| Commit message (Collapse) | Author | Age |
|---|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds three kinds of file system locks for container images:
a) a file system lock next to the actual image, in a .lck file in the
same directory the image is located. This lock has the benefit of
usually being located on the same NFS share as the image itself, and
thus allows locking container images across NFS shares.
b) a file system lock in /run, named after st_dev and st_ino of the
root of the image. This lock has the advantage that it is unique even
if the same image is bind mounted to two different places at the same
time, as the ino/dev stays constant for them.
c) a file system lock that is only taken when a new disk image is about
to be created, that ensures that checking whether the name is already
used across the search path, and actually placing the image is not
interrupted by other code taking the name.
a + b are read-write locks. When a container is booted in read-only mode
a read lock is taken, otherwise a write lock.
Lock b is always taken after a, to avoid ABBA problems.
Lock c is mostly relevant when renaming or cloning images.
|
| | |
|
| |
|
|
|
| |
This fixes a memory leak introduced by
1ed0c19f81fd13cdf283c6def0168ce122a853a9
|
| | |
|
| |
|
|
| |
We initialize structs during declartion if possible
|
| |
|
|
| |
"read-only" concept for raw disk images, too
|
| |
|
|
| |
Unlike some client code suggests...
|
| | |
|
| | |
|
| |
|
|
|
| |
Check string ops hashmap_put() for keys with a different pointer but the same
value.
|
| | |
|
| |
|
|
| |
This does not make a difference, but the code was confusing.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
/proc/sys/net/ipv4/ip_forward
We need to turn on /proc/sys/net/ipv4/ip_forward before the
per-interface forwarding setting is useful, hence let's propagate the
per-interface setting once to the system-wide setting.
Due to the unclear ownership rules of that flag, and the fact that
turning it on also has effects on other sysctl flags we try to minimize
changes to the flag, and only turn it on once. There's no logic to
turning it off again, but this should be fairly unproblematic as the
per-interface setting defaults to off anyway.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
This introduces am AddressFamilyBoolean type that works more or less
like a booleaan, but can optionally turn on/off things for ipv4 and ipv6
independently. THis also ports the DHCP field over to it.
|
| |
|
|
|
|
| |
This undoes a small part of 13790add4bf648fed816361794d8277a75253410
which was erroneously added, given that zero length datagrams are OK,
and hence zero length reads on a SOCK_DGRAM be no means mean EOF.
|
| |
|
|
|
|
|
| |
Now that networkd's IP masquerading support means that running
containers with "--network-veth" will provide network access out of the
box for the container, let's add a shortcut "-n" for it, to make it
easily accessible.
|
| | |
|
| |
|
|
| |
cannot work elsewhere
|
| |
|
|
| |
database when untarring
|
| |
|
|
| |
This exposes an IP port on the container as local port using DNAT.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This adds two new settings to networkd's .network files:
IPForwarding=yes and IPMasquerade=yes. The former controls the
"forwarding" sysctl setting of the interface, thus controlling whether
IP forwarding shall be enabled on the specific interface. The latter
controls whether a firewall rule shall be installed that exposes traffic
coming from the interface as coming from the local host to all other
interfaces.
This also enables both options by default for container network
interfaces, thus making "systemd-nspawn --network-veth" have network
connectivity out of the box.
|
| |
|
|
| |
rules, using libiptc
|
| |
|
|
| |
Commit 3bd5c3 added a check for EACCES, but missed the minus sign.
|
| |
|
|
| |
Not all of the link_config struct was getting freed.
|
| | |
|
| |
|
|
|
|
|
| |
deb6120920 'man: there's actually no "fail" fstab option, but only
"nofail" removed it from our documentation, which I missed.
fstab(5) only mentions "auto", "noauto", and "nofail". Stick to
those three.
|
| |
|
|
|
| |
Just a simple variable rename, and a dropped flag that sd-bus didn't make
use of.
|
| |
|
|
|
|
|
|
|
| |
strempty() will return an empty string in case the input parameter is
a NULL pointer. The correct test to check for an empty string is
isempty(), so use that instead.
This fixes a regression from commit 17a1c59 ("core/mount: filter out
noauto,auto,nofail,fail options").
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This rule is only run on tablet/touchscreen devices, and extracts their size
in millimeters, as it can be found out through their struct input_absinfo.
The first usecase is exporting device size from tablets/touchscreens. This
may be useful to separate policy and application at the time of mapping
these devices to the available outputs in windowing environments that don't
offer that information as readily (eg. Wayland). This way the compositor can
stay deterministic, and the mix-and-match heuristics are performed outside.
Conceivably, size/resolution information can be changed through EVIOCSABS
anywhere else, but we're only interested in values prior to any calibration,
this rule is thus only run on "add", and no tracking of changes is performed.
This should only remain a problem if calibration were automatically applied
by an earlier udev rule (read: don't).
v2: Folded rationale into commit log, made a builtin, set properties
on device nodes themselves
v3: Use inline function instead of macro for mm. size calculation,
use DECIMAL_STR_MAX, other code style issues
v4: Made rule more selective
v5: Minor style issues, renamed to a more generic builtin, refined
rule further.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
cunescape_length_with_prefix() is called with the length as an
argument, so it cannot rely on the buffer being NUL terminated.
Move the length check before accessing the memory.
When an incomplete escape sequence was given at the end of the
buffer, c_l_w_p() would read past the end of the buffer. Fix this
and add a test.
|
| |
|
|
|
| |
With a command line like "@/something" we would allocate an array with
0 elements. Avoid that, and add a test too.
|
| |
|
|
| |
Fixes an error introduced by me when the test was added.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We passed the full option string from fstab to /bin/mount. It would in
turn pass the full option string to its helper, if it needed to invoke
one. Some helpers would ignore things like "nofail", but others would
be confused. We could try to get all helpers to ignore those
"meta-options", but it seems better to simply filter them out.
In our model, /bin/mount simply has no business in knowing whether the
mount was configured as fail or nofail, auto or noauto, in the
fstab. If systemd tells invokes a command to mount something, and it
fails, it should always return an error. It seems cleaner to filter
out the option, since then there's no doubt how the command should
behave.
https://bugzilla.redhat.com/show_bug.cgi?id=1177823
|
| |
|
|
|
|
|
|
|
| |
We would ignore options like "fail" and "auto", and for any option
which takes a value the first assignment would win. Repeated and
options equivalent to the default are rarely used, but they have been
documented forever, and people might use them. Especially on the
kernel command line it is easier to append a repeated or negated
option at the end.
|
| | |
|
| |
|
|
|
|
| |
We would silently ignore them. One would have to be crazy
to do assign an out of range value, but simply ignoring it
bothers me.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This fixes parsing of options in shared/generator.c. Existing code
had some issues:
- it would treate whitespace and semicolons as seperators. fstab(5)
is pretty clear that only commas matter. And the syntax does
not allow for spaces to be inserted in the field in fstab.
Whitespace might be escaped, but then it should not seperate
options. Treat whitespace and semicolons as any other character.
- it assumed that x-systemd.device-timeout would always be followed
by "=". But this is not guaranteed, hasmntopt will return this
option even if there's no value. Uninitialized memory could be read.
- some error paths would log, and inconsistently, some would just
return an error code.
Filtering is split out to a separate function and tests are added.
Similar code paths in other places are adjusted to use the new function.
|
| |
|
|
| |
https://bugs.freedesktop.org/show_bug.cgi?id=83270
|
| | |
|
| |
|
|
|
|
| |
Generators are different than unit files: they are never automatically
generated, so there's no point in allowing /etc to override /run. On
the other hand, overriding /etc might be useful in some cases.
|
| | |
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Sometimes it is necessary to stop a generator from running. Either
because of a bug, or for testing, or some other reason. The only way
to do that would be to rename or chmod the generator binary, which is
inconvenient and does not survive upgrades. Allow masking and
overriding generators similarly to units and other configuration
files.
For the systemd instance, masking would be more common, rather than
overriding generators. For the user instances, it may also be useful
for users to have generators in $XDG_CONFIG_HOME to augment or
override system-wide generators.
Directories are searched according to the usual scheme (/usr/lib,
/usr/local/lib, /run, /etc), and files with the same name in higher
priority directories override files with the same name in lower
priority directories. Empty files and links to /dev/null mask a given
name.
https://bugs.freedesktop.org/show_bug.cgi?id=87230
|
| |
|
|
|
|
|
|
|
| |
Remove the optional sepearate opening of the directory,
it would be just too complicated with the change to
multiple directories.
Move the middle of execute_directory() to a seperate
function to make it easier to grok.
|
