While looking at our exit() invocations I noticed that the mtd_probe
stuff uses 'exit(-1)' at various places, which is not really a good
idea, as exit codes of processes on Linux are supposed to be in the
range of 0…255.
This patch cleans that up a bit, and fixes a number of other things:
1. Let's always let main() exit, nothing intermediary. We generally
don't like code that invokes exit() on its own.
2. Close the file descriptors opened.
3. Some logging for errors is added, mostly on debug level.
Please review this with extra care. As I don't have the right hardware
to test this patch I only did superficial testing.
```
test_bridge_init (__main__.BridgeTest) ... ok
test_bridge_port_priority (__main__.BridgeTest) ... ok
test_bridge_port_priority_set_zero (__main__.BridgeTest)
It should be possible to set the bridge port priority to 0 ... ok
test_bridge_port_property (__main__.BridgeTest)
Test the "[Bridge]" section keys ... ok
Mikhail Kasimov [Thu, 10 May 2018 16:58:12 +0000 (19:58 +0300)]
man: journal-gatewayd.service: links on {rem,upl}
While set of systemd-journal-{gatewayd,remote,upload}.service services presents single subsystem on journald logs network transmission, systemd-journal-gatewayd.service description should also contain links to other parts of this subsystem: systemd-journal-remote.service and systemd-journal-upload.service.
Github now has issue templates in the web interface, and allows
more than one to be specified. Let's split our single template
in two: bug report and RFE.
While service type is mentioned (is a oneshot system service), link on systemd.service is added. 'See Also' section is also updated with link on systemd.service man-page.
Mikhail Kasimov [Thu, 10 May 2018 03:15:55 +0000 (06:15 +0300)]
man: systemd-escape: add missed short keys (#8944)
Added short keys -u and -m for --unescape and --mangle respectively. These short keys are present in systemd-escape --help output and are absent in man systemd-escape page.
conf-parser: accept trailing backslash at the end of the file (#8941)
This makes it behave the same whether there is a blank line or not at
the end of the file. This is also consistent with the behavior of the
shell on a shell script that ends on a trailing backslash at the last
line.
Added tests to test_config_parse(), which only pass if the corresponding
change to config_parse() is included.
Mikhail Kasimov [Thu, 10 May 2018 00:18:59 +0000 (03:18 +0300)]
add journal-upload.conf refentrytitle (#8942)
Add journal-upload.conf refentrytitle to have the same format to systemd-journal-remote.service description, which contains refentrytitle on journal-remote.conf in 'See Also' section.
We can jump to chase_one from two places. In the first 'todo' is set to
'buffer', which comes from path_make_absolute_cwd() and is nonnull In the
second 'todo' is set to 'joined' which is checked to be nonull a few lines
above the jump. So let's kill the code that deals with null todo there.
meson: recompile all sources for install_libudev_static and install_libsystemd_static
This means that when those targets are built, all the sources are built again,
instead of reusing the work done to create libbasic.a and other convenience static
libraries. It would be nice to not do this, but there seems to be no support in
our toolchain for joining multiple static libraries into one. When linking
a static library, any -l arguments are simply ignored by ar/gcc-ar, and .a
libraries given as positional arguments are copied verbatim into the archive
so they objects in them cannot be accessed.
https://stackoverflow.com/questions/2157629/linking-static-libraries-to-other-static-libraries
suggests either unzipping all the archives and putting them back togather,
or using a linker script. Unzipping and zipping back together seems ugly.
The other option is not very nice. The linker script language does not
allow "+" to appear in the filenames, and filenames that meson generates
use that, so files would have to be renamed before a linker script was used.
And we would have to generate the linker script on the fly. Either way, this
doesn't seem attractive. Since those static libraries are a niche use case,
it seems reasonable to just go with the easiest and safest solution and
recompile all the source files. Thanks to ccache, this is probably almost as
cheap as actually reusing the convenience .a libraries.
test-libsystemd-sym.c and test-libudev-sym.c compile fine with the generated
static libs, so it seems that they indeed provide all the symbols they should.
When multiple configuration file groups are shown together (e.g.
systemd-analyze cat-config systemd/system.conf systemd/user.conf), it's nice
to separate them visually.
I tried first to write a line of spaces and underline that. This does not look
too good, because the line is too low. Then I tried a block of blue-background
spaces. In this version, there are two lines, one is full of spaces and
underlined, so visually we get an empty line in the middle.
I then tried underlining the last line of the previous file. This does not look
right, unless the line is full width, i.e. unless spaces are written out until
the end of the line. But when those spaces are added, it's not clear if they
were part of the original file or not. Here, the spaces are between groups, so
it seems less likely that somebody will mistake those spaces for part of the
configuration file.
UserClass=
A DHCPv4 client can use UserClass option to identify the type or category of user or applications
it represents. The information contained in this option is an string that represents the user class
of which the client is a member. Each class sets an identifying string of information to be used by the DHCP service to classify clients. Takes a whitespace-separated list.
namespace: extend list of masked files by ProtectKernelTunables=
This adds a number of entries nspawn already applies to regular service
namespacing too. Most importantly let's mask /proc/kcore and
/proc/kallsyms too.
nspawn: move nspawn cgroup hierarchy one level down unconditionally
We need to do this in all cases, including on cgroupsv1 in order to
ensure the host systemd and any systemd in the payload won't fight for
the cgroup attributes of the top-level cgroup of the payload.
This is because systemd for Delegate=yes units will only delegate the
right to create children as well as their attributes. However, nspawn
expects that the cgroup delegated covers both the right to create
children and the attributes of the cgroup itself. Hence, to clear this
up, let's unconditionally insert a intermediary cgroup, on cgroupsv1 as
well as cgroupsv2, unconditionally.
This is also nice as it reduces the differences in the various setups
and exposes very close behaviour everywhere.
Let's not make /run too special and let's make sure the source file is
not guessable: let's use our regular temporary file helper calls to
create the source node.
nspawn: lock down a few things in /proc by default
This tightens security on /proc: a couple of files exposed there are now
made inaccessible. These files might potentially leak kernel internals
or expose non-virtualized concepts, hence lock them down by default.
Moreover, a couple of dirs in /proc that expose stuff also exposed in
/sys are now marked read-only, similar to how we handle /sys.
The list is taken from what docker/runc based container managers
generally apply, but slightly extended.
mount-setup: add a comment that the character/block device nodes are "optional" (#8893)
if we lack privs to create device nodes that's fine, and creating
/run/systemd/inaccessible/chr or /run/systemd/inaccessible/blk won't
work then. Document this in longer comments.
test: don't send image building output to /dev/null (#8886)
Yes, the output is sometimes annyoing, but /dev/null is not the right
place...
I figure this redirection was left in from some debugging session, let's
fix it, and make the setup_basic_environment invocation like in all
other test scripts.
projects / thirdparty / systemd.git / log
