0100)]
udev: use inttypes.h types wherever appropriate

4 years agotree-wide: use _packed_ macro instead of raw gcc __attribute__
Lennart Poettering [Sun, 8 Mar 2015 23:07:44 +0000 (00:07 +0100)]
tree-wide: use _packed_ macro instead of raw gcc __attribute__

4 years agoudevd: close race in udev settle
Tom Gundersen [Mon, 9 Mar 2015 15:16:23 +0000 (16:16 +0100)]
udevd: close race in udev settle

The udev-settle guarantees that udevd is no longer processing any of the
events casued by udev-trigger. The way this works is that it sends a
synchronous PING to udevd after udev-trigger has ran, and when that returns
it knows that udevd has started processing the events from udev-trigger.
udev-settle will then wait for the event queue to empty before returning.

However, there was a race here, as we would only update the /run state at
the beginning of the event loop, before reading out new events and before
processing the ping.

That means that if the first uevent arrived in the same event-loop iteration
as the PING, we would return the ping before updating the queue state in /run
(which would happen on the next iteration).

The race window here is tiny (as the /run state would probably get updated
before udev-settle got a chance to read /run), but still a possibility.

Fix the problem by updating the /run state as the last step before returning
the PING.

We must still update it at the beginning of the loop as well, otherwise we
risk being stuck in poll() with a stale state in /run.

Reported-by: Daniel Drake <drake@endlessm.com>
4 years agomissing.h: add NDA_*
Michael Olbrich [Mon, 9 Mar 2015 11:27:25 +0000 (12:27 +0100)]
missing.h: add NDA_*

This is necessary to build with older kernel headers. NDA_VLAN was
introduced in v3.9 and NDA_PORT, NDA_VNI and NDA_IFINDEX in v3.10

4 years agoFix typos
Torstein Husebø [Mon, 9 Mar 2015 12:02:56 +0000 (13:02 +0100)]
Fix typos

4 years agopo: update Russian translation - pluralize fsckd
Sergey Ptashnick [Sun, 8 Mar 2015 15:51:41 +0000 (18:51 +0300)]
po: update Russian translation - pluralize fsckd

Correctly pluralize strings for fsckd.

4 years agosd-journal: return error when we cannot open a file
Zbigniew Jędrzejewski-Szmek [Sun, 8 Mar 2015 15:11:50 +0000 (11:11 -0400)]
sd-journal: return error when we cannot open a file

Lack of this caused journalctl not to display a hint about missing groups
properly when the user lacks permissions.

4 years agojournalctl: update hint now that we set ACL everywhere
Zbigniew Jędrzejewski-Szmek [Sun, 8 Mar 2015 15:04:59 +0000 (11:04 -0400)]
journalctl: update hint now that we set ACL everywhere

4 years agopo: update Russian translation - importd
Sergey Ptashnick [Sun, 8 Mar 2015 14:41:23 +0000 (17:41 +0300)]
po: update Russian translation - importd

Add strings for importd, by analogy with 1eb37584a8.

4 years agobus: fix leak in error path
Zbigniew Jędrzejewski-Szmek [Sat, 7 Mar 2015 20:05:50 +0000 (15:05 -0500)]
bus: fix leak in error path

CID #1271349.

4 years agosystemctl: remove dead check
Zbigniew Jędrzejewski-Szmek [Sat, 7 Mar 2015 20:00:22 +0000 (15:00 -0500)]
systemctl: remove dead check

r could never be less than zero.

CID #1271350.

4 years agocore/load-fragment: safe_close() protects errno
Zbigniew Jędrzejewski-Szmek [Sat, 7 Mar 2015 19:36:14 +0000 (14:36 -0500)]
core/load-fragment: safe_close() protects errno

4 years agolibsystemd-terminal: use at most LOG_ERR for XKB errors
Zbigniew Jędrzejewski-Szmek [Sat, 7 Mar 2015 19:30:56 +0000 (14:30 -0500)]
libsystemd-terminal: use at most LOG_ERR for XKB errors

XKB errors aren't *that* important.

Coverity complained that the same action is taken in multiple
branches, which is semi-valid, so is fixed too (CID #1256582).

4 years agologin: fix copy-pasto in error path
Zbigniew Jędrzejewski-Szmek [Sat, 7 Mar 2015 19:23:38 +0000 (14:23 -0500)]
login: fix copy-pasto in error path

CID #1256583.

4 years agonspawn: fix use-after-free and leak in error paths
Zbigniew Jędrzejewski-Szmek [Sat, 7 Mar 2015 19:19:20 +0000 (14:19 -0500)]
nspawn: fix use-after-free and leak in error paths

CID #1257765.

4 years agocore/dbus-manager: remove dead check
Zbigniew Jędrzejewski-Szmek [Sat, 7 Mar 2015 19:16:18 +0000 (14:16 -0500)]
core/dbus-manager: remove dead check

CID #1257766.

4 years agobus-util: remove stray errno assignment
Zbigniew Jędrzejewski-Szmek [Sat, 7 Mar 2015 19:09:50 +0000 (14:09 -0500)]
bus-util: remove stray errno assignment

4 years agonetworkctl: avoid leak if a field was specified twice
Zbigniew Jędrzejewski-Szmek [Sat, 7 Mar 2015 19:06:35 +0000 (14:06 -0500)]
networkctl: avoid leak if a field was specified twice

The input data would have to be borked, so this is unlikely to happen,
but since we have a nice helper function to do it properly... why not?

CID #1261390.

4 years agomachine: do not rely on asprintf setting arg on error
Zbigniew Jędrzejewski-Szmek [Sat, 7 Mar 2015 19:01:45 +0000 (14:01 -0500)]
machine: do not rely on asprintf setting arg on error

Strictly speaking, the output variable is undefined if asprintf fails.
We use the return value not the arg everywhere, and should we do here.

4 years agov4l_id: use standard option parsing loop
Zbigniew Jędrzejewski-Szmek [Sat, 7 Mar 2015 18:54:32 +0000 (13:54 -0500)]
v4l_id: use standard option parsing loop

Not terribly important, but the loop wasn't an actual loop,
making coverity unhappy.

CID #1261725.

4 years agoshared/machine-pool: remove unnecessary check
Zbigniew Jędrzejewski-Szmek [Sat, 7 Mar 2015 18:40:48 +0000 (13:40 -0500)]
shared/machine-pool: remove unnecessary check

CID #128739.

4 years agosysusers: do not reject users with already present /etc/shadow entries
Ivan Shapovalov [Sat, 7 Mar 2015 15:11:32 +0000 (18:11 +0300)]
sysusers: do not reject users with already present /etc/shadow entries

This is needed to interoperate firstboot and sysusers. The former one is started
first, and it writes only /etc/shadow when it is told to set the root password.
It's better to relax checks here than to duplicate functionality in firstboot.

4 years agofirstboot: set all spwd fields to -1 for consistency with sysusers
Ivan Shapovalov [Wed, 25 Feb 2015 23:46:24 +0000 (02:46 +0300)]
firstboot: set all spwd fields to -1 for consistency with sysusers

4 years agocore: do not spawn jobs or touch other units during coldplugging
Ivan Shapovalov [Sat, 7 Mar 2015 13:44:52 +0000 (08:44 -0500)]
core: do not spawn jobs or touch other units during coldplugging

Because the order of coldplugging is not defined, we can reference a
not-yet-coldplugged unit and read its state while it has not yet been
set to a meaningful value.

This way, already active units may get started again.

We fix this by deferring such actions until all units have been at
least somehow coldplugged.

Fixes https://bugs.freedesktop.org/show_bug.cgi?id=88401

4 years agoadjust for time spent in timedated even without dbus timestamp
Shawn Landden [Sat, 7 Mar 2015 09:43:32 +0000 (01:43 -0800)]
adjust for time spent in timedated even without dbus timestamp

it is trivial to fall back to our own timestamp

v2: use now()
v3: remove useless if ()
v4: add comment

4 years agopo: update French translation
Sylvain Plantefève [Fri, 6 Mar 2015 23:56:46 +0000 (00:56 +0100)]
po: update French translation

4 years agovconsole: match on vtcon events, not fbcon ones
Jan Engelhardt [Tue, 24 Feb 2015 16:49:02 +0000 (17:49 +0100)]
vconsole: match on vtcon events, not fbcon ones

I observe that upon loading of framebuffer drivers, I do not get the
desired system font, but the kernel-level defaults (usually
lib/fonts/font_8x16.c, but your mileage may vary depending on kernel
config and boot options).

The fbcon driver may be loaded at a time way before the first
framebuffer device is active, such that the vconsole setup helper
runs too early.

The existing rule is non-fitting. The going live of the fbcon kernel
component does not indicate the proper time at which to load the
visuals, which really ought to be done when a new vtcon object comes
into existence. (The font table is a per-vtcon property.)

4 years agologin: make hold-off timeout configurable
David Herrmann [Fri, 6 Mar 2015 13:37:09 +0000 (14:37 +0100)]
login: make hold-off timeout configurable

This introduces 'HoldoffTimeoutSec' to logind.conf to make
IGNORE_LID_SWITCH_{SUSPEND,STARTUP}_USEC configurable.

Background: If an external monitor is connected, or if the system is
docked, we want to ignore LID events. This is required to support setups
where a laptop is used with external peripherals while the LID is closed.
However, this requires us to probe all hot-plugged devices before reacting
to LID events. But with modern buses like USB, the standards do not impose
any timeout on the slots, so we have no chance to know whether a given
slot is used or not. Hence, after resume and startup, we have to wait a
fixed timeout to give the kernel a chance to probe devices. Our timeout
has always been generous enough to support even the slowest devices.
However, a lot of people didn't use these features and wanted to disable
the hold-off timer. Now we provide a knob to do that.

4 years agohwdb: add Lenovo W451 to TOUCHPAD_HAS_TRACKPOINT_BUTTONS list
Peter Hutterer [Fri, 6 Mar 2015 01:02:04 +0000 (11:02 +1000)]
hwdb: add Lenovo W451 to TOUCHPAD_HAS_TRACKPOINT_BUTTONS list

4 years agomachinectl: minor --help text improvements
Lennart Poettering [Thu, 5 Mar 2015 15:52:15 +0000 (16:52 +0100)]
machinectl: minor --help text improvements

4 years agotmpfiles: Fix handling of duplicate lines
Martin Pitt [Thu, 5 Mar 2015 13:58:56 +0000 (14:58 +0100)]
tmpfiles: Fix handling of duplicate lines

Commit 3f93da987 accidentally dropped the "return 0" after detection of a
duplicate line. Put it back, to get back the documented and intended "first
match wins" behaviour.

https://launchpad.net/bugs/1428540

4 years agohwdb: add Logitech G5 Laser Mouse
Jonathon Gilbert [Thu, 5 Mar 2015 10:29:56 +0000 (20:29 +1000)]
hwdb: add Logitech G5 Laser Mouse

4 years agonspawn: Map all seccomp filters to capabilities
Jay Faulkner [Fri, 20 Feb 2015 21:59:47 +0000 (21:59 +0000)]
nspawn: Map all seccomp filters to capabilities

This change makes it so all seccomp filters are mapped
to the appropriate capability and are only added if that
capability was not requested when running the container.

This unbreaks the remaining use cases broken by the
addition of seccomp filters without respecting requested
capabilities.

Co-Authored-By: Clif Houck <me@clifhouck.com>
[zj: - adapt to our coding style, make struct anonymous]

4 years agobuild-sys: generate CLEANFILES from EXTRA_DIST
Zbigniew Jędrzejewski-Szmek [Tue, 3 Mar 2015 13:33:15 +0000 (08:33 -0500)]
build-sys: generate CLEANFILES from EXTRA_DIST

Everything that is generated can be assumed to belong to CLEANFILES,
which means that the original file has to be in EXTRA_DIST. Simplify
the rules by generating as in $subject.

We have less lists to adjust manually, and 'make clean' actually
removes more stuff that before.

4 years agoAllow up to 4096 simultaneous connections
Hannes Reinecke [Wed, 4 Mar 2015 15:32:17 +0000 (16:32 +0100)]
Allow up to 4096 simultaneous connections

On large system we hit the limit on 512 simultaneous dbus
connections, resulting in tons of annoying messages:

Too many concurrent connections, refusing

This patch raises the limit to 4096.

4 years agoRemove the cap on epoll events
Hannes Reinecke [Wed, 4 Mar 2015 15:32:16 +0000 (16:32 +0100)]
Remove the cap on epoll events

Currently the code will silently blank out events if there are more
then 512 epoll events, causing them never to be handled at all. This
patch removes the cap on the number of events for epoll_wait, thereby
avoiding this issue.

4 years agohwdb: fix Dell XPS12 9Q33 key name
Zbigniew Jędrzejewski-Szmek [Thu, 5 Mar 2015 01:25:04 +0000 (20:25 -0500)]
hwdb: fix Dell XPS12 9Q33 key name

https://bugs.freedesktop.org/show_bug.cgi?id=84437

4 years agobuild-sys: fix check for efi-lds file
Mirco Tischler [Thu, 5 Mar 2015 00:22:01 +0000 (01:22 +0100)]
build-sys: fix check for efi-lds file

Using the DIR macro breaks caching and has no benefit as it only offers
performance improvements when AS_FOR is used with a single element list.
Also --with-lds-dir= was broken as we never set have_efi_lds in this case.
Fix this and check if PATH actually contains the efi-lds file.

4 years agoUse correct uname identifiers in arch_map for SuperH architecture
John Paul Adrian Glaubitz [Wed, 4 Mar 2015 23:07:33 +0000 (00:07 +0100)]
Use correct uname identifiers in arch_map for SuperH architecture

https://bugs.freedesktop.org/show_bug.cgi?id=89421

4 years agoman: replace obsolete wiki link with man page
Zachary Cook [Wed, 4 Mar 2015 23:43:20 +0000 (18:43 -0500)]
man: replace obsolete wiki link with man page

4 years agoimportd: add new bus calls for importing local tar and raw images
Lennart Poettering [Wed, 4 Mar 2015 23:56:08 +0000 (00:56 +0100)]
importd: add new bus calls for importing local tar and raw images

This also adds "machinectl import-raw" and "machinectl import-tar" to
wrap these new bus calls.

THe commands basically do for local files that "machinectl pull-raw" and
friends do for remote files.

4 years agopull: improve --help text
Lennart Poettering [Wed, 4 Mar 2015 17:54:08 +0000 (18:54 +0100)]
pull: improve --help text

4 years agoimport: split out compression logic, so that we can share it with between import...
Lennart Poettering [Wed, 4 Mar 2015 17:53:37 +0000 (18:53 +0100)]
import: split out compression logic, so that we can share it with between import and pull calls

4 years agoimport: rename download code from "import" to "pull"
Lennart Poettering [Wed, 4 Mar 2015 16:07:12 +0000 (17:07 +0100)]
import: rename download code from "import" to "pull"

That way we can call the code for local container/VM imports "import"
without confusion.