code in src/shared/macro.h only defined MAX/MIN in case
they were not defined previously. however the MAX/MIN
macros implemented in glibc are not of the "safe" kind but defined
as:
define MIN(a,b) (((a)<(b))?(a):(b))
define MAX(a,b) (((a)>(b))?(a):(b))
Avoid nasty side effects by using our own versions instead.
Also fix the warnings derived from this change.
[zj: - modify MAX3 macro to fix warning about _a shadowing _a,
- do bootchart/svg.c too,
- remove unused MIN3.]
No need to call the heavy artillery, when the original array
is sorted. Reduces complexity from n² log n to n log n, where
n is the number of items in the array, not very large, but
still.
gcc thinks that errno might be negative, and functions could return
something positive on error (-errno). Should not matter in practice,
but makes an -O4 build much quieter.
In order to write tests for the catalog functions, they
are made non-static and start taking a 'database' parameter,
which is the name of a file with the preprocessed catalog
entries.
This makes it possible to make test-catalog part of the
normal test suite, since it now only operates on files
in /tmp.
Some more tests are added.
systemd-199/src/shared/utmp-wtmp.c:228: buffer_size_warning: Calling
strncpy with a maximum size argument of 32 bytes on destination array
"store.ut_line" of size 32 bytes might leave the destination string
unterminated.
The destination string is unterminated on purpose, but we must
remember that.
To make the result more visible, special return value
is used to tell automake that the test was skipped. While
at it, use the same return value in other skipped tests.
The rules governing %s where just too complicated. First of
all, looking at $SHELL is dangerous. For systemd --system,
it usually wouldn't be set. But it could be set if the admin
first started a debug shell, let's say /sbin/sash, and then
launched systemd from it. This shouldn't influence how daemons
are started later on, so is better ignored. Similar reasoning
holds for session mode. Some shells set $SHELL, while other
set it only when it wasn't set previously (e.g. zsh). This
results in fragility that is better avoided by ignoring $SHELL
totally.
With $SHELL out of the way, simplify things by saying that
%s==/bin/sh for root, and the configured shell otherwise.
get_shell() is the only caller, so it can be inlined.
Fixes one issue seen with 'make check'.
Some code really wants to know whether there was a string list parsed,
so don't take the shortcut here, and always allocate a string list, even
if it is an empty one.
https://bugs.freedesktop.org/show_bug.cgi?id=62558
Some parts of systemd (at least the DBus activation codepath) "reply"
to signals, which of course have the no-reply flag set. We will be
defensive here and still send out a reply if we're passed a signal.
Regression introduced by: c6a818c820
Reported-by: Mantas Mikulėnas <grawity@gmail.com>
Tested-by: Mantas Mikulėnas <grawity@gmail.com>
gcc does not know that errno cannot be negative, and warns
about unitialized variables later on. Kill the warnings by
returning -errno only after checking that errno is positive.
If we notice that we unprivileged and not in any of the groups which
have access to /var/log/journal, print a nice message about which groups
do.
This checks and prints all groups that are in the default ACL for
/var/log/journal, which is not necessarily correct for all journal
files, but pretty close.
Currently, PrivateTmp=yes means that the service cannot see the /tmp
shared by rest of the system and is isolated from other services using
PrivateTmp, but users can access and modify /tmp as seen by the
service.
Move the private /tmp and /var/tmp directories into a 0077-mode
directory. This way unpriviledged users on the system cannot see (or
modify) /tmp as seen by the service.
All Execs within the service, will get mounted the same
/tmp and /var/tmp directories, if service is configured with
PrivateTmp=yes. Temporary directories are cleaned up by service
itself in addition to systemd-tmpfiles. Directory which is mounted
as inaccessible is created at runtime in /run/systemd.
After that functions which add matches, show_journal_by_unit
and show_journal_by_user_unit, become nearly identical, so
I merged them into one function.
The argument given to the __attribute__((cleanup)) functions is the
address of the variable that's going out of scope. It cannot be NULL.
The "if (!s)" check in set_freep() is pointless.
Perhaps "if (!*s)" was intented. But that's pointless too, because
set_free()/set_free_free() are OK to call with a NULL argument (just
like free()).
Setting "*s = NULL" is pointless, because the variable that s points
to is about to go out of scope.
The same holds for strv_freep().
