summaryrefslogtreecommitdiffstats
path: root/src/home (follow)
Commit message (Collapse)AuthorAgeFilesLines
* meson: enable -Wzero-as-null-pointer-constantMike Yuan2 days2-1/+4
| | | | | Support for C added in gcc 15: https://github.com/gcc-mirror/gcc/commit/236c0829ee21a179c81b83f0d7f112ca23c47a4d
* tree-wide: remove unnecessary gcc >= 7 version checkMike Yuan2 days1-2/+0
| | | | Our baseline is gcc 8.4.
* shared/bus-util: move bus_message_hash_ops to bus-message-utilMike Yuan5 days1-4/+5
|
* homectl: fix minor spelling mistake (#35963)Eaterminer7 days1-1/+1
|
* ask-password-api: add new "hup_fd" field to AskPasswordReqLennart Poettering2025-01-021-0/+4
| | | | | | | | | This new field allows specification of an fd on which the password prompt logic will look for POLLHUP events for, and if seen will abort the query. The usecase for this is that when we query for a pw on behalf of a Varlink client we can abort the query automatically if the client dies.
* ask-password-api: move timeout into AskPasswordRequest structure tooLennart Poettering2025-01-021-5/+7
|
* ask-password-api: move tty_fd into AskPasswordRequest structure, tooLennart Poettering2025-01-021-0/+4
|
* tree-wide: drop inclusion of linux/memfd.hMike Yuan2024-12-241-4/+0
| | | | | | We carry our own definitions in missing_mman.h, and otherwise sys/mman.h is employed. Let's drop the unneeded detection/inclusion of linux/memfd.h hence.
* memfd-util: introduce memfd_new_full() helperLennart Poettering2024-12-171-1/+1
| | | | | | | | | | | This is just like memfd_new(), but allows fine grained control of the sealing flags. This switches over all uses of memfd_new() where we actually want sealing to use memfd_new_full(). This then allows use to use memfd_new() for two further calls, where we previously used the more lowlevel memfd_create_wrapper().
* tree-wide: drop acquire_data_fd_full() helperLennart Poettering2024-12-172-4/+3
| | | | | | | | | | Let's drop support systems lacking memfds, i.e. pre kernel 3.17 systems. This allows us to drastically simplify the "data fd" concept, so far that we can remove it entirely. This replaces acquire_data_fd() with a specialized call to memfd_new_and_seal(), not that memfds can be the only implementation of the concept.
* various: set info on varlink server objectZbigniew Jędrzejewski-Szmek2024-12-101-4/+6
| | | | | | The values that were previously hardcoded in sd-varlink.c are now defined in new varlink_set_info_systemd() and that function is called everywhere where we create a server.
* various: check meson feature flag earlyMike Yuan2024-11-131-23/+18
| | | | Prompted by https://github.com/systemd/systemd/pull/35110#discussion_r1835885340
* uid-classification: properly classify *all* container UIDsLennart Poettering2024-11-091-1/+2
| | | | | | | | | | | | | | | A bit confusingly CONTAINER_UID_BASE_MAX is just the maximum *base* UID for a container. Thus, with the usual 64K UID assignments, the last actual container UID is CONTAINER_UID_BASE_MAX+0xFFFF. To make this less confusing define CONTAINER_UID_MIN/MAX that add the missing extra space. Also adjust two uses where this was mishandled so far, due to this confusion. With this change the UID ranges we default to should properly match what is documented on https://systemd.io/UIDS-GIDS/.
* pam: quiet a spurious debug messageRonan Pigott2024-11-021-4/+4
| | | | | This singular debug message gets printed even if debug is not enabled. Quiet this message when debug is not enabled for consistency.
* homed: Allow user to change parts of their recordAdrian Vovk2024-11-014-16/+38
| | | | | | | | | | This allows an unprivileged user that is active at the console to change the fields that are in the selfModifiable allowlists (introduced in a previous commit) without authenticating as a system administrator. Administrators can disable this behavior per-user by setting the relevant selfModifiable allowlists, or system-wide by changing the policy of the org.freedesktop.home1.update-home-by-owner Polkit action.
* Fix display of qrcodes by bsod and other related cleanups (#34914)Lennart Poettering2024-10-301-1/+1
|\
| * cryptenroll,homectl,journalctl: adjust messages before qrcodesZbigniew Jędrzejewski-Szmek2024-10-301-1/+1
| | | | | | | | | | | | | | | | | | | | Users will generally know what a qrcode is, so let's not treat them as dumb and explain that it can be scanned. OTOH, we should say what the qrcode contains and it is useful to give a hint why the users would want to scan it. Reword messages accordingly. (Also, don't say "to your phone", when somebody might be using a stolen phone, or something else then a phone.)
* | sd-json,tree-wide: add sd_json_format_enabled() and use it everwhereZbigniew Jędrzejewski-Szmek2024-10-281-3/+3
|/ | | | | | | | | | | | | | | | | | | We often used a pattern like if (!FLAGS_SET(flags, SD_JSON_FORMAT_OFF)), which is rather verbose and also contains a double negative, which we try to avoid. Add a little helper to avoid an explicit bit check. This change clarifies an aditional thing: in some cases we treated SD_JSON_FORMAT_OFF as a flag (flags & SD_JSON_FORMAT_OFF), while in other cases we treated it as an independent enum value (flags == SD_JSON_FORMAT_OFF). In the first form, flags like SD_JSON_FORMAT_SSE do _not_ turn the json output on, while in the second form they do. Let's use the first form everywhere. No functional change intended. Initially I wasn't sure if this helper should be made public or just internal, but it seems such a common pattern that if we expose the flags, we might just as well expose it too, to make life easier for any consumers.
* Merge pull request #34679 from DaanDeMeyer/bus-logDaan De Meyer2024-10-091-1/+1
|\ | | | | Various logging improvements
| * bus-util: Log more information when connecting to a bus socket failsDaan De Meyer2024-10-091-1/+1
| | | | | | | | | | Let's log about which bus we're trying to connect to and what transport we're using to do it.
* | tree-wide: drop doubled empty linesYu Watanabe2024-10-075-5/+0
| |
* | homectl: drop unnecessary bracketsYu Watanabe2024-10-071-2/+1
| | | | | | | | Follow-up for 164ca24d7464253e5f8375226b792ef8f6eaffd0.
* | fs-util: rename laccess to access_nofollowMike Yuan2024-10-051-1/+1
| | | | | | | | In order to distinguish it from libc function naming.
* | various: correct laccess() error checkMike Yuan2024-10-041-4/+4
|/ | | | laccess is our own macro that uses RET_NERRNO.
* homectl: fix inverted table footer conditionZbigniew Jędrzejewski-Szmek2024-10-031-1/+1
| | | | Fixup for 2413a0fab4fdad7eef3ce1d4b57664be5795b002.
* homectl: Acquire bus connection after querying for user inputDaan De Meyer2024-10-021-13/+6
| | | | | Otherwise when the user takes a long time to enter input the operation to create the user's home will fail with "transport endpoint not connected".
* home: Prompt for shell in homectl firstbootDaan De Meyer2024-10-021-0/+39
|
* home: Prompt for auxiliary groups in homectl firstbootDaan De Meyer2024-10-021-0/+132
|
* json: add json_dispatch_const_user_group_name()Lennart Poettering2024-10-011-10/+11
| | | | | | | | | | | | | | | | | | This is the same as json_dispatch_user_group_name() but fills in the string as "const char*" to the JSON field. Or in other words, it's what sd_json_dispatch_const_string() is to sd_json_dispatch_string(). Note this drops the SD_JSON_STRICT flags from various dispatch tables for these fields, and replaces this by SD_JSON_RELAX, i.e. the opposite behaviour. As #34558 correctly suggests we should validate user names in lookup functions using the lax rules, rather than the strict ones, since clients not knowing the rules might ask us for arbitrary resolution. (SD_JSON_RELAX internally translates to valid_user_group_name() with the VALID_USER_RELAX flag). See: #34558
* tree-wide: use strv_extend_strv_consume() where appropriateMike Yuan2024-09-211-1/+1
|
* homed: wait for user input during firstbootMichael Ferrari2024-09-171-0/+2
| | | | | | | This mirrors the behavior of `systemd-firstboot` and allows bootup messages to settle down before user input is actually processed. See: https://github.com/systemd/systemd/issues/34448
* tree-wide: make sigprocmask() changes more automaticLennart Poettering2024-09-132-8/+4
| | | | | | | | | | | | | This tries to get rid of most manual sigprocmask() changes, in favour of: 1. The SD_EVENT_SIGNAL_PROCMASK flag to sd_event_add_signal() 2. The sd_event_set_signal_exit() call for handling SIGTERM/SIGINT 3. Move masking of SIGWINCH into ptyfwd, out of nspawn/vmspawn/run And while we are at it get rid of a bunch of event source fields whose lifetime is bound to the sd_event object they belong to anyway, and make use of the "floating" event source feature of sd-event instead.
* homectl: when chainloading a shell, prefix "-" rather than overriding first charLennart Poettering2024-09-101-2/+7
| | | | | | | | | | | | Login shells are supposed to marked via a dash as first char. We follow that logic, but right now we simply overwrite the first char of the shell. That might not be the right choice, given that this turns "zsh" into "-sh", which suggests some bourne shell process. Hence, let's correct things, and instead prefix a dash, which should be safer. Inspired by findings on https://github.com/systemd/systemd/issues/34153#issuecomment-2338104907
* tree-wide: check if non-empty password is acquiredYu Watanabe2024-09-061-0/+2
|
* repart: Add compression supportDaan De Meyer2024-09-031-0/+2
| | | | | | | | | | | | | | | | | | | | | Now that mkfs.btrfs is adding support for compressing the generated filesystem (https://github.com/kdave/btrfs-progs/pull/882), let's add general support for specifying the compression algorithm and compression level to use. We opt to not parse the specified compression algorithm and instead pass it on as is to the mkfs tool. This has a few benefits: - We support every compression algorithm supported by every tool automatically. - Users don't need to modify systemd-repart if a mkfs tool learns a new compression algorithm in the future - We don't need to maintain a bunch of tables for filesystem to map from our generic compression algorithm enum to the filesystem specific names. We don't add support for btrfs just yet until the corresponding PR in btrfs-progs is merged.
* tree-wide: drop msg argument for DEFINE_CONFIG_PARSE() macro and friendsYu Watanabe2024-09-011-1/+1
| | | | | This makes the macros use log_syntax_parse_error(), hopefully which provides more informative log message in general, and reduces binary size.
* tree-wide: acquire /dev/console lock around any attempts to reset TTYLennart Poettering2024-07-191-1/+1
|
* tree-wide: reset stdout not stdinLennart Poettering2024-07-191-1/+1
| | | | | | | We nowadays reset TTYs by writing ANSI sequences to them. This can only work if we operate on an *output* fd, not an input fd. Hence switch various cases where we erroneously used an input fd to use an output fd instead.
* terminal-util: split out color macros/helpers into its own headerLennart Poettering2024-07-191-0/+1
| | | | | | | | | This is a lot of stuff, and sometimes quite wild, let's turn this into its own header. All stuff color-related that just generates sequences is now in ansi-color.h (no .c file!), and everything more complex that probes/ineracts with terminals remains in termina-util.[ch]
* terminal-util: add new helper terminal_reset_defensive() that combines ↵Lennart Poettering2024-07-191-1/+1
| | | | reset-by-ioctl and reset-by-sequence reasonably
* Merge pull request #33591 from teknoraver/o_pathLuca Boccassi2024-07-192-2/+2
|\ | | | | use O_PATH when possible
| * homed: open blob dir with O_PATHMatteo Croce2024-07-161-1/+1
| | | | | | | | | | `sys_base_dfd` is only used as dirfd argument to *_at functions, open it with O_PATH.
| * homed: use O_PATH for FDsMatteo Croce2024-07-161-1/+1
| | | | | | | | `Home->pin_fd` is used only for pinning, open it with O_PATH.
* | sleep,home: always initialize UnitFreezer if usedMike Yuan2024-07-171-11/+11
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Previously, unit_freezer_new_freeze() would only return UnitFreezer object if FreezeUnit() succeeds. This is not ideal though, as a failed bus call doesn't mean the action actually failed. E.g. a timeout might occur because pid1 is waiting for cgroup event from kernel, while the bus call timeout was exceeded (#33269). In such a case, ThawUnit() will never be called, resulting in frozen units remain that way after resuming from sleep. Therefore, let's get rid of unit_freezer_new_freeze(), and make sure as long as unit freezer is involved, we'll call ThawUnit() when we're done. This should make things a lot more robust.
* | sd-varlink: make our internal Varlink API public as sd-varlink.[ch]Lennart Poettering2024-07-164-45/+45
|/ | | | | | | | | | It's time. sd-json was already done earlier in this cycle, let's now make sd-varlink public too. This is mostly just a search/replace job of epical proportions. I left some functions internal (mostly IDL handling), and I turned some static inline calls into regular calls.
* Merge pull request #33491 from keszybz/allow-interactive-auth-in-inhibitLuca Boccassi2024-06-261-1/+1
|\ | | | | Allow interactive auth in inhibit
| * Rename spawn-polkit-agent.c to just polkit-agent.cZbigniew Jędrzejewski-Szmek2024-06-261-1/+1
| | | | | | | | | | The functions in the file were *not* using the spawn prefix, and the prefix seems completely unnecessary.
* | cryptenroll: support for enrolling FIDO2 tokens in manual modeKamil Szczęk2024-06-201-10/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | systemd-cryptsetup supports a FIDO2 mode with manual parameters, where the user provides all the information necessary for recreating the secret, such as: credential ID, relaying party ID and the salt. This feature works great for implementing 2FA schemes, where the salt file is for example a secret unsealed from the TPM or some other source. While the unlocking part is quite straightforward to set up, enrolling such a keyslot - not so easy. There is no clearly documented way on how to set this up and online resources are scarce on this topic too. By implementing a straightforward way to enroll such a keyslot directly from systemd-cryptenroll we streamline the enrollment process and reduce chances for user error when doing such things manually.
* | tree-wide: port over to new builder apisLennart Poettering2024-06-199-100/+108
| |
* | various: move const ptr indicator to return valueZbigniew Jędrzejewski-Szmek2024-06-193-5/+5
|/