Susant Sahani [Mon, 20 Nov 2017 16:50:48 +0000 (22:20 +0530)]
networkd: Set RoutingPolicyRule in link_configure (#7235)
The RoutingPolicyRules are not added when we are calling from set_address
the link->message++ and link->message-- never reaches to zero in the callback function
resulting routes are never gets added.
meson: add -Wimplicit-fallthrough=3 to compilation options (#7393)
At some point before gcc-7 was released, -Wimplicit-fallthrough=3 was included
in -Wextra. The documentation for gcc-7.2.1-2.fc27.x86_64 still says that, but
empirical testing shows that it's not. The documentation also misstates that
-Wimplicit-fallthrough is equivalent to -Wimplicit-fallthrough=3.
Let's add -Wimplicit-fallthrough=3 explicitly to get the warnings if we regress.
This little new command can parse, validate, normalize calendar events,
and calculate when they will elapse next. This should be useful for
anyone writing calendar events and who'd like to validate the expression
before running them as timer units.
Yu Watanabe [Sun, 19 Nov 2017 16:00:34 +0000 (01:00 +0900)]
core/swap: load() should fail when neither of corresponding unit file nor /proc/swap entry does not exist
It is not necessary to label as loaded to a swap unit when neither of
corresponding unit file nor entry in /proc/swap does not exist.
This makes swap_load() to fail such a case.
Yu Watanabe [Sun, 19 Nov 2017 07:45:35 +0000 (16:45 +0900)]
core/automount: load() should fail when the unit file does not exist
It is not necessary to label as loaded to automount unit when its unit
file does not exist. So, let's make automount_load() to fail when the
unit file does not exist.
Add license headers and SPDX identifiers to meson.build files
So far I avoided adding license headers to meson files, but they are pretty
big and important and should carry license headers like everything else.
I added my own copyright, even though other people modified those files too.
But this is mostly symbolic, so I hope that's OK.
Add SPDX license identifiers to source files under the LGPL
This follows what the kernel is doing, c.f.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5fd54ace4721fc5ce2bb5aef6318fcf17f421460.
In principle we shouldn't merge this until after 4.15 is released, but the
chances of a revert upstream are low, and in that unlikely scenario we can just
revert this patch, it's a trivial documentation update after all.
systemctl: make sure the kernel is loaded before kexec'ing
We just load the same kernel that would be loaded by default by sd-boot, with
the same options. Changing the kernel or initramfs or options is left for
later.
Now we will refuse to continue if loading fails. This makes 'systemctl kexec'
more predictable: it will not fall back to normal reboot if the kernel is
not loaded.
core: never apply first boot presets in the initrd
Presets are useful to initialize uninitialized /etc, but that doesn't
apply to the initrd.
Also, let's rename etc_empty → first_boot. After all, the variable
doesn't actually reflect whether /etc is really empty, it just reflects
whether /etc/machine-id existed originally or not. Moreover, we later on
directly initialize manager_set_first_boot() from it, hence let's just
name it the same way all through the codepath, to make this all less
confusing.
This function is really not a method of the Manager object (implemented
in manager.c), but just a helper in main.c. Hence let's not confusingly
name it the way methods are called.
Already, path_is_safe() refused paths container the "." dir. Doing that
isn't strictly necessary to be "safe" by most definitions of the word.
But it is necessary in order to consider a path "normalized". Hence,
"path_is_safe()" is slightly misleading a name, but
"path_is_normalize()" is more descriptive, hence let's rename things
accordingly.
core: don't allow DefaultStandardOutput= be set to socket/fd:/file:
These three settings only make sense within the context of actual unit
files, hence filter this out when applied to the per-manager default,
and generate a log message about it.
core: add support for StandardInputFile= and friends
These new settings permit specifiying arbitrary paths as
stdin/stdout/stderr locations. We try to open/create them as necessary.
Some special magic is applied:
1) if the same path is specified for both input and output/stderr, we'll
open it only once O_RDWR, and duplicate them fd instead.
2) If we an AF_UNIX socket path is specified, we'll connect() to it,
rather than open() it. This allows invoking systemd services with
stdin/stdout/stderr connected to arbitrary foreign service sockets.
core: fold property_get_input_fdname() and property_get_output_fdname() into one
property_get_output_fdname() already had two different control flows for
stdout and stderr, it might as well handle stdin too, thus shortening
our code a bit.
bus-unit-util: drop #ifdef HAVE_SECCOMP from bus client side
Whether seccomp is supported or not is a server implementation detail,
the client should not be altered by that, and clients should be able to talk
to servers configured differently than the client, hence drop the
HAVE_SECCOMP ifdeffery here.
(This would be different if we'd need libseccomp or so to implement the
client, but we don't)
core: add two new unit file settings: StandardInputData= + StandardInputText=
Both permit configuring data to pass through STDIN to an invoked
process. StandardInputText= accepts a line of text (possibly with
embedded C-style escapes as well as unit specifiers), which is appended
to the buffer to pass as stdin, followed by a single newline.
StandardInputData= is similar, but accepts arbitrary base64 encoded
data, and will not resolve specifiers or C-style escapes, nor append
newlines.
This may be used to pass input/configuration data to services, directly
in-line from unit files, either in a cooked or in a more raw format.
hexdecoct: slightly extend the unbase64mem() API and related
If the string length is specified as (size_t) -1, let's use that as
indicator for determining the length on our own. This makes it
slightlier shorter to invoke these APIs for a very common case.
Also, do some minor other coding style updates, and add assert()s here
and there.
Mostly coding style fixes, but most importantly, initialize
c->std_input only after we know the free_and_strdup() invocation
succeeded, so that we don't leave half-initialized fields around on
failure.
execute: check whether we are actually on a TTY before doing TIOCSCTTY
Given that Linux assigns the same ioctl numbers ot multiple subsystems,
we should be careful when invoking ioctls, so that we don't end up
calling something we wouldn't want to call.
fd-util: add new helper move_fd() and make use of it
We are using the same pattern at various places: call dup2() on an fd,
and close the old fd, usually in combination with some O_CLOEXEC
fiddling. Let's add a little helper for this, and port a few obvious
cases over.
nspawn: make recursive chown()ing logic safe for being aborted in the middle
We currently use the ownership of the top-level directory as a hint
whether we need to descent into the whole tree to chown() it recursively
or not. This is problematic with the previous chown()ing algorithm, as
when descending into the tree we'd first chown() and then descend
further down, which meant that the top-level directory would be chowned
first, and an aborted recursive chowning would appear on the next
invocation as successful, even though it was not. Let's reshuffle things
a bit, to make the re-chown()ing safe regarding interruptions:
a) We chown() the dir we are looking at last, and descent into all its
children first. That way we know that if the top-level dir is
properly owned everything inside of it is properly owned too.
b) Before starting a chown()ing operation, we mark the top-level
directory as owned by a special "busy" UID range, which we can use to
recognize whether a tree was fully chowned: if it is marked as busy,
it's definitely not fully chowned, as the busy ownership will only be
fixed as final step of the chowning.
fs-util: add access_fd() which is like access() but for fds
Linux doesn't have faccess(), hence let's emulate it. Linux has access()
and faccessat() but neither allows checking the access rights of an fd
passed in directly.
Yu Watanabe [Fri, 17 Nov 2017 09:04:25 +0000 (18:04 +0900)]
core/cgroup: assigning empty string to Delegate= resets list of controllers (#7336)
Before this, assigning empty string to Delegate= makes no change to the
controller list. This is inconsistent to the other options that take list
of strings. After this, when empty string is assigned to Delegate=, the
list of controllers is reset. Such behavior is consistent to other options
and useful for drop-in configs.