If some sleep operation was not possible (e.g. because swap is missing),
we would try twice: once through logind, which would result in a clean error:
Failed to execute operation: Sleep verb not supported
and then second time by starting the appropriate unit directly, which is
more messy. If logind tells us that something is not possible (or already
in progress), report that to the user and quit. If logind is present and working
we should not try to work around it.
Loosely based on https://bugs.freedesktop.org/show_bug.cgi?id=87832.
bus: replace ENOSYS return codes with EBADR/ENOTSUP
ENOSYS is used to signify compiled-out functionality. Using it for
different kinds of error is misleading.
For BUS_ERROR_SLEEP_VERB_NOT_SUPPORTED, logind-action.c uses ENOTSUP
already, so changing it to ENOTSUP makes the dbus and action paths
behave the same.
David Herrmann [Tue, 30 Dec 2014 10:37:35 +0000 (11:37 +0100)]
bus: add sd_bus_emit_object_{added/removed}()
This implements two new helpers, discussed on systemd-devel about 1 year
ago:
sd_bus_emit_object_added()
sd_bus_emit_object_removed()
Both calls are equivalent to their respective counterpart
sd_bus_emit_interfaces_{added/removed}(), but can figure out the list of
interfaces themselves, instead of requiring the caller to provide them.
Furthermore, both calls properly deal with builtin interfaces provided via
org.freedesktop.DBus.* and alike.
Both calls simply traverse a node and all its parent nodes to figure out a
list of all interfaces registered as vtable or fallback. It then appends
each of them, similar to the interfaces_{added/removed}() helpers.
Note that interfaces_{added/removed}() runs a parent traversal for *each*
passed interface. Therefore, it can simply bail out, once it found a
parent node that implements a given interface.
With object_{added/removed}() we cannot know the registered interfaces in
advance, thus, we cannot run one traversal per node. Instead, we run a
single traversal and remember all interfaces that we added. Therefore, a
child-interface overrides all conflicting parent-interfaces. We keep a
"Set *s" context to track those while climbing up the tree.
David Herrmann [Tue, 30 Dec 2014 08:09:41 +0000 (09:09 +0100)]
bus: fix capabilities on big-endian
The kernel provides capabilities as a u32 array, sd-bus uses an u8 array.
This works fine on little-endian as both are encoded the same way.
However, this fails on big-endian if we do not perform sufficient
byte-swapping on each u32 entry.
This patch makes sd-bus use u32, too. We avoid changing any kernel
provided data so we can keep pointing into kdbus pool buffers which
contain u32 arrays.
David Herrmann [Tue, 30 Dec 2014 07:42:53 +0000 (08:42 +0100)]
bus: drop creds->capability_size
The number of available caps can be read from
/proc/sys/kernel/cap_last_cap during runtime. Our helper cap_last_cap()
does that, so there's no reason to remember the size of any capability
cache. We can just pre-allocate arrays with a suitable size for all
available caps and reject any higher caps.
The kernel capability API uses u32 as base so make sure we do the same.
Note that this is specified by POSIX, so it's unlikely to change.
David Herrmann [Mon, 29 Dec 2014 16:51:36 +0000 (17:51 +0100)]
macro: add DIV_ROUND_UP()
This macro calculates A / B but rounds up instead of down. We explicitly
do *NOT* use:
(A + B - 1) / A
as it suffers from an integer overflow, even though the passed values are
properly tested against overflow. Our test-cases show this behavior.
Instead, we use:
A / B + !!(A % B)
Note that on "Real CPUs" this does *NOT* result in two divisions. Instead,
instructions like idivl@x86 provide both, the quotient and the remainder.
Therefore, both algorithms should perform equally well (I didn't verify
this, though).
We actually want to allow shutting down containers that use
RegisterMachine() rather than CreateMachine() to register their own
unit. It should be safe to do so, since the primary usecase for
RegisterMachine() are container managers that run only a single
container within their own unit, such as systemd-nspawn.
Tom Gundersen [Sun, 28 Dec 2014 12:38:23 +0000 (13:38 +0100)]
core: loopback - simplify check_loopback()
We no longer configure the addresses on the loopback interface, but simply bring it up
and let the kernel do the rest. Also change the check to only check if the interface
is up, rather than checking for the IPv4 loopback address.
In test_raw_clone, make sure the cloned thread calls _exit() and in the parent
thread call waitpid(..., __WCLONE) to wait for the child thread to terminate,
otherwise there is a race condition where the child thread will log to the
console after the test process has already exited and the assertion from the
child thread might not be enforced.
The absence of this patch might also create problems for other tests that would
be added after this one, since potentially both parent and child would run
those tests as the child would continue running.
Tested by confirming that the logs from the child are printed before the test
terminates and that a false assertion in the child aborts the test with a core
dump.
timedated: remove spurious include of <sys/capability.h>
It does not use any functions from libcap directly. The CAP_SYS_TIME constant
in use by this file comes from <linux/capability.h> imported through "missing.h".
Tested that "systemd-timedated" builds cleanly and works after this change.
localed: remove spurious include of <sys/capability.h>
It does not use any functions from libcap directly. The CAP_SYS_ADMIN constant
in use by this file comes from <linux/capability.h> imported through "missing.h".
Tested that "systemd-localed" builds cleanly and works after this change.
bus: remove spurious include of <sys/capability.h>
They do not use any functions from libcap directly. The CAP_SYS_ADMIN constant
in use by bus-objects.c comes from <linux/capability.h> imported through
"missing.h". The "missing.h" header is imported through "util.h" which gets
imported in "bus-util.h".
Tested that everything builds cleanly after this change.
machined: remove spurious include of <sys/capability.h>
They do not use any functions from libcap directly. The CAP_KILL constant in
use by these files comes from <linux/capability.h> imported through
"missing.h".
Tested that "systemd-machined" builds cleanly and works after this change.
hostnamed: remove spurious include of <sys/capability.h>
It does not use any functions from libcap directly. The CAP_SYS_ADMIN constant
in use by this file comes from <linux/capability.h> imported through "missing.h".
Tested that "systemd-hostnamed" builds cleanly and works after this change.
tmpfiles: remove spurious include of <sys/capability.h>
It does not use any functions from libcap directly. The CAP_MKNOD constant in
use by this file comes from <linux/capability.h> imported through "missing.h".
Tested that "systemd-tmpfiles" builds cleanly and works after this change.
logind: remove spurious include of <sys/capability.h>
They do not use any functions from libcap directly. The CAP_* constants in use
through these files come from "missing.h" which will import <linux/capability.h>
and complement it with CAP_* constants not defined by the current kernel
headers. The "missing.h" header is imported through "util.h" which gets
imported in "logind.h".
Tested that "systemd-logind" builds cleanly and works after this change.
nspawn: remove spurious include of <sys/capability.h>
It does not use any functions from libcap directly. The CAP_* constants in use
through this file come from "missing.h" which will import <linux/capability.h>
and complement it with CAP_* constants not defined by the current kernel
headers.
Add an explicit import of our "capability.h" since it does use the function
capability_bounding_set_drop from that header file. Previously, that header was
implicitly imported through through "cap-list.h".
Tested that "systemd-nspawn" builds cleanly and works after this change.
Tested by running a full build, running `make install` and comparing the file
list in the target trees and making sure that `make distcheck` still works.
build-sys: do not use pkgconfig dbus-1.pc to find dbus directories
Do not use the dbus-1.pc pkgconfig settings to determine dbus directories. Use
directories relative to ${sysconfdir} and ${datadir} instead.
This approach was suggested by Simon McVittie in:
http://lists.freedesktop.org/archives/systemd-devel/2014-October/024388.html
Tested by building and installing systemd without the dbus-devel installed.
Without this patch, the dbus files and directories end up in the root of the
filesystem. With this patch, they end up in the same locations as previously
(assuming default ${sysconfdir} and ${datadir}) whether dbus-devel is present
or not. Also made sure that `make check` works without dbus-devel installed.
test: do not use last cap from kernel in test-cap-list
The new test-cap-list introduced in commit 2822da4fb7f891 uses the included
table of capabilities. However, it uses cap_last_cap() which probes the kernel
for the last available capability. On an older kernel (e.g. 3.10 from RHEL 7)
that causes the test to fail with the following message:
Assertion '!capability_to_name(cap_last_cap()+1)' failed at src/test/test-cap-list.c:30, function main(). Aborting.
Fix it by exporting the size of the static table and using it in the test
instead of the dynamic one from the current kernel.
Tested by successfully running ./test-cap-list and the whole `make check` test
suite with this patch on a RHEL 7 host.
projects / thirdparty / systemd.git / log
