platform/upstream/systemd.git
10 years agoutil: make use of newly added reset_signal_mask() call wherever appropriate
Lennart Poettering [Tue, 26 Aug 2014 19:11:35 +0000 (21:11 +0200)]
util: make use of newly added reset_signal_mask() call wherever appropriate

10 years agoutil: reset signals when we fork off agents
Lennart Poettering [Tue, 26 Aug 2014 19:04:21 +0000 (21:04 +0200)]
util: reset signals when we fork off agents

If we invoke agents, we should make sure we actually can kill them
again. I mean, it's probably not our job to cleanup the signals if our
tools are invoked in weird contexts, but at least we should make sure,
that the subprocesses we invoke and intend to control work as intended.

Also see:

http://lists.freedesktop.org/archives/systemd-devel/2014-August/022460.html

10 years agoutil: make sure reset_all_signal_handlers() continues with all other signal handlers...
Lennart Poettering [Tue, 26 Aug 2014 19:03:20 +0000 (21:03 +0200)]
util: make sure reset_all_signal_handlers() continues with all other signal handlers when one sigaction() fails

After all, we usually don't check for failures here, and it is better to
do as much as we can...

10 years agosd-bus: don't include internal header memfd.h in public header sd-bus.h
Hristo Venev [Tue, 26 Aug 2014 18:40:35 +0000 (20:40 +0200)]
sd-bus: don't include internal header memfd.h in public header sd-bus.h

https://bugs.freedesktop.org/show_bug.cgi?id=83097

10 years agosystemctl: Correct error message printed when bus_process_wait fails
Sjoerd Simons [Sat, 23 Aug 2014 19:11:44 +0000 (21:11 +0200)]
systemctl: Correct error message printed when bus_process_wait fails

Actually use the variable containing the return code of bus_process_wait when
printing the error message as a result of it failing.

10 years agosd-bus: remove unused call bus_kernel_create_monitor()
Lennart Poettering [Tue, 26 Aug 2014 18:35:31 +0000 (20:35 +0200)]
sd-bus: remove unused call bus_kernel_create_monitor()

Noticed by Djalal Harouni

10 years agotest-util: use assert_se() for call to safe_mkdir with side effect
Filipe Brandenburger [Tue, 26 Aug 2014 05:05:04 +0000 (22:05 -0700)]
test-util: use assert_se() for call to safe_mkdir with side effect

Otherwise it gets optimized out when CPPFLAGS='-DNDEBUG' is used.

Tested:
- make check TESTS='test-util' CPPFLAGS='-DNDEBUG'

10 years agotest-path-util: use assert_se in all assertions
Filipe Brandenburger [Tue, 26 Aug 2014 05:05:03 +0000 (22:05 -0700)]
test-path-util: use assert_se in all assertions

Otherwise they get optimized out when CPPFLAGS='-DNDEBUG' is used, and that
causes the tests to fail.

Tested:
- make check TESTS='test-path-util' CPPFLAGS='-DNDEBUG'

10 years agotest-compress: make sure asserts with side effects use assert_se()
Filipe Brandenburger [Tue, 26 Aug 2014 05:05:02 +0000 (22:05 -0700)]
test-compress: make sure asserts with side effects use assert_se()

Otherwise the test fails when built with CPPFLAGS='-DNDEBUG' which disables
assertions.

Tested:
- make check TESTS='test-compress' CPPFLAGS='-DNDEBUG'

10 years agonetworkd-wait-online: add missing short option 'i' to optstring
Łukasz Stelmach [Tue, 26 Aug 2014 10:28:28 +0000 (12:28 +0200)]
networkd-wait-online: add missing short option 'i' to optstring

10 years agomissing: add BPF_XOR
Michael Olbrich [Thu, 21 Aug 2014 10:38:08 +0000 (12:38 +0200)]
missing: add BPF_XOR

BPF_XOR was introduced in kernel 3.7

10 years agoNEWS: Fix typos.
Ansgar Burchardt [Mon, 25 Aug 2014 22:19:54 +0000 (00:19 +0200)]
NEWS: Fix typos.

10 years agoupdate TODO
Lennart Poettering [Tue, 26 Aug 2014 18:23:49 +0000 (20:23 +0200)]
update TODO

10 years agoudev: hwdb - do not look at "usb_device" parents
Kay Sievers [Tue, 26 Aug 2014 16:27:36 +0000 (18:27 +0200)]
udev: hwdb - do not look at "usb_device" parents

Based on a patch from Simon McVittie <simon.mcvittie@collabora.co.uk>.

Bug-Debian: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=758050

10 years agoRevert "systemctl: fix broken list-unit-files with --root"
Lennart Poettering [Tue, 26 Aug 2014 02:03:24 +0000 (04:03 +0200)]
Revert "systemctl: fix broken list-unit-files with --root"

This reverts commit 41a451cc2901a5deb985aea4cc8de204a22e5612.

This breaks checks for masking of units file, since we invoke
null_or_empty_path() on the resulting path.

10 years agoupdate TODO
Lennart Poettering [Tue, 26 Aug 2014 01:59:05 +0000 (03:59 +0200)]
update TODO

10 years agosd-event: sd_event_prepare - stay in PREPARED if sd_event_wait() indicates that no...
Tom Gundersen [Mon, 25 Aug 2014 22:22:06 +0000 (00:22 +0200)]
sd-event: sd_event_prepare - stay in PREPARED if sd_event_wait() indicates that no sources are pending

10 years agosd-event: split run into prepare/wait/dispatch
Tom Gundersen [Fri, 15 Aug 2014 16:49:29 +0000 (18:49 +0200)]
sd-event: split run into prepare/wait/dispatch

This will allow sd-event to be integrated into an external event loop, which
in turn will allow (say) glib-based applications to use our various libraries,
without manually integrating each of them (bus, rtnl, dhcp, ...).

The external event-loop should integrate sd-event int he following way:

Every iteration must start with a call to sd_event_prepare(), which will
return 0 if no event sources are ready to be processed, a positive value if
they are and a negative value on error. sd_event_prepare() may only be called
following sd_event_dispatch(); a call to sd_event_wait() indicating that no
sources are ready to be dispatched; or a failed call to sd_event_dispatch() or
sd_event_wait().

A successful call to sd_event_prepare() indicating that no event sources are
ready to be dispatched must be followed by a call to sd_event_wait(),
which will return 0 if it timed out without event sources being ready to
be processed, a negative value on error and a positive value otherwise.
sd_event_wait() may only be called following a successful call to
sd_event_prepare() indicating that no event sources are ready to be dispatched.

If sd_event_wait() indicates that some events sources are ready to be
dispatched, it must be followed by a call to sd_event_dispatch(). This
is the only time sd_event_dispatch() may be called.

10 years agosystemctl: fix broken list-unit-files with --root
Lukas Nykryn [Mon, 25 Aug 2014 13:29:50 +0000 (15:29 +0200)]
systemctl: fix broken list-unit-files with --root

This patch modifies unit_file_get_list which will now return
hashmap of structures where f->path is *without* root_dir prefix.

This change should be ok, because current code either does not use
root_dir at all or calls basename() on the f->path.

10 years agoupdate TODO
Lennart Poettering [Fri, 22 Aug 2014 16:10:22 +0000 (18:10 +0200)]
update TODO

10 years agocore: split up "starting" manager state into "initializing" and "starting"
Lennart Poettering [Fri, 22 Aug 2014 16:07:18 +0000 (18:07 +0200)]
core: split up "starting" manager state into "initializing" and "starting"

We'll stay in "initializing" until basic.target has reached, at which
point we will enter "starting".

This is preparation so that we can change the startip timeout to only
apply to the first phase of startup, not the full procedure.

10 years agocore: introduce "poweroff" as new failure action types
Lennart Poettering [Fri, 22 Aug 2014 14:59:46 +0000 (16:59 +0200)]
core: introduce "poweroff" as new failure action types

Also, change the default action on a system start-up timeout to powering off.

10 years agoresolved: fix typo in log message
Lennart Poettering [Fri, 22 Aug 2014 14:58:25 +0000 (16:58 +0200)]
resolved: fix typo in log message

10 years agocore: print 'startup finished' messages even if we log to console
Lennart Poettering [Fri, 22 Aug 2014 14:41:00 +0000 (16:41 +0200)]
core: print 'startup finished' messages even if we log to console

10 years agocore: add support for a configurable system-wide start-up timeout
Lennart Poettering [Fri, 22 Aug 2014 14:36:38 +0000 (16:36 +0200)]
core: add support for a configurable system-wide start-up timeout

When this system-wide start-up timeout is hit we execute one of the
failure actions already implemented for services that fail.

This should not only be useful on embedded devices, but also on laptops
which have the power-button reachable when the lid is closed. This
devices, when in a backpack might get powered on by accident due to the
easily reachable power button. We want to make sure that the system
turns itself off if it starts up due this after a while.

When the system manages to fully start-up logind will suspend the
machine by default if the lid is closed. However, in some cases we don't
even get as far as logind, and the boot hangs much earlier, for example
because we ask for a LUKS password that nobody ever enters.

Yeah, this is a real-life problem on my Yoga 13, which has one of those
easily accessible power buttons, even if the device is closed.

10 years agomissing.h: add a cpp warning for __NR_memfd_create on MIPS
Daniel Mack [Fri, 22 Aug 2014 14:10:02 +0000 (16:10 +0200)]
missing.h: add a cpp warning for __NR_memfd_create on MIPS

10 years agomissing.h: add fake __NR_memfd_create for MIPS
Daniel Mack [Fri, 22 Aug 2014 13:39:36 +0000 (15:39 +0200)]
missing.h: add fake __NR_memfd_create for MIPS

We don't have the correct __NR_memfd_create syscall number yet, so set it to
0xffffffff for now to prevent compile time errors.

10 years agoshared: add MAXSIZE() and use it in resolved
David Herrmann [Fri, 22 Aug 2014 11:55:57 +0000 (13:55 +0200)]
shared: add MAXSIZE() and use it in resolved

The MAXSIZE() macro takes two types and returns the size of the larger
one. It is much simpler to use than MAX(sizeof(A), sizeof(B)) and also
avoids any compiler-extensions, unlike CONST_MAX() and MAX() (which are
needed to avoid evaluating arguments more than once). This was suggested
by Daniele Nicolodi <daniele@grinta.net>.

Also make resolved use this macro instead of CONST_MAX(). This enhances
readability quite a bit.

10 years agodbus1-generator: properly free the FILE*
Lennart Poettering [Fri, 22 Aug 2014 10:44:17 +0000 (12:44 +0200)]
dbus1-generator: properly free the FILE*

Also, rework the code to make use of fflush_and_check().

Issue discovered by Simon Danner.

10 years agoupdate TODO
Lennart Poettering [Thu, 21 Aug 2014 17:12:43 +0000 (19:12 +0200)]
update TODO

10 years agosystemctl: in list-unit-files, always show legend, even if we know about no unit...
Lennart Poettering [Thu, 21 Aug 2014 17:10:26 +0000 (19:10 +0200)]
systemctl: in list-unit-files, always show legend, even if we know about no unit files

10 years agoinstall: simplify usage of _cleanup_ macros
Lennart Poettering [Thu, 21 Aug 2014 17:08:30 +0000 (19:08 +0200)]
install: simplify usage of _cleanup_ macros

10 years agoservice: allow services of Type=oneshot that specify no ExecStart= commands
Lennart Poettering [Thu, 21 Aug 2014 16:50:42 +0000 (18:50 +0200)]
service: allow services of Type=oneshot that specify no ExecStart= commands

This is useful for services that simply want to run something on
shutdown, but not at bootup. They should only set ExecStop= but leave
ExecStart= unset.

10 years agoupdate TODO
Lennart Poettering [Thu, 21 Aug 2014 16:01:47 +0000 (18:01 +0200)]
update TODO

10 years agoservice: use the right timeout for stop processes we fork
Lennart Poettering [Thu, 21 Aug 2014 16:01:22 +0000 (18:01 +0200)]
service: use the right timeout for stop processes we fork

10 years agoexecute: explain in a comment, why close_all_fds() is invoked the second time differently
Lennart Poettering [Thu, 21 Aug 2014 15:35:19 +0000 (17:35 +0200)]
execute: explain in a comment, why close_all_fds() is invoked the second time differently

10 years agobus: when terminating our bus-actviated services that exit-on-idle send STOPPING...
Lennart Poettering [Thu, 21 Aug 2014 15:20:19 +0000 (17:20 +0200)]
bus: when terminating our bus-actviated services that exit-on-idle send STOPPING=1 via sd_notify()

This should fix a race where a service thatis idle drops its name, and
is immediately requested by another client, which causes dbus-daemon to
ask systemd to activate it again, but since systemd still assumes it is
running it won't do anything.

10 years agoupdate TODO
Lennart Poettering [Thu, 21 Aug 2014 15:20:00 +0000 (17:20 +0200)]
update TODO

10 years agonotify: send STOPPING=1 from our daemons
Lennart Poettering [Thu, 21 Aug 2014 15:19:28 +0000 (17:19 +0200)]
notify: send STOPPING=1 from our daemons

10 years agocore: allow informing systemd about service status changes with RELOADING=1 and STOPP...
Lennart Poettering [Thu, 21 Aug 2014 15:03:15 +0000 (17:03 +0200)]
core: allow informing systemd about service status changes with RELOADING=1 and STOPPING=1 sd_notify() messages

10 years agomanager: don#t dispatch sd_notify() messages and SIGCHLD multiple times to the same...
Lennart Poettering [Thu, 21 Aug 2014 14:52:41 +0000 (16:52 +0200)]
manager: don#t dispatch sd_notify() messages and SIGCHLD multiple times to the same units

10 years agomanager: reuse sockaddr_union instead of redefining our own version of it
Lennart Poettering [Thu, 21 Aug 2014 14:51:44 +0000 (16:51 +0200)]
manager: reuse sockaddr_union instead of redefining our own version of it

10 years agoservice,strv: introduce strv_find_startswith() and make use of it
Lennart Poettering [Thu, 21 Aug 2014 14:22:34 +0000 (16:22 +0200)]
service,strv: introduce strv_find_startswith() and make use of it

Unlike strv_find_prefix() the new call will return a pointer to the
suffix of the item we found, instead of the whole item. This is more
closer inline with what startswith() does, and allows us to simplify a
couple of invocations.

10 years agoservice: don't invoke functions at the same time as declaring variables
Lennart Poettering [Thu, 21 Aug 2014 14:20:17 +0000 (16:20 +0200)]
service: don't invoke functions at the same time as declaring variables

10 years agoservice: remove some pointless linebreaks, to make things more readable
Lennart Poettering [Thu, 21 Aug 2014 14:19:25 +0000 (16:19 +0200)]
service: remove some pointless linebreaks, to make things more readable

10 years agoservice: asynchronous_close() already checks for negative parameters, no need to...
Lennart Poettering [Thu, 21 Aug 2014 14:17:02 +0000 (16:17 +0200)]
service: asynchronous_close() already checks for negative parameters, no need to duplicate that

10 years agocore: unify how we generate the prefix string when dumping unit state
Lennart Poettering [Thu, 21 Aug 2014 14:15:49 +0000 (16:15 +0200)]
core: unify how we generate the prefix string when dumping unit state

10 years agoutil: make asynchronous_close() really work like an asynchronous version of safe_close()
Lennart Poettering [Thu, 21 Aug 2014 14:13:43 +0000 (16:13 +0200)]
util: make asynchronous_close() really work like an asynchronous version of safe_close()

Save/restore errno, like we do in safe_close(). And don't fork a thread
if the parameter is already negative.

10 years agoutil: simplify close_nointr() a bit
Lennart Poettering [Thu, 21 Aug 2014 14:13:15 +0000 (16:13 +0200)]
util: simplify close_nointr() a bit

10 years agoutil: change return value of startswith() to non-const
Lennart Poettering [Thu, 21 Aug 2014 14:10:59 +0000 (16:10 +0200)]
util: change return value of startswith() to non-const

This way we can use it on non-const strings, and don't end up with a
const'ified result.

This is similar to libc's strstr() which also takes a const string but
returns a non-const one.

10 years agoCODING_STYLE: document that we don't break lines at 80ch
Lennart Poettering [Thu, 21 Aug 2014 14:10:37 +0000 (16:10 +0200)]
CODING_STYLE: document that we don't break lines at 80ch

10 years agojournalctl: add "-t --identifier=STRING" option
Harald Hoyer [Tue, 19 Aug 2014 09:27:34 +0000 (11:27 +0200)]
journalctl: add "-t --identifier=STRING" option

This turns journalctl to the counterpart of systemd-cat.
Messages sent with

systemd-cat --identifier foo --prioritiy debug

can now be shown with

journalctl --identifier foo --prioritiy debug

"--identifier" is not merged with "--unit" to make a clear
distinction between syslog and systemd units.
syslog identifiers can be chosen freely by anyone.

10 years agosd-event: add API to access epoll_fd
Tom Gundersen [Fri, 15 Aug 2014 19:04:07 +0000 (21:04 +0200)]
sd-event: add API to access epoll_fd

This is a prerequisite for integrating sd-event into an external
event loop.

10 years agoresolved: write resolv.conf search - switch arguments
Tom Gundersen [Wed, 20 Aug 2014 13:56:14 +0000 (15:56 +0200)]
resolved: write resolv.conf search - switch arguments

Found by Lukáš Nykrýn.

10 years agojournal-upload: make sure that 'r' is initialized
Lukas Nykryn [Wed, 20 Aug 2014 13:13:06 +0000 (15:13 +0200)]
journal-upload: make sure that 'r' is initialized

10 years agoutil: return after freeing all members of array
Lukas Nykryn [Wed, 20 Aug 2014 13:02:09 +0000 (15:02 +0200)]
util: return after freeing all members of array

10 years agojournal-remote: remove unreachable code
Lukas Nykryn [Wed, 20 Aug 2014 12:51:27 +0000 (14:51 +0200)]
journal-remote: remove unreachable code

10 years agoresolved: fix which return codes we check
Lennart Poettering [Wed, 20 Aug 2014 12:47:35 +0000 (14:47 +0200)]
resolved: fix which return codes we check

Discovered by Lukas Nykryn

10 years agoresolved-dns-rr: fix typo
Lukas Nykryn [Wed, 20 Aug 2014 12:34:23 +0000 (14:34 +0200)]
resolved-dns-rr: fix typo

a->rrsig.type_covered != a->rrsig.type_covered" is always false
regardless of the values of its operands because those operands are identical.

10 years agomachine-id-setup: don't try to read UUID from VM/container manager if we operate...
Lennart Poettering [Wed, 20 Aug 2014 11:49:39 +0000 (13:49 +0200)]
machine-id-setup: don't try to read UUID from VM/container manager if we operate on a root directory that's not /

This should make sure no UUID from the host systemd-machine-id-setup is
running on leaks onto a disk image that is provisioned with the tool.

10 years agobuild: remove repeated KMOD section
Tom Gundersen [Wed, 20 Aug 2014 09:25:23 +0000 (11:25 +0200)]
build: remove repeated KMOD section

10 years agosystemctl: fail in the case that no unit files were found
Lukas Nykryn [Tue, 19 Aug 2014 18:53:29 +0000 (20:53 +0200)]
systemctl: fail in the case that no unit files were found

Previously systemctl died with message

-bash-4.2# systemctl --root /rawhi list-unit-files
(src/systemctl/systemctl.c:868) Out of memory.

in the case that no unit files were found in the --root
or the directory did not exist.

So lets return ENOENT in the case that --root does not exist
and empty list in the case that there are no unit files.

10 years agoCONST_MAX breaks gcc on fedora 20 with optimiztation v216
Lennart Poettering [Tue, 19 Aug 2014 22:57:17 +0000 (00:57 +0200)]
CONST_MAX breaks gcc on fedora 20 with optimiztation

10 years agobuild: include more optional modules in build string
Lennart Poettering [Tue, 19 Aug 2014 22:47:43 +0000 (00:47 +0200)]
build: include more optional modules in build string

10 years agoupdate hwdb
Lennart Poettering [Tue, 19 Aug 2014 22:38:39 +0000 (00:38 +0200)]
update hwdb

10 years agoindentation/spurious whitespace fixes
Lennart Poettering [Tue, 19 Aug 2014 22:18:04 +0000 (00:18 +0200)]
indentation/spurious whitespace fixes

10 years agojournal-upload: allow the tool to start
Lennart Poettering [Tue, 19 Aug 2014 22:17:46 +0000 (00:17 +0200)]
journal-upload: allow the tool to start

10 years agocmdline: for new tools avoid introduce new negative switches, and properly align...
Lennart Poettering [Tue, 19 Aug 2014 22:15:05 +0000 (00:15 +0200)]
cmdline: for new tools avoid introduce new negative switches, and properly align --help texts

Negative switches are a bad un-normalized thing. We alerady have some,
but we should try harder to avoid intrdoucing new ones.

Hence, instead of adding two switches:

        --foobar
        --no-foobar

Let's instead use the syntax

        --foobar
        --foobar=yes
        --foobar=no

Where the first two are equivalent. The boolean argument is parsed
following the usual rules.

Change all new negative switches this way.

This patch also properly aligns the --help table, so that single char
switches always get a column separate of the long switches.

10 years agoREADME: mention the new optional libidn dependency
Lennart Poettering [Tue, 19 Aug 2014 22:14:09 +0000 (00:14 +0200)]
README: mention the new optional libidn dependency

10 years agoupdate NEWS
Lennart Poettering [Tue, 19 Aug 2014 21:37:16 +0000 (23:37 +0200)]
update NEWS

10 years agoman: fix typos
Ronny Chevalier [Tue, 19 Aug 2014 21:21:43 +0000 (23:21 +0200)]
man: fix typos

10 years agoNEWS
Tom Gundersen [Tue, 19 Aug 2014 21:44:17 +0000 (23:44 +0200)]
NEWS

10 years agosysusers: initialize r
Thomas Hindoe Paaboel Andersen [Tue, 19 Aug 2014 21:27:44 +0000 (23:27 +0200)]
sysusers: initialize r

Needed for the stdin case where it could otherwise end up being used
uninitialized.

10 years agoNEWS: typo fixes
Thomas Hindoe Paaboel Andersen [Tue, 19 Aug 2014 21:10:53 +0000 (23:10 +0200)]
NEWS: typo fixes

10 years agoremove unused variables
Thomas Hindoe Paaboel Andersen [Tue, 19 Aug 2014 20:55:06 +0000 (22:55 +0200)]
remove unused variables

10 years agobuild-sys: update versions for upcoming release
Lennart Poettering [Tue, 19 Aug 2014 20:45:53 +0000 (22:45 +0200)]
build-sys: update versions for upcoming release

10 years agomemfd: escape the comm field we get from PR_GET_NAME, but assume everything else...
Lennart Poettering [Tue, 19 Aug 2014 20:35:04 +0000 (22:35 +0200)]
memfd: escape the comm field we get from PR_GET_NAME, but assume everything else is proper UTF8

10 years agoNEWS: fix minor nits
Daniel Mack [Tue, 19 Aug 2014 20:23:43 +0000 (22:23 +0200)]
NEWS: fix minor nits

10 years agomemfd: skip utf-8 escaping if we use a name that was passed in
Daniel Mack [Tue, 19 Aug 2014 20:08:54 +0000 (22:08 +0200)]
memfd: skip utf-8 escaping if we use a name that was passed in

If a name was passed in as function argument, trust it, and don't do utf-8
encoding for them. Callers are obliged to check the names themselves, and
escape them in case they use anything they got from the outside world.

10 years agosocket: suffix newly added TCP sockopt time properties with "Sec"
Lennart Poettering [Tue, 19 Aug 2014 19:57:37 +0000 (21:57 +0200)]
socket: suffix newly added TCP sockopt time properties with "Sec"

This is what we have done so far for all other time values, and hence we
should do this here. This indicates the default unit of time values
specified here, if they don't contain a unit.

10 years agoREADME: document what to do with the NSS modules
Lennart Poettering [Tue, 19 Aug 2014 19:55:10 +0000 (21:55 +0200)]
README: document what to do with the NSS modules

10 years agoprepare NEWS for next release
Lennart Poettering [Tue, 19 Aug 2014 19:53:43 +0000 (21:53 +0200)]
prepare NEWS for next release

10 years agomemfd: reduce name escaping logic to utf-8 checks
Daniel Mack [Tue, 19 Aug 2014 19:09:16 +0000 (21:09 +0200)]
memfd: reduce name escaping logic to utf-8 checks

As memfds are now created by proper kernel API, and not by our functions, we
can't rely on names being escaped/unescaped according to our current logic.

Thus, the only safe way is to remove the escaping and when reading names,
just escape names that are not properly encoded in UTF-8.

Also, remove assert(name) lines from the memfd creation functions, as we
explictly allow name to be NULL.

10 years agomemfd: simplify API
Lennart Poettering [Tue, 19 Aug 2014 17:39:16 +0000 (19:39 +0200)]
memfd: simplify API

Now, that the memfd stuff is not exported anymore, we can simplify a few
things:

Use assert() instead of assert_return(), since this is used internally
only, and we should be less permissive then.

No need to pass an allocated fd back by call-by-reference, we can just
directly return it.

10 years agoupdate TODO
Lennart Poettering [Tue, 19 Aug 2014 17:22:40 +0000 (19:22 +0200)]
update TODO

10 years agoRevert "socket: introduce SELinuxLabelViaNet option"
Lennart Poettering [Tue, 19 Aug 2014 17:16:08 +0000 (19:16 +0200)]
Revert "socket: introduce SELinuxLabelViaNet option"

This reverts commit cf8bd44339b00330fdbc91041d6731ba8aba9fec.

Needs more discussion on the mailing list.

10 years agotmpfiles: add new 'r' line type to add UIDs/GIDs to the pool to allocate UIDs/GIDs...
Lennart Poettering [Tue, 19 Aug 2014 17:05:11 +0000 (19:05 +0200)]
tmpfiles: add new 'r' line type to add UIDs/GIDs to the pool to allocate UIDs/GIDs from

This way we can guarantee a limited amount of compatibility with
login.defs, by generate an appopriate "r" line out of it, on package
installation.

10 years agonetworkd: don't consider deprecated or tentative addresses when determining operstate
Tom Gundersen [Tue, 19 Aug 2014 16:59:28 +0000 (18:59 +0200)]
networkd: don't consider deprecated or tentative addresses when determining operstate

https://bugs.freedesktop.org/show_bug.cgi?id=81287

10 years agosocket: introduce SELinuxLabelViaNet option
Michal Sekletar [Thu, 24 Jul 2014 08:40:28 +0000 (10:40 +0200)]
socket: introduce SELinuxLabelViaNet option

This makes possible to spawn service instances triggered by socket with
MLS/MCS SELinux labels which are created based on information provided by
connected peer.

Implementation of label_get_child_label derived from xinetd.

Reviewed-by: Paul Moore <pmoore@redhat.com>
10 years agonetworkd: netdev - add missing callback when adding stacked devices
Tom Gundersen [Tue, 19 Aug 2014 15:51:50 +0000 (17:51 +0200)]
networkd: netdev - add missing callback when adding stacked devices

As the comment says, the passed in callback must always be invoked, or the underlying link
will hang. This was missed when reworking the code, so add it back in.

10 years agonetworkd: link - don't enforce ENSLAVING state
Tom Gundersen [Tue, 19 Aug 2014 15:50:38 +0000 (17:50 +0200)]
networkd: link - don't enforce ENSLAVING state

We are only guaranteed to stay in ENSLAVING state whilst enslaving by bridges/bonds, not
when adding stacked devices (as then the underlying device can be IFF_UP'ed and configured
in parallel), so drop these asserts.

10 years agoupdate TODO
Lennart Poettering [Tue, 19 Aug 2014 14:47:37 +0000 (16:47 +0200)]
update TODO

10 years agoutil: remove unused FOREACH_WORD_SEPARATOR_QUOTED
Lennart Poettering [Tue, 19 Aug 2014 14:46:43 +0000 (16:46 +0200)]
util: remove unused FOREACH_WORD_SEPARATOR_QUOTED

10 years agosysusers: realign sysusers snippets
Lennart Poettering [Tue, 19 Aug 2014 14:40:02 +0000 (16:40 +0200)]
sysusers: realign sysusers snippets

10 years agosysusers: set home directory for root to /root
Lennart Poettering [Tue, 19 Aug 2014 14:38:43 +0000 (16:38 +0200)]
sysusers: set home directory for root to /root

10 years agosysusers: add another column to sysusers files for the home directory
Lennart Poettering [Tue, 19 Aug 2014 14:34:06 +0000 (16:34 +0200)]
sysusers: add another column to sysusers files for the home directory

10 years agonetworkd: fix use-after-free
Tom Gundersen [Tue, 19 Aug 2014 13:41:23 +0000 (15:41 +0200)]
networkd: fix use-after-free

Elements must be removed from the hashtable before they are freed.

10 years agoupdate TODO
Lennart Poettering [Tue, 19 Aug 2014 00:19:10 +0000 (02:19 +0200)]
update TODO

10 years agosysusers: add a new RPM macro for creating users directly from data passed in via...
Lennart Poettering [Tue, 19 Aug 2014 00:16:27 +0000 (02:16 +0200)]
sysusers: add a new RPM macro for creating users directly from data passed in via stdin

This allows encoding users to create directly in %pre, which is
necessary so that files owned by the RPM can be assigned to the right
users/groups.

This new macro does create a redundancy, as user definitions for all
users that shall own files need to to be listed twice, once with this
new macro, and then secondly, in the sysusers file shipped with the
package. But there's little way around that, as the users of this type
need to exist before we install the first file, but we actually want to
ship the user information in a file.

10 years agosysusers: optionally, read sysuers configuration from standard input
Lennart Poettering [Tue, 19 Aug 2014 00:14:32 +0000 (02:14 +0200)]
sysusers: optionally, read sysuers configuration from standard input