gcc thinks that errno might be negative, and functions could return
something positive on error (-errno). Should not matter in practice,
but makes an -O4 build much quieter.
In order to write tests for the catalog functions, they
are made non-static and start taking a 'database' parameter,
which is the name of a file with the preprocessed catalog
entries.
This makes it possible to make test-catalog part of the
normal test suite, since it now only operates on files
in /tmp.
Some more tests are added.
The rules governing %s where just too complicated. First of
all, looking at $SHELL is dangerous. For systemd --system,
it usually wouldn't be set. But it could be set if the admin
first started a debug shell, let's say /sbin/sash, and then
launched systemd from it. This shouldn't influence how daemons
are started later on, so is better ignored. Similar reasoning
holds for session mode. Some shells set $SHELL, while other
set it only when it wasn't set previously (e.g. zsh). This
results in fragility that is better avoided by ignoring $SHELL
totally.
With $SHELL out of the way, simplify things by saying that
%s==/bin/sh for root, and the configured shell otherwise.
get_shell() is the only caller, so it can be inlined.
Fixes one issue seen with 'make check'.
gcc does not know that errno cannot be negative, and warns
about unitialized variables later on. Kill the warnings by
returning -errno only after checking that errno is positive.
If we notice that we unprivileged and not in any of the groups which
have access to /var/log/journal, print a nice message about which groups
do.
This checks and prints all groups that are in the default ACL for
/var/log/journal, which is not necessarily correct for all journal
files, but pretty close.
Currently, PrivateTmp=yes means that the service cannot see the /tmp
shared by rest of the system and is isolated from other services using
PrivateTmp, but users can access and modify /tmp as seen by the
service.
Move the private /tmp and /var/tmp directories into a 0077-mode
directory. This way unpriviledged users on the system cannot see (or
modify) /tmp as seen by the service.
All Execs within the service, will get mounted the same
/tmp and /var/tmp directories, if service is configured with
PrivateTmp=yes. Temporary directories are cleaned up by service
itself in addition to systemd-tmpfiles. Directory which is mounted
as inaccessible is created at runtime in /run/systemd.
[zj: Reworded message s/to watch/to add watch on/ to make it clear
that it was the watch init action that failed, and not the
"process of watching". I think this way it'll be clearer to
people who don't know what inotify does.]
This unifies much of the logic behind them:
- All four will now ofllow the rule that the earlier file and earlier
assignment in the .d/ directories wins. Before, sysctl was the only
outlier, where the later setting always won.
- All four now support getopt() and --help on the command line.
- All four can now handle specification of configuration file names on
the command line to apply. The tools will automatically find them, and
apply them. Previously only tmpfiles could do that. This is useful for
%post scripts in RPMs and suchlike.
- This fixes various error path issues in conf_files_list()
Inner library calls should not invoke log_oom(), that's something for
main programs, not library calls.
Don't read through uninitialized memory if a file ends in a continuation
line.
Add comments for the non-obvious bits.
Don't choke on comment lines that are continuation lines.
Simplify some things.
Now, actually check if the environment variable names and values used
are valid, before accepting them. With this in place are at some places
more rigid than POSIX, and less rigid at others. For example, this code
allows lower-case environment variables (which POSIX suggests not to
use), but it will not allow non-UTF8 variable values.
All in all this should be a good middle ground of what to allow and what
not to allow as environment variables.
(This also splits out all environment related calls into env-util.[ch])
Based-on-patch-by: Thomas Jarosch <thomas.jarosch@intra2net.com>
cppcheck reported:
[src/bootchart/svg.c:791]: (error) Mismatching allocation and deallocation: f
Variable definitions can be written on more than one line - if each ends
with a backslash, then is concatenated with a previous one. Only
backslash and unix end of line (\n) are treated as a continuation.
Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=58083
[zj: squashed two patches together; cleaned up grammar; removed
comment about ignoring trailing backslash -- it is not ignored.]
Document continuation support in systemd.exec
systemctl list-dependencies lists all unit's dependecies and
recursively expands all subsidiary target units into a tree.
Primary purpose for this command is to show all units which are
enabled in specified target.
New file output.h with output flags and modes.
--full parameter also for cgls and loginctl.
Include 'all' parameter in flags (show_cgroup_by_path, show_cgroup,
show_cgroup_and_extra, show_cgroup_and_extra_by_spec).
get_process_cmdline with max_length == 0 will not ellipsize output.
Replace LINE_MAX with 0 in some calls of get_process_cmdline.
[zj: Default to --full when under pager for clgs.
Drop '-f' since it wasn't documented and didn't actually work.
Reindent a bit.
]
