| Commit message (Collapse) | Author | Age |
| |
|
| |
|
|
|
|
|
| |
Per some discussion with Gnome folks, they would prefer this name
as it's more descriptive of what's happening.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This adds flags BUS_MAP_STRDUP and BUS_MAP_BOOLEAN_AS_BOOL.
If BUS_MAP_STRDUP is set, then each "s" message is duplicated.
If BUS_MAP_BOOLEAN_AS_BOOL is set, then each "b" message is
written to a bool pointer.
Follow-up for #8488.
See https://github.com/systemd/systemd/pull/8488#discussion_r175816270.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reworks the SELinux and SMACK label fixing calls in a number of
ways:
1. The two separate boolean arguments of these functions are converted
into a flags type LabelFixFlags.
2. The operations are now implemented based on O_PATH. This should
resolve TTOCTTOU races between determining the label for the file
system object and applying it, as it it allows to pin the object
while we are operating on it.
3. When changing a label fails we'll query the label previously set, and
if matches what we want to set anyway we'll suppress the error.
Also, all calls to label_fix() are now (void)ified, when we ignore the
return values.
Fixes: #8566
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When we are attempting to create directory somewhere in the bowels of /var/lib
and get an error that it already exists, it can be quite hard to diagnose what
is wrong (especially for a user who is not aware that the directory must have
the specified owner, and permissions not looser than what was requested). Let's
print a warning in most cases. A warning is appropriate, because such state is
usually a sign of borked installation and needs to be resolved by the adminstrator.
$ build/test-fs-util
Path "/tmp/test-readlink_and_make_absolute" already exists and is not a directory, refusing.
(or)
Directory "/tmp/test-readlink_and_make_absolute" already exists, but has mode 0775 that is too permissive (0755 was requested), refusing.
(or)
Directory "/tmp/test-readlink_and_make_absolute" already exists, but is owned by 1001:1000 (1000:1000 was requested), refusing.
Assertion 'mkdir_safe(tempdir, 0755, getuid(), getgid(), MKDIR_WARN_MODE) >= 0' failed at ../src/test/test-fs-util.c:320, function test_readlink_and_make_absolute(). Aborting.
No functional change except for the new log lines.
|
|
|
|
| |
In preparation for subsequent changes...
|
|
|
|
|
|
| |
The code matching this comment was removed in
a50df72b37ce2a7caf7775c70d18c3f9504b9e80 in 2014, let's drop the comment
too.
|
|
|
|
|
| |
The current code reimplemented something like the
manager_get_user_by_pid() logic on its own, manually. Let's unify this.
|
|
|
|
|
|
|
|
| |
Let's make sure we always initialize the return value if we return
non-negative.
Just a matter of coding style: we should always initialize our return
values when we return >= 0, and leave them unclobbered if we return < 0.
|
|
|
|
|
|
|
| |
This is similar to TAKE_PTR() but operates on file descriptors, and thus
assigns -1 to the fd parameter after returning it.
Removes 60 lines from our codebase. Pretty good too I think.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This macro will read a pointer of any type, return it, and set the
pointer to NULL. This is useful as an explicit concept of passing
ownership of a memory area between pointers.
This takes inspiration from Rust:
https://doc.rust-lang.org/std/option/enum.Option.html#method.take
and was suggested by Alan Jenkins (@sourcejedi).
It drops ~160 lines of code from our codebase, which makes me like it.
Also, I think it clarifies passing of ownership, and thus helps
readability a bit (at least for the initiated who know the new macro)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
When switched from autotools to meson, config.h changed fundamentally.
Although enabled values are still
#define HAVE_FOO 1
the disabled values are nolonger undef, but now
#define HAVE_FOO 0
Therefore all instances of
#ifdef ENABLE_DEBUG_ELOGIND
have been changed to
#if ENABLE_DEBUG_ELOGIND
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
| |
* manager_scheduled_shutdown_handler()
|
|
|
|
|
|
|
|
|
| |
* check_inhibitors() => logind_check_inhibitors()
* elogind_reboot() => logind_reboot()
* elogind_schedule_shutdown() => logind_schedule_shutdown()
* elogind_set_wall_message() => logind_set_wall_message()
Further introduce both -q/--quiet and --dry-run.
|
| |
|
|
|
|
|
|
|
|
| |
Manager.enable_wall_messages is false
Fixes #8904.
(cherry picked from commit 6e78fa4afd474dae984f3ee4a8477c623296a519)
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
By default both processes, systemd-inhibit and the forked one, receive
the signals. Pressing Ctrl+C on the keyboard results in SIGINT being
sent to the processes, followed by SIGTERM being sent to the forked
process when systemd-inhibit exits. This can cause trouble when the
forked process does not clean up properly but exit immediately.
Instead make systemd-inhibit ignore SIGINT, leaving it to the forked
process to clean up and exit.
(cherry picked from commit 106f12a08fcacef713438fc055872592399deeed)
|
| |
|
|
|
|
|
|
| |
on my side.
(cherry picked from commit 1c9629692145891f10a36227749470d87979dd0b)
|
|
|
|
| |
(cherry picked from commit a96cb75c17b008312fca8f81bc2a126f8a87850c)
|
|
|
|
| |
(cherry picked from commit 6964ec46218d41d699690ed590026249969b2257)
|
|
|
|
| |
src/login (4/6)
|
|
|
|
|
| |
Remember to set sd->pushed_fd when we receive an fd from PID1 on startup,
the same as we set it when we send an fd to PID1.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
$ git grep FDNAME
logind-session-device.c: ... "FDNAME=session-", sd->session->id);
logind-session-device.c: ... "FDNAME=session", sd->session->id);
Oops.
Fixes #8343. Or at least a more minimal reproducer. Xorg still
dies when logind is restarted, but the Xorg message says this
is entirely deliberate.
(This could also be the reason I hit #8035, instead of the race
condition I originally suggested).
|
| |
|
|
|
|
| |
Fixes: #8291
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
rule-syntax-check.py failed with the following error:
$ ./test/rule-syntax-check.py ./src/login/70-uaccess.rules
Invalid line ./src/login/70-uaccess.rules:31: SUBSYSTEM=="sound", TAG+="uaccess" OPTIONS+="static_node=snd/timer", OPTIONS+="static_node=snd/seq"
clause: TAG+="uaccess" OPTIONS+="static_node=snd/timer"
The comma is actually optional but the script makes it mandatory which seems a
good thing since it improves readability.
|
|
|
|
| |
Fixes: #8035
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Let's initialize static variables properly and get rid of redundant
variables.
|
|
|
|
|
| |
Just some addition whitespace, some additional assert()s, and removal of
redundant variables.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
> logind sessions are mostly bound to the audit session concept, and audit
> sessions remain unaffected by "su", in fact they are defined to be
> "sealed off", i.e. in a way that if a process entered a session once, it
> will always stay with it, and so will its children, i.e. the only way to
> get a new session is by forking off something off PID 1 (or something
> similar) that never has been part of a session.
The code had a gap. user@.service is a special case PAM session which does
not create a logind session. Let's remember to check for it.
Fixes #8021
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is an attempt to improve #8228 a bit, by extending the /run/nologin
a bit, but still keeping it somewhat brief.
On purpose I used the vague wording "unprivileged user" rather than
"non-root user" so that pam_nologin can be updated to disable its
behaviour for members of the "wheel" group one day, and our messages
would still make sense.
See #8228.
|