From: Adrian Szyndela Date: Thu, 26 Mar 2020 15:27:17 +0000 (+0100) Subject: Merge v239 into tizen X-Git-Tag: submit/tizen/20200402.112550^2~30 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=a38e2bbf80ed9d3da6f238ee87d2348b61a6e372;p=platform%2Fupstream%2Fsystemd.git Merge v239 into tizen systemd 239 --- a38e2bbf80ed9d3da6f238ee87d2348b61a6e372 diff --cc meson.build index 2e4eb6c,04331dd..7d168da --- a/meson.build +++ b/meson.build @@@ -616,9 -558,9 +571,9 @@@ endforeac conf.set_quoted('TELINIT', get_option('telinit-path')) -if run_command('ln', '--relative', '--help').returncode() != 0 - error('ln does not support --relative (added in coreutils 8.16)') -endif +#if run_command('ln', '--relative', '--help').returncode() != 0 - # error('ln does not support --relative') ++# error('ln does not support --relative (added in coreutils 8.16)') +#endif ############################################################ @@@ -824,20 -762,17 +775,17 @@@ conf.set_quoted('GETTEXT_PACKAGE', meso substs.set('SUSHELL', get_option('debug-shell')) substs.set('DEBUGTTY', get_option('debug-tty')) - debug = get_option('debug-extra') enable_debug_hashmap = false enable_debug_mmap_cache = false - if debug != '' - foreach name : debug.split(',') - if name == 'hashmap' - enable_debug_hashmap = true - elif name == 'mmap-cache' - enable_debug_mmap_cache = true - else - message('unknown debug option "@0@", ignoring'.format(name)) - endif - endforeach - endif -foreach name : get_option('debug') ++foreach name : get_option('debug-extra') + if name == 'hashmap' + enable_debug_hashmap = true + elif name == 'mmap-cache' + enable_debug_mmap_cache = true + else + message('unknown debug option "@0@", ignoring'.format(name)) + endif + endforeach conf.set10('ENABLE_DEBUG_HASHMAP', enable_debug_hashmap) conf.set10('ENABLE_DEBUG_MMAP_CACHE', enable_debug_mmap_cache) diff --cc meson_options.txt index ff36194,16c1f2b..8fd9c30 --- a/meson_options.txt +++ b/meson_options.txt @@@ -53,10 -46,12 +46,12 @@@ option('debug-shell', type : 'string', description : 'path to debug shell binary') option('debug-tty', type : 'string', value : '/dev/tty9', description : 'specify the tty device for debug shell') - option('debug-extra', type : 'string', - description : 'enable extra debugging (hashmap,mmap-cache)') -option('debug', type : 'array', choices : ['hashmap', 'mmap-cache'], value : [], ++option('debug-extra', type : 'array', choices : ['hashmap', 'mmap-cache'], value : [], + description : 'enable extra debugging') option('memory-accounting-default', type : 'boolean', description : 'enable MemoryAccounting= by default') + option('valgrind', type : 'boolean', value : false, + description : 'do extra operations to avoid valgrind warnings') option('utmp', type : 'boolean', description : 'support for utmp/wtmp log handling') diff --cc packaging/systemd.spec index d172161,0000000..749768b mode 100644,000000..100644 --- a/packaging/systemd.spec +++ b/packaging/systemd.spec @@@ -1,719 -1,0 +1,722 @@@ +# "enable foo" will turn into --enable-foo or --disable-foo +# depending "with_foo" macro +%define enable() %{expand:%%{?with_%{1}:--enable-%{1}}%%{!?with_%{1}:--disable-%{1}}} + +%define WITH_RANDOMSEED 0 +%define WITH_BASH_COMPLETION 0 +%define WITH_ZSH_COMPLETION 0 +%define WITH_COREDUMP 0 +%define WITH_BACKLIGHT 0 +%define WITH_TIMEDATED 0 +%define WITH_RFKILL 0 +%define WITH_MACHINED 0 +%define WITH_DOC 0 +%define WITH_HOSTNAMED 0 + +%define build_dir _build +%define dbuspolicydir %{_datadir}/dbus-1 + +# The 'meson' macro is defined in rpm macros, but it uses features from rpm 4.15 ({shrink, set_build_flags) +# Below is a version suitable for our purposes +%define meson \ + CFLAGS="${CFLAGS:-%optflags}" \ + export CFLAGS \ + %{__meson} \\\ + --buildtype=plain \\\ + --prefix=%{_prefix} \\\ + --libdir=%{_libdir} \\\ + --libexecdir=%{_libexecdir} \\\ + --bindir=%{_bindir} \\\ + --sbindir=%{_sbindir} \\\ + --includedir=%{_includedir} \\\ + --datadir=%{_datadir} \\\ + --mandir=%{_mandir} \\\ + --infodir=%{_infodir} \\\ + --localedir=%{_datadir}/locale \\\ + --sysconfdir=%{_sysconfdir} \\\ + --localstatedir=%{_localstatedir} \\\ + --sharedstatedir=%{_sharedstatedir} \\\ + --wrap-mode=%{__meson_wrap_mode} \\\ + %{_vpath_builddir} +# Ninja macros below are defined for ninja in e.g. fedora distro, but +# so far they are not provided by Tizen's ninja package. +%define __ninja %{_bindir}/ninja +%define __ninja_common_opts -v %{?_smp_flags} +%define ninja_build \ + %{__ninja} %{__ninja_common_opts} +%define ninja_install \ + DESTDIR=%{buildroot} %{__ninja} install %{__ninja_common_opts} + +Name: systemd - Version: 238 ++Version: 239 +Release: 0%{?release_flags} +# For a breakdown of the licensing, see README +License: LGPL-2.1+ and GPL-2.0+ +Summary: A System and Service Manager +Url: http://www.freedesktop.org/wiki/Software/systemd +Group: Base/Startup +Source0: https://github.com/systemd/systemd/archive/v%{version}.tar.gz +Source1: pamconsole-tmp.conf +Source2: %{name}-rpmlintrc +Source3: test-runner.c +Source4: wait-default-target.sh +Source5: wait-delayed-target.sh +Source6: org.tizen.system.conf +Source7: sysctl-tizen-override.conf +Source1001: systemd.manifest +BuildRequires: gperf +BuildRequires: intltool >= 0.40.0 +BuildRequires: libacl-devel +BuildRequires: libblkid-devel >= 2.20 +BuildRequires: libcap-devel +BuildRequires: libgcrypt-devel +BuildRequires: libkmod-devel >= 14 +%if %{?WITH_DOC} +BuildRequires: xsltproc +BuildRequires: docbook-xsl-stylesheets +%endif +BuildRequires: pam-devel +BuildRequires: pkgconfig +# BuildRequires: pkgconfig(dbus-1) # for remove circular dependency on OBS +BuildRequires: pkgconfig(glib-2.0) +BuildRequires: pkgconfig(liblzma) +BuildRequires: pkgconfig(libkmod) +BuildRequires: pkgconfig(mount) +BuildRequires: meson +BuildRequires: acl +BuildRequires: python +# Requires: dbus # for remove circular dependency on OBS +Requires: filesystem +Requires(post): coreutils +Requires(pre): coreutils +Requires(pre): /usr/bin/getent +Requires(pre): /usr/sbin/groupadd +Requires(post): %{_sbindir}/update-alternatives +Requires(preun): %{_sbindir}/update-alternatives + +Obsoletes: SysVinit < 2.86-24 +Obsoletes: sysvinit < 2.86-24 +Provides: SysVinit = 2.86-24 +Provides: sysvinit = 2.86-24 +Provides: /bin/systemctl +Provides: /sbin/shutdown +Provides: udev = %{version} +Obsoletes: udev < 183 + +%description +systemd is a system and service manager for Linux, compatible with +SysV and LSB init scripts. systemd provides aggressive parallelization +capabilities, uses socket and D-Bus activation for starting services, +offers on-demand starting of daemons, keeps track of processes using +Linux cgroups, supports snapshotting and restoring of the system +state, maintains mount and automount points and implements an +elaborate transactional dependency-based service control logic. It can +work as a drop-in replacement for sysvinit. + +%package -n libsystemd +License: LGPL-2.1+ +Summary: Systemd libraries +Group: Base/Startup +Obsoletes: libudev < 183 +Provides: libudev = %{version} +Obsoletes: systemd < 185-4 +Conflicts: systemd < 185-4 + +%description -n libsystemd +Libraries for systemd and udev, as well as the systemd PAM module. + +%package devel +License: LGPL-2.1+ +Summary: Development headers for systemd +Requires: %{name} = %{version} +Requires: libsystemd = %{version} +Provides: libudev-devel = %{version} +Obsoletes: libudev-devel < 183 + +%description devel +Development headers and auxiliary files for developing applications for systemd. + +%package analyze +License: LGPL-2.1+ +Summary: Tool for processing systemd profiling information +Requires: %{name} = %{version} +Obsoletes: systemd < 38-5 + +%description analyze +'systemd-analyze blame' lists which systemd unit needed how much time to finish +initialization at boot. +'systemd-analyze plot' renders an SVG visualizing the parallel start of units +at boot. + +%package tests +License: LGPL-2.1+ and BSD-2-Clause +Summary: Set of tests for sd-bus component +Requires: %{name} = %{version} + +%description tests +This package is part of 'dbus-integratnion-tests' framework and contains set of tests +for sd-bus component (DBUS API C library). + +%package extension-kdbus +Summary: Extension for systemd to support KDBUS in Tizen +Requires: %{name} = %{version}-%{release} + +%description extension-kdbus +This modifies systemd to support KDBUS in Tizen. + +%prep +%setup -q + +%build +cp %{SOURCE1001} . +cp %{SOURCE3} . + +%define _vpath_srcdir . +%define _vpath_builddir %{build_dir} +%meson \ + -Dkdbus=true \ +%if ! %{WITH_RANDOMSEED} + -Drandomseed=false \ +%endif +%if ! %{?WITH_COREDUMP} + -Dcoredump=false \ +%endif +%if ! %{?WITH_BACKLIGHT} + -Dbacklight=false \ +%endif +%if ! %{?WITH_TIMEDATED} + -Dtimedated=false \ +%endif +%if ! %{WITH_RFKILL} + -Drfkill=false \ +%endif + -Dhwdb=false \ + -Dsysusers=false \ + -Dfirstboot=false \ + -Dpolkit=false \ + -Dtimesyncd=false \ + -Dresolve=false \ + -Dnetworkd=false \ +%if ! %{?WITH_MACHINED} + -Dmachined=false \ +%endif +%if ! %{?WITH_HOSTNAMED} + -Dhostnamed=false \ +%endif + -Dimportd=false \ + -Denvironment-d=false \ + -Dnss-systemd=false \ + -Dgcrypt=false \ +%if ! %{?WITH_DOC} + -Dman=false \ +%endif ++ -Dportabled=false \ + -Drpmmacrosdir=%{_sysconfdir}/rpm/ \ + -Dsysvinit-path="" \ + -Dsysvrcnd-path="" \ + -Dsmack-run-label=System::Privileged \ + -Dinstall-tests=true \ + -Ddefault-hierarchy=legacy \ + -Db_pie=true +%meson_build + +# compile test-runner for 'dbus-integration-test' framework +%__cc %{_builddir}/%{name}-%{version}/test-runner.c -o %{_builddir}/%{name}-%{version}/systemd-tests + +%install +%meson_install +%find_lang %{name} +cat <> systemd.lang +%lang(be) /usr/lib/systemd/catalog/systemd.be.catalog +%lang(be) /usr/lib/systemd/catalog/systemd.be@latin.catalog +%lang(bg) /usr/lib/systemd/catalog/systemd.bg.catalog +%lang(de) /usr/lib/systemd/catalog/systemd.de.catalog +%lang(fr) /usr/lib/systemd/catalog/systemd.fr.catalog +%lang(it) /usr/lib/systemd/catalog/systemd.it.catalog +%lang(pl) /usr/lib/systemd/catalog/systemd.pl.catalog +%lang(pt_BR) /usr/lib/systemd/catalog/systemd.pt_BR.catalog +%lang(ru) /usr/lib/systemd/catalog/systemd.ru.catalog +%lang(zh) /usr/lib/systemd/catalog/systemd.zh_CN.catalog +%lang(zh) /usr/lib/systemd/catalog/systemd.zh_TW.catalog +EOF + +# udev links +/usr/bin/mkdir -p %{buildroot}/%{_sbindir} +/usr/bin/ln -sf ../bin/udevadm %{buildroot}%{_sbindir}/udevadm +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/firmware/updates + +# Create SysV compatibility symlinks. systemctl/systemd are smart +# enough to detect in which way they are called. +/usr/bin/ln -s ../lib/systemd/systemd %{buildroot}%{_bindir}/systemd + +# legacy links +/usr/bin/ln -s loginctl %{buildroot}%{_bindir}/systemd-loginctl + +# We create all wants links manually at installation time to make sure +# they are not owned and hence overriden by rpm after the used deleted +# them. +/usr/bin/rm -r %{buildroot}%{_sysconfdir}/systemd/system/*.target.wants + +# Make sure these directories are properly owned +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system/basic.target.wants +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system/default.target.wants +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system/dbus.target.wants +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system/syslog.target.wants + +# Make sure the user generators dir exists too +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system-generators +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/user-generators + +# Create new-style configuration files so that we can ghost-own them +/usr/bin/touch %{buildroot}%{_sysconfdir}/hostname +/usr/bin/touch %{buildroot}%{_sysconfdir}/vconsole.conf +/usr/bin/touch %{buildroot}%{_sysconfdir}/locale.conf +/usr/bin/touch %{buildroot}%{_sysconfdir}/machine-id +/usr/bin/touch %{buildroot}%{_sysconfdir}/machine-info +/usr/bin/touch %{buildroot}%{_sysconfdir}/timezone + +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system-preset/ +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/user-preset/ + +# Make sure the shutdown/sleep drop-in dirs exist +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system-shutdown/ +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/system-sleep/ + +# Make sure the NTP units dir exists +/usr/bin/mkdir -p %{buildroot}%{_prefix}/lib/systemd/ntp-units.d/ + +# Install modprobe fragment +/usr/bin/mkdir -p %{buildroot}%{_sysconfdir}/modprobe.d/ + +# Fix the dangling /var/lock -> /run/lock symlink +install -Dm644 tmpfiles.d/legacy.conf %{buildroot}%{_prefix}/lib/tmpfiles.d/legacy.conf + +install -m644 %{SOURCE1} %{buildroot}%{_prefix}/lib/tmpfiles.d/ + +install -m 755 -d %{buildroot}/%{_prefix}/lib/systemd/system + +rm -rf %{buildroot}/%{_docdir}/%{name} + +# Allow replacing systemd-shutdown with tizen-specific variant +mv %{buildroot}%{_prefix}/lib/systemd/systemd-shutdown %{buildroot}%{_prefix}/lib/systemd/systemd-shutdown-original + +# Disable some useless services in Tizen +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/sysinit.target.wants/dev-hugepages.mount +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/sysinit.target.wants/sys-fs-fuse-connections.mount +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/sysinit.target.wants/systemd-binfmt.service +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/sysinit.target.wants/systemd-modules-load.service +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/sysinit.target.wants/systemd-ask-password-console.path +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/multi-user.target.wants/systemd-ask-password-wall.path +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/systemd-tmpfiles-clean.timer +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/systemd-tmpfiles-clean.service +rm -rf %{buildroot}/%{_prefix}/lib/systemd/system/timers.target.wants/systemd-tmpfiles-clean.timer +rm -rf %{buildroot}/%{_prefix}/lib/systemd/user/systemd-tmpfiles-clean.timer +rm -rf %{buildroot}/%{_prefix}/lib/systemd/user/systemd-tmpfiles-clean.service +rm -rf %{buildroot}/%{_prefix}/lib/systemd/user/systemd-tmpfiles-setup.service + +# Exclude ELF binaries +rm -f %{buildroot}/%{_prefix}/lib/systemd/system-generators/systemd-debug-generator +rm -f %{buildroot}/%{_prefix}/lib/systemd/system-generators/systemd-efi-boot-generator +rm -f %{buildroot}/%{_prefix}/lib/systemd/system-generators/systemd-gpt-auto-generator +rm -f %{buildroot}/%{_prefix}/lib/systemd/system-generators/systemd-hibernate-resume-generator + +# Marker file for kdbus +touch %{buildroot}/%{_sysconfdir}/systemd/extension-kdbus + +# Prepare tests for 'dbus-integration-test' framework +install -D -m 755 %{_builddir}/%{name}-%{version}/systemd-tests %{buildroot}%{_prefix}/lib/dbus-tests/runner/systemd-tests +mkdir -p %{buildroot}%{_prefix}/lib/dbus-tests/test-suites/systemd-tests/ +mv %{buildroot}%{_prefix}/lib/systemd/tests/test-bus-* %{buildroot}%{_prefix}/lib/dbus-tests/test-suites/systemd-tests/ + +# Shell Completion +%if ! %{?WITH_BASH_COMPLETION} +rm -rf %{buildroot}/%{_datadir}/bash-completion/* +%endif +%if ! %{?WITH_ZSH_COMPLETION} +rm -rf %{buildroot}/%{_datadir}/zsh/site-functions/* +%endif + +mkdir -p %{buildroot}/%{_localstatedir}/log/journal + +ln -sf ./libsystemd.pc %{buildroot}%{_libdir}/pkgconfig/libsystemd-daemon.pc +ln -sf ./libsystemd.pc %{buildroot}%{_libdir}/pkgconfig/libsystemd-id128.pc +ln -sf ./libsystemd.pc %{buildroot}%{_libdir}/pkgconfig/libsystemd-journal.pc +ln -sf ./libsystemd.pc %{buildroot}%{_libdir}/pkgconfig/libsystemd-login.pc + +# Delayed target +install -m 0755 %{SOURCE4} %{buildroot}%{_bindir}/wait-default-target.sh +install -m 0755 %{SOURCE5} %{buildroot}%{_bindir}/wait-delayed-target.sh +install -m 0755 %{SOURCE6} %{buildroot}%{dbuspolicydir}/system.d/org.tizen.system.conf + +# Tizen sysctl values overriding default systemd values +install -m 0644 %{SOURCE7} %{buildroot}%{_sysconfdir}/sysctl.d/ + +# end of install +%pre +/usr/bin/getent group cdrom >/dev/null 2>&1 || /usr/sbin/groupadd -r -g 11 cdrom >/dev/null 2>&1 || : +/usr/bin/getent group tape >/dev/null 2>&1 || /usr/sbin/groupadd -r -g 33 tape >/dev/null 2>&1 || : +/usr/bin/getent group dialout >/dev/null 2>&1 || /usr/sbin/groupadd -r -g 18 dialout >/dev/null 2>&1 || : +/usr/bin/getent group floppy >/dev/null 2>&1 || /usr/sbin/groupadd -r -g 19 floppy >/dev/null 2>&1 || : +/usr/bin/systemctl stop systemd-udevd-control.socket systemd-udevd-kernel.socket systemd-udevd.service >/dev/null 2>&1 || : + +# Rename configuration files that changed their names +/usr/bin/mv -n %{_sysconfdir}/systemd/systemd-logind.conf %{_sysconfdir}/systemd/logind.conf >/dev/null 2>&1 || : +/usr/bin/mv -n %{_sysconfdir}/systemd/systemd-journald.conf %{_sysconfdir}/systemd/journald.conf >/dev/null 2>&1 || : + +%post +/usr/bin/systemd-machine-id-setup > /dev/null 2>&1 || : +%if %{WITH_RANDOMSEED} +/usr/lib/systemd/systemd-random-seed save > /dev/null 2>&1 || : +%endif +/usr/bin/systemctl daemon-reexec > /dev/null 2>&1 || : +/usr/bin/systemctl start systemd-udevd.service >/dev/null 2>&1 || : +/usr/bin/mkdir -p /etc/systemd/network +/usr/bin/ln -sf /dev/null /etc/systemd/network/99-default.link + +# Set the smack label of executable binary tools +chsmack %{_bindir}/bootctl -a "System::Tools" +chsmack %{_bindir}/busctl -a "System::Tools" +chsmack %{_bindir}/kernel-install -a "System::Tools" +%if %{?WITH_MACHINED} +chsmack %{_bindir}/machinectl -a "System::Tools" +%endif +chsmack %{_bindir}/systemd-run -a "System::Tools" +%if %{?WITH_HOSTNAMED} +chsmack %{_bindir}/hostnamectl -a "System::Tools" +%endif +chsmack %{_bindir}/localectl -a "System::Tools" +%if %{?WITH_COREDUMP} +chsmack %{_bindir}/coredumpctl -a "System::Tools" +%endif +%if %{?WITH_TIMEDATED} +chsmack %{_bindir}/timedatectl -a "System::Tools" +%endif +chsmack %{_bindir}/systemd -a "System::Tools" +chsmack %{_bindir}/systemctl -a "System::Tools" +chsmack %{_bindir}/systemd-notify -a "System::Tools" +chsmack %{_bindir}/systemd-ask-password -a "System::Tools" +chsmack %{_bindir}/systemd-tty-ask-password-agent -a "System::Tools" +chsmack %{_bindir}/systemd-machine-id-setup -a "System::Tools" +chsmack %{_bindir}/systemd-socket-activate -a "System::Tools" +chsmack %{_bindir}/loginctl -a "System::Tools" +chsmack %{_bindir}/systemd-loginctl -a "System::Tools" +chsmack %{_bindir}/journalctl -a "System::Tools" +chsmack %{_bindir}/systemd-tmpfiles -a "System::Tools" +chsmack %{_bindir}/systemd-nspawn -a "System::Tools" +chsmack %{_bindir}/systemd-stdio-bridge -a "System::Tools" +chsmack %{_bindir}/systemd-cat -a "System::Tools" +chsmack %{_bindir}/systemd-cgls -a "System::Tools" +chsmack %{_bindir}/systemd-cgtop -a "System::Tools" +chsmack %{_bindir}/systemd-delta -a "System::Tools" +chsmack %{_bindir}/systemd-detect-virt -a "System::Tools" +chsmack %{_bindir}/systemd-inhibit -a "System::Tools" +chsmack %{_bindir}/udevadm -a "System::Tools" +chsmack %{_bindir}/systemd-escape -a "System::Tools" +chsmack %{_bindir}/systemd-path -a "System::Tools" +chsmack %{_prefix}/lib/systemd/* -a "System::Tools" + +%postun +if [ $1 -ge 1 ] ; then + /usr/bin/systemctl daemon-reload > /dev/null 2>&1 || : + /usr/bin/systemctl try-restart systemd-logind.service >/dev/null 2>&1 || : +fi + +%preun +if [ $1 -eq 0 ] ; then + /usr/bin/systemctl disable \ + getty@.service \ + remote-fs.target \ + systemd-readahead-replay.service \ + systemd-readahead-collect.service >/dev/null 2>&1 || : + + update-alternatives --remove systemd-shutdown %{_prefix}/lib/systemd/systemd-shutdown-original +fi + +%posttrans +# Update alternatives after the whole transaction is completed - this is +# necessary due to RPM ordering, which removes files from old package not +# provided by new package after regular post scripts are run. Please refer +# to following guideliness for explanation: +# https://fedoraproject.org/wiki/Packaging:Scriptlets#Ordering +if [ $1 -eq 0 ]; then + update-alternatives --install %{_prefix}/lib/systemd/systemd-shutdown systemd-shutdown %{_prefix}/lib/systemd/systemd-shutdown-original 100 || : +fi + +%post -n libsystemd -p /sbin/ldconfig +%postun -n libsystemd -p /sbin/ldconfig + +%lang_package + +%files +%manifest %{name}.manifest +%license LICENSE.LGPL2.1 LICENSE.GPL2 +%config %{_sysconfdir}/pam.d/systemd-user +%{_bindir}/bootctl +%{_bindir}/busctl +%{_bindir}/kernel-install +%if %{?WITH_MACHINED} +%{_bindir}/machinectl +%endif +%{_bindir}/systemd-run +%dir %{_prefix}/lib/kernel +%dir %{_prefix}/lib/kernel/install.d +%{_prefix}/lib/kernel/install.d/50-depmod.install +%{_prefix}/lib/kernel/install.d/90-loaderentry.install +%if %{?WITH_HOSTNAMED} +%{_bindir}/hostnamectl +%endif +%{_bindir}/localectl +%if %{?WITH_COREDUMP} +%{_bindir}/coredumpctl +%endif +%if %{?WITH_TIMEDATED} +%{_bindir}/timedatectl +%endif +%dir %{_sysconfdir}/systemd +%dir %{_sysconfdir}/systemd/system +%dir %{_sysconfdir}/systemd/user +%dir %{_sysconfdir}/tmpfiles.d +%dir %{_sysconfdir}/sysctl.d +%dir %{_sysconfdir}/modules-load.d +%dir %{_sysconfdir}/binfmt.d +%if %{?WITH_BASH_COMPLETION} +%{_datadir}/bash-completion/* +%endif +%if %{?WITH_ZSH_COMPLETION} +%dir %{_datadir}/zsh/site-functions +%{_datadir}/zsh/site-functions/* +%endif +%dir %{_sysconfdir}/udev +%dir %{_sysconfdir}/udev/rules.d +%dir %{_prefix}/lib/systemd +%dir %{_prefix}/lib/systemd/system +%dir %{_prefix}/lib/systemd/system-generators +%dir %{_prefix}/lib/systemd/user-generators +%dir %{_prefix}/lib/systemd/system-preset +%dir %{_prefix}/lib/systemd/user-preset +%dir %{_prefix}/lib/systemd/system-shutdown +%dir %{_prefix}/lib/systemd/system-sleep +%dir %{_prefix}/lib/tmpfiles.d +%dir %{_prefix}/lib/sysctl.d +%dir %{_prefix}/lib/modules-load.d +%dir %{_prefix}/lib/binfmt.d +%dir %{_prefix}/lib/firmware +%dir %{_prefix}/lib/firmware/updates +%dir %{_datadir}/systemd +%config(noreplace) %{dbuspolicydir}/system.d/org.freedesktop.systemd1.conf +%if %{?WITH_HOSTNAMED} +%config(noreplace) %{dbuspolicydir}/system.d/org.freedesktop.hostname1.conf +%endif +%config(noreplace) %{dbuspolicydir}/system.d/org.freedesktop.login1.conf +%config(noreplace) %{dbuspolicydir}/system.d/org.freedesktop.locale1.conf +%if %{?WITH_TIMEDATED} +%config(noreplace) %{dbuspolicydir}/system.d/org.freedesktop.timedate1.conf +%endif +%if %{?WITH_MACHINED} +%config(noreplace) %{dbuspolicydir}/system.d/org.freedesktop.machine1.conf +%endif +%if %{?WITH_COREDUMP} +%config(noreplace) %{_sysconfdir}/systemd/coredump.conf +%else +%exclude %{_sysconfdir}/systemd/coredump.conf +%endif +%config(noreplace) %{_sysconfdir}/systemd/system.conf +%config(noreplace) %{_sysconfdir}/systemd/user.conf +%config(noreplace) %{_sysconfdir}/systemd/logind.conf +%config(noreplace) %{_sysconfdir}/systemd/journald.conf +%config(noreplace) %{_sysconfdir}/udev/udev.conf +%config(noreplace) %{_sysconfdir}/sysctl.d/sysctl-tizen-override.conf +%{_sysconfdir}/xdg/systemd +%ghost %config(noreplace) %{_sysconfdir}/hostname +%ghost %config(noreplace) %{_sysconfdir}/vconsole.conf +%ghost %config(noreplace) %{_sysconfdir}/locale.conf +%ghost %config(noreplace) %{_sysconfdir}/machine-id +%ghost %config(noreplace) %{_sysconfdir}/machine-info +%ghost %config(noreplace) %{_sysconfdir}/timezone +%exclude %{_sysconfdir}/X11/xinit/xinitrc.d/50-systemd-user.sh +%{_bindir}/systemd +%{_bindir}/systemctl +%{_bindir}/systemd-notify +%{_bindir}/systemd-ask-password +%{_bindir}/systemd-tty-ask-password-agent +%{_bindir}/systemd-machine-id-setup +%{_bindir}/systemd-socket-activate +%{_bindir}/loginctl +%{_bindir}/systemd-loginctl +%{_bindir}/journalctl +%{_bindir}/systemd-tmpfiles +%{_bindir}/systemd-nspawn +%{_bindir}/systemd-stdio-bridge +%{_bindir}/systemd-cat +%{_bindir}/systemd-cgls +%{_bindir}/systemd-cgtop +%{_bindir}/systemd-delta +%{_bindir}/systemd-detect-virt +%{_bindir}/systemd-inhibit +%{_bindir}/udevadm +%{_bindir}/systemd-escape +%{_bindir}/systemd-path +%{_bindir}/systemd-mount +%{_bindir}/systemd-umount +%{_prefix}/lib/sysctl.d/*.conf +%{_prefix}/lib/systemd/systemd +%{_prefix}/lib/systemd/system + +%dir %{_prefix}/lib/systemd/system/basic.target.wants +%dir %{_prefix}/lib/systemd/user +%dir %{_prefix}/lib/systemd/network +%dir %{_prefix}/lib/systemd/user/default.target.wants +%{_prefix}/lib/systemd/user/basic.target +%{_prefix}/lib/systemd/user/exit.target +%{_prefix}/lib/systemd/user/printer.target +%{_prefix}/lib/systemd/user/shutdown.target +%{_prefix}/lib/systemd/user/sockets.target +%{_prefix}/lib/systemd/user/sound.target +%{_prefix}/lib/systemd/user/systemd-exit.service +%{_prefix}/lib/systemd/user/paths.target +%{_prefix}/lib/systemd/user/smartcard.target +%{_prefix}/lib/systemd/user/timers.target +%{_prefix}/lib/systemd/user/default.target +%exclude %{_prefix}/lib/systemd/user/graphical-session.target +%exclude %{_prefix}/lib/systemd/user/graphical-session-pre.target +%{_prefix}/lib/systemd/network/99-default.link +%exclude %{_prefix}/lib/systemd/system-preset/90-systemd.preset +%exclude %{_prefix}/lib/systemd/user-preset/90-systemd.preset +%{_prefix}/lib/systemd/user/delayed.target +%{_prefix}/lib/systemd/user/user-delayed-target-trigger.service +%{_prefix}/lib/systemd/user/default.target.wants/user-delayed-target-trigger.service +%{_prefix}/lib/systemd/user/user-default-target-done.service +%{_prefix}/lib/systemd/user/default.target.wants/user-default-target-done.service +%{_prefix}/lib/systemd/user/user-delayed-target-done.service +%{_prefix}/lib/systemd/user/delayed.target.wants/user-delayed-target-done.service +%{dbuspolicydir}/system.d/org.tizen.system.conf +%exclude %{_prefix}/lib/modprobe.d/systemd.conf + +%{_prefix}/lib/systemd/libsystemd-shared-%{version}.so +%{_prefix}/lib/systemd/systemd-* +%dir %{_prefix}/lib/systemd/catalog +%{_prefix}/lib/systemd/catalog/systemd.catalog +%{_prefix}/lib/udev +%{_prefix}/lib/systemd/system-generators/systemd-getty-generator +%{_prefix}/lib/systemd/system-generators/systemd-fstab-generator +%{_prefix}/lib/systemd/system-generators/systemd-system-update-generator +%{_prefix}/lib/tmpfiles.d/home.conf +%{_prefix}/lib/tmpfiles.d/journal-nocow.conf +%{_prefix}/lib/tmpfiles.d/legacy.conf +%{_prefix}/lib/tmpfiles.d/pamconsole-tmp.conf +%{_prefix}/lib/tmpfiles.d/systemd.conf +%{_prefix}/lib/tmpfiles.d/systemd-nologin.conf ++%if %{?WITH_MACHINED} +%{_prefix}/lib/tmpfiles.d/systemd-nspawn.conf ++%endif +%{_prefix}/lib/tmpfiles.d/tmp.conf +%{_prefix}/lib/tmpfiles.d/var.conf +%{_prefix}/lib/tmpfiles.d/x11.conf +%{_sbindir}/init +%{_sbindir}/reboot +%{_sbindir}/halt +%{_sbindir}/poweroff +%{_sbindir}/shutdown +%{_sbindir}/telinit +%{_sbindir}/runlevel +%{_sbindir}/udevadm +%{_datadir}/systemd/graphinfo.gvpr +%{_datadir}/systemd/kbd-model-map +%{_datadir}/systemd/language-fallback-map +%{_datadir}/dbus-1/services/org.freedesktop.systemd1.service +%{_datadir}/dbus-1/system-services/org.freedesktop.systemd1.service +%if %{?WITH_HOSTNAMED} +%{_datadir}/dbus-1/system-services/org.freedesktop.hostname1.service +%endif +%{_datadir}/dbus-1/system-services/org.freedesktop.login1.service +%{_datadir}/dbus-1/system-services/org.freedesktop.locale1.service +%exclude %{_datadir}/polkit-1/actions/org.freedesktop.systemd1.policy +%exclude %{_datadir}/polkit-1/actions/org.freedesktop.login1.policy +%exclude %{_datadir}/polkit-1/actions/org.freedesktop.locale1.policy +%if %{?WITH_TIMEDATED} +%{_datadir}/dbus-1/system-services/org.freedesktop.timedate1.service +%endif +%if %{?WITH_MACHINED} +%{_datadir}/dbus-1/system-services/org.freedesktop.machine1.service +%endif +%dir %{_datadir}/factory/ +%dir %{_datadir}/factory/etc +%dir %{_datadir}/factory/etc/pam.d +%{_datadir}/factory/etc/nsswitch.conf +%{_datadir}/factory/etc/pam.d/other +%{_datadir}/factory/etc/pam.d/system-auth + +%{_localstatedir}/log/journal + +%{_bindir}/wait-default-target.sh +%{_bindir}/wait-delayed-target.sh +%exclude %{_prefix}/lib/systemd/system/runlevel0.target +%exclude %{_prefix}/lib/systemd/system/runlevel1.target +%exclude %{_prefix}/lib/systemd/system/runlevel2.target +%exclude %{_prefix}/lib/systemd/system/runlevel3.target +%exclude %{_prefix}/lib/systemd/system/runlevel4.target +%exclude %{_prefix}/lib/systemd/system/runlevel5.target +%exclude %{_prefix}/lib/systemd/system/runlevel6.target + +%files -n libsystemd +%manifest %{name}.manifest +%license LICENSE.LGPL2.1 +%{_libdir}/security/pam_systemd.so +%{_libdir}/libsystemd.so.* +%{_libdir}/libudev.so.* +%{_libdir}/libnss_myhostname.so.2 +%if %{?WITH_MACHINED} +%{_libdir}/libnss_mymachines.so.2 +%endif + +%files extension-kdbus +%manifest %{name}.manifest +%license LICENSE.LGPL2.1 LICENSE.GPL2 +%{_sysconfdir}/systemd/extension-kdbus +%{_prefix}/lib/systemd/user/busnames.target +%{_prefix}/lib/systemd/system-generators/systemd-dbus1-generator +%{_prefix}/lib/systemd/user-generators/systemd-dbus1-generator + +%files devel +%manifest %{name}.manifest +%{_libdir}/libudev.so +%{_libdir}/libsystemd.so +%dir %{_includedir}/systemd +%{_includedir}/systemd/sd-bus.h +%{_includedir}/systemd/sd-bus-protocol.h +%{_includedir}/systemd/sd-bus-vtable.h +%{_includedir}/systemd/sd-event.h +%{_includedir}/systemd/_sd-common.h +%{_includedir}/systemd/sd-daemon.h +%{_includedir}/systemd/sd-id128.h +%{_includedir}/systemd/sd-journal.h +%{_includedir}/systemd/sd-login.h +%{_includedir}/systemd/sd-messages.h +%{_includedir}/libudev.h +%{_libdir}/pkgconfig/libudev.pc +%{_libdir}/pkgconfig/libsystemd.pc +%{_datadir}/pkgconfig/systemd.pc +%{_datadir}/pkgconfig/udev.pc +%{_libdir}/pkgconfig/libsystemd-daemon.pc +%{_libdir}/pkgconfig/libsystemd-id128.pc +%{_libdir}/pkgconfig/libsystemd-journal.pc +%{_libdir}/pkgconfig/libsystemd-login.pc +%{_sysconfdir}/rpm/macros.systemd + +%files analyze +%manifest %{name}.manifest +%license LICENSE.LGPL2.1 +%{_bindir}/systemd-analyze + +%files tests +%manifest %{name}.manifest +%{_prefix}/lib/dbus-tests/test-suites/systemd-tests/ +%{_prefix}/lib/dbus-tests/runner/systemd-tests +%{_prefix}/lib/systemd/tests/ + +%if %{?WITH_DOC} +%docs_package +%else +%exclude %{_docdir} +%exclude %{_datadir}/doc/systemd +%endif diff --cc rules/meson.build index c949911,b6a32ba..0f48bb5 --- a/rules/meson.build +++ b/rules/meson.build @@@ -1,22 -1,6 +1,7 @@@ # SPDX-License-Identifier: LGPL-2.1+ - # - # Copyright 2017 Zbigniew Jędrzejewski-Szmek - # - # systemd is free software; you can redistribute it and/or modify it - # under the terms of the GNU Lesser General Public License as published by - # the Free Software Foundation; either version 2.1 of the License, or - # (at your option) any later version. - # - # systemd is distributed in the hope that it will be useful, but - # WITHOUT ANY WARRANTY; without even the implied warranty of - # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - # Lesser General Public License for more details. - # - # You should have received a copy of the GNU Lesser General Public License - # along with systemd; If not, see . rules = files(''' + 55-udev-smack-default.rules 60-block.rules 60-cdrom_id.rules 60-drm.rules diff --cc src/basic/fs-util.c index ef7a6d8,3a8b32d..2d28428 --- a/src/basic/fs-util.c +++ b/src/basic/fs-util.c @@@ -626,18 -640,47 +640,49 @@@ int chase_symlinks(const char *path, co * Suggested usage: whenever you want to canonicalize a path, use this function. Pass the absolute path you got * as-is: fully qualified and relative to your host's root. Optionally, specify the root parameter to tell this * function what to do when encountering a symlink with an absolute path as directory: prefix it by the - * specified path. */ + * specified path. + * + * There are three ways to invoke this function: + * + * 1. Without CHASE_STEP or CHASE_OPEN: in this case the path is resolved and the normalized path is returned + * in `ret`. The return value is < 0 on error. If CHASE_NONEXISTENT is also set 0 is returned if the file + * doesn't exist, > 0 otherwise. If CHASE_NONEXISTENT is not set >= 0 is returned if the destination was + * found, -ENOENT if it doesn't. + * + * 2. With CHASE_OPEN: in this case the destination is opened after chasing it as O_PATH and this file + * descriptor is returned as return value. This is useful to open files relative to some root + * directory. Note that the returned O_PATH file descriptors must be converted into a regular one (using + * fd_reopen() or such) before it can be used for reading/writing. CHASE_OPEN may not be combined with + * CHASE_NONEXISTENT. + * + * 3. With CHASE_STEP: in this case only a single step of the normalization is executed, i.e. only the first + * symlink or ".." component of the path is resolved, and the resulting path is returned. This is useful if + * a caller wants to trace the a path through the file system verbosely. Returns < 0 on error, > 0 if the + * path is fully normalized, and == 0 for each normalization step. This may be combined with + * CHASE_NONEXISTENT, in which case 1 is returned when a component is not found. + * + * */ /* A root directory of "/" or "" is identical to none */ - if (isempty(original_root) || path_equal(original_root, "/")) + if (empty_or_root(original_root)) original_root = NULL; + if (!original_root && !ret && (flags & (CHASE_NONEXISTENT|CHASE_NO_AUTOFS|CHASE_SAFE|CHASE_OPEN|CHASE_STEP)) == CHASE_OPEN) { + /* Shortcut the CHASE_OPEN case if the caller isn't interested in the actual path and has no root set + * and doesn't care about any of the other special features we provide either. */ + r = open(path, O_PATH|O_CLOEXEC); + if (r < 0) + return -errno; + + return r; + } + if (original_root) { - r = path_make_absolute_cwd(original_root, &root); - if (r < 0) - return r; + int res = path_make_absolute_cwd(original_root, &root); + if (res != 0) + return res; + if (root == NULL) + return -ENOENT; if (flags & CHASE_PREFIX_ROOT) { @@@ -719,10 -762,11 +766,13 @@@ !path_startswith(parent, root)) continue; - free_and_replace(done, parent); + free(done); + done = parent; + parent = NULL; + if (flags & CHASE_STEP) + goto chased_one; + fd_parent = openat(fd, "..", O_CLOEXEC|O_NOFOLLOW|O_PATH); if (fd_parent < 0) return -errno; diff --cc src/basic/smack-util.c index 6557e71,9d31b77..13e915e --- a/src/basic/smack-util.c +++ b/src/basic/smack-util.c @@@ -143,59 -134,72 +134,81 @@@ int mac_smack_fix(const char *path, Lab if (!mac_smack_use()) return 0; + /* FIXME: The following two ifs should be changed to something like + * if (strcmp(path_mount_point(path), "/dev")) {...} + * Implementation of path_mount_point() will be non-trivial. + */ + + /* Don't fix label on /dev/shm, it's a separate mount point */ + if (!strcmp(path, "/dev/shm")) + return 0; + + /* Path must be in /dev. Note that this check is pretty sloppy, as we might be called with non-normalized paths + * and hence not detect all cases of /dev. */ + + if (path_is_absolute(path)) { + if (!path_startswith(path, "/dev")) + return 0; + } else { + _cleanup_free_ char *cwd = NULL; + + r = safe_getcwd(&cwd); + if (r < 0) + return r; + + if (!path_startswith(cwd, "/dev")) + return 0; + } + + fd = open(path, O_NOFOLLOW|O_CLOEXEC|O_PATH); + if (fd < 0) { + if ((flags & LABEL_IGNORE_ENOENT) && errno == ENOENT) + return 0; + + return -errno; + } + + if (fstat(fd, &st) < 0) + return -errno; + /* - * Path must be in /dev and must exist + * Label directories and character devices "*". + * Label symlinks "_". + * Don't change anything else. */ - if (!path_startswith(path, "/dev")) + + if (S_ISDIR(st.st_mode)) + label = SMACK_STAR_LABEL; + else if (S_ISLNK(st.st_mode)) + label = SMACK_FLOOR_LABEL; + else if (S_ISCHR(st.st_mode)) + label = SMACK_STAR_LABEL; + else return 0; - r = lstat(path, &st); - if (r >= 0) { - const char *label; - - /* - * Label directories and character devices "*". - * Label symlinks "_". - * Don't change anything else. - */ - - if (S_ISDIR(st.st_mode)) - label = SMACK_STAR_LABEL; - else if (S_ISLNK(st.st_mode)) - label = SMACK_FLOOR_LABEL; - else if (S_ISCHR(st.st_mode)) - label = SMACK_STAR_LABEL; - else - return 0; + xsprintf(procfs_path, "/proc/self/fd/%i", fd); + if (setxattr(procfs_path, "security.SMACK64", label, strlen(label), 0) < 0) { + _cleanup_free_ char *old_label = NULL; - r = lsetxattr(path, "security.SMACK64", label, strlen(label), 0); + r = -errno; /* If the FS doesn't support labels, then exit without warning */ - if (r < 0 && errno == EOPNOTSUPP) + if (r == -EOPNOTSUPP) return 0; - } - if (r < 0) { - /* Ignore ENOENT in some cases */ - if (ignore_enoent && errno == ENOENT) + /* It the FS is read-only and we were told to ignore failures caused by that, suppress error */ + if (r == -EROFS && (flags & LABEL_IGNORE_EROFS)) return 0; - if (ignore_erofs && errno == EROFS) + /* If the old label is identical to the new one, suppress any kind of error */ + if (getxattr_malloc(procfs_path, "security.SMACK64", &old_label, false) >= 0 && + streq(old_label, label)) return 0; - r = log_debug_errno(errno, "Unable to fix SMACK label of %s: %m", path); + return log_debug_errno(r, "Unable to fix SMACK label of %s: %m", path); } - return r; + return 0; } int mac_smack_copy(const char *dest, const char *src) { diff --cc src/busctl/busctl.c index 7491b82,f9b2351..904a3aa --- a/src/busctl/busctl.c +++ b/src/busctl/busctl.c @@@ -44,7 -25,7 +27,8 @@@ #include "terminal-util.h" #include "user-util.h" #include "util.h" +#include "signal.h" + #include "verbs.h" static bool arg_no_pager = false; static bool arg_legend = true; @@@ -1206,115 -1218,12 +1258,120 @@@ static int prepare_connection(sd_bus *b if (streq(name, unique_name)) is_monitor = true; + } + } - continue; + return 0; +} + +static int prepare_connection_kernel(sd_bus *bus, char *argv[]) +{ + int r; + bool added_something = false; + char **i; + + STRV_FOREACH(i, argv+1) { + _cleanup_free_ char *m = NULL; + if (!service_name_is_valid(*i)) { + log_error("Invalid service name '%s'", *i); + return -EINVAL; } + m = strjoin("sender='", *i, "'", NULL); + if (!m) + return log_oom(); + + r = sd_bus_add_match(bus, NULL, m, NULL, NULL); + if (r < 0) + return log_error_errno(r, "Failed to add match: %m"); + + free(m); + m = strjoin("destination='", *i, "'", NULL); + if (!m) + return log_oom(); + + r = sd_bus_add_match(bus, NULL, m, NULL, NULL); + if (r < 0) + return log_error_errno(r, "Failed to add match: %m"); + + added_something = true; + } + + STRV_FOREACH(i, arg_matches) { + r = sd_bus_add_match(bus, NULL, *i, NULL, NULL); + if (r < 0) + return log_error_errno(r, "Failed to add match: %m"); + + added_something = true; + } + + if (!added_something) { + r = sd_bus_add_match(bus, NULL, "", NULL, NULL); + if (r < 0) + return log_error_errno(r, "Failed to add match: %m"); + } + return 0; +} + - static int monitor(sd_bus *bus, char *argv[], int (*dump)(sd_bus_message *m, FILE *f, Hashmap *hashmap_wkn, sd_bus *bus)) { ++static int monitor(int argc, char *argv[], int (*dump)(sd_bus_message *m, FILE *f, Hashmap *hashmap_wkn, sd_bus *bus)) { + int r; + bool receiver_pid_match; + bool sender_pid_match; + ++ _cleanup_(sd_bus_flush_close_unrefp) sd_bus *bus = NULL; + _cleanup_hashmap_free_ Hashmap *hashmap_pids = NULL; + _cleanup_hashmap_free_ Hashmap *hashmap_names = NULL; + _cleanup_strv_free_ char **acquired = NULL, **activatable = NULL; + + hashmap_pids = hashmap_new(&string_hash_ops); + hashmap_names = hashmap_new(&string_hash_ops); + ++ r = acquire_bus(true, &bus); ++ if (r < 0) ++ return r; ++ + if (bus->is_kernel) + r = prepare_connection_kernel(bus, argv); + else + r = prepare_connection(bus, argv); + + if (r != 0) + return r; + + log_info("Monitoring bus message stream."); + + while (monitor_run_condi) { + _cleanup_(sd_bus_message_unrefp) sd_bus_message *m = NULL; + + receiver_pid_match = true; + sender_pid_match = true; + + r = sd_bus_process(bus, &m); + if (r < 0) + return log_error_errno(r, "Failed to process bus: %m"); + if (m) { - dump(m, stdout); + + if (arg_sender_pid != 0) { + sender_pid_match = check_pid( + bus, + hashmap_pids, + sd_bus_message_get_sender(m), + arg_sender_pid); + } + + if (arg_receiver_pid != 0) { + receiver_pid_match = check_pid( + bus, + hashmap_pids, + sd_bus_message_get_destination(m), + arg_receiver_pid); + } + + if ((!arg_pid && receiver_pid_match && sender_pid_match) || (arg_pid && (receiver_pid_match || sender_pid_match))) { + dump(m, stdout, hashmap_names, bus); + } + fflush(stdout); if (sd_bus_message_is_signal(m, "org.freedesktop.DBus.Local", "Disconnected") > 0) { @@@ -1329,39 -1238,16 +1386,47 @@@ continue; r = sd_bus_wait(bus, (uint64_t) -1); - if (r < 0) - return log_error_errno(r, "Failed to wait for bus: %m"); + if (r < 0) { + if(arg_dot) + return 0; + else + return log_error_errno(r, "Failed to wait for bus: %m"); + } } + + return 0; + +} + +static void monitor_terminate_signal(int sig) { + monitor_run_condi = false; } - static int dot(sd_bus *bus, char *argv[]) { + static int verb_monitor(int argc, char **argv, void *userdata) { + return monitor(argc, argv, message_dump); + } + ++static int dot(int argc, char *argv[]) { + int r; + + arg_dot = true; + signal(SIGINT, monitor_terminate_signal); + + fprintf(stdout, "digraph {\n"); + - r = monitor(bus, argv, message_dot); ++ r = monitor(argc, argv, message_dot); + + fprintf(stdout, "}\n"); + fflush(stdout); + + return r; +} + - static int capture(sd_bus *bus, char *argv[]) { ++static int verb_dot(int argc, char **argv, void *userdata) { ++ return dot(argc, argv); ++} ++ + static int verb_capture(int argc, char **argv, void *userdata) { int r; if (isatty(fileno(stdout)) > 0) { @@@ -1371,9 -1257,7 +1436,9 @@@ bus_pcap_header(arg_snaplen, stdout); + log_info("Monitoring bus message stream."); + - r = monitor(bus, argv, message_pcap); + r = monitor(argc, argv, message_pcap); if (r < 0) return r; @@@ -1944,27 -1773,10 +1963,31 @@@ static int help(void) return 0; } +static int arg_parse_pid(char* optarg, bool sender_pid, bool receiver_pid) { + int r = 0; + if (sender_pid) { + if (arg_sender_pid != 0) + log_info("Overwriting previously set sender pid.\n"); + r = parse_pid(optarg, &arg_sender_pid); + if (r < 0) + return r; + } + if (receiver_pid) { + if (sender_pid && receiver_pid) { + arg_receiver_pid = arg_sender_pid; + return r; + } + if (arg_receiver_pid != 0) + log_info("Overwriting previously set receiver pid.\n"); + r = parse_pid(optarg, &arg_sender_pid); + } + return r; +} + + static int verb_help(int argc, char **argv, void *userdata) { + return help(); + } + static int parse_argv(int argc, char *argv[]) { enum { @@@ -2175,37 -1965,12 +2184,35 @@@ case ARG_WATCH_BIND: r = parse_boolean(optarg); - if (r < 0) { - log_error("Failed to parse --watch-bind= parameter."); - return r; - } + if (r < 0) + return log_error_errno(r, "Failed to parse --watch-bind= parameter: %s", optarg); - arg_watch_bind = !!r; + arg_watch_bind = r; break; + case ARG_PID: + arg_pid = true; + r = arg_parse_pid(optarg, true, true); + if (r < 0) + return r; + break; + + case ARG_SENDER_PID: + r = arg_parse_pid(optarg, true, false); + if (r < 0) + return 0; + break; + + case ARG_RECEIVER_PID: + r = arg_parse_pid(optarg, false, true); + if (r < 0) + return 0; + break; + + case ARG_WELL_KNOWN_NAMES: + arg_well_known_names = parse_boolean(optarg); + break; + case '?': return -EINVAL; @@@ -2216,45 -1981,23 +2223,24 @@@ return 1; } - static int busctl_main(sd_bus *bus, int argc, char *argv[]) { - assert(bus); - - if (optind >= argc || - streq(argv[optind], "list")) - return list_bus_names(bus, argv + optind); - - if (streq(argv[optind], "monitor")) - return monitor(bus, argv + optind, message_dump); - - if (streq(argv[optind], "capture")) - return capture(bus, argv + optind); - - if (streq(argv[optind], "status")) - return status(bus, argv + optind); - - if (streq(argv[optind], "tree")) - return tree(bus, argv + optind); - - if (streq(argv[optind], "introspect")) - return introspect(bus, argv + optind); - - if (streq(argv[optind], "call")) - return call(bus, argv + optind); - - if (streq(argv[optind], "get-property")) - return get_property(bus, argv + optind); - - if (streq(argv[optind], "set-property")) - return set_property(bus, argv + optind); - - if (streq(argv[optind], "help")) - return help(); - - if (streq(argv[optind], "dot")) - return dot(bus, argv + optind); + static int busctl_main(int argc, char *argv[]) { + + static const Verb verbs[] = { + { "list", VERB_ANY, 1, VERB_DEFAULT, list_bus_names }, + { "status", VERB_ANY, 2, 0, status }, + { "monitor", VERB_ANY, VERB_ANY, 0, verb_monitor }, ++ { "dot", VERB_ANY, VERB_ANY, 0, verb_dot }, + { "capture", VERB_ANY, VERB_ANY, 0, verb_capture }, + { "tree", VERB_ANY, VERB_ANY, 0, tree }, + { "introspect", 3, 4, 0, introspect }, + { "call", 5, VERB_ANY, 0, call }, + { "get-property", 5, VERB_ANY, 0, get_property }, + { "set-property", 6, VERB_ANY, 0, set_property }, + { "help", VERB_ANY, VERB_ANY, 0, verb_help }, + {} + }; - log_error("Unknown command '%s'", argv[optind]); - return -EINVAL; + return dispatch_verb(argc, argv, verbs, NULL); } int main(int argc, char *argv[]) { diff --cc src/core/all-units.h index 0000000,ed8350e..e3c099e mode 000000,100644..100644 --- a/src/core/all-units.h +++ b/src/core/all-units.h @@@ -1,0 -1,14 +1,15 @@@ + #pragma once + + #include "unit.h" + + #include "automount.h" ++#include "busname.h" + #include "device.h" + #include "path.h" + #include "scope.h" + #include "service.h" + #include "slice.h" + #include "socket.h" + #include "swap.h" + #include "target.h" + #include "timer.h" diff --cc src/core/busname.h index a8562db,0000000..9514078 mode 100644,000000..100644 --- a/src/core/busname.h +++ b/src/core/busname.h @@@ -1,69 -1,0 +1,71 @@@ +#pragma once + +/*** + This file is part of systemd. + + Copyright 2013 Lennart Poettering + + systemd is free software; you can redistribute it and/or modify it + under the terms of the GNU Lesser General Public License as published by + the Free Software Foundation; either version 2.1 of the License, or + (at your option) any later version. + + systemd is distributed in the hope that it will be useful, but + WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public License + along with systemd; If not, see . +***/ + +typedef struct BusName BusName; +typedef struct BusNamePolicy BusNamePolicy; + +#include "unit.h" +#include "bus-policy.h" + +typedef enum BusNameResult { + BUSNAME_SUCCESS, + BUSNAME_FAILURE_RESOURCES, + BUSNAME_FAILURE_TIMEOUT, + BUSNAME_FAILURE_EXIT_CODE, + BUSNAME_FAILURE_SIGNAL, + BUSNAME_FAILURE_CORE_DUMP, + BUSNAME_FAILURE_START_LIMIT_HIT, + BUSNAME_FAILURE_SERVICE_START_LIMIT_HIT, + _BUSNAME_RESULT_MAX, + _BUSNAME_RESULT_INVALID = -1 +} BusNameResult; + +struct BusName { + Unit meta; + + char *name; + int starter_fd; + + bool activating; + bool accept_fd; + + UnitRef service; + + BusNameState state, deserialized_state; + BusNameResult result; + + usec_t timeout_usec; + + sd_event_source *starter_event_source; + sd_event_source *timer_event_source; + + pid_t control_pid; + + LIST_HEAD(BusNamePolicy, policy); + BusPolicyAccess policy_world; +}; + +extern const UnitVTable busname_vtable; + +const char* busname_result_to_string(BusNameResult i) _const_; +BusNameResult busname_result_from_string(const char *s) _pure_; ++ ++DEFINE_CAST(BUSNAME, BusName); diff --cc src/core/dbus-execute.c index 73a05b9,c44970c..1c29fea --- a/src/core/dbus-execute.c +++ b/src/core/dbus-execute.c @@@ -321,87 -247,6 +247,51 @@@ static int property_get_timer_slack_nse return sd_bus_message_append(reply, "t", u); } - static int property_get_capability_bounding_set( - sd_bus *bus, - const char *path, - const char *interface, - const char *property, - sd_bus_message *reply, - void *userdata, - sd_bus_error *error) { - - ExecContext *c = userdata; - - assert(bus); - assert(reply); - assert(c); - - return sd_bus_message_append(reply, "t", c->capability_bounding_set); - } - - static int property_get_ambient_capabilities( - sd_bus *bus, - const char *path, - const char *interface, - const char *property, - sd_bus_message *reply, - void *userdata, - sd_bus_error *error) { - - ExecContext *c = userdata; - - assert(bus); - assert(reply); - assert(c); - - return sd_bus_message_append(reply, "t", c->capability_ambient_set); - } - +#if 0 +static int property_get_empty_string( + sd_bus *bus, + const char *path, + const char *interface, + const char *property, + sd_bus_message *reply, + void *userdata, + sd_bus_error *error) { + + assert(bus); + assert(reply); + + return sd_bus_message_append(reply, "s", ""); +} +#else +static int property_get_capabilities( + sd_bus *bus, + const char *path, + const char *interface, + const char *property, + sd_bus_message *reply, + void *userdata, + sd_bus_error *error) { + + ExecContext *c = userdata; + _cleanup_cap_free_charp_ char *t = NULL; + const char *s; + + assert(bus); + assert(reply); + assert(c); + + if (c->capabilities) + s = t = cap_to_text(c->capabilities, NULL); + else + s = ""; + + if (!s) + return -ENOMEM; + + return sd_bus_message_append(reply, "s", s); +} +#endif + static int property_get_syscall_filter( sd_bus *bus, const char *path, diff --cc src/core/device.c index 41fa2a6,a2d00a0..451b52f --- a/src/core/device.c +++ b/src/core/device.c @@@ -668,15 -790,9 +790,15 @@@ static void device_shutdown(Manager *m } static void device_enumerate(Manager *m) { - _cleanup_udev_enumerate_unref_ struct udev_enumerate *e = NULL; + _cleanup_(udev_enumerate_unrefp) struct udev_enumerate *e = NULL; struct udev_list_entry *item = NULL, *first = NULL; int r; + const char *udev_tag; + + if (MANAGER_IS_USER(m)) + udev_tag = "systemd-user"; + else + udev_tag = "systemd"; assert(m); diff --cc src/core/load-fragment-gperf.gperf.m4 index 8f9567f,15fb478..42c1e73 --- a/src/core/load-fragment-gperf.gperf.m4 +++ b/src/core/load-fragment-gperf.gperf.m4 @@@ -56,8 -58,8 +58,8 @@@ $1.SyslogLevel, config $1.SyslogLevelPrefix, config_parse_bool, 0, offsetof($1, exec_context.syslog_level_prefix) $1.LogLevelMax, config_parse_log_level, 0, offsetof($1, exec_context.log_level_max) $1.LogExtraFields, config_parse_log_extra_fields, 0, offsetof($1, exec_context) -$1.Capabilities, config_parse_warn_compat, DISABLED_LEGACY, offsetof($1, exec_context) +$1.Capabilities, config_parse_exec_capabilities, 0, offsetof($1, exec_context) - $1.SecureBits, config_parse_exec_secure_bits, 0, offsetof($1, exec_context) + $1.SecureBits, config_parse_exec_secure_bits, 0, offsetof($1, exec_context.secure_bits) $1.CapabilityBoundingSet, config_parse_capability_set, 0, offsetof($1, exec_context.capability_bounding_set) $1.AmbientCapabilities, config_parse_capability_set, 0, offsetof($1, exec_context.capability_ambient_set) $1.TimerSlackNSec, config_parse_nsec, 0, offsetof($1, exec_context.timer_slack_nsec) diff --cc src/core/load-fragment.c index a111f41,d9a5094..0cbb65d --- a/src/core/load-fragment.c +++ b/src/core/load-fragment.c @@@ -1292,77 -1249,6 +1249,38 @@@ int config_parse_exec_cpu_affinity(cons return 0; } +int config_parse_exec_capabilities(const char *unit, + const char *filename, + unsigned line, + const char *section, + unsigned section_line, + const char *lvalue, + int ltype, + const char *rvalue, + void *data, + void *userdata) { + + ExecContext *c = data; + cap_t cap; + + assert(filename); + assert(lvalue); + assert(rvalue); + assert(data); + + cap = cap_from_text(rvalue); + if (!cap) { + log_syntax(unit, LOG_ERR, filename, line, errno, "Failed to parse capabilities, ignoring: %s", rvalue); + return 0; + } + + if (c->capabilities) + cap_free(c->capabilities); + c->capabilities = cap; + + return 0; +} + - int config_parse_exec_secure_bits(const char *unit, - const char *filename, - unsigned line, - const char *section, - unsigned section_line, - const char *lvalue, - int ltype, - const char *rvalue, - void *data, - void *userdata) { - - ExecContext *c = data; - int r; - - assert(filename); - assert(lvalue); - assert(rvalue); - assert(data); - - if (isempty(rvalue)) { - /* An empty assignment resets the field */ - c->secure_bits = 0; - return 0; - } - - r = secure_bits_from_string(rvalue); - if (r == -ENOMEM) - return log_oom(); - if (r < 0) { - log_syntax(unit, LOG_WARNING, filename, line, r, - "Invalid syntax, ignoring: %s", rvalue); - return 0; - } - - c->secure_bits = r; - - return 0; - } - int config_parse_capability_set( const char *unit, const char *filename, @@@ -5074,10 -4476,9 +4617,10 @@@ void unit_dump_config_items(FILE *f) { config_parse_exec_input, "INPUT" }, { config_parse_log_facility, "FACILITY" }, { config_parse_log_level, "LEVEL" }, + { config_parse_exec_capabilities, "CAPABILITIES" }, { config_parse_exec_secure_bits, "SECUREBITS" }, { config_parse_capability_set, "BOUNDINGSET" }, - { config_parse_limit, "LIMIT" }, + { config_parse_rlimit, "LIMIT" }, { config_parse_unit_deps, "UNIT [...]" }, { config_parse_exec, "PATH [ARGUMENT [...]]" }, { config_parse_service_type, "SERVICETYPE" }, diff --cc src/core/load-fragment.h index d14c675,dad281e..15ed82f --- a/src/core/load-fragment.h +++ b/src/core/load-fragment.h @@@ -28,107 -10,98 +10,102 @@@ int unit_load_fragment(Unit *u) void unit_dump_config_items(FILE *f); - int config_parse_warn_compat(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_unit_deps(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_obsolete_unit_deps(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_unit_string_printf(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_unit_strv_printf(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_unit_path_printf(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_unit_path_strv_printf(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_documentation(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_socket_listen(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_socket_protocol(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_socket_bind(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_nice(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_oom_score_adjust(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_service_timeout(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_service_type(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_service_restart(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_socket_bindtodevice(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_output(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_input(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_input_text(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_input_data(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_io_class(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_io_priority(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_cpu_sched_policy(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_cpu_sched_prio(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_cpu_affinity(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_capabilities(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_secure_bits(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_capability_set(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_limit(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_sysv_priority(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_kill_signal(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_mount_flags(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_timer(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_trigger_unit(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_path_spec(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_socket_service(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_service_sockets(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_busname_service(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_bus_policy(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_bus_policy_world(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_unit_env_file(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_ip_tos(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_unit_condition_path(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_unit_condition_string(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_unit_condition_null(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_kill_mode(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_notify_access(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_emergency_action(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_unit_requires_mounts_for(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_syscall_filter(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_syscall_archs(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_syscall_errno(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_environ(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_pass_environ(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_unset_environ(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_unit_slice(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_cpu_weight(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_cpu_shares(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_memory_limit(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_tasks_max(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_delegate(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_device_policy(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_device_allow(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_io_weight(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_io_device_weight(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_io_limit(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_blockio_weight(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_blockio_device_weight(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_blockio_bandwidth(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_netclass(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_job_mode(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_job_mode_isolate(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_selinux_context(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_apparmor_profile(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_smack_process_label(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_address_families(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_runtime_preserve_mode(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_directories(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_set_status(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_namespace_path_strv(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_temporary_filesystems(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_no_new_privileges(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_cpu_quota(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_protect_home(const char* unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_protect_system(const char* unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_bus_name(const char* unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_utmp_mode(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_working_directory(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_fdname(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_sec_fix_0(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_user_group(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_user_group_strv(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_restrict_namespaces(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_bind_paths(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_exec_keyring_mode(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_job_timeout_sec(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_job_running_timeout_sec(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_log_extra_fields(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); - int config_parse_collect_mode(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata); + CONFIG_PARSER_PROTOTYPE(config_parse_unit_deps); + CONFIG_PARSER_PROTOTYPE(config_parse_obsolete_unit_deps); + CONFIG_PARSER_PROTOTYPE(config_parse_unit_string_printf); + CONFIG_PARSER_PROTOTYPE(config_parse_unit_strv_printf); + CONFIG_PARSER_PROTOTYPE(config_parse_unit_path_printf); + CONFIG_PARSER_PROTOTYPE(config_parse_unit_path_strv_printf); + CONFIG_PARSER_PROTOTYPE(config_parse_documentation); + CONFIG_PARSER_PROTOTYPE(config_parse_socket_listen); + CONFIG_PARSER_PROTOTYPE(config_parse_socket_protocol); + CONFIG_PARSER_PROTOTYPE(config_parse_socket_bind); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_nice); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_oom_score_adjust); + CONFIG_PARSER_PROTOTYPE(config_parse_exec); + CONFIG_PARSER_PROTOTYPE(config_parse_service_timeout); + CONFIG_PARSER_PROTOTYPE(config_parse_service_type); + CONFIG_PARSER_PROTOTYPE(config_parse_service_restart); + CONFIG_PARSER_PROTOTYPE(config_parse_socket_bindtodevice); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_output); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_input); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_input_text); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_input_data); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_io_class); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_io_priority); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_cpu_sched_policy); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_cpu_sched_prio); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_cpu_affinity); ++CONFIG_PARSER_PROTOTYPE(config_parse_exec_capabilities); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_secure_bits); + CONFIG_PARSER_PROTOTYPE(config_parse_capability_set); + CONFIG_PARSER_PROTOTYPE(config_parse_kill_signal); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_mount_flags); + CONFIG_PARSER_PROTOTYPE(config_parse_timer); + CONFIG_PARSER_PROTOTYPE(config_parse_trigger_unit); + CONFIG_PARSER_PROTOTYPE(config_parse_path_spec); + CONFIG_PARSER_PROTOTYPE(config_parse_socket_service); + CONFIG_PARSER_PROTOTYPE(config_parse_service_sockets); ++CONFIG_PARSER_PROTOTYPE(config_parse_busname_service); ++CONFIG_PARSER_PROTOTYPE(config_parse_bus_policy); ++CONFIG_PARSER_PROTOTYPE(config_parse_bus_policy_world); + CONFIG_PARSER_PROTOTYPE(config_parse_unit_env_file); + CONFIG_PARSER_PROTOTYPE(config_parse_ip_tos); + CONFIG_PARSER_PROTOTYPE(config_parse_unit_condition_path); + CONFIG_PARSER_PROTOTYPE(config_parse_unit_condition_string); + CONFIG_PARSER_PROTOTYPE(config_parse_unit_condition_null); + CONFIG_PARSER_PROTOTYPE(config_parse_kill_mode); + CONFIG_PARSER_PROTOTYPE(config_parse_notify_access); + CONFIG_PARSER_PROTOTYPE(config_parse_emergency_action); + CONFIG_PARSER_PROTOTYPE(config_parse_unit_requires_mounts_for); + CONFIG_PARSER_PROTOTYPE(config_parse_syscall_filter); + CONFIG_PARSER_PROTOTYPE(config_parse_syscall_archs); + CONFIG_PARSER_PROTOTYPE(config_parse_syscall_errno); + CONFIG_PARSER_PROTOTYPE(config_parse_environ); + CONFIG_PARSER_PROTOTYPE(config_parse_pass_environ); + CONFIG_PARSER_PROTOTYPE(config_parse_unset_environ); + CONFIG_PARSER_PROTOTYPE(config_parse_unit_slice); + CONFIG_PARSER_PROTOTYPE(config_parse_cg_weight); + CONFIG_PARSER_PROTOTYPE(config_parse_cpu_shares); + CONFIG_PARSER_PROTOTYPE(config_parse_memory_limit); + CONFIG_PARSER_PROTOTYPE(config_parse_tasks_max); + CONFIG_PARSER_PROTOTYPE(config_parse_delegate); + CONFIG_PARSER_PROTOTYPE(config_parse_device_policy); + CONFIG_PARSER_PROTOTYPE(config_parse_device_allow); + CONFIG_PARSER_PROTOTYPE(config_parse_io_device_weight); + CONFIG_PARSER_PROTOTYPE(config_parse_io_limit); + CONFIG_PARSER_PROTOTYPE(config_parse_blockio_weight); + CONFIG_PARSER_PROTOTYPE(config_parse_blockio_device_weight); + CONFIG_PARSER_PROTOTYPE(config_parse_blockio_bandwidth); + CONFIG_PARSER_PROTOTYPE(config_parse_netclass); + CONFIG_PARSER_PROTOTYPE(config_parse_job_mode); + CONFIG_PARSER_PROTOTYPE(config_parse_job_mode_isolate); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_selinux_context); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_apparmor_profile); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_smack_process_label); + CONFIG_PARSER_PROTOTYPE(config_parse_address_families); + CONFIG_PARSER_PROTOTYPE(config_parse_runtime_preserve_mode); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_directories); + CONFIG_PARSER_PROTOTYPE(config_parse_set_status); + CONFIG_PARSER_PROTOTYPE(config_parse_namespace_path_strv); + CONFIG_PARSER_PROTOTYPE(config_parse_temporary_filesystems); + CONFIG_PARSER_PROTOTYPE(config_parse_cpu_quota); + CONFIG_PARSER_PROTOTYPE(config_parse_protect_home); + CONFIG_PARSER_PROTOTYPE(config_parse_protect_system); + CONFIG_PARSER_PROTOTYPE(config_parse_bus_name); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_utmp_mode); + CONFIG_PARSER_PROTOTYPE(config_parse_working_directory); + CONFIG_PARSER_PROTOTYPE(config_parse_fdname); + CONFIG_PARSER_PROTOTYPE(config_parse_sec_fix_0); + CONFIG_PARSER_PROTOTYPE(config_parse_user_group); + CONFIG_PARSER_PROTOTYPE(config_parse_user_group_strv); + CONFIG_PARSER_PROTOTYPE(config_parse_restrict_namespaces); + CONFIG_PARSER_PROTOTYPE(config_parse_bind_paths); + CONFIG_PARSER_PROTOTYPE(config_parse_exec_keyring_mode); + CONFIG_PARSER_PROTOTYPE(config_parse_job_timeout_sec); + CONFIG_PARSER_PROTOTYPE(config_parse_job_running_timeout_sec); + CONFIG_PARSER_PROTOTYPE(config_parse_log_extra_fields); + CONFIG_PARSER_PROTOTYPE(config_parse_collect_mode); /* gperf prototypes */ const struct ConfigPerfItem* load_fragment_gperf_lookup(const char *key, GPERF_LEN_TYPE length); diff --cc src/core/macros.systemd.in index e60fe05,f3b74f4..c88723e --- a/src/core/macros.systemd.in +++ b/src/core/macros.systemd.in @@@ -144,11 -139,5 +140,11 @@@ SYSTEMD_INLINE_EOF %{nil} %binfmt_apply() \ - @rootlibexecdir@/systemd-binfmt %{?*} >/dev/null 2>&1 || : \ + @rootlibexecdir@/systemd-binfmt %{?*} &>/dev/null || : \ %{nil} + + +%install_service() \ +mkdir -p %{buildroot}/%{_unitdir}/%{1} \ +ln -s ../%{2} %{buildroot}/%{_unitdir}/%{1}/%{2} \ +%{nil} diff --cc src/core/manager.c index f48c8f0,930df4e..bbf8ada --- a/src/core/manager.c +++ b/src/core/manager.c @@@ -791,15 -850,12 +850,12 @@@ int manager_new(UnitFileScope scope, un !in_initrd() && dir_is_empty("/usr") > 0; - /* Note that we do not set up the notify fd here. We do that after deserialization, + /* Note that we do not set up neither kdbus, nor the notify fd here. We do that after deserialization, * since they might have gotten serialized across the reexec. */ - *_m = m; - return 0; + *_m = TAKE_PTR(m); - fail: - manager_free(m); - return r; + return 0; } static int manager_setup_notify(Manager *m) { @@@ -3406,9 -3599,7 +3649,8 @@@ static void manager_notify_finished(Man "MESSAGE_ID=" SD_MESSAGE_USER_STARTUP_FINISHED_STR, "USERSPACE_USEC="USEC_FMT, userspace_usec, LOG_MESSAGE("Startup finished in %s.", - format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC)), - NULL); + format_timespan(sum, sizeof(sum), total_usec, USEC_PER_MSEC))); + bus_manager_send_user_finished_to_system(m, getuid()); } bus_manager_send_finished(m, firmware_usec, loader_usec, kernel_usec, initrd_usec, userspace_usec, total_usec); diff --cc src/core/meson.build index 6ab96c4,3852c5e..27b9b55 --- a/src/core/meson.build +++ b/src/core/meson.build @@@ -169,8 -148,8 +154,9 @@@ libcore = static_library load_fragment_gperf_c, load_fragment_gperf_nulstr_c, include_directories : includes, - link_with : [libshared_static], dependencies : [threads, ++ libcap, + librt, libseccomp, libpam, libaudit, diff --cc src/core/timer.c index b8a51bf,db20297..e45e51a --- a/src/core/timer.c +++ b/src/core/timer.c @@@ -277,10 -259,10 +259,10 @@@ static void timer_set_state(Timer *t, T if (state != old_state) log_unit_debug(UNIT(t), "Changed %s -> %s", timer_state_to_string(old_state), timer_state_to_string(state)); - unit_notify(UNIT(t), state_translation_table[old_state], state_translation_table[state], true); + unit_notify(UNIT(t), state_translation_table[old_state], state_translation_table[state], 0); } -static void timer_enter_waiting(Timer *t, bool initial); +static void timer_enter_waiting(Timer *t, bool initial, bool time_change); static int timer_coldplug(Unit *u) { Timer *t = TIMER(u); @@@ -830,9 -811,21 +812,21 @@@ static void timer_time_change(Unit *u) t->last_trigger.realtime = ts; log_unit_debug(u, "Time change, recalculating next elapse."); - timer_enter_waiting(t, false); + timer_enter_waiting(t, false, true); } + static void timer_timezone_change(Unit *u) { + Timer *t = TIMER(u); + + assert(u); + + if (t->state != TIMER_WAITING) + return; + + log_unit_debug(u, "Timezone change, recalculating next elapse."); - timer_enter_waiting(t, false); ++ timer_enter_waiting(t, false, false); + } + static const char* const timer_base_table[_TIMER_BASE_MAX] = { [TIMER_ACTIVE] = "OnActiveSec", [TIMER_BOOT] = "OnBootSec", diff --cc src/journal/journald.conf index 4bbfa2d,94d5c67..34edb2f --- a/src/journal/journald.conf +++ b/src/journal/journald.conf @@@ -12,14 -12,14 +12,14 @@@ # See journald.conf(5) for details. [Journal] -#Storage=auto +Storage=persistent #Compress=yes #Seal=yes -#SplitMode=uid +SplitMode=none #SyncIntervalSec=5m #RateLimitIntervalSec=30s - #RateLimitBurst=1000 + #RateLimitBurst=10000 -#SystemMaxUse= +SystemMaxUse=4M #SystemKeepFree= #SystemMaxFileSize= #SystemMaxFiles=100 diff --cc src/libsystemd/sd-bus/bus-kernel.h index 77f4b0a,44c9a76..b5b6449 --- a/src/libsystemd/sd-bus/bus-kernel.h +++ b/src/libsystemd/sd-bus/bus-kernel.h @@@ -2,45 -2,10 +2,29 @@@ #pragma once /*** - This file is part of systemd. - - Copyright 2013 Lennart Poettering - - systemd is free software; you can redistribute it and/or modify it - under the terms of the GNU Lesser General Public License as published by - the Free Software Foundation; either version 2.1 of the License, or - (at your option) any later version. - - systemd is distributed in the hope that it will be useful, but - WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU - Lesser General Public License for more details. - - You should have received a copy of the GNU Lesser General Public License - along with systemd; If not, see . ***/ +#include + #include "sd-bus.h" +#define KDBUS_ITEM_NEXT(item) \ + (typeof(item))(((uint8_t *)item) + ALIGN8((item)->size)) + +#define KDBUS_ITEM_FOREACH(part, head, first) \ + for (part = (head)->first; \ + ((uint8_t *)(part) < (uint8_t *)(head) + (head)->size) && \ + ((uint8_t *) part >= (uint8_t *) head); \ + part = KDBUS_ITEM_NEXT(part)) +#define KDBUS_FOREACH(iter, first, _size) \ + for (iter = (first); \ + ((uint8_t *)(iter) < (uint8_t *)(first) + (_size)) && \ + ((uint8_t *)(iter) >= (uint8_t *)(first)); \ + iter = (void*)(((uint8_t *)iter) + ALIGN8((iter)->size))) + +#define KDBUS_ITEM_HEADER_SIZE offsetof(struct kdbus_item, data) +#define KDBUS_ITEM_SIZE(s) ALIGN8((s) + KDBUS_ITEM_HEADER_SIZE) + #define MEMFD_CACHE_MAX 32 /* When we cache a memfd block for reuse, we will truncate blocks diff --cc src/libsystemd/sd-bus/bus-message.c index 1e5eec1,8d92bc2..475b253 --- a/src/libsystemd/sd-bus/bus-message.c +++ b/src/libsystemd/sd-bus/bus-message.c @@@ -927,54 -872,10 +892,50 @@@ int bus_message_new_synthetic_error bus_message_set_sender_driver(bus, t); - *m = t; + *m = TAKE_PTR(t); return 0; - - fail: - message_free(t); - return r; } +int bus_message_new_synthetic_reply( + sd_bus *bus, + uint64_t cookie, + sd_bus_message **m) { + + sd_bus_message *t; + int r; + + assert(bus); + assert(m); + + r = sd_bus_message_new(bus, &t, SD_BUS_MESSAGE_METHOD_RETURN); + if (r < 0) + return -ENOMEM; + + assert(t); + + t->header->flags |= BUS_MESSAGE_NO_REPLY_EXPECTED; + t->reply_cookie = cookie; + + r = message_append_reply_cookie(t, t->reply_cookie); + if (r < 0) + goto fail; + + if (bus && bus->unique_name) { + r = message_append_field_string(t, BUS_MESSAGE_HEADER_DESTINATION, SD_BUS_TYPE_STRING, bus->unique_name, &t->destination); + if (r < 0) + goto fail; + } + + bus_message_set_sender_driver(bus, t); + + *m = t; + return 0; + +fail: + message_free(t); + return r; +} + _public_ sd_bus_message* sd_bus_message_ref(sd_bus_message *m) { if (!m) diff --cc src/libsystemd/sd-bus/sd-bus.c index c75207d,089b51a..f50c8ea --- a/src/libsystemd/sd-bus/sd-bus.c +++ b/src/libsystemd/sd-bus/sd-bus.c @@@ -255,31 -235,26 +241,28 @@@ _public_ int sd_bus_new(sd_bus **ret) assert_return(ret, -EINVAL); - r = new0(sd_bus, 1); - if (!r) + b = new0(sd_bus, 1); + if (!b) return -ENOMEM; - r->n_ref = REFCNT_INIT; - r->input_fd = r->output_fd = -1; - r->inotify_fd = -1; - r->message_version = 1; - r->creds_mask |= SD_BUS_CREDS_WELL_KNOWN_NAMES|SD_BUS_CREDS_UNIQUE_NAME; - r->hello_flags |= KDBUS_HELLO_ACCEPT_FD; - r->attach_flags |= KDBUS_ATTACH_NAMES; - r->accept_fd = true; - r->original_pid = getpid_cached(); - r->n_groups = (size_t) -1; - - assert_se(pthread_mutex_init(&r->memfd_cache_mutex, NULL) == 0); - - /* We guarantee that wqueue always has space for at least one - * entry */ - if (!GREEDY_REALLOC(r->wqueue, r->wqueue_allocated, 1)) { - free(r); + b->n_ref = REFCNT_INIT; + b->input_fd = b->output_fd = -1; + b->inotify_fd = -1; + b->message_version = 1; + b->creds_mask |= SD_BUS_CREDS_WELL_KNOWN_NAMES|SD_BUS_CREDS_UNIQUE_NAME; ++ b->hello_flags |= KDBUS_HELLO_ACCEPT_FD; ++ b->attach_flags |= KDBUS_ATTACH_NAMES; + b->accept_fd = true; + b->original_pid = getpid_cached(); + b->n_groups = (size_t) -1; + + assert_se(pthread_mutex_init(&b->memfd_cache_mutex, NULL) == 0); + + /* We guarantee that wqueue always has space for at least one entry */ + if (!GREEDY_REALLOC(b->wqueue, b->wqueue_allocated, 1)) return -ENOMEM; - } - *ret = r; + *ret = TAKE_PTR(b); return 0; } @@@ -1506,8 -1294,7 +1477,9 @@@ _public_ int sd_bus_open_system(sd_bus int bus_set_address_user(sd_bus *b) { const char *e; - _cleanup_free_ char *ee = NULL, *s = NULL; ++ _cleanup_free_ char *s = NULL; + uid_t uid; + int r; assert(b); @@@ -1515,25 -1302,19 +1487,25 @@@ if (e) return sd_bus_set_address(b, e); + r = cg_pid_get_owner_uid(0, &uid); + if (r < 0) + uid = getuid(); + e = secure_getenv("XDG_RUNTIME_DIR"); - if (!e) - return -ENOENT; + if (e) { + _cleanup_free_ char *ee = NULL; - ee = bus_address_escape(e); - if (!ee) - return -ENOMEM; + ee = bus_address_escape(e); + if (!ee) + return -ENOMEM; - (void) asprintf(&b->address, DEFAULT_USER_BUS_ADDRESS_FMT, uid, ee); - } else - (void) asprintf(&b->address, KERNEL_USER_BUS_ADDRESS_FMT, uid); - - if (!b->address) - if (asprintf(&s, DEFAULT_USER_BUS_ADDRESS_FMT, ee) < 0) ++ if (asprintf(&s, DEFAULT_USER_BUS_ADDRESS_FMT, uid, ee) < 0) ++ return -ENOMEM; ++ } else if (asprintf(&s, KERNEL_USER_BUS_ADDRESS_FMT, uid) < 0) return -ENOMEM; + b->address = TAKE_PTR(s); + return 0; } @@@ -3493,13 -3228,18 +3452,21 @@@ static int bus_add_match_full r = bus_add_match_internal_async(bus, &s->match_callback.install_slot, s->match_callback.match_string, + components, + n_components, + s->match_callback.cookie, add_match_callback, s); - else + + if (r < 0) + return r; + + /* Make the slot of the match call floating now. We need the reference, but we don't + * want that this match pins the bus object, hence we first create it non-floating, but + * then make it floating. */ + r = sd_bus_slot_set_floating(s->match_callback.install_slot, true); + } else - r = bus_add_match_internal(bus, s->match_callback.match_string); + r = bus_add_match_internal(bus, s->match_callback.match_string, components, n_components, s->match_callback.cookie); if (r < 0) goto finish; diff --cc src/login/logind-user.c index 3e90e6c,8c4cd54..95ad67c --- a/src/login/logind-user.c +++ b/src/login/logind-user.c @@@ -2,28 -2,8 +2,9 @@@ #include #include - #include #include #include +#include #include "alloc-util.h" #include "bus-common-errors.h" diff --cc src/login/user-runtime-dir.c index 0000000,1bb26c9..338519f mode 000000,100644..100644 --- a/src/login/user-runtime-dir.c +++ b/src/login/user-runtime-dir.c @@@ -1,0 -1,170 +1,207 @@@ + /* SPDX-License-Identifier: LGPL-2.1+ */ + + #include + #include ++#include + + #include "fs-util.h" + #include "label.h" + #include "logind.h" + #include "mkdir.h" + #include "mount-util.h" + #include "path-util.h" + #include "rm-rf.h" + #include "smack-util.h" + #include "stdio-util.h" + #include "string-util.h" + #include "strv.h" + #include "user-util.h" + + static int gather_configuration(size_t *runtime_dir_size) { + Manager m = {}; + int r; + + manager_reset_config(&m); + + r = manager_parse_config_file(&m); + if (r < 0) + log_warning_errno(r, "Failed to parse logind.conf: %m"); + + *runtime_dir_size = m.runtime_dir_size; + return 0; + } + ++static int user_mkdir_system_share_path(const char *runtime_path, uid_t uid) { ++ int r; ++ gid_t system_share_gid; ++ _cleanup_free_ char *t = NULL; ++ const char *system_share_group = "system_share"; ++ ++ r = get_group_creds(&system_share_group, &system_share_gid); ++ if (r < 0) ++ return r; ++ ++ /* mount option "gid=system_share" doesn't work. So, we have to modify gid here*/ ++ r = chmod_and_chown(runtime_path, 0750, uid, system_share_gid); ++ if (r < 0) ++ return log_error_errno(r, "Failed to change runtime directory ownership and mode: %m"); ++ ++ r = asprintf(&t, "/run/user/"UID_FMT"/system_share", uid); ++ if (r < 0) ++ return log_oom(); ++ ++ r = mkdir_safe_label(t, 0750, uid, system_share_gid, false); ++ if (r < 0) ++ return log_error_errno(r, "Failed to create '%s': %m", t); ++ ++ if (mac_smack_use()) { ++ r = lsetxattr(t, "security.SMACK64", SMACK_STAR_LABEL, strlen(SMACK_STAR_LABEL), 0); ++ if (r < 0) ++ return log_error_errno(r, "Failed to apply smack label * to '%s': %m", t); ++ } ++ ++ return 0; ++} ++ + static int user_mkdir_runtime_path(const char *runtime_path, uid_t uid, gid_t gid, size_t runtime_dir_size) { + int r; + + assert(runtime_path); + assert(path_is_absolute(runtime_path)); + assert(uid_is_valid(uid)); + assert(gid_is_valid(gid)); + + r = mkdir_safe_label("/run/user", 0755, 0, 0, MKDIR_WARN_MODE); + if (r < 0) + return log_error_errno(r, "Failed to create /run/user: %m"); + + if (path_is_mount_point(runtime_path, NULL, 0) >= 0) + log_debug("%s is already a mount point", runtime_path); + else { + char options[sizeof("mode=0700,uid=,gid=,size=,smackfsroot=*") + + DECIMAL_STR_MAX(uid_t) + + DECIMAL_STR_MAX(gid_t) + + DECIMAL_STR_MAX(size_t)]; + + xsprintf(options, + "mode=0700,uid=" UID_FMT ",gid=" GID_FMT ",size=%zu%s", + uid, gid, runtime_dir_size, + mac_smack_use() ? ",smackfsroot=*" : ""); + + (void) mkdir_label(runtime_path, 0700); + + r = mount("tmpfs", runtime_path, "tmpfs", MS_NODEV|MS_NOSUID, options); + if (r < 0) { + if (!IN_SET(errno, EPERM, EACCES)) { + r = log_error_errno(errno, "Failed to mount per-user tmpfs directory %s: %m", runtime_path); + goto fail; + } + + log_debug_errno(errno, "Failed to mount per-user tmpfs directory %s.\n" + "Assuming containerized execution, ignoring: %m", runtime_path); + + r = chmod_and_chown(runtime_path, 0700, uid, gid); + if (r < 0) { + log_error_errno(r, "Failed to change ownership and mode of \"%s\": %m", runtime_path); + goto fail; + } + } + + r = label_fix(runtime_path, 0); + if (r < 0) + log_warning_errno(r, "Failed to fix label of \"%s\", ignoring: %m", runtime_path); ++ ++ r = user_mkdir_system_share_path(runtime_path, uid); ++ if (r < 0) ++ goto fail; + } + + return 0; + + fail: + /* Try to clean up, but ignore errors */ + (void) rmdir(runtime_path); + return r; + } + + static int user_remove_runtime_path(const char *runtime_path) { + int r; + + assert(runtime_path); + assert(path_is_absolute(runtime_path)); + + r = rm_rf(runtime_path, 0); + if (r < 0) + log_error_errno(r, "Failed to remove runtime directory %s (before unmounting): %m", runtime_path); + + /* Ignore cases where the directory isn't mounted, as that's + * quite possible, if we lacked the permissions to mount + * something */ + r = umount2(runtime_path, MNT_DETACH); + if (r < 0 && !IN_SET(errno, EINVAL, ENOENT)) + log_error_errno(errno, "Failed to unmount user runtime directory %s: %m", runtime_path); + + r = rm_rf(runtime_path, REMOVE_ROOT); + if (r < 0) + log_error_errno(r, "Failed to remove runtime directory %s (after unmounting): %m", runtime_path); + + return r; + } + + static int do_mount(const char *runtime_path, uid_t uid, gid_t gid) { + size_t runtime_dir_size; + + assert_se(gather_configuration(&runtime_dir_size) == 0); + + log_debug("Will mount %s owned by "UID_FMT":"GID_FMT, runtime_path, uid, gid); + return user_mkdir_runtime_path(runtime_path, uid, gid, runtime_dir_size); + } + + static int do_umount(const char *runtime_path) { + log_debug("Will remove %s", runtime_path); + return user_remove_runtime_path(runtime_path); + } + + int main(int argc, char *argv[]) { + const char *user; + uid_t uid; + gid_t gid; + char runtime_path[sizeof("/run/user") + DECIMAL_STR_MAX(uid_t)]; + int r; + + log_parse_environment(); + log_open(); + + if (argc != 3) { + log_error("This program takes two arguments."); + return EXIT_FAILURE; + } + if (!STR_IN_SET(argv[1], "start", "stop")) { + log_error("First argument must be either \"start\" or \"stop\"."); + return EXIT_FAILURE; + } + + umask(0022); + + user = argv[2]; + r = get_user_creds(&user, &uid, &gid, NULL, NULL); + if (r < 0) { + log_error_errno(r, + r == -ESRCH ? "No such user \"%s\"" : + r == -ENOMSG ? "UID \"%s\" is invalid or has an invalid main group" + : "Failed to look up user \"%s\": %m", + user); + return EXIT_FAILURE; + } + + xsprintf(runtime_path, "/run/user/" UID_FMT, uid); + + if (streq(argv[1], "start")) + r = do_mount(runtime_path, uid, gid); + else if (streq(argv[1], "stop")) + r = do_umount(runtime_path); + else + assert_not_reached("Unknown verb!"); + + return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; + } diff --cc src/systemctl/systemctl.c index ee3ac57,f072ad0..1ca3ab2 --- a/src/systemctl/systemctl.c +++ b/src/systemctl/systemctl.c @@@ -7429,18 -7209,11 +7230,15 @@@ static void help_states(void) if (!arg_no_legend) puts("\nAvailable automount unit substates:"); - for (i = 0; i < _AUTOMOUNT_STATE_MAX; i++) - puts(automount_state_to_string(i)); + DUMP_STRING_TABLE(automount_state, AutomountState, _AUTOMOUNT_STATE_MAX); if (!arg_no_legend) + puts("\nAvailable busname unit substates:"); - for (i = 0; i < _BUSNAME_STATE_MAX; i++) - puts(busname_state_to_string(i)); ++ DUMP_STRING_TABLE(busname_state, BusNameState, _BUSNAME_STATE_MAX); + + if (!arg_no_legend) puts("\nAvailable device unit substates:"); - for (i = 0; i < _DEVICE_STATE_MAX; i++) - puts(device_state_to_string(i)); + DUMP_STRING_TABLE(device_state, DeviceState, _DEVICE_STATE_MAX); if (!arg_no_legend) puts("\nAvailable mount unit substates:"); diff --cc src/test/test-tables.c index 894a094,944104a..4c3b264 --- a/src/test/test-tables.c +++ b/src/test/test-tables.c @@@ -53,19 -38,26 +39,29 @@@ int main(int argc, char **argv) { test_table(architecture, ARCHITECTURE); + test_table(assert_type, CONDITION_TYPE); test_table(automount_result, AUTOMOUNT_RESULT); test_table(automount_state, AUTOMOUNT_STATE); + test_table(bus_policy_access, BUS_POLICY_ACCESS); + test_table(busname_result, BUSNAME_RESULT); + test_table(busname_state, BUSNAME_STATE); + test_table(cgroup_controller, CGROUP_CONTROLLER); test_table(cgroup_device_policy, CGROUP_DEVICE_POLICY); - test_table(condition_type, CONDITION_TYPE); - test_table(assert_type, CONDITION_TYPE); + test_table(cgroup_io_limit_type, CGROUP_IO_LIMIT_TYPE); + test_table(collect_mode, COLLECT_MODE); test_table(condition_result, CONDITION_RESULT); + test_table(condition_type, CONDITION_TYPE); test_table(device_state, DEVICE_STATE); + test_table(dnssec_mode, DNSSEC_MODE); + test_table(emergency_action, EMERGENCY_ACTION); + test_table(exec_directory_type, EXEC_DIRECTORY_TYPE); test_table(exec_input, EXEC_INPUT); + test_table(exec_keyring_mode, EXEC_KEYRING_MODE); test_table(exec_output, EXEC_OUTPUT); - test_table(emergency_action, EMERGENCY_ACTION); + test_table(exec_preserve_mode, EXEC_PRESERVE_MODE); + test_table(exec_utmp_mode, EXEC_UTMP_MODE); + test_table(image_type, IMAGE_TYPE); + test_table(import_verify, IMPORT_VERIFY); test_table(job_mode, JOB_MODE); test_table(job_result, JOB_RESULT); test_table(job_state, JOB_STATE); diff --cc units/meson.build index bda5a1b,e4ac6ce..932429c --- a/units/meson.build +++ b/units/meson.build @@@ -228,16 -217,10 +219,17 @@@ in_units = 'sysinit.target.wants/'], ['systemd-user-sessions.service', 'HAVE_PAM', 'multi-user.target.wants/'], - ['systemd-vconsole-setup.service', 'ENABLE_VCONSOLE'], + ['systemd-vconsole-setup.service', 'ENABLE_VCONSOLE', + 'sysinit.target.wants/'], ['systemd-volatile-root.service', ''], + ['user-runtime-dir@.service', ''], ['user@.service', ''], + ['booting-done.service', '', + 'delayed.target.wants/'], + ['system-delayed-target-done.service', '', + 'delayed.target.wants/'], + ['system-default-target-done.service', '', 'graphical.target.wants/'], + ['system-delayed-target-trigger.service', '', 'graphical.target.wants/'], ] m4_units = [ @@@ -245,26 -230,8 +239,10 @@@ 'autovt@.service ' + join_paths(pkgsysconfdir, 'system/getty.target.wants/getty@tty1.service')], ['serial-getty@.service', ''], + ['tmp.mount', '', + 'local-fs.target.wants/'], ] - m4_in_units = [ - ['console-getty.service', ''], - ['container-getty@.service', ''], - ] - - foreach tuple : m4_in_units - file = tuple[0] - - gen = configure_file( - input : file + '.m4.in', - output : file + '.m4', - configuration : substs) - - m4_units += [[file, tuple.get(1, ''), tuple.get(2, ''), gen]] - endforeach - foreach tuple : in_units file = tuple[0] diff --cc units/systemd-logind.service.in index 518a391,5e090bc..addaa45 --- a/units/systemd-logind.service.in +++ b/units/systemd-logind.service.in @@@ -28,11 -27,11 +28,12 @@@ BusName=org.freedesktop.login WatchdogSec=3min CapabilityBoundingSet=CAP_SYS_ADMIN CAP_MAC_ADMIN CAP_AUDIT_CONTROL CAP_CHOWN CAP_KILL CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_FOWNER CAP_SYS_TTY_CONFIG MemoryDenyWriteExecute=yes +SmackProcessLabel=System::Privileged RestrictRealtime=yes RestrictNamespaces=yes - RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 - SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @obsolete @raw-io @reboot @swap + RestrictAddressFamilies=AF_UNIX AF_NETLINK + SystemCallFilter=@system-service + SystemCallErrorNumber=EPERM SystemCallArchitectures=native LockPersonality=yes IPAddressDeny=any diff --cc units/systemd-machined.service.in index a3d3494,1200a90..1c351fd --- a/units/systemd-machined.service.in +++ b/units/systemd-machined.service.in @@@ -21,10 -21,10 +21,11 @@@ BusName=org.freedesktop.machine WatchdogSec=3min CapabilityBoundingSet=CAP_KILL CAP_SYS_PTRACE CAP_SYS_ADMIN CAP_SETGID CAP_SYS_CHROOT CAP_DAC_READ_SEARCH CAP_DAC_OVERRIDE CAP_CHOWN CAP_FOWNER CAP_FSETID CAP_MKNOD MemoryDenyWriteExecute=yes +SmackProcessLabel=System RestrictRealtime=yes RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6 - SystemCallFilter=~@clock @cpu-emulation @debug @keyring @module @obsolete @raw-io @reboot @swap + SystemCallFilter=@system-service @mount + SystemCallErrorNumber=EPERM SystemCallArchitectures=native LockPersonality=yes IPAddressDeny=any diff --cc units/systemd-tmpfiles-setup-dev.service.in index 594fe9a,1d06b36..6f85707 --- a/units/systemd-tmpfiles-setup-dev.service.in +++ b/units/systemd-tmpfiles-setup-dev.service.in @@@ -20,5 -20,4 +20,5 @@@ ConditionCapability=CAP_SYS_MODUL Type=oneshot RemainAfterExit=yes ExecStart=@rootbindir@/systemd-tmpfiles --prefix=/dev --create --boot - SuccessExitStatus=65 + SuccessExitStatus=65 73 +SmackProcessLabel=System::Privileged diff --cc units/systemd-tmpfiles-setup.service.in index f573e3c,384be59..8e3c68c --- a/units/systemd-tmpfiles-setup.service.in +++ b/units/systemd-tmpfiles-setup.service.in @@@ -20,5 -20,4 +20,5 @@@ RefuseManualStop=ye Type=oneshot RemainAfterExit=yes ExecStart=@rootbindir@/systemd-tmpfiles --create --remove --boot --exclude-prefix=/dev - SuccessExitStatus=65 + SuccessExitStatus=65 73 +SmackProcessLabel=System::Privileged diff --cc units/systemd-udev-trigger.service.in index 252f25b,b60204e..c2d22cc --- a/units/systemd-udev-trigger.service.in +++ b/units/systemd-udev-trigger.service.in @@@ -19,5 -19,5 +19,6 @@@ ConditionPathIsReadWrite=/sy [Service] Type=oneshot RemainAfterExit=yes - ExecStart=@rootbindir@/udevadm trigger --type=subsystems --action=add ; @rootbindir@/udevadm trigger --type=devices --action=add + ExecStart=@rootbindir@/udevadm trigger --type=subsystems --action=add + ExecStart=@rootbindir@/udevadm trigger --type=devices --action=add +SmackProcessLabel=System diff --cc units/systemd-udevd.service.in index 5977a40,6a3814e..369e6da --- a/units/systemd-udevd.service.in +++ b/units/systemd-udevd.service.in @@@ -25,8 -25,7 +25,8 @@@ ExecStart=@rootlibexecdir@/systemd-udev KillMode=mixed WatchdogSec=3min TasksMax=infinity +SmackProcessLabel=System::Privileged - MountFlags=slave + PrivateMounts=yes MemoryDenyWriteExecute=yes RestrictRealtime=yes RestrictAddressFamilies=AF_UNIX AF_NETLINK AF_INET AF_INET6