| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| | |
|
| |\
| |
| | |
test-copy: use correct data type for max_bytes
|
| |/
|
|
|
|
|
|
| |
copy_bytes() and the comparisons in test_copy_bytes_regular_file() expect an
uint64_t, not a size_t. On 32 bit architectures the latter is 32 bit, leading
to truncation errors.
Fixes regression from commit 7a827fcb.
|
| |\
| |
| | |
core: set NoNewPrivileges for seccomp if we don't have CAP_SYS_ADMIN
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
The manpage of seccomp specify that using seccomp with
SECCOMP_SET_MODE_FILTER will return EACCES if the caller do not have
CAP_SYS_ADMIN set, or if the no_new_privileges bit is not set. Hence,
without NoNewPrivilege set, it is impossible to use a SystemCall*
directive with a User directive set in system mode.
Now, NoNewPrivileges is set if we are in user mode, or if we are in
system mode and we don't have CAP_SYS_ADMIN, and SystemCall*
directives are used.
|
| |\ \
| | |
| | | |
lldp: fix starting ttl timer for lldp neighbor
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
lldp_start_timer() was only called during sd_lldp_get_neighbors().
Ensure that the timer is (re-)started when a new neighbor appears.
Otherwise, the timer is not started when relying on the events alone.
Fixes: 34437b4f9c9c51b0a6f93788bdb9a105b8e46b66
|
| |\ \ \
| | | |
| | | | |
bash completion: add --template to nspawn
|
| |/ / / |
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
journal-upload: remove microhttpd dependency
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
journal-upload doesn't really need microhttpd to run.
Without the dependency, we can cross compile systemd
without microhttpd and get the uploader part of the
remote logging.
Change-Id: I28dfa5ad2aae94e50de1d32713e1827623c3fd1d
|
| |\ \ \ \
| |/ / /
|/| | | |
nspawn: don't run nspawn --port=... without libiptc support
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
We get
$ systemd-nspawn --image /dev/loop1 --port 8080:80 -n -b 3
--port= is not supported, compiled without libiptc support.
instead of a ping-nc-iptables debugging session
|
| | | | | |
|
| |\ \ \ \
| | | | |
| | | | | |
Use sendfile smarter
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We have a bunch of syscall wrapper definitions and it's easier to
see that they follow the same pattern if they are not interspersed
with other defines.
Change the wrappers to be uniform:
- if __NR_XXX is not defined, do not bother to call the syscall,
and return -1/ENOSYS immediately.
- do not check __NR_XXX defines if we detect the symbol as defined,
since we don't need them anyway
- reindent stuff for readability
New file basic/missing_syscall.h is included at the end of missing.h
because it might make use of some of the definitions in missing.h.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
For btrfs, c_f_r() is like BTRFS_IOC_CLONE which we already used, but also
works when max_bytes is set. We do call copy_bytes in coredump code with
max_bytes set, and for large files, so we might see some benefit from using
c_f_r() on btrfs.
For other filesystems, c_f_r() falls back to do_splice_direct(), the same as
sendfile, which we already call, so there shouldn't be much difference.
Tested with test-copy and systemd-coredump on Linux 4.3 (w/o c_f_r)
and 4.5 (w/ c_f_r).
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
syscall numbers based on:
https://fedora.juszkiewicz.com.pl/syscalls.html
|
| | | | | | |
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
We called sendfile with 16kb (a.k.a. COPY_BUFFER_SIZE) as the maximum
number of bytes to copy. This seems rather inefficient, especially with
large files. Instead, call sendfile with a "large" maximum.
What "large" max means is a bit tricky: current file offset + max
must fit in loff_t. This means that as we call sendfile more than once,
we have to lower the max size.
With this patch, test-copy calls sendfile twice, e.g.:
sendfile(4, 3, NULL, 9223372036854775807) = 738760
sendfile(4, 3, NULL, 9223372036854037047) = 0
The second call is necessary to determine EOF.
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
I started looking into adding copy_file_range support, and discovered
that we can improve the way we call sendfile:
- sendfile(2) man page is missing an important bit: the number of bytes to
copy cannot be too big (SSIZE_MAX actually), and the description of EINVAL
return code does not mention this either,
- our implementation works but calls sendfile over and over with a small
size, which seems suboptimal.
First add a test which (under strace) can be used to see current behaviour.
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
systemd: obey systemd.log_color config
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Fixes #2845.
|
| |\ \ \ \ \ \
| |_|_|/ / /
|/| | | | | |
core: look for instance when processing template name
|
| | |/ / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
If first attempt to merge units failed and we are trying to do
merge the other way around and at the same time we are working with
template name, then other unit can't possibly be template, because it is
not possible to have template unit running, only instances of the
template. Thus we need to look for already active instance instead.
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
rules: allow users to access frame buffer devices
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
For example it allows weston to be started unprivileged.
Related discussion:
https://bugs.freedesktop.org/show_bug.cgi?id=73782
https://lists.freedesktop.org/archives/wayland-devel/2015-May/022005.html
https://bugzilla.redhat.com/show_bug.cgi?id=1226680
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
Clang warnings
|
| | | | | | | | |
|
| | | | | | | | |
|
| | | |_|/ / /
| |/| | | |
| | | | | |
| | | | | |
| | | | | |
| | | | | | |
The attribute was removed in commit c047507 in the clang repository as it
was never properly implemented anyway. Avoid using the attribute with
clang because it generates a ton of annoying warnings.
|
| |\ \ \ \ \ \
| |_|/ / / /
|/| | | | | |
units: run ldconfig.service after we have mounted all local file systems
|
| |/ / / / /
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Also drop ConditionNeedsUpdate=|/etc. Regardless if system is updated
online or offline, updating dynamic loader cache should always be
responsibility of packaging tools/scripts.
|
| |\ \ \ \ \
| |_|/ / /
|/| | | | |
nspawn: Fix two misspellings of "hierarchy" in error messages
|
| |/ / / / |
|
| |\ \ \ \
| | | | |
| | | | | |
Reference correct `machinectl` command in 219 NEWS
|
| |/ / / /
| | | |
| | | |
| | | | |
NEWS for `219` references `machinectl list-images` to describe the introduced clone feature - this looks like a copy'n'paste problem.
Use `machinectl clone` instead.
|
| |\ \ \ \
| | | | |
| | | | | |
selinux: use *_raw API from libselinux
|
| | | | | |
| | | | |
| | | | |
| | | | | |
This is a follow-up to 5c5433ad32
|
| | | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
Very handy for early-boot debugging
See https://github.com/systemd/systemd/pull/2781#discussion_r54782628
|
| |\ \ \ \ \
| | | | | |
| | | | | | |
man: document missing KillSignal= .nspawn option
|
| | | | | | |
| | | | | |
| | | | | |
| | | | | | |
Signed-off-by: Petros Angelatos <petrosagg@gmail.com>
|
| |\ \ \ \ \ \
| | | | | | |
| | | | | | | |
time-util: fall back to CLOCK_MONOTONIC if CLOCK_BOOTTIME unsupported
|
| | | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | |
| | | | | | | |
It was added in 2.6.39, and causes an assertion to fail when running in mock
hosted on 2.6.23-based RHEL-6:
Assertion 'clock_gettime(map_clock_id(clock_id), &ts) == 0' failed at systemd/src/basic/time-util.c:70, function now(). Aborting.
|
| |\ \ \ \ \ \ \
| |/ / / / / /
|/| | | | | | |
hwdb: correct resolution for Asus x550cc
|
| |/ / / / / /
| | | | | |
| | | | | |
| | | | | | |
https://bugzilla.redhat.com/show_bug.cgi?id=1316655
|
| |\ \ \ \ \ \
| |/ / / / /
|/| | | | | |
sd-path: use XDG_CONFIG_HOME instead of hardcoding ~/.config for user-dirs
|
| | | |/ / /
| |/| | | |
|
