/* Contains start and exit information about an executed command. */
struct ExecStatus {
- pid_t pid;
dual_timestamp start_timestamp;
dual_timestamp exit_timestamp;
+ pid_t pid;
int code; /* as in siginfo_t::si_code */
int status; /* as in sigingo_t::si_status */
};
struct rlimit *rlimit[_RLIMIT_MAX];
char *working_directory, *root_directory, *root_image;
- bool working_directory_missing_ok;
- bool working_directory_home;
+ bool working_directory_missing_ok:1;
+ bool working_directory_home:1;
+
+ bool oom_score_adjust_set:1;
+ bool nice_set:1;
+ bool ioprio_set:1;
+ bool cpu_sched_set:1;
+
+ /* This is not exposed to the user but available internally. We need it to make sure that whenever we
+ * spawn /usr/bin/mount it is run in the same process group as us so that the autofs logic detects
+ * that it belongs to us and we don't enter a trigger loop. */
+ bool same_pgrp;
+
+ bool cpu_sched_reset_on_fork;
+ bool non_blocking;
mode_t umask;
int oom_score_adjust;
int cpu_sched_policy;
int cpu_sched_priority;
- cpu_set_t *cpuset;
unsigned cpuset_ncpus;
+ cpu_set_t *cpuset;
ExecInput std_input;
ExecOutput std_output;
ExecOutput std_error;
+ bool stdio_as_fds;
char *stdio_fdname[3];
char *stdio_file[3];
nsec_t timer_slack_nsec;
- bool stdio_as_fds;
-
char *tty_path;
bool tty_reset;
bool ignore_sigpipe;
+ ExecKeyringMode keyring_mode;
+
/* Since resolving these names might involve socket
* connections and we don't want to deadlock ourselves these
* names are resolved on execution only and in the child
char *utmp_id;
ExecUtmpMode utmp_mode;
- bool selinux_context_ignore;
- char *selinux_context;
+ bool no_new_privileges;
+ bool selinux_context_ignore;
bool apparmor_profile_ignore;
- char *apparmor_profile;
-
bool smack_process_label_ignore;
- char *smack_process_label;
- ExecKeyringMode keyring_mode;
+ char *selinux_context;
+ char *apparmor_profile;
+ char *smack_process_label;
char **read_write_paths, **read_only_paths, **inaccessible_paths;
unsigned long mount_flags;
int secure_bits;
int syslog_priority;
- char *syslog_identifier;
bool syslog_level_prefix;
-
- int log_level_max;
+ char *syslog_identifier;
struct iovec* log_extra_fields;
size_t n_log_extra_fields;
usec_t log_rate_limit_interval_usec;
unsigned log_rate_limit_burst;
- bool cpu_sched_reset_on_fork;
- bool non_blocking;
+ int log_level_max;
+
bool private_tmp;
bool private_network;
bool private_devices;
bool private_users;
bool private_mounts;
- ProtectSystem protect_system;
- ProtectHome protect_home;
bool protect_kernel_tunables;
bool protect_kernel_modules;
bool protect_control_groups;
+ ProtectSystem protect_system;
+ ProtectHome protect_home;
+ bool protect_hostname;
bool mount_apivfs;
- bool no_new_privileges;
-
bool dynamic_user;
bool remove_ipc;
- /* This is not exposed to the user but available
- * internally. We need it to make sure that whenever we spawn
- * /usr/bin/mount it is run in the same process group as us so
- * that the autofs logic detects that it belongs to us and we
- * don't enter a trigger loop. */
- bool same_pgrp;
+ bool memory_deny_write_execute;
+ bool restrict_realtime;
- unsigned long personality;
bool lock_personality;
+ unsigned long personality;
unsigned long restrict_namespaces; /* The CLONE_NEWxyz flags permitted to the unit's processes */
int syscall_errno;
bool syscall_whitelist:1;
- Set *address_families;
bool address_families_whitelist:1;
-
- ExecPreserveMode runtime_directory_preserve_mode;
- ExecDirectory directories[_EXEC_DIRECTORY_TYPE_MAX];
-
- bool memory_deny_write_execute;
- bool restrict_realtime;
- bool protect_hostname;
-
- bool oom_score_adjust_set:1;
- bool nice_set:1;
- bool ioprio_set:1;
- bool cpu_sched_set:1;
+ Set *address_families;
char *network_namespace_path;
+
+ ExecDirectory directories[_EXEC_DIRECTORY_TYPE_MAX];
+ ExecPreserveMode runtime_directory_preserve_mode;
};
static inline bool exec_context_restrict_namespaces_set(const ExecContext *c) {
struct node_callback {
struct node *node;
- bool is_fallback;
- sd_bus_message_handler_t callback;
-
+ bool is_fallback:1;
unsigned last_iteration;
+ sd_bus_message_handler_t callback;
+
LIST_FIELDS(struct node_callback, callbacks);
};
struct node_vtable {
struct node *node;
+ bool is_fallback:1;
+ unsigned last_iteration;
+
char *interface;
- bool is_fallback;
const sd_bus_vtable *vtable;
sd_bus_object_find_t find;
- unsigned last_iteration;
-
LIST_FIELDS(struct node_vtable, vtables);
};
struct sd_bus_slot {
unsigned n_ref;
- sd_bus *bus;
- void *userdata;
- sd_bus_destroy_t destroy_callback;
BusSlotType type:5;
/* Slots can be "floating" or not. If they are not floating (the usual case) then they reference the bus object
bool floating:1;
bool match_added:1;
+
+ sd_bus *bus;
+ void *userdata;
+ sd_bus_destroy_t destroy_callback;
+
char *description;
LIST_FIELDS(sd_bus_slot, slots);
bool connected_signal:1;
bool close_on_exit:1;
- int use_memfd;
+ int use_memfd:2;
void *rbuffer;
size_t rbuffer_size;
union sockaddr_union sockaddr;
socklen_t sockaddr_size;
- char *machine;
pid_t nspid;
+ char *machine;
sd_id128_t server_id;
int last_connect_error;
enum bus_auth auth;
- size_t auth_rbegin;
- struct iovec auth_iovec[3];
unsigned auth_index;
+ struct iovec auth_iovec[3];
+ size_t auth_rbegin;
char *auth_buffer;
usec_t auth_timeout;
char *exec_path;
char **exec_argv;
- unsigned iteration_counter;
-
/* We do locking around the memfd cache, since we want to
* allow people to process a sd_bus_message in a different
* thread then it was generated on and free it there. Since
pid_t original_pid;
pid_t busexec_pid;
+ unsigned iteration_counter;
+
sd_event_source *input_io_event_source;
sd_event_source *output_io_event_source;
sd_event_source *time_event_source;
sd_event *event;
int event_priority;
+ pid_t tid;
+
sd_bus_message *current_message;
sd_bus_slot *current_slot;
sd_bus_message_handler_t current_handler;
void *current_userdata;
sd_bus **default_bus_ptr;
- pid_t tid;
char *description;
char *patch_sender;