| Commit message (Collapse) | Author | Age |
... | |
|
|
|
| |
Fixes: #8291
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
rule-syntax-check.py failed with the following error:
$ ./test/rule-syntax-check.py ./src/login/70-uaccess.rules
Invalid line ./src/login/70-uaccess.rules:31: SUBSYSTEM=="sound", TAG+="uaccess" OPTIONS+="static_node=snd/timer", OPTIONS+="static_node=snd/seq"
clause: TAG+="uaccess" OPTIONS+="static_node=snd/timer"
The comma is actually optional but the script makes it mandatory which seems a
good thing since it improves readability.
|
|
|
|
| |
Fixes: #8035
|
| |
|
| |
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Let's initialize static variables properly and get rid of redundant
variables.
|
|
|
|
|
| |
Just some addition whitespace, some additional assert()s, and removal of
redundant variables.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
> logind sessions are mostly bound to the audit session concept, and audit
> sessions remain unaffected by "su", in fact they are defined to be
> "sealed off", i.e. in a way that if a process entered a session once, it
> will always stay with it, and so will its children, i.e. the only way to
> get a new session is by forking off something off PID 1 (or something
> similar) that never has been part of a session.
The code had a gap. user@.service is a special case PAM session which does
not create a logind session. Let's remember to check for it.
Fixes #8021
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is an attempt to improve #8228 a bit, by extending the /run/nologin
a bit, but still keeping it somewhat brief.
On purpose I used the vague wording "unprivileged user" rather than
"non-root user" so that pam_nologin can be updated to disable its
behaviour for members of the "wheel" group one day, and our messages
would still make sense.
See #8228.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In a number of occasions we use FORK_CLOSE_ALL_FDS when forking off a
child, since we don't want to pass fds to the processes spawned (either
because we later want to execve() some other process there, or because
our child might hang around for longer than expected, in which case it
shouldn't keep our fd pinned). This also closes any logging fds, and
thus means logging is turned off in the child. If we want to do proper
logging, explicitly reopen the logs hence in the child at the right
time.
This is particularly crucial in the umount/remount children we fork off
the shutdown binary, as otherwise the children can't log, which is
why #8155 is harder to debug than necessary: the log messages we
generate about failing mount() system calls aren't actually visible on
screen, as they done in the child processes where the log fds are
closed.
|
|
|
|
|
|
|
|
|
|
|
| |
Coverity now started warning about this ("Calling unlinkat without checking
return value (as is done elsewhere 12 out of 15 times).", and it is right:
most of the time we should at list print a log message so people can figure
out something is wrong when this happens.
v2:
- use warning level in journald too (this is unlikely to happen ever, so it
should be safe to something that is visible by default).
|
|
|
|
|
|
|
| |
This usually is very annoying to users who then cannot log in, so
make sure we always warn if that happens (selinux, or whatever other reason).
This reverts a790812cb349c5cef95d1b4a20fc80ca08d3a145.
|
|
|
|
|
| |
Those files don't contain any @variables@, so the configuration step was just
copying them to build/. Let's avoid that, and fix their suffixes while at it.
|
|
|
|
|
|
|
| |
* Don't merge translations into the files
* Add gettext-domain="systemd" to description and message
Closes #8162, replaces #8118.
|
| |
|
|
|
|
|
|
| |
path
Let's make use of our new hash_ops!
|
|
|
|
|
|
|
|
| |
This change adds support for controlling the suspend-on-lid-close
behaviour based on the power status as well as whether the machine is
docked or has an external monitor. For backwards compatibility the new
configuration file variable is ignored completely by default, and must
be set explicitly before being considered in any decisions.
|
|
|
|
|
| |
Don't install udev rules that requires the uaccess builtin if systemd is
being built without the uaccess builtin.
|
|
|
|
|
| |
Don't install udev rules that requires the uaccess builtin if systemd is
being built without the uaccess builtin.
|
|
|
|
|
|
| |
Apparently O_NONBLOCK is the modern name used in most documentation and
for most cases in our sources. Let's hence replace the old alias
O_NDELAY and stick to O_NONBLOCK everywhere.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
log.h really should only include the bare minimum of other headers, as
it is really pulled into pretty much everything else and already in
itself one of the most basic pieces of code we have.
Let's hence drop inclusion of:
1. sd-id128.h because it's entirely unneeded in current log.h
2. errno.h, dito.
3. sys/signalfd.h which we can replace by a simple struct forward
declaration
4. process-util.h which was needed for getpid_cached() which we now hide
in a funciton log_emergency_level() instead, which nicely abstracts
the details away.
5. sys/socket.h which was needed for struct iovec, but a simple struct
forward declaration suffices for that too.
Ultimately this actually makes our source tree larger (since users of
the functionality above must now include it themselves, log.h won't do
that for them), but I think it helps to untangle our web of includes a
tiny bit.
(Background: I'd like to isolate the generic bits of src/basic/ enough
so that we can do a git submodule import into casync for it)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
appropriate places"
This reverts commit 0b3c84eb7da3a8c28ac248a68228f6a7edbb2e19.
The removal of _cleanup_() usages was done on purpose, see
cf647b69baee4c478d3909c327e3d917e1563f44.
Fixes: #3543
|
|
|
|
|
|
|
| |
The logic was completely borked since
e4d2984bf8514ab576a66d5ac1f1cde746bb32a3, correct that.
CID #1384234
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Let's directly reference /run instead, so that we can work without /var
being around, or with /var/run being incorrectly set up.
Note that we keep the old socket path in place when referencing the
system bus of containers, as they might be foreign operating systems,
that still don't have adopted /run, and where it makes sense to use the
standardized name instead. On local systems, we insist on /run being set
up properly however, hence this limitation does not apply.
Also, get rid of the UNIX_SYSTEM_BUS_ADDRESS and
UNIX_USER_BUS_ADDRESS_FMT defines. They had a purpose when we still did
kdbus, as we then had to support two different backends. But since
that's gone, we don't need this indirection anymore, hence settle on a
one define only.
|
|
|
|
|
|
|
|
|
| |
Let's remove a number of synchronization points from our service
startups: let's drop synchronous match installation, and let's opt for
asynchronous instead.
Also, let's use sd_bus_match_signal() instead of sd_bus_add_match()
where we can.
|
|
|
|
|
| |
This optimizes service startup a bit, and makes it less prone to
deadlocks.
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This renames wait_for_terminate_and_warn() to
wait_for_terminate_and_check(), and adds a flags parameter, that
controls how much to log: there's one flag that means we log about
abnormal stuff, and another one that controls whether we log about
non-zero exit codes. Finally, there's a shortcut flag value for logging
in both cases, as that's what we usually use.
All callers are accordingly updated. At three occasions duplicate logging
is removed, i.e. where the old function was called but logged in the
caller, too.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds a new safe_fork() wrapper around fork() and makes use of it
everywhere. The new wrapper does a couple of things we previously did
manually and separately in a safer, more correct and automatic way:
1. Optionally resets signal handlers/mask in the child
2. Sets a name on all processes we fork off right after forking off (and
the patch assigns useful names for all processes we fork off now,
following a systematic naming scheme: always enclosed in () – in order
to indicate that these are not proper, exec()ed processes, but only
forked off children, and if the process is long-running with only our
own code, without execve()'ing something else, it gets am "sd-" prefix.)
3. Optionally closes all file descriptors in the child
4. Optionally sets a PR_SET_DEATHSIG to SIGTERM in the child, in a safe
way so that the parent dying before this happens being handled
safely.
5. Optionally reopens the logs
6. Optionally connects stdin/stdout/stderr to /dev/null
7. Debug logs about the forked off processes.
|
|
|
|
| |
No functional change.
|
|
|
|
|
| |
This message would also be emitted at boot for any user with linger
enabled, so "logged in" is the wrong term to use.
|
|
|
|
| |
Don't bother with removing the directory if we didn't create it.
|
| |
|
|
|
|
| |
using elogind as a drop-in replacement expect the first.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
| |
This adds uid_is_system() and gid_is_system(), similar in style to
uid_is_dynamic(). That a helper like this is useful is illustrated by
the fact that test-condition.c didn't get the check right so far, which
this patch fixes.
|
| |
|
|
|
|
|
| |
We can't create files in sysfs, hence don't bother. Also if we ignore
the return value, do so explicitly by casting to void.
|
|
|
|
|
|
|
| |
Let's explicitly tell PID 1 that we don't need an fd anymore, instead of
relying exclusively on POLLERR/POLLHUP for it to be removed.
Fixes: #6908
|
|
|
|
| |
Fixes: #7466
|
|
|
|
|
|
|
|
| |
Distcc removes comments, making the comment silencing
not work.
I know there was a decision against a macro in commit
ec251fe7d5bc24b5d38b0853bc5969f3a0ba06e2
|