| Commit message (Collapse) | Author | Age |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This primarily changes to things:
1. Ellipsation to 0, 1 or 2 characters is now supported. Previously we'd
hit an assert if the new lengths was < 3, this is now permitted. The
result strings won't show too much info still of course, but the code
becomes a bit more generic and robust to use.
2. If a UTF-8 mode is disabled and the input string is pure ASCII, then
"..." is used for ellipsation, otherwise (as before) "…". This means
on a pure-ASCII system we should remain pure-ASCII, matching
behaviour otherwise exposed with special_glyph() and friends. Note
that we'll use "…" for ellipsiation as soon as either the locale
settings indicate an UTF-8 mode or the input string already contains
non-ASCII unicode characters.
Testing for these special cases is improved.
|
| |
|
| |
|
| |
|
|
|
|
| |
Let's make this correct.
|
|
|
|
|
|
|
|
| |
We check the same condition at various places. Let's add a trivial,
common helper for this, and use it everywhere.
It's not going to make things much faster or much shorter, but I think a
lot more readable
|
|
|
|
|
|
|
|
|
|
|
| |
The NULSTR_FOREACH iterator needs to see an empty string at the end, so
we need to insert an extra NUL explicitly.
Also update PATH0_BIN_SBIN(x) to include an extra NUL terminator, rename
it to PATH_BIN_SBIN_NULSTR(x), which is more consistent with the similar
CONF_PATHS_NULSTR(x) macro.
Fixes: 5008da1ec1cf2cf8c15b702c4052e3a49583095d
|
| |
|
|
|
|
| |
The check that was right below already covers this case.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Absolute paths make everything simple and quick, but sometimes this requirement
can be annoying. A good example is calling 'test', which will be located in
/usr/bin/ or /bin depending on the distro. The need the provide the full path
makes it harder a portable unit file in such cases.
This patch uses a fixed search path (DEFAULT_PATH which was already used as the
default value of $PATH), and if a non-absolute file name is found, it is
immediately resolved to a full path using this search path when the unit is
loaded. After that, everything behaves as if an absolute path was specified. In
particular, the executable must exist when the unit is loaded.
|
|
|
|
|
| |
The new helper is much like unit_name_build() but expects a UnitType
value instead of a suffix.
|
|
|
|
| |
Let's use the usual 1U << 0,1,2,3,4 spelling for definiting flags enums.
|
|
|
|
|
| |
We check max_bytes twice here, let's simplify that, and reduce one level
of indentation.
|
|
|
|
|
|
|
|
| |
If a tool only invokes copy_bytes() a single time the _unlikely_() will always be
wrong, and is hence not useful. Let's drop it and let the compiler
figure our what to do, instead of misleading it.
Also, some coding style imprvoements.
|
|
|
|
|
|
| |
splice() ignores O_NONBLOCK on pipes but not on other fds. Let's handle
that properly, and query O_ONBLOCK manually in that case, ensuring
systematic behaviour in either case.
|
|
|
|
|
|
|
| |
Optionally, when we copy between fds with simple read/write, let's
return any remaining data we already read into the buffer if write
fails. This is useful to allow callers to use the read data otherwise,
perhaps implementing a different fallback for copying.
|
|
|
|
|
| |
Let's use btrfs_clone_range() if partial copies are desired. And use
btrfs_reflink() only for full-file reflinks.
|
| |
|
| |
|
| |
|
|
|
|
| |
process PIDs
|
|
|
|
|
|
|
|
|
|
|
|
| |
It does two things:
1. It derives the element size from the array argument type
2. It derives the right type for the function from the array argument
type
Using this macro call should make the invocations of qsort() quite a bit
safer.
|
|
|
|
|
|
|
|
|
|
| |
Files which are installed as-is (any .service and other unit files, .conf
files, .policy files, etc), are left as is. My assumption is that SPDX
identifiers are not yet that well known, so it's better to retain the
extended header to avoid any doubt.
I also kept any copyright lines. We can probably remove them, but it'd nice to
obtain explicit acks from all involved authors before doing that.
|
|
|
|
|
|
|
|
| |
Things can fail, and we have no control over it:
- file system issues (immutable bits, file system errors, MAC refusals, etc)
- kernel refusing certain arguments when writing to /proc/sys or /sys
Let's add a new code for the case where we parsed configuration but failed
to execute it because of external errors.
|
|
|
|
|
| |
Let's optimize things, and let the kernel chase the paths if none of the
features chase_symlinks() offers are actually used.
|
|
|
|
|
| |
This is useful when opening files within disk images, as we'll then take
the relative root directory properly into account.
|
|
|
|
|
|
| |
We have the same code for this in place at various locations, let's
unify that. Also, let's repurpose test-fs-util.c as a test for this new
helper cal..
|
|
|
|
|
|
|
|
| |
Things can fail, and we have no control over it:
- file system issues (immutable bits, file system errors, MAC refusals, etc)
- kernel refusing certain arguments when writing to /proc/sys or /sys
Let's add a new code for the case where we parsed configuration but failed
to execute it because of external errors.
|
| |
|
|
|
|
|
| |
Let's optimize things, and let the kernel chase the paths if none of the
features chase_symlinks() offers are actually used.
|
|
|
|
|
| |
This is useful when opening files within disk images, as we'll then take
the relative root directory properly into account.
|
|
|
|
|
|
| |
We have the same code for this in place at various locations, let's
unify that. Also, let's repurpose test-fs-util.c as a test for this new
helper cal..
|
|
|
|
|
| |
Per some discussion with Gnome folks, they would prefer this name
as it's more descriptive of what's happening.
|
| |
|
| |
|
|
|
|
| |
Should fix #8557.
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://clang.llvm.org/docs/MemorySanitizer.html#id5 documents this
check as the way to detect MemorySanitizer at compilation time. We
only need to skip the test if MemorySanitizer is used.
Also, use this condition in cg_slice_to_path(). There, the code that is
conditionalized is not harmful in any way (it's just unnecessary), so remove
the FUZZING_BUILD_MODE_UNSAFE_FOR_PRODUCTION condition.
Fixes #8482.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reworks the SELinux and SMACK label fixing calls in a number of
ways:
1. The two separate boolean arguments of these functions are converted
into a flags type LabelFixFlags.
2. The operations are now implemented based on O_PATH. This should
resolve TTOCTTOU races between determining the label for the file
system object and applying it, as it it allows to pin the object
while we are operating on it.
3. When changing a label fails we'll query the label previously set, and
if matches what we want to set anyway we'll suppress the error.
Also, all calls to label_fix() are now (void)ified, when we ignore the
return values.
Fixes: #8566
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This rearranges chase_symlinks() a bit: if no special flags are
specified it will now revert to behaviour before
b12d25a8d631af00b200e7aa9dbba6ba4a4a59ff. However, if the new
CHASE_TRAIL_SLASH flag is specified it will follow the behaviour
introduced by that commit.
I wasn't sure which one to make the beaviour that requires specification
of a flag to enable. I opted to make the "append trailing slash"
behaviour the one to enable by a flag, following the thinking that the
function should primarily be used to generate a normalized path, and I
am pretty sure a path without trailing slash is the more "normalized"
one, as the trailing slash is not really a part of it, but merely a
"decorator" that tells various system calls to generate ENOTDIR if the
path doesn't refer to a path.
Or to say this differently: if the slash was part of normalization then
we really should add it in all cases when the final path is a directory,
not just when the user originally specified it.
Fixes: #8544
Replaces: #8545
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we are attempting to create directory somewhere in the bowels of /var/lib
and get an error that it already exists, it can be quite hard to diagnose what
is wrong (especially for a user who is not aware that the directory must have
the specified owner, and permissions not looser than what was requested). Let's
print a warning in most cases. A warning is appropriate, because such state is
usually a sign of borked installation and needs to be resolved by the adminstrator.
$ build/test-fs-util
Path "/tmp/test-readlink_and_make_absolute" already exists and is not a directory, refusing.
(or)
Directory "/tmp/test-readlink_and_make_absolute" already exists, but has mode 0775 that is too permissive (0755 was requested), refusing.
(or)
Directory "/tmp/test-readlink_and_make_absolute" already exists, but is owned by 1001:1000 (1000:1000 was requested), refusing.
Assertion 'mkdir_safe(tempdir, 0755, getuid(), getgid(), MKDIR_WARN_MODE) >= 0' failed at ../src/test/test-fs-util.c:320, function test_readlink_and_make_absolute(). Aborting.
No functional change except for the new log lines.
|
|
|
|
| |
In preparation for subsequent changes...
|
| |
|
|
|
|
|
|
| |
What's good for uint16_t is also good for unsigned.
This is preparation for: #8140
|
|
|
|
|
|
|
| |
safe_atou16_full() is like safe_atou16() but also takes a base
parameter. safe_atou16() is then implemented as inline function on top
of it, passing 0 as base. Similar safe_atoux16() is reworked as inline
function too, with 16 as base.
|
|
|
|
|
|
|
| |
This is similar to TAKE_PTR() but operates on file descriptors, and thus
assigns -1 to the fd parameter after returning it.
Removes 60 lines from our codebase. Pretty good too I think.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This macro will read a pointer of any type, return it, and set the
pointer to NULL. This is useful as an explicit concept of passing
ownership of a memory area between pointers.
This takes inspiration from Rust:
https://doc.rust-lang.org/std/option/enum.Option.html#method.take
and was suggested by Alan Jenkins (@sourcejedi).
It drops ~160 lines of code from our codebase, which makes me like it.
Also, I think it clarifies passing of ownership, and thus helps
readability a bit (at least for the initiated who know the new macro)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The warning is not emitted for absolute paths like /dev/sda or /home, which are
converted to .device and .mount unit names without any fuss.
Most of the time it's unlikely that users use invalid unit names on purpose,
so let's warn them. Warnings are silenced when --quiet is used.
$ build/systemctl show -p Id hello@foo-bar/baz
Invalid unit name "hello@foo-bar/baz" was escaped as "hello@foo-bar-baz" (maybe you should use systemd-escape?)
Id=hello@foo-bar-baz.service
$ build/systemd-run --user --slice foo-bar/baz --unit foo-bar/foo true
Invalid unit name "foo-bar/foo" was escaped as "foo-bar-foo" (maybe you should use systemd-escape?)
Invalid unit name "foo-bar/baz" was escaped as "foo-bar-baz" (maybe you should use systemd-escape?)
Running as unit: foo-bar-foo.service
Fixes #8302.
|
|
|
|
|
|
|
|
|
| |
database files (#8521)
The API povided by the glibc is too error-prone as one has to deal directly
with errno in order to detect if errors occured.
Suggested by Zbigniew.
|
|
|
|
| |
Let's use our macros where we can
|
| |
|