| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
| |
Otherwise, if there exist million of network interfaces,
calling glob() for network properties takes much time.
Fixes #24031.
|
| |
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
systemd-sysctl currently fails silently under any of these conditions:
- Missing permission to write a sysctl.
- Invalid sysctl (path doesn't exists).
- Ignore failure flag ('-' in front of the sysctl name).
Because of this behaviour, configuration issues can go unnoticed as
there is no way to detect those unless going through the logs.
--strict option forces systemd-sysctl to fail if a sysctl is invalid or
if permission are insufficient. Errors on sysctl marked as "ignore
failure" will still be ignored.
|
| |
|
|
|
|
|
|
|
|
|
| |
Increase the log severity in case of writing to a non existent sysctl
parameter as this can either be caused by a misspelling or a kernel mis-
configuration, e.g. in case YAMA does not get loaded due to a incomplete
lsm= override:
systemd-sysctl[354]: Couldn't write '1' to 'kernel/yama/ptrace_scope', ignoring: No such file or directory
|
|
|
|
| |
This also avoids multiple evaluations in STRV_FOREACH_BACKWARDS()
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
In general we almost never hit those asserts in production code, so users see
them very rarely, if ever. But either way, we just need something that users
can pass to the developers.
We have quite a few of those asserts, and some have fairly nice messages, but
many are like "WTF?" or "???" or "unexpected something". The error that is
printed includes the file location, and function name. In almost all functions
there's at most one assert, so the function name alone is enough to identify
the failure for a developer. So we don't get much extra from the message, and
we might just as well drop them.
Dropping them makes our code a tiny bit smaller, and most importantly, improves
development experience by making it easy to insert such an assert in the code
without thinking how to phrase the argument.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Our own config generates logs like this:
systemd-sysctl[1280]: Not setting net/ipv4/conf/all/rp_filter (explicit setting exists).
systemd-sysctl[1280]: Not setting net/ipv4/conf/default/rp_filter (explicit setting exists).
systemd-sysctl[1280]: Not setting net/ipv4/conf/all/accept_source_route (explicit setting exists).
systemd-sysctl[1280]: Not setting net/ipv4/conf/default/accept_source_route (explicit setting exists).
systemd-sysctl[1280]: Not setting net/ipv4/conf/all/promote_secondaries (explicit setting exists).
systemd-sysctl[1280]: Not setting net/ipv4/conf/default/promote_secondaries (explicit setting exists).
There is no error and nothing really to see.
|
|
|
|
| |
It may be useful when debugging daemons.
|
|
|
|
|
|
|
|
|
|
|
|
| |
I think this formatting was originally used because it simplified
adding new options to the help messages. However, these days, most
tools their help message end with "\nSee the %s for details.\n" so
the final line almost never has to be edited which eliminates the
benefit of the custom formatting used for printf() help messages.
Let's make things more consistent and use the same formatting for
printf() help messages that we use everywhere else.
Prompted by https://github.com/systemd/systemd/pull/18355#discussion_r567241580
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
is not readable
It annoyed me for quite a while that running "journalctl --file=…" on a
file that is not readable failed with a "File not found" error instead
of a permission error. Let's fix that.
We make this work by using the GLOB_NOCHECK flag for glob() which means
that files are not accessible will be returned in the array as they are
instead of being filtered away. This then means that our later attemps
to open the files will fail cleanly with a good error message.
|
| |
|
|
|
|
| |
Fixes #14801.
|
|
|
|
|
|
|
|
|
| |
This is intended for net.*.conf.*.foo files. Setting just "default" is not very
useful because any interfaces present before systemd-sysctl is invoked are not
affected. Setting "all" is too harsh, because the kernel takes the stronger of
the device-specific setting and the "all" value, so effectively having a weaker
setting for specific interfaces is not possible. Let's add a way in which can
set "default" first and then all the others without "all".
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
We need to run sysctl also in containers, because the network
subtree is namespaces and may legitimately be writable. But logging
all "errors" at notice level creates unwanted noise.
Also downgrade message about missing sysctls to log_info. This might also be
relatively common when configuration is targeted at different kernel
versions. With log_debug it'll still end up in the logs, but isn't really worth
of "notice" most of the time.
https://bugzilla.redhat.com/show_bug.cgi?id=1609806
|
|
|
|
|
| |
This allocation is a low level detail, and it seems nicer to keep it
out of run().
|
| |
|
| |
|
| |
|
|
|
|
|
| |
With @keszybz' recent work this will give us clickable links in the
journalctl output.
|
|
|
|
|
| |
It's a special case of strjoin(), so no need to keep both. In particular
as typing strjoin() is even shoert than strappend().
|
|
|
|
|
| |
This means we need to include many more headers in various files that simply
included util.h before, but it seems cleaner to do it this way.
|
|
|
|
|
|
|
|
| |
value pointer here is always NULL but subsequent use of that pointer
with a %s format will always be NULL, printing p instead would be a
valid string
Signed-off-by: Khem Raj <raj.khem@gmail.com>
|
|
|
|
|
|
|
|
|
|
|
| |
Ideally, coccinelle would strip unnecessary braces too. But I do not see any
option in coccinelle for this, so instead, I edited the patch text using
search&replace to remove the braces. Unfortunately this is not fully automatic,
in particular it didn't deal well with if-else-if-else blocks and ifdefs, so
there is an increased likelikehood be some bugs in such spots.
I also removed part of the patch that coccinelle generated for udev, where we
returns -1 for failure. This should be fixed independently.
|
|
|
|
|
| |
This is high-level functionality, and fits better in shared/ (which is for
our executables), than in basic/ (which is also for libraries).
|
|
|
|
|
|
| |
We generally want to close the pager last. This patch closes the pager last,
after the static destuctor calls. This means that they can do logging and such
like during normal program runtime.
|
| |
|
| |
|
| |
|
|
|
|
|
| |
Let's reduce the common boilerplate and have a single setup function
used by all service code to setup logging.
|
|
|
|
|
| |
Pretty much everything uses just the first argument, and this doesn't make this
common pattern more complicated, but makes it simpler to pass multiple options.
|
|
|
|
|
|
|
|
|
|
| |
This is a bit like the info link in most of GNU's --help texts, but we
don't do info but man pages, and we make them properly clickable on
terminal supporting that, because awesome.
I think it's generally advisable to link up our (brief) --help texts and
our (more comprehensive) man pages a bit, so this should be an easy and
straight-forward way to do it.
|
|
|
|
|
|
|
|
|
|
|
| |
These lines are generally out-of-date, incomplete and unnecessary. With
SPDX and git repository much more accurate and fine grained information
about licensing and authorship is available, hence let's drop the
per-file copyright notice. Of course, removing copyright lines of others
is problematic, hence this commit only removes my own lines and leaves
all others untouched. It might be nicer if sooner or later those could
go away too, making git the only and accurate source of authorship
information.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This part of the copyright blurb stems from the GPL use recommendations:
https://www.gnu.org/licenses/gpl-howto.en.html
The concept appears to originate in times where version control was per
file, instead of per tree, and was a way to glue the files together.
Ultimately, we nowadays don't live in that world anymore, and this
information is entirely useless anyway, as people are very welcome to
copy these files into any projects they like, and they shouldn't have to
change bits that are part of our copyright header for that.
hence, let's just get rid of this old cruft, and shorten our codebase a
bit.
|
|
|
|
|
| |
The output of these commands is really long, and already enriched with
color. Let's add auto-paging to make this easier to digest.
|
| |
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Files which are installed as-is (any .service and other unit files, .conf
files, .policy files, etc), are left as is. My assumption is that SPDX
identifiers are not yet that well known, so it's better to retain the
extended header to avoid any doubt.
I also kept any copyright lines. We can probably remove them, but it'd nice to
obtain explicit acks from all involved authors before doing that.
|
|
|
|
|
|
| |
path
Let's make use of our new hash_ops!
|
| |
|
|
|
|
|
| |
This follows what the kernel is doing, c.f.
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5fd54ace4721fc5ce2bb5aef6318fcf17f421460.
|
|
|
|
| |
Fixes: #6787
|
|
|
|
|
|
|
| |
appropriate
When checking path prefixes we really should use the right APIs, just in
case people add multiple slashes to their paths...
|
|
|
|
|
| |
v2:
- also mention m4
|