Adrian Szyndela [Mon, 10 Feb 2020 16:00:05 +0000 (17:00 +0100)]
Revert "sd-bus: drop match cookie concept"
This reverts commit
532f808fd15ec2cd91777ab3ad9afce2670ebac5.
There are people somewhere that need kdbus.
Change-Id: I33e47f0b81edb2ec834675fd3183a485d25920b7
Adrian Szyndela [Mon, 10 Feb 2020 15:40:29 +0000 (16:40 +0100)]
Revert "Drop busname unit type"
This reverts commit
4bc5d27b942afa83cc3d95debd2ad48d42ac07a8.
There are people somewhere that need kdbus.
Change-Id: Ib2d05f88171718c07e7de06409a1c224230e7a8d
Adrian Szyndela [Mon, 10 Feb 2020 15:38:07 +0000 (16:38 +0100)]
Revert "Drop bus-policy bits"
This reverts commit
a6c97fc460e1e6bfd491262530057f876f6b20d1.
There are people somewhere that need kdbus.
Change-Id: I92a54bc8695a39cd39513e606d3685d085e09b16
Adrian Szyndela [Mon, 10 Feb 2020 15:29:58 +0000 (16:29 +0100)]
Revert "Drop kdbus bits"
This reverts commit
a132bef0239e6c3f04096eee3a00c7ecf24a4f5c.
There are people somewhere that need kdbus.
Change-Id: I5a1f09485c524d47ef8ae53712d5fb77949bc7fa
Adrian Szyndela [Mon, 17 Feb 2020 12:23:57 +0000 (13:23 +0100)]
Merge v235 into tizen
Change-Id: Iafcca23df73f2694eda50a97771acac4b7996f30
Lennart Poettering [Tue, 15 Jan 2019 23:13:38 +0000 (00:13 +0100)]
(backport) strv: rework FOREACH_STRING() macro
So it's apparently problematic that we use STRV_MAKE() (i.e. a compound
initializer) outside of the {} block we use it in (and that includes
outside of the ({}) block, too). Hence, let's rework the macro to not
need that.
This also makes the macro shorter, which is definitely a good and more
readable. Moreover, it will now complain if the iterator is a "char*"
instead of a "const char*", which is good too.
Fixes: #11394
Change-Id: Ibc21cdd5583c3b6a079b8691bbac5e076819432a
Adrian Szyndela [Thu, 6 Feb 2020 10:34:25 +0000 (11:34 +0100)]
Revert "build-sys: drop last reference to --have-kdbus"
This reverts commit
2acaa3789a417290154ca9e18354e7a930b37dfb.
Adrian Szyndela [Thu, 6 Feb 2020 10:34:11 +0000 (11:34 +0100)]
Revert "man: drop kdbus descriptions from sd_b_negotiate_fds(3)"
This reverts commit
ba612f4204230a9a63e18c42e20b47ed09da675e.
Khem Raj [Mon, 17 Dec 2018 04:53:38 +0000 (20:53 -0800)]
(backport) sysctl: Don't pass null directive argument to '%s'
value pointer here is always NULL but subsequent use of that pointer
with a %s format will always be NULL, printing p instead would be a
valid string
Change-Id: Ib74f46d69eaf5e3d149523d53beef1f060a5fc16
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Patrick Uiterwijk [Thu, 22 Feb 2018 18:41:30 +0000 (19:41 +0100)]
(backport) Fix format-truncation compile failure by typecasting USB IDs (#8250)
This patch adds safe_atoux16 for parsing an unsigned hexadecimal 16bit int, and
uses that for parsing USB device and vendor IDs.
This fixes a compile error with gcc-8 because while we know that USB IDs are 2 bytes,
the compiler does not know that.
../src/udev/udev-builtin-hwdb.c:80:38: error: '%04X' directive output may be
truncated writing between 4 and 8 bytes into a region of size between 2 and 6
[-Werror=format-truncation=]
Change-Id: I40b2eb8b424c57ba430b217ebead2fc5d67bbb14
Signed-off-by: Adam Williamson <awilliam@redhat.com>
Signed-off-by: Patrick Uiterwijk <puiterwijk@redhat.com>
Zbigniew Jędrzejewski-Szmek [Fri, 23 Feb 2018 10:12:19 +0000 (11:12 +0100)]
(backport) udev/net-id: check all snprintf return values
gcc-8 throws an error if it knows snprintf might truncate output and the
return value is ignored:
../src/udev/udev-builtin-net_id.c: In function 'dev_pci_slot':
../src/udev/udev-builtin-net_id.c:297:47: error: '%s' directive output may be truncated writing up to 255 bytes into a region of size between 0 and 4095 [-Werror=format-truncation=]
snprintf(str, sizeof str, "%s/%s/address", slots, dent->d_name);
^~
../src/udev/udev-builtin-net_id.c:297:17: note: 'snprintf' output between 10 and 4360 bytes into a destination of size 4096
snprintf(str, sizeof str, "%s/%s/address", slots, dent->d_name);
^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
cc1: some warnings being treated as errors
Let's check all return values. This actually makes the code better, because there's
no point in trying to open a file when the name has been truncated, etc.
Change-Id: I52c289a5e4d660c999383ee628c596e00c30af21
Khem Raj [Mon, 17 Dec 2018 04:58:35 +0000 (20:58 -0800)]
(backport) core: Fix use after free case in load_from_path()
ensure that mfree() on filename is called after the logging function
which uses the string pointed by filename
Change-Id: I126ff9068ff62ab658cafb80f0c8c12398e321ba
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Hans-Christian Noren Egtvedt [Mon, 25 Sep 2017 14:39:32 +0000 (16:39 +0200)]
(backport) sd-radv: avoid redefinition of struct in6_addr
Both netinet/icmp6.h and linux/in6.h will define struct in6_addr, and in
user space we want to use the netinet/icmp6.h variant.
Fixes build problem:
In file included from src/libsystemd-network/sd-radv.c:23:0:
/home/hegtvedt/work/os/product/sunrise/root/_build/v2/include/linux/in6.h:30:8:
error: redefinition of 'struct in6_addr'
Change-Id: I5e36d3a8a2f73681241436ab02fec4440a6a1902
Zbigniew Jędrzejewski-Szmek [Sun, 19 Aug 2018 17:11:30 +0000 (19:11 +0200)]
(backport) meson: rename -Ddebug to -Ddebug-extra
Meson added -Doptimization and -Ddebug options, which obviously causes
a conflict with our -Ddebug options. Let's rename it.
Fixes #9883.
Change-Id: Ie9b822d6b18b551c56158447cc042faceb805842
Zbigniew Jędrzejewski-Szmek [Sun, 8 Jul 2018 13:14:46 +0000 (15:14 +0200)]
(backport) meson: allow systemd.directives and .index to be built if -Dman=false
See
559d215b6733bb46533a52080522a7feca183aa8 for justification.
Change-Id: I1355f202ffc0492203b28fa23fe33601fc6c31cb
Zbigniew Jędrzejewski-Szmek [Fri, 24 Nov 2017 13:00:29 +0000 (14:00 +0100)]
(backport) meson: restore building of man pages on demand even if -Dman=false
I want to configure -Dman=false for speed, but be able to build a specific
man page sometimes to check my edits. Commit
5b316b9ea6c broke this by mistake.
Let's adjust the condition to better match the logic of disabling tests only
if xsltproc is really not found.
Change-Id: Ife24351843f33a8e9da503fdba437e7acf513ad6
Adrian Szyndela [Thu, 6 Feb 2020 08:39:24 +0000 (09:39 +0100)]
Revert "pid1: drop kdbus_fd and all associated logic"
This reverts commit
232f6754f60ae803c992ca156cbc25fa80a5b9db.
Change-Id: Icf5b83d52cca35e6576850698c7aec15b6a42fe9
Adrian Szyndela [Wed, 5 Feb 2020 11:35:36 +0000 (12:35 +0100)]
Merge v234 into tizen
Change-Id: If676fe909a40eadc60ee5ff023abe4ee2c64b44e
Adrian Szyndela [Tue, 25 Feb 2020 15:51:26 +0000 (16:51 +0100)]
tests: correct test-bus-benchmark test name
Additionally, move the entry to the alphabetically correct position after
the name change.
Change-Id: I348bae84a948eb35cfcb9858465156c66b6f01eb
Adrian Szyndela [Tue, 25 Feb 2020 15:36:28 +0000 (16:36 +0100)]
Revert "sd-bus: don't assert() on valid signatures"
This reverts commit
ce8057d08863785b3d4b1b398ce848d42200a913.
This commit added excess 'append'. It caused assert in tests
due to not enough 'read's.
Change-Id: I27e1cb2acbe4a086fde15810ef132d1747ee8d81
Hyotaek Shim [Mon, 17 Feb 2020 04:54:18 +0000 (13:54 +0900)]
Increase the max number of INotify instances per real user ID
Change-Id: I49a2ed1881d03def82be5a83ae5b6eb0db01ce6c
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
INSUN PYO [Wed, 22 Jan 2020 02:21:43 +0000 (11:21 +0900)]
Exclude systemd-remount-fs.service
Change-Id: I653420164edb44a7a941f5c98887dc3ee6d4852e
Hyotaek Shim [Thu, 9 Jan 2020 09:23:18 +0000 (18:23 +0900)]
Apply priv_keygrab:r ACL rule to /dev/input
Change-Id: I8174ccd81aa3970a76a6f3680234dae77d920429
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Zbigniew Jędrzejewski-Szmek [Wed, 21 Feb 2018 13:04:50 +0000 (14:04 +0100)]
missing_syscall: when adding syscall replacements, use different names (#8229)
In meson.build we check that functions are available using:
meson.get_compiler('c').has_function('foo')
which checks the following:
- if __stub_foo or __stub___foo are defined, return false
- if foo is declared (a pointer to the function can be taken), return true
- otherwise check for __builtin_memfd_create
_stub is documented by glibc as
It defines a symbol '__stub_FUNCTION' for each function
in the C library which is a stub, meaning it will fail
every time called, usually setting errno to ENOSYS.
So if __stub is defined, we know we don't want to use the glibc version, but
this doesn't tell us if the name itself is defined or not. If it _is_ defined,
and we define our replacement as an inline static function, we get an error:
In file included from ../src/basic/missing.h:1358:0,
from ../src/basic/util.h:47,
from ../src/basic/calendarspec.h:29,
from ../src/basic/calendarspec.c:34:
../src/basic/missing_syscall.h:65:19: error: static declaration of 'memfd_create' follows non-static declaration
static inline int memfd_create(const char *name, unsigned int flags) {
^~~~~~~~~~~~
.../usr/include/bits/mman-shared.h:46:5: note: previous declaration of 'memfd_create' was here
int memfd_create (const char *__name, unsigned int __flags) __THROW;
^~~~~~~~~~~~
To avoid this problem, call our inline functions different than glibc,
and use a #define to map the official name to our replacement.
Fixes #8099.
v2:
- use "missing_" as the prefix instead of "_"
v3:
- rebase and update for statx()
Unfortunately "statx" is also present in "struct statx", so the define
causes issues. Work around this by using a typedef.
I checked that systemd compiles with current glibc
(glibc-devel-2.26-24.fc27.x86_64) if HAVE_MEMFD_CREATE, HAVE_GETTID,
HAVE_PIVOT_ROOT, HAVE_SETNS, HAVE_RENAMEAT2, HAVE_KCMP, HAVE_KEYCTL,
HAVE_COPY_FILE_RANGE, HAVE_BPF, HAVE_STATX are forced to 0.
Setting HAVE_NAME_TO_HANDLE_AT to 0 causes an issue, but it's not because of
the define, but because of struct file_handle.
(backported from commit
5187dd2c403caf92d09f3491e41f1ceb3f10491f)
Change-Id: I46ed455f1d0a7c6eacd69b04f22deb756cc7590f
Matija Skala [Wed, 15 Mar 2017 12:21:10 +0000 (13:21 +0100)]
fix includes
linux/sockios.h is needed for the SIOCGSTAMPNS macro
xlocale.h is included indirectly in glibc and doesn't even exist in
other libcs
(cherry picked from commit
284d1cd0a12cad96a5ea61d1afb0dd677dbd147e)
Change-Id: I4c0c42b0a58fb79b165ac168a9ced6bca8e07152
Zbigniew Jędrzejewski-Szmek [Wed, 1 Feb 2017 00:55:33 +0000 (19:55 -0500)]
nss-util: silence warning about deprecated RES_USE_INET6
src/nss-resolve/nss-resolve.c: In function ‘_nss_resolve_gethostbyname_r’:
src/nss-resolve/nss-resolve.c:680:13: warning: RES_USE_INET6 is deprecated
NSS_GETHOSTBYNAME_FALLBACKS(resolve);
^~~~~~~~~~~~~~~~~~~~~~~~~
In glibc bz #19582, RES_USE_INET6 was deprecated. This might make sense for
clients, but they didn't take into account nss module implementations which
*must* continue to support the option. glibc internally defines
DEPRECATED_RES_USE_INET6 which can be used without emitting a warning, but
it's not exported publicly. Let's do the same, and just copy the definition
to our header.
(cherry picked from commit
6154d33de3f15bbd5d5df718103af9c37ba0a768)
Change-Id: Ib3c91b6752800385429c51a95572a3b2b1d31ad3
Mateusz Moscicki [Mon, 18 Nov 2019 13:39:07 +0000 (14:39 +0100)]
core: be stricter when handling PID files and MAINPID sd_notify() messages
Let's be more restrictive when validating PID files and MAINPID=
messages: don't accept PIDs that make no sense, and if the configuration
source is not trusted, don't accept out-of-cgroup PIDs. A configuratin
source is considered trusted when the PID file is owned by root, or the
message was received from root.
This should lock things down a bit, in case service authors write out
PID files from unprivileged code or use NotifyAccess=all with
unprivileged code. Note that doing so was always problematic, just now
it's a bit less problematic.
When we open the PID file we'll now use the CHASE_SAFE chase_symlinks()
logic, to ensure that we won't follow an unpriviled-owned symlink to a
privileged-owned file thinking this was a valid privileged PID file,
even though it really isn't.
Fixes: #6632
(cherry picked from commit
db256aab13d8a89d583ecd2bacf0aca87c66effc)
Resolves: #1663143
Change-Id: Id91df4fb9e46224a12dc6c260a1c3b8a9e4cc553
Mateusz Moscicki [Mon, 18 Nov 2019 12:23:52 +0000 (13:23 +0100)]
notify: add new --uid= command
The new --uid= switch allows selecting the UID from which the
notificaiton messages shall originate.
This is primarily useful for testing purposes, but might have other
uses.
(cherry picked from commit:
65c6b99094580afa186199d8091cd7536900526c)
Change-Id: I1531bb34818ef8daa3eb8a7c8e973ef9d4aa1ba1
Mateusz Moscicki [Mon, 18 Nov 2019 11:42:23 +0000 (12:42 +0100)]
sd-dameon: also sent ucred when our UID differs from EUID
Let's be explicit, and always send the messages from our UID and never
our EUID. Previously this behaviour was conditionalized only on whether
the PID was specified, which made this non-obvious.
(cherry picked from commit
9e1d021ee3f147486c5cfac69b3cbf6f4b36eb79)
Change-Id: I732ce2169e00f2f5fe8e7f7403d6f31dc66842a2
Mateusz Moscicki [Wed, 20 Nov 2019 13:52:46 +0000 (14:52 +0100)]
fs-util: add new chase_symlinks() flag CHASE_OPEN
The new flag returns the O_PATH fd of the final component, which may be
converted into a proper fd by open()ing it again through the
/proc/self/fd/xyz path.
Together with O_SAFE this provides us with a somewhat safe way to open()
files in directories potentially owned by unprivileged code, where we
want to refuse operation if any symlink tricks are played pointing to
privileged files.
(cherry picked from commit
1ed34d75d4f21d2335c5625261954c848d176ae6)
Change-Id: I5e5ce0affec97e4d19483b4f534db99f4f950f89
Related: #1663143
Mateusz Moscicki [Wed, 20 Nov 2019 13:34:23 +0000 (14:34 +0100)]
fs-util: add new CHASE_SAFE flag to chase_symlinks()
When the flag is specified we won't transition to a privilege-owned
file or directory from an unprivileged-owned one. This is useful when
privileged code wants to load data from a file unprivileged users have
write access to, and validates the ownership, but want's to make sure
that no symlink games are played to read a root-owned system file
belonging to a different context.
(cherry picked from commit
f14f1806e329fe92d01f15c22a384702f0cb4ae0)
Change-Id: I86dfede53114a23d708744a9c47abc9eaf05a8d1
Related: #1663143
Mateusz Moscicki [Wed, 13 Nov 2019 15:32:24 +0000 (16:32 +0100)]
backport chase_symlinks
Related: #1663143
Change-Id: I57d945a208ade174c89ea2736357d8bce541a46f
Zbigniew Jędrzejewski-Szmek [Thu, 29 Sep 2016 14:06:02 +0000 (16:06 +0200)]
pid1: process zero-length notification messages again
This undoes
531ac2b234. I acked that patch without looking at the code
carefully enough. There are two problems:
- we want to process the fds anyway
- in principle empty notification messages are valid, and we should
process them as usual, including logging using log_unit_debug().
CVE-2016-7795
Change-Id: I1dfb10c7a3ffeb7a5ed9d0ace4a94bee36c846b4
INSUN PYO [Tue, 5 Nov 2019 02:51:19 +0000 (11:51 +0900)]
logind: change the power key to disabled
Tizen does not support power off without deviced.
So, you need to turn off the power key function in logind.
1. Disable TAG+="power-switch" uevent rules because logind uses "power-switch" uevent to recognize the power key.
2. Change default behavior for power key to ignore.
Change-Id: I0523d4cc46ce2edd05e479e9101c6d20f70b4296
Hyotaek Shim [Mon, 7 Oct 2019 11:43:04 +0000 (20:43 +0900)]
Remove the smack exec label of busctl
Change-Id: Iaab47bd04b0c480fa2c2e9e5deeeded9d461c4b4
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Hyungju Lee [Tue, 10 Sep 2019 02:06:08 +0000 (11:06 +0900)]
Change smack label of /dev/full from '_' to '*'
Change-Id: I706f14f7e8d767b0d7904a08e793f424c47e001b
Hyotaek Shim [Thu, 22 Aug 2019 11:46:11 +0000 (20:46 +0900)]
Add dbus policy for org.tizen.system.BootingDone
Change-Id: I8f0bd7887b5f1cbd7637c00e03240e4d5e09e4c7
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Yunmi Ha [Tue, 20 Aug 2019 08:06:57 +0000 (08:06 +0000)]
Revert "tizen: Add additional units for "unified" user session"
This reverts commit
a2a4073acee7935040cc25380d4f51010903d9ca.
We've optimized systemd-user without unified system/session.
So, we revert the patch for unified system/session.
Change-Id: I11f6a43185aa3531c05787226a896d4a76cf2e11
Paweł Szewczyk [Fri, 26 Jul 2019 08:48:24 +0000 (10:48 +0200)]
Use separate udev tag for devices in user session
The system-user tag can be used to mark devices that will be enumerated by
systemd in 'systemd --user' instance.
Change-Id: I5889f50df6c329de36c2544ee5cf1ba1c52ad433
Signed-off-by: Paweł Szewczyk <p.szewczyk@samsung.com>
INSUN PYO [Fri, 19 Jul 2019 08:23:57 +0000 (17:23 +0900)]
Rework delayed.target
start delayed.service --> finish default.target --> start all of delayed.service -->
finish delayed.target --> StartupFinished
Change-Id: I2f291ea8b5f535157eec4f105f2c37b0cea448c9
INSUN PYO [Wed, 26 Jun 2019 00:12:45 +0000 (09:12 +0900)]
Change the config value of the "RemainAfterExit=" ("true" -> "yes")
Change-Id: I56db28be6f0cecd0562ba8db6bb1d4af0b1a3b7b
INSUN PYO [Fri, 7 Jun 2019 06:30:41 +0000 (15:30 +0900)]
Add delayed target
Change-Id: I0527d1387500c699be0fbc319c702a77d9ae587b
INSUN PYO [Mon, 29 Apr 2019 02:48:02 +0000 (11:48 +0900)]
Remove container feature
Change-Id: Ie6c5459f4cb6cafe55bdddf8b1857862ec64c967
INSUN PYO [Wed, 13 Mar 2019 05:42:46 +0000 (14:42 +0900)]
Revert: Description : Adding new interfaces related to user information.
Container feature is removed.
So functions associated with the container user should also be removed.
Change-Id: I862eeacdcc3148be8ac2e66a8de47b240d55b2e2
Mateusz Moscicki [Thu, 25 Apr 2019 10:17:53 +0000 (12:17 +0200)]
tizen: Add additional units for "unified" user session
The unified user session is about moving user session units, managed by
systemd --user, to main systemd, where it's managed as part of newly
created user@.target.
user@.target will contain same units as previously available in user/,
with same UID and environment setup. systemd instance is used for unit
to be able to specify UID (inherited from user@.target).
The rationale behind this work is following:
* VD requirement to remove user session support
* boot time optimization requirements, due to:
+ 'systemd --user' taking 1s its own startup that could be used for
unit startup
+ ability to better rearrange units if these managed by one systemd
instance
Unit installed by this commit will not be used till user login mechanism
will be changed in systemd package (via changing pam_systemd to start
user@.target, rather than user@.service).
Change-Id: I6c9512fda4c0c4275d78a6ca71372debc4d7e96e
Hyotaek Shim [Wed, 8 May 2019 11:55:31 +0000 (20:55 +0900)]
Change the default smack label of /dev
(Before)
smack access label: *
default access label: _
(After)
smack access label: *
default access label: *
Change-Id: Iffd4793655a8080501388d40a2f812269b8613cb
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Cheoleun Moon [Fri, 19 Apr 2019 07:31:03 +0000 (16:31 +0900)]
Add SECLABEL for /dev/net/tun
Change smack label of /dev/net/tun to *
Change-Id: Ie3c7d4e908a077064cb4d5ba5e4e082a7409da64
Signed-off-by: Cheoleun Moon <chleun.moon@samsung.com>
INSUN PYO [Tue, 16 Apr 2019 04:25:07 +0000 (13:25 +0900)]
Revert "core: fix the CGROUP spawning error as a workaround"
This reverts commit
adce88455e758166ad4f2103724cd34c11c5f141.
Change-Id: Ie76d6183f8f5966fa9187666a5777c1c50926353
INSUN PYO [Mon, 15 Apr 2019 11:13:25 +0000 (20:13 +0900)]
Fixed an incorrect parameter passing to the log function.
Change-Id: I5274fd466e79b7773c4903fcfc17f89b3e5cad53
Hyotaek Shim [Mon, 15 Apr 2019 07:08:10 +0000 (16:08 +0900)]
Enable stack protection option, -fstack-clash-protection
http://suprem.sec.samsung.net/jira/browse/SATIZENVUL-1930
http://suprem.sec.samsung.net/jira/browse/SATIZENVUL-1933
Change-Id: I0c3292fd0d7fdd69a1aa902a1e9d8b75a6f11d87
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
INSUN PYO [Mon, 11 Mar 2019 12:27:22 +0000 (21:27 +0900)]
Revert: Mv /etc/systemd/{system,user} to /opt/etc/systemd/
No more modules to modify /etc/systemd.
Change-Id: I39d5303a79201bf9573b83c66b5c64232e67ffae
Yu Watanabe [Fri, 10 Aug 2018 02:07:54 +0000 (11:07 +0900)]
journal: do not remove multiple spaces after identifier in syslog message
Single space is used as separator.
C.f. discussions in #156.
Fixes #9839 introduced by
a6aadf4ae0bae185dc4c414d492a4a781c80ffe5.
Change-Id: I2cabac6e0d99634aeb148b4d7698a67d84b546dd
Yu Watanabe [Wed, 8 Aug 2018 06:06:36 +0000 (15:06 +0900)]
journal: fix syslog_parse_identifier()
Fixes #9829.
Change-Id: I6d48464ad02397990973c93153cdbf2e0a6e26cd
sanghyeok.oh [Tue, 29 Jan 2019 07:19:49 +0000 (16:19 +0900)]
busctl: set execute label as 'System'
Change-Id: Id76f4cc5c2ab52c61355033fb4bcf8681d2cedbf
Signed-off-by: sanghyeok.oh <sanghyeok.oh@samsung.com>
Hyotaek Shim [Fri, 25 Jan 2019 08:50:42 +0000 (17:50 +0900)]
Minor fix regarding "update-alternatives --remove systemd-shutdown.."
Change-Id: I33510d36510a468c9fa67265f3ba3e73934080a0
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Karol Lewandowski [Wed, 9 Jan 2019 15:16:19 +0000 (16:16 +0100)]
tizen: Allow replacing systemd-shutdown
This will be used by deviced to install custom shutdown handler.
Change-Id: I1f921fbae7d05f9ba937bb68cfa997a310407484
INSUN PYO [Tue, 15 Jan 2019 05:19:43 +0000 (14:19 +0900)]
dbus1-generator: Fixed the problem of passing NULL argument to strcmp
If /usr/share/dbus-1/[system-]services does not have "Exec=" field, "exec" variable is NULL.
Passing NULL to strcmp, "Segmentation fault" occurs.
Change-Id: I04fa32d97452ab97dfd4cf4ec70a670fe96a2c09
Paweł Szewczyk [Fri, 30 Nov 2018 11:35:23 +0000 (12:35 +0100)]
fd-util: Fix error handling in safe_fclose
Function fclose_nointr returns negative value on error.
Change-Id: I881469ed78037d531d73e41c77b57aab004a713a
Signed-off-by: Paweł Szewczyk <p.szewczyk@samsung.com>
Karol Lewandowski [Wed, 21 Nov 2018 14:40:31 +0000 (15:40 +0100)]
Revert "Revert "tizen: All logins should use User::Shell smack label""
This reverts commit
c2d66807f77cd0607bf6d961d2cb11b64f7a97c5.
The problem was in security-config package that removed the service
file during image creation stage. The removal was caused by change
(SmackProcessLabel=) that didn't match its own "saved" policy.
Change-Id: I2680299ae1ea1920538f284a9e6c229d8b71f5c1
Hyotaek Shim [Mon, 19 Nov 2018 06:47:58 +0000 (06:47 +0000)]
Merge "Revert "tizen: All logins should use User::Shell smack label"" into tizen
Hyotaek Shim [Mon, 19 Nov 2018 06:44:39 +0000 (06:44 +0000)]
Revert "tizen: All logins should use User::Shell smack label"
This reverts commit
b94ec26c22938d9d83642732e3642b677bedbeb0.
Change-Id: I44c10ed7b75dc738fad7ef2df5c0ca1d50f22c1f
Hyotaek Shim [Fri, 16 Nov 2018 00:22:26 +0000 (00:22 +0000)]
Merge "tizen: All logins should use User::Shell smack label" into tizen
Karol Lewandowski [Thu, 15 Nov 2018 13:02:51 +0000 (14:02 +0100)]
tizen: All logins should use User::Shell smack label
Change-Id: I8c0e7de59689aa83bd0273af4a66dd7a8f823ec9
Michal Bloch [Mon, 5 Nov 2018 14:26:39 +0000 (15:26 +0100)]
Remove kdbus interface header
kdbus.h is now provided with other linux kernel headers.
Change-Id: Ida7d06aa1f27d88040f949fffd73f0d6cfd5f23e
Signed-off-by: Michal Bloch <m.bloch@samsung.com>
Hyotaek Shim [Thu, 1 Nov 2018 04:38:43 +0000 (13:38 +0900)]
core: don't drop timer expired but not yet processed when system date is changed
There is difference between time set by the user and real elapsed time because of accuracy feature.
If you change the system date(or time) between these times, the timer drops.
You can easily reproduce it with the following command.
-----------------------------------------------------------
$ systemd-run --on-active=3s ls; sleep 3; date -s "`date`"
-----------------------------------------------------------
In the following command, the problem is rarely reproduced. But it exists.
---------------------------------------------------------------------------------------------
$ systemd-run --on-active=3s --timer-property=AccuracySec=1us ls ; sleep 1; date -s "`date`"
---------------------------------------------------------------------------------------------
Note : Global AccuracySec value.
----------------------------------------------------------------------
$ cat /etc/systemd/system.conf
DefaultTimerAccuracySec=1min
----------------------------------------------------------------------
Origin source: https://github.com/systemd/systemd/commit/
fee04d7f3ab810e99b97535ca5fda2f9517acda9
Change-Id: Ibaaa89bec9c55f43336388ee85f07b89c1a50ea4
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Hyotaek Shim [Mon, 29 Oct 2018 06:58:49 +0000 (15:58 +0900)]
Remove unused bluetooth.target
Change-Id: I0ecbde7c179056840f34b05152d7dfaee48a6c0e
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Paweł Szewczyk [Fri, 5 Oct 2018 12:48:39 +0000 (14:48 +0200)]
socket: Serialize auxiliary file descriptors
When socket is serialized/deserialized it's important to keep all file
descriptors. This commit adds the serialization of auxiliary fds.
For now, only ffs sockets are using auxiliary descriptors.
Change-Id: I5fea0152fee51560e160fe5df4806b55a5b369d6
Signed-off-by: Paweł Szewczyk <p.szewczyk@samsung.com>
Adrian Szyndela [Fri, 21 Sep 2018 14:11:05 +0000 (16:11 +0200)]
D-Bus policy configs: fixed rules
Removed duplicate rules in all three configs, and specified proper sender
for receiving ActivationRequest signal in org.freedesktop.systemd1.conf.
Change-Id: I550c07ede30a0bb70a9bb3ca00d5771e1722826b
pr.jung [Fri, 21 Sep 2018 01:11:27 +0000 (01:11 +0000)]
Merge "Remove build warnings" into tizen
pr.jung [Mon, 17 Sep 2018 06:39:43 +0000 (15:39 +0900)]
Remove build warnings
- Add TIZEN_JOURNALD_KMSG
- Print kmsg log on dlogutil because journald is heavier than dlogutil
Change-Id: I763cfccbb0d877c52d8448de4a50966a33c84981
Signed-off-by: pr.jung <pr.jung@samsung.com>
Hyotaek Shim [Wed, 5 Sep 2018 09:23:10 +0000 (18:23 +0900)]
Set the smack label of executable binary tools
Apps (3rd party and even in-house Apps) are not permitted to run systemd tools directly.
User System::Tools rx
User::Shell System::Tools rx
System::TEF System::Tools rx
System::Privileged System::Tools rx
System System::Tools rx
Change-Id: I55a9b00a6ec0583d4673d9a41cdda7fbd9e23310
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Anchor Cat [Wed, 10 May 2017 11:23:58 +0000 (21:23 +1000)]
automount: ack automount requests even when already mounted
If a process accesses an autofs filesystem while systemd is in the
middle of starting the mount unit on top of it, it is possible for the
autofs_ptype_missing_direct request from the kernel to be received after
the mount unit has been fully started:
systemd forks and execs mount ...
... access autofs, blocks
mount exits ...
systemd receives SIGCHLD ...
... kernel sends request
systemd receives request ...
systemd needs to respond to this request, otherwise the kernel will
continue to block access to the mount point.
Cherry-picked from https://github.com/systemd/systemd/commit/
e7d54bf58789545a9eb0b3964233defa0b007318
Change-Id: Ibacc2c0ffee32846321864987324763214648732
(cherry picked from commit
5ccd5b2efc60d9f775a812878528f06b01189da5)
Adrian Szyndela [Fri, 6 Jul 2018 09:07:10 +0000 (11:07 +0200)]
busctl: eliminated some warnings
Eliminated const and casting warnings, along with a declaration
order warning.
Change-Id: I031a5d3d7bab61a2ec7afc6262eb12af159a74c8
Adrian Szyndela [Sat, 14 May 2016 20:10:22 +0000 (22:10 +0200)]
busctl: add usage of Monitoring interface for non-kernel connections
This commit is loosely based on Lars Uebernickel's commit
(reverted in
8f2f0ffe8246) in a way that it takes
his implementation of calling the Monitoring interface.
Unfortunately the original commit broke kernel connections. That's why
this commit makes it different for kernel and non-kernel connections.
To make it cleaner, preparing connections is extracted to separate
functions.
From Lars Uebernickel's original commit message - about Monitoring interface:
This is now the recommended way to do monitoring by upstream D-Bus.
It's also allowed in the default policy, whereas eavesdrop is not
anymore, which effectively broke busctl on many systems.
Change-Id: I886fff5a3ec49df6aab26b217d881f249591ca9a
Hyotaek Shim [Wed, 27 Jun 2018 10:47:30 +0000 (19:47 +0900)]
Revert "resolved: apply epoch to system time from PID 1"
This reverts commit
021dd87bc055a5bfb2dcef83fc868fe24648b959.
In Tizen Watch products, users can set the RTC as they want, even to the past.
Here, it has been observed that the system clock is reset every booting.
For instance,
1) After a boot, Kernel RTC is 2018-01-02.
2) Since the system clock initialized by RTC is 2018-01-02 is less than 2018-06-27 (TIME_EPOCH_USEC),
Systemd resets the system clock as TIME_EPOCH_USEC, but does not modify RTC.
Although the system clock shown to users is not an intended value, the time goes by to 2018-06-28.
3) After another reboot, the system clock is restored to 2018-06-27 (TIME_EPOCH_USEC)
because RTC is still less than TIME_EPOCH_USEC.
Change-Id: Ib2c61e9b1fd9d4b0d33f99868dda1daaec21878d
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Łukasz Stelmach [Fri, 31 Mar 2017 11:05:09 +0000 (13:05 +0200)]
spec: configure rpmmacrosdir instead of manually installing rpm macros
Change-Id: Iec5f938f97695f8eafcfc4f3b0b120d5fe77a54e
Lukas Nykryn [Tue, 30 Aug 2016 13:04:07 +0000 (15:04 +0200)]
install: fix disable when /etc/systemd/system is a symlink
Change-Id: I1bafa3e4bfea556e2abceee33b2b2bc6ab97b137
Origin: https://github.com/systemd/systemd/commit/
67852d08e6a35d34b428e8be64efdb3f003f4697
steelman [Tue, 14 Mar 2017 23:16:47 +0000 (00:16 +0100)]
build-sys: make RPM macros installation path configurable (#5564)
--with-rpmmacrosdir=no disables installation of the macros.
Change-Id: Ia663c3fb86bf658da57b59a4c17916c5c22645af
Origin: https://github.com/systemd/systemd/commit/
ff2e33db54719bfe8feea833571652318c6d197c
Mateusz Moscicki [Fri, 11 May 2018 12:58:41 +0000 (14:58 +0200)]
Set the default deny policy for system dbus
org.freedesktop.locale1.conf - send: deny, own: deny
org.freedesktop.login1.conf - send: deny, own: deny
org.freedesktop.systemd1.conf - send: deny, own: deny
Change-Id: I49f402d56f83700fe7528eab3e034cd845afc0a2
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
Cristian Rodríguez [Fri, 5 Aug 2016 16:10:41 +0000 (16:10 +0000)]
buildsys,journal: allow -fsanitize=address without VALGRIND defined
Fixed (master) versions of libtool pass -fsanitize=address correctly
into CFLAGS and LDFLAGS allowing ASAN to be used without any special
configure tricks..however ASAN triggers in lookup3.c for the same
reasons valgrind does. take the alternative codepath if
__SANITIZE_ADDRESS__ is defined as well.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I1eb6c14a7d91b4d34fdc792620fe57a329037fa4
INSUN PYO [Wed, 7 Mar 2018 07:40:53 +0000 (16:40 +0900)]
logind: change smack label /run/user/%UID/system_share to "*"
INSUN PYO [Tue, 27 Feb 2018 08:48:52 +0000 (17:48 +0900)]
logind: change group and permission /run/user/%UID
1. change group and pemission of /run/usre/%UID to uid/system_share,0750
2. make /run/user/%UID/system_share to uid/system_share,0750
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: Ie22b8d4e96c1669f7068005952d83f7f4086b60c
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
INSUN PYO [Wed, 28 Feb 2018 02:29:47 +0000 (11:29 +0900)]
revert: Description : Adding to enable/disable the multiuser feature.
* I don't revert "unit/user@.service.m4.in (Environment=XDG_RUNTIME_DIR=/run/user/%U)
* If you want to revert this, you should add "session required pam_loginuid.so" to /etc/pam.d/systemd-user
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I6f8e132eb46a150968662bc2574fdf85eb715a52
INSUN PYO [Wed, 31 Jan 2018 01:02:17 +0000 (10:02 +0900)]
journald: Limit system journal size from 10M to 4M
A journald always loads two journal files (one is current and the other is just before) in memory using mmap.
So it always consumes as much memory as file size.
A journald rotates the log in 8 files.
Each log file has a SystemMaxUse/8 size.
(But the minimum value is 512k.)
So SystemMaxUse is 4M to minimize memory usage. (512k * 8 = 4M)
sh-3.2# memps `pidof systemd-journald`
S(CODE) S(DATA) P(CODE) P(DATA) ADDR(start-end) OBJECT NAME
-------- -------- -------- -------- -----------------------------------------------
4 0 508 0
f6d80000-
f6ec0000 /opt/var/log/journal/
999fcdd05c714da0859337c08df2230e/system@
800f735a88e44c35bc7cca47\
9a6984b1-
00000000000015ad-
000561d5c48aab1f.journal
0 4 302 0
f6c40000-
f6d80000 /opt/var/log/journal/
999fcdd05c714da0859337c08df2230e/system.journal
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I9aa53189eae878464acba58b5fdd490f6b3ba7f8
INSUN PYO [Fri, 19 Jan 2018 01:55:39 +0000 (10:55 +0900)]
reboot: change log level of reboot command from warning to debug
To prevent the annoying warning messages below :
"Failed to read reboot parameter file: No such file or directory"
"SYSTEMD_LOG_LEVEL=debug reboot" command can see the original log.
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I7bb619998bb2cce8959956f73f3dd62d48525c33
Adrian Szyndela [Fri, 22 Dec 2017 08:08:31 +0000 (08:08 +0000)]
Merge "Add well-known-names -> unique names on graph" into tizen
Adrian Szyndela [Fri, 22 Dec 2017 08:06:28 +0000 (08:06 +0000)]
Merge "Add tool for processing graph generated by busctl dot." into tizen
Adrian Szyndela [Fri, 22 Dec 2017 08:04:30 +0000 (08:04 +0000)]
Merge "Generate graph from the traffic observable by busctl monitor." into tizen
Dawid Kuczma [Tue, 5 Dec 2017 08:31:16 +0000 (09:31 +0100)]
Add well-known-names -> unique names on graph
Usage:
--well-known-names=true
Change-Id: Ife01bd8d1a2d6acc4a45c6595bcc52c15d523742
Dawid Kuczma [Mon, 6 Nov 2017 12:50:59 +0000 (13:50 +0100)]
Add tool for processing graph generated by busctl dot.
Usage:
1) gvpr -f graphinfo.gvpr input_file
2) gvpr -f graphinfo.gvpr input_file -a node -a NODE
3) gvpr -f graphinfo.gvpr input_file -a -node -a NODE
Change-Id: Ie4d05c715df17b61c8c7ad1f7724977c9c2f8bb8
Dawid Kuczma [Thu, 28 Sep 2017 13:08:20 +0000 (15:08 +0200)]
Generate graph from the traffic observable by busctl monitor.
Busctl dot is used to visualize IPC traffic.
It generate dot output whitch can be visualized e.g. by using graphviz.
Also adds filtering by sender/receiver pid.
Internally busctl dot works similar to busctl capture.
It reuses monitor() framework.
--pid=PID -only show messages where sender or receiver pid is equal to PID
--sender-pid=PID -only show messages where sender pid is equal to PID
--receiver-pid=PID -same as above, but filtering by receiver pid.
Signed-off-by: Dawid Kuczma <d.kuczma@partner.samsung.com>
Change-Id: Id9ce46f5085dde10010e89057f78d58b3088d3bc
Hyotaek Shim [Fri, 15 Dec 2017 06:56:43 +0000 (15:56 +0900)]
tizen: Change the permission of /dev/kmsg to "root:log 660 *"
Through this patch, /usr/bin/dlog_logger (log:log) can access /dev/kmsg
without root credentials.
Change-Id: Ie955499c4a0bf1581cd64244cb94acfa6279719d
Signed-off-by: Hyotaek Shim <hyotaek.shim@samsung.com>
[ Minor style change in commit log. ]
Signed-off-by: Karol Lewandowski <k.lewandowsk@samsung.com>
INSUN PYO [Fri, 15 Dec 2017 03:35:07 +0000 (12:35 +0900)]
adjust the uid and secure_uid range
Signed-off-by: INSUN PYO <insun.pyo@samsung.com>
Change-Id: I03793a7fb43e229999bee511298e39d68bf26f4d
Lennart Poettering [Fri, 6 Oct 2017 08:18:04 +0000 (10:18 +0200)]
NEWS: patch in today's date for the 235 release
Zbigniew Jędrzejewski-Szmek [Fri, 6 Oct 2017 08:04:49 +0000 (10:04 +0200)]
man: explain precedence for options which take a list (#7010)
Hopefully finally fixes #6639.
Yu Watanabe [Fri, 6 Oct 2017 07:33:21 +0000 (16:33 +0900)]
meson: fix feature list (#7011)
Frederic Crozat [Thu, 5 Oct 2017 23:28:19 +0000 (01:28 +0200)]
tmpfiles: remove old ICE and X11 sockets at boot (#6979)
tmpfiles: remove old ICE and X11 sockets at boot
When not using tmpfs based /tmp, leftover sockets
might prevent X startup. Ensure directory is clean at boot time.
g0tar [Thu, 5 Oct 2017 20:17:51 +0000 (22:17 +0200)]
pass currently completed word to systemctl list-unit-files/list-units (#6927)
This change noticeably increases completion performance at the expense
of preventing possible _correct, _approximate or any matcher-list rules.
Still, responsiveness increase so huge seems to make it worth the price.
Zbigniew Jędrzejewski-Szmek [Thu, 5 Oct 2017 20:06:39 +0000 (22:06 +0200)]
Merge pull request #6999 from poettering/seccomp-newgroups
add three new syscall groups, and port @privileged to make use of more existing ones
Zbigniew Jędrzejewski-Szmek [Thu, 5 Oct 2017 19:51:13 +0000 (21:51 +0200)]
Merge pull request #7008 from poettering/sorevision235
bump so revision for 235 and mailmap updates