picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
38923 commits 2 branches 0 tags 166 MiB
Commit graph

24936 commits

Author SHA1 Message Date
Lennart Poettering eefc66aa8f util: split out some stuff into a new file limits-util.[ch] 2019-03-13 12:16:43 +01:00
Lennart Poettering 0cb8e3d118 util: split out namespace related stuff into a new namespace-util.[ch] pair 
Just some minor reorganiztion.
 2019-03-13 12:16:38 +01:00
Lennart Poettering 96c45cc697
Merge pull request #11861 from yuwata/network-verify-2 
network: config parser updates and wireguard refactoring
 2019-03-13 10:15:27 +01:00
Lennart Poettering 3cca6cfd41
Merge pull request #11893 from yuwata/wait-online-take-operstate 
wait-online: optionally take required minimum operational state
 2019-03-13 10:10:43 +01:00
Lennart Poettering 58fa7019a5
Merge pull request #11283 from yuwata/fix-11276 
core/namespace: introduce new mount mode READWRITE_IMPLICIT
 2019-03-13 09:57:18 +01:00
Yu Watanabe 2c65512ee7 cryptsetup: add same-cpu-crypt and submit-from-crypt-cpus options 
Closes #11946.
 2019-03-13 09:48:50 +01:00
Lennart Poettering 05044ebff9
Merge pull request #11933 from keszybz/coverity 
Minor tweaks to boot/efi code inspired by coverity
 2019-03-13 09:36:57 +01:00
Yu Watanabe 07e1ffe4ae wait-online: use log_link_debug() or friends 2019-03-13 14:29:03 +09:00
Yu Watanabe e67ae9f5e6 network: move log_link_debug() or friends to log-link.h 2019-03-13 14:29:03 +09:00
Yu Watanabe f023184e6d wait-online: support $REQUIRED_OPER_STATE_FOR_ONLINE= in state file 
This also make wait-online optionally take operstate in -i option,
and adds '--operstate' option to wait-online which also takes operstate.

Also, this contains huge refactoring for wait-online.
 2019-03-13 14:29:03 +09:00
Yu Watanabe 22eab27caa sd-network: add sd_network_link_get_required_operstate_for_online() 
It reads $REQUIRED_OPER_STATE_FOR_ONLINE in serialized link data.
 2019-03-13 14:29:03 +09:00
Yu Watanabe 4ac77d63e9 network: make RequiredForOnline= also take operational state 
This will be used by systemd-networkd-wait-online.
 2019-03-13 14:29:03 +09:00
Yu Watanabe f9974167e4 hashmap: add hashmap_free_free_keyp and friend 2019-03-13 14:29:03 +09:00
Yu Watanabe c9cc038343 network: introduce 'degraded-carrier' operstate to order all states 
Previously, 'degraded' state is ambiguous for bonding or bridge master:
1. one or more slave interfaces does not have carrier,
2. no link local address is assigned to the master,
3. combination of the above two.

This makes the above case 1 and 3 are in the new 'degraded-carrier'
state, and makes 'degraded' state as all slaves are active but no
link local address on master.
 2019-03-13 14:29:00 +09:00
Yu Watanabe 2cd6b9326c network: move LinkOperationalState and relevant functions to network-util.[ch] 2019-03-13 14:28:38 +09:00
Yu Watanabe 76df77794a wireguard: add PrivateKeyFile= option 
Closes #11878.
 2019-03-13 12:02:03 +09:00
Yu Watanabe 9cc9021aed wireguard: check whether PrivateKey= and PublicKey= are set 2019-03-13 11:59:18 +09:00
Yu Watanabe fedcb4c3eb wireguard: drop unused arguments and rename parse_wireguard_key() 2019-03-13 11:59:18 +09:00
Yu Watanabe 583eb170f0 wireguard: do not log wireguard key 
It may be PrivateKey=.
 2019-03-13 11:59:18 +09:00
Yu Watanabe 85c987a82d wireguard: reuse sd_event_source object 2019-03-13 11:59:18 +09:00
Yu Watanabe f1368a333e wireguard: use NetworkConfigSection to manage [WireGuardPeer] sections 
This also contains huge refactoring of wireguard support.
 2019-03-13 11:59:18 +09:00
Yu Watanabe 96db641250 test: make network_verify() public and use it in test-networkd-conf 2019-03-13 11:59:18 +09:00
Yu Watanabe fcbf4cb727 network: drop sections contain invalid settings in network_verify() 
If e.g., an [Address] section has an invalid setting, then
previously assigned settings in the section is freed, and
only later settings are stored. That may cause partially broken
section stored in Network object.

This makes if an invalid setting is found, then set 'invalid' flag
instead of freeing it. And invalid sections are dropped later by
network_verify().
 2019-03-13 11:59:18 +09:00
Yu Watanabe 9560e5b323 network: make all xxx_new_static() static 
These functions are called from only config parsers, and the parsers are
in the same files. So, let's make them static.
 2019-03-13 11:59:18 +09:00
Yu Watanabe fa7cd7117f network: add IPv4LL route right after .network file is parsed 
Previously, the route is added when the .network config is assigned
to a Link. So, if multiple links match the .network file, the route
entry becomes duplicated in the corresponding Network object.
 2019-03-13 11:59:18 +09:00
Yu Watanabe 48315d3dca network: move NetworkConfigSection and related functions to networkd-util.[ch] 2019-03-13 11:59:18 +09:00
Yu Watanabe 95dba43542 network: use ltype to determine netdev kind in config_parse_stacked_netdev() 2019-03-13 11:59:18 +09:00
Yu Watanabe 7e46b29bd3 test: add a testcase for ProtectHome=tmpfs vs ProtectSystem=strict 2019-03-13 11:53:59 +09:00
Yu Watanabe 5beb8688e0 core/namespace: logs mount mode when the entry is dropped 2019-03-13 11:53:22 +09:00
Yu Watanabe 1e05071d27 core/namespace: introduce new mount mode READWRITE_IMPLICIT 
ProtectSystem=strict or ProtectKernelTunable=yes create implicit
read-write mounts, but they are not overridable by TemporaryFileSystem=.
This makes such implicit read-write mounts use the new mount mode.
So, they can be override by TemproraryFileSystem= now.
A typical usecase is that ProtectSystem=strict and ProtectHome=tmpfs.

Fixes #11276.
 2019-03-13 11:51:09 +09:00
Lennart Poettering f3b5c814ab login: drop redundant newline 2019-03-12 16:10:55 +01:00
Lennart Poettering b2a3953f81 user-util: extra paranoia, make sure $SHELL can't be fucked with in suid programs 
It's better to be safe than sorry, let's not allow overriding of the
user shell in suid binaries. Similar for $USER.
 2019-03-12 16:10:55 +01:00
Lennart Poettering 9e73208afc execute: no need to synthesize $HOME for uid==0 again, get_home_dir() already does that 2019-03-12 16:10:55 +01:00
Lennart Poettering 7bbead1d0b execute: simplify paths we set as HOME/SHELL for invoked programs 2019-03-12 16:10:55 +01:00
Lennart Poettering db246781a0 user-util: simplify paths retrieved from $HOME and $SHELL 
Let's add some extra paranoia, after #11910
 2019-03-12 16:10:55 +01:00
Lennart Poettering d575f88bbe user-util: be more strict when reading $HOME and $SHELL 2019-03-12 16:10:55 +01:00
Lennart Poettering 47436d30bb user-util: paranoia — add overflow check on ERANGE loop 2019-03-12 16:10:55 +01:00
Lennart Poettering 11de56b9fa user-util: use SYNTHETIC_ERRNO() where we can 2019-03-12 16:08:57 +01:00
Lennart Poettering 0b78b1370c path-util: minimize variable scope 2019-03-12 16:08:57 +01:00
Lennart Poettering 458e60b3a9 path-util: check validity before normalization in path_simplify_and_warn() 
As the normalization check includes a validation check the order
matters.
 2019-03-12 16:08:57 +01:00
Lennart Poettering 71ae7b576c user-util: filter out invalid user record data a bit more thorougly 2019-03-12 16:08:57 +01:00
Lennart Poettering cd13d971dc logind: normalize home path when creating user object 
Triggered by: #11910
 2019-03-12 16:08:57 +01:00
Zbigniew Jędrzejewski-Szmek f5164dfebc
Merge pull request #11964 from mrc0mmand/even-more-fuzzers 
fuzz: add fuzzers for calendar & time expressions
 2019-03-12 15:08:20 +01:00
Zbigniew Jędrzejewski-Szmek fb6692ed33
Merge pull request #11927 from poettering/network-namespace-path 
Add NetworkNamespacePath= to unit files
 2019-03-12 14:29:14 +01:00
Zbigniew Jędrzejewski-Szmek 388d2993ec shared/bootspec: avoid going through -1 when calculating array index 
Coverity was complaining in CID#1399407 that config->entries might be used
while NULL. Let's add an assert to make sure it's not.

Also, let's quit early if we have no entries to loop through. The code was
not incorrect, but it's cleaner to avoid any negative indices.
 2019-03-12 13:32:45 +01:00
Zbigniew Jędrzejewski-Szmek 7a2cb0228c boot: avoid 32-bit calculation for a 64-bit lvalue 
Coverity CID#1399116:
> Potentially overflowing expression
> gpt_header_buffer.gpt_header.SizeOfPartitionEntry * gpt_header_buffer.gpt_header.NumberOfPartitionEntries
> with type unsigned int (32 bits, unsigned) is evaluated using 32-bit
> arithmetic, and then used in a context that expects an expression of type
> UINTN (64 bits, unsigned).

Let's import the ALIGN_TO macro to sd-boot and use it to avoid the issue.
 2019-03-12 13:32:45 +01:00
Zbigniew Jędrzejewski-Szmek ec637f309f
Merge pull request #11943 from yuwata/device-action-seqnum-cleanups 
sd-device: store parsed SEQNUM and ACTION string
 2019-03-12 13:17:33 +01:00
Frantisek Sumsal 55a365cb74 fuzz: add a fuzzer for time utils 2019-03-12 12:04:25 +01:00
Frantisek Sumsal 415b3f0bb2 fuzz: add a fuzzer for calendarspec 2019-03-12 11:57:09 +01:00
Yu Watanabe 1f682e243f udev: fix memleak in 'udevadm trigger --settle' 
Fixes #11966.
 2019-03-12 09:15:02 +01:00