| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
| |
After all, usec_t is defined as uint64_t, and not as unsigned long long.
|
| |
|
|
|
|
| |
On systems where time_t is 32bit we should invalidate the
timeval/timespec instead of proceeding with a potentially overflown
value.
|
| |
|
|
|
|
|
|
|
|
|
| |
usec_t is always 64bit, which means it can cover quite a number of
years. However, 4 digit year display and glibc limitations around time_t
limit what we can actually parse and format. Let's make this explicit,
so that we never end up formatting dates we can#t parse and vice versa.
Note that this is really just about formatting/parsing. Internal
calculations with times outside of the formattable range are not
affected.
|
| |
|
|
|
|
|
|
|
|
| |
Passing a year such as 1960 to mktime() will result in a negative return
value. This is quite confusing, as the man page claims that on failure
the call will return -1...
Given that our own usec_t type is unsigned, and we can't express times
before 1970 hence, let's consider all negative times returned by
mktime() as invalid, regardless if just -1, or anything else negative.
|
| | |
|
| |
|
|
|
| |
We use different idioms at different places. Let's replace this is the
one true new idiom, that is even a bit faster...
|
| |
|
|
|
|
|
|
| |
If chase_symlinks() encouters an absolute symlink, it resets the todo
buffer to just the newly discovered symlink and discards any of the
remaining previous symlink path. Regardless of whether or not the
symlink is absolute or relative, we need to preserve the remainder of
the path that has not yet been resolved.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
gcc 7 adds -Wimplicit-fallthrough=3 to -Wextra. There are a few ways
we could deal with that. After we take into account the need to stay compatible
with older versions of the compiler (and other compilers), I don't think adding
__attribute__((fallthrough)), even as a macro, is worth the trouble. It sticks
out too much, a comment is just as good. But gcc has some very specific
requiremnts how the comment should look. Adjust it the specific form that it
likes. I don't think the extra stuff we had in those comments was adding much
value.
(Note: the documentation seems to be wrong, and seems to describe a different
pattern from the one that is actually used. I guess either the docs or the code
will have to change before gcc 7 is finalized.)
|
| | |
|
| | |
|
| |
|
|
| |
':' in not a a valid interface name.
|
| |
|
|
| |
interfaces (#5117)
|
| | |
|
| |
|
|
|
| |
All callers of this function insert non-empty strings, so there's no functional
change.
|
| |
|
|
|
|
|
| |
5dd11ab5f36ce71138005 did a similar change for conf_files_list_strv().
Here we do the same for conf_files_list() and conf_files_list_nulstr().
No change for existing users. Tests are added.
|
| |
|
|
| |
It's a fairly specialized function. Let's make new files for it and the tests.
|
| |
|
|
|
| |
Add a comment about the return value and rename r to ans. r is
nowadays reserved for the integer return value, and char *r is confusing.
|
| |
|
|
|
| |
If it writes to memory, it's not pure, by definition.
Fixup for 882ac6e769c5c.
|
| |
|
|
|
|
|
|
| |
It also used __bitwise and __force. It seems easier to rename
our versions since they are local to this one single header.
Also, undefine them afteerwards, so that we don't pollute the
preprocessor macro namespace.
|
| |
|
|
|
|
|
|
|
|
| |
Ubuntu 14.04 (Trusty) kernel header packages ship without
<linux/vm_sockets.h>. Only struct sockaddr_vm and VMADDR_CID_ANY will
be needed by elogind and they are simple enough to go in missing.h.
CentOS 7 <sys/socket.h> does not define AF_VSOCK. Define it so the code
can compile although actual socket(2) calls may fail at runtime if the
address family isn't available.
|
| | |
|
| |
|
|
| |
Also, add tests to make sure this actually works as intended.
|
| |
|
|
|
|
|
|
| |
The AF_VSOCK address family facilitates guest<->host communication on
VMware and KVM (virtio-vsock). Adding support to elogind allows guest
agents to be launched through .socket unit files. Today guest agents
are stand-alone daemons running inside guests that do not take advantage
of elogind socket activation.
|
| |
|
|
|
|
|
|
| |
sockaddr_port() either returns a >= 0 port number or a negative errno.
This works for AF_INET and AF_INET6 because port ranges are only 16-bit.
In AF_VSOCK ports are 32-bit so an int cannot represent all port number
and negative errnos. Separate the port and the return code.
|
| | |
|
| |
|
|
|
| |
If a hex string has an uneven length, generate an error instead of
silently assuming a trailing '0' was in place.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This improves kernel command line parsing in a number of ways:
a) An kernel option "foo_bar=xyz" is now considered equivalent to
"foo-bar-xyz", i.e. when comparing kernel command line option names "-" and
"_" are now considered equivalent (this only applies to the option names
though, not the option values!). Most of our kernel options used "-" as word
separator in kernel command line options so far, but some used "_". With
this change, which was a source of confusion for users (well, at least of
one user: myself, I just couldn't remember that it's elogind.debug-shell,
not elogind.debug_shell). Considering both as equivalent is inspired how
modern kernel module loading normalizes all kernel module names to use
underscores now too.
b) All options previously using a dash for separating words in kernel command
line options now use an underscore instead, in all documentation and in
code. Since a) has been implemented this should not create any compatibility
problems, but normalizes our documentation and our code.
c) All kernel command line options which take booleans (or are boolean-like)
have been reworked so that "foobar" (without argument) is now equivalent to
"foobar=1" (but not "foobar=0"), thus normalizing the handling of our
boolean arguments. Specifically this means elogind.debug-shell and
elogind_debug_shell=1 are now entirely equivalent.
d) All kernel command line options which take an argument, and where no
argument is specified will now result in a log message. e.g. passing just
"elogind.unit" will no result in a complain that it needs an argument. This
is implemented in the proc_cmdline_missing_value() function.
e) There's now a call proc_cmdline_get_bool() similar to proc_cmdline_get_key()
that parses booleans (following the logic explained in c).
f) The proc_cmdline_parse() call's boolean argument has been replaced by a new
flags argument that takes a common set of bits with proc_cmdline_get_key().
g) All kernel command line APIs now begin with the same "proc_cmdline_" prefix.
h) There are now tests for much of this. Yay!
|
| |
|
|
|
|
| |
if we want to parse the kernel command line, let's check the
$SYSTEMD_PROC_CMDLINE environment variable first. This is useful for debugging
purposes.
|
| |
|
|
|
|
|
|
|
|
|
| |
elogind.journal-fields(7) documents CODE_FUNC=. Internally, we were
inconsistent: sd_journal_print uses CODE_FUNC=, log.h has CODE_FUNCTION=,
python-elogind and bootchart also used CODE_FUNC=, when they were internal.
Most external projects use sd_journal_* functions, so CODE_FUNC=,
python-elogind still uses CODE_FUNC=, as does elogind-bootchart, and
independent reimplementations in golang-github-coreos-go-elogind, qtbase,
network manager, glib, pulseaudio. Hence, I don't think there's much
choice.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Those square brackets don't fit how our other messages look like; we use colons
everywhere else. The "[a:b]" format was originally added in
ed5bcfbe3c3b68e59242c03649eea03a9707d318, and remained unchanged for 7 years,
but in the meantime other conventions evolved.
The new version is also one character shorter.
[/etc/elogind/system/elogind-networkd.service.d/override.conf:2] Failed to parse sec value, ignoring: ...
↓
/etc/elogind/system/elogind-networkd.service.d/override.conf:2: Failed to parse sec value, ignoring: ...
|
| |
|
|
| |
We can take advantage of the fact a NULL argument terminates the list.
|
| |
|
|
|
|
|
|
|
|
| |
Our warning message was misleading, because we wouldn't "correct" anything,
we'd just ignore unkown escapes. Update the message.
Also, print just the extracted word (which contains the offending sequences) in
the message, instead of the whole line.
Fixes #4697.
|
| |
|
|
| |
Let's print a proper message if we see MS_MOVE.
|
| | |
|
| |
|
|
| |
As simple wrapper around fd_is_temporary_fs().
|
| |
|
|
| |
Also, O_NOCTTY is a safer bet, let's add that too.
|
| |
|
|
|
|
| |
Let's use chase_symlinks() when looking for /etc/os-release and
/usr/lib/os-release as these files might be symlinks (and actually are IRL on
some distros).
|
| |
|
|
|
|
| |
Let's permit invoking chase_symlinks() with a NULL return parameter. If so, the
resolved name is not returned, and call is useful for checking for existance of
a file, without actually returning its ultimate path.
|
| |
|
|
|
|
|
|
|
| |
PR_SET_MM_ARG_START allows us to relatively cleanly implement process renaming.
However, it's only available with privileges. Hence, let's try to make use of
it, and if we can't fall back to the traditional way of overriding argv[0].
This removes size restrictions on the process name shown in argv[] at least for
privileged processes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Previously, elogind-detect-virt was unable to detect "elogind-nspawn -a"
container environments, i.e. where PID 1 is a stub process running in host
context, as in that case /proc/1/environ was inherited from the host. Let's
improve that, and add an additional check for container environments where
/proc/1/environ is not cleaned up and does not contain the $container
environment variable:
The /proc/1/sched file shows the host PID in the first line. if this is not
1, we know we are running in a PID namespace (but not which implementation).
With these changes we should be able to detect container environments that
don't set $container at all.
|
| |
|
|
|
|
| |
1. Listed in TODO.
2. Tree wide replace safe_atou16 with parse_ip_port incase
it's used for ports.
|
| |
|
|
|
|
|
|
|
| |
Let's accept "µs" as alternative time unit for microseconds. We already accept
"us" and "usec" for them, lets extend on this and accept the proper scientific
unit specification too.
We will never output this as time unit, but it's fine to accept it, after all
we are pretty permissive with time units already.
|
| |
|
|
|
| |
This means that callers can distiguish an error from flags==0,
and don't have to special-case the empty string.
|
| |
|
|
| |
DEFINE_TRIVIAL_CLEANUP_FUNC() already does that check, no need to duplicate it.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch ensures that each system service gets its own session kernel keyring
automatically, and implicitly. Without this a keyring is allocated for it
on-demand, but is then linked with the user's kernel keyring, which is OK
behaviour for logged in users, but not so much for system services.
With this change each service gets a session keyring that is specific to the
service and ceases to exist when the service is shut down. The session keyring
is not linked up with the user keyring and keys hence only search within the
session boundaries by default.
(This is useful in a later commit to store per-service material in the keyring,
for example the invocation ID)
(With input from David Howells)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
_cleanup_
This adds mkdtemp_malloc() that is a combination of mkdtemp() plus strdup(). It
initializes its return paremeter only if the temporary directory could be
created successfully, so that the parameter is exactly non-NULL when the
directory exists.
rmdir_and_free() and rmdir_and_freep() are also added, and the latter may be
used inside of _cleanup_ for such a directory string variable, to automatically
rmdir() the directory if it is non-NULL when the scope exits.
rmdir_and_free() is similar to the existing rm_rf_and_free() however, is only
removes a single directory and does not operate recursively.
|
| |
|
|
| |
As suggested by @keszybz
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a concept of "extrinsic" mounts. If mounts are extrinsic we consider
them managed by something else and do not add automatic ordering against
umount.target, local-fs.target, remote-fs.target.
Extrinsic mounts are considered:
- All mounts if we are running in --user mode
- API mounts such as everything below /proc, /sys, /dev, which exist from
earliest boot to latest shutdown.
- All mounts marked as initrd mounts, if we run on the host
- The initrd's private directory /run/initrams that should survive until last
reboot.
This primarily merges a couple of different exclusion lists into a single
concept.
|
