| Commit message (Collapse) | Author | Age |
|
|
|
|
| |
We should never put empty lines between `if` and `else if`, unless we use
braces.
|
|
|
|
|
| |
CMSG_SPACE(0) may return value other than 0. This caused sendmsg to fail
with EINVAL, when have_pid or n_fds was 0.
|
|
|
|
|
|
|
|
|
| |
mq_getattr returns -1/EBADF for file descriptors which are not mq.
But we should return 0 in this case.
We first check that fd is a valid fd, so we can assume that if
mq_getattr returns EBADF, it is simply a non-mq fd. There is a slight
race, but there doesn't seem to be a nice way to fix it.
|
|
|
|
|
|
| |
Makre sure we always return sensible errors for the various, following
the same rules, and document them in a comment in sd-login.c. Also,
update all relevant man pages accordingly.
|
|
|
|
|
|
|
| |
let's return ENXIO whenever we don't know something rather than ENOENT.
ENOENT suggests this was really about a file or directory, while ENXIO
is a more generic "not found" indicator.
|
|
|
|
|
| |
Although it is nice to have it read ELOGIND instead of SYSTEMD, all
diffs just show too many irrelevant (false) positives.
|
|
|
|
|
|
|
|
| |
The patching of elogind in several steps with only partly rebasing on
a common commit with upstream, left the tree in a state, that was
unmergeable with master. By rebasing on master and manually cleaning
up all commits, this merge is now possible.
However, this process left some orphans, that are cleanup now.
|
|
|
|
|
|
|
|
| |
This commit substitutes all occurrences of
free(foo);
foo = NULL;
with
foo = mfree(foo);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
* Check whether printf.h is available and define/undef HAVE_PRINTF_H
accordingly.
* Added src/shared/parse-printf-format.[hc] by Emil Renner Berthing
<systemd@esmil.dk> that provides parse_printf_format() if printf.h
is unavailable
* Added src/basic/musl_missing.h by Juergen Buchmueller
<pullmoll@t-online.de> that implements glibc functions missing in
musl libc as macros.
* Extended src/basic/musl_missing.h and added
src/basic/musl_missing.c providing
- program_invocation_name
- program_invocation_short_name and
- elogind_set_program_name() to set the two where appropriate.
* Added calls to elogind_set_program_name() to all main() functions
where needed.
* A few other fixes to work nicely with musl libc.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- src/basic/ioprio.h - removed
- src/basic/ring.h - removed
- src/basic/capability.[hc] - cleaned
- src/basic/cgroup-util.[hc] - cleaned
- src/basic/hostname-util.[hc] - cleaned
- src/basic/path-util.[hc] - cleaned
- src/basic/socket-util.h - cleaned
- src/basic/strv.[hc] - cleaned
- src/basic/time-util.[hc] - cleaned
- src/basic/unit-name.[hc] - cleaned
- src/basic/util.[hc] - cleaned
- src/libelogind/sd-bus/bus-introspect.c - cleaned
- src/login/loginctl.c - cleaned
- src/login/logind-dbus.c - cleaned
- src/login/logind.h - cleaned
- src/shared/conf-parser.[hc] - cleaned
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- src/shared/install.h - removed
- src/basic/unit-name.[hc] - cleaned
- src/core/cgroup.[hc] - cleaned
- src/libelogind/libelogind.sym - cleaned
- src/libelogind/sd-daemon/sd-daemon.c - cleaned
- src/shared/acl-util.[hc] - cleaned
- src/shared/bus-util.[hc] - cleaned
- src/shared/output-mode.h - cleaned
- src/shared/path-lookup.h - cleaned
- src/systemd/sd-daemon.h - cleaned
|
| |
|
|
|
|
|
|
|
| |
a) Add some debugging messages to track what's going on with eloginds
cgroup handling.
b) Do not create a cgroup path "/elogind" if our cgroup root is
already "/elogind".
|
|
|
|
|
|
|
| |
Create a private cgroup tree associated with no controllers, and use it
to map PIDs to sessions. Since we use our own path structure, remove
internal cgroup-related helpers that interpret the cgroup path structure
to pull out users, slices, and scopes.
|
| |
|
|
|
|
|
|
|
|
| |
The only function still using librt was
src/shared/clean-ipc.c::clean_posix_mq().
But that function is not really needed, because elogind does not call
mq_open() anywhere, or any other mqueue related functions.
|
|
|
|
|
|
|
| |
* src/systemd/sd-daemon.h:
* src/libelogind/sd-daemon/sd-daemon.c (sd_is_mq): Remove unused
function that depended on librt. Ultimately we should remove this
header at some point.
|
| |
|
| |
|
|
|
|
|
|
|
|
| |
When forking of a child process for connecting to a container, pass
the preicse connection error to the calling process.
We already did this correctly for kdbus busses, let's do so for dbus1
busses, too.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Currently, our introspection data looks like this:
<node>
<interface name="org.freedesktop.DBus.Peer">
...
</interface>
<interface name="org.freedesktop.DBus.Introspectable">
...
</interface>
<interface name="org.freedesktop.DBus.Properties">
...
</interface>
<node name="org"/>
<node name="org/freedesktop"/>
<node name="org/freedesktop/login1"/>
<node name="org/freedesktop/login1/user"/>
<node name="org/freedesktop/login1/user/self"/>
<node name="org/freedesktop/login1/user/_1000"/>
<node name="org/freedesktop/login1/seat"/>
<node name="org/freedesktop/login1/seat/self"/>
<node name="org/freedesktop/login1/seat/seat0"/>
<node name="org/freedesktop/login1/session"/>
<node name="org/freedesktop/login1/session/self"/>
<node name="org/freedesktop/login1/session/c1"/>
</node>
(ordered alphabetically for better visibility)
This is grossly incorrect. The spec says that we're allowed to return
non-directed children, however, it does not allow us to return data
recursively in multiple parents. If we return "org", then we must not
return anything else that starts with "org/".
It is unclear, whether we can include child-nodes as a tree. Moreover, it
is usually not what the caller wants. Hence, this patch changes sd-bus to
never return introspection data recursively. Instead, only a single
child-layer is returned.
This patch relies on enumerators to never return hierarchies. If someone
registers an enumerator via sd_bus_add_enumerator, they better register
sub-enumerators if they support *TRUE* hierarchies. Each enumerator is
treated as a single layer and not filtered.
Enumerators are still allowed to return nested data. However, that data
is still required to be a single hierarchy. For instance, returning
"/org/foo" and "/com/bar" is fine, but including "/com" or "/org" in that
dataset is not.
This should be the default for enumerators and I see no reason to filter
in sd-bus. Moreover, filtering that data-set would require to sort the
strv by path and then do prefix-filtering. This is O(n log n), which
would be fine, but still better to avoid.
Fixes #664.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Whenever we run in a user context, sd_bus_{default_user,open_user}() and
friends should always connect to the user-bus of the current context,
instead of deriving the uid from getuid(). This allows us running
programs via sudo/su, without the nasty side-effect of accidentally
connecting to the root user-bus.
This patch enforces the idea of making su/sudo *not* opening sessions by
default. That is, all they do is raising privileges, but keeping
everything set as before. You can still use su/sudo to open real sessions
by requesting a login-session (or loading pam_elogind otherwise).
However, in this case XDG_RUNTIME_DIR= will not be set (as usual in these
cases), hence, you will not be able to connect to *any* user-bus.
Long story short: With this patch applied, both:
- ./busctl --user
- sudo ./busctl --user
..will successfully connect to the user-bus of the local user.
Fixes #390.
|
|
|
|
|
|
|
|
|
|
| |
This adds a new sd_pid_get_cgroup() call to sd-login which may be used
to query the control path of a process. This is useful for programs when
making use of delegation units, in order to figure out which subtree has
been delegated.
In light of the unified control group hierarchy this is finally safe to
do, hence let's add a proper API for it, to make it easier to use this.
|
|
|
|
|
|
| |
Makre sure we always return sensible errors for the various, following
the same rules, and document them in a comment in sd-login.c. Also,
update all relevant man pages accordingly.
|
|
|
|
|
|
|
| |
session
ENODATA is how we usually indicate such "missing info" cases, so we
should do this here, too.
|
|
|
|
|
|
| |
This simply factors out the uid validation checks from parse_uid() and
uses them everywhere. This simply verifies that the passed UID is
neither 64bit -1 nor 32bit -1.
|
|
|
|
|
|
| |
We should never connect to the host bus as fallback if connecting to a
container failed via one method. Otherwise connecting to a dbus1
container will always result in a connection to the host.
|
|
|
|
|
|
| |
We rely on the correct error used when opening the kdbus device node,
hence let's make sure we pass it up from the namespaced child process to
the process which actually wants to connect.
|
|
|
|
|
|
|
| |
let's return ENXIO whenever we don't know something rather than ENOENT.
ENOENT suggests this was really about a file or directory, while ENXIO
is a more generic "not found" indicator.
|
|
|
|
|
| |
Let's help users to debug issues with epoll fd removal by printing the
name of the event source.
|
|
|
|
|
| |
It's an OK way to check whether a message contains an erro, let's not
consider this a loggable assertion event.
|
|
|
|
| |
functions.
|
|
|
|
| |
that got lost during git am transfer.
|
|
|
|
| |
that got lost during git am transfer.
|
|
|
|
| |
got lost during git am transfer.
|
|
|
|
|
|
|
|
| |
If a connection passed KDBUS_HELLO_ACTIVATOR, it cannot do I/O on the
bus. Hence, we should not treat it as proper peer. To actually query it,
you have to explicitly ask for activators.
This makes kdbus in-line with what dbus-daemon does.
|
|
|
|
|
| |
The function "mfree" should be called instead of "free" at a specific
source code place.
|
|
|
|
| |
bus can never be NULL due to assert
|
|
|
|
| |
This matches what open(2) and other system functions do.
|
|
|
|
|
| |
The kernel nowadays sends these along, and that's OK, hence don't even
debug log about it, but completely ignore it.
|
|
|
|
| |
Both strv_free() and mfree() return NULL pointer after free.
|
|
|
|
|
| |
Recently mfree() was introduced to reduce work of tedious free + reset
pointers. Use it in bus_reset_queues() too.
|
|
|
|
| |
The safe_close() already checks the fd and returns -1.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This commit replays the moving around of source files that have been
done between systemd-219 and systemd-221.
Further the Makefile.am is synchronized with the upstream version and
then "re-cleaned".
A lot of functions, that are not used anywhere in elogind have been
coated into #if 0/#endif directives to further shorten the list of
dependencies.
All unneeded files have been removed.
|
|
|
|
|
|
|
|
|
|
| |
Prep v220: Remove not needed headers, round 1
Prep v220: Remove not needed headers, round 2
Prep v220: Remove not needed headers, round 3
Prep v220: Remove empty source directories
Prep v220: Remove non-empty source directories, that aren't needed by elogind
Prep v220: Remove all root directories that aren't referenced by the elogind build chain.
Prep v220: remove superfluous src/import directory and systemd configurations and policies.
|
|
|
|
|
| |
Prep v220: Update logind and loginctl to upstream version.
Prep v220: src/shared/rm-rf.c does not need to be able to handle btrfs subvolumes for elogind.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The StartServiceByName() call was provided by dbus-daemon to activate a
service without sending a message. On receiption, dbus-daemon schedules
an activation request (different modes are supported) and sends back the
reply once activation is done.
With kdbus, we marked StartServiceByName() as deprecated. There is no
real reason to start services explicitly. Instead, applications should
just *use* the service and rely on it being activated implicitly.
However, we provide compatibility with dbus-daemon and implement
StartServiceByName() on the proxy via a call to
org.freedesktop.DBus.Peer.Ping() on the destination. This will activate
the peer implicitly as part of the no-op Ping() method call (regardless
whether the peer actually implements that call).
Now, the problem is, StartServiceByName() was synchronous on dbus-daemon
but isn't on bus-proxy. Hence, on return, there is no guarantee that
ListNames includes the activated name. As this is required by some
applications, we need to make this synchronous.
This patch makes the proxy track the Ping() method call and send the
reply of StartServiceByName() only once Ping() returned. We do not look
at possible errors of Ping(), as there is no strict requirement for the
peer to implement org.freedesktop.DBus.Peer. Furthermore, any interesting
error should have already been caught by sd_bus_send() before.
Note:
This race was triggered by gdbus. The gdbus-proxy implementation
relies on a name to be available after StartServiceByName()
returns. This is highly fragile and should be dropped by gdbus.
Even if the call is synchronous, there is no reason whatsoever to
assume the service did not exit-on-idle before ListNames()
returns.
However, this race is much less likely than the startup race, so
we try to be compatible to dbus-daemon now.
|
|
|
|
|
|
|
|
|
|
|
| |
We *must not* assume that an entry returned by KDBUS_CMD_LIST only
carries a single KDBUS_ITEM_OWNED_NAME. Similarly, we already parse
multiple such items for message-metadata, so make sure we support the
same on KDBUS_CMD_LIST.
By relying on the kernel to return all names separately, we limit the
kernel API significantly. Stop this and let the kernel decide how to
return its data.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The gvariant root container contains a 'variant' at the end, which embeds
the whole message body. This variant *must* contain a structure so we are
compatible to dbus1. Otherwise, it could encode at most 1 type, instead
of a full signature.
Our gvariant message parser already parses the variant-content as a
structure, so we're mostly good. However, it does *not* include the
opening and closing parantheses, nor does it parse them.
This patch fixes the decoder to verify a message contains the
parantheses, and also make the encoder add those parantheses into the
marshaled message.
|