| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| ... | |
| | |/ |
|
| |/ |
|
| |\
| |
| | |
Remove usage of "noun(s)" in messages and docs
|
| | |
| |
| |
| |
| |
| |
| |
| | |
(s) is just ugly with a vibe of DOS. In most cases just using the normal plural
form is more natural and gramatically correct.
There are some log_debug() statements left, and texts in foreign licenses or
headers. Those are not touched on purpose.
|
| |\ \
| | |
| | | |
varlink/pid1 fixes for systemd-oomd (addresses #20330)
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Attempt to address
https://github.com/systemd/systemd/issues/20330#issuecomment-1210028422.
Summary of the comment: Unprivileged users can potentially cause a denial of
service during systemd-oomd unit subscriptions by spamming requests to
SubscribeManagedOOMCGroups. As systemd-oomd.service is the only unit that
should be accessing this method, add a check on the caller's unit name to deter
them from successfully using this method.
|
| | | |
| | |
| | |
| | | |
Fixes #20330
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | | |
They didn't actually change API between major versions, so let's
support the previous version as well so we can add CentOS 8 Stream
back to CI.
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
This system call is harmless because it only enforces ordering between stores
and instruction cache fetch.
fixed #24991
Related: https://github.com/felixonmars/archriscv-packages/issues/1840
Signed-off-by: Celeste Liu <CoelacanthusHex@gmail.com>
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We list plenty of arch-specific syscalls in our filter groups, treat the
s390 syscalls the same.
We handle gracefully anyway if some syscall doesn't exist locally on the
kernel or arch, let's rely on it. This has the benefit that
"systemd-analyze" will comprehensively tell you the syscalls filtered on
any arch for any arch.
And less conditionalization is good anyway.
|
| |\ \ \
| |_|/
|/| | |
install: make InstallChangeType enum a proper enum
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Typically the _MAX and _INVALID special enum values use the full type as
prefix, even if the actual values of the enum might not. Let's follow
this rule here too.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
We can just make this an enum, as long as we ensure it has enough range,
which we can do by adding -ERRNO_MAX as one possible value (at least on
GNU C). We already do that at multiple other places, so let's do this
here too.
|
| | | |
| | |
| | |
| | |
| | |
| | | |
Fixes a bug introduced by 1a0281a3ebf4f8c16d40aa9e63103f16cd23bb2a.
Fixes RHBZ#2134741 (https://bugzilla.redhat.com/show_bug.cgi?id=2134741).
|
| |/ /
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
timestamps
Using _SOURCE_{MONOTONIC,REALTIME}_TIMESTAMP in place of the results of
sd_journal_get_{monotonic,realtime}_usecs in export formats might cause
internal inconsistency of realtime timestamp values within a journal export,
violating the export file format and causing systemd-journal-remote to
mass-generate journal files.
Fix this by using the real journal timestamps for
__{REALTIME,MONOTONIC}_TIMESTAMP.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
'systemctl unmask foo' will try to remove the symlink to /dev/null under /etc/.
But the unit may also be masked by a symlink under /run/generator, in particular
the one created by systemd-debug-generator based on systemd.mask=foo on the
kernel commandline. The unmask call cannot anything about this: even if it removed
the symlink from /run/generator, it'll be recreated on the next daemon-reload.
Thus, we can only warn about it.
Initially, I wanted to check if 'systemctl.mask' is defined on the kernel
command-line, but that's not effective, because such mask symlinks can be
created by other generators based on other conditions. Checking for runtime
mask is "dumber", but is more robust because it doesn't assume who created the
mask and why.
The handling of InstallInfo is the copied from install_info_symlink_wants().
It's pretty ugly, this whole code should be rewritten from scratch.
The message is printed, but the whole operation is still "successful". This
keep backwards compatibility: people might call unmask to remove filesystem
masks even if there's still a cmdline param in place. We allow 'systemctl
mask' to create such a mask, so 'unmask' should be able to remove it.
Fixes #22689.
|
| | |
| |
| |
| |
| | |
In the next commit cleanup will be used in one more place. This change
avoids proliferation of the open-coded cleanup calls.
|
| | |
| |
| |
| |
| |
| |
| | |
- shorter is better
- name now matches the defining-file name
I was also considering UnitInstallInfo. Can change if people prefer that.
|
| | |
| |
| |
| |
| |
| | |
We had an anonymous enum with values called UNIT_FILE_…, which could easily be
confused with UNIT_FILE_… from UnitFileFlags enum. This commit renames the enum
values and also the variables which refer to them.
|
| | | |
|
| | |
| |
| |
| |
| | |
git grep -l -nwi 'UnitFileType|UNIT_FILE_TYPE' | \
xargs sed -r -i 's/UnitFileType/InstallMode/g; s/UNIT_FILE_TYPE/INSTALL_MODE/g; s/unit_file_type/install_mode/g'
|
| | |
| |
| |
| |
| | |
It's shorter and more generic. The struct can contain info about changes to
unit files, but also symlinks and errors.
|
| | |
| |
| |
| |
| | |
… or 'name_or_path' or 'names_or_paths' as appropriate. Those functions are
generally called with unit names as arguments.
|
| | |
| |
| |
| |
| |
| |
| | |
descriptor of device node
In dissect_loop_device(), we have opened the device node. Let's reuse
the file descriptor.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
file descriptor
If multiple services with the same encrypted image are simultaneously
starting, one may deactivate the dm device while others using it.
Or, similary, after (regular) partitions are dissected, another process
may try to remove them before we mount them.
To prevent such situations, let's keep the dissected and decrypted
partitions opened. Then, use the file descriptors when we mount the
partitions.
Fixes #24617.
|
| | |
| |
| |
| |
| | |
Hopefully decrease the chance that the device is removed soon after
it is detected.
|
| | |
| |
| |
| |
| | |
See target_message() in drivers/md/dm-ioctl.c and
dm_cancel_deferred_remove() in drivers/md/dm.c.
|
| | |
| |
| |
| | |
No functional change, just refactoring.
|
| |\ \
| | |
| | | |
portable: allow caller to override extension-release name check
|
| | | |
| | |
| | |
| | |
| | | |
When the --force flag is used, do not insist that the extension-release
file has to match the extension image name
|
| | | |
| | |
| | |
| | | |
They will not be recognized. libmount filters them manually.
|
| |\ \ \
| |/ /
|/| | |
Remove nss lookups from pid1
|
| | |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
PID 1 is not allowed to do nss lookups because this may take a long time or
even deadlock.
While at it, the comparisons are reordered to do the "easy" comparisons which
only require a string comparison first. Delay parsing of the UID until it is
really necessary. The result is the same, because we know that "root" and
"nobody" parse as valid.
|
| |\ \
| | |
| | | |
Cryptsetup compilation fixes
|
| | | | |
|
| |\ \ \
| | | |
| | | | |
Erradicate strerror
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Here SYNTHETIC_ERRNO() was used based on the general rule that logging
functions should do that when the error value is generated at the call
site. But here we're really propagating a memory allocation error, which
wasn't reported using errno, but the meaning is the same. And it's better
to bend the rule a bit like this than to use strerror().
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This is a primitive helper that wraps calls to pam_syslog() replacing
@PAMERR@ with pam_strerror() output in the format string. This allows for
a bunch of boilerplate to be removed.
@PAMERR@ is only supported at the end of the string. Similarly to %m,
realistically that's the only place where it is useful.
Note that unlike in logging functions in log.[ch], here the error value is
only used for the message and is not saved anywhere, so we don't need to
care about SYNTHETIC_ERRNO.
|
| | | |/
| |/|
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
So far our pam code was using strerror_safe(). But that's not a good approach,
because strerror_safe() is not thread-safe, and the pam code is "library code"
that should be thread-safe. In fact, the whole effort to use strerror() is
unnecessary, because pam_syslog() is documented to support %m. The
implementation in linux-pam simply uses vasprintf(). If we use %m too, we get
rid of the issue. The wrapper sets errno temporarily from the argument.
Apparently some PAM consumers run multiple PAM stacks in threads, so we should
avoid non-thread-safe code.
The new helper returns PAM_BUF_ERR for ENOMEM, and PAM_SERVICE_ERR in other
cases. This may change the returned code in some cases, but I think a) it
doesn't matter much, b) it's probably for the better. E.g. we might now return
PAM_SERVICE_ERR if the dbus message is borked, and PAM_SERVICE_ERR seems
appropriate.
|
| |\ \ \
| | | |
| | | | |
logs-show timestamp fix
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
parameters
make sure we always have something to return in all return parameters,
including in the boot id return parameter, in all code paths.
Follow-up for: #24965
|
| | | |/
| |/| |
|
| |/ /
| |
| |
| |
| |
| |
| |
| | |
Those may go via the PC speaker, which is annoying and unexpected.
Most people have it off, so this doesn't work reliably anyway, so we can
disable it without much loss.
Fixes #23520.
|
| | |
| |
| |
| |
| |
| |
| | |
If _SOURCE_MONOTONIC_TIMESTAMP was set in the entry, we wouldn't
query the boot ID, leading to every kernel entry in the export mode
to have BOOT_ID=000000000000000. Let's fix this by always querying
the boot ID.
|
| | |
| |
| |
| |
| | |
We check the same list of error codes on various xattr operations, and
we should on some more. Add a common helper for this purpose.
|
| | |
| |
| |
| |
| |
| | |
This reverts commit 721620e8a32907ffe546a582c5ac7136b6367510.
This commit was accidentally merged as part of #22998
|
