Jan Engelhardt [Thu, 20 Sep 2012 08:20:49 +0000 (10:20 +0200)]
build-sys: require certain version of libselinux
./.libs/libsystemd-core.a(libsystemd_core_la-selinux-access.o):
In function "selinux_access_check":
src/core/selinux-access.c:487: undefined reference to
"selinux_check_access"
journal: when comparing two entries from separate files make sure we reposition the mmap window
The mmap cache doesn't guarantee that we can look at two files at the
same time. Hence make sure to look at the entries to compare one
after the other, instead of at the same time when comparing them, and
reposition the window in between.
Systemctl would always return 1, because it treated uninteresting dbus
messages ("job added") as errors. Just ignore everything apart from
interesting ("job removed") messages.
Semantics are slightly different, because before unit_name_mangle
returning NULL was ignored, and now it is reported as oom. But
unit_name_mangle only returns NULL on oom.
Note: I did s/MANAGER/SYSTEMD/ everywhere, even though it makes the
patch quite verbose. Nevertheless, keeping MANAGER prefix in some
places, and SYSTEMD prefix in others would just lead to confusion down
the road. Better to rip off the band-aid now.
This patch adds the ability to look at the calling process that is trying to
do dbus calls into systemd, then it checks with the SELinux policy to see if
the calling process is allowed to do the activity.
The basic idea is we want to allow NetworkManager_t to be able to start and
stop ntpd.service, but not necessarly mysqld.service.
Similarly we want to allow a root admin webadm_t that can only manage the
apache environment. systemctl enable httpd.service, systemctl disable
iptables.service bad.
To make this code cleaner, we really need to refactor the dbus-manager.c code.
This has just become a huge if-then-else blob, which makes doing the correct
check difficult.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/
main: when transitioning from initrd to the main system log to kmsg
When the new PID is invoked the journal socket from the initrd might
still be around. Due to the default log target being journal we'd log to
that initially when the new main systemd initializes even if the kernel
command line included a directive to redirect systemd's logging
elsewhere.
With this fix we initially always log to kmsg now, if we are PID1, and
only after parsing the kernel cmdline try to open the journal if that's
desired.
(The effective benefit of this is that SELinux performance data is now
logged again to kmsg like it used to be.)
For setups with many listening sockets the default kernel resource limit
of 1024 fds is not enough. Bump this up to 64K to avoid any limitations
in this regard. We are careful to pass on the kernel default to daemons
however, since normally resource limits are a good to enforce,
especially since select() can't handle fds > 1023.
Systemd has a large (and growing) number of manpages. Sometimes it's
not immediately obvious, where to look for a directive. Especially,
when something is described in more than one place. Making sense of
all the settings should be easier with an index.
logind: make sure there's always a getty available on TTY6
Previously, if X allocated all 6 TTYs (for multi-session for example) no
getty would be available anymore to guarantee console-based logins.
With the new ReserveVT= switch in logind.conf we can now choose one VT
(6 by default) that will always be subject to autovt-style activation,
i.e. we'll always have a getty on TTY6, and X will never take possession
of it.
Dave Reisner [Sat, 15 Sep 2012 16:58:49 +0000 (12:58 -0400)]
tmpfiles: use write(2) for the 'w' action
This resolves problems with filesystems which do not implement the
aio_write file operation. In this case, the kernel will fall back using
a loop writing technique for each pointer in a received iovec. The
result is strange errors in dmesg such as:
[ 31.855871] elevator: type not found
[ 31.856262] elevator: switch to
[ 31.856262] failed
It does not make sense to implement a synchronous aio_write method for
sysfs as this isn't a real filesystem where a reasonable use case for
using writev exists, nor is there an expectation that tmpfiles will be
used to write more data than can be reasonably written in a single write
syscall.
In addition, some sysfs attrs are currently buggy and will NOT reject
the second write with the newline, causing the sysfs value to be zeroed
out. This of course should be fixed in the kernel regardless of any
wrongdoing in userspace, but this simple change makes us immune to such
a bug.
This change means that we do not write a trailing newline by default, as
the expected use case of 'w' is for sysfs and procfs. In exchange, honor
C-style backslash escapes so that if the newline is really needed, the
user can add it.
Most things seem to function fine without /dev/shm, but it is expected
to be there (quoting linux/Documentation/filesystems/tmpfs.txt:
glibc 2.2 and above expects tmpfs to be mounted at /dev/shm for POSIX
shared memory (shm_open, shm_unlink)).
Since /tmp/ is already mounted as tmpfs, it would be enough to mkdir
/tmp/shm and chmod it. Mounting it separately has the advantage that
it can be easily remounted to change the quota.
logind: redefine idleness to start at last activity
Before, after the timeout, a session would be timestamped as idle
since 'last activity' + 'idle timeout'. Now, it is timestamped as idle
since 'last activity'.
Before, after all sessions were idle, the seat would be marked with as
idle with the timestamp of the oldest idle session. Now it is
marked with the timestamp of the youngest idle session.
Both changes seem to me to be closer to natural understanding of
idleness: the time since last activity counts.
Shawn Landden [Wed, 22 Aug 2012 06:11:26 +0000 (23:11 -0700)]
timedated: gather timezone from /etc/localtime sym target
/etc/localtime -> /usr/share/zoneinfo/...
or
/etc/localtime -> ../usr/share/zoneinfo/...
(note, ../usr is not the same if /etc is a symlink, as this isn't
using canonicalize_file_name())
keep other method for now, consider dropping later.
Supporting relative links here are problematic as timezones in
/usr/share/zoneinfo are often themselves symlinks (and symlinks to
symlinks), so this implamentation only supports absolute symlinks
"/usr/share/zoneinfo/" and relative symlinks starting with
"../usr/share/zoneinfo/"
>From TODO (kay sievers):
* kill /etc/timezone handling entirely? What does it provide?
- /etc/localtime carries the same information already:
$ ls -l /etc/localtime; cat /etc/timezone
lrwxrwxrwx 1 root root 33 Jul 27 09:55 /etc/localtime -> /usr/share/zoneinfo/Europe/Berlin
Europe/Berlin
- systemd enforces /usr to be available at bootup, so we can
enforce the use of the symlink
Lucas De Marchi [Fri, 14 Sep 2012 14:18:41 +0000 (14:18 +0000)]
build-sys: Append -Werror when testing flags
Clang don't treat unknown warnings flags as an error, but rather as a
warning. The result is that the detection for whic CFLAGS are supported
by this compiler will not work, since the compilation will succeed.
With this patch we now successfully detect clang doesn't support
-Wlogical-op, as opposed to previous behavior:
checking if clang supports flag -Wlogical-op in envvar CFLAGS... no
We use this macro only for LDFLAGS and CFLAGS, so it's safe to stash
-Werror there.
projects / systemd.git / log