pam_systemd: do not set XDG_RUNTIME_DIR if the session's original user is not the same as the newly logged in one
It's better not to set any XDG_RUNTIME_DIR at all rather than one of a
different user. So let's do this.
This changes the bus call parameters of CreateSession(), but that is
explicitly an internal API hence should be fine. Note however, that a
logind restart (the way the RPM postinst scriptlets do it) is necessary
to make things work again.
Yin Kangkai [Mon, 25 Nov 2013 15:14:46 +0000 (23:14 +0800)]
conf-parser: fix memory realloc error
Otherwise there is some memory corruption and undefined behavior,
e.g., in my case systemd-udev was always aborted at the
_cleanup_freep_ around that code blocks.
swap: always track the current real device node of all swap devices, even when not active
This way, we can avoid executing two /bin/swapon jobs to be dispatched
for the same swap device if it is configured for two different paths.
Previously we were just tracking the device nodes of active swap
devices, which would not allow us to recognize the identity of two swap
devices before they are active.
Tom Gundersen [Tue, 19 Nov 2013 15:17:55 +0000 (16:17 +0100)]
conf-parser: distinguish between multiple sections with the same name
Pass on the line on which a section was decleared to the parsers, so they
can distinguish between multiple sections (if they chose to). Currently
no parsers take advantage of this, but a follow-up patch will do that
to distinguish
Tom Gundersen [Mon, 25 Nov 2013 00:33:04 +0000 (01:33 +0100)]
udev: net_setup_link - don't use Description as Alias
Use Description only internally, and allow Alias to be set
as a separate option. For instance SNMP uses ifalias for
a specific purpose, so let's not write to it by default.
Lukasz Skalski [Fri, 22 Nov 2013 13:44:45 +0000 (14:44 +0100)]
macro: fix problem with __LINE__ macro expansion
David:
I already applied a fix for that, but this patch definitely looks nicer. I
changed CONCATENATE_HELPER() -> XCONCATENATE() similar to XSTRINGIFY and
added the UNIQUE() helper.
All calls that set a sd_bus_error structure will now return the same
error converted to a negative errno. This may be used as syntactic sugar
to return from a function and setting a bus_error structure in one go.
Also, translate all Linux Exyz (EIO, EINVAL, EUCLEAN, EPIPE, ...)
automatically into counterparts in the (new) "Posix.Error." namespace.
If we fail to allocate memory for the components of a sd_bus_error
automatically reset it to an OOM error which we always can write.
bus: rework message handlers to always take an error argument
Message handler callbacks can be simplified drastically if the
dispatcher automatically replies to method calls if errors are returned.
Thus: add an sd_bus_error argument to all message handlers. When we
dispatch a message handler and it returns negative or a set sd_bus_error
we send this as message error back to the client. This means errors
returned by handlers by default are given back to clients instead of
rippling all the way up to the event loop, which is desirable to make
things robust.
As a side-effect we can now easily turn the SELinux checks into normal
function calls, since the method call dispatcher will generate the right
error replies automatically now.
Also, make sure we always pass the error structure to all property and
method handlers as last argument to follow the usual style of passing
variables for return values as last argument.
Daniel Mack [Thu, 21 Nov 2013 19:26:10 +0000 (20:26 +0100)]
src/core/selinux-access: #include <sys/socket.h>
Fixes the following build errors on Fedora 20:
CC src/core/libsystemd_core_la-selinux-access.lo
src/core/selinux-access.c: In function 'get_audit_data':
src/core/selinux-access.c:245:22: error: storage size of 'ucred' isn't known
struct ucred ucred;
^
src/core/selinux-access.c:259:9: warning: implicit declaration of function 'getsockopt' [-Wimplicit-function-declaration]
r = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &len);
^
src/core/selinux-access.c:259:28: error: 'SOL_SOCKET' undeclared (first use in this function)
r = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &len);
^
src/core/selinux-access.c:259:28: note: each undeclared identifier is reported only once for each function it appears in
src/core/selinux-access.c:259:40: error: 'SO_PEERCRED' undeclared (first use in this function)
r = getsockopt(fd, SOL_SOCKET, SO_PEERCRED, &ucred, &len);
^
src/core/selinux-access.c:245:22: warning: unused variable 'ucred' [-Wunused-variable]
struct ucred ucred;
^
make[2]: *** [src/core/libsystemd_core_la-selinux-access.lo] Error 1
make[1]: *** [all-recursive] Error 1
make: *** [all] Error 2
Tom Gundersen [Thu, 21 Nov 2013 14:30:08 +0000 (15:30 +0100)]
networkd: don't filter on udev tags
This removed the requirement for devices to be tagged with
'systemd-networkd' before they will be visible to networkd.
Still, as by default we don't ship any .network files, network
devices will simply be tracked, but not touched, unless the
admin configures things explicitly.