gcc does not know that errno cannot be negative, and warns
about unitialized variables later on. Kill the warnings by
returning -errno only after checking that errno is positive.
There are many ways in which we can get those checks wrong, so it is
better to warn and then error out on a real access failure.
The error messages are wrapped to <80 lines, because their primary
use is to be displayed in the terminal, and it is easier to read them
this way. Reading them in the journal can be a bit trickier, but
this is a bug in logs-show.c.
journalctl: give a nice hint about group membership based on ACLs of /var/log/journal
If we notice that we unprivileged and not in any of the groups which
have access to /var/log/journal, print a nice message about which groups
do.
This checks and prints all groups that are in the default ACL for
/var/log/journal, which is not necessarily correct for all journal
files, but pretty close.
systemd-python: split out realtime and monotonic into separate functions
This matches the C API more closely, and also enables the
user to get just partial information, should she desire to
do so.
Functions names in error messages are modified to not include
the class name, because Python uses just the function name
into functions declared as METH_NOARGS, and error messages
were inconsistent.
Getting the cursor is split out from .get_next() into
.get_cursor(). This mirrors the C API more closely, and
also makes things a bit faster if the cursor is not needed.
The behaviour wrt. seconds vs. microseconds was inconsistent.
Now _Reader always uses native units (us), while Reader always
uses seconds and accepts both floats and ints. This way the
conversion is always done in the Python layer, and the lower
level API allows access to the journal API without the potentially
lossy conversion between double and uint64_t.
This one is fake. But let's kill it, avoiding two condition checks
in the process.
src/shutdownd/shutdownd.c: In function 'when_wall':
src/shutdownd/shutdownd.c:182:44: warning: 'sub' may be used uninitialized in this function [-Wmaybe-uninitialized]
return elapse > sub ? elapse - sub : 1;
^
In file included from src/bootchart/svg.c:36:0:
src/bootchart/svg.c: In function 'svg_ps_bars':
./src/shared/util.h:524:13: warning: 'enc_name' may be used uninitialized in this function [-Wmaybe-uninitialized]
free(*(void**) p);
^
src/bootchart/svg.c:821:37: note: 'enc_name' was declared here
char _cleanup_free_*enc_name;
^
CC src/udev/mtd_probe/mtd_probe-probe_smartmedia.o
XSLT man/systemd.unit.5
In file included from src/bootchart/svg.c:36:0:
src/bootchart/svg.c: In function 'svg_pss_graph':
./src/shared/util.h:524:13: warning: 'enc_name' may be used uninitialized in this function [-Wmaybe-uninitialized]
free(*(void**) p);
^
src/bootchart/svg.c:395:37: note: 'enc_name' was declared here
char _cleanup_free_*enc_name;
^
initctl: fix return from unitialized memory in error path
src/initctl/initctl.c: In function 'server_init':
src/initctl/initctl.c:282:13: warning: 'r' may be used uninitialized in this function [-Wmaybe-uninitialized]
int r;
^
Instead of allowing certain actions fail during authentication and
connection setup, implicitly synchronize on the connection to be set up
completely before returning.
src/activate/activate.c:167:51: warning: declaration shadows a variable in the global scope [-Wshadow]
static int launch(char* name, char **argv, char **environ, int fds) {
^
/usr/include/unistd.h:546:15: note: previous declaration is here
extern char **environ;
^
systemd-analyze: do not format timestamp when not printing it
../src/analyze/systemd-analyze.c:530:88: warning: data argument not used by format string [-Wformat-extra-args]
...svg_text(false, u->ixt, y, u->time? "%s (%s)" : "%s", u->name, format_timespan(ts, sizeof(ts), u->time));
~~~~ ^
Make PrivateTmp dirs also inaccessible from the outside
Currently, PrivateTmp=yes means that the service cannot see the /tmp
shared by rest of the system and is isolated from other services using
PrivateTmp, but users can access and modify /tmp as seen by the
service.
Move the private /tmp and /var/tmp directories into a 0077-mode
directory. This way unpriviledged users on the system cannot see (or
modify) /tmp as seen by the service.
Jan Engelhardt [Wed, 20 Mar 2013 14:23:32 +0000 (15:23 +0100)]
libudev: avoid potential misaligned accesses
clang reports:
src/libudev/libudev-util.c:665:35: warning: cast from
"const unsigned char *" to "unsigned int *" increases required alignment
from 1 to 4 [-Wcast-align]
Kay Sievers [Wed, 20 Mar 2013 00:26:17 +0000 (01:26 +0100)]
rules: move builtin calls before the permissions section
<heftig> kay: systemd commit 22582bb broke cups usb printing for me
<heftig> because the "lp" group isn't applied anymore
<heftig> SUBSYSTEM=="usb", ENV{DEVTYPE}=="usb_device", ENV{ID_USB_INTERFACES}=="*:0701??:*", GROUP="lp"
<heftig> moving this line to the end of 50-udev-default.rules restores correct behavior, as it's after usb_id
Martin Pitt [Tue, 19 Mar 2013 12:10:29 +0000 (13:10 +0100)]
keymaps: Use F20 for micmute keys to be friendly to X.org
The "micmute" key code is outside of X.org's allowed range [1].
gnome-settings-daemon interprets F20 as "microphone mute" these days [2], so
use this until X.org either gets fixed or obsoleted.
Seems natural to be able to specify relative directory,
e.g. with journalctl -D. And even if, this should be checked
in front-end code, not in the library.
Tom Gundersen [Sat, 16 Mar 2013 08:26:47 +0000 (17:26 +0900)]
udev: builtin - use RUN rather than IMPORT for loading modules
The 'kmod' builtin, like the 'firmware' and 'uaccess' builtins, does not set
any variables, so don't use IMPORT.
Notice that this changes the behaviour slightly: the processing of subsequent
rules for the event that loads a module will no longer wait for the module
loading to finish. This is not expected to cause any problems, but we should
keep an eye on it.
Tom Gundersen [Sun, 17 Mar 2013 04:23:33 +0000 (13:23 +0900)]
udev: net-name-slot - disable by kernel command line switch
The properties will still be set in the udev database, but they will not be used
for setting the interface names. As for the other kernel commandline switches,
we allow it to be prefixed by 'rd.' to only apply in the initrd.