proxmox-mirrors/systemd
1
0
Fork 0
mirror of https://git.proxmox.com/git/systemd synced 2025-08-06 03:28:23 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Imported Upstream version 225

Browse Source
This commit is contained in:
Martin Pitt 2015-08-28 06:13:09 +02:00
parent 5fd56512f6
commit 13d276d0d7
247 changed files with 72629 additions and 76595 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
.gitignore vendored
View File

@ -137,6 +137,8 @@
/tags
/test-architecture
/test-audit-type
/test-af-list
/test-arphrd-list
/test-async
/test-barrier
/test-bitmap
@ -192,6 +194,7 @@
/test-firewall-util
/test-hashmap
/test-hostname
/test-hostname-util
/test-icmp6-rs
/test-id128
/test-inhibit

7
CODING_STYLE
View File

@ -314,3 +314,10 @@
are always defined after more global ones. Thus, our local
definitions will never "leak" into the global header files, possibly
altering their effect due to #ifdeffery.
- To implement an endless loop, use "for (;;)" rather than "while
(1)". The latter is a bit ugly anyway, since you probably really
meant "while (true)"... To avoid the discussion what the right
always-true expression for an infinite while() loop is our
recommendation is to simply write it without any such expression by
using "for (;;)".

7
Makefile-man.am
View File

@ -1774,13 +1774,19 @@ endif
if ENABLE_RESOLVED
MANPAGES += \
man/nss-resolve.8 \
man/resolved.conf.5 \
man/systemd-resolved.service.8
MANPAGES_ALIAS += \
man/libnss_resolve.so.2.8 \
man/resolved.conf.d.5 \
man/systemd-resolved.8
man/libnss_resolve.so.2.8: man/nss-resolve.8
man/resolved.conf.d.5: man/resolved.conf.5
man/systemd-resolved.8: man/systemd-resolved.service.8
man/libnss_resolve.so.2.html: man/nss-resolve.html
$(html-alias)
man/resolved.conf.d.html: man/resolved.conf.html
$(html-alias)
@ -2217,6 +2223,7 @@ EXTRA_DIST += \
man/networkctl.xml \
man/nss-myhostname.xml \
man/nss-mymachines.xml \
man/nss-resolve.xml \
man/os-release.xml \
man/pam_systemd.xml \
man/resolved.conf.xml \

68
Makefile.am
View File

@ -43,7 +43,7 @@ LIBUDEV_REVISION=4
LIBUDEV_AGE=6
LIBSYSTEMD_CURRENT=10
LIBSYSTEMD_REVISION=1
LIBSYSTEMD_REVISION=2
LIBSYSTEMD_AGE=10
# The following four libraries only exist for compatibility reasons,
@ -414,6 +414,7 @@ systemgenerator_PROGRAMS = \
systemd-system-update-generator \
systemd-debug-generator
if ENABLE_BASH_COMPLETION
dist_bashcompletion_DATA = \
shell-completion/bash/busctl \
shell-completion/bash/journalctl \
@ -430,7 +431,9 @@ dist_bashcompletion_DATA = \
nodist_bashcompletion_DATA = \
shell-completion/bash/systemctl
endif
if ENABLE_ZSH_COMPLETION
dist_zshcompletion_DATA = \
shell-completion/zsh/_busctl \
shell-completion/zsh/_journalctl \
@ -447,6 +450,7 @@ dist_zshcompletion_DATA = \
nodist_zshcompletion_DATA = \
shell-completion/zsh/_systemctl
endif
EXTRA_DIST += \
shell-completion/bash/systemctl.in \
@ -1392,6 +1396,7 @@ tests += \
test-utf8 \
test-ellipsize \
test-util \
test-hostname-util \
test-process-util \
test-terminal-util \
test-path-lookup \
@ -1437,6 +1442,8 @@ tests += \
test-cap-list \
test-sigbus \
test-verbs \
test-af-list \
test-arphrd-list \
test-dns-domain
EXTRA_DIST += \
@ -1670,6 +1677,12 @@ test_util_SOURCES = \
test_util_LDADD = \
libshared.la
test_hostname_util_SOURCES = \
src/test/test-hostname-util.c
test_hostname_util_LDADD = \
libshared.la
test_process_util_SOURCES = \
src/test/test-process-util.c
@ -2047,6 +2060,18 @@ test_bus_policy_LDADD = \
libbus-proxy-core.la \
libshared.la
test_af_list_SOURCES = \
src/test/test-af-list.c
test_af_list_LDADD = \
libbasic.la
test_arphrd_list_SOURCES = \
src/test/test-arphrd-list.c
test_arphrd_list_LDADD = \
libbasic.la
# ------------------------------------------------------------------------------
## .PHONY so it always rebuilds it
.PHONY: coverage lcov-run lcov-report coverage-sync
@ -2214,8 +2239,10 @@ SYSINIT_TARGET_WANTS += \
systemd-tmpfiles-setup-dev.service \
systemd-tmpfiles-setup.service
if ENABLE_ZSH_COMPLETION
dist_zshcompletion_DATA += \
shell-completion/zsh/_systemd-tmpfiles
endif
TIMERS_TARGET_WANTS += \
systemd-tmpfiles-clean.timer
@ -2446,12 +2473,16 @@ bootctl_LDADD = \
bin_PROGRAMS += \
bootctl
if ENABLE_BASH_COMPLETION
dist_bashcompletion_DATA += \
shell-completion/bash/bootctl
endif
if ENABLE_ZSH_COMPLETION
dist_zshcompletion_DATA += \
shell-completion/zsh/_bootctl
endif
endif
# ------------------------------------------------------------------------------
if HAVE_GNUEFI
@ -4233,11 +4264,15 @@ test_coredump_vacuum_SOURCES = \
test_coredump_vacuum_LDADD = \
libshared.la
if ENABLE_BASH_COMPLETION
dist_bashcompletion_DATA += \
shell-completion/bash/coredumpctl
endif
if ENABLE_ZSH_COMPLETION
dist_zshcompletion_DATA += \
shell-completion/zsh/_coredumpctl
endif
nodist_sysctl_DATA = \
sysctl.d/50-coredump.conf
@ -4485,12 +4520,15 @@ hostnamectl_LDADD = \
bin_PROGRAMS += \
hostnamectl
if ENABLE_BASH_COMPLETION
dist_bashcompletion_DATA += \
shell-completion/bash/hostnamectl
endif
if ENABLE_ZSH_COMPLETION
dist_zshcompletion_DATA += \
shell-completion/zsh/_hostnamectl
endif
endif
polkitpolicy_in_files += \
@ -4556,12 +4594,15 @@ localectl_LDADD = \
bin_PROGRAMS += \
localectl
if ENABLE_BASH_COMPLETION
dist_bashcompletion_DATA += \
shell-completion/bash/localectl
endif
if ENABLE_ZSH_COMPLETION
dist_zshcompletion_DATA += \
shell-completion/zsh/_localectl
endif
endif
.PHONY: update-kbd-model-map
@ -4613,12 +4654,16 @@ timedatectl_LDADD = \
bin_PROGRAMS += \
timedatectl
if ENABLE_BASH_COMPLETION
dist_bashcompletion_DATA += \
shell-completion/bash/timedatectl
endif
if ENABLE_ZSH_COMPLETION
dist_zshcompletion_DATA += \
shell-completion/zsh/_timedatectl
endif
endif
polkitpolicy_in_files += \
src/timedate/org.freedesktop.timedate1.policy.in
@ -4724,8 +4769,10 @@ machinectl_LDADD = \
rootbin_PROGRAMS += \
machinectl
if ENABLE_BASH_COMPLETION
dist_bashcompletion_DATA += \
shell-completion/bash/machinectl
endif
test_machine_tables_SOURCES = \
src/machine/test-machine-tables.c
@ -4754,9 +4801,11 @@ dist_dbuspolicy_DATA += \
polkitpolicy_files += \
src/machine/org.freedesktop.machine1.policy
if ENABLE_ZSH_COMPLETION
dist_zshcompletion_DATA += \
shell-completion/zsh/_machinectl \
shell-completion/zsh/_sd_machines
endif
SYSTEM_UNIT_ALIASES += \
systemd-machined.service dbus-org.freedesktop.machine1.service
@ -5316,12 +5365,16 @@ loginctl_LDADD = \
rootbin_PROGRAMS += \
loginctl
if ENABLE_BASH_COMPLETION
dist_bashcompletion_DATA += \
shell-completion/bash/loginctl
endif
if ENABLE_ZSH_COMPLETION
dist_zshcompletion_DATA += \
shell-completion/zsh/_loginctl \
shell-completion/zsh/_systemd-inhibit
endif
systemd_inhibit_SOURCES = \
src/login/inhibit.c
@ -6003,10 +6056,11 @@ dist: dist-check-python dist-check-compat-libs
.PHONY: hwdb-update
hwdb-update:
( cd $(top_srcdir)/hwdb && \
wget -N http://www.linux-usb.org/usb.ids \
http://pci-ids.ucw.cz/v2.2/pci.ids \
http://standards.ieee.org/develop/regauth/oui/oui.txt \
http://standards.ieee.org/develop/regauth/iab/iab.txt && \
wget -O usb.ids 'http://www.linux-usb.org/usb.ids' && \
wget -O pci.ids 'http://pci-ids.ucw.cz/v2.2/pci.ids' && \
wget -O ma-large.txt 'https://services13.ieee.org/RST/standards-ra-web/rest/assignments/download/?registry=MA-L&format=txt' && \
wget -O ma-medium.txt 'https://services13.ieee.org/RST/standards-ra-web/rest/assignments/download/?registry=MA-M&format=txt' && \
wget -O ma-small.txt 'https://services13.ieee.org/RST/standards-ra-web/rest/assignments/download/?registry=MA-S&format=txt' && \
./ids-update.pl )
.PHONY: built-sources

27
NEWS
View File

@ -1,5 +1,30 @@
systemd System and Service Manager
CHANGES WITH 225:
* machinectl gained a new verb 'shell' which opens a fresh shell on the
target machine. It is similar to 'login', but spawns the shell
directly. The pseudo machine '.host' now refers to the local host and
is used by default. Hence, 'machinectl shell' can be used as
replacement for 'su' which spawns the session as a fresh systemd
unit.
* systemd-networkd learned to cope with private-zone DHCP options and
allows other programs to query the values.
Contributions from: Alastair Hughes, Alex Crawford, Daniel Mack, David
Herrmann, Dimitri John Ledkov, Eric Kostrowski, Evgeny Vereshchagin,
Felipe Sateler, HATAYAMA Daisuke, Jan Pokorný, Jan Synacek, Johnny
Robeson, Karel Zak, Kay Sievers, Kefeng Wang, Lennart Poettering, Major
Hayden, Marcel Holtmann, Markus Elfring, Martin Mikkelsen, Martin Pitt,
Matt Turner, Maxim Mikityanskiy, Michael Biebl, Namhyung Kim, Nicolas
Cornu, Owen W. Taylor, Patrik Flykt, Peter Hutterer, reverendhomer,
Richard Maw, Ronny Chevalier, Seth Jennings, Stef Walter, Susant Sahani,
Thomas Blume, Thomas Hindoe Paaboel Andersen, Thomas Meyer, Tom
Gundersen, Vincent Batts, WaLyong Cho, Zbigniew Jędrzejewski-Szmek
-- Berlin, 2015-08-27
CHANGES WITH 224:
* The systemd-efi-boot-generator functionality was merged into
@ -756,7 +781,7 @@ CHANGES WITH 218:
* When querying unit file enablement status (for example via
"systemctl is-enabled"), a new state "indirect" is now known
which indicates that a unit might not be enabled itself, but
another unit listed in its Alias= setting might be.
another unit listed in its Also= setting might be.
* Similar to the various existing ConditionXYZ= settings for
units there are now matching AssertXYZ= settings. While

5
README
View File

@ -274,8 +274,3 @@ WARNINGS:
servers if not specified otherwise at configure time. You
really should not ship an OS or device with this default
setting. See DISTRO_PORTING for details.
ENGINEERING AND CONSULTING SERVICES:
ENDOCODE <https://endocode.com/> offers professional
engineering and consulting services for systemd. Please
contact Chris Kühl <chris@endocode.com> for more information.

26
TODO
View File

@ -6,7 +6,7 @@ Bugfixes:
automount points even when the original .automount file did not exist
anymore. Only the .mount unit was still around.
* ExecStart with unicode characters fails in strv_split_quoted:
* ExecStart with unicode characters fails in strv_split_extract:
[Service]
Environment=ONE='one' "TWO='two two' too" THREE=
@ -26,6 +26,16 @@ External:
Features:
* PID 1 should send out sd_notify("WATCHDOG=1") messages (for usage in the --user mode, and when run via nspawn)
* nspawn should send out sd_notify("WATCHDOG=1") messages
* nspawn should optionally support receiving WATCHDOG=1 messages from its payload PID 1...
* introduce "machinectl shell" that is like systemd-run -M foo /bin/bash -t but also adds PAMName=login
* allow loging into host with "machinectl login".
* consider throwing a warning if a service declares it wants to be "Before=" a .device unit.
* "systemctl edit" should know a mode to create a new unit file
@ -263,7 +273,7 @@ Features:
* maybe add support for specifier expansion in user.conf, specifically DefaultEnvironment=
* code cleanup: retire FOREACH_WORD_QUOTED, port to unquote_first_word() loops instead
* code cleanup: retire FOREACH_WORD_QUOTED, port to extract_first_word() loops instead
* introduce systemd-timesync-wait.service or so to sync on an NTP fix?
@ -299,7 +309,7 @@ Features:
* exponential backoff in timesyncd and resolved when we cannot reach a server
* unquote_many_words() should probably be used by a lot of code that
* extract_many_words() should probably be used by a lot of code that
currently uses FOREACH_WORD and friends. For example, most conf
parsing callbacks should use it.
@ -344,7 +354,9 @@ Features:
- avahi compat
- DNS-SD service registration from socket units
- edns0
- dname
- dname: Not necessary for plain DNS as synthesized cname is handed out instead if we do not
announce dname support. However, for DNSSEC it is necessary as the synthesized cname
will not be signed.
- cname on PTR (?)
* Allow multiple ExecStart= for all Type= settings, so that we can cover rescue.service nicely
@ -460,6 +472,8 @@ Features:
ReadOnlyDirectories=... for whitelisting files for a service.
* sd-bus:
- EBADSLT handling
- change argv list matching logic
- GetAllProperties() on a non-existing object does not result in a failure currently
- kdbus: process fd=-1 for incoming msgs
- port to sd-resolve for connecting to TCP dbus servers
@ -690,10 +704,6 @@ Features:
* If we show an error about a unit (such as not showing up) and it has no Description string, then show a description string generated form the reverse of unit_name_mangle().
* fedup: add --unit to systemctl switch-root somehow
* fedup: do not delete initrd on switch-root
* fedup: generator
* clean up date formatting and parsing so that all absolute/relative timestamps we format can also be parsed
* on shutdown: move utmp, wall, audit logic all into PID 1 (or logind?), get rid of systemd-update-utmp-runlevel

8
configure.ac
View File

@ -20,7 +20,7 @@
AC_PREREQ([2.64])
AC_INIT([systemd],
[224],
[225],
[http://github.com/systemd/systemd/issues],
[systemd],
[http://www.freedesktop.org/wiki/Software/systemd])
@ -1016,7 +1016,9 @@ AC_ARG_WITH(ntp-servers,
[Space-separated list of default NTP servers]),
[NTP_SERVERS="$withval"],
[NTP_SERVERS="time1.google.com time2.google.com time3.google.com time4.google.com"
AC_MSG_WARN([*** Using Google NTP servers. Please do not ship OSes or devices with these default settings. See DISTRO_PORTING for details!])])
AC_MSG_WARN([*** Using Google NTP servers.
Do not ship OSes or devices with these default settings.
See DISTRO_PORTING for details!])])
AC_DEFINE_UNQUOTED(NTP_SERVERS, ["$NTP_SERVERS"], [Default NTP Servers])
AC_SUBST(NTP_SERVERS)
@ -1340,11 +1342,13 @@ AC_ARG_WITH([bashcompletiondir],
] , [
with_bashcompletiondir=${datadir}/bash-completion/completions
])])
AM_CONDITIONAL(ENABLE_BASH_COMPLETION, [test "$with_bashcompletiondir" != "no"])
AX_NORMALIZE_PATH([with_bashcompletiondir])
AC_ARG_WITH([zshcompletiondir],
AS_HELP_STRING([--with-zshcompletiondir=DIR], [Zsh completions directory]),
[], [with_zshcompletiondir=${datadir}/zsh/site-functions])
AM_CONDITIONAL(ENABLE_ZSH_COMPLETION, [test "$with_zshcompletiondir" != "no"])
AX_NORMALIZE_PATH([with_zshcompletiondir])
AC_ARG_WITH([rootprefix],

5
hwdb/.gitignore vendored
View File

@ -1,4 +1,5 @@
/pci.ids
/usb.ids
/oui.txt
/iab.txt
/ma-large.txt
/ma-medium.txt
/ma-small.txt

140094
hwdb/20-OUI.hwdb
View File

File diff suppressed because it is too large Load Diff

126
hwdb/20-bluetooth-vendor-product.hwdb
View File

@ -1772,3 +1772,129 @@ bluetooth:v024B*
bluetooth:v024C*
ID_VENDOR_FROM_DATABASE=Blue Clover Devices
bluetooth:v024D*
ID_VENDOR_FROM_DATABASE=M-Way Solutions GmbH
bluetooth:v024E*
ID_VENDOR_FROM_DATABASE=Microtronics Engineering GmbH
bluetooth:v024F*
ID_VENDOR_FROM_DATABASE=Schneider Schreibgerte GmbH
bluetooth:v0250*
ID_VENDOR_FROM_DATABASE=Sapphire Circuits LLC
bluetooth:v0251*
ID_VENDOR_FROM_DATABASE=Lumo Bodytech Inc.
bluetooth:v0252*
ID_VENDOR_FROM_DATABASE=UKC Technosolution
bluetooth:v0253*
ID_VENDOR_FROM_DATABASE=Xicato Inc.
bluetooth:v0254*
ID_VENDOR_FROM_DATABASE=Playbrush
bluetooth:v0255*
ID_VENDOR_FROM_DATABASE=Dai Nippon Printing Co., Ltd.
bluetooth:v0256*
ID_VENDOR_FROM_DATABASE=G24 Power Limited
bluetooth:v0257*
ID_VENDOR_FROM_DATABASE=AdBabble Local Commerce Inc.
bluetooth:v0258*
ID_VENDOR_FROM_DATABASE=Devialet SA
bluetooth:v0259*
ID_VENDOR_FROM_DATABASE=ALTYOR
bluetooth:v025A*
ID_VENDOR_FROM_DATABASE=University of Applied Sciences Valais/Haute Ecole Valaisanne
bluetooth:v025B*
ID_VENDOR_FROM_DATABASE=Five Interactive, LLC dba Zendo
bluetooth:v025C*
ID_VENDOR_FROM_DATABASE=NetEase (Hangzhou) Network co.Ltd.
bluetooth:v025D*
ID_VENDOR_FROM_DATABASE=Lexmark International Inc.
bluetooth:v025E*
ID_VENDOR_FROM_DATABASE=Fluke Corporation
bluetooth:v025F*
ID_VENDOR_FROM_DATABASE=Yardarm Technologies
bluetooth:v0260*
ID_VENDOR_FROM_DATABASE=SensaRx
bluetooth:v0261*
ID_VENDOR_FROM_DATABASE=SECVRE GmbH
bluetooth:v0262*
ID_VENDOR_FROM_DATABASE=Glacial Ridge Technologies
bluetooth:v0263*
ID_VENDOR_FROM_DATABASE=Identiv, Inc.
bluetooth:v0264*
ID_VENDOR_FROM_DATABASE=DDS, Inc.
bluetooth:v0265*
ID_VENDOR_FROM_DATABASE=SMK Corporation
bluetooth:v0266*
ID_VENDOR_FROM_DATABASE=Schawbel Technologies LLC
bluetooth:v0267*
ID_VENDOR_FROM_DATABASE=XMI Systems SA
bluetooth:v0268*
ID_VENDOR_FROM_DATABASE=Cerevo
bluetooth:v0269*
ID_VENDOR_FROM_DATABASE=Torrox GmbH & Co KG
bluetooth:v026A*
ID_VENDOR_FROM_DATABASE=Gemalto
bluetooth:v026B*
ID_VENDOR_FROM_DATABASE=DEKA Research & Development Corp.
bluetooth:v026C*
ID_VENDOR_FROM_DATABASE=Domster Tadeusz Szydlowski
bluetooth:v026D*
ID_VENDOR_FROM_DATABASE=Technogym SPA
bluetooth:v026E*
ID_VENDOR_FROM_DATABASE=FLEURBAEY BVBA
bluetooth:v026F*
ID_VENDOR_FROM_DATABASE=Aptcode Solutions
bluetooth:v0270*
ID_VENDOR_FROM_DATABASE=LSI ADL Technology
bluetooth:v0271*
ID_VENDOR_FROM_DATABASE=Animas Corp
bluetooth:v0272*
ID_VENDOR_FROM_DATABASE=Alps Electric Co., Ltd.
bluetooth:v0273*
ID_VENDOR_FROM_DATABASE=OCEASOFT
bluetooth:v0274*
ID_VENDOR_FROM_DATABASE=Motsai Research
bluetooth:v0275*
ID_VENDOR_FROM_DATABASE=Geotab
bluetooth:v0276*
ID_VENDOR_FROM_DATABASE=E.G.O. Elektro-Gertebau GmbH

27
hwdb/20-usb-vendor-model.hwdb
View File

@ -50804,6 +50804,33 @@ usb:v2237*
usb:v2237p4161*
ID_MODEL_FROM_DATABASE=eReader White
usb:v225D*
ID_VENDOR_FROM_DATABASE=Morpho
usb:v225Dp0001*
ID_MODEL_FROM_DATABASE=FINGER VP Multimodal Biometric Sensor
usb:v225Dp0008*
ID_MODEL_FROM_DATABASE=CBM-E3 Fingerprint Sensor
usb:v225Dp0009*
ID_MODEL_FROM_DATABASE=CBM Fingerprint Sensor [CBM-V3]
usb:v225Dp000A*
ID_MODEL_FROM_DATABASE=MSO1300-E3 Fingerprint Sensor
usb:v225Dp000B*
ID_MODEL_FROM_DATABASE=MSO1300 Fingerprint Sensor [MSO1300-V3]
usb:v225Dp000C*
ID_MODEL_FROM_DATABASE=MSO1350-E3 Fingerprint Sensor & SmartCard Reader
usb:v225Dp000D*
ID_MODEL_FROM_DATABASE=MSO1350 Fingerprint Sensor & SmartCard Reader [MSO1350-V3]
usb:v225Dp000E*
ID_MODEL_FROM_DATABASE=MorphoAccess SIGMA Biometric Access Control Terminal
usb:v228D*
ID_VENDOR_FROM_DATABASE=8D Technologies inc.

26
hwdb/60-evdev.hwdb
View File

@ -20,10 +20,11 @@
# where /dev/input/eventXX is the device in question. If in
# doubt, simply use /dev/input/event* to reload all input rules.
#
# If your changes are generally applicable, open a bug report on
# http://bugs.freedesktop.org/enter_bug.cgi?product=systemd
# and include your new rules, a description of the device, and the
# output of
# If your changes are generally applicable, preferably send them as a pull
# request to
# https://github.com/systemd/systemd
# or create a bug report on https://github.com/systemd/systemd/issues and
# include your new rules, a description of the device, and the output of
# udevadm info /dev/input/eventXX
# (or /dev/input/event*).
#
@ -77,12 +78,12 @@ evdev:input:b0003v05ACp0254*
# MacbookPro10,1 (unibody, June 2012)
evdev:input:b0003v05ACp0259*
evdev:input:b0003v05ACp025a*
evdev:input:b0003v05ACp025b*
evdev:input:b0003v05ACp025A*
evdev:input:b0003v05ACp025B*
# MacbookPro10,2 (unibody, October 2012)
evdev:input:b0003v05ACp0259*
evdev:input:b0003v05ACp025a*
evdev:input:b0003v05ACp025b*
evdev:input:b0003v05ACp025A*
evdev:input:b0003v05ACp025B*
EVDEV_ABS_00=::94
EVDEV_ABS_01=::92
EVDEV_ABS_35=::94
@ -117,3 +118,12 @@ evdev:name:Atmel maXTouch Touch*:dmi:bvn*:bvr*:bd*:svnGOOGLE:pnSamus*
evdev:name:SynPS/2 Synaptics TouchPad:dmi:*svnLENOVO*:pn*ThinkPad*X230*
EVDEV_ABS_01=::100
EVDEV_ABS_36=::100
#########################################
# Dell
#########################################
# Dell Vostro 1510
evdev:name:AlpsPS/2 ALPS GlidePoint*:dmi:bvn*:bvr*:bd*:svnDellInc.:pnVostro1510*
EVDEV_ABS_00=::14
EVDEV_ABS_01=::18

9
hwdb/60-keyboard.hwdb
View File

@ -51,10 +51,11 @@
# where /dev/input/eventXX is the keyboard in question. If in
# doubt, simply use /dev/input/event* to reload all input rules.
#
# If your changes are generally applicable, open a bug report on
# http://bugs.freedesktop.org/enter_bug.cgi?product=systemd
# and include your new rules, a description of the device, and the
# output of
# If your changes are generally applicable, preferably send them as a pull
# request to
# https://github.com/systemd/systemd
# or create a bug report on https://github.com/systemd/systemd/issues and
# include your new rules, a description of the device, and the output of
# udevadm info /dev/input/eventXX
# (or /dev/input/event*).

48
hwdb/70-mouse.hwdb
View File

@ -38,9 +38,9 @@
#
# If your changes are generally applicable, preferably send them as a pull
# request to
# https://github.com/systemd/
# or create a bug report on the issue tracker located there and include your
# new rules, a description of the device, and the output of
# https://github.com/systemd/systemd
# or create a bug report on https://github.com/systemd/systemd/issues and
# include your new rules, a description of the device, and the output of
# udevadm info /dev/input/eventXX
# (or /dev/input/event*).
#
@ -135,6 +135,22 @@ mouse:usb:v046dpc063:name:DELL DELL USB Laser Mouse:
mouse:usb:v0461p4d16:name:USB Optical Mouse:
MOUSE_DPI=500@125
##########################################
# HandShoe Mouse
##########################################
# HandShoe Mouse
mouse:usb:v192fp0916:name:USB Optical Mouse:
MOUSE_DPI=1000@128
##########################################
# HoverStop
##########################################
# Hoverstop active ergonomic mouse
mouse:usb:v088dp1234:name:HoverStop NL Hoverstop active ergonomic mouse:
MOUSE_DPI=400@129
##########################################
# HP
##########################################
@ -146,6 +162,7 @@ mouse:usb:v0458p0133:name:Mouse Laser Mouse:
# HP X1000
mouse:usb:v093ap2510:name:PixArt USB Optical Mouse:
mouse:usb:v093ap2510:name:PIXART USB OPTICAL MOUSE:
MOUSE_DPI=1000@125
##########################################
@ -160,6 +177,10 @@ mouse:usb:v17efp6019:name:Lenovo Optical USB Mouse:
mouse:usb:v17efp6044:name:ThinkPad USB Laser Mouse:
MOUSE_DPI=1200@125
# Lenovo Precision USB Mouse
mouse:usb:v17efp6050:name:Lenovo Precision USB Mouse:
MOUSE_DPI=1200@127
##########################################
# Logitech
##########################################
@ -171,6 +192,8 @@ mouse:usb:v17efp6044:name:ThinkPad USB Laser Mouse:
# Logitech M-BJ58 Optical Mouse
mouse:usb:v046dpc00e:name:Logitech USB-PS/2 Optical Mouse:
# Logitech Mini Optical Mouse
mouse:usb:v046dpc016:name:Logitech Optical USB Mouse:
# Logitech MX310 Optical Mouse
mouse:usb:v046dpc01b:name:Logitech USB-PS/2 Optical Mouse:
# Logitech USB-PS/2 M-BT58
@ -219,6 +242,8 @@ mouse:usb:v046dpc52b:name:Logitech Unifying Device. Wireless PID:4008:
# Logitech M705 (marathon mouse)
mouse:usb:v046dp101b:name:Logitech M705:
mouse:usb:v046dpc52b:name:Logitech Unifying Device. Wireless PID:101b:
# Logitech Performance MX
mouse:usb:v046dp101a:name:Logitech Performance MX:
MOUSE_DPI=800@166
# Logitech MX Revolution
@ -282,15 +307,28 @@ mouse:usb:v046dp4027:name:Logitech T620:
mouse:usb:v046dpc52b:name:Logitech Unifying Device. Wireless PID:4027:
MOUSE_DPI=1200@250
# Logitech LX8 Cordless Laser Mouse
mouse:usb:v046dpc51b:name:Logitech USB Receiver:
MOUSE_DPI=1300@125
MOUSE_WHEEL_CLICK_ANGLE=15
# Logitech ZoneTouch Mouse T400
mouse:usb:v046dp4026:name:Logitech T400:
mouse:usb:v046dpc52b:name:Logitech Unifying Device. Wireless PID:4026:
MOUSE_DPI=1300@166
# Logitech G500 Mouse
mouse:usb:v046dpc068:name:Logitech G500:
MOUSE_DPI=*1600@500 2600@500 3600@500
# Logitech Ultrathin Touch Mouse
mouse:bluetooth:v046dpb00d:name:Ultrathin Touch Mouse:
MOUSE_DPI=1000@1000
# ImPS/2 Logitech Wheel Mouse
mouse:ps2:*:name:ImPS/2 Logitech Wheel Mouse:
MOUSE_DPI=400@100
# ImExPS/2 Logitech Wheel Mouse
mouse:ps2:*:name:ImExPS/2 Logitech Wheel Mouse:
MOUSE_DPI=400@250
@ -305,6 +343,10 @@ mouse:usb:v045ep0040:name:Microsoft Microsoft 3-Button Mouse with IntelliEye(TM)
# Note: unsure that these work, it's likely that all devices on these
# receivers show up with the same vid/pid/name
# Microsoft Wireless Mouse 5000
mouse:usb:v045ep0745:name:Microsoft Microsoft® 2.4GHz Transceiver v6.0:
MOUSE_DPI=800@142
# Microsoft Sculpt Ergonomic Mouse
mouse:usb:v045ep07a5:name:Microsoft Microsoft® 2.4GHz Transceiver v9.0:
MOUSE_DPI=1000@142

9
hwdb/70-pointingstick.hwdb
View File

@ -32,10 +32,11 @@
# where /dev/input/eventXX is the pointingstick in question. If in
# doubt, simply use /dev/input/event* to reload all input rules.
#
# If your changes are generally applicable, open a bug report on
# http://bugs.freedesktop.org/enter_bug.cgi?product=systemd
# and include your new rules, a description of the device, and the
# output of
# If your changes are generally applicable, preferably send them as a pull
# request to
# https://github.com/systemd/systemd
# or create a bug report on https://github.com/systemd/systemd/issues and
# include your new rules, a description of the device, and the output of
# udevadm info /dev/input/eventXX
# (or /dev/input/event*).
#

54
hwdb/ids-update.pl
View File

@ -276,25 +276,30 @@ sub sdio_classes {
close(OUT);
}
# MAC Address Block Large/Medium/Small
# Large MA-L 24/24 bit (OUI)
# Medium MA-M 28/20 bit (OUI prefix owned by IEEE)
# Small MA-S 36/12 bit (OUI prefix owned by IEEE)
sub oui {
my $iab_prefix;
my %iab_prefixes = ();
my $prefix;
my %ieee_prefixes = ();
open(OUT, ">", "20-OUI.hwdb");
print(OUT "# This file is part of systemd.\n" .
"#\n" .
"# Data imported from:\n" .
"# http://standards.ieee.org/develop/regauth/oui/oui.txt\n" .
"# http://standards.ieee.org/develop/regauth/iab/iab.txt\n");
"# https://services13.ieee.org/RST/standards-ra-web/rest/assignments/download/?registry=MA-L&format=txt\n" .
"# https://services13.ieee.org/RST/standards-ra-web/rest/assignments/download/?registry=MA-M&format=txt\n" .
"# https://services13.ieee.org/RST/standards-ra-web/rest/assignments/download/?registry=MA-S&format=txt\n");
open(IN, "<", "iab.txt");
open(IN, "<", "ma-small.txt");
while (my $line = <IN>) {
$line =~ s/^ +//;
$line =~ s/\s+$//;
$line =~ m/^([0-9A-F]{2})-([0-9A-F]{2})-([0-9A-F]{2})\s*\(hex\)\s*.+$/;
if (defined $1) {
$iab_prefix = $1 . $2 . $3;
$iab_prefixes{ $iab_prefix } = 1;
$prefix = $1 . $2 . $3;
$ieee_prefixes{ $prefix } = 1;
next;
}
@ -304,13 +309,35 @@ sub oui {
my $text = $2;
print(OUT "\n");
print(OUT "OUI:" . $iab_prefix . $vendor . "*\n");
print(OUT "OUI:" . $prefix . $vendor . "*\n");
print(OUT " ID_OUI_FROM_DATABASE=" . $text . "\n");
}
}
close(IN);
open(IN, "<", "oui.txt");
open(IN, "<", "ma-medium.txt");
while (my $line = <IN>) {
$line =~ s/^ +//;
$line =~ s/\s+$//;
$line =~ m/^([0-9A-F]{2})-([0-9A-F]{2})-([0-9A-F]{2})\s*\(hex\)\s*.+$/;
if (defined $1) {
$prefix = $1 . $2 . $3;
$ieee_prefixes{ $prefix } = 1;
next;
}
$line =~ m/^([0-9A-F])00000-\g1FFFFF\s*\(base 16\)\s*(.+)$/;
if (defined $1) {
my $vendor = uc $1;
my $text = $2;
print(OUT "\n");
print(OUT "OUI:" . $prefix . $vendor . "*\n");
print(OUT " ID_OUI_FROM_DATABASE=" . $text . "\n");
}
}
open(IN, "<", "ma-large.txt");
while (my $line = <IN>) {
$line =~ s/^ +//;
$line =~ s/\s+$//;
@ -319,8 +346,12 @@ sub oui {
my $vendor = uc $1;
my $text = $2;
# skip the IAB prefixes
if (! exists $iab_prefixes{ $vendor }) {
if ($text =~ m/^IEEE REGISTRATION AUTHORITY/) {
next;
}
# skip the IEEE owned prefixes
if (! exists $ieee_prefixes{ $vendor }) {
print(OUT "\n");
print(OUT "OUI:" . $vendor . "*\n");
print(OUT " ID_OUI_FROM_DATABASE=" . $text . "\n");
@ -328,6 +359,7 @@ sub oui {
}
}
close(IN);
close(OUT);
}

18
man/coredumpctl.xml
View File

@ -86,8 +86,8 @@
</varlistentry>
<varlistentry>
<term><option>-F</option></term>
<term><option>--field=</option></term>
<term><option>-F</option> <replaceable>FIELD</replaceable></term>
<term><option>--field=</option><replaceable>FIELD</replaceable></term>
<listitem><para>Print all possible data values the specified
field takes in matching coredump entries of the
@ -95,13 +95,21 @@
</varlistentry>
<varlistentry>
<term><option>-o</option></term>
<term><option>--output=FILE</option></term>
<term><option>-o</option> <replaceable>FILE</replaceable></term>
<term><option>--output=</option><replaceable>FILE</replaceable></term>
<listitem><para>Write the core to <option>FILE</option>.
</para></listitem>
</varlistentry>
<varlistentry>
<term><option>-D</option> <replaceable>DIR</replaceable></term>
<term><option>--directory=</option><replaceable>DIR</replaceable></term>
<listitem><para>Use the journal files in the specified <option>DIR</option>.
</para></listitem>
</varlistentry>
<xi:include href="standard-options.xml" xpointer="help" />
<xi:include href="standard-options.xml" xpointer="version" />
<xi:include href="standard-options.xml" xpointer="no-pager" />
@ -132,7 +140,7 @@
<listitem><para>Extract the last coredump matching specified
characteristics. The coredump will be written on standard
output, unless an output file is specified with
<option>-o/--output</option>. </para></listitem>
<option>--output=</option>. </para></listitem>
</varlistentry>
<varlistentry>

188
man/machinectl.xml
View File

@ -1,4 +1,4 @@
<?xml version='1.0'?> <!--*-nxml-*-->
<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
@ -65,6 +65,43 @@
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
virtual machine and container registration manager
<citerefentry><refentrytitle>systemd-machined.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
<para><command>machinectl</command> may be used to execute
operations on machines and images. Machines in this sense are
considered running instances of:</para>
<itemizedlist>
<listitem><para>Virtual Machines (VMs) that virtualize hardware
to run full operating system (OS) instances (including their kernels)
in a virtualized environment on top of the host OS.</para></listitem>
<listitem><para>Containers that share the hardware and
OS kernel with the host OS, in order to run
OS userspace instances on top the host OS.</para></listitem>
<listitem><para>The host system itself</para></listitem>
</itemizedlist>
<para>Machines are identified by names that follow the same rules
as UNIX and DNS host names, for details see below. Machines are
instantiated from disk or file system images, that frequently but not
necessarily carry the same name as machines running from
them. Images in this sense are considered:</para>
<itemizedlist>
<listitem><para>Directory trees containing an OS, including its
top-level directories <filename>/usr</filename>,
<filename>/etc</filename>, and so on.</para></listitem>
<listitem><para>btrfs subvolumes containing OS trees, similar to
normal directory trees.</para></listitem>
<listitem><para>Binary "raw" disk images containing MBR or GPT
partition tables and Linux file system partitions.</para></listitem>
<listitem><para>The file system tree of the host OS itself.</para></listitem>
</itemizedlist>
</refsect1>
<refsect1>
@ -137,6 +174,30 @@
<constant>SIGTERM</constant>.</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--uid=</option></term>
<listitem><para>When used with the <command>shell</command>
command, chooses the user ID to open the interactive shell
session as. If this switch is not specified, defaults to
<literal>root</literal>. Note that this switch is not
supported for the <command>login</command> command (see
below).</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--setenv=</option></term>
<listitem><para>When used with the <command>shell</command>
command, sets an environment variable to pass to the executed
shell. Takes a pair of environment variable name and value,
separated by <literal>=</literal> as argument. This switch
may be used multiple times to set multiple environment
variables. Note that this switch is not supported for the
<command>login</command> command (see
below).</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--mkdir</option></term>
@ -145,7 +206,6 @@
mount.</para></listitem>
</varlistentry>
<varlistentry>
<term><option>--read-only</option></term>
@ -247,9 +307,11 @@
<term><command>list</command></term>
<listitem><para>List currently running (online) virtual
machines and containers. To enumerate container images that
can be started, use <command>list-images</command> (see
below).</para></listitem>
machines and containers. To enumerate machine images that can
be started, use <command>list-images</command> (see
below). Note that this command hides the special
<literal>.host</literal> machine by default. Use the
<option>--all</option> switch to show it.</para></listitem>
</varlistentry>
<varlistentry>
@ -267,7 +329,7 @@
</varlistentry>
<varlistentry>
<term><command>show</command> <replaceable>NAME</replaceable>...</term>
<term><command>show</command> [<replaceable>NAME</replaceable>...]</term>
<listitem><para>Show properties of one or more registered
virtual machines or containers or the manager itself. If no
@ -316,21 +378,67 @@
</varlistentry>
<varlistentry>
<term><command>login</command> <replaceable>NAME</replaceable></term>
<term><command>login</command> [<replaceable>NAME</replaceable>]</term>
<listitem><para>Open an interactive terminal login session to
a container. This will create a TTY connection to a specific
container and asks for the execution of a getty on it. Note
that this is only supported for containers running
<listitem><para>Open an interactive terminal login session in
a container or on the local host. If an argument is supplied
it refers to the container machine to connect to. If none is
specified, or the container name is specified as the empty
string, or the special machine name <literal>.host</literal>
(see below) is specified, the connection is made to the local
host instead. This will create a TTY connection to a specific
container or the local host and asks for the execution of a
getty on it. Note that this is only supported for containers
running
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>
as init system.</para>
<para>This command will open a full login prompt on the
container, which then asks for username and password. Use
container or the local host, which then asks for username and
password. Use <command>shell</command> (see below) or
<citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry>
with the <option>--machine=</option> switch to invoke a single
command, either interactively or in the background within a
local container.</para></listitem>
with the <option>--machine=</option> switch to directly invoke
a single command, either interactively or in the
background.</para></listitem>
</varlistentry>
<varlistentry>
<term><command>shell</command> [[<replaceable>NAME</replaceable>@]<replaceable>NAME</replaceable> [<replaceable>PATH</replaceable> [<replaceable>ARGUMENTS</replaceable>...]]] </term>
<listitem><para>Open an interactive shell session in a
container or on the local host. The first argument refers to
the container machine to connect to. If none is specified, or
the machine name is specified as the empty string, or the
special machine name <literal>.host</literal> (see below) is
specified, the connection is made to the local host
instead. This works similar to <command>login</command> but
immediately invokes a user process. This command runs the
specified executable with the specified arguments, or
<filename>/bin/sh</filename> if none is specified. By default
opens a <literal>root</literal> shell, but by using
<option>--uid=</option>, or by prefixing the machine name with
a username and an <literal>@</literal> character, a different
user may be selected. Use <option>--setenv=</option> to set
environment variables for the executed process.</para>
<para>When using the <command>shell</command> command without
arguments (thus invoking the executed shell or command on the
local host) it is similar in many ways to a <citerefentry
project='die-net'><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>
session, but unlike <command>su</command> completely isolates
the new session from the originating session, so that it
shares no process or session properties, and is in a clean and
well-defined state. It will be tracked in a new utmp, login,
audit, security and keyring session, and will not inherit any
environment variables or resource limits, among other
properties.</para>
<para>Note that the
<citerefentry><refentrytitle>systemd-run</refentrytitle><manvolnum>1</manvolnum></citerefentry>
may be used in place of the <command>shell</command> command,
and allows more detailed, low-level configuration of the
invoked unit. However, it is frequently more privileged than
the <command>shell</command> command.</para></listitem>
</varlistentry>
<varlistentry>
@ -453,7 +561,7 @@
</varlistentry>
<varlistentry>
<term><command>image-status</command> <replaceable>NAME</replaceable>...</term>
<term><command>image-status</command> [<replaceable>NAME</replaceable>...]</term>
<listitem><para>Show terse status information about one or
more container or VM images. This function is intended to
@ -463,7 +571,7 @@
</varlistentry>
<varlistentry>
<term><command>show-image</command> <replaceable>NAME</replaceable>...</term>
<term><command>show-image</command> [<replaceable>NAME</replaceable>...]</term>
<listitem><para>Show properties of one or more registered
virtual machine or container images, or the manager itself. If
@ -765,6 +873,41 @@
</refsect1>
<refsect1>
<title>Machine and Image Names</title>
<para>The <command>machinectl</command> tool operates on machines
and images, whose names must be chosen following strict
rules. Machine names must be suitable for use as host names
following a conservative subset of DNS and UNIX/Linux
semantics. Specifically, they must consist of one or more
non-empty label strings, separated by dots. No leading or trailing
dots are allowed. No sequences of multiple dots are allowed. The
label strings may only consists of alphanumeric characters as well
as the dash and underscore. The maximum length of a machine name
is 64 characters.</para>
<para>A special machine with the name <literal>.host</literal>
refers to the running host system itself. This is useful for execution
operations or inspecting the host system as well. Not that
<command>machinectl list</command> will not show this special
machine unless the <option>--all</option> switch is specified.</para>
<para>Requirements on image names are less strict, however must be
valid UTF-8, must be suitable as file names (hence not be the
single or double dot, and not include a slash), and may not
contain control characters. Since many operations search for an
image by the name of a requested machine it is recommended to name
images in the same strict fashion as machines.</para>
<para>A special image with the name <literal>.host</literal>
refers to the image of the running host system. It is hence
conceptually maps to the special <literal>.host</literal> machine
name described above. Note that <command>machinectl
list-images</command> won't show this special image either, unless
<option>--all</option> is specified.</para>
</refsect1>
<refsect1>
<title>Files and Directories</title>
@ -872,6 +1015,17 @@
current directory.</para>
</example>
<example>
<title>Create a new shell session</title>
<programlisting># machinectl shell --uid=lennart</programlisting>
<para>This creates a new shell session on the local host, for
the user ID <literal>lennart</literal>, in a <citerefentry
project='die-net'><refentrytitle>su</refentrytitle><manvolnum>1</manvolnum></citerefentry>-like
fashion.</para>
</example>
</refsect1>
<refsect1>

13
man/nss-myhostname.xml
View File

@ -111,17 +111,17 @@
<para>Here's an example <filename>/etc/nsswitch.conf</filename>
file, that enables <command>myhostname</command> correctly:</para>
<programlisting>passwd: compat
group: compat
shadow: compat
<programlisting>passwd: compat
group: compat
shadow: compat
hosts: files dns mymachines <command>myhostname</command>
hosts: files resolve mymachines <command>myhostname</command>
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
ethers: db files
rpc: db files
netgroup: nis</programlisting>
@ -143,6 +143,7 @@ netgroup: nis</programlisting>
<title>See Also</title>
<para>
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>nss-resolve</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>nss-mymachines</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>nsswitch.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>getent</refentrytitle><manvolnum>1</manvolnum></citerefentry>

3
man/nss-mymachines.xml
View File

@ -91,7 +91,7 @@
group: compat <command>mymachines</command>
shadow: compat
hosts: files dns <command>mymachines</command> myhostname
hosts: files resolve <command>mymachines</command> myhostname
networks: files
protocols: db files
@ -108,6 +108,7 @@ netgroup: nis</programlisting>
<para>
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-machined.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>nss-resolve</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>nsswitch.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>getent</refentrytitle><manvolnum>1</manvolnum></citerefentry>

118
man/nss-resolve.xml Normal file
View File

@ -0,0 +1,118 @@
<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
<!--
This file is part of systemd.
Copyright 2011 Lennart Poettering
Copyright 2013 Tom Gundersen
systemd is free software; you can redistribute it and/or modify it
under the terms of the GNU Lesser General Public License as published by
the Free Software Foundation; either version 2.1 of the License, or
(at your option) any later version.
systemd is distributed in the hope that it will be useful, but
WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
Lesser General Public License for more details.
You should have received a copy of the GNU Lesser General Public License
along with systemd; If not, see <http://www.gnu.org/licenses/>.
-->
<refentry id="nss-resolve" conditional='ENABLE_RESOLVED'>
<refentryinfo>
<title>nss-resolve</title>
<productname>systemd</productname>
<authorgroup>
<author>
<contrib>Developer</contrib>
<firstname>Lennart</firstname>
<surname>Poettering</surname>
<email>lennart@poettering.net</email>
</author>
</authorgroup>
</refentryinfo>
<refmeta>
<refentrytitle>nss-resolve</refentrytitle>
<manvolnum>8</manvolnum>
</refmeta>
<refnamediv>
<refname>nss-resolve</refname>
<refname>libnss_resolve.so.2</refname>
<refpurpose>Provide hostname resolution via <filename>systemd-resolved.service</filename></refpurpose>
</refnamediv>
<refsynopsisdiv>
<para><filename>libnss_resolve.so.2</filename></para>
</refsynopsisdiv>
<refsect1>
<title>Description</title>
<para><command>nss-resolve</command> is a plugin module for the
GNU Name Service Switch (NSS) functionality of the GNU C Library
(<command>glibc</command>) enabling it to resolve host names via
the
<citerefentry><refentrytitle>systemd-resolved</refentrytitle><manvolnum>8</manvolnum></citerefentry>
local network name resolution service.</para>
<para>To activate the NSS module, <literal>resolve</literal>
has to be added to the line starting with
<literal>hosts:</literal> in
<filename>/etc/nsswitch.conf</filename>.</para>
<para>It is recommended to place <literal>resolve</literal> early
in the <filename>nsswitch.conf</filename> line (but after the
<literal>files</literal> entry), replacing the
<literal>dns</literal> entry if it exists, to ensure DNS queries
are always routed via
<citerefentry><refentrytitle>systemd-resolved</refentrytitle><manvolnum>8</manvolnum></citerefentry>.</para>
</refsect1>
<refsect1>
<title>Example</title>
<para>Here's an example <filename>/etc/nsswitch.conf</filename>
file, that enables <command>resolve</command> correctly:</para>
<programlisting>passwd: compat
group: compat
shadow: compat
hosts: files <command>resolve</command> mymachines myhostname
networks: files
protocols: db files
services: db files
ethers: db files
rpc: db files
netgroup: nis</programlisting>
<para>Note that <command>nss-resolve</command> will chain-load
<command>nss-dns</command> if
<filename>systemd-resolved.service</filename> is not running,
ensuring that basic DNS resolution continues to work if the
service is down.</para>
</refsect1>
<refsect1>
<title>See Also</title>
<para>
<citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>,
<citerefentry><refentrytitle>systemd-resolved</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>nss-mymachines</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry><refentrytitle>nss-myhostname</refentrytitle><manvolnum>8</manvolnum></citerefentry>,
<citerefentry project='man-pages'><refentrytitle>nsswitch.conf</refentrytitle><manvolnum>5</manvolnum></citerefentry>
</para>
</refsect1>
</refentry>

25
man/systemctl.xml
View File

@ -319,14 +319,11 @@
<term><option>--quiet</option></term>
<listitem>
<para>Suppress output to standard output in
<command>snapshot</command>,
<command>is-active</command>,
<command>is-failed</command>,
<command>is-enabled</command>,
<command>is-system-running</command>,
<command>enable</command> and
<command>disable</command>.</para>
<para>Suppress printing of the results of various commands
and also the hints about truncated log lines. This does not
suppress output of commands for which the printed output is
the only result (like <command>show</command>). Errors are
always printed.</para>
</listitem>
</varlistentry>
@ -476,6 +473,18 @@
</listitem>
</varlistentry>
<varlistentry>
<term><option>--message=</option></term>
<listitem>
<para>When used with <command>halt</command>,
<command>poweroff</command>, <command>reboot</command> or
<command>kexec</command>, set a short message explaining the reason
for the operation. The message will be logged together with the
default shutdown message.</para>
</listitem>
</varlistentry>
<varlistentry>
<term><option>--now</option></term>

2
man/systemd-fsck@.service.xml
View File

@ -61,7 +61,7 @@
responsible for file system checks. They are instantiated for each
device that is configured for file system checking.
<filename>systemd-fsck-root.service</filename> is responsible for
file system checks on the root file system, but in only if the
file system checks on the root file system, but only if the
root filesystem wasn't checked in the initramfs.
<filename>systemd-fsck@.service</filename> is used for all other
file systems and for the root file system in the initramfs.</para>

28
man/systemd-nspawn.xml
View File

@ -156,12 +156,15 @@
<para>If neither <option>--directory=</option>, nor
<option>--image=</option> is specified the directory is
determined as <filename>/var/lib/machines/</filename> suffixed
by the machine name as specified with
<option>--machine=</option>. If neither
<option>--directory=</option>, <option>--image=</option>, nor
<option>--machine=</option> are specified, the current
directory will be used. May not be specified together with
determined by searching for a directory named the same as the
machine name specified with <option>--machine=</option>. See
<citerefentry><refentrytitle>machinectl</refentrytitle><manvolnum>1</manvolnum></citerefentry>
section "Files and Directories" for the precise search path.</para>
<para>If neither <option>--directory=</option>,
<option>--image=</option>, nor <option>--machine=</option>
are specified, the current directory will
be used. May not be specified together with
<option>--image=</option>.</para></listitem>
</varlistentry>
@ -578,7 +581,9 @@
same path in the container --, or a colon-separated pair of
paths -- in which case the first specified path is the source
in the host, and the second path is the destination in the
container. This option may be specified multiple times for
container. Backslash escapes are interpreted so
<literal>\:</literal> may be used to embed colons in either path.
This option may be specified multiple times for
creating multiple independent bind mount points. The
<option>--bind-ro=</option> option creates read-only bind
mounts.</para></listitem>
@ -597,7 +602,10 @@
otherwise specified). This option is particularly useful for
mounting directories such as <filename>/var</filename> as
tmpfs, to allow state-less systems, in particular when
combined with <option>--read-only</option>.</para></listitem>
combined with <option>--read-only</option>.
Backslash escapes are interpreted in the path so
<literal>\:</literal> may be used to embed colons in the path.
</para></listitem>
</varlistentry>
<varlistentry>
@ -609,6 +617,10 @@
list of colon-separated paths to the directory trees to
combine and the destination mount point.</para>
<para>Backslash escapes are interpreted in the paths, so
<literal>\:</literal> may be used to embed colons in the paths.
</para>
<para>If three or more paths are specified, then the last
specified path is the destination mount point in the
container, all paths specified before refer to directory trees

57
man/systemd-resolved.service.xml
View File

@ -1,4 +1,4 @@
<?xml version='1.0'?> <!--*-nxml-*-->
<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
@ -71,6 +71,61 @@
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for more details.</para>
<para><command>systemd-resolved</command> synthesizes DNS RRs for the following cases:</para>
<itemizedlist>
<listitem><para>The local, configured hostname is resolved to
all locally configured IP addresses ordered by their scope, or
— if none are configured — the IPv4 address 127.0.0.2 (which
is on the local loopback) and the IPv6 address ::1 (which is the
local host).</para></listitem>
<listitem><para>The hostname <literal>localhost</literal> is
resolved to the IP addresses 127.0.0.1 and
::1.</para></listitem>
<listitem><para>The hostname <literal>gateway</literal> is
resolved to all current default routing gateway addresses,
ordered by their metric. This assigns a stable hostname to the
current gateway, useful for referencing it independently of the
current network configuration state.</para></listitem>
</itemizedlist>
<para>Lookup requests are routed to the available DNS servers
and LLMNR interfaces according to the following rules:</para>
<itemizedlist>
<listitem><para>Lookups for the special hostname
<literal>localhost</literal> are never routed to the
network.</para></listitem>
<listitem><para>Single-label names are routed to all local
interfaces capable of IP multicasting, using the LLMNR
protocol. Lookups for IPv4 addresses are only sent via LLMNR on
IPv4, and lookups for IPv6 addresses are only sent via LLMNR on
IPv6. Lookups for the locally configured host name and the
<literal>gateway</literal> host name are never routed to
LLMNR.</para></listitem>
<listitem><para>Multi-label names are routed to all local
interfaces that have a DNS sever configured, plus the globally
configured DNS server if there is one. Address lookups from the
link-local addres range are never routed to
DNS.</para></listitem>
</itemizedlist>
<para>If lookups are routed to multiple interfaces, the first
successful response is returned (thus effectively merging the
lookup zones on all matching interfaces). If the lookup failed on
all interfaces the last failing response is returned.</para>
<para>Routing of lookups may be influenced by configuring
per-interface domain names, see
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for details. Lookups for a hostname ending in one of the
per-interface domains are exclusively routed to the matching
interfaces.</para>
<para>Note that
<filename>/run/systemd/resolve/resolv.conf</filename> should not
be used directly, but only through a symlink from

55
man/systemd-run.xml
View File

@ -69,38 +69,41 @@
<title>Description</title>
<para><command>systemd-run</command> may be used to create and
start a transient <filename>.service</filename> or a transient
<filename>.timer</filename> or a <filename>.scope</filename> unit
and run the specified <replaceable>COMMAND</replaceable> in
it.</para>
start a transient <filename>.service</filename> or
<filename>.scope</filename> unit and run the specified
<replaceable>COMMAND</replaceable> in it. It may also be used to
create and start transient <filename>.timer</filename>
units.</para>
<para>If a command is run as transient service unit, it will be
started and managed by the service manager like any other service,
and thus show up in the output of <command>systemctl
and thus shows up in the output of <command>systemctl
list-units</command> like any other unit. It will run in a clean
and detached execution environment. <command>systemd-run</command>
will start the service asynchronously in the background and
immediately return.</para>
<para>If a command is run with timer options, transient timer unit
also be created with transient service unit. But the transient
timer unit is only started immediately. The transient service unit
will be started when the transient timer is elapsed. If
<option>--unit=</option> is specified with timer options, the
<replaceable>COMMAND</replaceable> can be omitted. In this case,
<command>systemd-run</command> assumes service unit is already
loaded and creates transient timer unit only. To successfully
create timer unit, already loaded service unit should be specified
with <option>--unit=</option>. This transient timer unit can
activate the existing service unit like any other timer.</para>
and detached execution environment, with the service manager as
its parent process. In this mode <command>systemd-run</command>
will start the service asynchronously in the background and return
after the command has begun execution.</para>
<para>If a command is run as transient scope unit, it will be
started directly by <command>systemd-run</command> and thus
inherit the execution environment of the caller. It is however
managed by the service manager similar to normal services, and
will also show up in the output of <command>systemctl
list-units</command>. Execution in this case is synchronous, and
execution will return only when the command finishes.</para>
started by <command>systemd-run</command> itself as parent process
and will thus inherit the execution environment of the
caller. However, the processes of the command are managed by the
service manager similar to normal services, and will show up in
the output of <command>systemctl list-units</command>. Execution
in this case is synchronous, and will return only when the command
finishes. This mode is enabled via the <option>--scope</option>
switch (see below). </para>
<para>If a command is run with timer options such as
<option>--on-calendar=</option> (see below), a transient timer
unit is created alongside the service unit for the specified
command. Only the transient timer unit is started immediately, the
transient service unit will be started when the transient timer
elapses. If the <option>--unit=</option> is specified, the
<replaceable>COMMAND</replaceable> may be omitted. In this case,
<command>systemd-run</command> only creates a
<filename>.timer</filename> unit that invokes the specified unit
when elapsing.</para>
</refsect1>
<refsect1>

4
man/systemd-timesyncd.service.xml
View File

@ -71,6 +71,10 @@
files, and the per-link dynamic settings received over DHCP. See
<citerefentry><refentrytitle>systemd.network</refentrytitle><manvolnum>5</manvolnum></citerefentry>
for more details.</para>
<para><citerefentry><refentrytitle>timedatectl</refentrytitle><manvolnum>1</manvolnum></citerefentry>'s
<command>set-ntp</command> command may be used to enable and
start, or disable and stop this service.</para>
</refsect1>
<refsect1>

44
man/systemd.exec.xml
View File

@ -1,3 +1,4 @@
<?xml version='1.0'?> <!--*- Mode: nxml; nxml-child-indent: 2; indent-tabs-mode: nil -*-->
<!DOCTYPE refentry PUBLIC "-//OASIS//DTD DocBook XML V4.2//EN"
"http://www.oasis-open.org/docbook/xml/4.2/docbookx.dtd">
@ -263,7 +264,8 @@
<listitem><para>Similar to <varname>Environment=</varname> but
reads the environment variables from a text file. The text
file should contain new-line-separated variable assignments.
Empty lines and lines starting with ; or # will be ignored,
Empty lines, lines without an <literal>=</literal> separator,
or lines starting with ; or # will be ignored,
which may be used for commenting. A line ending with a
backslash will be concatenated with the following one,
allowing multiline variable definitions. The parser strips
@ -910,10 +912,16 @@
<term><varname>UtmpIdentifier=</varname></term>
<listitem><para>Takes a four character identifier string for
an utmp/wtmp entry for this service. This should only be set
for services such as <command>getty</command> implementations
an <citerefentry
project='man-pages'><refentrytitle>utmp</refentrytitle><manvolnum>5</manvolnum></citerefentry>
and wtmp entry for this service. This should only be
set for services such as <command>getty</command>
implementations (such as <citerefentry
project='die-net'><refentrytitle>agetty</refentrytitle><manvolnum>8</manvolnum></citerefentry>)
where utmp/wtmp entries must be created and cleared before and
after execution. If the configured string is longer than four
after execution, or for services that shall be executed as if
they were run by a <command>getty</command> process (see
below). If the configured string is longer than four
characters, it is truncated and the terminal four characters
are used. This setting interprets %I style string
replacements. This setting is unset by default, i.e. no
@ -921,6 +929,34 @@
service.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>UtmpMode=</varname></term>
<listitem><para>Takes one of <literal>init</literal>,
<literal>login</literal> or <literal>user</literal>. If
<varname>UtmpIdentifier=</varname> is set, controls which
type of <citerefentry
project='man-pages'><refentrytitle>utmp</refentrytitle><manvolnum>5</manvolnum></citerefentry>/wtmp
entries for this service are generated. This setting has no
effect unless <varname>UtmpIdentifier=</varname> is set
too. If <literal>init</literal> is set, only an
<constant>INIT_PROCESS</constant> entry is generated and the
invoked process must implement a
<command>getty</command>-compatible utmp/wtmp logic. If
<literal>login</literal> is set, first an
<constant>INIT_PROCESS</constant> entry, followed by an
<constant>LOGIN_PROCESS</constant> entry is generated. In
this case the invoked process must implement a <citerefentry
project='die-net'><refentrytitle>login</refentrytitle><manvolnum>1</manvolnum></citerefentry>-compatible
utmp/wtmp logic. If <literal>user</literal> is set, first an
<constant>INIT_PROCESS</constant> entry, then a
<constant>LOGIN_PROCESS</constant> entry and finally an
<constant>USER_PROCESS</constant> entry is generated. In this
case the invoked process may be any process that is suitable
to be run as session leader. Defaults to
<literal>init</literal>.</para></listitem>
</varlistentry>
<varlistentry>
<term><varname>SELinuxContext=</varname></term>

14
man/systemd.netdev.xml
View File

@ -985,6 +985,20 @@ Kind=veth
Name=veth-peer</programlisting>
</example>
<example>
<title>/etc/systemd/network/bond.netdev</title>
<programlisting>[NetDev]
Name=bond1
Kind=bond
[Bond]
Mode=802.3ad
TransmitHashPolicy=layer3+4
MIIMonitorSec=1s
LACPTransmitRate=fast
</programlisting>
</example>
<example>
<title>/etc/systemd/network/dummy.netdev</title>
<programlisting>[NetDev]

12
man/systemd.network.xml
View File

@ -828,6 +828,18 @@ Name=em1
[Network]
Tunnel=vti-tun</programlisting>
</example>
<example>
<title>/etc/systemd/network/bond.network</title>
<programlisting>[Match]
Name=bond1
[Network]
DHCP=yes
</programlisting>
</example>
</refsect1>
<refsect1>

20
man/systemd.service.xml
View File

@ -337,6 +337,19 @@
<literal>-</literal>) fail, the rest are not executed and the
unit is considered failed.</para>
<para><varname>ExecStart=</varname> commands are only run after
all <varname>ExecStartPre=</varname> commands that were not prefixed
with a <literal>-</literal> exit successfully.</para>
<para><varname>ExecStartPost=</varname> commands are only run after
the service has started, as determined by <varname>Type=</varname>
(i.e. The process has been started for <varname>Type=simple</varname>
or <varname>Type=idle</varname>, the process exits successfully for
<varname>Type=oneshot</varname>, the initial process exits successfully
for <varname>Type=forking</varname>, <literal>READY=1</literal> is sent
for <varname>Type=notify</varname>, or the <varname>BusName=</varname>
has been taken for <varname>Type=dbus</varname>).</para>
<para>Note that <varname>ExecStartPre=</varname> may not be
used to start long-running processes. All processes forked
off by processes invoked via <varname>ExecStartPre=</varname> will
@ -922,7 +935,10 @@
the arguments. Double quotes ("...") and single quotes ('...') may
be used, in which case everything until the next matching quote
becomes part of the same argument. C-style escapes are also
supported, see table below. Quotes themselves are removed after
supported. The table below contains the list of allowed escape
patterns. Only patterns which match the syntax in the table are
allowed; others will result in an error, and must be escaped by
doubling the backslash. Quotes themselves are removed after
parsing and escape sequences substituted. In addition, a trailing
backslash (<literal>\</literal>) may be used to merge lines.
</para>
@ -939,7 +955,7 @@
<literal>&amp;</literal>, and <emphasis>other elements of shell
syntax are not supported</emphasis>.</para>
<para>The command to execute must an absolute path name. It may
<para>The command to execute must be an absolute path name. It may
contain spaces, but control characters are not allowed.</para>
<para>The command line accepts <literal>%</literal> specifiers as

31
man/systemd.special.xml
View File

@ -130,9 +130,22 @@
for this target unit to all services (except for those with
<varname>DefaultDependencies=no</varname>).</para>
<para>Usually this should pull-in all mount points, swap
devices, sockets, timers, and path units and other basic
initialization necessary for general purpose daemons.</para>
<para>Usually this should pull-in all local mount points plus
<filename>/var</filename>, <filename>/tmp</filename> and
<filename>/var/tmp</filename>, swap devices, sockets, timers,
path units and other basic initialization necessary for general
purpose daemons. The mentioned mount points are special cased
to allow them to be remote.
</para>
<para>This target usually does not pull in any non-target units
directly, but rather does so indirectly via other early boot targets.
It is instead meant as a synchronization point for late boot
services. Refer to
<citerefentry><refentrytitle>bootup</refentrytitle><manvolnum>7</manvolnum></citerefentry>
for details on the targets involved.
</para>
</listitem>
</varlistentry>
<varlistentry>
@ -503,8 +516,14 @@
<varlistentry>
<term><filename>sysinit.target</filename></term>
<listitem>
<para>A special target unit covering early boot-up
scripts.</para>
<para>This target pulls in the services required for system
initialization. System services pulled in by this target should
declare <varname>DefaultDependencies=no</varname> and specify
all their dependencies manually, including access to anything
more than a read only root filesystem. For details on the
dependencies of this target, refer to
<citerefentry><refentrytitle>bootup</refentrytitle><manvolnum>7</manvolnum></citerefentry>.
</para>
</listitem>
</varlistentry>
<varlistentry>
@ -833,7 +852,7 @@
<varlistentry>
<term><filename>system.slice</filename></term>
<listitem>
<para>By default, all services services started by
<para>By default, all system services started by
<command>systemd</command> are found in this slice.</para>
</listitem>
</varlistentry>

2
man/systemd.xml
View File

@ -367,6 +367,8 @@
group information is maintained in the kernel, and is accessible
via the file system hierarchy (beneath
<filename>/sys/fs/cgroup/systemd/</filename>), or in tools such as
<citerefentry project='man-pages'><refentrytitle>systemd-cgls</refentrytitle><manvolnum>1</manvolnum></citerefentry>
or
<citerefentry project='man-pages'><refentrytitle>ps</refentrytitle><manvolnum>1</manvolnum></citerefentry>
(<command>ps xawf -eo pid,user,cgroup,args</command> is
particularly useful to list all processes and the systemd units

27
man/timedatectl.xml
View File

@ -166,12 +166,27 @@
<term><command>set-ntp [BOOL]</command></term>
<listitem><para>Takes a boolean argument. Controls whether
network time synchronization is enabled (if available). This
enables or disables the
<filename>systemd-timesyncd.service</filename> unit. Note that
even if this command turns time synchronization off a
different system service might still synchronize the clock
with the network.</para></listitem>
network time synchronization is active and enabled (if
available). This enables and starts, or disables and stops the
<filename>systemd-timesyncd.service</filename> unit. It does
not affect the state of any other, unrelated network time
synchronization services that might be installed on the
system. This command is hence mostly equivalent to:
<command>systemctl enable --now
systemd-timesyncd.service</command> and <command>systemctl
disable --now systemd-timesyncd.service</command>, but is
protected by a different access policy.</para>
<para>Note that even if time synchronization is turned off
with this command another, unrelated system service might
still synchronize the clock with the network. Also note that
strictly speaking
<filename>systemd-timesyncd.service</filename> does more than
just network time synchronization as it ensures a monotonic
clock on systems without RTC even if no network is
available. See
<citerefentry><refentrytitle>systemd-timesyncd.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>
for details about this.</para></listitem>
</varlistentry>
</variablelist>

2
rules/60-persistent-storage.rules
View File

@ -6,7 +6,7 @@
ACTION=="remove", GOTO="persistent_storage_end"
SUBSYSTEM!="block", GOTO="persistent_storage_end"
KERNEL!="loop*|mmcblk*[0-9]|msblk*[0-9]|mspblk*[0-9]|nvme*|sd*|sr*|vd*|xvd*|bcache*|cciss*|dasd*", GOTO="persistent_storage_end"
KERNEL!="loop*|mmcblk*[0-9]|msblk*[0-9]|mspblk*[0-9]|nvme*|sd*|sr*|vd*|xvd*|bcache*|cciss*|dasd*|ubd*", GOTO="persistent_storage_end"
# ignore partitions that span the entire disk
TEST=="whole_disk", GOTO="persistent_storage_end"

7
shell-completion/bash/machinectl
View File

@ -26,7 +26,8 @@ __contains_word() {
__get_machines() {
local a b
machinectl list --no-legend --no-pager | { while read a b; do echo " $a"; done; };
(machinectl list-images --no-legend --no-pager; machinectl list --no-legend --no-pager) | \
{ while read a b; do echo " $a"; done; } | sort -u;
}
_machinectl() {
@ -39,8 +40,8 @@ _machinectl() {
)
local -A VERBS=(
[STANDALONE]='list'
[MACHINES]='status show terminate kill reboot login'
[STANDALONE]='list list-images pull-tar pull-raw pull-dkr import-tar import-raw export-tar export-raw list-transfers cancel-transfer'
[MACHINES]='status show start login enable disable poweroff reboot terminate kill copy-to copy-from image-status show-image clone rename read-only remove set-limit'
)
_init_completion || return

2
shell-completion/bash/systemctl.in
View File

@ -108,7 +108,7 @@ _systemctl () {
comps=$(compgen -A signal)
;;
--type|-t)
comps='automount busname device mount path service snapshot socket swap target timer'
comps=$(__systemctl $mode -t help)
;;
--state)
comps='loaded not-found stub

15
shell-completion/zsh/_busctl
View File

@ -24,7 +24,14 @@
local -a _busctl_cmds
_busctl_cmds=(
"list:List bus names"
"status:Show bus service, process or bus owner credentials"
"monitor:Show bus traffic"
"capture:Capture bus traffix as pcap"
"tree:Show object tree of service"
"introspect:Introspect object"
"call:Call a method"
"get-property:Get property value"
"set-property:Set property value"
)
if (( CURRENT == 1 )); then
_describe -t commands 'busctl command' _busctl_cmds || compadd "$@"
@ -54,4 +61,12 @@ _arguments \
'--acquired[Only show acquired names]' \
'--activatable[Only show activatable names]' \
'--match=[Only show matching messages]:match' \
'--list[Do not show tree, but simple object path list]' \
'--quiet[Do not show method call reply]'\
'--verbose[Show result values in long format]' \
'--expect-reply=[Expect a method call reply]:boolean:(1 0)' \
'--auto-start=[Auto-start destination service]:boolean:(1 0)' \
'--allow-interactive-authorization=[Allow interactive authorization for operation]:boolean:(1 0)' \
'--timeout=[Maximum time to wait for method call completion]:timeout (seconds)' \
'--augment-creds=[Extend credential data with data read from /proc/$PID]:boolean:(1 0)' \
'*::busctl command:_busctl_command'

16
src/basic/bitmap.c
View File

@ -145,7 +145,10 @@ bool bitmap_isclear(Bitmap *b) {
void bitmap_clear(Bitmap *b) {
assert(b);
free(b->bitmaps);
b->bitmaps = NULL;
b->n_bitmaps = 0;
b->bitmaps_allocated = 0;
}
bool bitmap_iterate(Bitmap *b, Iterator *i, unsigned *n) {
@ -184,6 +187,9 @@ bool bitmap_iterate(Bitmap *b, Iterator *i, unsigned *n) {
}
bool bitmap_equal(Bitmap *a, Bitmap *b) {
size_t common_n_bitmaps;
Bitmap *c;
unsigned i;
if (!a ^ !b)
return false;
@ -191,8 +197,14 @@ bool bitmap_equal(Bitmap *a, Bitmap *b) {
if (!a)
return true;
if (a->n_bitmaps != b->n_bitmaps)
common_n_bitmaps = MIN(a->n_bitmaps, b->n_bitmaps);
if (memcmp(a->bitmaps, b->bitmaps, sizeof(uint64_t) * common_n_bitmaps) != 0)
return false;
return memcmp(a->bitmaps, b->bitmaps, sizeof(uint64_t) * a->n_bitmaps) == 0;
c = a->n_bitmaps > b->n_bitmaps ? a : b;
for (i = common_n_bitmaps; i < c->n_bitmaps; i++)
if (c->bitmaps[i] != 0)
return false;
return true;
}

9
src/basic/cgroup-util.c
View File

@ -826,14 +826,12 @@ int cg_install_release_agent(const char *controller, const char *agent) {
} else if (!streq(sc, agent))
return -EEXIST;
free(fs);
fs = NULL;
fs = mfree(fs);
r = cg_get_path(controller, NULL, "notify_on_release", &fs);
if (r < 0)
return r;
free(contents);
contents = NULL;
contents = mfree(contents);
r = read_one_line_file(fs, &contents);
if (r < 0)
return r;
@ -865,8 +863,7 @@ int cg_uninstall_release_agent(const char *controller) {
if (r < 0)
return r;
free(fs);
fs = NULL;
fs = mfree(fs);
r = cg_get_path(controller, NULL, "release_agent", &fs);
if (r < 0)

6
src/basic/copy.c
View File

@ -467,8 +467,7 @@ int copy_xattr(int fdf, int fdt) {
sza *= 2;
free(bufa);
bufa = NULL;
bufa = mfree(bufa);
}
p = bufa;
@ -491,8 +490,7 @@ int copy_xattr(int fdf, int fdt) {
if (m < 0) {
if (errno == ERANGE) {
szb *= 2;
free(bufb);
bufb = NULL;
bufb = mfree(bufb);
continue;
}

2
src/basic/env-util.c
View File

@ -550,7 +550,7 @@ char **replace_env_argv(char **argv, char **env) {
if (e) {
int r;
r = strv_split_quoted(&m, e, UNQUOTE_RELAX);
r = strv_split_extract(&m, e, WHITESPACE, EXTRACT_RELAX|EXTRACT_QUOTES);
if (r < 0) {
ret[k] = NULL;
strv_free(ret);

55
src/basic/hostname-util.c
View File

@ -61,14 +61,25 @@ static bool hostname_valid_char(char c) {
c == '.';
}
bool hostname_is_valid(const char *s) {
/**
* Check if s looks like a valid host name or FQDN. This does not do
* full DNS validation, but only checks if the name is composed of
* allowed characters and the length is not above the maximum allowed
* by Linux (c.f. dns_name_is_valid()). Trailing dot is allowed if
* allow_trailing_dot is true and at least two components are present
* in the name. Note that due to the restricted charset and length
* this call is substantially more conservative than
* dns_domain_is_valid().
*/
bool hostname_is_valid(const char *s, bool allow_trailing_dot) {
unsigned n_dots = 0;
const char *p;
bool dot;
if (isempty(s))
return false;
/* Doesn't accept empty hostnames, hostnames with trailing or
/* Doesn't accept empty hostnames, hostnames with
* leading dots, and hostnames with multiple dots in a
* sequence. Also ensures that the length stays below
* HOST_NAME_MAX. */
@ -79,6 +90,7 @@ bool hostname_is_valid(const char *s) {
return false;
dot = true;
n_dots ++;
} else {
if (!hostname_valid_char(*p))
return false;
@ -87,16 +99,18 @@ bool hostname_is_valid(const char *s) {
}
}
if (dot)
if (dot && (n_dots < 2 || !allow_trailing_dot))
return false;
if (p-s > HOST_NAME_MAX)
if (p-s > HOST_NAME_MAX) /* Note that HOST_NAME_MAX is 64 on
* Linux, but DNS allows domain names
* up to 255 characters */
return false;
return true;
}
char* hostname_cleanup(char *s, bool lowercase) {
char* hostname_cleanup(char *s) {
char *p, *d;
bool dot;
@ -110,7 +124,7 @@ char* hostname_cleanup(char *s, bool lowercase) {
*(d++) = '.';
dot = true;
} else if (hostname_valid_char(*p)) {
*(d++) = lowercase ? tolower(*p) : *p;
*(d++) = *p;
dot = false;
}
@ -132,14 +146,25 @@ bool is_localhost(const char *hostname) {
/* This tries to identify local host and domain names
* described in RFC6761 plus the redhatism of .localdomain */
return streq(hostname, "localhost") ||
streq(hostname, "localhost.") ||
streq(hostname, "localdomain.") ||
streq(hostname, "localdomain") ||
endswith(hostname, ".localhost") ||
endswith(hostname, ".localhost.") ||
endswith(hostname, ".localdomain") ||
endswith(hostname, ".localdomain.");
return strcaseeq(hostname, "localhost") ||
strcaseeq(hostname, "localhost.") ||
strcaseeq(hostname, "localdomain.") ||
strcaseeq(hostname, "localdomain") ||
endswith_no_case(hostname, ".localhost") ||
endswith_no_case(hostname, ".localhost.") ||
endswith_no_case(hostname, ".localdomain") ||
endswith_no_case(hostname, ".localdomain.");
}
bool is_gateway_hostname(const char *hostname) {
assert(hostname);
/* This tries to identify the valid syntaxes for the our
* synthetic "gateway" host. */
return
strcaseeq(hostname, "gateway") ||
strcaseeq(hostname, "gateway.");
}
int sethostname_idempotent(const char *s) {
@ -176,7 +201,7 @@ int read_hostname_config(const char *path, char **hostname) {
truncate_nl(l);
if (l[0] != '\0' && l[0] != '#') {
/* found line with value */
name = hostname_cleanup(l, false);
name = hostname_cleanup(l);
name = strdup(name);
if (!name)
return -ENOMEM;

7
src/basic/hostname-util.h
View File

@ -29,10 +29,13 @@ bool hostname_is_set(void);
char* gethostname_malloc(void);
bool hostname_is_valid(const char *s) _pure_;
char* hostname_cleanup(char *s, bool lowercase);
bool hostname_is_valid(const char *s, bool allow_trailing_dot) _pure_;
char* hostname_cleanup(char *s);
#define machine_name_is_valid(s) hostname_is_valid(s, false)
bool is_localhost(const char *hostname);
bool is_gateway_hostname(const char *hostname);
int sethostname_idempotent(const char *s);

26
src/basic/list.h
View File

@ -123,6 +123,32 @@
} \
} while(false)
/* Insert an item before another one (a = where, b = what) */
#define LIST_INSERT_BEFORE(name,head,a,b) \
do { \
typeof(*(head)) **_head = &(head), *_a = (a), *_b = (b); \
assert(_b); \
if (!_a) { \
if (!*_head) { \
_b->name##_next = NULL; \
_b->name##_prev = NULL; \
*_head = _b; \
} else { \
typeof(*(head)) *_tail = (head); \
while (_tail->name##_next) \
_tail = _tail->name##_next; \
_b->name##_next = NULL; \
_b->name##_prev = _tail; \
_tail->name##_next = _b; \
} \
} else { \
if ((_b->name##_prev = _a->name##_prev)) \
_b->name##_prev->name##_next = _b; \
_b->name##_next = _a; \
_a->name##_prev = _b; \
} \
} while(false)
#define LIST_JUST_US(name,item) \
(!(item)->name##_prev && !(item)->name##_next) \

4
src/basic/missing.h
View File

@ -977,7 +977,11 @@ static inline int raw_clone(unsigned long flags, void *child_stack) {
}
static inline pid_t raw_getpid(void) {
#if defined(__alpha__)
return (pid_t) syscall(__NR_getxpid);
#else
return (pid_t) syscall(__NR_getpid);
#endif
}
#if !HAVE_DECL_RENAMEAT2

145
src/basic/smack-util.c
View File

@ -32,109 +32,93 @@
#define SMACK_FLOOR_LABEL "_"
#define SMACK_STAR_LABEL "*"
bool mac_smack_use(void) {
#ifdef HAVE_SMACK
bool mac_smack_use(void) {
static int cached_use = -1;
if (cached_use < 0)
cached_use = access("/sys/fs/smackfs/", F_OK) >= 0;
return cached_use;
#else
return false;
#endif
}
int mac_smack_apply(const char *path, const char *label) {
int r = 0;
static const char* const smack_attr_table[_SMACK_ATTR_MAX] = {
[SMACK_ATTR_ACCESS] = "security.SMACK64",
[SMACK_ATTR_EXEC] = "security.SMACK64EXEC",
[SMACK_ATTR_MMAP] = "security.SMACK64MMAP",
[SMACK_ATTR_TRANSMUTE] = "security.SMACK64TRANSMUTE",
[SMACK_ATTR_IPIN] = "security.SMACK64IPIN",
[SMACK_ATTR_IPOUT] = "security.SMACK64IPOUT",
};
DEFINE_STRING_TABLE_LOOKUP(smack_attr, SmackAttr);
int mac_smack_read(const char *path, SmackAttr attr, char **label) {
assert(path);
assert(attr >= 0 && attr < _SMACK_ATTR_MAX);
assert(label);
if (!mac_smack_use())
return 0;
return getxattr_malloc(path, smack_attr_to_string(attr), label, true);
}
int mac_smack_read_fd(int fd, SmackAttr attr, char **label) {
assert(fd >= 0);
assert(attr >= 0 && attr < _SMACK_ATTR_MAX);
assert(label);
if (!mac_smack_use())
return 0;
return fgetxattr_malloc(fd, smack_attr_to_string(attr), label);
}
int mac_smack_apply(const char *path, SmackAttr attr, const char *label) {
int r;
assert(path);
assert(attr >= 0 && attr < _SMACK_ATTR_MAX);
#ifdef HAVE_SMACK
if (!mac_smack_use())
return 0;
if (label)
r = lsetxattr(path, "security.SMACK64", label, strlen(label), 0);
r = lsetxattr(path, smack_attr_to_string(attr), label, strlen(label), 0);
else
r = lremovexattr(path, "security.SMACK64");
r = lremovexattr(path, smack_attr_to_string(attr));
if (r < 0)
return -errno;
#endif
return r;
return 0;
}
int mac_smack_apply_fd(int fd, const char *label) {
int r = 0;
int mac_smack_apply_fd(int fd, SmackAttr attr, const char *label) {
int r;
assert(fd >= 0);
assert(attr >= 0 && attr < _SMACK_ATTR_MAX);
#ifdef HAVE_SMACK
if (!mac_smack_use())
return 0;
if (label)
r = fsetxattr(fd, "security.SMACK64", label, strlen(label), 0);
r = fsetxattr(fd, smack_attr_to_string(attr), label, strlen(label), 0);
else
r = fremovexattr(fd, "security.SMACK64");
r = fremovexattr(fd, smack_attr_to_string(attr));
if (r < 0)
return -errno;
#endif
return r;
}
int mac_smack_apply_ip_out_fd(int fd, const char *label) {
int r = 0;
assert(fd >= 0);
#ifdef HAVE_SMACK
if (!mac_smack_use())
return 0;
if (label)
r = fsetxattr(fd, "security.SMACK64IPOUT", label, strlen(label), 0);
else
r = fremovexattr(fd, "security.SMACK64IPOUT");
if (r < 0)
return -errno;
#endif
return r;
}
int mac_smack_apply_ip_in_fd(int fd, const char *label) {
int r = 0;
assert(fd >= 0);
#ifdef HAVE_SMACK
if (!mac_smack_use())
return 0;
if (label)
r = fsetxattr(fd, "security.SMACK64IPIN", label, strlen(label), 0);
else
r = fremovexattr(fd, "security.SMACK64IPIN");
if (r < 0)
return -errno;
#endif
return r;
return 0;
}
int mac_smack_apply_pid(pid_t pid, const char *label) {
#ifdef HAVE_SMACK
const char *p;
#endif
int r = 0;
assert(label);
#ifdef HAVE_SMACK
if (!mac_smack_use())
return 0;
@ -142,21 +126,16 @@ int mac_smack_apply_pid(pid_t pid, const char *label) {
r = write_string_file(p, label, 0);
if (r < 0)
return r;
#endif
return r;
}
int mac_smack_fix(const char *path, bool ignore_enoent, bool ignore_erofs) {
#ifdef HAVE_SMACK
struct stat st;
#endif
int r = 0;
assert(path);
#ifdef HAVE_SMACK
if (!mac_smack_use())
return 0;
@ -202,7 +181,37 @@ int mac_smack_fix(const char *path, bool ignore_enoent, bool ignore_erofs) {
r = log_debug_errno(errno, "Unable to fix SMACK label of %s: %m", path);
}
#endif
return r;
}
#else
bool mac_smack_use(void) {
return false;
}
int mac_smack_read(const char *path, SmackAttr attr, char **label) {
return -EOPNOTSUPP;
}
int mac_smack_read_fd(int fd, SmackAttr attr, char **label) {
return -EOPNOTSUPP;
}
int mac_smack_apply(const char *path, SmackAttr attr, const char *label) {
return 0;
}
int mac_smack_apply_fd(int fd, SmackAttr attr, const char *label) {
return 0;
}
int mac_smack_apply_pid(pid_t pid, const char *label) {
return 0;
}
int mac_smack_fix(const char *path, bool ignore_enoent, bool ignore_erofs) {
return 0;
}
#endif

24
src/basic/smack-util.h
View File

@ -25,12 +25,28 @@
#include <stdbool.h>
#include "macro.h"
typedef enum SmackAttr {
SMACK_ATTR_ACCESS = 0,
SMACK_ATTR_EXEC = 1,
SMACK_ATTR_MMAP = 2,
SMACK_ATTR_TRANSMUTE = 3,
SMACK_ATTR_IPIN = 4,
SMACK_ATTR_IPOUT = 5,
_SMACK_ATTR_MAX,
_SMACK_ATTR_INVALID = -1,
} SmackAttr;
bool mac_smack_use(void);
int mac_smack_fix(const char *path, bool ignore_enoent, bool ignore_erofs);
int mac_smack_apply(const char *path, const char *label);
int mac_smack_apply_fd(int fd, const char *label);
const char* smack_attr_to_string(SmackAttr i) _const_;
SmackAttr smack_attr_from_string(const char *s) _pure_;
int mac_smack_read(const char *path, SmackAttr attr, char **label);
int mac_smack_read_fd(int fd, SmackAttr attr, char **label);
int mac_smack_apply(const char *path, SmackAttr attr, const char *label);
int mac_smack_apply_fd(int fd, SmackAttr attr, const char *label);
int mac_smack_apply_pid(pid_t pid, const char *label);
int mac_smack_apply_ip_in_fd(int fd, const char *label);
int mac_smack_apply_ip_out_fd(int fd, const char *label);

27
src/basic/strv.c
View File

@ -278,7 +278,7 @@ char **strv_split_newlines(const char *s) {
return l;
}
int strv_split_quoted(char ***t, const char *s, UnquoteFlags flags) {
int strv_split_extract(char ***t, const char *s, const char *separators, ExtractFlags flags) {
size_t n = 0, allocated = 0;
_cleanup_strv_free_ char **l = NULL;
int r;
@ -289,11 +289,12 @@ int strv_split_quoted(char ***t, const char *s, UnquoteFlags flags) {
for (;;) {
_cleanup_free_ char *word = NULL;
r = unquote_first_word(&s, &word, flags);
r = extract_first_word(&s, &word, separators, flags);
if (r < 0)
return r;
if (r == 0)
if (r == 0) {
break;
}
if (!GREEDY_REALLOC(l, allocated, n + 2))
return -ENOMEM;
@ -693,6 +694,26 @@ char **strv_reverse(char **l) {
return l;
}
char **strv_shell_escape(char **l, const char *bad) {
char **s;
/* Escapes every character in every string in l that is in bad,
* edits in-place, does not roll-back on error. */
STRV_FOREACH(s, l) {
char *v;
v = shell_escape(*s, bad);
if (!v)
return NULL;
free(*s);
*s = v;
}
return l;
}
bool strv_fnmatch(char* const* patterns, const char *s, int flags) {
char* const* p;

3
src/basic/strv.h
View File

@ -73,7 +73,7 @@ static inline bool strv_isempty(char * const *l) {
char **strv_split(const char *s, const char *separator);
char **strv_split_newlines(const char *s);
int strv_split_quoted(char ***t, const char *s, UnquoteFlags flags);
int strv_split_extract(char ***t, const char *s, const char *separators, ExtractFlags flags);
char *strv_join(char **l, const char *separator);
char *strv_join_quoted(char **l);
@ -145,6 +145,7 @@ void strv_print(char **l);
}))
char **strv_reverse(char **l);
char **strv_shell_escape(char **l, const char *bad);
bool strv_fnmatch(char* const* patterns, const char *s, int flags);

36
src/basic/terminal-util.c
View File

@ -44,7 +44,7 @@ static volatile unsigned cached_lines = 0;
int chvt(int vt) {
_cleanup_close_ int fd;
fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC|O_NONBLOCK);
if (fd < 0)
return -errno;
@ -230,14 +230,14 @@ int reset_terminal_fd(int fd, bool switch_to_text) {
* interfere with that. */
/* Disable exclusive mode, just in case */
ioctl(fd, TIOCNXCL);
(void) ioctl(fd, TIOCNXCL);
/* Switch to text mode */
if (switch_to_text)
ioctl(fd, KDSETMODE, KD_TEXT);
(void) ioctl(fd, KDSETMODE, KD_TEXT);
/* Enable console unicode mode */
ioctl(fd, KDSKBMODE, K_UNICODE);
(void) ioctl(fd, KDSKBMODE, K_UNICODE);
if (tcgetattr(fd, &termios) < 0) {
r = -errno;
@ -276,7 +276,7 @@ int reset_terminal_fd(int fd, bool switch_to_text) {
finish:
/* Just in case, flush all crap out */
tcflush(fd, TCIOFLUSH);
(void) tcflush(fd, TCIOFLUSH);
return r;
}
@ -284,7 +284,11 @@ finish:
int reset_terminal(const char *name) {
_cleanup_close_ int fd = -1;
fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
/* We open the terminal with O_NONBLOCK here, to ensure we
* don't block on carrier if this is a terminal with carrier
* configured. */
fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC|O_NONBLOCK);
if (fd < 0)
return fd;
@ -304,7 +308,8 @@ int open_terminal(const char *name, int mode) {
* https://bugs.launchpad.net/ubuntu/+source/linux/+bug/554172/comments/245
*/
assert(!(mode & O_CREAT));
if (mode & O_CREAT)
return -EINVAL;
for (;;) {
fd = open(name, mode, 0);
@ -413,9 +418,8 @@ int acquire_terminal(
if (r < 0 && r == -EPERM && ignore_tiocstty_eperm)
r = 0;
if (r < 0 && (force || fail || r != -EPERM)) {
if (r < 0 && (force || fail || r != -EPERM))
goto fail;
}
if (r >= 0)
break;
@ -499,7 +503,7 @@ int release_terminal(void) {
struct sigaction sa_old;
int r = 0;
fd = open("/dev/tty", O_RDWR|O_NOCTTY|O_NDELAY|O_CLOEXEC);
fd = open("/dev/tty", O_RDWR|O_NOCTTY|O_CLOEXEC|O_NONBLOCK);
if (fd < 0)
return -errno;
@ -527,7 +531,7 @@ int terminal_vhangup_fd(int fd) {
int terminal_vhangup(const char *name) {
_cleanup_close_ int fd;
fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC);
fd = open_terminal(name, O_RDWR|O_NOCTTY|O_CLOEXEC|O_NONBLOCK);
if (fd < 0)
return fd;
@ -574,7 +578,7 @@ int vt_disallocate(const char *name) {
return -EINVAL;
/* Try to deallocate */
fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC);
fd = open_terminal("/dev/tty0", O_RDWR|O_NOCTTY|O_CLOEXEC|O_NONBLOCK);
if (fd < 0)
return fd;
@ -612,16 +616,16 @@ void warn_melody(void) {
/* Yeah, this is synchronous. Kinda sucks. But well... */
ioctl(fd, KIOCSOUND, (int)(1193180/440));
(void) ioctl(fd, KIOCSOUND, (int)(1193180/440));
usleep(125*USEC_PER_MSEC);
ioctl(fd, KIOCSOUND, (int)(1193180/220));
(void) ioctl(fd, KIOCSOUND, (int)(1193180/220));
usleep(125*USEC_PER_MSEC);
ioctl(fd, KIOCSOUND, (int)(1193180/220));
(void) ioctl(fd, KIOCSOUND, (int)(1193180/220));
usleep(125*USEC_PER_MSEC);
ioctl(fd, KIOCSOUND, 0);
(void) ioctl(fd, KIOCSOUND, 0);
}
int make_console_stdio(void) {

26
src/basic/time-util.c
View File

@ -88,6 +88,32 @@ dual_timestamp* dual_timestamp_from_monotonic(dual_timestamp *ts, usec_t u) {
return ts;
}
dual_timestamp* dual_timestamp_from_boottime_or_monotonic(dual_timestamp *ts, usec_t u) {
int64_t delta;
if (u == USEC_INFINITY) {
ts->realtime = ts->monotonic = USEC_INFINITY;
return ts;
}
ts->realtime = now(CLOCK_REALTIME);
ts->monotonic = now(CLOCK_MONOTONIC);
delta = (int64_t) now(clock_boottime_or_monotonic()) - (int64_t) u;
if ((int64_t) ts->realtime > delta)
ts->realtime -= delta;
else
ts->realtime = 0;
if ((int64_t) ts->monotonic > delta)
ts->monotonic -= delta;
else
ts->monotonic = 0;
return ts;
}
usec_t timespec_load(const struct timespec *ts) {
assert(ts);

1
src/basic/time-util.h
View File

@ -74,6 +74,7 @@ usec_t now(clockid_t clock);
dual_timestamp* dual_timestamp_get(dual_timestamp *ts);
dual_timestamp* dual_timestamp_from_realtime(dual_timestamp *ts, usec_t u);
dual_timestamp* dual_timestamp_from_monotonic(dual_timestamp *ts, usec_t u);
dual_timestamp* dual_timestamp_from_boottime_or_monotonic(dual_timestamp *ts, usec_t u);
static inline bool dual_timestamp_is_set(dual_timestamp *ts) {
return ((ts->realtime > 0 && ts->realtime != USEC_INFINITY) ||

291
src/basic/util.c
View File

@ -115,17 +115,23 @@ size_t page_size(void) {
return pgsz;
}
bool streq_ptr(const char *a, const char *b) {
/* Like streq(), but tries to make sense of NULL pointers */
int strcmp_ptr(const char *a, const char *b) {
/* Like strcmp(), but tries to make sense of NULL pointers */
if (a && b)
return streq(a, b);
return strcmp(a, b);
if (!a && !b)
return true;
if (!a && b)
return -1;
return false;
if (a && !b)
return 1;
return 0;
}
bool streq_ptr(const char *a, const char *b) {
return strcmp_ptr(a, b) == 0;
}
char* endswith(const char *s, const char *postfix) {
@ -3000,21 +3006,6 @@ char* strshorten(char *s, size_t l) {
return s;
}
bool machine_name_is_valid(const char *s) {
if (!hostname_is_valid(s))
return false;
/* Machine names should be useful hostnames, but also be
* useful in unit names, hence we enforce a stricter length
* limitation. */
if (strlen(s) > 64)
return false;
return true;
}
int pipe_eof(int fd) {
struct pollfd pollfd = {
.fd = fd,
@ -4837,7 +4828,7 @@ int parse_proc_cmdline(int (*parse_item)(const char *key, const char *value)) {
_cleanup_free_ char *word = NULL;
char *value = NULL;
r = unquote_first_word(&p, &word, UNQUOTE_RELAX);
r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES|EXTRACT_RELAX);
if (r < 0)
return r;
if (r == 0)
@ -4877,7 +4868,7 @@ int get_proc_cmdline_key(const char *key, char **value) {
_cleanup_free_ char *word = NULL;
const char *e;
r = unquote_first_word(&p, &word, UNQUOTE_RELAX);
r = extract_first_word(&p, &word, NULL, EXTRACT_QUOTES|EXTRACT_RELAX);
if (r < 0)
return r;
if (r == 0)
@ -4922,6 +4913,9 @@ int container_get_leader(const char *machine, pid_t *pid) {
assert(machine);
assert(pid);
if (!machine_name_is_valid(machine))
return -EINVAL;
p = strjoina("/run/systemd/machines/", machine);
r = parse_env_file(p, NEWLINE, "LEADER", &s, "CLASS", &class, NULL);
if (r == -ENOENT)
@ -4944,8 +4938,8 @@ int container_get_leader(const char *machine, pid_t *pid) {
return 0;
}
int namespace_open(pid_t pid, int *pidns_fd, int *mntns_fd, int *netns_fd, int *root_fd) {
_cleanup_close_ int pidnsfd = -1, mntnsfd = -1, netnsfd = -1;
int namespace_open(pid_t pid, int *pidns_fd, int *mntns_fd, int *netns_fd, int *userns_fd, int *root_fd) {
_cleanup_close_ int pidnsfd = -1, mntnsfd = -1, netnsfd = -1, usernsfd = -1;
int rfd = -1;
assert(pid >= 0);
@ -4977,6 +4971,15 @@ int namespace_open(pid_t pid, int *pidns_fd, int *mntns_fd, int *netns_fd, int *
return -errno;
}
if (userns_fd) {
const char *userns;
userns = procfs_file_alloca(pid, "ns/user");
usernsfd = open(userns, O_RDONLY|O_NOCTTY|O_CLOEXEC);
if (usernsfd < 0 && errno != ENOENT)
return -errno;
}
if (root_fd) {
const char *root;
@ -4995,15 +4998,33 @@ int namespace_open(pid_t pid, int *pidns_fd, int *mntns_fd, int *netns_fd, int *
if (netns_fd)
*netns_fd = netnsfd;
if (userns_fd)
*userns_fd = usernsfd;
if (root_fd)
*root_fd = rfd;
pidnsfd = mntnsfd = netnsfd = -1;
pidnsfd = mntnsfd = netnsfd = usernsfd = -1;
return 0;
}
int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int root_fd) {
int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int userns_fd, int root_fd) {
if (userns_fd >= 0) {
/* Can't setns to your own userns, since then you could
* escalate from non-root to root in your own namespace, so
* check if namespaces equal before attempting to enter. */
_cleanup_free_ char *userns_fd_path = NULL;
int r;
if (asprintf(&userns_fd_path, "/proc/self/fd/%d", userns_fd) < 0)
return -ENOMEM;
r = files_same(userns_fd_path, "/proc/self/ns/user");
if (r < 0)
return r;
if (r)
userns_fd = -1;
}
if (pidns_fd >= 0)
if (setns(pidns_fd, CLONE_NEWPID) < 0)
@ -5017,6 +5038,10 @@ int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int root_fd) {
if (setns(netns_fd, CLONE_NEWNET) < 0)
return -errno;
if (userns_fd >= 0)
if (setns(userns_fd, CLONE_NEWUSER) < 0)
return -errno;
if (root_fd >= 0) {
if (fchdir(root_fd) < 0)
return -errno;
@ -5692,7 +5717,7 @@ int is_device_node(const char *path) {
return !!(S_ISBLK(info.st_mode) || S_ISCHR(info.st_mode));
}
int unquote_first_word(const char **p, char **ret, UnquoteFlags flags) {
int extract_first_word(const char **p, char **ret, const char *separators, ExtractFlags flags) {
_cleanup_free_ char *s = NULL;
size_t allocated = 0, sz = 0;
int r;
@ -5705,13 +5730,19 @@ int unquote_first_word(const char **p, char **ret, UnquoteFlags flags) {
SINGLE_QUOTE_ESCAPE,
DOUBLE_QUOTE,
DOUBLE_QUOTE_ESCAPE,
SPACE,
SEPARATOR,
} state = START;
assert(p);
assert(*p);
assert(ret);
if (!separators)
separators = WHITESPACE;
/* Bail early if called after last value or with no input */
if (!*p)
goto finish_force_terminate;
/* Parses the first word of a string, and returns it in
* *ret. Removes all quotes in the process. When parsing fails
* (because of an uneven number of quotes or similar), leaves
@ -5723,32 +5754,46 @@ int unquote_first_word(const char **p, char **ret, UnquoteFlags flags) {
switch (state) {
case START:
if (c == 0)
goto finish;
else if (strchr(WHITESPACE, c))
if (c == 0) {
if (flags & EXTRACT_DONT_COALESCE_SEPARATORS)
if (!GREEDY_REALLOC(s, allocated, sz+1))
return -ENOMEM;
goto finish_force_terminate;
} else if (strchr(separators, c)) {
if (flags & EXTRACT_DONT_COALESCE_SEPARATORS) {
if (!GREEDY_REALLOC(s, allocated, sz+1))
return -ENOMEM;
(*p) ++;
goto finish_force_next;
}
break;
}
state = VALUE;
/* fallthrough */
case VALUE:
if (c == 0)
goto finish;
else if (c == '\'') {
goto finish_force_terminate;
else if (c == '\'' && (flags & EXTRACT_QUOTES)) {
if (!GREEDY_REALLOC(s, allocated, sz+1))
return -ENOMEM;
state = SINGLE_QUOTE;
} else if (c == '\\')
state = VALUE_ESCAPE;
else if (c == '\"') {
else if (c == '\"' && (flags & EXTRACT_QUOTES)) {
if (!GREEDY_REALLOC(s, allocated, sz+1))
return -ENOMEM;
state = DOUBLE_QUOTE;
} else if (strchr(WHITESPACE, c))
state = SPACE;
else {
} else if (strchr(separators, c)) {
if (flags & EXTRACT_DONT_COALESCE_SEPARATORS) {
(*p) ++;
goto finish_force_next;
}
state = SEPARATOR;
} else {
if (!GREEDY_REALLOC(s, allocated, sz+2))
return -ENOMEM;
@ -5759,8 +5804,8 @@ int unquote_first_word(const char **p, char **ret, UnquoteFlags flags) {
case SINGLE_QUOTE:
if (c == 0) {
if (flags & UNQUOTE_RELAX)
goto finish;
if (flags & EXTRACT_RELAX)
goto finish_force_terminate;
return -EINVAL;
} else if (c == '\'')
state = VALUE;
@ -5798,29 +5843,29 @@ int unquote_first_word(const char **p, char **ret, UnquoteFlags flags) {
return -ENOMEM;
if (c == 0) {
if ((flags & UNQUOTE_CUNESCAPE_RELAX) &&
(state == VALUE_ESCAPE || flags & UNQUOTE_RELAX)) {
if ((flags & EXTRACT_CUNESCAPE_RELAX) &&
(state == VALUE_ESCAPE || flags & EXTRACT_RELAX)) {
/* If we find an unquoted trailing backslash and we're in
* UNQUOTE_CUNESCAPE_RELAX mode, keep it verbatim in the
* EXTRACT_CUNESCAPE_RELAX mode, keep it verbatim in the
* output.
*
* Unbalanced quotes will only be allowed in UNQUOTE_RELAX
* mode, UNQUOTE_CUNESCAP_RELAX mode does not allow them.
* Unbalanced quotes will only be allowed in EXTRACT_RELAX
* mode, EXTRACT_CUNESCAPE_RELAX mode does not allow them.
*/
s[sz++] = '\\';
goto finish;
goto finish_force_terminate;
}
if (flags & UNQUOTE_RELAX)
goto finish;
if (flags & EXTRACT_RELAX)
goto finish_force_terminate;
return -EINVAL;
}
if (flags & UNQUOTE_CUNESCAPE) {
if (flags & EXTRACT_CUNESCAPE) {
uint32_t u;
r = cunescape_one(*p, (size_t) -1, &c, &u);
if (r < 0) {
if (flags & UNQUOTE_CUNESCAPE_RELAX) {
if (flags & EXTRACT_CUNESCAPE_RELAX) {
s[sz++] = '\\';
s[sz++] = c;
goto end_escape;
@ -5843,24 +5888,29 @@ end_escape:
VALUE;
break;
case SPACE:
case SEPARATOR:
if (c == 0)
goto finish_force_terminate;
if (flags & EXTRACT_DONT_COALESCE_SEPARATORS)
goto finish_force_next;
if (!strchr(separators, c))
goto finish;
if (!strchr(WHITESPACE, c))
goto finish;
break;
}
(*p) ++;
}
finish_force_terminate:
*p = NULL;
finish:
if (!s) {
*p = NULL;
*ret = NULL;
return 0;
}
finish_force_next:
s[sz] = 0;
*ret = s;
s = NULL;
@ -5868,26 +5918,27 @@ finish:
return 1;
}
int unquote_first_word_and_warn(
int extract_first_word_and_warn(
const char **p,
char **ret,
UnquoteFlags flags,
const char *separators,
ExtractFlags flags,
const char *unit,
const char *filename,
unsigned line,
const char *rvalue) {
/* Try to unquote it, if it fails, warn about it and try again but this
* time using UNQUOTE_CUNESCAPE_RELAX to keep the backslashes verbatim
* time using EXTRACT_CUNESCAPE_RELAX to keep the backslashes verbatim
* in invalid escape sequences. */
const char *save;
int r;
save = *p;
r = unquote_first_word(p, ret, flags);
if (r < 0 && !(flags&UNQUOTE_CUNESCAPE_RELAX)) {
/* Retry it with UNQUOTE_CUNESCAPE_RELAX. */
r = extract_first_word(p, ret, separators, flags);
if (r < 0 && !(flags&EXTRACT_CUNESCAPE_RELAX)) {
/* Retry it with EXTRACT_CUNESCAPE_RELAX. */
*p = save;
r = unquote_first_word(p, ret, flags|UNQUOTE_CUNESCAPE_RELAX);
r = extract_first_word(p, ret, separators, flags|EXTRACT_CUNESCAPE_RELAX);
if (r < 0)
log_syntax(unit, LOG_ERR, filename, line, EINVAL,
"Unbalanced quoting in command line, ignoring: \"%s\"", rvalue);
@ -5898,7 +5949,7 @@ int unquote_first_word_and_warn(
return r;
}
int unquote_many_words(const char **p, UnquoteFlags flags, ...) {
int extract_many_words(const char **p, const char *separators, ExtractFlags flags, ...) {
va_list ap;
char **l;
int n = 0, i, c, r;
@ -5924,7 +5975,7 @@ int unquote_many_words(const char **p, UnquoteFlags flags, ...) {
l = newa0(char*, n);
for (c = 0; c < n; c++) {
r = unquote_first_word(p, &l[c], flags);
r = extract_first_word(p, &l[c], separators, flags);
if (r < 0) {
int j;
@ -6006,7 +6057,7 @@ int ptsname_malloc(int fd, char **ret) {
}
int openpt_in_namespace(pid_t pid, int flags) {
_cleanup_close_ int pidnsfd = -1, mntnsfd = -1, rootfd = -1;
_cleanup_close_ int pidnsfd = -1, mntnsfd = -1, usernsfd = -1, rootfd = -1;
_cleanup_close_pair_ int pair[2] = { -1, -1 };
union {
struct cmsghdr cmsghdr;
@ -6023,7 +6074,7 @@ int openpt_in_namespace(pid_t pid, int flags) {
assert(pid > 0);
r = namespace_open(pid, &pidnsfd, &mntnsfd, NULL, &rootfd);
r = namespace_open(pid, &pidnsfd, &mntnsfd, NULL, &usernsfd, &rootfd);
if (r < 0)
return r;
@ -6039,7 +6090,7 @@ int openpt_in_namespace(pid_t pid, int flags) {
pair[0] = safe_close(pair[0]);
r = namespace_enter(pidnsfd, mntnsfd, -1, rootfd);
r = namespace_enter(pidnsfd, mntnsfd, -1, usernsfd, rootfd);
if (r < 0)
_exit(EXIT_FAILURE);
@ -6505,6 +6556,32 @@ int rename_noreplace(int olddirfd, const char *oldpath, int newdirfd, const char
return 0;
}
static char *strcpy_backslash_escaped(char *t, const char *s, const char *bad) {
assert(bad);
for (; *s; s++) {
if (*s == '\\' || strchr(bad, *s))
*(t++) = '\\';
*(t++) = *s;
}
return t;
}
char *shell_escape(const char *s, const char *bad) {
char *r, *t;
r = new(char, strlen(s)*2+1);
if (!r)
return NULL;
t = strcpy_backslash_escaped(r, s, bad);
*t = 0;
return r;
}
char *shell_maybe_quote(const char *s) {
const char *p;
char *r, *t;
@ -6531,13 +6608,7 @@ char *shell_maybe_quote(const char *s) {
*(t++) = '"';
t = mempcpy(t, s, p - s);
for (; *p; p++) {
if (strchr(SHELL_NEED_ESCAPE, *p))
*(t++) = '\\';
*(t++) = *p;
}
t = strcpy_backslash_escaped(t, p, SHELL_NEED_ESCAPE);
*(t++)= '"';
*t = 0;
@ -6597,3 +6668,73 @@ int reset_uid_gid(void) {
return 0;
}
int getxattr_malloc(const char *path, const char *name, char **value, bool allow_symlink) {
char *v;
size_t l;
ssize_t n;
assert(path);
assert(name);
assert(value);
for (l = 100; ; l = (size_t) n + 1) {
v = new0(char, l);
if (!v)
return -ENOMEM;
if (allow_symlink)
n = lgetxattr(path, name, v, l);
else
n = getxattr(path, name, v, l);
if (n >= 0 && (size_t) n < l) {
*value = v;
return n;
}
free(v);
if (n < 0 && errno != ERANGE)
return -errno;
if (allow_symlink)
n = lgetxattr(path, name, NULL, 0);
else
n = getxattr(path, name, NULL, 0);
if (n < 0)
return -errno;
}
}
int fgetxattr_malloc(int fd, const char *name, char **value) {
char *v;
size_t l;
ssize_t n;
assert(fd >= 0);
assert(name);
assert(value);
for (l = 100; ; l = (size_t) n + 1) {
v = new0(char, l);
if (!v)
return -ENOMEM;
n = fgetxattr(fd, name, v, l);
if (n >= 0 && (size_t) n < l) {
*value = v;
return n;
}
free(v);
if (n < 0 && errno != ERANGE)
return -errno;
n = fgetxattr(fd, name, NULL, 0);
if (n < 0)
return -errno;
}
}

39
src/basic/util.h
View File

@ -71,6 +71,7 @@ size_t page_size(void) _pure_;
#define strncaseeq(a, b, n) (strncasecmp((a), (b), (n)) == 0)
bool streq_ptr(const char *a, const char *b) _pure_;
int strcmp_ptr(const char *a, const char *b) _pure_;
#define new(t, n) ((t*) malloc_multiply(sizeof(t), (n)))
@ -84,6 +85,11 @@ bool streq_ptr(const char *a, const char *b) _pure_;
#define malloc0(n) (calloc((n), 1))
static inline void *mfree(void *memory) {
free(memory);
return NULL;
}
static inline const char* yes_no(bool b) {
return b ? "yes" : "no";
}
@ -388,8 +394,6 @@ bool nulstr_contains(const char*nulstr, const char *needle);
bool plymouth_running(void);
bool machine_name_is_valid(const char *s) _pure_;
char* strshorten(char *s, size_t l);
int symlink_idempotent(const char *from, const char *to);
@ -797,8 +801,8 @@ int get_proc_cmdline_key(const char *parameter, char **value);
int container_get_leader(const char *machine, pid_t *pid);
int namespace_open(pid_t pid, int *pidns_fd, int *mntns_fd, int *netns_fd, int *root_fd);
int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int root_fd);
int namespace_open(pid_t pid, int *pidns_fd, int *mntns_fd, int *netns_fd, int *userns_fd, int *root_fd);
int namespace_enter(int pidns_fd, int mntns_fd, int netns_fd, int userns_fd, int root_fd);
int getpeercred(int fd, struct ucred *ucred);
int getpeersec(int fd, char **ret);
@ -848,15 +852,22 @@ int is_symlink(const char *path);
int is_dir(const char *path, bool follow);
int is_device_node(const char *path);
typedef enum UnquoteFlags {
UNQUOTE_RELAX = 1,
UNQUOTE_CUNESCAPE = 2,
UNQUOTE_CUNESCAPE_RELAX = 4,
} UnquoteFlags;
typedef enum ExtractFlags {
EXTRACT_RELAX = 1,
EXTRACT_CUNESCAPE = 2,
EXTRACT_CUNESCAPE_RELAX = 4,
EXTRACT_QUOTES = 8,
EXTRACT_DONT_COALESCE_SEPARATORS = 16,
} ExtractFlags;
int unquote_first_word(const char **p, char **ret, UnquoteFlags flags);
int unquote_first_word_and_warn(const char **p, char **ret, UnquoteFlags flags, const char *unit, const char *filename, unsigned line, const char *rvalue);
int unquote_many_words(const char **p, UnquoteFlags flags, ...) _sentinel_;
int extract_first_word(const char **p, char **ret, const char *separators, ExtractFlags flags);
int extract_first_word_and_warn(const char **p, char **ret, const char *separators, ExtractFlags flags, const char *unit, const char *filename, unsigned line, const char *rvalue);
int extract_many_words(const char **p, const char *separators, ExtractFlags flags, ...) _sentinel_;
static inline void free_and_replace(char **s, char *v) {
free(*s);
*s = v;
}
int free_and_strdup(char **p, const char *s);
@ -906,6 +917,7 @@ void cmsg_close_all(struct msghdr *mh);
int rename_noreplace(int olddirfd, const char *oldpath, int newdirfd, const char *newpath);
char *shell_escape(const char *s, const char *bad);
char *shell_maybe_quote(const char *s);
int parse_mode(const char *s, mode_t *ret);
@ -913,3 +925,6 @@ int parse_mode(const char *s, mode_t *ret);
int mount_move_root(const char *path);
int reset_uid_gid(void);
int getxattr_malloc(const char *path, const char *name, char **value, bool allow_symlink);
int fgetxattr_malloc(int fd, const char *name, char **value);

2
src/boot/bootctl.c
View File

@ -818,7 +818,7 @@ static int remove_boot_efi(const char *esp_path) {
if (r < 0)
return log_error_errno(errno, "Failed to remove \"%s/%s\": %m", p, de->d_name);
log_info("Removed \"%s/\%s\".", p, de->d_name);
log_info("Removed \"%s/%s\".", p, de->d_name);
}
c++;

2
src/bootchart/bootchart.c
View File

@ -367,7 +367,7 @@ int main(int argc, char *argv[]) {
struct timespec n;
double uptime;
clock_gettime(CLOCK_BOOTTIME, &n);
clock_gettime(clock_boottime_or_monotonic(), &n);
uptime = (n.tv_sec + (n.tv_nsec / (double) NSEC_PER_SEC));
log_start = gettime_ns();

6
src/bus-proxyd/bus-xml-policy.c
View File

@ -586,10 +586,8 @@ static int file_load(Policy *p, const char *path) {
case POLICY_ITEM_SEND:
case POLICY_ITEM_RECV:
if (streq(name, "*")) {
free(name);
name = NULL;
}
if (streq(name, "*"))
name = mfree(name);
break;

11
src/bus-proxyd/driver.c
View File

@ -35,6 +35,7 @@
#include "driver.h"
#include "proxy.h"
#include "synthesize.h"
#include "env-util.h"
static int get_creds_by_name(sd_bus *bus, const char *name, uint64_t mask, sd_bus_creds **_creds, sd_bus_error *error) {
_cleanup_bus_creds_unref_ sd_bus_creds *c = NULL;
@ -694,9 +695,13 @@ int bus_proxy_process_driver(Proxy *p, sd_bus *a, sd_bus *b, sd_bus_message *m,
if (!s)
return synthetic_reply_method_errno(m, -ENOMEM, NULL);
r = strv_extend(&args, s);
if (r < 0)
return synthetic_reply_method_errno(m, r, NULL);
if (!env_assignment_is_valid(s)) {
log_warning("UpdateActivationEnvironment() called with invalid assignment, discarding: %s", s);
} else {
r = strv_extend(&args, s);
if (r < 0)
return synthetic_reply_method_errno(m, r, NULL);
}
r = sd_bus_message_exit_container(m);
if (r < 0)

12
src/bus-proxyd/proxy.c
View File

@ -770,19 +770,21 @@ static int proxy_process_destination_to_local(Proxy *p) {
return r;
/* If the peer tries to send a reply and it is
* rejected with EPERM by the kernel, we ignore the
* rejected with EBADSLT by the kernel, we ignore the
* error. This catches cases where the original
* method-call didn't had EXPECT_REPLY set, but the
* proxy-peer still sends a reply. This is allowed in
* dbus1, but not in kdbus. We don't want to track
* reply-windows in the proxy, so we simply ignore
* EPERM for all replies. The only downside is, that
* EBADSLT for all replies. The only downside is, that
* callers are no longer notified if their replies are
* dropped. However, this is equivalent to the
* caller's timeout to expire, so this should be
* acceptable. Nobody sane sends replies without a
* matching method-call, so nobody should care. */
if (r == -EPERM && m->reply_cookie > 0)
/* FIXME: remove -EPERM when kdbus is updated */
if ((r == -EPERM || r == -EBADSLT) && m->reply_cookie > 0)
return 1;
/* Return the error to the client, if we can */
@ -863,8 +865,8 @@ static int proxy_process_local_to_destination(Proxy *p) {
if (r == -EREMCHG)
continue;
/* see above why EPERM is ignored for replies */
if (r == -EPERM && m->reply_cookie > 0)
/* see above why EBADSLT is ignored for replies */
if ((r == -EPERM || r == -EBADSLT) && m->reply_cookie > 0)
return 1;
synthetic_reply_method_errnof(m, r, "Failed to forward message we got from local: %m");

4
src/core/dbus-cgroup.c
View File

@ -433,9 +433,9 @@ int bus_cgroup_set_property(
if (!f)
return -ENOMEM;
if (read) {
if (read) {
fputs("BlockIOReadBandwidth=\n", f);
LIST_FOREACH(device_bandwidths, a, c->blockio_device_bandwidths)
LIST_FOREACH(device_bandwidths, a, c->blockio_device_bandwidths)
if (a->read)
fprintf(f, "BlockIOReadBandwidth=%s %" PRIu64 "\n", a->path, a->bandwidth);
} else {

104
src/core/dbus-execute.c
View File

@ -46,6 +46,8 @@ BUS_DEFINE_PROPERTY_GET_ENUM(bus_property_get_exec_output, exec_output, ExecOutp
static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_exec_input, exec_input, ExecInput);
static BUS_DEFINE_PROPERTY_GET_ENUM(property_get_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode);
static BUS_DEFINE_PROPERTY_GET_ENUM(bus_property_get_protect_home, protect_home, ProtectHome);
static BUS_DEFINE_PROPERTY_GET_ENUM(bus_property_get_protect_system, protect_system, ProtectSystem);
@ -653,6 +655,7 @@ const sd_bus_vtable bus_exec_vtable[] = {
SD_BUS_PROPERTY("ProtectSystem", "s", bus_property_get_protect_system, offsetof(ExecContext, protect_system), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("SameProcessGroup", "b", bus_property_get_bool, offsetof(ExecContext, same_pgrp), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("UtmpIdentifier", "s", NULL, offsetof(ExecContext, utmp_id), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("UtmpMode", "s", property_get_exec_utmp_mode, offsetof(ExecContext, utmp_mode), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("SELinuxContext", "(bs)", property_get_selinux_context, 0, SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("AppArmorProfile", "(bs)", property_get_apparmor_profile, 0, SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("SmackProcessLabel", "(bs)", property_get_smack_process_label, 0, SD_BUS_VTABLE_PROPERTY_CONST),
@ -932,6 +935,107 @@ int bus_exec_context_set_transient_property(
return 1;
} else if (streq(name, "IgnoreSIGPIPE")) {
int b;
r = sd_bus_message_read(message, "b", &b);
if (r < 0)
return r;
if (mode != UNIT_CHECK) {
c->ignore_sigpipe = b;
unit_write_drop_in_private_format(u, mode, name, "IgnoreSIGPIPE=%s\n", yes_no(b));
}
return 1;
} else if (streq(name, "TTYVHangup")) {
int b;
r = sd_bus_message_read(message, "b", &b);
if (r < 0)
return r;
if (mode != UNIT_CHECK) {
c->tty_vhangup = b;
unit_write_drop_in_private_format(u, mode, name, "TTYVHangup=%s\n", yes_no(b));
}
return 1;
} else if (streq(name, "TTYReset")) {
int b;
r = sd_bus_message_read(message, "b", &b);
if (r < 0)
return r;
if (mode != UNIT_CHECK) {
c->tty_reset = b;
unit_write_drop_in_private_format(u, mode, name, "TTYReset=%s\n", yes_no(b));
}
return 1;
} else if (streq(name, "UtmpIdentifier")) {
const char *id;
r = sd_bus_message_read(message, "s", &id);
if (r < 0)
return r;
if (mode != UNIT_CHECK) {
if (isempty(id))
c->utmp_id = mfree(c->utmp_id);
else if (free_and_strdup(&c->utmp_id, id) < 0)
return -ENOMEM;
unit_write_drop_in_private_format(u, mode, name, "UtmpIdentifier=%s\n", strempty(id));
}
return 1;
} else if (streq(name, "UtmpMode")) {
const char *s;
ExecUtmpMode m;
r = sd_bus_message_read(message, "s", &s);
if (r < 0)
return r;
m = exec_utmp_mode_from_string(s);
if (m < 0)
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid utmp mode");
if (mode != UNIT_CHECK) {
c->utmp_mode = m;
unit_write_drop_in_private_format(u, mode, name, "UtmpMode=%s\n", exec_utmp_mode_to_string(m));
}
return 1;
} else if (streq(name, "PAMName")) {
const char *n;
r = sd_bus_message_read(message, "s", &n);
if (r < 0)
return r;
if (mode != UNIT_CHECK) {
if (isempty(n))
c->pam_name = mfree(c->pam_name);
else if (free_and_strdup(&c->pam_name, n) < 0)
return -ENOMEM;
unit_write_drop_in_private_format(u, mode, name, "PAMName=%s\n", strempty(n));
}
return 1;
} else if (streq(name, "Environment")) {
_cleanup_strv_free_ char **l = NULL;

16
src/core/dbus-manager.c
View File

@ -1650,10 +1650,6 @@ static int method_enable_unit_files_generic(
if (r < 0)
return r;
r = mac_selinux_unit_access_check_strv(l, message, m, verb, error);
if (r < 0)
return r;
r = bus_verify_manage_unit_files_async(m, message, error);
if (r < 0)
return r;
@ -1723,10 +1719,6 @@ static int method_preset_unit_files_with_mode(sd_bus_message *message, void *use
return -EINVAL;
}
r = mac_selinux_unit_access_check_strv(l, message, m, "enable", error);
if (r < 0)
return r;
r = bus_verify_manage_unit_files_async(m, message, error);
if (r < 0)
return r;
@ -1766,10 +1758,6 @@ static int method_disable_unit_files_generic(
if (r < 0)
return r;
r = mac_selinux_unit_access_check_strv(l, message, m, verb, error);
if (r < 0)
return r;
scope = m->running_as == MANAGER_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER;
r = bus_verify_manage_unit_files_async(m, message, error);
@ -1902,10 +1890,6 @@ static int method_add_dependency_unit_files(sd_bus_message *message, void *userd
if (dep < 0)
return -EINVAL;
r = mac_selinux_unit_access_check_strv(l, message, m, "enable", error);
if (r < 0)
return r;
scope = m->running_as == MANAGER_SYSTEM ? UNIT_FILE_SYSTEM : UNIT_FILE_USER;
r = unit_file_add_dependency(scope, runtime, NULL, l, target, dep, force, &changes, &n_changes);

3
src/core/dbus-timer.c
View File

@ -252,8 +252,7 @@ static int bus_timer_set_transient_property(
v = new0(TimerValue, 1);
if (!v) {
if (c)
calendar_spec_free(c);
calendar_spec_free(c);
return -ENOMEM;
}

32
src/core/dbus-unit.c
View File

@ -697,10 +697,40 @@ static int property_get_cpu_usage(
return sd_bus_message_append(reply, "t", ns);
}
static int property_get_cgroup(
sd_bus *bus,
const char *path,
const char *interface,
const char *property,
sd_bus_message *reply,
void *userdata,
sd_bus_error *error) {
Unit *u = userdata;
const char *t;
assert(bus);
assert(reply);
assert(u);
/* Three cases: a) u->cgroup_path is NULL, in which case the
* unit has no control group, which we report as the empty
* string. b) u->cgroup_path is the empty string, which
* indicates the root cgroup, which we report as "/". c) all
* other cases we report as-is. */
if (u->cgroup_path)
t = isempty(u->cgroup_path) ? "/" : u->cgroup_path;
else
t = "";
return sd_bus_message_append(reply, "s", t);
}
const sd_bus_vtable bus_unit_cgroup_vtable[] = {
SD_BUS_VTABLE_START(0),
SD_BUS_PROPERTY("Slice", "s", property_get_slice, 0, 0),
SD_BUS_PROPERTY("ControlGroup", "s", NULL, offsetof(Unit, cgroup_path), 0),
SD_BUS_PROPERTY("ControlGroup", "s", property_get_cgroup, 0, 0),
SD_BUS_PROPERTY("MemoryCurrent", "t", property_get_current_memory, 0, 0),
SD_BUS_PROPERTY("CPUUsageNSec", "t", property_get_cpu_usage, 0, 0),
SD_BUS_VTABLE_END

50
src/core/dbus.c
View File

@ -140,28 +140,6 @@ static int signal_disconnected(sd_bus_message *message, void *userdata, sd_bus_e
return 0;
}
static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
const char *name, *old_owner, *new_owner;
Manager *m = userdata;
int r;
assert(message);
assert(m);
r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
if (r < 0) {
bus_log_parse_error(r);
return 0;
}
manager_dispatch_bus_name_owner_changed(
m, name,
isempty(old_owner) ? NULL : old_owner,
isempty(new_owner) ? NULL : new_owner);
return 0;
}
static int signal_activation_request(sd_bus_message *message, void *userdata, sd_bus_error *ret_error) {
_cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL;
_cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
@ -762,13 +740,21 @@ static int bus_list_names(Manager *m, sd_bus *bus) {
/* This is a bit hacky, we say the owner of the name is the
* name itself, because we don't want the extra traffic to
* figure out the real owner. */
STRV_FOREACH(i, names)
manager_dispatch_bus_name_owner_changed(m, *i, NULL, *i);
STRV_FOREACH(i, names) {
Unit *u;
u = hashmap_get(m->watch_bus, *i);
if (u)
UNIT_VTABLE(u)->bus_name_owner_change(u, *i, NULL, *i);
}
return 0;
}
static int bus_setup_api(Manager *m, sd_bus *bus) {
Iterator i;
char *name;
Unit *u;
int r;
assert(m);
@ -786,17 +772,11 @@ static int bus_setup_api(Manager *m, sd_bus *bus) {
if (r < 0)
return r;
r = sd_bus_add_match(
bus,
NULL,
"type='signal',"
"sender='org.freedesktop.DBus',"
"path='/org/freedesktop/DBus',"
"interface='org.freedesktop.DBus',"
"member='NameOwnerChanged'",
signal_name_owner_changed, m);
if (r < 0)
log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal: %m");
HASHMAP_FOREACH_KEY(u, name, m->watch_bus, i) {
r = unit_install_bus_match(bus, u, name);
if (r < 0)
log_error_errno(r, "Failed to subscribe to NameOwnerChanged signal: %m");
}
r = sd_bus_add_match(
bus,

35
src/core/execute.c
View File

@ -31,6 +31,7 @@
#include <grp.h>
#include <poll.h>
#include <glob.h>
#include <utmpx.h>
#include <sys/personality.h>
#ifdef HAVE_PAM
@ -1504,7 +1505,11 @@ static int exec_child(
}
if (context->utmp_id)
utmp_put_init_process(context->utmp_id, getpid(), getsid(0), context->tty_path);
utmp_put_init_process(context->utmp_id, getpid(), getsid(0), context->tty_path,
context->utmp_mode == EXEC_UTMP_INIT ? INIT_PROCESS :
context->utmp_mode == EXEC_UTMP_LOGIN ? LOGIN_PROCESS :
USER_PROCESS,
username ? "root" : context->user);
if (context->user && is_terminal_input(context->std_input)) {
r = chown_terminal(STDIN_FILENO, uid);
@ -1554,7 +1559,13 @@ static int exec_child(
return -ENOMEM;
}
r = mkdir_safe_label(p, context->runtime_directory_mode, uid, gid);
r = mkdir_p_label(p, context->runtime_directory_mode);
if (r < 0) {
*exit_status = EXIT_RUNTIME_DIRECTORY;
return r;
}
r = chmod_and_chown(p, context->runtime_directory_mode, uid, gid);
if (r < 0) {
*exit_status = EXIT_RUNTIME_DIRECTORY;
return r;
@ -1719,7 +1730,15 @@ static int exec_child(
}
#ifdef SMACK_DEFAULT_PROCESS_LABEL
else {
r = mac_smack_apply_pid(0, SMACK_DEFAULT_PROCESS_LABEL);
_cleanup_free_ char *exec_label = NULL;
r = mac_smack_read(command->path, SMACK_ATTR_EXEC, &exec_label);
if (r < 0 && r != -ENODATA && r != -EOPNOTSUPP) {
*exit_status = EXIT_SMACK_PROCESS_LABEL;
return r;
}
r = mac_smack_apply_pid(0, exec_label ? : SMACK_DEFAULT_PROCESS_LABEL);
if (r < 0) {
*exit_status = EXIT_SMACK_PROCESS_LABEL;
return r;
@ -2203,7 +2222,7 @@ int exec_context_load_environment(Unit *unit, const ExecContext *c, char ***l) {
static bool tty_may_match_dev_console(const char *tty) {
_cleanup_free_ char *active = NULL;
char *console;
char *console;
if (startswith(tty, "/dev/"))
tty += 5;
@ -2954,3 +2973,11 @@ static const char* const exec_output_table[_EXEC_OUTPUT_MAX] = {
};
DEFINE_STRING_TABLE_LOOKUP(exec_output, ExecOutput);
static const char* const exec_utmp_mode_table[_EXEC_UTMP_MODE_MAX] = {
[EXEC_UTMP_INIT] = "init",
[EXEC_UTMP_LOGIN] = "login",
[EXEC_UTMP_USER] = "user",
};
DEFINE_STRING_TABLE_LOOKUP(exec_utmp_mode, ExecUtmpMode);

12
src/core/execute.h
View File

@ -38,6 +38,14 @@ typedef struct ExecParameters ExecParameters;
#include "namespace.h"
#include "bus-endpoint.h"
typedef enum ExecUtmpMode {
EXEC_UTMP_INIT,
EXEC_UTMP_LOGIN,
EXEC_UTMP_USER,
_EXEC_UTMP_MODE_MAX,
_EXEC_UTMP_MODE_INVALID = -1
} ExecUtmpMode;
typedef enum ExecInput {
EXEC_INPUT_NULL,
EXEC_INPUT_TTY,
@ -131,6 +139,7 @@ struct ExecContext {
char *pam_name;
char *utmp_id;
ExecUtmpMode utmp_mode;
bool selinux_context_ignore;
char *selinux_context;
@ -265,3 +274,6 @@ ExecOutput exec_output_from_string(const char *s) _pure_;
const char* exec_input_to_string(ExecInput i) _const_;
ExecInput exec_input_from_string(const char *s) _pure_;
const char* exec_utmp_mode_to_string(ExecUtmpMode i) _const_;
ExecUtmpMode exec_utmp_mode_from_string(const char *s) _pure_;

2
src/core/kmod-setup.c
View File

@ -112,7 +112,7 @@ int kmod_setup(void) {
r = kmod_module_probe_insert_module(mod, KMOD_PROBE_APPLY_BLACKLIST, NULL, NULL, NULL, NULL);
if (r == 0)
log_info("Inserted module '%s'", kmod_module_get_name(mod));
log_debug("Inserted module '%s'", kmod_module_get_name(mod));
else if (r == KMOD_PROBE_APPLY_BLACKLIST)
log_info("Module '%s' is blacklisted", kmod_module_get_name(mod));
else {

1
src/core/load-fragment-gperf.gperf.m4
View File

@ -91,6 +91,7 @@ m4_ifdef(`HAVE_PAM',
`$1.PAMName, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')
$1.IgnoreSIGPIPE, config_parse_bool, 0, offsetof($1, exec_context.ignore_sigpipe)
$1.UtmpIdentifier, config_parse_unit_string_printf, 0, offsetof($1, exec_context.utmp_id)
$1.UtmpMode, config_parse_exec_utmp_mode, 0, offsetof($1, exec_context.utmp_mode)
m4_ifdef(`HAVE_SELINUX',
`$1.SELinuxContext, config_parse_exec_selinux_context, 0, offsetof($1, exec_context)',
`$1.SELinuxContext, config_parse_warn_compat, DISABLED_CONFIGURATION, 0')

20
src/core/load-fragment.c
View File

@ -552,7 +552,7 @@ int config_parse_exec(
semicolon = false;
r = unquote_first_word_and_warn(&p, &firstword, UNQUOTE_CUNESCAPE, unit, filename, line, rvalue);
r = extract_first_word_and_warn(&p, &firstword, WHITESPACE, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
if (r <= 0)
return 0;
@ -614,7 +614,7 @@ int config_parse_exec(
path_kill_slashes(path);
for (;;) {
while (!isempty(p)) {
_cleanup_free_ char *word = NULL;
/* Check explicitly for an unquoted semicolon as
@ -627,7 +627,7 @@ int config_parse_exec(
}
/* Check for \; explicitly, to not confuse it with \\;
* or "\;" or "\\;" etc. unquote_first_word would
* or "\;" or "\\;" etc. extract_first_word would
* return the same for all of those. */
if (p[0] == '\\' && p[1] == ';' && (!p[2] || strchr(WHITESPACE, p[2]))) {
p += 2;
@ -642,7 +642,7 @@ int config_parse_exec(
continue;
}
r = unquote_first_word_and_warn(&p, &word, UNQUOTE_CUNESCAPE, unit, filename, line, rvalue);
r = extract_first_word_and_warn(&p, &word, WHITESPACE, EXTRACT_QUOTES|EXTRACT_CUNESCAPE, unit, filename, line, rvalue);
if (r == 0)
break;
else if (r < 0)
@ -1142,6 +1142,8 @@ int config_parse_sysv_priority(const char *unit,
}
#endif
DEFINE_CONFIG_PARSE_ENUM(config_parse_exec_utmp_mode, exec_utmp_mode, ExecUtmpMode, "Failed to parse utmp mode");
DEFINE_CONFIG_PARSE_ENUM(config_parse_kill_mode, kill_mode, KillMode, "Failed to parse kill mode");
int config_parse_kill_signal(const char *unit,
@ -1986,7 +1988,7 @@ int config_parse_environ(const char *unit,
return log_oom();
FOREACH_WORD_QUOTED(word, l, k, state) {
_cleanup_free_ char *n;
_cleanup_free_ char *n = NULL;
char **x;
r = cunescape_length(word, l, 0, &n);
@ -3508,9 +3510,7 @@ static int load_from_path(Unit *u, const char *path) {
r = open_follow(&filename, &f, symlink_names, &id);
if (r < 0) {
free(filename);
filename = NULL;
filename = mfree(filename);
if (r != -ENOENT)
return r;
}
@ -3534,9 +3534,7 @@ static int load_from_path(Unit *u, const char *path) {
r = open_follow(&filename, &f, symlink_names, &id);
if (r < 0) {
free(filename);
filename = NULL;
filename = mfree(filename);
if (r != -ENOENT)
return r;

1
src/core/load-fragment.h
View File

@ -104,6 +104,7 @@ int config_parse_cpu_quota(const char *unit, const char *filename, unsigned line
int config_parse_protect_home(const char* unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_protect_system(const char* unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_bus_name(const char* unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
int config_parse_exec_utmp_mode(const char *unit, const char *filename, unsigned line, const char *section, unsigned section_line, const char *lvalue, int ltype, const char *rvalue, void *data, void *userdata);
/* gperf prototypes */
const struct ConfigPerfItem* load_fragment_gperf_lookup(const char *key, unsigned length);

4
src/core/machine-id-setup.c
View File

@ -325,7 +325,7 @@ int machine_id_commit(const char *root) {
fd = safe_close(fd);
/* Store current mount namespace */
r = namespace_open(0, NULL, &initial_mntns_fd, NULL, NULL);
r = namespace_open(0, NULL, &initial_mntns_fd, NULL, NULL, NULL);
if (r < 0)
return log_error_errno(r, "Can't fetch current mount namespace: %m");
@ -351,7 +351,7 @@ int machine_id_commit(const char *root) {
fd = safe_close(fd);
/* Return to initial namespace and proceed a lazy tmpfs unmount */
r = namespace_enter(-1, initial_mntns_fd, -1, -1);
r = namespace_enter(-1, initial_mntns_fd, -1, -1, -1);
if (r < 0)
return log_warning_errno(r, "Failed to switch back to initial mount namespace: %m.\nWe'll keep transient %s file until next reboot.", etc_machine_id);

10
src/core/main.c
View File

@ -1785,7 +1785,7 @@ int main(int argc, char *argv[]) {
case MANAGER_REEXECUTE:
if (prepare_reexecute(m, &arg_serialization, &fds, false) < 0) {
error_message = "Failed to prepare for reexection";
error_message = "Failed to prepare for reexecution";
goto finish;
}
@ -1801,7 +1801,7 @@ int main(int argc, char *argv[]) {
if (!switch_root_init)
if (prepare_reexecute(m, &arg_serialization, &fds, true) < 0) {
error_message = "Failed to prepare for reexection";
error_message = "Failed to prepare for reexecution";
goto finish;
}
@ -1844,13 +1844,11 @@ finish:
arg_default_rlimit[j] = NULL;
}
free(arg_default_unit);
arg_default_unit = NULL;
arg_default_unit = mfree(arg_default_unit);
free_join_controllers();
strv_free(arg_default_environment);
arg_default_environment = NULL;
arg_default_environment = strv_free(arg_default_environment);
set_free(arg_syscall_archs);
arg_syscall_archs = NULL;

18
src/core/manager.c
View File

@ -2187,24 +2187,6 @@ void manager_send_unit_plymouth(Manager *m, Unit *u) {
log_error_errno(errno, "Failed to write Plymouth message: %m");
}
void manager_dispatch_bus_name_owner_changed(
Manager *m,
const char *name,
const char* old_owner,
const char *new_owner) {
Unit *u;
assert(m);
assert(name);
u = hashmap_get(m->watch_bus, name);
if (!u)
return;
UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
}
int manager_open_serialization(Manager *m, FILE **_f) {
const char *path;
int fd = -1;

2
src/core/manager.h
View File

@ -329,8 +329,6 @@ int manager_set_default_rlimits(Manager *m, struct rlimit **default_rlimit);
int manager_loop(Manager *m);
void manager_dispatch_bus_name_owner_changed(Manager *m, const char *name, const char* old_owner, const char *new_owner);
int manager_open_serialization(Manager *m, FILE **_f);
int manager_serialize(Manager *m, FILE *f, FDSet *fds, bool switching_root);

25
src/core/selinux-access.c
View File

@ -38,6 +38,7 @@
#include "selinux-util.h"
#include "audit-fd.h"
#include "strv.h"
#include "path-util.h"
static bool initialized = false;
@ -288,27 +289,3 @@ finish:
return 0;
#endif
}
int mac_selinux_unit_access_check_strv(
char **units,
sd_bus_message *message,
Manager *m,
const char *permission,
sd_bus_error *error) {
#ifdef HAVE_SELINUX
char **i;
Unit *u;
int r;
STRV_FOREACH(i, units) {
r = manager_load_unit(m, *i, NULL, error, &u);
if (r < 0)
return r;
r = mac_selinux_unit_access_check(u, message, permission, error);
if (r < 0)
return r;
}
#endif
return 0;
}

2
src/core/selinux-access.h
View File

@ -29,8 +29,6 @@ void mac_selinux_access_free(void);
int mac_selinux_generic_access_check(sd_bus_message *message, const char *path, const char *permission, sd_bus_error *error);
int mac_selinux_unit_access_check_strv(char **units, sd_bus_message *message, Manager *m, const char *permission, sd_bus_error *error);
#ifdef HAVE_SELINUX
#define mac_selinux_access_check(message, permission, error) \

3
src/core/snapshot.c
View File

@ -217,8 +217,7 @@ int snapshot_create(Manager *m, const char *name, bool cleanup, sd_bus_error *e,
break;
}
free(n);
n = NULL;
n = mfree(n);
}
}

6
src/core/socket.c
View File

@ -923,13 +923,13 @@ static void socket_apply_socket_options(Socket *s, int fd) {
log_unit_warning_errno(UNIT(s), errno, "TCP_CONGESTION failed: %m");
if (s->smack_ip_in) {
r = mac_smack_apply_ip_in_fd(fd, s->smack_ip_in);
r = mac_smack_apply_fd(fd, SMACK_ATTR_IPIN, s->smack_ip_in);
if (r < 0)
log_unit_error_errno(UNIT(s), r, "mac_smack_apply_ip_in_fd: %m");
}
if (s->smack_ip_out) {
r = mac_smack_apply_ip_out_fd(fd, s->smack_ip_out);
r = mac_smack_apply_fd(fd, SMACK_ATTR_IPOUT, s->smack_ip_out);
if (r < 0)
log_unit_error_errno(UNIT(s), r, "mac_smack_apply_ip_out_fd: %m");
}
@ -946,7 +946,7 @@ static void socket_apply_fifo_options(Socket *s, int fd) {
log_unit_warning_errno(UNIT(s), errno, "F_SETPIPE_SZ: %m");
if (s->smack) {
r = mac_smack_apply_fd(fd, s->smack);
r = mac_smack_apply_fd(fd, SMACK_ATTR_ACCESS, s->smack);
if (r < 0)
log_unit_error_errno(UNIT(s), r, "mac_smack_apply_fd: %m");
}

5
src/core/timer.c
View File

@ -57,10 +57,7 @@ void timer_free_values(Timer *t) {
while ((v = t->values)) {
LIST_REMOVE(value, t->values, v);
if (v->calendar_spec)
calendar_spec_free(v->calendar_spec);
calendar_spec_free(v->calendar_spec);
free(v);
}
}

66
src/core/unit.c
View File

@ -48,6 +48,7 @@
#include "dropin.h"
#include "formats-util.h"
#include "process-util.h"
#include "bus-util.h"
const UnitVTable * const unit_vtable[_UNIT_TYPE_MAX] = {
[UNIT_SERVICE] = &service_vtable,
@ -481,6 +482,8 @@ void unit_free(Unit *u) {
unit_done(u);
sd_bus_slot_unref(u->match_bus_slot);
unit_free_requires_mounts_for(u);
SET_FOREACH(t, u->names, i)
@ -2500,14 +2503,74 @@ int unit_load_related_unit(Unit *u, const char *type, Unit **_found) {
return r;
}
static int signal_name_owner_changed(sd_bus_message *message, void *userdata, sd_bus_error *error) {
const char *name, *old_owner, *new_owner;
Unit *u = userdata;
int r;
assert(message);
assert(u);
r = sd_bus_message_read(message, "sss", &name, &old_owner, &new_owner);
if (r < 0) {
bus_log_parse_error(r);
return 0;
}
if (UNIT_VTABLE(u)->bus_name_owner_change)
UNIT_VTABLE(u)->bus_name_owner_change(u, name, old_owner, new_owner);
return 0;
}
int unit_install_bus_match(sd_bus *bus, Unit *u, const char *name) {
_cleanup_free_ char *match = NULL;
Manager *m = u->manager;
assert(m);
if (u->match_bus_slot)
return -EBUSY;
match = strjoin("type='signal',"
"sender='org.freedesktop.DBus',"
"path='/org/freedesktop/DBus',"
"interface='org.freedesktop.DBus',"
"member='NameOwnerChanged',"
"arg0='",
name,
"'",
NULL);
if (!match)
return -ENOMEM;
return sd_bus_add_match(bus, &u->match_bus_slot, match, signal_name_owner_changed, u);
}
int unit_watch_bus_name(Unit *u, const char *name) {
int r;
assert(u);
assert(name);
/* Watch a specific name on the bus. We only support one unit
* watching each name for now. */
return hashmap_put(u->manager->watch_bus, name, u);
if (u->manager->api_bus) {
/* If the bus is already available, install the match directly.
* Otherwise, just put the name in the list. bus_setup_api() will take care later. */
r = unit_install_bus_match(u->manager->api_bus, u, name);
if (r < 0)
return log_warning_errno(r, "Failed to subscribe to NameOwnerChanged signal: %m");
}
r = hashmap_put(u->manager->watch_bus, name, u);
if (r < 0) {
u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
return log_warning_errno(r, "Failed to put bus name to hashmap: %m");
}
return 0;
}
void unit_unwatch_bus_name(Unit *u, const char *name) {
@ -2515,6 +2578,7 @@ void unit_unwatch_bus_name(Unit *u, const char *name) {
assert(name);
hashmap_remove_value(u->manager->watch_bus, name, u);
u->match_bus_slot = sd_bus_slot_unref(u->match_bus_slot);
}
bool unit_can_serialize(Unit *u) {

4
src/core/unit.h
View File

@ -115,6 +115,9 @@ struct Unit {
/* JOB_NOP jobs are special and can be installed without disturbing the real job. */
Job *nop_job;
/* The slot used for watching NameOwnerChanged signals */
sd_bus_slot *match_bus_slot;
/* Job timeout and action to take */
usec_t job_timeout;
FailureAction job_timeout_action;
@ -522,6 +525,7 @@ void unit_unwatch_all_pids(Unit *u);
void unit_tidy_watch_pids(Unit *u, pid_t except1, pid_t except2);
int unit_install_bus_match(sd_bus *bus, Unit *u, const char *name);
int unit_watch_bus_name(Unit *u, const char *name);
void unit_unwatch_bus_name(Unit *u, const char *name);

3
src/cryptsetup/cryptsetup.c
View File

@ -333,8 +333,7 @@ static int get_password(const char *vol, const char *src, usec_t until, bool acc
/* If the description string is simply the
* volume name, then let's not show this
* twice */
free(description);
description = NULL;
description = mfree(description);
}
if (mount_point && description)

17
src/firstboot/firstboot.c
View File

@ -386,12 +386,13 @@ static int prompt_hostname(void) {
break;
}
if (!hostname_is_valid(h)) {
if (!hostname_is_valid(h, true)) {
log_error("Specified hostname invalid.");
continue;
}
arg_hostname = h;
/* Get rid of the trailing dot that we allow, but don't want to see */
arg_hostname = hostname_cleanup(h);
h = NULL;
break;
}
@ -715,10 +716,8 @@ static int parse_argv(int argc, char *argv[]) {
path_kill_slashes(arg_root);
if (path_equal(arg_root, "/")) {
free(arg_root);
arg_root = NULL;
}
if (path_equal(arg_root, "/"))
arg_root = mfree(arg_root);
break;
@ -765,8 +764,7 @@ static int parse_argv(int argc, char *argv[]) {
break;
case ARG_ROOT_PASSWORD_FILE:
free(arg_root_password);
arg_root_password = NULL;
arg_root_password = mfree(arg_root_password);
r = read_one_line_file(optarg, &arg_root_password);
if (r < 0)
@ -775,11 +773,12 @@ static int parse_argv(int argc, char *argv[]) {
break;
case ARG_HOSTNAME:
if (!hostname_is_valid(optarg)) {
if (!hostname_is_valid(optarg, true)) {
log_error("Host name %s is not valid.", optarg);
return -EINVAL;
}
hostname_cleanup(optarg);
r = free_and_strdup(&arg_hostname, optarg);
if (r < 0)
return log_oom();

192
src/gpt-auto-generator/gpt-auto-generator.c
View File

@ -240,82 +240,6 @@ static int add_mount(
return 0;
}
static int add_automount(
const char *id,
const char *what,
const char *where,
const char *fstype,
bool rw,
const char *options,
const char *description,
usec_t timeout) {
_cleanup_free_ char *unit = NULL, *lnk = NULL, *crypto_what = NULL;
_cleanup_free_ char *opt, *p = NULL;
_cleanup_fclose_ FILE *f = NULL;
int r;
assert(id);
assert(where);
assert(description);
if (options)
opt = strjoin(options, ",noauto", NULL);
else
opt = strdup("noauto");
if (!opt)
return log_oom();
r = add_mount(id,
what,
where,
fstype,
rw,
opt,
description,
NULL);
if (r < 0)
return r;
r = unit_name_from_path(where, ".automount", &unit);
if (r < 0)
return log_error_errno(r, "Failed to generate unit name: %m");
p = strjoin(arg_dest, "/", unit, NULL);
if (!p)
return log_oom();
f = fopen(p, "wxe");
if (!f)
return log_error_errno(errno, "Failed to create unit file %s: %m", unit);
fprintf(f,
"# Automatically generated by systemd-gpt-auto-generator\n\n"
"[Unit]\n"
"Description=%s\n"
"Documentation=man:systemd-gpt-auto-generator(8)\n"
"[Automount]\n"
"Where=%s\n"
"TimeoutIdleSec=%lld\n",
description,
where,
(unsigned long long)timeout / USEC_PER_SEC);
r = fflush_and_check(f);
if (r < 0)
return log_error_errno(r, "Failed to write unit file %s: %m", p);
lnk = strjoin(arg_dest, "/" SPECIAL_LOCAL_FS_TARGET ".wants/", unit, NULL);
if (!lnk)
return log_oom();
mkdir_parents_label(lnk, 0755);
if (symlink(p, lnk) < 0)
return log_error_errno(errno, "Failed to create symlink %s: %m", lnk);
return 0;
}
static bool path_is_busy(const char *where) {
int r;
@ -441,8 +365,84 @@ static int add_swap(const char *path) {
return 0;
}
static int add_boot(const char *what) {
#ifdef ENABLE_EFI
static int add_automount(
const char *id,
const char *what,
const char *where,
const char *fstype,
bool rw,
const char *options,
const char *description,
usec_t timeout) {
_cleanup_free_ char *unit = NULL, *lnk = NULL;
_cleanup_free_ char *opt, *p = NULL;
_cleanup_fclose_ FILE *f = NULL;
int r;
assert(id);
assert(where);
assert(description);
if (options)
opt = strjoin(options, ",noauto", NULL);
else
opt = strdup("noauto");
if (!opt)
return log_oom();
r = add_mount(id,
what,
where,
fstype,
rw,
opt,
description,
NULL);
if (r < 0)
return r;
r = unit_name_from_path(where, ".automount", &unit);
if (r < 0)
return log_error_errno(r, "Failed to generate unit name: %m");
p = strjoin(arg_dest, "/", unit, NULL);
if (!p)
return log_oom();
f = fopen(p, "wxe");
if (!f)
return log_error_errno(errno, "Failed to create unit file %s: %m", unit);
fprintf(f,
"# Automatically generated by systemd-gpt-auto-generator\n\n"
"[Unit]\n"
"Description=%s\n"
"Documentation=man:systemd-gpt-auto-generator(8)\n"
"[Automount]\n"
"Where=%s\n"
"TimeoutIdleSec=%lld\n",
description,
where,
(unsigned long long)timeout / USEC_PER_SEC);
r = fflush_and_check(f);
if (r < 0)
return log_error_errno(r, "Failed to write unit file %s: %m", p);
lnk = strjoin(arg_dest, "/" SPECIAL_LOCAL_FS_TARGET ".wants/", unit, NULL);
if (!lnk)
return log_oom();
mkdir_parents_label(lnk, 0755);
if (symlink(p, lnk) < 0)
return log_error_errno(errno, "Failed to create symlink %s: %m", lnk);
return 0;
}
static int add_boot(const char *what) {
_cleanup_blkid_free_probe_ blkid_probe b = NULL;
const char *fstype = NULL, *uuid = NULL;
sd_id128_t id, type_id;
@ -532,10 +532,12 @@ static int add_boot(const char *what) {
120 * USEC_PER_SEC);
return r;
#else
return 0;
#endif
}
#else
static int add_boot(const char *what) {
return 0;
}
#endif
static int enumerate_partitions(dev_t devnum) {
@ -616,9 +618,12 @@ static int enumerate_partitions(dev_t devnum) {
errno = 0;
r = blkid_do_safeprobe(b);
if (r == -2 || r == 1) /* no result or uncertain */
if (r == 1)
return 0; /* no results */
else if (r == -2) {
log_warning("%s: probe gave ambiguous results, ignoring", node);
return 0;
else if (r != 0)
} else if (r != 0)
return log_error_errno(errno ?: EIO, "%s: failed to probe: %m", node);
errno = 0;
@ -666,7 +671,6 @@ static int enumerate_partitions(dev_t devnum) {
blkid_partition pp;
dev_t qn;
int nr;
unsigned long long flags;
q = udev_device_new_from_syspath(udev, udev_list_entry_get_name(item));
if (!q)
@ -690,13 +694,6 @@ static int enumerate_partitions(dev_t devnum) {
if (!pp)
continue;
flags = blkid_partition_get_flags(pp);
/* Ignore partitions that are not marked for automatic
* mounting on discovery */
if (flags & GPT_FLAG_NO_AUTO)
continue;
nr = blkid_partition_get_partno(pp);
if (nr < 0)
continue;
@ -709,6 +706,11 @@ static int enumerate_partitions(dev_t devnum) {
continue;
if (sd_id128_equal(type_id, GPT_SWAP)) {
unsigned long long flags;
flags = blkid_partition_get_flags(pp);
if (flags & GPT_FLAG_NO_AUTO)
continue;
if (flags & GPT_FLAG_READ_ONLY) {
log_debug("%s marked as read-only swap partition, which is bogus. Ignoring.", subnode);
@ -732,6 +734,11 @@ static int enumerate_partitions(dev_t devnum) {
return log_oom();
} else if (sd_id128_equal(type_id, GPT_HOME)) {
unsigned long long flags;
flags = blkid_partition_get_flags(pp);
if (flags & GPT_FLAG_NO_AUTO)
continue;
/* We only care for the first /home partition */
if (home && nr >= home_nr)
@ -745,6 +752,11 @@ static int enumerate_partitions(dev_t devnum) {
return log_oom();
} else if (sd_id128_equal(type_id, GPT_SRV)) {
unsigned long long flags;
flags = blkid_partition_get_flags(pp);
if (flags & GPT_FLAG_NO_AUTO)
continue;
/* We only care for the first /srv partition */
if (srv && nr >= srv_nr)

21
src/hostname/hostnamectl.c
View File

@ -252,7 +252,7 @@ static int set_simple_string(sd_bus *bus, const char *method, const char *value)
static int set_hostname(sd_bus *bus, char **args, unsigned n) {
_cleanup_free_ char *h = NULL;
const char *hostname = args[1];
char *hostname = args[1];
int r;
assert(args);
@ -270,17 +270,16 @@ static int set_hostname(sd_bus *bus, char **args, unsigned n) {
* just set the passed hostname as static/dynamic
* hostname. */
h = strdup(hostname);
if (!h)
return log_oom();
hostname_cleanup(h, true);
if (arg_static && streq(h, hostname))
if (arg_static && hostname_is_valid(hostname, true)) {
p = "";
else {
p = hostname;
hostname = h;
/* maybe get rid of trailing dot */
hostname = hostname_cleanup(hostname);
} else {
p = h = strdup(hostname);
if (!p)
return log_oom();
hostname_cleanup(hostname);
}
r = set_simple_string(bus, "SetPrettyHostname", p);

4
src/hostname/hostnamed.c
View File

@ -424,7 +424,7 @@ static int method_set_hostname(sd_bus_message *m, void *userdata, sd_bus_error *
if (isempty(name))
name = "localhost";
if (!hostname_is_valid(name))
if (!hostname_is_valid(name, false))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid hostname '%s'", name);
if (streq_ptr(name, c->data[PROP_HOSTNAME]))
@ -501,7 +501,7 @@ static int method_set_static_hostname(sd_bus_message *m, void *userdata, sd_bus_
} else {
char *h;
if (!hostname_is_valid(name))
if (!hostname_is_valid(name, false))
return sd_bus_error_setf(error, SD_BUS_ERROR_INVALID_ARGS, "Invalid static hostname '%s'", name);
h = strdup(name);

1
src/import/export.c
View File

@ -24,6 +24,7 @@
#include "sd-event.h"
#include "event-util.h"
#include "signal-util.h"
#include "hostname-util.h"
#include "verbs.h"
#include "build.h"
#include "machine-image.h"

2
src/import/import-common.c
View File

@ -210,7 +210,7 @@ int import_fork_tar_c(const char *path, pid_t *ret) {
if (r < 0)
log_error_errno(r, "Failed to drop capabilities, ignoring: %m");
execlp("tar", "tar", "--sparse", "-C", path, "-c", ".", NULL);
execlp("tar", "tar", "-C", path, "-c", ".", NULL);
log_error_errno(errno, "Failed to execute tar: %m");
_exit(EXIT_FAILURE);
}

1
src/import/import-raw.c
View File

@ -26,6 +26,7 @@
#include "util.h"
#include "path-util.h"
#include "btrfs-util.h"
#include "hostname-util.h"
#include "copy.h"
#include "mkdir.h"
#include "rm-rf.h"

1
src/import/import-tar.c
View File

@ -26,6 +26,7 @@
#include "util.h"
#include "path-util.h"
#include "btrfs-util.h"
#include "hostname-util.h"
#include "copy.h"
#include "mkdir.h"
#include "rm-rf.h"

1
src/import/import.c
View File

@ -26,6 +26,7 @@
#include "verbs.h"
#include "build.h"
#include "signal-util.h"
#include "hostname-util.h"
#include "machine-image.h"
#include "import-util.h"
#include "import-tar.h"

1
src/import/importd.c
View File

@ -35,6 +35,7 @@
#include "import-util.h"
#include "process-util.h"
#include "signal-util.h"
#include "hostname-util.h"
typedef struct Transfer Transfer;
typedef struct Manager Manager;

8
src/import/pull-dkr.c
View File

@ -592,8 +592,7 @@ static int dkr_pull_pull_layer_v2(DkrPull *i) {
i->current_ancestry++;
free(path);
path = NULL;
path = mfree(path);
}
log_info("Pulling layer %s...", layer);
@ -652,8 +651,7 @@ static int dkr_pull_pull_layer(DkrPull *i) {
i->current_ancestry++;
free(path);
path = NULL;
path = mfree(path);
}
log_info("Pulling layer %s...", layer);
@ -721,7 +719,7 @@ static int dkr_pull_job_on_header(PullJob *j, const char *header, size_t sz) {
return log_oom();
STRV_FOREACH(k, l) {
if (!hostname_is_valid(*k)) {
if (!hostname_is_valid(*k, false)) {
log_error("Registry hostname is not valid.");
strv_free(l);
return -EBADMSG;

1
src/import/pull-raw.c
View File

@ -33,6 +33,7 @@
#include "mkdir.h"
#include "rm-rf.h"
#include "path-util.h"
#include "hostname-util.h"
#include "import-util.h"
#include "import-common.h"
#include "curl-util.h"

11
src/import/pull-tar.c
View File

@ -32,13 +32,14 @@
#include "mkdir.h"
#include "rm-rf.h"
#include "path-util.h"
#include "process-util.h"
#include "hostname-util.h"
#include "import-util.h"
#include "import-common.h"
#include "curl-util.h"
#include "pull-job.h"
#include "pull-common.h"
#include "pull-tar.h"
#include "process-util.h"
typedef enum TarProgress {
TAR_DOWNLOADING,
@ -127,13 +128,7 @@ int tar_pull_new(
i->grow_machine_directory = path_startswith(i->image_root, "/var/lib/machines");
if (event)
i->event = sd_event_ref(event);
else {
r = sd_event_default(&i->event);
if (r < 0)
return r;
}
i->event = sd_event_ref(event);
r = curl_glue_new(&i->glue, i->event);
if (r < 0)

1
src/import/pull.c
View File

@ -26,6 +26,7 @@
#include "verbs.h"
#include "build.h"
#include "signal-util.h"
#include "hostname-util.h"
#include "machine-image.h"
#include "import-util.h"
#include "pull-tar.h"

5
src/journal-remote/journal-gatewayd.c
View File

@ -103,8 +103,7 @@ static void request_meta_free(
if (!m)
return;
if (m->journal)
sd_journal_close(m->journal);
sd_journal_close(m->journal);
if (m->tmp)
fclose(m->tmp);
@ -797,7 +796,7 @@ static int request_handler_machine(
"\"cutoff_to_realtime\" : \"%"PRIu64"\" }\n",
SD_ID128_FORMAT_VAL(mid),
SD_ID128_FORMAT_VAL(bid),
hostname_cleanup(hostname, false),
hostname_cleanup(hostname),
os_name ? os_name : "Linux",
v ? v : "bare",
usage,

Some files were not shown because too many files have changed in this diff Show More