| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
| |
|
| |
|
|\
| |
| | |
some udev cleanup
|
| | |
|
| |
| |
| |
| |
| |
| | |
It's been 7 years. That should be long enough :-)
This reverts commit b97caef538ae37bd2dc04fc15b448c12a2c9422b.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This might fix #17025:
> the call trace is
> bus_ensure_running -> sd_bus_process -> bus_process_internal -> process_closeing --> sd_bus_close
> |
> \-> process_match
We ended doing callouts to the Disconnected matches from bus_ensure_running()
and shouldn't. bus_ensure_running() should never do callouts. This change
should fix this however: once we notice that the connection is going down we
will now fail instantly with ENOTOCONN instead of calling any callbacks.
|
|\ \
| | |
| | | |
network: about Gateway=_dhcp4 or _ipv6ra
|
| | | |
|
| | |
| | |
| | |
| | | |
disabled
|
| | | |
|
| | | |
|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
are not explicitly specified
Before this commit, event when Gateway=_dhcp4 or _ra is set, the
route was configured with 'protocol static', and other properties
specified by RouteTable=, RouteMTU=, or etc, were ignored.
This commit makes set the route protocol based on the protocol the
gateway address is obtained, and apply other settings if it is not
explicitly specified in the [Route] section.
|
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
instead of route family
By this commit, user can configure dynamic IPv6 Gateway with IPv4
destination.
|
| | | |
|
| | | |
|
|/ /
| |
| |
| | |
As for IPv6 case gateway is given by RA.
|
|\ \
| | |
| | | |
fix one character typo in execute.c
|
| | | |
|
| | |
| | |
| | |
| | |
| | | |
Initialize all return values on success, as our usual coding style
suggests.
|
| | |
| | |
| | |
| | |
| | |
| | | |
Corrects: c413bb28df0996be99fd6b3f2335dfe8739d62fb
Fixes: #17313
|
|\ \ \
| | | |
| | | | |
sd-bus: initialize return values on success in sd_bus_message_read_ar…
|
| | | | |
|
| | | |
| | | |
| | | |
| | | | |
Fixes: #17346
|
| |_|/
|/| |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
bootctl implements three types of operation: those that work with an EFI
boot loader, those which work with any EFI boot loader that implements
the boot loader spec + interface, and finally those specific to sd-boot.
Previously the --help text and the man page mixed them all up. Let's put
them clearly in three separate sections however, to communicate clearly
what is supposed to work everywhere, and what is specific to
systemd-boot or boot loaders implementing the two specs.
This adjusts wording here and there, but is mostly just about
re-ordering existing docs, and putting them under new sections.
|
|\ \ \
| | | |
| | | | |
Use less in "secure" mode when under sudo
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The variable is renamed to SYSTEMD_PAGERSECURE (because it's not just about
less now), and we automatically enable secure mode in certain cases, but not
otherwise.
This approach is more nuanced, but should provide a better experience for
users:
- Previusly we would set LESSSECURE=1 and trust the pager to make use of
it. But this has an effect only on less. We need to not start pagers which
are insecure when in secure mode. In particular more is like that and is a
very popular pager.
- We don't enable secure mode always, which means that those other pagers can
reasonably used.
- We do the right thing by default, but the user has ultimate control by
setting SYSTEMD_PAGERSECURE.
Fixes #5666.
v2:
- also check $PKEXEC_UID
v3:
- use 'sd_pid_get_owner_uid() != geteuid()' as the condition
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
A long time some function only worked when in a session, and the test
didn't execute them when sd_pid_get_session() failed. Let's always call
them to increase coverage.
While at it, let's test for ==0 not >=0 where we don't expect the function
to return anything except 0 or error.
|
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Some extra safety when invoked via "sudo". With this we address a
genuine design flaw of sudo, and we shouldn't need to deal with this.
But it's still a good idea to disable this surface given how exotic it
is.
Prompted by #5666
|
|\ \ \ \
| | | | |
| | | | | |
Follow (mostly) POSIX rules for environment variables
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
When doing import-environment, we shouldn't fail if some assignment is invalid.
OTOH, if the invalid assignment is specified as a positional argument, we should
keep failing.
This would also fix https://bugzilla.redhat.com/show_bug.cgi?id=1754395, by
ignoring certain variables which are not important in that scenario. It seems
like the right thing to do in general.
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
There was some confusion about what POSIX says about variable names:
names shall not contain the character '='. For values to be portable
across systems conforming to POSIX.1-2008, the value shall be composed
of characters from the portable character set (except NUL and as
indicated below).
i.e. it allows almost all ASCII in variable names (without NUL and DEL and
'='). OTOH, it says that *utilities* use a smaller set of characters:
Environment variable names used by the utilities in the Shell and
Utilities volume of POSIX.1-2008 consist solely of uppercase letters,
digits, and the <underscore> ( '_' ) from the characters defined in
Portable Character Set and do not begin with a digit.
When enforcing variable names in environment blocks, we need to use this
first definition, so that we can propagate all valid variables.
I think having non-printable characters in variable names is too much, so
I took out the whitespace stuff from the first definition.
OTOH, when we use *shell syntax*, for example doing variable expansion,
it seems enough to support expansion of variables that the shell would allow.
Fixes #14878,
https://bugzilla.redhat.com/show_bug.cgi?id=1754395,
https://bugzilla.redhat.com/show_bug.cgi?id=1879216.
|
| | | | | |
|
|\ \ \ \ \
| |_|_|/ /
|/| | | | |
core, udev: remove old device on move event
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
on non-'add' uevent
Previous commit makes drop ID_NET_DRIVER=, ID_NET_LINK_FILE=, and
ID_NET_NAME= properties for network interfaces on 'move' uevent.
ID_NET_DRIVER= and ID_NET_LINK_FILE= properties are used by networkctl.
ID_NET_NAME= may be used by end-user rules or programs. So, let's
re-assign them on 'move' uevent. (Note that strictly speaking, this
makes them re-assigned on all but 'remove' uevent.)
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
This reverts commit b081b27e1433cdc7ac72b25ae8b4db887d79187f.
If a network interface get a 'move' event, then previously SYSTEMD_ALIAS=
property still contains an old alias, and the old alias .device unit
will not be removed.
This makes all properties cleared on 'move' event, and then old alias
.device unit will be removed by pid1.
Fixes #16967.
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | | |
Partially fixes #16967.
|
|\ \ \ \ \
| |_|_|_|/
|/| | | | |
make use of new kernel 5.9 close_range() syscall in close_all_fds()
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
The syscall was added in 5.9 and is not yet exposed in glibc, hence
define our own wrapper.
|
| | | | | |
|
| | | | |
| | | | |
| | | | |
| | | | |
| | | | | |
It's not clear what libc's make of this. We clamp to 1 byte allocations
in most cases already, let's add this for a few where this was missing.
|