chiark / gitweb /
elogind.git
5 years agoREADME: simplify documented dependency on util-linux
Lennart Poettering [Wed, 22 Oct 2014 10:37:08 +0000 (12:37 +0200)]
README: simplify documented dependency on util-linux

we stritcly require features from util-linux v2.25, such a new version
is not optional, hence document this.

5 years agofsck: re-enable fsck -l
Karel Zak [Wed, 22 Oct 2014 08:28:42 +0000 (10:28 +0200)]
fsck: re-enable fsck -l

The -l (lock) has been temporary disabled due to conflict with
udev (https://bugs.freedesktop.org/show_bug.cgi?id=79576)

The problem is fixed since util-linux v2.25 (Jul 2014).

5 years agoUpdate TODO
Lennart Poettering [Wed, 22 Oct 2014 09:45:01 +0000 (11:45 +0200)]
Update TODO

5 years agoCODING_STYLE: clarify that single-line if blocks should not be enclosed in {}
Lennart Poettering [Wed, 22 Oct 2014 09:09:00 +0000 (11:09 +0200)]
CODING_STYLE: clarify that single-line if blocks should not be enclosed in {}

5 years agosd-bus: sync kdbus.h (API change: switch to absolute timeouts)
Daniel Mack [Tue, 21 Oct 2014 20:14:03 +0000 (22:14 +0200)]
sd-bus: sync kdbus.h (API change: switch to absolute timeouts)

kdbus_msg.timeout_ns now takes an absolute value, based on CLOCK_MONOTONIC,
in order to eventually support automatically restarted syscalls.

Signed-off-by: Daniel Mack <daniel@zonque.org>
5 years agosd-bus: sync kdbus.h (ABI break)
Daniel Mack [Tue, 21 Oct 2014 17:19:44 +0000 (19:19 +0200)]
sd-bus: sync kdbus.h (ABI break)

In kdbus.h, the following details changed:

 * All commands gained a 'kernel_flags' field to report the flags supported
   by the driver. Before, this was done in the 'flags' field in a
   bidirectional way, which turned out to be a problem for the code in
   sd-bus, as many parts of it reuse the same ioctl struct more than once
   and consider them to be owned by userspace.

 * Name listings are now returned by a new struct instead of reusing struct
   kdbus_cmd_name for that matter. This way, we don't add more unneeded
   fields to it and make the API cleaner.

 * 'conn_flags' was renamed to 'flags' in struct kdbus_cmd_hello to make
   the API a bit more unified.

5 years agostrv: use realloc_multiply() to check for multiplication overflow
Michal Schmidt [Tue, 21 Oct 2014 12:36:03 +0000 (14:36 +0200)]
strv: use realloc_multiply() to check for multiplication overflow

This could overflow on 32bit, where size_t is the same as unsigned.

5 years agostrv: add an additional overflow check when enlarging strv()s
Lennart Poettering [Tue, 21 Oct 2014 12:01:28 +0000 (14:01 +0200)]
strv: add an additional overflow check when enlarging strv()s

https://bugs.freedesktop.org/show_bug.cgi?id=76745

5 years agoman: add examples for coredumpctl
Ronny Chevalier [Sat, 11 Oct 2014 22:37:21 +0000 (00:37 +0200)]
man: add examples for coredumpctl

Add examples to clarify how to use coredumpctl

See https://bugs.freedesktop.org/show_bug.cgi?id=83437

5 years agoman: fix project reference for archlinux
Ronny Chevalier [Sat, 11 Oct 2014 22:37:24 +0000 (00:37 +0200)]
man: fix project reference for archlinux

5 years agoman: add missing commas
Ronny Chevalier [Sat, 11 Oct 2014 22:37:22 +0000 (00:37 +0200)]
man: add missing commas

5 years agoman: move one more nspawn example into a proper <example> section
Lennart Poettering [Mon, 20 Oct 2014 23:11:14 +0000 (01:11 +0200)]
man: move one more nspawn example into a proper <example> section

5 years agoman: use <example> instead of multiple <refsect1> for examples
Ronny Chevalier [Sat, 11 Oct 2014 22:37:23 +0000 (00:37 +0200)]
man: use <example> instead of multiple <refsect1> for examples

5 years agoshared: remove unused functions
Ronny Chevalier [Sat, 11 Oct 2014 16:43:12 +0000 (18:43 +0200)]
shared: remove unused functions

- mkdir_p_prefix: It has never been used
- mkdir_parents_prefix_label: Unused since 1434ae6fd49f8377b0ddbd4c675736e0d3226ea6

5 years agoutil: avoid duplication of TIME_T_MAX
Ronny Chevalier [Sat, 11 Oct 2014 16:45:11 +0000 (18:45 +0200)]
util: avoid duplication of TIME_T_MAX

5 years agoupdate TODO
Lennart Poettering [Mon, 20 Oct 2014 20:03:36 +0000 (22:03 +0200)]
update TODO

5 years agosd-journal: consistently use ternary operator for all direction checks
Christian Hesse [Mon, 13 Oct 2014 20:12:33 +0000 (22:12 +0200)]
sd-journal: consistently use ternary operator for all direction checks

5 years agobus-proxy: let's make use of the translated errors get_creds_by_name() provides us...
Lennart Poettering [Mon, 20 Oct 2014 19:50:37 +0000 (21:50 +0200)]
bus-proxy: let's make use of the translated errors get_creds_by_name() provides us with

5 years agoRevert "bus-proxyd: improve compatibility with dbus-1"
Lennart Poettering [Mon, 20 Oct 2014 19:46:09 +0000 (21:46 +0200)]
Revert "bus-proxyd: improve compatibility with dbus-1"

This reverts commit b0f84d4d7832659f2216bda7a7cdf51f5e79c6eb.

get_creds_by_name() already translate the error nicely, we just need to
make use of it.

5 years agoman: try to reword explanation of Sockets= a bit
Lennart Poettering [Mon, 20 Oct 2014 19:06:14 +0000 (21:06 +0200)]
man: try to reword explanation of Sockets= a bit

5 years agokdbus: free returned buffer when the memory is no longer needed
Lukasz Skalski [Thu, 16 Oct 2014 17:01:12 +0000 (19:01 +0200)]
kdbus: free returned buffer when the memory is no longer needed

5 years agoman: fix localectl set-x11-keymap syntax description
Jan Synacek [Mon, 20 Oct 2014 10:43:39 +0000 (12:43 +0200)]
man: fix localectl set-x11-keymap syntax description

5 years agoupdate TODO
Lennart Poettering [Sat, 18 Oct 2014 14:20:48 +0000 (16:20 +0200)]
update TODO

5 years agoman: document sd_bus_creds_get_connection_name()
Lennart Poettering [Sat, 18 Oct 2014 14:20:36 +0000 (16:20 +0200)]
man: document sd_bus_creds_get_connection_name()

5 years agoman: suffix C functions with ()
Lennart Poettering [Sat, 18 Oct 2014 14:20:24 +0000 (16:20 +0200)]
man: suffix C functions with ()

5 years agoman: document sd_machine_get_class() and sd_machine_get_ifindices()
Lennart Poettering [Sat, 18 Oct 2014 14:06:21 +0000 (16:06 +0200)]
man: document sd_machine_get_class() and sd_machine_get_ifindices()

5 years agosysctl.d: default to fq_codel, fight bufferbloat
Michal Schmidt [Thu, 16 Oct 2014 11:49:04 +0000 (13:49 +0200)]
sysctl.d: default to fq_codel, fight bufferbloat

Quoting from Jon Corbet's report of Stephen Hemminger's talk at Linux
Plumbers Conference 2014 (https://lwn.net/Articles/616241/):

    [...] So Stephen encouraged everybody to run a command like:

    sysctl -w net.core.default_qdisc=fq_codel

    That will cause fq_codel to be used for all future connections
    [Qdiscs apply to interfaces, not connections. Pointed out by TomH
    in the article comments. -- mschmidt] (up to the next reboot).
    Unfortunately, the default queuing discipline cannot be changed,
    since it will certainly disturb some user's workload somewhere.

Let's have the recommended default in systemd.

Thanks to Dave Täht for advice and the summary at
https://lists.bufferbloat.net/pipermail/cerowrt-devel/2014-October/003701.html

5 years agosd-bus: sync kdbus.h (ABI break)
Daniel Mack [Mon, 20 Oct 2014 13:26:00 +0000 (15:26 +0200)]
sd-bus: sync kdbus.h (ABI break)

kdbus.h now has KDBUS_ATTACH_COMM split into KDBUS_ATTACH_TID_COMM and
KDBUS_ATTACH_PID_COMM. The items were split already, so the change in
systemd is easy.

5 years agoshell-completion/bash: add add-wants and add-requires
Lukas Nykryn [Thu, 16 Oct 2014 07:41:02 +0000 (09:41 +0200)]
shell-completion/bash: add add-wants and add-requires

5 years agosd-bus: sync kdbus.h (ABI break)
Daniel Mack [Sat, 18 Oct 2014 18:57:53 +0000 (20:57 +0200)]
sd-bus: sync kdbus.h (ABI break)

In kdbus.h, the 'features' field has been dropped again. Instead of
negotiating features that way, we decided to make the kernel return the
set of supported flags in each ioctl struct's .flags field, in both the
success and error cases.

5 years agosystemd: try harder to bind to notify socket
Zbigniew Jędrzejewski-Szmek [Fri, 17 Oct 2014 00:15:38 +0000 (19:15 -0500)]
systemd: try harder to bind to notify socket

Without the socket open we are going to crash and burn. If for
whatever reason we fail during deserialization we will fail when
trying to open the socket. In this case it is better to unlink the old
socket and maybe lose some messages, than to continue without the
notification socket.

Of course this situation should not happen, but we should handle
it as gracefully as possible anyway.

https://bugzilla.redhat.com/show_bug.cgi?id=1099299

5 years agosystemd: log deserialization errors as warnings
Zbigniew Jędrzejewski-Szmek [Fri, 17 Oct 2014 00:13:45 +0000 (19:13 -0500)]
systemd: log deserialization errors as warnings

If we failed to parse something that we wrote ourselves,
things are seriously off. This is also likely to lead to
problems futher on.

5 years agosystemd: continue switch-root even if umount fails
Zbigniew Jędrzejewski-Szmek [Fri, 17 Oct 2014 00:12:55 +0000 (19:12 -0500)]
systemd: continue switch-root even if umount fails

Leaving the old root around seems better than aborting the
switch.

5 years agonspawn: fix DeviceAllow list
Daniel Mack [Fri, 17 Oct 2014 14:04:49 +0000 (16:04 +0200)]
nspawn: fix DeviceAllow list

Commit 864e17068 ("nspawn: actually allow access to /dev/net/tun in the
container") added "/dev/net/tun" to the list of allowed devices but forgot
to tweak the array length, which caused "/dev/kdbus/*" to be missed.

5 years agoenvironment: append unit_id to error messages regarding EnvironmentFile
Lukas Nykryn [Fri, 17 Oct 2014 09:46:01 +0000 (11:46 +0200)]
environment: append unit_id to error messages regarding EnvironmentFile

5 years agomissing: remove fanotify
Zbigniew Jędrzejewski-Szmek [Thu, 16 Oct 2014 22:29:45 +0000 (18:29 -0400)]
missing: remove fanotify

It was only used in readahead.

5 years agoexecute: downgrade namespace error to "warning"
Lennart Poettering [Fri, 17 Oct 2014 11:54:27 +0000 (13:54 +0200)]
execute: downgrade namespace error to "warning"

Also, extend the printed warning a bit, explaining the situation more
verbosely.

5 years agoupdate TODO
Lennart Poettering [Fri, 17 Oct 2014 11:49:01 +0000 (13:49 +0200)]
update TODO

5 years agonamespace: add missing 'const' to parameters
Lennart Poettering [Fri, 17 Oct 2014 11:48:55 +0000 (13:48 +0200)]
namespace: add missing 'const' to parameters

5 years agosystemctl: by default interactively ask for polkit authorization, if possible
Lennart Poettering [Mon, 13 Oct 2014 15:44:37 +0000 (17:44 +0200)]
systemctl: by default interactively ask for polkit authorization, if possible

Also, allow using --no-ask-password to turn off ineractive polkit
authorization.

5 years agoexecute: don't fail child when we don't have privileges to setup namespaces
Michal Sekletar [Fri, 17 Oct 2014 09:51:46 +0000 (11:51 +0200)]
execute: don't fail child when we don't have privileges to setup namespaces

If we don't have privileges to setup the namespaces then we are most likely
running inside some sort of unprivileged container, hence not being able to
create namespace is not a problem because spawned service can't access host
system anyway.

5 years agoRevert "sd-bus: sync kdbus.h (ABI break)"
Kay Sievers [Fri, 17 Oct 2014 08:09:14 +0000 (10:09 +0200)]
Revert "sd-bus: sync kdbus.h (ABI break)"

This reverts commit 1a2409e262da65a4b0ca8ab18fcf5eabd2d404ca.

Support from the kdbus interface was removed. We require
memfds to be supported by all clients.

5 years agoresolve: add missing header
Lukasz Skalski [Thu, 16 Oct 2014 16:50:13 +0000 (18:50 +0200)]
resolve: add missing header

Change-Id: I64f7c6b446f6d92057c35cc3d4e29bd2bad8f75b

5 years agoterminal: log unsupported ANSI or DEC mode changes
Tom Gundersen [Thu, 16 Oct 2014 12:29:06 +0000 (14:29 +0200)]
terminal: log unsupported ANSI or DEC mode changes

5 years agoterminal: split ANSI from DEC mode changes
Tom Gundersen [Thu, 16 Oct 2014 12:27:34 +0000 (14:27 +0200)]
terminal: split ANSI from DEC mode changes

5 years agoman: fix copy/paste error in CPUQuota= section of resource-control
David Strauss [Wed, 15 Oct 2014 14:50:44 +0000 (16:50 +0200)]
man: fix copy/paste error in CPUQuota= section of resource-control

5 years agoman: fix typos
Jan Synacek [Wed, 15 Oct 2014 08:46:20 +0000 (10:46 +0200)]
man: fix typos

5 years agoselinux: fix potential double free crash in child process
Michal Sekletar [Mon, 13 Oct 2014 13:25:09 +0000 (15:25 +0200)]
selinux: fix potential double free crash in child process

Before returning from function we should reset ret to NULL, thus cleanup
function is nop.

Also context_str() returns pointer to a string containing context but not a
copy, hence we must make copy it explicitly.

5 years agoman: we don't have 'Wanted' dependency
Lukas Nykryn [Wed, 15 Oct 2014 07:28:31 +0000 (09:28 +0200)]
man: we don't have 'Wanted' dependency

5 years agobus-proxyd: add missing flag translation for RequestName
Lukasz Skalski [Tue, 14 Oct 2014 14:13:05 +0000 (16:13 +0200)]
bus-proxyd: add missing flag translation for RequestName

5 years agoshell-completion: propose templates for disable/[re]enable/[re]start
Zbigniew Jędrzejewski-Szmek [Wed, 15 Oct 2014 01:10:02 +0000 (21:10 -0400)]
shell-completion: propose templates for disable/[re]enable/[re]start

Templates can be [re]enabled, on their own if the have DefaultInstance set,
and with an instance suffix in all cases. Propose just the template name
ending in @, to underline the instance suffix may have to be appended.

Likewise for start/restart.

This means that sometimes superflous units that one will not really
want to operate on will be proposed, but this seems better than
proposing a very incomplete set of names.

https://bugs.freedesktop.org/show_bug.cgi?id=66912

5 years agoshell-completion: fix completion of inactive units
Zbigniew Jędrzejewski-Szmek [Wed, 15 Oct 2014 00:20:07 +0000 (20:20 -0400)]
shell-completion: fix completion of inactive units

Units which not loaded were not proposed properly. OTOH, we should
filter units from get-unit-files by their state if they are currently
loaded. Bring zsh completions in line with bash completion, the same
logic should be used in both implementations.

https://bugzilla.redhat.com/show_bug.cgi?id=1024379
https://bugzilla.redhat.com/show_bug.cgi?id=790768
https://bugs.freedesktop.org/show_bug.cgi?id=84720

5 years agojournal-remote: fix mem leak on error
Zbigniew Jędrzejewski-Szmek [Mon, 13 Oct 2014 02:27:20 +0000 (22:27 -0400)]
journal-remote: fix mem leak on error

5 years agosd-bus: sync kdbus.h (ABI break)
Daniel Mack [Tue, 14 Oct 2014 18:03:06 +0000 (20:03 +0200)]
sd-bus: sync kdbus.h (ABI break)

kdbus learned KDBUS_HELLO_ACCEPT_MEMFD as new connection negotiation
flag. Set it by default in systemd for now.

5 years agobus-proxyd: improve compatibility with dbus-1
Lukasz Skalski [Mon, 13 Oct 2014 13:29:57 +0000 (15:29 +0200)]
bus-proxyd: improve compatibility with dbus-1

'GetConnectionUnixProcessID', 'GetConnectionUnixUser' and
'GetConnectionSELinuxSecurityContext' methods should return
'NameHasNoOwner' error (if chosen name is not available on bus)
with more detailed description - like dbus-1:

Could not get PID of name 'org.freedesktop.test': no such name.
Could not get UID of name 'org.freedesktop.test': no such name.
Could not get security context of name 'org.freedesktop.test': no such name.

Otherwise we have only laconic message without proper dbus error:

Error System.Error.ENXIO: No such device or address

5 years agopython-systemd: avoid hitting assert in __exit__
Dave Reisner [Tue, 14 Oct 2014 11:54:56 +0000 (07:54 -0400)]
python-systemd: avoid hitting assert in __exit__

Reader_close() asserts that 'args' is always NULL, but the __exit__
function forwards a non-NULL args.

5 years agoresolved: apply label to /run/systemd/resolve/resolv.conf
Zbigniew Jędrzejewski-Szmek [Tue, 14 Oct 2014 02:27:43 +0000 (22:27 -0400)]
resolved: apply label to /run/systemd/resolve/resolv.conf

Under an SELinux system, we want the file that is created to
have a proper context, different from the default for files in /run.
This is so that the policy can give access to almost everyone to
this file.

5 years agoresolved: split out writing of resolv.conf
Zbigniew Jędrzejewski-Szmek [Tue, 14 Oct 2014 01:28:32 +0000 (21:28 -0400)]
resolved: split out writing of resolv.conf

manager_write_resolv_conf() is quite long anyway.

5 years agobus: check allow-interactive-auhtorization flag when doing polkit
Lennart Poettering [Mon, 13 Oct 2014 15:17:48 +0000 (17:17 +0200)]
bus: check allow-interactive-auhtorization flag when doing polkit

5 years agosd-bus: add support for new allow-interactive-authorization message header flag
Lennart Poettering [Mon, 13 Oct 2014 15:16:56 +0000 (17:16 +0200)]
sd-bus: add support for new allow-interactive-authorization message header flag

5 years agopolkit: as we dropped support for the polkit bus transport, also drop its polkit...
Lennart Poettering [Mon, 13 Oct 2014 15:16:12 +0000 (17:16 +0200)]
polkit: as we dropped support for the polkit bus transport, also drop its polkit policy

5 years agoupdate TODO
Lennart Poettering [Mon, 13 Oct 2014 13:45:56 +0000 (15:45 +0200)]
update TODO

5 years agosystemctl: when mangle unit names for the "isolate", suffix with ".target" rather...
Lennart Poettering [Mon, 13 Oct 2014 13:43:09 +0000 (15:43 +0200)]
systemctl: when mangle unit names for the "isolate", suffix with ".target" rather than ".service" by default

After all, we set AllowIsolate exclusively for target units so far, and
this is more or less the only thing tht makes sense, hence also use
".target" as completion suffix by default.

5 years agosystemctl: move unit action table closer to the functions that use them
Lennart Poettering [Mon, 13 Oct 2014 13:41:42 +0000 (15:41 +0200)]
systemctl: move unit action table closer to the functions that use them

All other static tables we placed next to the functions that access
them, so let's do this for the unit action table too.

5 years agofi-latin1 console keymap is no more
Marko Myllynen [Mon, 13 Oct 2014 07:45:00 +0000 (10:45 +0300)]
fi-latin1 console keymap is no more

http://git.altlinux.org/people/legion/packages/kbd.git?p=kbd.git;a=commitdiff;h=a88711232f3216debbb02d0171187442863ccedb

5 years agotest-dhcp-client: add more asserts
Tom Gundersen [Mon, 13 Oct 2014 08:07:05 +0000 (10:07 +0200)]
test-dhcp-client: add more asserts

5 years agotmpfiles: compare return against correct errno
Dave Reisner [Sun, 12 Oct 2014 00:35:06 +0000 (20:35 -0400)]
tmpfiles: compare return against correct errno

name_to_handle_at returns -EOPNOTSUPP, not -ENOTSUP.

5 years agoman: join tables in systemd-detect-virt(1)
Zbigniew Jędrzejewski-Szmek [Sun, 12 Oct 2014 22:27:53 +0000 (17:27 -0500)]
man: join tables in systemd-detect-virt(1)

I think it is more readable and nicer if everything is in
one table.

Also, describe what the return value, since it seems awkward to
describe the change in behaviour with --quiet before describing
what the default is.

5 years agotests: fix some tests to pass in koji
Zbigniew Jędrzejewski-Szmek [Sun, 12 Oct 2014 20:05:49 +0000 (16:05 -0400)]
tests: fix some tests to pass in koji

FAIL: test-engine
=================
Cannot find cgroup mount point: No such file or directory
Assertion 'r >= 0' failed at ../src/test/test-engine.c:46, function main(). Aborting.

FAIL: test-sched-prio
=====================
Cannot find cgroup mount point: No such file or directory
Assertion 'r >= 0' failed at ../src/test/test-sched-prio.c:42, function main(). Aborting.

FAIL: test-bus-cleanup
======================
Assertion 'sd_bus_open_system(&bus) >= 0' failed at ../src/libsystemd/sd-bus/test-bus-cleanup.c:40, function test_bus_open(). Aborting.
after new: refcount 1

5 years agoSet $NOTIFY_SOCKET for control procs if NotifyAccess=all
Brandon L Black [Sat, 11 Oct 2014 23:36:06 +0000 (23:36 +0000)]
Set $NOTIFY_SOCKET for control procs if NotifyAccess=all

5 years agoModernization
Zbigniew Jędrzejewski-Szmek [Sat, 11 Oct 2014 15:37:37 +0000 (11:37 -0400)]
Modernization

5 years agoNEWS: don't mention noinst_* debug programs
David Herrmann [Sat, 11 Oct 2014 16:53:26 +0000 (18:53 +0200)]
NEWS: don't mention noinst_* debug programs

systemd-evcat and systemd-modeset are not installed systemd wide and
should really just be used by developers to test the libsystemd-terminal
features. No reason to mention it in NEWS.. despite the undulating
rainbows..

5 years agoterminal/grdrm: force deep modeset on enter
David Herrmann [Sat, 11 Oct 2014 16:49:20 +0000 (18:49 +0200)]
terminal/grdrm: force deep modeset on enter

Usually, when our session is activated (or re-configurated) we should be
able to try a page-flip to our buffer. The kernel driver should reject it
if it is incompatible. As it turns out, drivers don't do this. Therefore,
we now force a deep modeset if we're not sure what mode is set.

This has the side-effect that we might get glitches on session-switches
(depending on driver behavior). However, there's no way around this and it
is what everyone does so far. Most drivers still detect if we keep the
mode and so don't touch the clocks. Therefore, we just get a regular async
flip.

5 years agosd-dhcp-client: support non-Ethernet hardware addresses
Dan Williams [Wed, 8 Oct 2014 19:15:45 +0000 (14:15 -0500)]
sd-dhcp-client: support non-Ethernet hardware addresses

Like Infiniband.  See RFC 4390 section 2.1 for details on DHCP
and Infiniband; chaddr is zeroed, hlen is set to 0, and htype
is set to ARPHRD_INFINIBAND because IB hardware addresses
are 20 bytes in length.

5 years agoReport aa_change_onexec error code
Michael Scherer [Sat, 11 Oct 2014 08:13:43 +0000 (04:13 -0400)]
Report aa_change_onexec error code

Since aa_change_onexec return the error code in errno, and return
-1, the current code do not give any useful information when
something fail. This make apparmor easier to debug, as seen on
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760526

5 years agobus-proxyd: fix compatibility with old dbus-1
Lukasz Skalski [Fri, 10 Oct 2014 14:42:19 +0000 (16:42 +0200)]
bus-proxyd: fix compatibility with old dbus-1

'ListQueuedOwners' method should return 'NameHasNoOwner' error
if chosen name is not available on bus.

5 years agomount-setup: skip relabelling when SELinux and SMACK not supported
Emil Renner Berthing [Thu, 18 Sep 2014 13:24:55 +0000 (15:24 +0200)]
mount-setup: skip relabelling when SELinux and SMACK not supported

This is also the only place where FTW_ACTIONRETVAL is used, so
this makes systemd compile without SELinux or SMACK support
when the standard library doesn't support this extension.

5 years agofstab-generator: Honor mount.usr*= on kernel command line
Tobias Hunger [Thu, 9 Oct 2014 19:37:17 +0000 (21:37 +0200)]
fstab-generator: Honor mount.usr*= on kernel command line

This allows to configure boot loader entries for systems where the
root and usr filesystems are in different subvolumes (or even on
different drives).

5 years agokdbus: fix buffer overflow in bus_get_owner_kdbus() function
Lukasz Skalski [Fri, 10 Oct 2014 10:29:04 +0000 (12:29 +0200)]
kdbus: fix buffer overflow in bus_get_owner_kdbus() function

Commit 710fc9779b7c (kdbus repo) introduced attaching items[]
instead of name[] in kdbus_cmd_conn_info struct. Commit 581fe6c81
(systemd repo) caught up with this change, but item size was not
properly calculated.

5 years agoman: reference table in systemd-detect-virt(1) from ConditionVirtualization= document...
Lennart Poettering [Fri, 10 Oct 2014 10:37:21 +0000 (12:37 +0200)]
man: reference table in systemd-detect-virt(1) from ConditionVirtualization= documentation

5 years agoman: include zVM in systemd-detect-virt list
Lennart Poettering [Fri, 10 Oct 2014 10:36:57 +0000 (12:36 +0200)]
man: include zVM in systemd-detect-virt list

5 years agoman: rework VM/container identifier list into a table, and include descriptions for...
Lennart Poettering [Fri, 10 Oct 2014 10:29:08 +0000 (12:29 +0200)]
man: rework VM/container identifier list into a table, and include descriptions for all entries

(also remove chroot from the list, we don't detect that anymore)

5 years agonspawn: actually allow access to /dev/net/tun in the container
Lennart Poettering [Fri, 10 Oct 2014 09:11:25 +0000 (11:11 +0200)]
nspawn: actually allow access to /dev/net/tun in the container

It's not sufficient to just copy the device node over, we need to update
the policy for it too.

5 years agosystemd-hibernate-resume@.service: remove unnecessary ordering
Ivan Shapovalov [Fri, 10 Oct 2014 03:52:26 +0000 (23:52 -0400)]
systemd-hibernate-resume@.service: remove unnecessary ordering

They were left from an early review iteration, when hibernate-resume
functionality was intended to work also outside of initramfs.
Now this is not the case, and these dependencies became redundant
as systemd-fsck-root.service can never be part of initramfs, and
systemd-remount-fs.service makes little sense in it.

5 years agobuild-sys: use -Wno-gnu-variable-sized-type-not-at-end under clang
Zbigniew Jędrzejewski-Szmek [Fri, 10 Oct 2014 03:30:45 +0000 (22:30 -0500)]
build-sys: use -Wno-gnu-variable-sized-type-not-at-end under clang

Otherwise we get useless warnings about journal code.

5 years agobuild-sys: use -Wno-typedef-redefinition only for clang
Zbigniew Jędrzejewski-Szmek [Fri, 10 Oct 2014 03:25:01 +0000 (22:25 -0500)]
build-sys: use -Wno-typedef-redefinition only for clang

Our checks for -Wno-xxx switches do not work with gcc [1].

[1] https://gcc.gnu.org/wiki/FAQ#wnowarning

5 years agoUpdate TODO
Zbigniew Jędrzejewski-Szmek [Wed, 8 Oct 2014 00:01:02 +0000 (20:01 -0400)]
Update TODO

5 years agoman: clarify what "microsoft" and "oracle" stand for
Rahul Sundaram [Fri, 10 Oct 2014 02:14:36 +0000 (22:14 -0400)]
man: clarify what "microsoft" and "oracle" stand for

https://bugzilla.redhat.com/show_bug.cgi?id=1150477

5 years agosystemctl: remove casts in formatting
Zbigniew Jędrzejewski-Szmek [Fri, 10 Oct 2014 02:57:56 +0000 (22:57 -0400)]
systemctl: remove casts in formatting

5 years agojournalctl: use pager for --list-boots
Zbigniew Jędrzejewski-Szmek [Thu, 9 Oct 2014 23:52:31 +0000 (19:52 -0400)]
journalctl: use pager for --list-boots

5 years agosd-journal: fix sd_journal_enumerate_unique skipping values
Jan Janssen [Sat, 6 Sep 2014 08:36:34 +0000 (10:36 +0200)]
sd-journal: fix sd_journal_enumerate_unique skipping values

sd_journal_enumerate_unique will lock its mmap window to prevent it
from being released by calling mmap_cache_get with keep_always=true.
This call may return windows that are wider, but compatible with the
parameters provided to it.

This can result in a mismatch where the window to be released cannot
properly be selected, because we have more than one window matching the
parameters of mmap_cache_release. Therefore, introduce a release_cookie
to be used when releasing the window.

https://bugs.freedesktop.org/show_bug.cgi?id=79380

5 years agosd-journal: change check to assert
Zbigniew Jędrzejewski-Szmek [Fri, 10 Oct 2014 02:51:35 +0000 (22:51 -0400)]
sd-journal: change check to assert

As of 0f99f74a14 'sd-journal: verify that object start with the field
name' this condition should never happen.

5 years agosd-journal: do not reset sd_j_enumerate_unique position on error
Zbigniew Jędrzejewski-Szmek [Fri, 10 Oct 2014 02:44:29 +0000 (22:44 -0400)]
sd-journal: do not reset sd_j_enumerate_unique position on error

systemctl would call sd_j_enumerate_unique() interleaved with
sd_j_next(). But the latter can remove a file if it detects an
error in it. In those circumstances sd_j_enumerate_unique would
restart with the first file in hashmap. With many corrupted files
sd_j_enumerate_unique might iterate over the list multiple times.

Avoid this by jumping to the next file in unique list if possible,
or setting a flag that tells sd_j_enumerate_unique that it is done
otherwise.

5 years agoman: document the new "rescue" kernel command line option
Lennart Poettering [Thu, 9 Oct 2014 16:26:47 +0000 (18:26 +0200)]
man: document the new "rescue" kernel command line option

5 years agoservice: enter SERVICE_STOP_SIGTERM state after getting "STOPPING=1"
Michal Schmidt [Thu, 9 Oct 2014 15:27:57 +0000 (17:27 +0200)]
service: enter SERVICE_STOP_SIGTERM state after getting "STOPPING=1"

SERVICE_STOP would mean we're running the ExecStop command. That's not
the case with "STOPPING=1".
Instead we should enter the same state as if we just told the service
to stop, i.e. SERVICE_STOP_SIGTERM.

This fixes a bug where voluntarily exiting services would hang around in
deactivating state until timeout.

5 years agoupdate TODO
Lennart Poettering [Thu, 9 Oct 2014 14:51:31 +0000 (16:51 +0200)]
update TODO

5 years agobus-proxy: allow getpeersec() to fail
Daniel Mack [Thu, 9 Oct 2014 13:40:17 +0000 (15:40 +0200)]
bus-proxy: allow getpeersec() to fail

getpeersec() will fail for non-SELinux enabled machines, so don't make that
a hard error.

5 years agosocket-proxyd: Unchecked return value from library
Susant Sahani [Thu, 9 Oct 2014 13:31:11 +0000 (19:01 +0530)]
socket-proxyd: Unchecked return value from library

CID 1237543 (#1 of 1): Unchecked return value from library
(CHECKED_RETURN)

5 years agosd-dhcp6-lease: Name the structure containing IAADDR data
Patrik Flykt [Wed, 8 Oct 2014 08:00:07 +0000 (11:00 +0300)]
sd-dhcp6-lease: Name the structure containing IAADDR data

With this change the DHCP6_OPTION_IAADDR_LEN define can be removed in
favor of using sizeof(). Using the name of the struct and sizeof()
makes it clearer how much and what data is being copied from the
DHCPv6 message.

5 years agobus-policy: move name list iteration to policy users
Daniel Mack [Thu, 9 Oct 2014 11:26:53 +0000 (13:26 +0200)]
bus-policy: move name list iteration to policy users

We need to figure out which of the possible names satisfied the policy,
so we cannot do the iteration in check_policy_item() but have to leave it
to the users.

Test cases amended accordingly.