picnoir/Systemd
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
14066 commits 2 branches 0 tags 166 MiB
Commit graph

30 commits

Author SHA1 Message Date
Lennart Poettering 89f7c8465c machined: optionally, allow registration of pre-existing units (scopes 
or services) as machine with machined
 2014-02-11 17:16:08 +01:00
Lennart Poettering 6261f11fc3 machinectl: fix success check when getting pty from within container 2013-12-23 20:25:57 +01:00
Lennart Poettering fbadf04511 bus: when getting a kdbus connection into a container wait first for child, then read message 
There's no EOF generated for AF_UNIX/SOCK_DGRAM sockets, hence let's
wait for the child first to see if it succeeded, only then read the socket.
 2013-12-23 19:10:11 +01:00
Djalal Harouni 8c841f21f5 machinectl: show_properties() already logs the error 2013-12-18 23:58:23 -05:00
Lennart Poettering a4475f577b bus: when entering an existing namespace to connect to a container's system bus also switch over PID namespace 
This is necessary to ensure that kdbus can collect creds of the
destination namespace when connecting.
 2013-12-17 01:05:37 +01:00
Lennart Poettering bc9fd78c7b bus: when connecting to a container's kdbus instance, enter namespace first 
Previously we'd open the connection in the originating namespace, which
meant most peers of the bus would not be able to make sense of the
PID/UID/... identity of us since we didn't exist in the namespace they
run in. However they require this identity for privilege decisions,
hence disallowing access to anything from the host.

Instead, when connecting to a container, create a temporary subprocess,
make it join the container's namespace and then connect from there to
the kdbus instance. This is similar to how we do it for socket
conections already.

THis also unifies the namespacing code used by machinectl and the bus
APIs.
 2013-12-14 05:10:25 +01:00
Zbigniew Jędrzejewski-Szmek 4f8f66cb42 Help output spring cleaning 
Use [brackets] only for optional elements.
Use <optional> in XML sources.
 2013-12-08 19:26:51 -05:00
Lennart Poettering 613b411c94 service: add the ability for units to join other unit's PrivateNetwork= and PrivateTmp= namespaces 2013-11-27 20:28:48 +01:00
Lennart Poettering a6c616024d machinectl: close bus to container early 2013-11-08 14:07:26 +01:00
Lennart Poettering 74c7b1ed05 machinectl: show list headers even if we pipe, since that appears to be the usual way 2013-11-07 21:28:15 +01:00
Lennart Poettering 5b30bef856 bus: log message parsing errors everywhere with a generalized bus_log_parse_error() 2013-11-07 21:26:31 +01:00
Lennart Poettering 46e65dcc3a polkit: don't spawn local client if we access a remote system 2013-11-07 21:06:44 +01:00
Simon Peeters 27e72d6b22 bus: make bus_print_all_properties work for non machinectl cases 
add a destination parameter and skip properties we can't read
 2013-11-07 14:18:35 +01:00
Lennart Poettering 8bdbb8d9cb machinectl: we need glibc's socket.h, not our own 2013-11-07 00:53:19 +01:00
Zbigniew Jędrzejewski-Szmek 34a6778fb9 machinectl: use initialization instead of zeroing 2013-11-06 14:56:47 -05:00
Lennart Poettering eb9da376d7 clients: unify how we invoke getopt_long() 
Among other things this makes sure we always expose a --version command
and show it in the help texts.
 2013-11-06 18:28:39 +01:00
Lennart Poettering 84f6181c2a clients: various simplifications 2013-11-06 17:32:51 +01:00
Kay Sievers 9f6eb1cd58 bus: update bus_map_all_properties() 2013-11-05 02:57:49 +01:00
Thomas Hindoe Paaboel Andersen f69157a66f machinectl: fix warning when compiling with -Og 
src/machine/machinectl.c: In function ‘openpt_in_namespace’:
src/machine/machinectl.c:623:44: warning: ‘master’ may be used uninitialized in this function [-Wmaybe-uninitialized]
                         close_nointr_nofail(master);
                                            ^
 2013-11-01 20:54:29 +01:00
Lennart Poettering 04d3927924 machinectl: add new command to spawn a getty inside a container 2013-10-31 01:43:38 +01:00
Lennart Poettering d21ed1ead1 run: add support for executing commands remotely via SSH or in a container 
Also, unify the transport logic a bit, since we reuse the same scheme in
many of our client tools.
 2013-10-30 16:44:55 +01:00
Lennart Poettering 53755121e1 machinectl: we don't really just show information, we execute operations 2013-10-30 15:42:06 +01:00
Lennart Poettering a7893c6b28 bus: add API call to create bus connection to the system bus of local containers 
Also, add support for this to machinectl, so that we can enumerate the
machines that run inside a container. We must go deeper!
 2013-10-30 15:37:02 +01:00
Lennart Poettering 0f8bd8debb bus: move ssh support into public API of libsystem-bus 2013-10-30 15:35:49 +01:00
Marc-Antoine Perennou 415e7f65db machinectl: privileged option is gone 2013-10-30 15:35:59 +01:00
Tom Gundersen a1da85830b machinectl: port to sd-bus 2013-10-30 03:40:23 +01:00
Lennart Poettering 9d12709626 loginctl: suppress cgroup tree output if cgroup is empty 
same for machinectl
 2013-07-11 19:14:38 +02:00
Lennart Poettering aa1936ea1a loginctl: restore cgroup display for status output 
Same for machinectl.
 2013-07-11 00:32:32 +02:00
Zbigniew Jędrzejewski-Szmek 19887cd06a man: document machinectl and systemd-machined 2013-07-06 22:23:31 -04:00
Lennart Poettering 1ee306e124 machined: split out machine registration stuff from logind 
Embedded folks don't need the machine registration stuff, hence it's
nice to make this optional. Also, I'd expect that machinectl will grow
additional commands quickly, for example to join existing containers and
suchlike, hence it's better keeping that separate from loginctl.
 2013-07-02 03:47:23 +02:00