summaryrefslogtreecommitdiffstats
path: root/src/user-sessions (follow)
Commit message (Collapse)AuthorAgeFilesLines
* shared: get rid of fileio-label.[ch]Lennart Poettering2024-10-221-3/+2
| | | | | | Move the renaming function to reboot-util.h (since it writes out /run/nologin at shutdown), and let's get rid of fileio-label.[ch] now that it serves no purpose anymore.
* meson: move declaration of user-sessionsYu Watanabe2023-07-311-0/+9
|
* label: Introduce LabelOps to do pre/post labelling operationsDaan De Meyer2023-05-311-1/+1
| | | | | | | | | By default, label_ops is initialized with a NULL pointer which translates to noop labelling operations. In mac_selinux_init() and the new mac_smack_init(), we initialize label_ops with a MAC specific LabelOps pointer. We also introduce mac_init() to initialize any configured MACs and replace all usages of mac_selinux_init() with mac_init().
* user-sessions: do not remove /etc/nologinZbigniew Jędrzejewski-Szmek2023-04-031-8/+5
| | | | | | | | | | | | | | | | pam_nologin looks for /etc/nologin and /run/nologin. user-sessions creates (and removes) /run/nologin, but also removes /etc/nologin. (This behaviour is unchanged since the introduction of the binary in e92787416c691c3f34f47349e5eae3fa68eae856.) By not removing pam_nologin we fully drop compatibility with PAM < 1.1. This has the advantage that now /etc/nologin can be used by administrator to disable user logins, e.g. for extended maintanance. We already specified PAM >= 1.1.2 as dependency, so this was already covered. The makes the code match the man page. Fixes #26965.
* tree-wide: enable colorized logging for daemons when run in consoleYu Watanabe2021-01-311-1/+1
| | | | It may be useful when debugging daemons.
* license: LGPL-2.1+ -> LGPL-2.1-or-laterYu Watanabe2020-11-091-1/+1
|
* Make failures of mac_selinux_init() fatalChristian Göttsche2020-06-231-1/+3
|
* headers: remove unneeded includes from util.hZbigniew Jędrzejewski-Szmek2019-03-271-1/+3
| | | | | This means we need to include many more headers in various files that simply included util.h before, but it seems cleaner to do it this way.
* tree-wide: add whitespace between type and variable nameYu Watanabe2018-12-041-1/+1
|
* coccinelle: make use of SYNTHETIC_ERRNOZbigniew Jędrzejewski-Szmek2018-11-221-6/+4
| | | | | | | | | | | Ideally, coccinelle would strip unnecessary braces too. But I do not see any option in coccinelle for this, so instead, I edited the patch text using search&replace to remove the braces. Unfortunately this is not fully automatic, in particular it didn't deal well with if-else-if-else blocks and ifdefs, so there is an increased likelikehood be some bugs in such spots. I also removed part of the patch that coccinelle generated for udev, where we returns -1 for failure. This should be fixed independently.
* Call mac_selinux_close() from main func macros, convert user-sessions and ↵Zbigniew Jędrzejewski-Szmek2018-11-211-11/+11
| | | | test-udev
* log: introduce new helper call log_setup_service()Lennart Poettering2018-11-201-3/+1
| | | | | Let's reduce the common boilerplate and have a single setup function used by all service code to setup logging.
* tree-wide: remove Lennart's copyright linesLennart Poettering2018-06-141-3/+0
| | | | | | | | | | | These lines are generally out-of-date, incomplete and unnecessary. With SPDX and git repository much more accurate and fine grained information about licensing and authorship is available, hence let's drop the per-file copyright notice. Of course, removing copyright lines of others is problematic, hence this commit only removes my own lines and leaves all others untouched. It might be nicer if sooner or later those could go away too, making git the only and accurate source of authorship information.
* tree-wide: drop 'This file is part of systemd' blurbLennart Poettering2018-06-141-2/+0
| | | | | | | | | | | | | | | | This part of the copyright blurb stems from the GPL use recommendations: https://www.gnu.org/licenses/gpl-howto.en.html The concept appears to originate in times where version control was per file, instead of per tree, and was a way to glue the files together. Ultimately, we nowadays don't live in that world anymore, and this information is entirely useless anyway, as people are very welcome to copy these files into any projects they like, and they shouldn't have to change bits that are part of our copyright header for that. hence, let's just get rid of this old cruft, and shorten our codebase a bit.
* tree-wide: drop license boilerplateZbigniew Jędrzejewski-Szmek2018-04-061-13/+0
| | | | | | | | | | Files which are installed as-is (any .service and other unit files, .conf files, .policy files, etc), are left as is. My assumption is that SPDX identifiers are not yet that well known, so it's better to retain the extended header to avoid any doubt. I also kept any copyright lines. We can probably remove them, but it'd nice to obtain explicit acks from all involved authors before doing that.
* nologin: extend the /run/nologin descriptions a bit (#8244)Lennart Poettering2018-02-221-6/+3
| | | | | | | | | | | This is an attempt to improve #8228 a bit, by extending the /run/nologin a bit, but still keeping it somewhat brief. On purpose I used the vague wording "unprivileged user" rather than "non-root user" so that pam_nologin can be updated to disable its behaviour for members of the "wheel" group one day, and our messages would still make sense. See #8228.
* user-sessions: let's simplify our code paths a bitLennart Poettering2018-02-211-9/+6
| | | | | | | Let's always go through mac_selinux_finish(), by making our success/failure codepaths more alike. This also saves a few lines of code. Yay!
* login,user-sessions: always warn when we fail to remove nologin fileZbigniew Jędrzejewski-Szmek2018-02-161-21/+5
| | | | | | | This usually is very annoying to users who then cannot log in, so make sure we always warn if that happens (selinux, or whatever other reason). This reverts a790812cb349c5cef95d1b4a20fc80ca08d3a145.
* Add SPDX license identifiers to source files under the LGPLZbigniew Jędrzejewski-Szmek2017-11-191-0/+1
| | | | | This follows what the kernel is doing, c.f. https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=5fd54ace4721fc5ce2bb5aef6318fcf17f421460.
* build-sys: drop automake supportZbigniew Jędrzejewski-Szmek2017-07-181-1/+0
| | | | | v2: - also mention m4
* selinux: always try to load the full selinux dbZbigniew Jędrzejewski-Szmek2016-03-021-1/+1
| | | | | https://github.com/systemd/systemd/pull/2508#issuecomment-190901170 Maybe fixes https://bugzilla.redhat.com/show_bug.cgi?id=1308771.
* tree-wide: remove Emacs lines from all filesDaniel Mack2016-02-101-2/+0
| | | | | This should be handled fine now by .dir-locals.el, so need to carry that stuff in every file.
* user-sessions: make sure /run/nologin has correct SELinux labelMichal Sekletar2015-12-041-1/+7
|
* util-lib: split our string related calls from util.[ch] into its own file ↵Lennart Poettering2015-10-241-2/+3
| | | | | | | | | | | | | | string-util.[ch] There are more than enough calls doing string manipulations to deserve its own files, hence do something about it. This patch also sorts the #include blocks of all files that needed to be updated, according to the sorting suggestions from CODING_STYLE. Since pretty much every file needs our string manipulation functions this effectively means that most files have sorted #include blocks now. Also touches a few unrelated include files.
* tree-wide: drop {} from one-line if blocksLennart Poettering2015-09-091-2/+1
| | | | Patch via coccinelle.
* tree-wide: make use of log_error_errno() return valueLennart Poettering2015-09-091-2/+2
| | | | | | | | | | | | | | | | | | | | Turns this: r = -errno; log_error_errno(errno, "foo"); into this: r = log_error_errno(errno, "foo"); and this: r = log_error_errno(errno, "foo"); return r; into this: return log_error_errno(errno, "foo");
* user-sessions: fix write_string_file() falloutDaniel Mack2015-07-211-1/+1
| | | | | | | | WRITE_STRING_FILE_ATOMIC is only valid if WRITE_STRING_FILE_CREATE is also given. IOW, an atomic file write operation is only possible when creating a file is also being asked for. This is a regression from the recent write_string_file() rework.
* fileio: consolidate write_string_file*()Daniel Mack2015-07-071-1/+1
| | | | | | | Merge write_string_file(), write_string_file_no_create() and write_string_file_atomic() into write_string_file() and provide a flags mask that allows combinations of atomic writing, newline appending and automatic file creation. Change all users accordingly.
* user-sessions: move into own subdir and build independently of logindIvan Shapovalov2015-02-272-0/+81
Suggested by Zbyszek on IRC. [zj: /run/nologin is used with PAM. systemd-user-session is independent of logind.]
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-29 14:26:16 +0100