| Commit message (Collapse) | Author | Age |
|---|
| |
|
|
|
|
| |
There is no reason to require key to be non-NULL.
Change test_ordered_hashmap_next() to use trivial_hash_ops in order to
test NULL key too.
|
| | |
|
| | |
|
| |
|
|
| |
Let's use it as initializer where appropriate.
|
| |
|
|
|
| |
We know the state anyway, let's expose it in the bus. It's useful for
debugging at least, but it might be useful for DEs too.
|
| |
|
|
|
|
|
|
|
|
|
| |
This ports a lot of manual code over to sigprocmask_many() and friends.
Also, we now consistly check for sigprocmask() failures with
assert_se(), since the call cannot realistically fail unless there's a
programming error.
Also encloses a few sd_event_add_signal() calls with (void) when we
ignore the return values for it knowingly.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Remove old temporary snapshots, but only at boot. Ideally we'd have
"self-destroying" btrfs snapshots that go away if the last last
reference to it does. To mimic a scheme like this at least remove the
old snapshots on fresh boots, where we know they cannot be referenced
anymore. Note that we actually remove all temporary files in
/var/lib/machines/ at boot, which should be safe since the directory has
defined semantics. In the root directory (where systemd-nspawn
--ephemeral places snapshots) we are more strict, to avoid removing
unrelated temporary files.
This also splits out nspawn/container related tmpfiles bits into a new
tmpfiles snippet to systemd-nspawn.conf
|
| |
|
|
|
|
|
|
|
|
|
| |
This adds a "char *extra" parameter to tempfn_xxxxxx(), tempfn_random(),
tempfn_ranomd_child(). If non-NULL this string is included in the middle
of the newly created file name. This is useful for being able to
distuingish the kind of temporary file when we see one.
This also adds tests for the three call.
For now, we don't make use of this at all, but port all users over.
|
| |
|
|
|
| |
The names fw-util.[ch] are too ambiguous, better rename the files to
firewall-util.[ch]. Also rename the test accordingly.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, the HASHMAP iterators stop at the first NULL entry in a
hashmap. This is non-obvious and breaks users like sd-device, which
legitimately store NULL values in a hashmap.
Fix all the iterators by taking a pointer to the value storage, instead of
returning it. The iterators now return a boolean that tells whether the
end of the list was reached.
Current users of HASHMAP_FOREACH() are *NOT* changed to explicitly check
for NULL. If it turns out, there were users that inserted NULL into
hashmaps, but didn't properly check for it during iteration, then we
really want to find those and fix them.
|
| |
|
|
|
|
|
|
|
|
| |
If you use bus_map_all_properties(), you must be aware that it might
touch output variables even though it may fail. This is, because we parse
many different bus-properties and cannot tell how to clean them up, in
case we fail deep down in the parser.
Fix all callers of bus_map_all_properties() to correctly cleanup any
context structures at all times.
|
| | |
|
| |
|
|
|
|
|
| |
Fix CID 1304686: Dereference after null check (FORWARD_NULL)
However, this commit does not fix any bug in logind. It helps to keep
the elect_display_compare() function generic.
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
Our bloom-filters support root-path matching. Make sure we properly add
the path_namespace= tag.
|
| |
|
|
|
|
|
|
| |
DBus spec clearly defines arg0path= to be a two-way matching. That is,
either the matcher or the matchee can be a prefix of the other to match.
This is not possible to implement with bloom-filters. Instead, we'd have
to add a separate filter for each prefix. This is non-trivial, though.
Hence, just skip the match for now and match locally.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
DBus-spec defines two different pattern matchings:
1) Path and namespace prefix matching. In this case, A matches B either
if both are equal, or if B is fully included in the namespace of A.
In other words, A has to be a prefix of B, but end with a separator
character (or the following character in B must be one).
This is used for path_namespace= and arg0namespace=
2) The other pattern matching is used for arg0path= which does a two-way
matching. That is, A must be a prefix of B, or B a prefix of A.
Furthermore, the prefix must end with a separator.
Fix the sd-bus helpers to reflect that. The 'simple_' and 'complex_'
prefixes don't make any sense now, but.. eh..
|
| |
|
|
|
| |
It's only marginally shorter then the usual for() loop, but certainly
more readable.
|
| |
|
|
|
| |
We now listen for new subdirs of /run/systemd, and /run/systemd/netif in case
/run/systemd/netif/links does not exist.
|
| |
|
|
|
|
| |
Make sure we actually verify our match-rules are executed properly. Right
now all we test is the bloom-matches, which are non-reliable as they leave
through false-positives.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Lets look at an example where we add arg0="/foo/bar/waldo" to a
bloom-filter. The following strings are added:
"arg0:/foo/bar/waldo"
"arg0-slash-prefix:/foo/bar"
"arg0-slash-prefix:/foo"
Two problems arise:
1) If we match on "arg0path=/foo/bar/waldo", the dbus-spec explicitly
states that equal strings are also considered prefixes. However, in the
bloom-match, we can only provide a single match-filter. Therefore, we have
to add "arg0-slash-prefix:/foo/bar/waldo" there, but this never occured in
the bloom-mask of the message.
Hence, this patch makes sure bloom_add_prefixes() adds the full path as
prefix, too.
2) If we match on "arg0path=/foo/", the dbus-spec states that arg0path
does prefix-matching with the trailing slash _included_, unlike
path_namespace= matches, which does *not* include them. This is
inconsistent, but we have to support the specs. Therefore, we must add
prefixes with _and_ without trailing separators.
Hence, this patch makes sure bloom_add_prefixes() adds all prefixes with
the trailing slash included.
The final set of strings added therefore is:
"arg0:/foo/bar/waldo"
"arg0-slash-prefix:/foo/bar/waldo"
"arg0-slash-prefix:/foo/bar/"
"arg0-slash-prefix:/foo/bar"
"arg0-slash-prefix:/foo/"
"arg0-slash-prefix:/foo"
"arg0-slash-prefix:/"
|
| | |
|
| |
|
|
| |
Match rest of codebase, we always allow unref'ing NULL.
|
| |
|
|
| |
use it anymore
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we have a structure like this:
/bin -> /usr/bin
/usr is a mount point
Then path_is_mount_point("/bin", AT_SYMLINK_FOLLOW) needs to look at the pair
/usr/bin and /usr, not at the pair / and /usr/bin, as the latter have different
mount IDs. But we only want to consider the base name, not any parent.
Thus we have to resolve the given path first to get the real parent when
allowing symlinks.
Bug: https://github.com/systemd/systemd/issues/61
|
| |
|
|
|
|
|
|
|
| |
It will try to unquot_first_word, but if it runs into escaping problems
it will retry it adding UNQUOTE_CUNESCAPE_RELAX to the flags. If it
succeeds on the second try, it will log a warning about it. If it fails
both times, it will log an error.
Add test cases to confirm it behaves as expected.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Commit c0f32805 ("logind: use sd_event timer source for inhibitor
logic") reworked the main loop logic of logind so that it uses a
real timeout callback handler to execute delayed functions.
What the old code did, however, was to call those functions on
every iteration in the main loop, not only when the timeout
expired.
Restore that behavior by bringing back manager_dispatch_delayed(),
and call it from manager_run(). The internal event source callback
manager_inhibit_timeout_handler() was turned into a wrapper of
manager_dispatch_delayed() now.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
This appears to be the right time to do it for SOCK_STREAM
unix sockets.
Also: condition bus_get_owner_creds_dbus1 was reversed. Split
it out to a separate variable for clarity and fix.
https://bugzilla.redhat.com/show_bug.cgi?id=1224211
|
| |
|
|
|
|
|
|
|
|
|
|
| |
SELinux information cannot be retrieved this way, since we are
using stream unix sockets and SCM_SECURITY does not work for
them.
SCM_CREDENTIALS use dropped to be consistent. We also should
get this information at connection time.
https://bugzilla.redhat.com/show_bug.cgi?id=1224211
"SCM_SECURITY was only added for datagram sockets."
|
| |
|
|
|
|
|
|
|
|
| |
Right now we always pass KDBUS_ITEM_ATTACH_FLAGS_RECV to
KDBUS_CMD_BUS_MAKE, effectively forcing every bus connection to do the
same during KDBUS_CMD_HELLO. This used to be a workaround to make sure all
metadata is always present. However, we refrained from that approach and
intend to make all metadata collection solely rely on /proc access
restrictions. Therefore, there is no need to force the send-flags mask on
newly created buses.
|
| |
|
|
| |
Sync with upstream.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We protect most of the API from use accross forks, but we still allow both
sd_event and sd_event_source objects to be unref'ed. This would cause
problems as it would unregister sources from the underlying eventfd, hence
also affecting the original instance in the parent process.
This fixes the issue by not touching the fds on unref when done accross a fork,
but still free the memory.
This fixes a regression introduced by
"udevd: move main-loop to sd-event": 693d371d30fee
where the worker processes were disabling the inotify event source in the
main daemon.
|
| | |
|
| |
|
|
| |
This was a regression introduced when moving to sd-device.
|
| |
|
|
|
|
|
| |
We unescape ExecStart line when parsing it, so escape device name
before adding it to unit file.
fixes #50
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The new flag UNQUOTE_UNESCAPE_RELAX preserves unrecognized escape
sequences verbatim in unquote_first_word, either when it's a trailing
backslash (similar to UNQUOTE_RELAX, but in this case keep the extra
backslash in the output) or in the middle of a sequence string.
Add unit test cases to ensure the new flag works as expected and to
prevent regressions from being introduced.
Tested with a follow up commit converting config_parse_exec() to start
using unquote_first_word, in which case this flags makes it possible to
preserve unrecognized escape sequences.
Relevant bug: https://bugs.freedesktop.org/show_bug.cgi?id=90794
|
| |
|
|
|
| |
The library moved to:
https://git.gnome.org/browse/libgudev/
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Strip trailing slashes from options such as --with-rootprefix, so that building
with rootprefix="/" results in paths like "/lib" instead of "//lib".
Also handle paths such as "/usr/" gracefully.
Use m4/ax_normalize_path.m4 from the autoconf-archive project, which is now
included in our tree as per usual practices in using autoconf-archive macros.
Tested with the following configure options:
./configure \
--with-rootprefix=/ \
--with-rootlibdir=/lib64/ \
--prefix=/usr/ \
--libdir=/lib/ \
--with-bashcompletiondir=/bash-completion/completions/
(The "prefix" and "libdir" are already automatically normalized by Autoconf,
this command is testing the others.)
Compared the config.log and resulting trees (in particular man pages) to
confirm double slashes were not present in the latter.
Also tested that a configuration using default options is not affected and that
`make distcheck` still works as expected.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is needed for generic DRM devices like the VirtualBox vboxvideo
driver, which exposes itself as a generic, ID-less DRM device at
/dev/dri/card0 (after applying this commit):
$ udevadm info --query=all --path \
/sys/devices/pci0000:00/0000:00:02.0/drm/card0
P: /devices/pci0000:00/0000:00:02.0/drm/card0
N: dri/card0
E: DEVNAME=/dev/dri/card0
E: DEVPATH=/devices/pci0000:00/0000:00:02.0/drm/card0
E: DEVTYPE=drm_minor
E: ID_FOR_SEAT=drm-pci-0000_00_02_0
E: ID_PATH=pci-0000:00:02.0
E: ID_PATH_TAG=pci-0000_00_02_0
E: MAJOR=226
E: MINOR=0
E: SUBSYSTEM=drm
E: TAGS=:master-of-seat:seat:uaccess:
E: USEC_INITIALIZED=59893
Without this patch, the capabilities for a seat on a VirtualBox
installation of systemd v219 incorrectly show it as non-graphical, even
though I can type these commands from an xterm:
$ loginctl show-seat seat0
Id=seat0
CanMultiSession=yes
CanTTY=yes
CanGraphical=no
…
https://bugs.freedesktop.org/show_bug.cgi?id=90822
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When (for example) switching from X11 to a new VT and logging in there,
creating a new session, the user state file (/run/systemd/users/$uid) is
not updated after the session becomes active. The latest time it is
saved is when the session is in SESSION_OPENING.
This results in a /run/systemd/users/$uid file which contains
STATE=online for the current user on the current active VT, which is
obviously wrong.
As functions like sd_uid_get_state() use this file to get the user’s
state, this could result in things like PolicyKit making incorrect
decisions about the user’s state. (See
https://bugs.freedesktop.org/show_bug.cgi?id=76358.)
Fix this by re-saving the state for a session’s user after completing
the state_job for that session.
https://bugs.freedesktop.org/show_bug.cgi?id=90818
|
