Tom Gundersen [Thu, 15 Oct 2015 15:59:10 +0000 (17:59 +0200)]
sd-netlink: refcount multicast groups
Track the number of matches installed for a given multicast group, and leave the
group once no matches depend on it.
In order to handle passed-in sockets that are already members of multicast groups
we initialize the refcount based on the membership once we take over the socket.
This way we will leave the socket in the state we found it once we finish with
it.
On kernels that do not fully support reading out the multicast group membership
we fall back to never leaving any groups (as before).
Sangjung Woo [Wed, 14 Oct 2015 06:57:47 +0000 (15:57 +0900)]
units: add 'smackfsroot=*' option into tmp.mount when SMACK is enabled
If SMACK is enabled, 'smackfsroot=*' option should be specified in
tmp.mount file since many non-root processes use /tmp for temporary
usage. If not, /tmp is labeled as '_' and smack denial occurs when
writing.
compress: return errors without logging, do not fake errno
Logging for compression and decompression is assymetrical on purpose:
if compiled without some type of compression, those compression code
paths should never be invoked. OTOH, it is possible to encounter
unsupported format on decompression, so leave those log_debug statements
in, to make it easier to diagnose stuff.
Tom Gundersen [Wed, 14 Oct 2015 20:22:17 +0000 (22:22 +0200)]
login: suspend - be a bit more explicit when logging
When the Suspend method is called, the only log message we write
(unless debugging is enabled) is "Operation finished.". This is
not very helpful when trying to figure out what is going on, so
add what operation we are talking about to the message:
"Operation 'sleep' finished.".
Hat tip to Daniel Aleksandersen for pointing this out.
Michal Schmidt [Tue, 13 Oct 2015 17:52:06 +0000 (19:52 +0200)]
build: don't link everything to libcap
The intent of the assignments around the check for libcap was obviously
to avoid polluting LIBS. To work properly, LIBS must be restored from
the save_LIBS variable.
The practical effect is small though, because pretty much everything
links with libbasic, which links with CAP_LIBS.
Michal Schmidt [Tue, 13 Oct 2015 14:52:53 +0000 (16:52 +0200)]
build: fix overlinking to libdw
We have two AC_CHECK_LIB checks for libdw. The first one has an empty
action-if-found, so it defaults to adding "-ldw" to LIBS. LIBS are
applied to everything we build. But only systemd-coredump needs libdw.
It already links to ELFUTILS_LIBS correctly in Makefile.am.
Drop the first AC_CHECK_LIB check. The second check is sufficient.
Q: Don't we already use "-Wl,--as-needed" to eliminate overlinking?
A: We do, but it is effective only for executables, not for shared
libraries. This is due to a libtool bug:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=347650
Martin Pitt [Wed, 14 Oct 2015 04:52:41 +0000 (06:52 +0200)]
keymap: Drop keyboard-keys-to-name.h
We don't use that anywhere any more. With the introduction of alias names it
also is not a proper mapping any more as several keys (e. g. KEY_COFFEE and
KEY_SCREENLOCK) have the same numerical mapping.
Martin Pitt [Tue, 13 Oct 2015 16:24:47 +0000 (18:24 +0200)]
keymap: Drop ThinkPad Yoga
The Yoga's firmware sends key events whenever it's being folded or unfolded.
These are thus *not* a button for requesting a screen orientation change, just
an indication that this already happened. Thus they should not be assigned to
"direction", but be ignored. Assigning them to "reserved" does not silence the
"unknown key pressed" kernel warning, so there's no point in maintaining a
mapping here.
But we ignored these when building keyboard-keys-list.txt. Also allow the value
to start with "K" now (for KEY_*), and drop the hardcoded COFFEE → SCREENLOCK
aliasing.
bus-util: change `Default`-chopping to `Limit`-searching
See https://github.com/systemd/systemd/pull/1534#commitcomment-13744013
Actually, thinking about this, maybe it would be nicer to actually look
for "Limit" in the string rather than chopping off a "Default"....
Sounds more generic...
Adding them to the documentation makes it easier to find
the right man page for people who are trying to understand
where some socket in the filesystem is coming from.
If we were given some sockets through socket activation, and audit
socket is not among them, do not try to open it. This way, if the
socket unit is disabled, we will not receive audit events.
Daniel Mack [Mon, 12 Oct 2015 12:44:26 +0000 (14:44 +0200)]
sd-daemon: wipe out memory before using CMSG_NXTHDR()
CMSG_NXTHDR() checks for cmsg->cmsg_len *after* it increased the pointer.
While this makes sense for parsing received messages, that's a pitfall
for code crafting messages with this macro.
Tom Gundersen [Tue, 22 Sep 2015 15:54:27 +0000 (17:54 +0200)]
networkd: address - add hash helpers for Address objects
Add compare_func and hash_func for the Address object. The notion of
address equality is the same as in the kernel, and hashing preserves
preserves equality.
Two addresses are considered equal if:
- they have the same address family, and
- they are neither IPv4 nor IPv6 addresses, or
- the local addresses are identical, and
- they are IPv6 addresses, or
- they have the same prefixlength, and
- their peer prefixes are identical
This fixes a bug in the old equality check, which got the local address
and the peer prefix mixed up.
This converts the stream compression to use the new lz4frame api,
compatible with lz4cat. Previous code used custom headers, so the
compressed file was not compatible with lz4 command line tools.
I considered this the last blocker to using lz4 by default.
Speed seems to be reasonable, although a bit (a few percent) slower
than the lz4 binary, even though compression is the same. I don't
consider this important. It could be caused by the overhead of library
calls, but is probably caused by slightly different buffer sizes or
such. The code in this patch uses mmap, since since this allows the
buffer to be reused while not making the code more complicated at all.
In my testing, this version is noticably faster (~20%) than a naive
single-buffered version. mmap can cause the program to be killed with
SIGBUS, if the underlying file is truncated or a disk error occurs. We
only use this from within coredump and coredumpctl, so I don't
consider this an issue.
Old decompression code is retained and is used if the new code fails
indicating a format error. There have been reports of various smaller
distributions using previous lz4 code, i.e. the old format, and it is
nice to provide backwards compatibility. We can remove the legacy code
in a few versions.
The way that blobs are compressed in the journal is not affected.