| Commit message (Collapse) | Author | Age | Files | Lines |
| |
|
|\
| |
| | |
default to C.UTF-8 locale, and many improvements to env var file parsing/kernel cmdline parsing
|
| |
| |
| |
| | |
Let's modernize things a bit.
|
| |
| |
| |
| |
| |
| |
| | |
Now that we don't (mis-)use the env file parser to parse kernel command
lines there's no need anymore to override the used newline character
set. Let's hence drop the argument and just "\n\r" always. This nicely
simplifies our code.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
All users of the macro (except for one, in serialize.c), use the macro in
connection with read_line(), so they must include fileio.h. Let's not play
libc games and require multiple header file to be included for the most common
use of a function.
The removal of def.h includes is not exact. I mostly went over the commits that
switch over to use read_line() and add def.h at the same time and reverted the
addition of def.h in those files.
|
|/
|
|
|
| |
Pretty much everything uses just the first argument, and this doesn't make this
common pattern more complicated, but makes it simpler to pass multiple options.
|
|\
| |
| | |
tree-wide: use setsockopt_int() more
|
| | |
|
| | |
|
| | |
|
|\ \
| |/
|/| |
FOREACH_LINE excorcism
|
| | |
|
| | |
|
| |
| |
| |
| | |
Also, properly ignore these read errors, and say so.
|
| |
| |
| |
| |
| |
| | |
As suggested by @heftig:
https://github.com/systemd/systemd/commit/6d5e65f6454212cd400d0ebda34978a9f20cc26a#commitcomment-30938667
|
|\ \
| |/
|/| |
sd-netlink: introduce sd_netlink_slot object and relevant functions
|
| | |
|
| | |
|
| |
| |
| |
| | |
Closes #10345.
|
|\ \
| | |
| | | |
various fixes related to struct sockaddr_un handling
|
| |/
| |
| |
| |
| |
| |
| |
| |
| |
| | |
All over the place we define local variables for the various sockopts
that take a bool-like "int" value. Sometimes they are const, sometimes
static, sometimes both, sometimes neither.
Let's clean this up, introduce a common const variable "const_int_one"
(as well as one matching "const_int_zero") and use it everywhere, all
acorss the codebase.
|
|/
|
|
| |
Let's employ coccinelle to fix everything up automatically for us.
|
|
|
|
| |
Fixes #10333.
|
| |
|
|\
| |
| | |
Set DynamicUser=no for networkd, resolved, timesyncd
|
| |
| |
| |
| |
| | |
This reverts commit 0187368cadea183e18c6d575a9d6b7f491a402af.
(systemd.conf.m4 part was already reverted in 5b5d82615011b9827466b7cd5756da35627a1608.)
|
|/ |
|
|
|
|
| |
Instead, use path_join() in callers wherever needed.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
`systemd-resolved.service` runs as `User=systemd-resolved`, and uses certain
Capabilit{y,ies} magic. By my understanding, this means it is started with a
number of "privileges". Indeed, `capabilities(7)` explains
> Linux divides the privileges traditionally
> associated with superuser into distinct units, known as capabilities,
> which can be independently enabled and disabled."
This situation appears to contradict our current code comment which said
> If we are not running as root we assume all privileges are already dropped.
This appears to be a confusion in the comment only. The rest of the code
tells a much clearer story. (Don't ask me if the story is correct.
`capabilities(7)` scares me). Let's tweak the comment to make it consistent
and avoid worrying readers about this.
|
| |
|
| |
|
|\
| |
| | |
beef up get_user_creds() a bit and other improvements
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Let's fold get_user_creds_clean() into get_user_creds(), and introduce a
flags argument for it to select "clean" behaviour. This flags parameter
also learns to other new flags:
- USER_CREDS_SYNTHESIZE_FALLBACK: in this mode the user records for
root/nobody are only synthesized as fallback. Normally, the synthesized
records take precedence over what is in the user database. With this
flag set this is reversed, and the user database takes precedence, and
the synthesized records are only used if they are missing there. This
flag should be set in cases where doing NSS is deemed safe, and where
there's interest in knowing the correct shell, for example if the
admin changed root's shell to zsh or suchlike.
- USER_CREDS_ALLOW_MISSING: if set, and a UID/GID is specified by
numeric value, and there's no user/group record for it accept it
anyway. This allows us to fix #9767
This then also ports all users to set the most appropriate flags.
Fixes: #9767
[zj: remove one isempty() call]
|
| | |
|
| | |
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This is a bit like the info link in most of GNU's --help texts, but we
don't do info but man pages, and we make them properly clickable on
terminal supporting that, because awesome.
I think it's generally advisable to link up our (brief) --help texts and
our (more comprehensive) man pages a bit, so this should be an easy and
straight-forward way to do it.
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This fixes a memory leak:
```
d5070e2f67ededca022f81f2941900606b16f3196b2268e856295f59._openpgpkey.gmail.com: resolve call failed: 'd5070e2f67ededca022f81f2941900606b16f3196b2268e856295f59._openpgpkey.gmail.com' not found
=================================================================
==224==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 65 byte(s) in 1 object(s) allocated from:
#0 0x7f71b0878850 in malloc (/usr/lib64/libasan.so.4+0xde850)
#1 0x7f71afaf69b0 in malloc_multiply ../src/basic/alloc-util.h:63
#2 0x7f71afaf6c95 in hexmem ../src/basic/hexdecoct.c:62
#3 0x7f71afbb574b in string_hashsum ../src/basic/gcrypt-util.c:45
#4 0x56201333e0b9 in string_hashsum_sha256 ../src/basic/gcrypt-util.h:30
#5 0x562013347b63 in resolve_openpgp ../src/resolve/resolvectl.c:908
#6 0x562013348b9f in verb_openpgp ../src/resolve/resolvectl.c:944
#7 0x7f71afbae0b0 in dispatch_verb ../src/basic/verbs.c:119
#8 0x56201335790b in native_main ../src/resolve/resolvectl.c:2947
#9 0x56201335880d in main ../src/resolve/resolvectl.c:3087
#10 0x7f71ad8fcf29 in __libc_start_main (/lib64/libc.so.6+0x20f29)
SUMMARY: AddressSanitizer: 65 byte(s) leaked in 1 allocation(s).
```
|
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
(#9855)
The references to the dns_server are now setup after the tls connection is setup.
This ensures that the stream got fully stopped when the initial tls setup failed
instead of having the unref being blocked by the reference to the stream by the server.
Therefore on_stream_io would no longer be called with a half setup encrypted connection.
Fixes the issue reported in #9838.
|
| |
| |
| | |
Fixes #9833.
|
|\ \
| | |
| | | |
journal: fixes issues reported by ASan
|
| | |
| | |
| | |
| | |
| | |
| | | |
As the length of salt in NSEC3 may be zero.
Fixes #9757.
|
|/ /
| |
| |
| | |
Fixes #9793.
|
|\ \
| | |
| | | |
tree-wide: Shorten error logging and several code cleanups
|
| | |
| | |
| | |
| | | |
Continuation of 4027f96aa08c73f109aa46b89842ca0e25c9c0e9.
|
| |/ |
|
| |
| |
| |
| |
| | |
This function doesn't really implement ordering, but CMP() is still fine to use
there. Keep the comment in place, just update it slightly to indicate that.
|
|/
|
|
|
|
|
|
| |
Looked for definitions of functions using the *_compare_func() suffix.
Tested:
- Unit tests passed (ninja -C build/ test)
- Installed this build and booted with it.
|
|\
| |
| | |
minor hashmap fixes
|
| | |
|
| | |
|