]>
git.ipfire.org Git - thirdparty/systemd.git/log
Zbigniew Jędrzejewski-Szmek [Thu, 11 Apr 2019 16:28:36 +0000 (18:28 +0200)]
NEWS: update contributors and date
Sebastian Krzyszkowiak [Thu, 11 Apr 2019 14:31:09 +0000 (16:31 +0200)]
hwdb: mark Apple Magic Trackpads as external
Applies only to USB - when connected via Bluetooth it already gets marked correctly.
Jonathan Lebon [Wed, 10 Apr 2019 21:28:15 +0000 (17:28 -0400)]
fstab-generator: use DefaultDependencies=no for /sysroot mounts
Otherwise we can end up with an ordering cycle. Since
d54bab90 , all
local mounts now gain a default `Before=local-fs.target` dependency.
This doesn't make sense for `/sysroot` mounts in the initrd though,
since those happen later in the boot process.
Closes: #12231
Lennart Poettering [Thu, 11 Apr 2019 15:03:57 +0000 (17:03 +0200)]
Merge pull request #12279 from keszybz/sd-bus-long-signatures
sd-bus: properly handle messages with overlong signatures
Lennart Poettering [Thu, 11 Apr 2019 13:21:45 +0000 (15:21 +0200)]
Merge pull request #12274 from poettering/nss-fixlets
some nss module fixlets
Zbigniew Jędrzejewski-Szmek [Thu, 11 Apr 2019 12:07:22 +0000 (14:07 +0200)]
sd-bus: add define for the maximum name length
Less magic numbers in the code…
Zbigniew Jędrzejewski-Szmek [Thu, 11 Apr 2019 12:02:59 +0000 (14:02 +0200)]
sd-bus: add define for the maximum signature length
Less magic numbers in the code…
Zbigniew Jędrzejewski-Szmek [Thu, 11 Apr 2019 12:01:38 +0000 (14:01 +0200)]
bus-message: validate signature in gvariant messages
We would accept a message with 40k signature and spend a lot of time iterating
over the nested arrays. Let's just reject it early, as we do for !gvariant
messages.
Lennart Poettering [Thu, 11 Apr 2019 09:06:40 +0000 (11:06 +0200)]
nss-resolve: list more errors as cause for fallback
If dbus-daemon kicks us from the bus or hangs, we should fallback too.
Fixes: #12203
Lennart Poettering [Thu, 11 Apr 2019 09:00:22 +0000 (11:00 +0200)]
nss-resolve: simplify condition
Of course, if the error is NXDOMAIN then it's not one of the errors
listed for fallback, hence don't bother...
Lennart Poettering [Wed, 10 Apr 2019 19:56:37 +0000 (21:56 +0200)]
nss-mymachines: return NO_RECOVERY instead of NO_DATA when we fail to do D-Bus and similar
This makes more semantical sense and is what we do in nss-resolve in a
similar case, hence let's remove the differences here.
Lennart Poettering [Wed, 10 Apr 2019 19:40:49 +0000 (21:40 +0200)]
nss-myhostname: unify code that handles NOT_FOUND case
Just some minor rework to make this more like nss-resolve.
Lennart Poettering [Wed, 10 Apr 2019 19:57:44 +0000 (21:57 +0200)]
nss-resolve: resue a jump target
We can reuse "fail" here, since it does the same thing.
Lennart Poettering [Wed, 10 Apr 2019 19:27:16 +0000 (21:27 +0200)]
nss-resolve: return error properly
Lennart Poettering [Wed, 10 Apr 2019 19:26:46 +0000 (21:26 +0200)]
nss-resolve: drop unnecessary variable
We assign the same value to "ret" always, let's just return the value
literally.
Lennart Poettering [Thu, 11 Apr 2019 08:22:46 +0000 (10:22 +0200)]
Merge pull request #12271 from poettering/errno-accept-again
accept() errno fixes
Yu Watanabe [Thu, 11 Apr 2019 06:38:32 +0000 (15:38 +0900)]
test: make directory for drop-in config
Follow-up for
a2fbac5875776e9e327f30cf2a8b3070a4c1552a .
Zbigniew Jędrzejewski-Szmek [Thu, 11 Apr 2019 06:31:14 +0000 (08:31 +0200)]
Merge pull request #12270 from yuwata/test-set-longer-timeout
test: set longer timeout
Lennart Poettering [Wed, 10 Apr 2019 17:50:53 +0000 (19:50 +0200)]
tree-wide: port users over to use new ERRNO_IS_ACCEPT_AGAIN() call
Yu Watanabe [Wed, 10 Apr 2019 17:27:42 +0000 (02:27 +0900)]
test: set longer watchdog timeout for timedated
Lennart Poettering [Wed, 10 Apr 2019 17:40:40 +0000 (19:40 +0200)]
errno-util: add new ERRNO_IS_ACCEPT_AGAIN() test
This is modelled after the existing ERRNO_IS_RESOURCES() and in
particular ERRNO_IS_DISCONNECT(). It returns true for all transient
network errors that should be handled like EAGAIN whenever we call
accept() or accept4(). This is per documentation in the accept(2) man
page that explicitly says to do so in the its "RETURN VALUE" section.
The error list we cover is a bit more comprehensive, and based on
existing code of ours. For example EINTR is included too (since we need
that to cover cases where we call accept()/accept4() on a blocking
socket), and of course ERRNO_IS_DISCONNECT() is a bit more comprehensive
than the list in the man page too.
Lennart Poettering [Wed, 10 Apr 2019 17:39:12 +0000 (19:39 +0200)]
errno-util: rework ERRNO_IS_RESOURCE() from macro into static inline function
No technical reason, except that later on we want to add a new
ERRNO_IS() which uses the parameter twice and where we want to avoid
double evaluation, and where we'd like to keep things in the same style.
Lennart Poettering [Wed, 10 Apr 2019 17:38:37 +0000 (19:38 +0200)]
errno-util: add three more error codes to ERRNO_IS_DISCONNECT()
This is based on the recommendations in accept4() and the listed error
codes there.
Lennart Poettering [Wed, 10 Apr 2019 17:37:36 +0000 (19:37 +0200)]
tree-wide: voidify some socket calls
Lennart Poettering [Wed, 10 Apr 2019 17:36:40 +0000 (19:36 +0200)]
lgtm: complain about accept() [people should use accept4() instead, due to O_CLOEXEC]
Yu Watanabe [Wed, 10 Apr 2019 17:27:15 +0000 (02:27 +0900)]
test: set longer timeout for 'udevadm control'
Yu Watanabe [Wed, 10 Apr 2019 05:26:23 +0000 (14:26 +0900)]
network: fix use-of-uninitialized-value or null dereference
This fixes a bug introduced by
6ef5c881dd5568f08dc35013e24f7d857f36b207 .
Fixes oss-fuzz#14157 and oss-fuzz#14158.
Paul Menzel [Tue, 9 Apr 2019 16:37:46 +0000 (18:37 +0200)]
Update UEFI URLs (#12260)
* Use more secure https://www.uefi.org
http://www.uefi.org directs to https://uefi.org/, so this saves one
redirect.
$ curl -I http://www.uefi.org
HTTP/1.1 302 Found
Server: nginx
Date: Tue, 09 Apr 2019 14:54:46 GMT
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
X-Content-Type-Options: nosniff
Location: https://uefi.org/
Cache-Control: max-age=
1209600
Expires: Tue, 23 Apr 2019 14:54:46 GMT
Run the command below to update all occurrences.
git grep -l http://www.uefi.org | xargs sed -i 's,http://www.uefi.org,https://www.uefi.org,'
* Use https://uefi.org to save redirect
Save one redirect by using the target location.
$ curl -I https://www.uefi.org
HTTP/1.1 301 Moved Permanently
Server: nginx
Date: Tue, 09 Apr 2019 14:55:42 GMT
Content-Type: text/html; charset=iso-8859-1
Connection: keep-alive
X-Content-Type-Options: nosniff
Location: https://uefi.org/
Cache-Control: max-age=
1209600
Expires: Tue, 23 Apr 2019 14:55:42 GMT
Run the command below to update all occurrences.
git grep -l https://www.uefi.org | xargs sed -i 's,https://www.uefi.org,https://uefi.org,'
Zbigniew Jędrzejewski-Szmek [Tue, 9 Apr 2019 09:56:52 +0000 (11:56 +0200)]
Merge pull request #12252 from keszybz/libmount-dont-unescape
Don't unescape paths from libmount
Zbigniew Jędrzejewski-Szmek [Tue, 9 Apr 2019 08:52:52 +0000 (10:52 +0200)]
Merge pull request #12223 from yuwata/network-wireguard-preshared-key-file
network: add PresharedKeyFile= setting and make reading key file failure fatal
Zbigniew Jędrzejewski-Szmek [Fri, 5 Apr 2019 08:17:03 +0000 (10:17 +0200)]
pid1,shutdown: do not cunescape paths from libmount
The test added in previous commit shows that libmount does the unescaping
internally.
Zbigniew Jędrzejewski-Szmek [Fri, 5 Apr 2019 07:43:12 +0000 (09:43 +0200)]
test-libmount: let's see how libmount parses stuff
With libmount-2.33.1-3.fc30.x86_64 I get:
/* test_libmount_unescaping_one escaped space + utf8 */
from '729 38 0:59 / /tmp/\342\200\236zupa\\040z\304\231bowa\342\200\235 rw,relatime shared:395 - tmpfs die\\040Br\303\274he rw,seclabel'
source: 'die Brühe'
source: 'die Br\303\274he'
source: 'die Brühe'
expected: 'die Brühe'
target: '/tmp/„zupa zębowa”'
target: '/tmp/\342\200\236zupa z\304\231bowa\342\200\235'
target: '/tmp/„zupa zębowa”'
expected: '/tmp/„zupa zębowa”'
/* test_libmount_unescaping_one escaped newline */
from '729 38 0:59 / /tmp/x\\012y rw,relatime shared:395 - tmpfs newline rw,seclabel'
source: 'newline'
source: 'newline'
source: 'newline'
expected: 'newline'
target: '/tmp/x
y'
target: '/tmp/x\ny'
target: '/tmp/x
y'
expected: '/tmp/x
y'
/* test_libmount_unescaping_one empty source */
from '760 38 0:60 / /tmp/emptysource rw,relatime shared:410 - tmpfs rw,seclabel'
source: ''
source: ''
source: ''
expected: ''
target: '/tmp/emptysource'
target: '/tmp/emptysource'
target: '/tmp/emptysource'
expected: '/tmp/emptysource'
/* test_libmount_unescaping_one foo\rbar */
from '790 38 0:61 / /tmp/foo\rbar rw,relatime shared:425 - tmpfs tmpfs rw,seclabel'
source: 'tmpfs'
source: 'tmpfs'
source: 'tmpfs'
expected: 'tmpfs'
target: '/tmp/foo'
target: '/tmp/foo'
target: '/tmp/foo'
expected: 'n/a'
With https://github.com/karelzak/util-linux/issues/780 fixed, we get
/* test_libmount_unescaping_one foo\rbar */
from '790 38 0:61 / /tmp/foo\rbar rw,relatime shared:425 - tmpfs tmpfs rw,seclabel'
source: 'tmpfs'
source: 'tmpfs'
source: 'tmpfs'
expected: 'tmpfs'
target: '/tmp/foo
bar'
target: '/tmp/foo\rbar'
target: '/tmp/foo
bar'
expected: '/tmp/foo
bar'
welaq [Mon, 8 Apr 2019 19:03:26 +0000 (22:03 +0300)]
l10n: Updated Lithuanian translation
Yu Watanabe [Mon, 8 Apr 2019 15:13:56 +0000 (00:13 +0900)]
NEWS: mention PresharedKeyFile=
Yu Watanabe [Fri, 5 Apr 2019 08:52:29 +0000 (17:52 +0900)]
test-network: add tests for WireGuardPeer.PresharedKey= and PresharedKeyFile=
Yu Watanabe [Mon, 8 Apr 2019 15:11:43 +0000 (00:11 +0900)]
network: make wireguard_decode_key_and_warn() take uint8_t buf[static WG_KEY_LEN]
Yu Watanabe [Sun, 7 Apr 2019 18:48:57 +0000 (03:48 +0900)]
network: warn when wireguard keys are stored in world readable files
Yu Watanabe [Fri, 5 Apr 2019 08:33:09 +0000 (17:33 +0900)]
network: add WireGuardPeer.PresharedKeyFile= setting
Yu Watanabe [Sun, 7 Apr 2019 17:48:02 +0000 (02:48 +0900)]
network: clear wireguard keys on failure or on exit
Yu Watanabe [Fri, 5 Apr 2019 08:28:46 +0000 (17:28 +0900)]
network: make reading PrivateKeyFile= failure always fatal
This also refactor wireguard_read_key_file().
Yu Watanabe [Mon, 8 Apr 2019 14:40:22 +0000 (23:40 +0900)]
fileio: add READ_FULL_FILE_UNBASE64 flag for read_full_file_full()
Yu Watanabe [Mon, 8 Apr 2019 05:15:10 +0000 (14:15 +0900)]
fileio: read_full_file_full() also warns when file is world readable and secure flag is set
Yu Watanabe [Sun, 7 Apr 2019 18:48:30 +0000 (03:48 +0900)]
fileio: introduce warn_file_is_world_accessible()
Yu Watanabe [Sun, 7 Apr 2019 17:22:40 +0000 (02:22 +0900)]
util: introduce READ_FULL_FILE_SECURE flag for reading secure data
Zbigniew Jędrzejewski-Szmek [Mon, 8 Apr 2019 19:58:11 +0000 (21:58 +0200)]
Merge pull request #12241 from keszybz/two-man-link-additions
Two man link additions
Lennart Poettering [Mon, 8 Apr 2019 12:55:41 +0000 (14:55 +0200)]
inhibit: fix argv[] usage
Another fix in style of
ed179fd71030ddd657500591dac37e7499fc7b2c and
bd169c2be0fbdaf6eb2ea7951e650d5e5983fbf6 ..
I hope we are soon complete with these.
Fixes: #12246
Zbigniew Jędrzejewski-Szmek [Mon, 8 Apr 2019 13:45:45 +0000 (15:45 +0200)]
NEWS: add mention of time-set.target
Zbigniew Jędrzejewski-Szmek [Mon, 8 Apr 2019 07:20:16 +0000 (09:20 +0200)]
man: add a lengthy example for NamePolicy= debugging
This is still rather opaque, and test-builtin is quite useful in this
case, let's advertise it a bit more.
Zbigniew Jędrzejewski-Szmek [Mon, 8 Apr 2019 06:59:45 +0000 (08:59 +0200)]
man: say that .link NamePolicy= should be empty for Name= to take effect
The description of NamePolicy= implied this, but didn't spell it out. It's a
very common use case, so let's add a bit of explanation and ehance the example
a bit.
Inspired by https://bugzilla.redhat.com/show_bug.cgi?id=
1695894 .
Lennart Poettering [Mon, 8 Apr 2019 13:31:31 +0000 (15:31 +0200)]
Merge pull request #12244 from poettering/242-news-final
final 242 NEWS tweaks + another hwdb update
Lennart Poettering [Mon, 8 Apr 2019 13:17:23 +0000 (15:17 +0200)]
man: add references from the .mount and .service man pages to systemd-{mount,run} pages
Fixes: #12235
Zbigniew Jędrzejewski-Szmek [Mon, 8 Apr 2019 13:22:44 +0000 (15:22 +0200)]
Merge pull request #12245 from poettering/empty-or-dash
introduce empty_or_dash() helper
Lennart Poettering [Mon, 8 Apr 2019 12:43:37 +0000 (14:43 +0200)]
man: elaborate on fd ownership in sd_event_add_io(3)
Replaces: #12239
Peter A. Bigot [Mon, 30 Apr 2018 12:05:29 +0000 (07:05 -0500)]
units: add time-set.target
time-sync.target is supposed to indicate system clock is synchronized
with a remote clock, but as used through 241 it only provided a system
clock that was updated based on a locally-maintained timestamp. Systems
that are powered off for extended periods would not come up with
accurate time.
Retain the existing behavior using a new time-set.target leaving
time-sync.target for cases where accuracy is required.
Closes #8861
Lennart Poettering [Mon, 8 Apr 2019 12:31:15 +0000 (14:31 +0200)]
coccinelle: add coccinelle script for empty_or_dash() use
Paul Menzel [Mon, 8 Apr 2019 08:53:55 +0000 (10:53 +0200)]
man/systemd-sysusers: Fix typo in *from* to *form*
Lennart Poettering [Mon, 8 Apr 2019 10:11:11 +0000 (12:11 +0200)]
basic: add new helper call empty_or_dash_to_null()
We have a function like this at two places already. Let's unify it in
one generic location and let's port a number of users over.
Lennart Poettering [Mon, 8 Apr 2019 10:03:33 +0000 (12:03 +0200)]
tree-wide: introduce empty_or_dash() helper
At quite a few places we check isempty() || streq(…, "-"), let's add a
helper to simplify that, and replace that by a single function call.
Lennart Poettering [Mon, 8 Apr 2019 09:42:10 +0000 (11:42 +0200)]
hwdb: update hwdb
Lennart Poettering [Mon, 8 Apr 2019 09:35:45 +0000 (11:35 +0200)]
update NEWS for 242 final
Lennart Poettering [Mon, 8 Apr 2019 09:19:34 +0000 (11:19 +0200)]
Merge pull request #12238 from keszybz/one-genuine-bugfix+lots-of-line-wrapping
One genuine bugfix and lots of line wrapping
Lennart Poettering [Mon, 4 Feb 2019 09:23:43 +0000 (10:23 +0100)]
pam-systemd: use secure_getenv() rather than getenv()
And explain why in a comment.
Jonas DOREL [Mon, 8 Apr 2019 06:19:58 +0000 (08:19 +0200)]
man: correct units path usage according to FHS (#11388)
According to the Filesystem Hierarchy Standard, "The /usr/local hierarchy is for use by the system administrator when installing software locally. It needs to be safe from being overwritten when the system software is updated". So it should not be used by installed packages.
Zbigniew Jędrzejewski-Szmek [Sun, 7 Apr 2019 20:00:11 +0000 (22:00 +0200)]
sysusers: use return_error_errno() where possible
Zbigniew Jędrzejewski-Szmek [Sun, 7 Apr 2019 19:37:18 +0000 (21:37 +0200)]
sysusers: add missing initalizer
I assume that this is the error causing the invalid free in
https://bugzilla.redhat.com/show_bug.cgi?id=
1670679 .
Zbigniew Jędrzejewski-Szmek [Sun, 7 Apr 2019 18:51:44 +0000 (20:51 +0200)]
logind: linewrap some long lines and remove unnecessary conditional
Yu Watanabe [Sun, 7 Apr 2019 18:41:03 +0000 (03:41 +0900)]
util: extend unbase64mem() to accept secure flag
When the flag is set, buffer is cleared on failure.
Jussi Pakkanen [Sat, 6 Apr 2019 19:59:06 +0000 (21:59 +0200)]
meson: drop misplaced -Wl,--undefined argument
Ld's man page says the following:
-u symbol
--undefined=symbol
Force symbol to be entered in the output file as an undefined symbol. Doing
this may, for example, trigger linking of additional modules from standard
libraries. -u may be repeated with different option arguments to enter
additional undefined symbols. This option is equivalent to the "EXTERN"
linker script command.
If this option is being used to force additional modules to be pulled into
the link, and if it is an error for the symbol to remain undefined, then the
option --require-defined should be used instead.
This would imply that it always requires an argument, which this does not
pass. Thus it will grab the next argument on the command line as its
argument. Before it took one of the many -lrt args (presumably) and now it
grabs something other random linker argument and things break.
[zj: this line was added in the first version of the meson configuration back
in
5c23128daba7236a6080383b2a5649033cfef85c . AFAICT, this was a mistake. No
such flag appeared in Makefile.am at the time.]
https://github.com/mesonbuild/meson/issues/5113
Lennart Poettering [Sun, 7 Apr 2019 17:36:32 +0000 (19:36 +0200)]
Merge pull request #12234 from yuwata/calendarspec-fix-oss-fuzz-14108
Calendarspec cleanups and fixes integer overflow
Yu Watanabe [Fri, 5 Apr 2019 08:24:50 +0000 (17:24 +0900)]
network: re-indent conf parsers in wireguard.c
Yu Watanabe [Sun, 7 Apr 2019 15:37:31 +0000 (00:37 +0900)]
calendarspec: fix possible integer overflow
Fixes oss-fuzz#14108.
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=14108
Yu Watanabe [Sun, 7 Apr 2019 15:32:14 +0000 (00:32 +0900)]
calendarspec: use _cleanup_ attributes for CalendarComponent
Yu Watanabe [Sun, 7 Apr 2019 15:21:37 +0000 (00:21 +0900)]
calendarspec: rename free_chain() to chain_free()
Yu Watanabe [Sun, 7 Apr 2019 15:18:54 +0000 (00:18 +0900)]
calendarspec: use structured initializers
Lennart Poettering [Fri, 5 Apr 2019 16:14:43 +0000 (18:14 +0200)]
nspawn: create boot_id and kmsg files for overmounting in /run, not /tmp
/tmp might not be mounted at all yet (given that we support
SYSTEMD_NSPAWN_TMPFS_TMP=0 to turn this off), and /tmp is a dir systemd
usually tries to unmount during shutdown (unlike /run), and we shouldn't
keep it busy. Hence let's just move these deleted files to /run so that
we don't keep /tmp needlessly busy.
Lennart Poettering [Fri, 5 Apr 2019 13:31:34 +0000 (15:31 +0200)]
lgtm: warn about strerror() use
Lennart Poettering [Fri, 5 Apr 2019 14:22:47 +0000 (16:22 +0200)]
meson: sort source files again
Zbigniew Jędrzejewski-Szmek [Thu, 4 Apr 2019 10:54:19 +0000 (12:54 +0200)]
shared: add a single definition of libmount cleanup functions
Use a trivial header file to share mnt_free_tablep and mnt_free_iterp.
It would be nicer put this in mount-util.h, but libmount.h is not in the
default include path, and the build system would have to be adjusted to pass
pkg-config include path in various places, and it's just not worth the trouble.
A separate header file works nicely.
Luís Ferreira [Wed, 3 Apr 2019 18:10:50 +0000 (19:10 +0100)]
hwdb: Add accelerometer orientation quirk for the Teclast F6 Pro
Lennart Poettering [Thu, 4 Apr 2019 08:04:26 +0000 (10:04 +0200)]
test-journal: move tests to /var/tmp/ and set FS_NOCOW_FL
The journal files might not be tiny hence let's write them to /var/tmp/
instead of /tmp. Also, let's turn on NOCOW on the files, as these tests
might apparently be slow on btrfs.
Fixes: #12210
Yu Watanabe [Thu, 4 Apr 2019 03:40:44 +0000 (12:40 +0900)]
ask-passwd: slightly optimize handling arguments
It is not necessary to copy arguments for each console.
Yu Watanabe [Thu, 4 Apr 2019 04:35:29 +0000 (13:35 +0900)]
bus-util: treat org.freedesktop.DBus.Error.ServiceUnknown nicely when polkit does not exist
Fixes #12209.
Yu Watanabe [Thu, 4 Apr 2019 04:05:12 +0000 (13:05 +0900)]
Merge pull request #12208 from poettering/base-file-system-tweaks
base-filesystem: be nicer to read-only fs images
Yu Watanabe [Thu, 4 Apr 2019 03:59:04 +0000 (12:59 +0900)]
Merge pull request #12207 from poettering/portable-bus-policy-fix
portabled dbus policy fix
Yu Watanabe [Fri, 29 Mar 2019 21:41:29 +0000 (06:41 +0900)]
udevadm: drop unused option
Lennart Poettering [Wed, 3 Apr 2019 18:10:19 +0000 (20:10 +0200)]
tty-ask-pw-agent: use right array
No point in copying the array if we are not going to use the copy.
Prompted by: https://github.com/systemd/systemd/pull/12183#issuecomment-
479591781
Lennart Poettering [Wed, 3 Apr 2019 14:12:41 +0000 (16:12 +0200)]
udev-util: allocate an event loop of our own for waiting
We can't use the per-thread default one here, as it might already be
running (for example, that's the case in portabled), and our event loops
are not recursive, hence running them a second time is not OK.
Lennart Poettering [Wed, 3 Apr 2019 14:55:01 +0000 (16:55 +0200)]
shared: be friendly to EROFS images
There are environments where /lib might not be necessary (think:
statically compiled portable service binary), hence don't insist on it
if the image is read-only.
Lennart Poettering [Wed, 3 Apr 2019 14:53:14 +0000 (16:53 +0200)]
shared: path_join() is your friend
Lennart Poettering [Wed, 3 Apr 2019 14:52:19 +0000 (16:52 +0200)]
shared: no need to initialize variable
Lennart Poettering [Wed, 3 Apr 2019 14:51:51 +0000 (16:51 +0200)]
portabled: fix method name
yikes.
Lennart Poettering [Wed, 3 Apr 2019 14:51:26 +0000 (16:51 +0200)]
portabled: reorder methods in vtable
Let's stick to the same order in the per-image vtable and the manager
vtable.
Lennart Poettering [Wed, 3 Apr 2019 14:50:49 +0000 (16:50 +0200)]
portabled: fix dbus policy
Let's whitelist the method calls actually defined, not some outdated old
names.
Zbigniew Jędrzejewski-Szmek [Wed, 3 Apr 2019 15:19:14 +0000 (17:19 +0200)]
Merge pull request #12198 from keszybz/seccomp-parsing-logging
Seccomp parsing logging cleanup
Zbigniew Jędrzejewski-Szmek [Wed, 3 Apr 2019 15:18:35 +0000 (17:18 +0200)]
Merge pull request #12205 from keszybz/update-release-docs
docs: let's not close the milestone early
Zbigniew Jędrzejewski-Szmek [Wed, 3 Apr 2019 14:43:17 +0000 (16:43 +0200)]
docs: also document updates to stable repo
Zbigniew Jędrzejewski-Szmek [Wed, 3 Apr 2019 14:23:43 +0000 (16:23 +0200)]
docs: let's not close the milestone early
Lennart Poettering [Wed, 3 Apr 2019 13:47:18 +0000 (15:47 +0200)]
Merge pull request #12202 from keszybz/seccomp-arm64
Fixes for S[GU]ID filter on arm64
Zbigniew Jędrzejewski-Szmek [Wed, 3 Apr 2019 11:11:00 +0000 (13:11 +0200)]
seccomp: rework how the S[UG]ID filter is installed
If we know that a syscall is undefined on the given architecture, don't
even try to add it.
Try to install the filter even if some syscalls fail. Also use a helper
function to make the whole a bit less magic.
This allows the S[UG]ID test to pass on arm64.
Zbigniew Jędrzejewski-Szmek [Wed, 3 Apr 2019 10:36:03 +0000 (12:36 +0200)]
test-seccomp: fix compilation on arm64
It has no open().