Evolinx/internal_systemd
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
37,084 Commits 1 Branch 0 Tags 198 MiB
380b82d678
Commit Graph

37084 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Lennart Poettering
380b82d678 conf-files: remove unused function 2018-11-30 16:56:35 +01:00
Lennart Poettering
a7181c671a conf-files: remove misplaced log_oom() 
The caller should log in this case (and all callers in fact already do),
hence let's remove the duplicate logging here.
 2018-11-30 16:55:57 +01:00
Lennart Poettering
243dd6ae1d conf-files: improve algorithm O(n²) → O(n) 2018-11-30 16:55:33 +01:00
Zbigniew Jędrzejewski-Szmek
b2ac2b01c8
Merge pull request #10996 from poettering/oci-prep 
Preparation for the nspawn-OCI work
 2018-11-30 10:09:00 +01:00
Filipe Brandenburger
00195abcbe docs: turn LGTM URL into a markdown link 2018-11-30 12:02:13 +03:00
Claudius Ellsel
d03a00e2de hwdb: Put Lenovo mouse under the correct category in 70-mouse.hwdb (#10995) 
[zj: the entry for a Thinkpad mouse is moved to the end of Lenovo section, and a
      Lenovo mouse is moved from Logitech section to Lenovo section.]
 2018-11-30 09:14:30 +01:00
Fabrice Fontaine
38c1c96db1 meson.build: fix detection of -Werror=shadow 
Pass -Werror=shadow in args of cc.compiles otherwise test will always
succeed
This fix a build failure with gcc 4.7.3

Fixes:
 - http://autobuild.buildroot.org/results/ffd71c473d3b29618c18cd2e04705370266696f2

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
 2018-11-30 08:45:22 +01:00
Zbigniew Jędrzejewski-Szmek
9ed6a1d2c6
Merge pull request #10990 from keszybz/link-libmount-less 
Link libmount less
 2018-11-29 21:38:37 +01:00
Zbigniew Jędrzejewski-Szmek
77c772f227 Move mount-util.c to shared/ 
libmount dep is moved from libbasic to libshared, potentially removing
libmount from some build products.
 2018-11-29 21:03:44 +01:00
Zbigniew Jędrzejewski-Szmek
049af8ad0c Split out part of mount-util.c into mountpoint-util.c 
The idea is that anything which is related to actually manipulating mounts is
in mount-util.c, but functions for mountpoint introspection are moved to the
new file. Anything which requires libmount must be in mount-util.c.

This was supposed to be a preparation for further changes, with no functional
difference, but it results in a significant change in linkage:

$ ldd build/libnss_*.so.2
(before)
build/libnss_myhostname.so.2:
	linux-vdso.so.1 (0x00007fff77bf5000)
	librt.so.1 => /lib64/librt.so.1 (0x00007f4bbb7b2000)
	libmount.so.1 => /lib64/libmount.so.1 (0x00007f4bbb755000)
	libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f4bbb734000)
	libc.so.6 => /lib64/libc.so.6 (0x00007f4bbb56e000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f4bbb8c1000)
	libblkid.so.1 => /lib64/libblkid.so.1 (0x00007f4bbb51b000)
	libuuid.so.1 => /lib64/libuuid.so.1 (0x00007f4bbb512000)
	libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f4bbb4e3000)
	libpcre2-8.so.0 => /lib64/libpcre2-8.so.0 (0x00007f4bbb45e000)
	libdl.so.2 => /lib64/libdl.so.2 (0x00007f4bbb458000)
build/libnss_mymachines.so.2:
	linux-vdso.so.1 (0x00007ffc19cc0000)
	librt.so.1 => /lib64/librt.so.1 (0x00007fdecb74b000)
	libcap.so.2 => /lib64/libcap.so.2 (0x00007fdecb744000)
	libmount.so.1 => /lib64/libmount.so.1 (0x00007fdecb6e7000)
	libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fdecb6c6000)
	libc.so.6 => /lib64/libc.so.6 (0x00007fdecb500000)
	/lib64/ld-linux-x86-64.so.2 (0x00007fdecb8a9000)
	libblkid.so.1 => /lib64/libblkid.so.1 (0x00007fdecb4ad000)
	libuuid.so.1 => /lib64/libuuid.so.1 (0x00007fdecb4a2000)
	libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fdecb475000)
	libpcre2-8.so.0 => /lib64/libpcre2-8.so.0 (0x00007fdecb3f0000)
	libdl.so.2 => /lib64/libdl.so.2 (0x00007fdecb3ea000)
build/libnss_resolve.so.2:
	linux-vdso.so.1 (0x00007ffe8ef8e000)
	librt.so.1 => /lib64/librt.so.1 (0x00007fcf314bd000)
	libcap.so.2 => /lib64/libcap.so.2 (0x00007fcf314b6000)
	libmount.so.1 => /lib64/libmount.so.1 (0x00007fcf31459000)
	libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fcf31438000)
	libc.so.6 => /lib64/libc.so.6 (0x00007fcf31272000)
	/lib64/ld-linux-x86-64.so.2 (0x00007fcf31615000)
	libblkid.so.1 => /lib64/libblkid.so.1 (0x00007fcf3121f000)
	libuuid.so.1 => /lib64/libuuid.so.1 (0x00007fcf31214000)
	libselinux.so.1 => /lib64/libselinux.so.1 (0x00007fcf311e7000)
	libpcre2-8.so.0 => /lib64/libpcre2-8.so.0 (0x00007fcf31162000)
	libdl.so.2 => /lib64/libdl.so.2 (0x00007fcf3115c000)
build/libnss_systemd.so.2:
	linux-vdso.so.1 (0x00007ffda6d17000)
	librt.so.1 => /lib64/librt.so.1 (0x00007f610b83c000)
	libcap.so.2 => /lib64/libcap.so.2 (0x00007f610b835000)
	libmount.so.1 => /lib64/libmount.so.1 (0x00007f610b7d8000)
	libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f610b7b7000)
	libc.so.6 => /lib64/libc.so.6 (0x00007f610b5f1000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f610b995000)
	libblkid.so.1 => /lib64/libblkid.so.1 (0x00007f610b59e000)
	libuuid.so.1 => /lib64/libuuid.so.1 (0x00007f610b593000)
	libselinux.so.1 => /lib64/libselinux.so.1 (0x00007f610b566000)
	libpcre2-8.so.0 => /lib64/libpcre2-8.so.0 (0x00007f610b4e1000)
        libdl.so.2 => /lib64/libdl.so.2 (0x00007f610b4db000)

(after)
build/libnss_myhostname.so.2:
	linux-vdso.so.1 (0x00007fff0b5e2000)
	librt.so.1 => /lib64/librt.so.1 (0x00007fde0c328000)
	libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fde0c307000)
	libc.so.6 => /lib64/libc.so.6 (0x00007fde0c141000)
	/lib64/ld-linux-x86-64.so.2 (0x00007fde0c435000)
build/libnss_mymachines.so.2:
	linux-vdso.so.1 (0x00007ffdc30a7000)
	librt.so.1 => /lib64/librt.so.1 (0x00007f06ecabb000)
	libcap.so.2 => /lib64/libcap.so.2 (0x00007f06ecab4000)
	libpthread.so.0 => /lib64/libpthread.so.0 (0x00007f06eca93000)
	libc.so.6 => /lib64/libc.so.6 (0x00007f06ec8cd000)
	/lib64/ld-linux-x86-64.so.2 (0x00007f06ecc15000)
build/libnss_resolve.so.2:
	linux-vdso.so.1 (0x00007ffe95747000)
	librt.so.1 => /lib64/librt.so.1 (0x00007fa56a80f000)
	libcap.so.2 => /lib64/libcap.so.2 (0x00007fa56a808000)
	libpthread.so.0 => /lib64/libpthread.so.0 (0x00007fa56a7e7000)
	libc.so.6 => /lib64/libc.so.6 (0x00007fa56a621000)
	/lib64/ld-linux-x86-64.so.2 (0x00007fa56a964000)
build/libnss_systemd.so.2:
	linux-vdso.so.1 (0x00007ffe67b51000)
	librt.so.1 => /lib64/librt.so.1 (0x00007ffb32113000)
	libcap.so.2 => /lib64/libcap.so.2 (0x00007ffb3210c000)
	libpthread.so.0 => /lib64/libpthread.so.0 (0x00007ffb320eb000)
	libc.so.6 => /lib64/libc.so.6 (0x00007ffb31f25000)
	/lib64/ld-linux-x86-64.so.2 (0x00007ffb3226a000)

I don't quite understand what is going on here, but let's not be too picky.
 2018-11-29 21:03:44 +01:00
Lennart Poettering
8f2eb7302d update TODO 2018-11-29 20:54:31 +01:00
Lennart Poettering
30874dda3a dev-setup: generalize logic we use to create "inaccessible" device nodes 
Let's generalize this, so that we can use this in nspawn later on, which
is pretty useful as we need to be able to mask files from the inner
child of nspawn too, where the host's /run/systemd/inaccessible
directory is not visible anymore. Moreover, if nspawn can create these
nodes on its own before the payload this means the payload can run with
fewer privileges.
 2018-11-29 20:21:40 +01:00
Lennart Poettering
17c58ba97b nspawn: let's also pre-mount /dev/mqueue 2018-11-29 20:21:40 +01:00
Lennart Poettering
d435a18244 ptyfwd: optionally override terminal width/height 2018-11-29 20:21:39 +01:00
Lennart Poettering
de321f5228 fs-util: beef up chmod_and_chown() a bit 2018-11-29 20:21:39 +01:00
Lennart Poettering
d739169804 capability: add new type for maintaining all five cap sets as one 2018-11-29 20:21:39 +01:00
Lennart Poettering
d5aecba6e0 cgroup: use device_path_parse_major_minor() also for block device paths 
Not only when we populate the "devices" cgroup controller we need
major/minor numbers, but for the io/blkio one it's the same, hence let's
use the same logic for both.
 2018-11-29 20:21:39 +01:00
Lennart Poettering
54b22b2643 tree-wide: port various parts of the code over to the new device_major_minor_path() calls 2018-11-29 20:21:39 +01:00
Lennart Poettering
846b3bd61e stat-util: add new APIs device_path_make_{major_minor|canonical}() and device_path_parse_major_minor() 
device_path_make_{major_minor|canonical)  generate device node paths
given a mode_t and a dev_t. We have similar code all over the place,
let's unify this in one place. The former will generate a "/dev/char/"
or "/dev/block" path, and never go to disk. The latter then goes to disk
and resolves that path to the actual path of the device node.

device_path_parse_major_minor() reverses device_path_make_major_minor(),
also withozut going to disk.

We have similar code doing something like this at various places, let's
unify this in a single set of functions. This also allows us to teach
them special tricks, for example handling of the
/run/systemd/inaccessible/{blk|chr} device nodes, which we use for
masking device nodes, and which do not exist in /dev/char/* and
/dev/block/*
 2018-11-29 20:21:39 +01:00
Lennart Poettering
8e8b5d2e6d cgroups: beef up DeviceAllow= syntax a bit 
Previously we'd allow pattern expressions such as "char-input" to match
all input devices. Internally, this would look up the right major to
test in /proc/devices. With this commit the syntax is slightly extended:

- "char-*" can be used to match any kind of character device, and
  similar "block-*. This expression would work previously already, but
  instead of actually installing a wildcard match it would install many
  individual matches for everything listed in /proc/devices.

- "char-<MAJOR>" with "<MAJOR>" being a numerical parameter works now
  too. This allows clients to install whitelist items by specifying the
  major directly.

The main reason to add these is to provide limited compat support for
clients that for some reason contain whitelists with major/minor numbers
(such as OCI containers).
 2018-11-29 20:21:39 +01:00
Lennart Poettering
74c48bf5a8 core: add special handling for devices cgroup allow lists for /dev/block/* and /dev/char/* device nodes 
This adds some code to hanlde /dev/block/* and /dev/char/* device node
paths specially: instead of actually stat()ing them we'll just parse the
major/minor name from the name. This is useful 'hack' to allow clients
to install whitelists for devices that don't actually have to exist.

Also, let's similarly handle /run/systemd/inaccessible/{blk|chr}. This
allows us to simplify our built-in default whitelist to not require a
"ignore_enoent" mode for these nodes.

In general we should be careful with hardcoding major/minor numbers, but
in this case this should safe.
 2018-11-29 20:03:56 +01:00
Lennart Poettering
3a47c40d97 tree-wide: port various parts of the code to use parse_dev() 2018-11-29 20:03:56 +01:00
Lennart Poettering
61e0111df9 path-util: port path_join() over to path_join_many() 
We should probably drop path_join() entirely in the long run (and
then rename path_join_many() to it?), but for now let's make one a
wrapper for the other.
 2018-11-29 20:03:56 +01:00
Lennart Poettering
cd8194a389 path-util: add new path_join_many() API 2018-11-29 20:03:56 +01:00
Lennart Poettering
de06c0cf77 parse-util: rework parse_dev() based on safe_atou() and DEVICE_MAJOR_VALID()/DEVICE_MINOR_VALID() 
Let's be a bit more careful when parsing major/minor pairs, and filter
out more corner cases. This also means using safe_atou() rather than
sscanf() to avoid weird negative unsigned handling and such.
 2018-11-29 20:02:39 +01:00
Lennart Poettering
fa583ab176 logind: validate majors/minors we receieve via the bus 2018-11-29 20:02:39 +01:00
Lennart Poettering
fb2430c6e5 stat-util: add macros for checking whether major and minor values are in range 
As it turns out glibc and the Linux kernel have different ideas about
the size of dev_t and how many bits exist for the major and the minor.
When validating major/minor numbers we should check against the kernel's
actual sizes, hence add macros for this.
 2018-11-29 20:02:39 +01:00
Lennart Poettering
192b89368e
Merge pull request #10987 from poettering/index-md-work-around 
docs: work around GitHub pages weirdness
 2018-11-29 19:29:02 +01:00
Lennart Poettering
6740028516
Merge pull request #10989 from keszybz/nss-man 
Add example to nss-mymachines(8)
 2018-11-29 19:28:39 +01:00
Lennart Poettering
f7db73528f docs: work around GitHub pages weirdness 
Fixes: #10546
 2018-11-29 19:09:09 +01:00
Zbigniew Jędrzejewski-Szmek
401faa3533
Merge pull request #10357 from poettering/import-fs 
machinectl import-fs command and other fixes
 2018-11-29 16:38:46 +01:00
Zbigniew Jędrzejewski-Szmek
f2cca38e46 man: add an extensive example to nss-mymachines(8) 
The man page didn't really say what we are mapping and with what
patterns. Let's fix that.
 2018-11-29 15:47:21 +01:00
Zbigniew Jędrzejewski-Szmek
f781c8fe78
Merge pull request #10959 from poettering/systemctl-edit-fixo 
Fix "systemctl edit" for non-loadable units
 2018-11-29 15:35:07 +01:00
Lennart Poettering
edc8e7b81f docs: fix typo 2018-11-29 15:29:47 +01:00
Lennart Poettering
c1d3483d47 docs: uppercase the title of our Markdown docs 2018-11-29 15:29:47 +01:00
Susant Sahani
173a6e29be networkd: vxlan make use of parse_ip_port_range 
Use parse_ip_port_range
 2018-11-29 14:04:26 +01:00
Zbigniew Jędrzejewski-Szmek
3bfb1010b2 machinectl: fix printing of multiple addresses 
We'd print everything jumbled together:
$ machinectl --max-addresses=3
MACHINE CLASS     SERVICE        OS     VERSION ADDRESSES
rawhide container systemd-nspawn fedora 30      169.254.40.164fe80::94aa:3aff:fe7b:d4b9
 2018-11-29 13:04:50 +01:00
Zbigniew Jędrzejewski-Szmek
4527a83bc7 machinectl: drop helper function 
It only serves to forward some arguments without modification and is only
used in one place anyway.
 2018-11-29 13:04:50 +01:00
Lennart Poettering
02a126a33d systemctl: if service manager couldn't load unit file, don't rely on it to tell us the fragment path 
Previously, "systemctl edit" exclusively used the service manager's
per-unit FragmentPath property to figure out which file to edit, when
operating on a non-template unit. If for some reason loading the unit
file failed entirely though (LoadState=error), then FragmentPath would
be empty, and thus the unit not editable.

Let's fix this, by falling back to client-side unit file searching in
this case.

(Also, various other clean-ups to make the relevant functions follow our
coding style)

Fixes: #9561
 2018-11-29 11:25:32 +01:00
Lennart Poettering
85163756da systemctl: rework message suggesting how to create a new unit file 
We need to specifiy --full for creating full unit files.

Also, this is an explanatory hint, hence shouldn't be logged on LOG_ERR
level.
 2018-11-29 11:25:32 +01:00
Lennart Poettering
df79fdab21 systemctl: shorten code a bit 2018-11-29 11:25:32 +01:00
Lennart Poettering
5daacba233 systemctl: improve message when we skip a unit for editing a bit 2018-11-29 11:25:32 +01:00
Lennart Poettering
92d6b0bfdc systemctl: use _cleanup_ logic for error paths in unit_file_create_copy(), too 2018-11-29 11:25:32 +01:00
Lennart Poettering
919d272085 systemctl: rework error paths in unit_file_create_new() 
Let's use _cleanup_ to clean up stuff for us.
 2018-11-29 11:25:32 +01:00
Lennart Poettering
b03677e2da systemctl: rework unit_find_template_path() to follow coding style 
This makes sure that we don't clobber return values on failure and reset
all return values on success.
 2018-11-29 11:25:32 +01:00
Lennart Poettering
f67cb27060 systemctl: make sure we initialize return parameters in unit_file_find_path() on success 
According to our coding style return values should be initialized when
we return any form of success, do so here too.
 2018-11-29 11:21:55 +01:00
Lennart Poettering
c45e7e0cbf systemctl: rename unit_file_find_path()'s return paramete to indicate that it is one 2018-11-29 11:15:45 +01:00
Lennart Poettering
ecb1a44cc9 docs: add brief docs explaing udev's flock() block device node synchronization 2018-11-29 10:48:30 +01:00
Lennart Poettering
0abf94923b NEWS: extend docs on RLIMIT_NOFILE 
We now settled on 512K, and forgot to update NEWS.

Moreover, explain why 512K was chosen.
 2018-11-29 14:55:31 +09:00
Evgeny Vereshchagin
c90c39ff7b catalog: reject entries where the language is too short early 
Closes https://oss-fuzz.com/testcase-detail/5674475278827520
 2018-11-29 13:41:40 +09:00