| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |\
| |
| | |
tree-wide: add space after if, switch, for, and while
|
| | | |
|
| | | |
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This adds another symlink for block devices:
/dev/disk/by-diskseq/<number>
where the number is the diskseq number as exposed by the kernel. It's
useful for apps because they can use it to open a device by diskseq, in
a way that is safe against device node reuse. I.e. if a device node path
like this is passed to an app it could open the device node via the
symlink and also parse the diskseq from the path. Once the device is
opened it could compare the parsed diskseq with the one returned by
BLKGETDISKSEQ on the open node, and if it matches they know they are
talking to the right device.
Fixes: #22906
|
| |\ \
| | |
| | | |
analyze: fix offline checks for syscall filter and 'native' architecture
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | | |
The deny/allow list check was inverted, if we are deny listing and the
hashmap contains the syscall then that's good
Fixes https://github.com/systemd/systemd/issues/22914
|
| | | |
| | |
| | |
| | | |
Enum values are stored in the set, not strings
|
| |\ \ \
| | | |
| | | | |
userns uid range tweaks: taint systemd if assigned userns uid range too short, and show userns uid range in userdbctl output
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
Containers generally have a smaller UID range assigned than host
systems. Let's visualize this in the user/group tables. We insert
markers for unavailable regions. This way display is identical to status
quo ante on host systems, but in containers unavailable ranges will be
shown as that.
And while we are at it, also hide well-known UID ranges when they are
outside of userns uid_map range. This is mostly about the "container"
range. It's pointless showing the cotnainer range (i.e. a range UID >
65535) if that range isn#t available in the container anyway.
|
| | | | | |
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
This will taint systemd if invoked in containers that do not have the
full 16bit range of UIDs defined.
we pretty much need uid root…nobody to be defined for a variety of
purposes, hence let's add this taint flag. Of course taints are
graceful, but it at least communicates the mess in some way...
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
The former checks if one UID is inside the uid range set. The latter
checks if a full UID range is inside the uid range set. The former is
hence a special case of the latter.
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | | | | |
|
| | |_|/
|/| | |
|
| |\ \ \
| | | |
| | | | |
tests: make test-resolved-stream suceed even when run as root with restrictive access mode on build tree dir
|
| | | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | |
| | | | |
that's safe
I regularly run my tests also as root, since some of the tested code
uses privileged APIs. The test-resolved-stream so far tried to run its
tests in a user/network namespace if that can be allocated. This caused
the tests to fail on my system where once the user namespace is opened
access to the build tree in my $HOME is prohibited (due to restricted
access modes on my home dir). Let's add a check for that: before
actually isolating the test in a user/network namespace, let's see if
that would make it impossible for us to access the build tree (which we
need to do load the TLS certificates the test requires).
This should make the test pass when run as root from a build tree with
restrictive access mode.
|
| | |/ /
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Let's add assert() around everyhing we don't expect to fail.
Port to path_extract_directory().
Log errrors from load_env_file_pairs() which we ignore.
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
The three functions for reading cwd, exe and root symlinks of processes
already share a common core: get_process_link_contents(). Let's refactor
that a bit, and move formatting of the /proc/self/ path into this helper
function instead of doing that in the caller, thus sharing more code.
While we are at it, make the return parameters optional, in case the
information if the links are readable is interesting, but the contents
is not. (This also means safe_getcwd() and readlinkat_malloc() are
updated to make the return parameter optional, as these are called by
the relevant three functions)
|
| |\ \ \
| |/ /
|/| | |
udevadm: introduce 'wait' command
|
| | | | |
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
We usually open() device node obtained by sd_device_get_devname().
However, the device node corresponds to the sd-device object may be
already removed, and another device node with the same path may be
created, hence an unexpected device may be opened.
The sd_device_open() opens device node, and checks the devnum and
diskseq of opened devnum, to avoid the above possibility.
Prompted by https://github.com/systemd/systemd/issues/22906#issuecomment-1082736443.
|
| | | |
| | |
| | |
| | | |
And move it from loop-util.[ch] -> fd-util.[ch]
|
| | | |
| | |
| | |
| | | |
As it is defined at linux/fs.h.
|
| | | | |
|
| | | |
| | |
| | |
| | |
| | |
| | |
| | |
| | | |
Prompted by https://github.com/systemd/systemd/pull/22717#issuecomment-1067348496.
The new command 'udevadm wait' waits for device or device symlink being
created. This may be useful to wait for a device is processed by udevd
after e.g. formatting or partitioning the device.
|
| | | | |
|
| | |/
| |
| |
| | |
and sd_device_new_from_path() which takes devname or syspath.
|
| |/ |
|
| | |
|
| |
|
|
| |
Let's make this detectable explicitly.
|
| |\
| |
| | |
virt: minor running_in_userns() modernizations
|
| | | |
|
| | |
| |
| |
| |
| | |
And while we are at it, also fix propagation of an uninitialized errno
error.
|
| |\ \
| |/
|/| |
various minor tweaks to cryptsetup/veritysetup/integritysetup
|
| | |
| |
| |
| | |
Exactly like for veritysetup/cryptsetup
|
| | |
| |
| |
| |
| | |
Let's make the tool work more like veritysetup/cryptsetup in this regard
too.
|
| | |
| |
| |
| | |
To make the tool behave more like cryptsetup/veritysetup
|
| | | |
|
| | | |
|
| | |
| |
| |
| | |
cryptsetup does this too, so let's better be safe here, too.
|
| | | |
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Accessing the various arguments always through argv[] is nasty, since
it's not obvious what we are talking about here. Let's give things nice
names.
We did the same in cryptsetup a while back.
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Let's upgrade log levels of some noteworthy messages from LOG_DEBUG to
LOG_NOTICE. These messages contain information that previous log
messages in the error path didn't say, namely that we'll now fall back
to traditional unlocking.
Note that this leaves similar log messages for cases where
TPM2/PKCS#11/FIDO2 support is disabled at build at LOG_DEBUG, since in
that case nothing really failed, we just systematically can't do
TPM2/PKCS#11/FIDO2 and hence it is pointless and not actionable for
users to do anything about it...
|
| | |
| |
| |
| |
| | |
let's unify some code here, and let's do so in cryptsetup-util.h so that
we can later reuse this in integritysetup/veritysetup
|
