man/*.html: link to directives, python, guvev, libudev in headers
Since the HTML files are in different directories during build
and on fd.o, links are broken in the build directory. This could
be fixed by moving stuff around, or by modifying the files during
upload, but I think that people do not usually create HTML files
for local browsing, and this is not necessary.
Kay Sievers [Thu, 7 Mar 2013 20:04:30 +0000 (21:04 +0100)]
<mbiebl> poettering: small typo in the NEWS file: directory systems looks for <- systemd
<mbiebl> the sentence reads a bit strange "looks for units in"
<mbiebl> " by assigning the empty strings to them" <- an empty string or the empty string
<mbiebl> "this allows resetting" <- I was told this is not correct English, too: "this allows one to reset"
Nathaniel Chen [Thu, 7 Mar 2013 19:06:58 +0000 (11:06 -0800)]
core: mount and initialize Smack
SMACK is the Simple Mandatory Access Control Kernel, a minimal
approach to Access Control implemented as a kernel LSM.
The kernel exposes the smackfs filesystem API through which access
rules can be loaded. At boot time, we want to load the access rules
as early as possible to ensure all early boot steps are checked by Smack.
This patch mounts smackfs at the new location at /sys/fs/smackfs for
kernels 3.8 and above. The /smack mountpoint is not supported.
After mounting smackfs, rules are loaded from the usual location.
For more information about Smack see:
http://www.kernel.org/doc/Documentation/security/Smack.txt
Commit ed1553a fixed current errors, but this error is easy to
make. A wrong id messes up the indexes and linking, so it is
better to catch this automatically.
systemd-python: refuse path and flags together in __init__
It's better to explictly check, instead of just documenting it.
The return value from init is changed from 1 to -1 on error.
Python seems to ignore 1 every second time. Looks like a bug
in Python, but the return value doesn't seem to be documented
anywhere, and -1 works as expected... so let's just use that.
systemd-python: catch only ValueErrors in conversion code
First of all, 'try: ... except: ...' (with no exception specified) is
always a no-no, since it catches all BaseExceptions, which includes ^C
and other stuff which should almost never be caught.
Now the conversion is stricter, and only one conversion is attempted,
and only a ValueEror is caught. It seems reasonable to catch ValueErrors,
since the entries in the journal are not verified, and any erroneous
application might log a field which cannot be converted. The consumer
of events must only check if a field is an instance of bytes and can
otherwise assume that the conversion was performed correctly.
Order of arguments in Reader.__init__ has been changed to match order
in _Reader.__init__.
Conversions have been updated to work under Python 2 and 3.
Michael Biebl [Wed, 6 Mar 2013 22:24:31 +0000 (23:24 +0100)]
service: sysv - properly handle init scripts with .sh suffix
Dropping the distribution specific #ifdefs in 88516c0c952b9502e8ef1d6a1481af61b0fb422d broke the .sh suffix stripping
since we now always used the else clause of the rc. check.
We eventually want to drop the rc. prefix stripping, but for now we
assume that no sysv init script uses both an rc. prefix and .sh suffix,
so make the check for the .sh suffix and rc. prefix mutually exclusive.
libsystemd-journal: export new function, increase library version
Since sd_journal_reliable_fd wasn't exported before, it is as if
it was added now. Library "current" number must be bumped.
michich> Someone links with the fixed version and produces a RPM with
his program. The RPM will happily install on a system with an
old systemd version (the deps will appear fine), but the
program will fail to run.
If XDG_RUNTIME_DIR contains a character like ":" (for instance if it's
formed from an X11 display name), then it isn't valid to substitute
it into a D-Bus address without escaping.
Tom Gundersen [Tue, 5 Mar 2013 06:56:47 +0000 (15:56 +0900)]
main: ISOLATE rather than REPLACE default.target
This allows switch-root to work correctly if a unit is active both before and
after the switch-root, but its dependencies change. Before the patch, any
dependencies added to active units by switch-root will not be pulled, in
particular filesystems configured in /etc/fstab would not be activated if
local-fs.target was active in the initrd.
It is not clear to me if there is a bug in the REPLACE handling, or if it is
working as expected and that we really want to use ISOLATE instead as this patch
does.
Nathaniel Chen [Tue, 5 Mar 2013 19:46:34 +0000 (11:46 -0800)]
hostnamed: allow more special characters in pretty hostname
this addresses the bug at:
https://bugs.freedesktop.org/show_bug.cgi?id=59311
https://bugzilla.redhat.com/show_bug.cgi?id=895299
hostnamectl is supposed to allow a range of special characters for
the 'pretty' hostname:
$ hostnamectl set-hostname --pretty "Nathaniels Desktop !@#$%"
..however, it rejects apostrophes, double quotes, and backslashes.
The manual for hostnamectl suggests that this should be allowed.
It makes sense to reject \0, \n, etc. pretty_string_is_safe() is
the same as string_is_safe(), but allows more special characters.
journald: introduce new "systemd-journal" group and make it own the journal files
Previously all journal files were owned by "adm". In order to allow
specific users to read the journal files without granting it access to
the full "adm" powers, introduce a new specific group for this.
"systemd-journal" has to be created by the packaging scripts manually at
installation time. It's a good idea to assign a static UID/GID to this
group, since /var/log/journal might be shared across machines via NFS.
This commit also grants read access to the journal files by default to
members of the "wheel" and "adm" groups via file system ACLs, since
these "almost-root" groups should be able to see what's going on on the
system. These ACLs are created by "make install". Packagers probably
need to duplicate this logic in their postinst scripts.
This also adds documentation how to grant access to the journal to
additional users or groups via fs ACLs.
logind: when registering a new session always use previous session info from cgroup path rather than audit
Previously for cases like "su" or "sudo" where a session is attempted to
be created from within an existing one we used the audit session ID to
detect this and in such a case we simple returned the session data of
the original session a second time.
With this change we will now use the cgroup path of the calling path to
determine the old session, i.e. we only rely on our own session
identification scheme, instead of audits.
We will continue to keep the audit session ID and ours in sync however,
to avoid unnecessary confusion.
Michal Schmidt [Mon, 4 Mar 2013 13:38:51 +0000 (14:38 +0100)]
core/manager: fix conditions to start and stop watching running jobs
Harald encountered division by zero in manager_print_jobs_in_progress.
Clearly we had the watch enabled when we shouldn't - there were no
running jobs in m->jobs, only waiting ones. This is either a deadlock,
or maybe some of them would be detected as runnable in the next dispatch
of the run queue. In any case we mustn't crash.
Fix it by starting and stopping the watch based on n_running_jobs
instead of the number of all jobs.
core/path: install inotify watches top-down instead of bottom-up
When watches are installed from the bottom, it is always possible
to race, and miss a file creation event. The race can be avoided
if a watch is first established for a parent directory, and then for
the file in the directory. If the file is created in the time between,
the watch on the parent directory will fire.
Some messages (mostly at debug level) are added to help diagnose
pidfile issues.
Should fix https://bugzilla.redhat.com/show_bug.cgi?id=917075.
Michael Biebl [Mon, 4 Mar 2013 01:13:34 +0000 (02:13 +0100)]
build-sys: be more tolerant if dbus directories do not exist
use readlink -m instead of -f since we might be building in a minimal
chroot where those directories do not actually exist and readlink -f
would return an empty string.
Rob Clark [Sun, 3 Mar 2013 17:55:08 +0000 (12:55 -0500)]
udev: fix segfault with android rndis
The android gadget driver for network tethering over rndis somehow has a
parent device with a null subsystem. Probably this is bug in android driver,
but it is easy enough to make systemd/udev behave gracefully and not
segfault. And this will help for making linux distros with systemd
(like fedora) work on android devices.
Kay Sievers [Sun, 3 Mar 2013 17:20:09 +0000 (18:20 +0100)]
udev: firmware - do not created /run/udev/firmware-missing/
The userspace firmware loader is deprecated now, and will be entirely
removed when we depend on a kernel version with the built-in firmware
loader available.