| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
| |
Support for C added in gcc 15:
https://github.com/gcc-mirror/gcc/commit/236c0829ee21a179c81b83f0d7f112ca23c47a4d
|
|
|
|
| |
Our baseline is gcc 8.4.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
| |
This new field allows specification of an fd on which the password
prompt logic will look for POLLHUP events for, and if seen will abort
the query.
The usecase for this is that when we query for a pw on behalf of a
Varlink client we can abort the query automatically if the client dies.
|
| |
|
| |
|
|
|
|
|
|
| |
We carry our own definitions in missing_mman.h, and otherwise
sys/mman.h is employed. Let's drop the unneeded detection/inclusion
of linux/memfd.h hence.
|
|
|
|
|
|
|
|
|
|
|
| |
This is just like memfd_new(), but allows fine grained control of the
sealing flags.
This switches over all uses of memfd_new() where we actually want
sealing to use memfd_new_full().
This then allows use to use memfd_new() for two further calls, where we
previously used the more lowlevel memfd_create_wrapper().
|
|
|
|
|
|
|
|
|
|
| |
Let's drop support systems lacking memfds, i.e. pre kernel 3.17 systems.
This allows us to drastically simplify the "data fd" concept, so far
that we can remove it entirely.
This replaces acquire_data_fd() with a specialized call to
memfd_new_and_seal(), not that memfds can be the only implementation of
the concept.
|
|
|
|
|
|
| |
The values that were previously hardcoded in sd-varlink.c are now defined
in new varlink_set_info_systemd() and that function is called everywhere
where we create a server.
|
|
|
|
| |
Prompted by https://github.com/systemd/systemd/pull/35110#discussion_r1835885340
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
A bit confusingly CONTAINER_UID_BASE_MAX is just the maximum *base* UID
for a container. Thus, with the usual 64K UID assignments, the last
actual container UID is CONTAINER_UID_BASE_MAX+0xFFFF.
To make this less confusing define CONTAINER_UID_MIN/MAX that add the
missing extra space.
Also adjust two uses where this was mishandled so far, due to this
confusion.
With this change the UID ranges we default to should properly match what
is documented on https://systemd.io/UIDS-GIDS/.
|
|
|
|
|
| |
This singular debug message gets printed even if debug is not enabled.
Quiet this message when debug is not enabled for consistency.
|
|
|
|
|
|
|
|
|
|
| |
This allows an unprivileged user that is active at the console to change
the fields that are in the selfModifiable allowlists (introduced in a
previous commit) without authenticating as a system administrator.
Administrators can disable this behavior per-user by setting the
relevant selfModifiable allowlists, or system-wide by changing the
policy of the org.freedesktop.home1.update-home-by-owner Polkit action.
|
|\ |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Users will generally know what a qrcode is, so let's not treat them as dumb and
explain that it can be scanned. OTOH, we should say what the qrcode contains
and it is useful to give a hint why the users would want to scan it. Reword
messages accordingly.
(Also, don't say "to your phone", when somebody might be using a stolen phone,
or something else then a phone.)
|
|/
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We often used a pattern like if (!FLAGS_SET(flags, SD_JSON_FORMAT_OFF)),
which is rather verbose and also contains a double negative, which we try
to avoid. Add a little helper to avoid an explicit bit check.
This change clarifies an aditional thing: in some cases we treated
SD_JSON_FORMAT_OFF as a flag (flags & SD_JSON_FORMAT_OFF), while in other cases
we treated it as an independent enum value (flags == SD_JSON_FORMAT_OFF).
In the first form, flags like SD_JSON_FORMAT_SSE do _not_ turn the json
output on, while in the second form they do. Let's use the first form
everywhere.
No functional change intended.
Initially I wasn't sure if this helper should be made public or just internal,
but it seems such a common pattern that if we expose the flags, we might just
as well expose it too, to make life easier for any consumers.
|
|\
| |
| | |
Various logging improvements
|
| |
| |
| |
| |
| | |
Let's log about which bus we're trying to connect to and what transport
we're using to do it.
|
| | |
|
| |
| |
| |
| | |
Follow-up for 164ca24d7464253e5f8375226b792ef8f6eaffd0.
|
| |
| |
| |
| | |
In order to distinguish it from libc function naming.
|
|/
|
|
| |
laccess is our own macro that uses RET_NERRNO.
|
|
|
|
| |
Fixup for 2413a0fab4fdad7eef3ce1d4b57664be5795b002.
|
|
|
|
|
| |
Otherwise when the user takes a long time to enter input the operation
to create the user's home will fail with "transport endpoint not connected".
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is the same as json_dispatch_user_group_name() but fills in the
string as "const char*" to the JSON field. Or in other words, it's what
sd_json_dispatch_const_string() is to sd_json_dispatch_string().
Note this drops the SD_JSON_STRICT flags from various dispatch tables
for these fields, and replaces this by SD_JSON_RELAX, i.e. the opposite
behaviour. As #34558 correctly suggests we should validate user names
in lookup functions using the lax rules, rather than the strict ones,
since clients not knowing the rules might ask us for arbitrary
resolution.
(SD_JSON_RELAX internally translates to valid_user_group_name() with the
VALID_USER_RELAX flag).
See: #34558
|
| |
|
|
|
|
|
|
|
| |
This mirrors the behavior of `systemd-firstboot` and allows bootup
messages to settle down before user input is actually processed.
See: https://github.com/systemd/systemd/issues/34448
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This tries to get rid of most manual sigprocmask() changes, in favour
of:
1. The SD_EVENT_SIGNAL_PROCMASK flag to sd_event_add_signal()
2. The sd_event_set_signal_exit() call for handling SIGTERM/SIGINT
3. Move masking of SIGWINCH into ptyfwd, out of nspawn/vmspawn/run
And while we are at it get rid of a bunch of event source fields whose
lifetime is bound to the sd_event object they belong to anyway, and make
use of the "floating" event source feature of sd-event instead.
|
|
|
|
|
|
|
|
|
|
|
|
| |
Login shells are supposed to marked via a dash as first char. We follow
that logic, but right now we simply overwrite the first char of the
shell. That might not be the right choice, given that this turns
"zsh" into "-sh", which suggests some bourne shell process.
Hence, let's correct things, and instead prefix a dash, which should be
safer.
Inspired by findings on https://github.com/systemd/systemd/issues/34153#issuecomment-2338104907
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Now that mkfs.btrfs is adding support for compressing the generated
filesystem (https://github.com/kdave/btrfs-progs/pull/882), let's
add general support for specifying the compression algorithm and
compression level to use.
We opt to not parse the specified compression algorithm and instead
pass it on as is to the mkfs tool. This has a few benefits:
- We support every compression algorithm supported by every tool
automatically.
- Users don't need to modify systemd-repart if a mkfs tool learns a
new compression algorithm in the future
- We don't need to maintain a bunch of tables for filesystem to map
from our generic compression algorithm enum to the filesystem specific
names.
We don't add support for btrfs just yet until the corresponding PR
in btrfs-progs is merged.
|
|
|
|
|
| |
This makes the macros use log_syntax_parse_error(), hopefully which provides
more informative log message in general, and reduces binary size.
|
| |
|
|
|
|
|
|
|
| |
We nowadays reset TTYs by writing ANSI sequences to them. This can only
work if we operate on an *output* fd, not an input fd. Hence switch
various cases where we erroneously used an input fd to use an output fd
instead.
|
|
|
|
|
|
|
|
|
| |
This is a lot of stuff, and sometimes quite wild, let's turn this into
its own header.
All stuff color-related that just generates sequences is now in
ansi-color.h (no .c file!), and everything more complex that
probes/ineracts with terminals remains in termina-util.[ch]
|
|
|
|
| |
reset-by-ioctl and reset-by-sequence reasonably
|
|\
| |
| | |
use O_PATH when possible
|
| |
| |
| |
| |
| | |
`sys_base_dfd` is only used as dirfd argument to *_at functions,
open it with O_PATH.
|
| |
| |
| |
| | |
`Home->pin_fd` is used only for pinning, open it with O_PATH.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Previously, unit_freezer_new_freeze() would only return
UnitFreezer object if FreezeUnit() succeeds. This is not
ideal though, as a failed bus call doesn't mean the action
actually failed. E.g. a timeout might occur because pid1
is waiting for cgroup event from kernel, while the bus call
timeout was exceeded (#33269). In such a case, ThawUnit()
will never be called, resulting in frozen units remain that
way after resuming from sleep.
Therefore, let's get rid of unit_freezer_new_freeze(),
and make sure as long as unit freezer is involved, we'll
call ThawUnit() when we're done. This should make things
a lot more robust.
|
|/
|
|
|
|
|
|
|
|
| |
It's time. sd-json was already done earlier in this cycle, let's now
make sd-varlink public too.
This is mostly just a search/replace job of epical proportions.
I left some functions internal (mostly IDL handling), and I turned some
static inline calls into regular calls.
|
|\
| |
| | |
Allow interactive auth in inhibit
|
| |
| |
| |
| |
| | |
The functions in the file were *not* using the spawn prefix,
and the prefix seems completely unnecessary.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
systemd-cryptsetup supports a FIDO2 mode with manual parameters, where
the user provides all the information necessary for recreating the
secret, such as: credential ID, relaying party ID and the salt. This
feature works great for implementing 2FA schemes, where the salt file
is for example a secret unsealed from the TPM or some other source.
While the unlocking part is quite straightforward to set up, enrolling
such a keyslot - not so easy. There is no clearly documented
way on how to set this up and online resources are scarce on this topic
too. By implementing a straightforward way to enroll such a keyslot
directly from systemd-cryptenroll we streamline the enrollment process
and reduce chances for user error when doing such things manually.
|
| | |
|
|/ |
|