Kay Sievers [Mon, 6 Jan 2014 22:37:23 +0000 (06:37 +0800)]
core: do not add implicit dbus.socket dependency
Sockets are ordered before sockets.target anyway, and sockets.target
is ordered before basic.target, and hence all bus services end up
being ordered after dbus.socket anyway. Since for kdbus clients
dbus.socket is obsolete, let's not add this dependency explicitly.
Also, it's hot in Australia and we are going for breakfast now.
src/libsystemd-bus/sd-bus.c: In function 'sd_bus_open_user':
src/libsystemd-bus/sd-bus.c:1104:25: warning: format '%s' expects argument of type 'char *', but argument 3 has type 'long unsigned int' [-Wformat=]
asprintf(&b->address, UNIX_USER_BUS_FMT, (unsigned long) getuid());
Simon Peeters [Sat, 4 Jan 2014 01:35:27 +0000 (02:35 +0100)]
strv: multiple cleanups
- turn strv_merge into strv_extend_strv.
appending strv b to the end of strv a instead of creating a new strv
- strv_append: remove in favor of strv_extend and strv_push.
- strv_remove: write slightly more elegant
- strv_remove_prefix: remove unused function
- strv_overlap: use strv_contains
- strv_printf: STRV_FOREACH handles NULL correctly
David Herrmann [Sun, 5 Jan 2014 12:59:12 +0000 (13:59 +0100)]
TODO: extend login capability note
We cannot remove CAP_SYS_ADMIN, which basically makes removing all other
capabilities useless. Anyhow, still wouldn't hurt checking whether stuff
like CAP_KILL can be dropped from logind.
Stefan Beller [Fri, 3 Jan 2014 19:33:21 +0000 (20:33 +0100)]
Update .mailmap file
This commit updates email addresses of people, who are already in the
.mailmap file, so I'd assume they have sorted out their viewpoint on
privacy within the .mailmap file.
The entries for this commit have been produced using:
# Finding out duplicates by comparing email addresses:
git shortlog -sne |awk '{ print $NF }' |sort |uniq -d
# Finding out duplicates by comparing names:
git shortlog -sne |awk '{ NF--; $1=""; print }' |sort |uniq -d
struct sd_rtnl_message would keep two additional pointers into the hdr
field. Every time hdr was realloced, those pointers should be adjusted,
but weren't. It seems less error-prone to keep offsets instead.
bus: break reference cycle between bus and messages
Because messages in the read and write queues hold a reference on the
bus, and the bus holds a reference on each of them, we would never
free the bus if the read or write queues were not empty. Explicitly
substract the number of messages in those queue from the bus reference
count when deciding whether to free or not.
A simple test which creates and unrefs simple objects is added.
core/manager: print info about interesting signals
Information about signals which are not routinely received by systemd
are printed at info level. This should make it easier to see what is
happening in the system.
Tom Gundersen [Wed, 1 Jan 2014 14:16:34 +0000 (15:16 +0100)]
networkd: add DHCPv4 support
This adds basic DHCPv4 support. Link-sense is enabled unconditionally,
but the plan is to make that configurable.
I tested this in a VM with lots of NICs and over wifi in the various
coffee shops I found this Christmas, but more testing would definitely
be appreciated.
Tom Gundersen [Wed, 1 Jan 2014 14:16:10 +0000 (15:16 +0100)]
networkd: distinguish between static and dynamic addresses/routes
Static addresses/routes are associated with a network. Dynamic
addresses/routes are associtade with links (as the corresponding network
may be shared by several links).
GREEDY_REALLOC needs to have two size variables: one for the
allocated size, and a second one for the used size. Using
the allocated size only lead to leaving some elements unitialized
and assigning some more than once.
Before 34a3baa4d 'sleep-config: Dereference pointer before check for NULL'
oom conditions would not be detected properly. After that commit, a double
free was performed.
Rework the whole function to be easier to understand, and also replace
strv_split_nulstr with strv_new, since we know the strings anyway.
Stefan Beller [Mon, 30 Dec 2013 16:43:52 +0000 (17:43 +0100)]
sleep-config: Dereference pointer before check for NULL
This fixes a bug pointed out by http://css.csail.mit.edu/stack/
(Optimization-unstable code)
It is a similar fix as f146f5e159 (2013-12-30, core:
Forgot to dereference pointer when checking for NULL)
To explain this bug consider the following similar, but simpler code:
if (!p)
free(*p)
Assume the if condition evaluates to true, then we will access *p,
which means the compiler can assume p is a valid pointer, so it could
dereference p and use the value *p.
Assuming p as a valid pointer, !p will be false.
But initally we assumed the condition evaluates to true.
By this reasoning the optimizing compiler can deduce, we have dead code.
("The if will never be taken, as *p must be valid, because otherwise
accessing *p inside the if would segfault")
This led to an error message of the static code checker, so I checked the
code in question.
As we access *modes and *states before the check in the changed line of
this patch, I assume the line to be wrong and we actually wanted to check
for *modes and *states being both non null.
Stefan Beller [Sun, 29 Dec 2013 23:09:56 +0000 (00:09 +0100)]
bootchart: Remove unneeded check for NULL
Directly before the changed line there is:
while ((parent->next_ps && parent->pid != ps->ppid))
parent = parent->next_ps;
which looks one element ahead of the list, hence we can rely on parent
being non null here.
If 'parent' were NULL at that while loop already, it would crash as we're
dereferencing 'parent' when checking for next_ps already.
Signed-off-by: Stefan Beller <stefanbeller@googlemail.com>
The return value of 0 would be treated as failure by mistake,
resulting in " SystemError: error return without exception set".
The way that set_error() is used is changed to be the same
everywhere.
scan-build is a static analyzer in llvm. As ususal static analyzers
tend to mostly find theoretical bugs in software that has been in
production for a while. For in-development code it can be useful to
check if new issues is added as there is a chance to spot real problems
before release. For systemd we are now down to 297 issues - the vast
majority are false positives because the tool does not understand the
cleanup attribute.
Running clang's static analyzer scan-build is a bit messy. You have to
run both configure and make "inside" the build-scan tool. To have an
easy shortcut from autogen.sh I thus call both directly from it. This
makes it different from the other options in autogen.sh. I chose 's'
for static analysis.
scan-build is in the package clang-analyzer on fedora.
For a while I have been cleaning up warnings when building with clang.
There are currently only two sources of warnings left: Wcast-align and Wgnu.
I am not convinced that fixing up those up is feasible so I run with them
disabled to spot regressions. E.g. clang is a bit more strict wrt to unused
variables with the cleanup attribute and I have fixed a number of those since.
Like the other options in autogen.sh I have a shortcut for clang as well. I use
'l' for llvm.
Lubomir Rintel [Fri, 6 Dec 2013 13:05:49 +0000 (14:05 +0100)]
selinux: Check access vector for enable/disable perm for each unit file
SELinux check will be done using the context of the unit file as as a
target instead of the default init_t context, allowing selinux control
on the level of individual units.