diff options
| -rw-r--r-- | man/machinectl.xml | 9 | ||||
| -rw-r--r-- | src/machine/machinectl.c | 14 | ||||
| -rw-r--r-- | src/machine/machined.c | 70 | ||||
| -rw-r--r-- | src/machine/machined.h | 10 | ||||
| -rw-r--r-- | src/shared/spawn-polkit-agent.h | 8 | ||||
| -rw-r--r-- | tmpfiles.d/meson.build | 2 |
6 files changed, 53 insertions, 60 deletions
diff --git a/man/machinectl.xml b/man/machinectl.xml index 44a96e8cc4..c37fb88c38 100644 --- a/man/machinectl.xml +++ b/man/machinectl.xml @@ -144,13 +144,6 @@ </varlistentry> <varlistentry> - <term><option>--no-ask-password</option></term> - - <listitem><para>Do not query the user for authentication for - privileged operations.</para></listitem> - </varlistentry> - - <varlistentry> <term><option>--kill-who=</option></term> <listitem><para>When used with <command>kill</command>, choose @@ -309,6 +302,7 @@ <xi:include href="standard-options.xml" xpointer="no-pager" /> <xi:include href="standard-options.xml" xpointer="no-legend" /> + <xi:include href="standard-options.xml" xpointer="no-ask-password" /> <xi:include href="standard-options.xml" xpointer="help" /> <xi:include href="standard-options.xml" xpointer="version" /> </variablelist> @@ -1035,6 +1029,7 @@ <refsect1> <title>See Also</title> <para> + <citerefentry><refentrytitle>systemd</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemd-machined.service</refentrytitle><manvolnum>8</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemd-nspawn</refentrytitle><manvolnum>1</manvolnum></citerefentry>, <citerefentry><refentrytitle>systemd.special</refentrytitle><manvolnum>7</manvolnum></citerefentry>, diff --git a/src/machine/machinectl.c b/src/machine/machinectl.c index 1ed0f9e657..f79617ee06 100644 --- a/src/machine/machinectl.c +++ b/src/machine/machinectl.c @@ -2638,12 +2638,14 @@ static int set_limit(int argc, char *argv[], void *userdata) { uint64_t limit; int r; + polkit_agent_open_if_enabled(arg_transport, arg_ask_password); + if (STR_IN_SET(argv[argc-1], "-", "none", "infinity")) limit = (uint64_t) -1; else { r = parse_size(argv[argc-1], 1024, &limit); if (r < 0) - return log_error("Failed to parse size: %s", argv[argc-1]); + return log_error_errno(r, "Failed to parse size: %s", argv[argc-1]); } if (argc > 2) @@ -2670,10 +2672,8 @@ static int set_limit(int argc, char *argv[], void *userdata) { NULL, "t", limit); - if (r < 0) { - log_error("Could not set limit: %s", bus_error_message(&error, -r)); - return r; - } + if (r < 0) + return log_error_errno(r, "Could not set limit: %s", bus_error_message(&error, r)); return 0; } @@ -2688,6 +2688,8 @@ static int clean_images(int argc, char *argv[], void *userdata) { unsigned c = 0; int r; + polkit_agent_open_if_enabled(arg_transport, arg_ask_password); + r = sd_bus_message_new_method_call( bus, &m, @@ -3139,7 +3141,7 @@ int main(int argc, char*argv[]) { goto finish; } - sd_bus_set_allow_interactive_authorization(bus, arg_ask_password); + (void) sd_bus_set_allow_interactive_authorization(bus, arg_ask_password); r = machinectl_main(argc, argv, bus); diff --git a/src/machine/machined.c b/src/machine/machined.c index 8fb6db7746..3577c809a4 100644 --- a/src/machine/machined.c +++ b/src/machine/machined.c @@ -26,35 +26,45 @@ #include "signal-util.h" #include "special.h" -Manager *manager_new(void) { - Manager *m; +static Manager* manager_unref(Manager *m); +DEFINE_TRIVIAL_CLEANUP_FUNC(Manager*, manager_unref); + +static int manager_new(Manager **ret) { + _cleanup_(manager_unrefp) Manager *m = NULL; int r; + assert(ret); + m = new0(Manager, 1); if (!m) - return NULL; + return -ENOMEM; m->machines = hashmap_new(&string_hash_ops); m->machine_units = hashmap_new(&string_hash_ops); m->machine_leaders = hashmap_new(NULL); - if (!m->machines || !m->machine_units || !m->machine_leaders) { - manager_free(m); - return NULL; - } + if (!m->machines || !m->machine_units || !m->machine_leaders) + return -ENOMEM; r = sd_event_default(&m->event); - if (r < 0) { - manager_free(m); - return NULL; - } + if (r < 0) + return r; + + r = sd_event_add_signal(m->event, NULL, SIGINT, NULL, NULL); + if (r < 0) + return r; + + r = sd_event_add_signal(m->event, NULL, SIGTERM, NULL, NULL); + if (r < 0) + return r; - sd_event_set_watchdog(m->event, true); + (void) sd_event_set_watchdog(m->event, true); - return m; + *ret = TAKE_PTR(m); + return 0; } -void manager_free(Manager *m) { +static Manager* manager_unref(Manager *m) { Machine *machine; assert(m); @@ -80,7 +90,7 @@ void manager_free(Manager *m) { sd_bus_unref(m->bus); sd_event_unref(m->event); - free(m); + return mfree(m); } static int manager_add_host_machine(Manager *m) { @@ -121,7 +131,7 @@ static int manager_add_host_machine(Manager *m) { return 0; } -int manager_enumerate_machines(Manager *m) { +static int manager_enumerate_machines(Manager *m) { _cleanup_closedir_ DIR *d = NULL; struct dirent *de; int r = 0; @@ -268,7 +278,7 @@ static int manager_connect_bus(Manager *m) { return 0; } -void manager_gc(Manager *m, bool drop_not_started) { +static void manager_gc(Manager *m, bool drop_not_started) { Machine *machine; assert(m); @@ -292,7 +302,7 @@ void manager_gc(Manager *m, bool drop_not_started) { } } -int manager_startup(Manager *m) { +static int manager_startup(Manager *m) { Machine *machine; Iterator i; int r; @@ -328,7 +338,7 @@ static bool check_idle(void *userdata) { return hashmap_isempty(m->machines); } -int manager_run(Manager *m) { +static int manager_run(Manager *m) { assert(m); return bus_event_loop_with_idle( @@ -340,7 +350,7 @@ int manager_run(Manager *m) { } int main(int argc, char *argv[]) { - Manager *m = NULL; + _cleanup_(manager_unrefp) Manager *m = NULL; int r; log_set_target(LOG_TARGET_AUTO); @@ -356,18 +366,16 @@ int main(int argc, char *argv[]) { goto finish; } - /* Always create the directories people can create inotify - * watches in. Note that some applications might check for the - * existence of /run/systemd/machines/ to determine whether - * machined is available, so please always make sure this - * check stays in. */ - mkdir_label("/run/systemd/machines", 0755); + /* Always create the directories people can create inotify watches in. Note that some applications might check + * for the existence of /run/systemd/machines/ to determine whether machined is available, so please always + * make sure this check stays in. */ + (void) mkdir_label("/run/systemd/machines", 0755); - assert_se(sigprocmask_many(SIG_BLOCK, NULL, SIGCHLD, -1) >= 0); + assert_se(sigprocmask_many(SIG_BLOCK, NULL, SIGCHLD, SIGTERM, SIGINT, -1) >= 0); - m = manager_new(); - if (!m) { - r = log_oom(); + r = manager_new(&m); + if (r < 0) { + log_error_errno(r, "Failed to allocate manager object: %m"); goto finish; } @@ -388,7 +396,5 @@ int main(int argc, char *argv[]) { log_debug("systemd-machined stopped as pid "PID_FMT, getpid_cached()); finish: - manager_free(m); - return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS; } diff --git a/src/machine/machined.h b/src/machine/machined.h index 2e6fe4c187..2f204f0549 100644 --- a/src/machine/machined.h +++ b/src/machine/machined.h @@ -43,17 +43,7 @@ struct Manager { unsigned n_operations; }; -Manager *manager_new(void); -void manager_free(Manager *m); - int manager_add_machine(Manager *m, const char *name, Machine **_machine); -int manager_enumerate_machines(Manager *m); - -int manager_startup(Manager *m); -int manager_run(Manager *m); - -void manager_gc(Manager *m, bool drop_not_started); - int manager_get_machine_by_pid(Manager *m, pid_t pid, Machine **machine); extern const sd_bus_vtable manager_vtable[]; diff --git a/src/shared/spawn-polkit-agent.h b/src/shared/spawn-polkit-agent.h index ea72c1281c..c4316ea473 100644 --- a/src/shared/spawn-polkit-agent.h +++ b/src/shared/spawn-polkit-agent.h @@ -12,17 +12,17 @@ int polkit_agent_open(void); void polkit_agent_close(void); -static inline void polkit_agent_open_if_enabled( +static inline int polkit_agent_open_if_enabled( BusTransport transport, bool ask_password) { /* Open the polkit agent as a child process if necessary */ if (transport != BUS_TRANSPORT_LOCAL) - return; + return 0; if (!ask_password) - return; + return 0; - polkit_agent_open(); + return polkit_agent_open(); } diff --git a/tmpfiles.d/meson.build b/tmpfiles.d/meson.build index 9768f3a94e..a7a7d0a1d7 100644 --- a/tmpfiles.d/meson.build +++ b/tmpfiles.d/meson.build @@ -7,7 +7,7 @@ enable_tmpfiles = conf.get('ENABLE_TMPFILES') == 1 tmpfiles = [['home.conf', ''], ['journal-nocow.conf', ''], ['systemd-nologin.conf', ''], - ['systemd-nspawn.conf', ''], + ['systemd-nspawn.conf', 'ENABLE_MACHINED'], ['tmp.conf', ''], ['x11.conf', ''], ['legacy.conf', 'HAVE_SYSV_COMPAT'], |