date:20131115

On 15.11.2013 10:59, Dennis Semakin wrote:
 Guys, guys, it's quite simple actually.
 
 Identification is an assignment of subjects or objects the identificator. 
 E.g.: login, ID card, fingerprints, retina of the eye...

Yes.

 Authentication is a process of comparision between given users password, his 
 ID(identificator) and the password from database, for example.

Yes.

 Authorization is Identification plus Authentication

No.
Authorization is a process of determining permissions of subjects, usually 
based on
identification data and access rules.

Ie when you typing sudo password and sudo check its hash, this is 
authentication.
Now sudo knows that you (user working with system) is you are (UID of your
shell's process), this is identification.
When sudo checks your permissions to run some programs via sudo in 
/etc/sudoers,
this is authorization.

Authentication and identification in this case based on user's UID and him 
password,
and also on data from /etc/shadow. Identification is result of successful 
authentication.
OTOH, authorization based on rules from /etc/sudoers and identification data.
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [PATCH 02/28] dhcp: Add DHCP client initialization

Hi,

On Thu, 2013-11-14 at 01:01 +0100, Lennart Poettering wrote:

 Hmm, struct in_addr contains nothing but a uint32_t. It really
 sounds
 overkill allocating such a structure individually on the
 stack. Shouldn't this structure be directly inside DHCPClient? Or
 actually, do we really want to use struct in_addr at all? It sounds so
 useless, a uint_32_t sounds so much simpler, and easier to use... 

Agree, uint32_t is much simpler here in the DHCPv4 case. For v6
something like a struct is needed, but that's another and later story.

Cheers,

Patrik


___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [PATCH 05/28] dhcp: Add option appending and parsing

On Thu, 2013-11-14 at 01:06 +0100, Lennart Poettering wrote:
 
  +int __dhcp_option_append(uint8_t **buf, int *buflen, uint8_t code,
  + uint8_t optlen, void *optval);
  +
 
 The __ prefix is actually private property by the C compiler,
 according to ANSI C. Please do not define your own symbols in this
 namespace. (Also why even?)

Freudian slip, used in other projects related to ConnMan... will fix.

Cheers,

Patrik


___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [PATCH 15/28] dhcp: Add example DHCP client test program

On Thu, 2013-11-14 at 01:22 +0100, Lennart Poettering wrote:
 
 Also, rtnl sounds the better option. And if not, then this call
 appears
 to be totally identical to glibc's ifname_to_index(), no? Better use
 that then...

This is only part of the example DHCP test client. It's usefulness is
restricted to get DHCP messages being sent on the wire for testing
purposes, but for that purpose it's decently nice. I'm not really sure
whether the test client actually belongs here in the code in the first
place. If I go the rtnl way, someone might get the impression that this
can be
expanded to something useful which is not the intention as
systemd-network already exists.

Cheers,

Patrik


___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [PATCH 17/28] dhcp: Support seconds elapsed since start of DHCP negotiation

On Thu, 2013-11-14 at 01:23 +0100, Lennart Poettering wrote:
 
  It was noticed by Grant Erickson in ConnMan commit
  95e15c09350acf58d4707056ae2614570883ef66 that:
  
 Certain DHCP servers, such as that implemented in Mac OS X
  ( 10.7) for its Internet Sharing feature, refuse to issue
  a DHCP lease to clients that have not set a non-zero value
  in their DISCOVER or REQUEST packets.
 
 I am quite sure it would be better to add this comment to the sources
 too, there are easier to find there, and people will less likely drop
 the assignment when they revisit the code. 

RFC 2131 is a bit vague but indicates 'secs' field is a SHOULD for a
client. With that in mind I'd hope people would read the commit message
before removing code from a protocol, but I'll add a comment to make it
clear.

Cheers,

Patrik


___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [PATCH 20/28] dhcp: Add timeout and main loop support


Hi,

On Thu, 2013-11-14 at 01:30 +0100, Lennart Poettering wrote:
 
  +err = sd_event_add_monotonic(sd_event_get(s),
 next_timeout,
  + 10 * USEC_PER_MSEC,
  + client_timeout_resend,
 client,
  +
  client-timeout_resend);
 
 if you don't have a very good reason to specify the accuracy as 10ms,
 I'd always recommend to pass 0 instead, which results in the default
 accuracy of 250ms (I wouldn't be too surprised if 250ms is too
 inaccurate for this usecase, so your code might be fine, just wanted
 to
 take the opportuntine to point this out...

I tried to figure out some reasonable accuracy for sending the DHCP
messages so that hordes of clients would not trigger all at the same
time. The default 250ms seems to be a too coarse interval for this, 10ms
looked decently low enough to spread out the requests without being
overly aggressive. At some point there will be real numbers from real
use cases and the accuracy should be adjusted accordingly.

  -return client_send_discover(client, 0);
  +err = sd_event_add_monotonic(client-event,
 now(CLOCK_MONOTONIC), 0,
  + client_timeout_resend, client,
  + client-timeout_resend);
 
 Hmm, so this would immediately trigger since now is already passed,
 by
 the time you read it... Note that 0 can be used as time here too, to
 indicate that you want to be executed immediately, i.e. it indicates
 in
 this context the ealiest sensible time.

Bummer. I was thinking that the new event would be run immediately after
the current one had returned to the main loop (or actually started in
this case). The general idea was to do the resending in one place only
and keep the new event handling clear from possible interference with
the currently running one, if needed. 'now(CLOCK_MONOTONIC) + 1' would
be enough in those cases, I'd guess. But in here it'd be easier to just
call the function directly. I'll check the other related parts also.

Thanks for all the comments in getting me on track with systemd
internals. I'll update the patch set according to your and zbvszek's
comments.


Cheers,

Patrik

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] [PATCH] log: add log_errno() helper

2013-11-15 Thread David Herrmann

Syscalls may fail for a lot of reasons, but most times these errors are
unexpected (we cannot recover). Especially when dealing with device nodes
that can be revoked asynchronously, a series of syscalls may start failing
at any point. Normally, we can silently ignore errors and just bail out,
but for debugging purposes log messages are quite helpful.

The log_errno() helper can be used in such situations where we don't
expect a syscall error, but also don't want to add a custom log-message to
reduce memory-consumption. The helper just prints the file+line+func
information and the errno-content.

Usage:
  r = ioctl(fd, ..);
  if (r  0)
return log_errno();

It is basically the same as log_oom() but generic for all kernel
errno-messages. If we added a custom log-message for each syscall failure,
our .text section would increase heavily.
---
 src/shared/log.c | 5 +
 src/shared/log.h | 6 ++
 2 files changed, 11 insertions(+)

diff --git a/src/shared/log.c b/src/shared/log.c
index 8f4995a..5edb05f 100644
--- a/src/shared/log.c
+++ b/src/shared/log.c
@@ -713,6 +713,11 @@ int log_oom_internal(const char *file, int line, const 
char *func) {
 return -ENOMEM;
 }
 
+int log_errno_internal(const char *file, int line, const char *func) {
+log_meta(LOG_ERR, file, line, func, Syscall failed unexpectedly: %m);
+return -errno;
+}
+
 int log_struct_internal(
 int level,
 const char *file,
diff --git a/src/shared/log.h b/src/shared/log.h
index 0dc5c26..6f05f7c 100644
--- a/src/shared/log.h
+++ b/src/shared/log.h
@@ -116,6 +116,11 @@ int log_oom_internal(
 int line,
 const char *func);
 
+int log_errno_internal(
+const char *file,
+int line,
+const char *func);
+
 /* This modifies the buffer passed! */
 int log_dump_internal(
 int level,
@@ -151,6 +156,7 @@ do { \
 #define log_struct(level, ...) log_struct_internal(level, __FILE__, __LINE__, 
__func__, __VA_ARGS__)
 
 #define log_oom() log_oom_internal(__FILE__, __LINE__, __func__)
+#define log_errno() log_errno_internal(__FILE__, __LINE__, __func__)
 
 /* This modifies the buffer passed! */
 #define log_dump(level, buffer) log_dump_internal(level, __FILE__, __LINE__, 
__func__, buffer)
-- 
1.8.4.2

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [PATCH 20/28] dhcp: Add timeout and main loop support

2013-11-15 Thread Lennart Poettering

On Fri, 15.11.13 11:29, Patrik Flykt (patrik.fl...@linux.intel.com) wrote:

   +err = sd_event_add_monotonic(sd_event_get(s),
  next_timeout,
   + 10 * USEC_PER_MSEC,
   + client_timeout_resend,
  client,
   +
   client-timeout_resend);
  
  if you don't have a very good reason to specify the accuracy as 10ms,
  I'd always recommend to pass 0 instead, which results in the default
  accuracy of 250ms (I wouldn't be too surprised if 250ms is too
  inaccurate for this usecase, so your code might be fine, just wanted
  to
  take the opportuntine to point this out...
 
 I tried to figure out some reasonable accuracy for sending the DHCP
 messages so that hordes of clients would not trigger all at the same
 time. The default 250ms seems to be a too coarse interval for this, 10ms
 looked decently low enough to spread out the requests without being
 overly aggressive. At some point there will be real numbers from real
 use cases and the accuracy should be adjusted accordingly.

Just to take the opportunity to talk about this awesome feature of
sd-event: what the accuracy controls is a time range in which the event
will fire, that starts with the specified timeout time and lasts until
that timeout time plus the accuracy. Within that range sd-event will try
to find a good time to wake up in order to optimize power
consumption. For that it tries to move the wakeup across all processes
to the same point in time within each second, and if that point in time
does not lie within the desired range, then it will try to move it to
the same place within each 250ms. If the range doesn't allow that
either, then it will put the wakeup at the end of the desired range. The
point within the same second/the same 250ms is calculated from
/etc/machine-id which is randomized but constant for each system and
hopefully unique in the network, thus avoiding traffic floods. Putting
this together we should minimize wakeups, and if we do wakeup then we
should do work across all processes, but at different times on different
computers.

   -return client_send_discover(client, 0);
   +err = sd_event_add_monotonic(client-event,
  now(CLOCK_MONOTONIC), 0,
   + client_timeout_resend, client,
   + client-timeout_resend);
  
  Hmm, so this would immediately trigger since now is already passed,
  by
  the time you read it... Note that 0 can be used as time here too, to
  indicate that you want to be executed immediately, i.e. it indicates
  in
  this context the ealiest sensible time.
 
 Bummer. I was thinking that the new event would be run immediately after
 the current one had returned to the main loop (or actually started in
 this case). 

Yes, that is what I meant with immediately. sd-event is not recursive,
it will never dispatch an event from another event. Basically, each time
an event has been dispatched we just determine the next one to dispatch
by looking for the oldest one queued. If you specify 0 as a time the
event source is necessarily as old as an event source can be.

 The general idea was to do the resending in one place only
 and keep the new event handling clear from possible interference with
 the currently running one, if needed. 'now(CLOCK_MONOTONIC) + 1' would
 be enough in those cases, I'd guess. But in here it'd be easier to just
 call the function directly. I'll check the other related parts also.

Passing 0 for this is totally OK. My comment was about using 0 instead
of now(), since the latter is unnecessary and calls a syscall for no
point if all you need is to schedule another wakeup.

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [systemd-bugs] Russian translation for systemd

2013-11-15 Thread Juliette Tux

Fixed version, see attachment.
And I'm done with it. Too much fuss about these 70 messages. Please just
accept it, the translation is good.



On 15 November 2013 13:05, Sergey Ptashnick 0comff...@inbox.ru wrote:

 On 15.11.2013 10:59, Dennis Semakin wrote:
  Guys, guys, it's quite simple actually.
 
  Identification is an assignment of subjects or objects the
 identificator. E.g.: login, ID card, fingerprints, retina of the eye...

 Yes.

  Authentication is a process of comparision between given users password,
 his ID(identificator) and the password from database, for example.

 Yes.

  Authorization is Identification plus Authentication

 No.
 Authorization is a process of determining permissions of subjects, usually
 based on
 identification data and access rules.

 Ie when you typing sudo password and sudo check its hash, this is
 authentication.
 Now sudo knows that you (user working with system) is you are (UID of your
 shell's process), this is identification.
 When sudo checks your permissions to run some programs via sudo in
 /etc/sudoers,
 this is authorization.

 Authentication and identification in this case based on user's UID and him
 password,
 and also on data from /etc/shadow. Identification is result of successful
 authentication.
 OTOH, authorization based on rules from /etc/sudoers and identification
 data.
 ___
 systemd-devel mailing list
 systemd-devel@lists.freedesktop.org
 http://lists.freedesktop.org/mailman/listinfo/systemd-devel




-- 
С уважением, Дронова Юлия
--- /dev/null	2013-11-15 16:34:21.631096871 +0400
+++ systemd_ru.po	2013-11-15 16:52:39.328106199 +0400
@@ -0,0 +1,418 @@
+# Copyright (C) YEAR THE PACKAGE'S COPYRIGHT HOLDER
+# This file is distributed under the same license as the PACKAGE package.
+#
+# Julia Dronova juliette@gmail.com, 2013.
+msgid 
+msgstr 
+Project-Id-Version: \n
+Report-Msgid-Bugs-To: \n
+POT-Creation-Date: 2013-11-14 00:08+0400\n
+PO-Revision-Date: 2013-11-15 16:52-0500\n
+Last-Translator: Julia Dronova juliette@gmail.com\n
+Language-Team: Russian gnome-...@gnome.org\n
+Language: ru\n
+MIME-Version: 1.0\n
+Content-Type: text/plain; charset=UTF-8\n
+Content-Transfer-Encoding: 8bit\n
+Plural-Forms: nplurals=3; plural=(n%10==1  n%100!=11 ? 0 : n%10=2  n%10
+=4  (n%10010 || n%100=20) ? 1 : 2);\n
+X-Generator: Lokalize 1.5\n
+
+#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:1
+msgid Set host name
+msgstr Настроить имя системы
+
+#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:2
+msgid Authentication is required to set the local host name.
+msgstr Для настройки имени локальной системы требуется идентификация.
+
+#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:3
+msgid Set static host name
+msgstr Настроить статическое имя системы
+
+#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:4
+msgid 
+Authentication is required to set the statically configured local host name, 
+as well as the pretty host name.
+msgstr 
+Для настройки статического имени локальной системы, а также 
+значимого имени вашей машины, требуется идентификация.
+
+#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:5
+msgid Set machine information
+msgstr Настроить информацию о машине
+
+#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:6
+msgid Authentication is required to set local machine information.
+msgstr Для настройки информации о локальной машине требуется идентификация.
+
+#: ../src/locale/org.freedesktop.locale1.policy.in.h:1
+msgid Set system locale
+msgstr Настроить системную локаль
+
+#: ../src/locale/org.freedesktop.locale1.policy.in.h:2
+msgid Authentication is required to set the system locale.
+msgstr Для настройки системной локали требуется идентификация.
+
+#: ../src/locale/org.freedesktop.locale1.policy.in.h:3
+msgid Set system keyboard settings
+msgstr Настроить системные настройки клавиатуры
+
+#: ../src/locale/org.freedesktop.locale1.policy.in.h:4
+msgid Authentication is required to set the system keyboard settings.
+msgstr Для настройки системной клавиатуры требуется идентификация.
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:1
+msgid Allow applications to inhibit system shutdown
+msgstr Разрешить приложениям блокировать выключение системы.
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:2
+msgid 
+Authentication is required to allow an application to inhibit system 
+shutdown.
+msgstr 
+Чтобы разрешить приложениям блокировать выключение системы, 
+требуется идентификация.
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:3
+msgid Allow applications to delay system shutdown
+msgstr Разрешить приложениям задерживать выключение системы.
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:4
+msgid 
+Authentication is required to allow an application to delay system shutdown.
+msgstr 
+Чтобы разрешить приложениям задерживать выключение системы, 
+требуется идентификация.
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:5
+msgid Allow

Re: [systemd-devel] [PATCH] log: add log_errno() helper

2013-11-15 Thread Zbigniew Jędrzejewski-Szmek

On Fri, Nov 15, 2013 at 11:22:59AM +0100, David Herrmann wrote:
 Syscalls may fail for a lot of reasons, but most times these errors are
 unexpected (we cannot recover). Especially when dealing with device nodes
 that can be revoked asynchronously, a series of syscalls may start failing
 at any point. Normally, we can silently ignore errors and just bail out,
 but for debugging purposes log messages are quite helpful.
I'm not sold of the idea of completely generic message. If I'm sitting
in front of a failed boot, seeing only Syscall failed unexpectedly: no such
file or directory, I'm going to be pretty frustrated.
Maybe there should be a custom message argument like
ioctl AUTOFS_DEV_IOCTL_VERSION. This isn't going to increase the
footprint too much, but will help undertand bug reprots.
Or if you thyink it's too annoying to write, than maybe just
print the file name and line automatically.

Zbyszek
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] French translation for systemd

2013-11-15 Thread Antoine Lubineau


Le 14/11/2013 23:57, Sylvain Plantefeve a écrit :

+#: ../src/locale/org.freedesktop.locale1.policy.in.h:1
+msgid Set system locale
+msgstr Définir l'emplacement du système


“Définir la langue du système”

Antoine
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [PATCH] log: add log_errno() helper

2013-11-15 Thread David Herrmann

Hi

On Fri, Nov 15, 2013 at 2:33 PM, Zbigniew Jędrzejewski-Szmek
zbys...@in.waw.pl wrote:
 On Fri, Nov 15, 2013 at 11:22:59AM +0100, David Herrmann wrote:
 Syscalls may fail for a lot of reasons, but most times these errors are
 unexpected (we cannot recover). Especially when dealing with device nodes
 that can be revoked asynchronously, a series of syscalls may start failing
 at any point. Normally, we can silently ignore errors and just bail out,
 but for debugging purposes log messages are quite helpful.
 I'm not sold of the idea of completely generic message. If I'm sitting
 in front of a failed boot, seeing only Syscall failed unexpectedly: no such
 file or directory, I'm going to be pretty frustrated.
 Maybe there should be a custom message argument like
 ioctl AUTOFS_DEV_IOCTL_VERSION. This isn't going to increase the
 footprint too much, but will help undertand bug reprots.
 Or if you thyink it's too annoying to write, than maybe just
 print the file name and line automatically.

file-name and line is actually what I wanted (does log_meta() suppress
these?). Custom error-messages don't really make much sense.

For example: Assume you have a function to open an input device. The
function itself has to run a bunch of syscalls:
 - open() (open device node)
 - ioctl() (get device bits, like 10 EVIOC* ioctls)
 - write() (to initialize LED values)
These are all mostly straightforward and shouldn't fail if the device
is valid. However, they *can* fail for various reasons (daemon not
running with enough privileges, device being unplugged during
operation, ...) but it's almost impossible to detect these properly.
So we want debug/error messages.

If we now add a custom log_error() message for each of these calls,
they will be something like EVIOCGABS failed: %m. To a user this is
as helpful as syscall failed in $file:$line:$func. So I thought, we
can avoid cluttering .text with useless error-messages and just print
$file:$line:$func and %m.

Does that make sense?

Note that this obviously is only for developer error-messages. For
functions like open() it makes sense to handle it separately. A
message like cannot open /dev/$sth: Access denied even helps users,
not only developers. The log_errno() is really intended for stuff like
custom ioctls/etc.

Thanks
David
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [systemd-bugs] Russian translation for systemd

Пятница, 15 ноября 2013, 17:07 +04:00 от Juliette Tux juliette@gmail.com:
Fixed version, see attachment.
And I'm done with it. Too much fuss about these 70 messages. Please just
accept it, the translation is good.

I'm sorry, but I can't agree with the last statement. This translation still
requires some polishing.

Several examples:

1. Настроить системные настройки клавиатуры
Ugly tautology (настроить настройки) can be easily avoided without distortion
of meaning: Настройка параметров клавиатуры

2. при наличии приложения, делающего запрос на блокировку
This phrase is also ugly and confusing. Maybe, при наличии приложения,
запросившего блокировку?

3. Чтобы перезагрузить систему при наличии других авторизованных в ней
пользователей
Continuing the previous discussions, authorized is not equal to logged in.
If user *can* log in into the system, he's authorized. If user actually logged
in, he is... logged in.
Maybe, несмотря на то, что в системе работают другие пользователи?

And so on.
Perhaps it would be optimal if you take my version as a basis and remove
аутентификацию from there as you like?

P.S. Maybe I'm captious. Let's ask the other native speakers. Alexander, Andrey?
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] French translation for systemd

2013-11-15 Thread Sylvain Plantefeve

Fixed.

---
--- /dev/null
+++ b/po/fr.po
@@ -0,0 +1,397 @@
+# French translations for systemd package
+# Traductions françaises du paquet systemd.
+# This file is distributed under the same license as the systemd package.
+# Sylvain Plantefève sylvain.plantef...@gmail.com, 2013.
+#
+msgid 
+msgstr 
+Project-Id-Version: systemd\n
+Report-Msgid-Bugs-To: \n
+POT-Creation-Date: 2013-11-14 17:49+0100\n
+PO-Revision-Date: 2013-11-14 17:57+0100\n
+Last-Translator: Sylvain Plantefève sylvain.plantef...@gmail.com\n
+Language-Team: French\n
+Language: fr\n
+MIME-Version: 1.0\n
+Content-Type: text/plain; charset=UTF-8\n
+Content-Transfer-Encoding: 8bit\n
+Plural-Forms: nplurals=2; plural=(n  1);\n
+
+#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:1
+msgid Set host name
+msgstr Définir le nom d'hôte
+
+#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:2
+msgid Authentication is required to set the local host name.
+msgstr Authentification requise pour définir le nom d'hôte local.
+
+#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:3
+msgid Set static host name
+msgstr Définir le nom d'hôte statique
+
+#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:4
+msgid 
+Authentication is required to set the statically configured local host
name, 
+as well as the pretty host name.
+msgstr 
+Authentification requise pour définir le nom d'hôte local de manière
statique, 
+tout comme le nom d'hôte familier.
+
+#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:5
+msgid Set machine information
+msgstr Définir les informations sur la machine
+
+#: ../src/hostname/org.freedesktop.hostname1.policy.in.h:6
+msgid Authentication is required to set local machine information.
+msgstr 
+Authentification requise pour définir les informations sur la machine
locale.
+
+#: ../src/locale/org.freedesktop.locale1.policy.in.h:1
+msgid Set system locale
+msgstr Définir la langue du système
+
+#: ../src/locale/org.freedesktop.locale1.policy.in.h:2
+msgid Authentication is required to set the system locale.
+msgstr Authentification requise pour définir la langue du système.
+
+#: ../src/locale/org.freedesktop.locale1.policy.in.h:3
+msgid Set system keyboard settings
+msgstr Définir les paramètres de clavier du système
+
+#: ../src/locale/org.freedesktop.locale1.policy.in.h:4
+msgid Authentication is required to set the system keyboard settings.
+msgstr Authentification requise pour définir les paramètres de clavier du
système.
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:1
+msgid Allow applications to inhibit system shutdown
+msgstr Permet aux applications d'empêcher l'arrêt du système
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:2
+msgid 
+Authentication is required to allow an application to inhibit system 
+shutdown.
+msgstr 
+Authentification requise pour permettre à une application d'empêcher
l'arrêt 
+du système.
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:3
+msgid Allow applications to delay system shutdown
+msgstr Permet aux applications de retarder l'arrêt du système
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:4
+msgid 
+Authentication is required to allow an application to delay system
shutdown.
+msgstr 
+Authentification requise pour permettre à une application de retarder
l'arrêt 
+du système.
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:5
+msgid Allow applications to inhibit system sleep
+msgstr Permet aux applications d'empêcher la mise en veille du système
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:6
+msgid 
+Authentication is required to allow an application to inhibit system
sleep.
+msgstr 
+Authentification requise pour permettre à une application d'empêcher la
mise 
+en veille du système.
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:7
+msgid Allow applications to delay system sleep
+msgstr Permet aux applications de retarder la mise en veille du système
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:8
+msgid 
+Authentication is required to allow an application to delay system sleep.
+msgstr 
+Authentification requise pour permettre à une application de retarder la
mise 
+en veille du système.
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:9
+msgid Allow applications to inhibit automatic system suspend
+msgstr Permet aux applications d'empêcher l'hibernation automatique du
système
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:10
+msgid 
+Authentication is required to allow an application to inhibit automatic 
+system suspend.
+msgstr 
+Authentification requise pour permettre à une application d'empêcher 
+l'hibernation automatique du système.
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:11
+msgid Allow applications to inhibit system handling of the power key
+msgstr Permet aux applications d'empêcher la gestion du bouton
d'alimentation 
+ du système
+
+#: ../src/login/org.freedesktop.login1.policy.in.h:12
+msgid 
+Authentication is required to allow an application to inhibit system 
+handling of the

Re: [systemd-devel] [systemd-bugs] Russian translation for systemd

2013-11-15 Thread Alexander E. Patrakov

2013/11/15 Sergey Ptashnick 0comff...@inbox.ru:
Пятница, 15 ноября 2013, 17:07 +04:00 от Juliette Tux
juliette@gmail.com:
Fixed version, see attachment.
And I'm done with it. Too much fuss about these 70 messages. Please just
accept it, the translation is good.

I'm sorry, but I can't agree with the last statement. This translation still
requires some polishing.

Several examples:

Right.

Yes, this is shorter and has the same meaning.

3. Чтобы перезагрузить систему при наличии других авторизованных в ней
пользователей
Continuing the previous discussions, authorized is not equal to logged in.
If user *can* log in into the system, he's authorized. If user actually
logged in, he is... logged in.
Maybe, несмотря на то, что в системе работают другие пользователи?

Yes.

Perhaps it would be optimal if you take my version as a basis and remove
аутентификацию from there as you like?

P.S. Maybe I'm captious. Let's ask the other native speakers. Alexander,
Andrey?

As a would-be manager, I would ask just one thing: who is ready to
maintain the translation if new translatable strings are added to
systemd? The And I'm done with it indicates that the original
submitter is likely not ready for that.

As for the translation itself, from my own viewpoint, it is not good
enough to be a final version, but good enough to be commited in a
disabled state so that others can improve it. It is not a problem that
we can't make a perfect translation in just one commit.

--
Alexander E. Patrakov
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [systemd-bugs] Russian translation for systemd

2013-11-15 Thread Juliette Tux

On 15 November 2013 19:34, Alexander E. Patrakov patra...@gmail.com wrote:

 As a would-be manager, I would ask just one thing: who is ready to
 maintain the translation if new translatable strings are added to
 systemd? The And I'm done with it indicates that the original
 submitter is likely not ready for that.


 And I'm done with it indicates that for NOW I'm done arguing. You guys
are way too smart for me.
But:
Hint — before making any conclusion, better ask first.
Hint2 — I'm commiting alot, and the moment the new version is out, good
developers usually make an announcement asking for renewed translation. Do
you practice this at systemd?
Hint3 — do your job, do not steal others's job

Love you all.
_
best regards,
Julia Dronova
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [PATCH] log: add log_errno() helper

2013-11-15 Thread Lennart Poettering

On Fri, 15.11.13 15:26, David Herrmann (dh.herrm...@gmail.com) wrote:

 file-name and line is actually what I wanted (does log_meta() suppress
 these?). Custom error-messages don't really make much sense.
 
 For example: Assume you have a function to open an input device. The
 function itself has to run a bunch of syscalls:
  - open() (open device node)
  - ioctl() (get device bits, like 10 EVIOC* ioctls)
  - write() (to initialize LED values)
 These are all mostly straightforward and shouldn't fail if the device
 is valid. However, they *can* fail for various reasons (daemon not
 running with enough privileges, device being unplugged during
 operation, ...) but it's almost impossible to detect these properly.
 So we want debug/error messages.
 
 If we now add a custom log_error() message for each of these calls,
 they will be something like EVIOCGABS failed: %m. To a user this is
 as helpful as syscall failed in $file:$line:$func. So I thought, we
 can avoid cluttering .text with useless error-messages and just print
 $file:$line:$func and %m.

They might not be helpful to the user, but they are for the developer
who the user complains to. Much unlike the file/line which is highly
dependent on the version you have built. 

I don't think we really need to optimize the log messages on error
away. Doing log_error(EVIOCGABS: %m) doesn't look like too much. 

 
 Does that make sense?
 
 Note that this obviously is only for developer error-messages. For
 functions like open() it makes sense to handle it separately. A
 message like cannot open /dev/$sth: Access denied even helps users,
 not only developers. The log_errno() is really intended for stuff like
 custom ioctls/etc.

I'd side with Zbsyzek here... It's difficult to draw a line between user
and developer messages, and people frequently are somewhat in the middle
of it too (i think those folks are called devops these days ;-).

I am pretty sure we should keep proper log messages for these cases
too. You can keep them terse of course, they'd don't need to have the
highest quality of proper sentences, but they should give an educated
man an idea what failed without him having to figure out the version of
the binary and then look into the sources...

Lennart

-- 
Lennart Poettering, Red Hat
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [systemd-bugs] Russian translation for systemd

 Fri, 15 november 2013, 21:34 +06:00 from Alexander E. Patrakov  
patra...@gmail.com :
As a would-be manager, I would ask just one thing: who is ready to
maintain the translation if new translatable strings are added to
systemd? 

As for me, I'll try to keep an eye on the po/pl.po (and also 
catalog/systemd.catalog') 
in git and send patches here when something changes.

/* Hmm, I see that systemd.catalog already changed since Mar 2013. 
If developers are going to commit russian translation for systemd catalog, 
I'll work on this.*/

As for the translation itself, from my own viewpoint, it is not good
enough to be a final version, but good enough to be commited in a
disabled state so that others can improve it. It is not a problem that
we can't make a perfect translation in just one commit.

IMHO, to ensure the high quality of translation, we must take into account a 
several 
points of view. For that, we need:
1. Several (more than one) translators and editors who're ready to work on that.
2. A place for discussion - mailing list/Jabber conference/IRC channel, where 
we can discuss and polish the translation. When the final version will be 
ready, 
we'll send it here like other patches.
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [systemd-bugs] Russian translation for systemd

2013-11-15 Thread Juliette Tux

General conclusion: there is no translation -- nobody cares.
Poor naive person comes sayin 'here is the translation, take and use it' --
the very smart Russain guys start doing what...? Right.
1) they will try to destroy poor naive translator and the transaltion
itself 2) they will try to talk and look even smarter and will duscuss in
very smart way how they would maintain the translation 3) they would never
maintain the translation, leaving everything destroyed

:)


On 15 November 2013 19:45, Juliette Tux juliette@gmail.com wrote:


 On 15 November 2013 19:34, Alexander E. Patrakov patra...@gmail.comwrote:

 As a would-be manager, I would ask just one thing: who is ready to
 maintain the translation if new translatable strings are added to
 systemd? The And I'm done with it indicates that the original
 submitter is likely not ready for that.


  And I'm done with it indicates that for NOW I'm done arguing. You guys
 are way too smart for me.
 But:
 Hint -- before making any conclusion, better ask first.
 Hint2 -- I'm commiting alot, and the moment the new version is out, good
 developers usually make an announcement asking for renewed translation. Do
 you practice this at systemd?
 Hint3 -- do your job, do not steal others's job

 Love you all.
 _
 best regards,
 Julia Dronova




-- 
С уважением, Дронова Юлия
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] [PATCH 4/7] libsystemd-bus: add kdbus support for sd_bus_get_owner(|_pid|_uid)

Introduce kdbus_name_info as internal helper to make the actual ioctl()
to kdbus.
---
 src/libsystemd-bus/bus-control.c | 153 +++
 1 file changed, 107 insertions(+), 46 deletions(-)

diff --git a/src/libsystemd-bus/bus-control.c b/src/libsystemd-bus/bus-control.c
index 562513b..28adebd 100644
--- a/src/libsystemd-bus/bus-control.c
+++ b/src/libsystemd-bus/bus-control.c
@@ -256,9 +256,42 @@ retry:
 return 0;
 }
 
+static int kdbus_name_info(sd_bus *b, const char *name, struct 
kdbus_cmd_name_info **info) {
+
+struct kdbus_cmd_name_info *i;
+struct kdbus_item *item;
+size_t slen, size;
+int r;
+
+slen = strlen(name) + 1;
+
+/* The structure is used for both directions. Hence, it has to be able
+ * to acommodate both the request and the reply.  */
+size = MAX(b-name_query_min_size, ALIGN8(sizeof(*info) + 
KDBUS_ITEM_SIZE(slen)));
+i = malloc0(size);
+if (!i)
+return -ENOMEM;
+
+i-size = size;
+
+item = i-items;
+item-type = KDBUS_NAME_INFO_ITEM_NAME;
+item-size = KDBUS_ITEM_SIZE(slen);
+strcpy(item-str, name);
+
+r = ioctl(sd_bus_get_fd(b), KDBUS_CMD_NAME_QUERY, i);
+if (r  0)
+return -errno;
+
+*info = i;
+
+return 0;
+}
+
 _public_ int sd_bus_get_owner(sd_bus *bus, const char *name, char **owner) {
 _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
-const char *found;
+_cleanup_free_ struct kdbus_cmd_name_info *info = NULL;
+char *found;
 int r;
 
 assert_return(bus, -EINVAL);
@@ -266,22 +299,32 @@ _public_ int sd_bus_get_owner(sd_bus *bus, const char 
*name, char **owner) {
 assert_return(BUS_IS_OPEN(bus-state), -ENOTCONN);
 assert_return(!bus_pid_changed(bus), -ECHILD);
 
-r = sd_bus_call_method(
-bus,
-org.freedesktop.DBus,
-/,
-org.freedesktop.DBus,
-GetNameOwner,
-NULL,
-reply,
-s,
-name);
-if (r  0)
-return r;
+if (bus-is_kernel) {
+r = kdbus_name_info(bus, name, info);
+if (r  0)
+return r;
 
-r = sd_bus_message_read(reply, s, found);
-if (r  0)
-return r;
+r = asprintf(found, :1.%llu, (unsigned long long) info-id);
+if (r  0)
+return log_oom();
+} else {
+r = sd_bus_call_method(
+bus,
+org.freedesktop.DBus,
+/,
+org.freedesktop.DBus,
+GetNameOwner,
+NULL,
+reply,
+s,
+name);
+if (r  0)
+return r;
+
+r = sd_bus_message_read(reply, s, found);
+if (r  0)
+return r;
+}
 
 if (owner) {
 char *t;
@@ -298,6 +341,7 @@ _public_ int sd_bus_get_owner(sd_bus *bus, const char 
*name, char **owner) {
 
 _public_ int sd_bus_get_owner_uid(sd_bus *bus, const char *name, uid_t *uid) {
 _cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
+_cleanup_free_ struct kdbus_cmd_name_info *info = NULL;
 uint32_t u;
 int r;
 
@@ -312,22 +356,30 @@ _public_ int sd_bus_get_owner_uid(sd_bus *bus, const char 
*name, uid_t *uid) {
 if (bus_pid_changed(bus))
 return -ECHILD;
 
-r = sd_bus_call_method(
-bus,
-org.freedesktop.DBus,
-/,
-org.freedesktop.DBus,
-GetConnectionUnixUser,
-NULL,
-reply,
-s,
-name);
-if (r  0)
-return r;
+if (bus-kernel) {
+r = kdbus_name_info(bus, name, info);
+if (r  0)
+return r;
 
-r = sd_bus_message_read(reply, u, u);
-if (r  0)
-return r;
+u = info-creds.uid;
+} else {
+r = sd_bus_call_method(
+bus,
+org.freedesktop.DBus,
+/,
+org.freedesktop.DBus,
+GetConnectionUnixUser,
+NULL,
+reply,
+s,
+

[systemd-devel] [PATCH 2/7] libsystemd-bus: query minimum buffer size for KDBUS_CMD_NAME_QUERY

When starting in kernel mode, determine the minimum buffer size for
subsequent KDBUS_CMD_NAME_QUERY calls. The value returned by kdbus is
dependant on kernel config settings and may vary from system to system
and also in the future, but it is fix for a bus lifetime.
---
 src/libsystemd-bus/bus-internal.h |  3 +++
 src/libsystemd-bus/bus-kernel.c   | 11 +++
 2 files changed, 14 insertions(+)

diff --git a/src/libsystemd-bus/bus-internal.h 
b/src/libsystemd-bus/bus-internal.h
index 4f9d941..088bdad 100644
--- a/src/libsystemd-bus/bus-internal.h
+++ b/src/libsystemd-bus/bus-internal.h
@@ -226,6 +226,9 @@ struct sd_bus {
 
 void *kdbus_buffer;
 
+/* Minimum buffer size for KDBUS_CMD_NAME_QUERY calls */
+size_t name_query_min_size;
+
 /* We do locking around the memfd cache, since we want to
  * allow people to process a sd_bus_message in a different
  * thread then it was generated on and free it there. Since
diff --git a/src/libsystemd-bus/bus-kernel.c b/src/libsystemd-bus/bus-kernel.c
index 3ea85d4..94eabfc 100644
--- a/src/libsystemd-bus/bus-kernel.c
+++ b/src/libsystemd-bus/bus-kernel.c
@@ -314,6 +314,7 @@ fail:
 
 int bus_kernel_take_fd(sd_bus *b) {
 struct kdbus_cmd_hello hello;
+struct kdbus_cmd_name_info dummy_info;
 int r;
 
 assert(b);
@@ -356,6 +357,16 @@ int bus_kernel_take_fd(sd_bus *b) {
 b-bus_client = true;
 b-can_fds = !!(hello.conn_flags  KDBUS_HELLO_ACCEPT_FD);
 
+/* Send a NAME_QUERY with an empty info struct. That will tell us the
+ * size of the return buffer that we have to provide for future name
+ * queries.  */
+zero(dummy_info);
+r = ioctl(b-input_fd, KDBUS_CMD_NAME_QUERY, dummy_info);
+if (r  0  errno != EMSGSIZE)
+return -errno;
+
+b-name_query_min_size = dummy_info.size;
+
 r = bus_start_running(b);
 if (r  0)
 return r;
-- 
1.8.4.2

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] [PATCH 1/7] libsystemd-bus: bring definitions in sync with kdbus

In particular, KDBUS_ITEM_NEXT is now called KDBUS_PART_NEXT, and
KDBUS_ITEM_FOREACH was renamed to KDBUS_PART_FOREACH and takes one more
argument to make it more flexible.
---
 src/libsystemd-bus/bus-control.c |  2 +-
 src/libsystemd-bus/bus-kernel.c  | 12 ++--
 src/libsystemd-bus/bus-kernel.h  | 14 +++---
 3 files changed, 14 insertions(+), 14 deletions(-)

diff --git a/src/libsystemd-bus/bus-control.c b/src/libsystemd-bus/bus-control.c
index f217269..5c9e746 100644
--- a/src/libsystemd-bus/bus-control.c
+++ b/src/libsystemd-bus/bus-control.c
@@ -468,7 +468,7 @@ int bus_add_match_internal(
 item-type = KDBUS_MATCH_BLOOM;
 memcpy(item-data64, bloom, BLOOM_SIZE);
 
-item = KDBUS_ITEM_NEXT(item);
+item = KDBUS_PART_NEXT(item);
 }
 
 if (sender) {
diff --git a/src/libsystemd-bus/bus-kernel.c b/src/libsystemd-bus/bus-kernel.c
index bf8de04..3ea85d4 100644
--- a/src/libsystemd-bus/bus-kernel.c
+++ b/src/libsystemd-bus/bus-kernel.c
@@ -409,7 +409,7 @@ static void close_kdbus_msg(sd_bus *bus, struct kdbus_msg 
*k) {
 off = (uint8_t *)k - (uint8_t *)bus-kdbus_buffer;
 ioctl(bus-input_fd, KDBUS_CMD_MSG_RELEASE, off);
 
-KDBUS_ITEM_FOREACH(d, k) {
+KDBUS_PART_FOREACH(d, k, items) {
 
 if (d-type == KDBUS_MSG_FDS)
 close_many(d-fds, (d-size - offsetof(struct 
kdbus_item, fds)) / sizeof(int));
@@ -435,7 +435,7 @@ static int bus_kernel_make_message(sd_bus *bus, struct 
kdbus_msg *k, sd_bus_mess
 if (k-payload_type != KDBUS_PAYLOAD_DBUS1)
 return 0;
 
-KDBUS_ITEM_FOREACH(d, k) {
+KDBUS_PART_FOREACH(d, k, items) {
 size_t l;
 
 l = d-size - offsetof(struct kdbus_item, data);
@@ -489,7 +489,7 @@ static int bus_kernel_make_message(sd_bus *bus, struct 
kdbus_msg *k, sd_bus_mess
 if (r  0)
 return r;
 
-KDBUS_ITEM_FOREACH(d, k) {
+KDBUS_PART_FOREACH(d, k, items) {
 size_t l;
 
 l = d-size - offsetof(struct kdbus_item, data);
@@ -668,13 +668,13 @@ int bus_kernel_create(const char *name, char **s) {
 
 l = strlen(name);
 make = alloca0(offsetof(struct kdbus_cmd_bus_make, items) +
-   KDBUS_ITEM_HEADER_SIZE + sizeof(uint64_t) +
-   KDBUS_ITEM_HEADER_SIZE + DECIMAL_STR_MAX(uid_t) + 1 + l 
+ 1);
+   KDBUS_PART_HEADER_SIZE + sizeof(uint64_t) +
+   KDBUS_PART_HEADER_SIZE + DECIMAL_STR_MAX(uid_t) + 1 + l 
+ 1);
 
 n = make-items;
 n-type = KDBUS_MAKE_NAME;
 sprintf(n-str, %lu-%s, (unsigned long) getuid(), name);
-n-size = KDBUS_ITEM_HEADER_SIZE + strlen(n-str) + 1;
+n-size = KDBUS_PART_HEADER_SIZE + strlen(n-str) + 1;
 
 make-size = offsetof(struct kdbus_cmd_bus_make, items) + n-size;
 make-flags = KDBUS_MAKE_POLICY_OPEN;
diff --git a/src/libsystemd-bus/bus-kernel.h b/src/libsystemd-bus/bus-kernel.h
index c4573c9..69df4f4 100644
--- a/src/libsystemd-bus/bus-kernel.h
+++ b/src/libsystemd-bus/bus-kernel.h
@@ -23,16 +23,16 @@
 
 #include sd-bus.h
 
-#define KDBUS_ITEM_NEXT(item) \
+#define KDBUS_PART_NEXT(item) \
 (typeof(item))(((uint8_t *)item) + ALIGN8((item)-size))
 
-#define KDBUS_ITEM_FOREACH(item, head) 
 \
-for (item = (head)-items; 
 \
- (uint8_t *)(item)  (uint8_t *)(head) + (head)-size; 
 \
- item = KDBUS_ITEM_NEXT(item))
+#define KDBUS_PART_FOREACH(part, head, first)   \
+for (part = (head)-first;  \
+ (uint8_t *)(part)  (uint8_t *)(head) + (head)-size;  \
+ part = KDBUS_PART_NEXT(part))
 
-#define KDBUS_ITEM_HEADER_SIZE offsetof(struct kdbus_item, data)
-#define KDBUS_ITEM_SIZE(s) ALIGN8((s) + KDBUS_ITEM_HEADER_SIZE)
+#define KDBUS_PART_HEADER_SIZE offsetof(struct kdbus_item, data)
+#define KDBUS_ITEM_SIZE(s) ALIGN8((s) + KDBUS_PART_HEADER_SIZE)
 
 #define MEMFD_CACHE_MAX 32
 
-- 
1.8.4.2

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] [PATCH 5/7] libsystemd-bus: add sd_bus_get_selinux_ctx() and sd_bus_get_audit_session_data()

Implementations for both org.freedesktop.DBus and kdbus are available
---
 src/libsystemd-bus/bus-control.c  | 116 ++
 src/libsystemd-bus/libsystemd-bus.sym |   2 +
 src/systemd/sd-bus.h  |   2 +
 3 files changed, 120 insertions(+)

diff --git a/src/libsystemd-bus/bus-control.c b/src/libsystemd-bus/bus-control.c
index 28adebd..55912c8 100644
--- a/src/libsystemd-bus/bus-control.c
+++ b/src/libsystemd-bus/bus-control.c
@@ -434,6 +434,122 @@ _public_ int sd_bus_get_owner_pid(sd_bus *bus, const char 
*name, pid_t *pid) {
 return 0;
 }
 
+_public_ int sd_bus_get_selinux_ctx(sd_bus *bus, const char *name, const void 
**ctx, size_t *sz) {
+_cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
+_cleanup_free_ struct kdbus_cmd_name_info *info = NULL;
+int r;
+
+if (!bus)
+return -EINVAL;
+if (!name)
+return -EINVAL;
+if (!ctx)
+return -EINVAL;
+if (!sz)
+return -EINVAL;
+if (!BUS_IS_OPEN(bus-state))
+return -ENOTCONN;
+if (bus_pid_changed(bus))
+return -ECHILD;
+
+if (bus-kernel) {
+struct kdbus_item *item;
+
+r = kdbus_name_info(bus, name, info);
+if (r  0)
+return r;
+
+KDBUS_PART_FOREACH(item, info, items) {
+if (item-type != KDBUS_NAME_INFO_ITEM_SECLABEL)
+continue;
+
+*sz = item-size - KDBUS_PART_HEADER_SIZE;
+*ctx = memdup(item-data, *sz);
+if (!*ctx)
+return log_oom();
+
+break;
+}
+} else {
+r = sd_bus_call_method(
+bus,
+org.freedesktop.DBus,
+/,
+org.freedesktop.DBus,
+GetConnectionSELinuxSecurityContext,
+NULL,
+reply,
+s,
+name);
+if (r  0)
+return r;
+
+r = sd_bus_message_read_array(reply, 'y', ctx, sz);
+if (r  0)
+return r;
+}
+
+return 0;
+}
+
+_public_ int sd_bus_get_audit_session_data(sd_bus *bus, const char *name, 
const void **data, size_t *sz) {
+_cleanup_bus_message_unref_ sd_bus_message *reply = NULL;
+_cleanup_free_ struct kdbus_cmd_name_info *info = NULL;
+int r;
+
+if (!bus)
+return -EINVAL;
+if (!name)
+return -EINVAL;
+if (!data)
+return -EINVAL;
+if (!sz)
+return -EINVAL;
+if (!BUS_IS_OPEN(bus-state))
+return -ENOTCONN;
+if (bus_pid_changed(bus))
+return -ECHILD;
+
+if (bus-kernel) {
+struct kdbus_item *item;
+
+r = kdbus_name_info(bus, name, info);
+if (r  0)
+return r;
+
+KDBUS_PART_FOREACH(item, info, items) {
+if (item-type != KDBUS_NAME_INFO_ITEM_AUDIT)
+continue;
+
+*sz = item-size - KDBUS_PART_HEADER_SIZE;
+*data = memdup(item-data, *sz);
+if (!*data)
+return log_oom();
+
+break;
+}
+} else {
+r = sd_bus_call_method(
+bus,
+org.freedesktop.DBus,
+/,
+org.freedesktop.DBus,
+GetAdtAuditSessionData,
+NULL,
+reply,
+s,
+name);
+if (r  0)
+return r;
+
+r = sd_bus_message_read_array(reply, 'y', data, sz);
+if (r  0)
+return r;
+}
+
+return 0;
+}
+
 int bus_add_match_internal(
 sd_bus *bus,
 const char *match,
diff --git a/src/libsystemd-bus/libsystemd-bus.sym 
b/src/libsystemd-bus/libsystemd-bus.sym
index f1abf01..7952dc5 100644
--- a/src/libsystemd-bus/libsystemd-bus.sym
+++ b/src/libsystemd-bus/libsystemd-bus.sym
@@ -173,6 +173,8 @@ global:
 sd_bus_get_owner;
 sd_bus_get_owner_uid;
 sd_bus_get_owner_pid;
+sd_bus_get_selinux_ctx;
+sd_bus_get_audit_session_data;
 sd_bus_get_owner_machine_id;

[systemd-devel] [PATCH 7/7] systemd-stdio-bridge: make it socket-activatable and usable as kdbus bridge

Augment systemd-stdio-bridge a bit to make it a 1:1 bridge from legacy
DBus clients to kdbus. In particular,

 * allow setting the bus path of the upstream bus as command line
   argument
 * use sd_listen_fds() for systemd's socket activation
 * omit calling sd_bus_negotiate_fds() when upstream bus is kdbus
 * reply to bus send errors with proper dbus error messages
 * treat -ECONNRESET as expected end-of-connection condition
---
 src/stdio-bridge/stdio-bridge.c | 116 +---
 1 file changed, 98 insertions(+), 18 deletions(-)

diff --git a/src/stdio-bridge/stdio-bridge.c b/src/stdio-bridge/stdio-bridge.c
index 07218e9..f16a146 100644
--- a/src/stdio-bridge/stdio-bridge.c
+++ b/src/stdio-bridge/stdio-bridge.c
@@ -28,6 +28,7 @@
 #include errno.h
 #include sys/poll.h
 #include stddef.h
+#include getopt.h
 
 #include log.h
 #include util.h
@@ -37,25 +38,99 @@
 #include bus-internal.h
 #include bus-message.h
 #include bus-util.h
+#include build.h
+
+const char *arg_bus_path = unix:path=/run/dbus/system_bus_socket;
+
+static int help(void) {
+
+printf(%s [OPTIONS...]\n\n
+   Query or change system hostname.\n\n
+ -h --help  Show this help\n
+--version   Show package version\n
+--bus-path  Path to the kernel bus (default: 
%s)\n,
+   program_invocation_short_name, arg_bus_path);
+
+return 0;
+}
+
+static int parse_argv(int argc, char *argv[]) {
+
+enum {
+ARG_VERSION = 0x100,
+};
+
+static const struct option options[] = {
+{ help,no_argument,   NULL, 'h' },
+{ bus-path,required_argument, NULL, 'p' },
+{ NULL,  0, NULL, 0   }
+};
+
+int c;
+
+assert(argc = 0);
+assert(argv);
+
+while ((c = getopt_long(argc, argv, hsup:, options, NULL)) = 0) {
+
+switch (c) {
+
+case 'h':
+help();
+return 0;
+
+case ARG_VERSION:
+puts(PACKAGE_STRING);
+puts(SYSTEMD_FEATURES);
+return 0;
+
+case '?':
+return -EINVAL;
+
+case 'p':
+arg_bus_path = optarg;
+break;
+
+default:
+log_error(Unknown option code %c, c);
+return -EINVAL;
+}
+}
+
+return 1;
+}
 
 int main(int argc, char *argv[]) {
 _cleanup_bus_unref_ sd_bus *a = NULL, *b = NULL;
 sd_id128_t server_id;
 bool is_unix;
-int r;
-
-if (argc  1) {
-log_error(This program takes no argument.);
-return EXIT_FAILURE;
-}
+int r, in_fd, out_fd;
 
 log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
 log_parse_environment();
 log_open();
 
+r = parse_argv(argc, argv);
+if (r = 0)
+goto finish;
+
+r = sd_listen_fds(0);
+switch (r) {
+case 0:
+in_fd = STDIN_FILENO;
+out_fd = STDOUT_FILENO;
+break;
+case 1:
+in_fd = SD_LISTEN_FDS_START;
+out_fd = SD_LISTEN_FDS_START;
+break;
+default:
+goto finish;
+}
+
 is_unix =
-sd_is_socket(STDIN_FILENO, AF_UNIX, 0, 0)  0 
-sd_is_socket(STDOUT_FILENO, AF_UNIX, 0, 0)  0;
+sd_is_socket(in_fd, AF_UNIX, 0, 0)  0 
+sd_is_socket(out_fd, AF_UNIX, 0, 0)  0;
 
 r = sd_bus_new(a);
 if (r  0) {
@@ -63,16 +138,18 @@ int main(int argc, char *argv[]) {
 goto finish;
 }
 
-r = sd_bus_set_address(a, unix:path=/run/dbus/system_bus_socket);
+r = sd_bus_set_address(a, arg_bus_path);
 if (r  0) {
 log_error(Failed to set address to connect to: %s, 
strerror(-r));
 goto finish;
 }
 
-r = sd_bus_negotiate_fds(a, is_unix);
-if (r  0) {
-log_error(Failed to set FD negotiation: %s, strerror(-r));
-goto finish;
+if (!startswith(arg_bus_path, kernel:)) {
+r = sd_bus_negotiate_fds(a, is_unix);
+if (r  0) {
+log_error(Failed to set FD negotiation: %s, 
strerror(-r));
+goto finish;
+}
 }
 
 r = sd_bus_start(a);
@@ -93,7 +170,7 @@ int main(int argc, char *argv[]) {
 goto finish;
 }
 
-r = sd_bus_set_fd(b, STDIN_FILENO, STDOUT_FILENO);
+r = sd_bus_set_fd(b, in_fd, out_fd);
 if (r  0) {

[systemd-devel] [PATCH 0/7] kdbus related libsystemd-bus patches

I'm currently working on a way to connect traditional DBus clients to
kdbus. Here are some patches that can already be merged.

What's missing and still under development is a service that provides
org.freedesktop.DBus on kdbus, and which translates the native interface
to calls in libsystemd-bus. This almost works now, but there are some
missing pieces in libsystemd-bus which need to be done first.

The actual socket connection is surprisingly simple, and can be done
with the sdio-bridge which I augmented a bit for that use case.


Thanks,
Daniel

Daniel Mack (7):
  libsystemd-bus: bring definitions in sync with kdbus
  libsystemd-bus: query minimum buffer size for KDBUS_CMD_NAME_QUERY
  libsystemd-bus: add kdbus support for sd_bus_list_names()
  libsystemd-bus: add kdbus support for sd_bus_get_owner(|_pid|_uid)
  libsystemd-bus: add sd_bus_get_selinux_ctx() and
sd_bus_get_audit_session_data()
  libsystemd-bus: gracefully handle 0-sized payload vectors
  systemd-stdio-bridge: make it socket-activatable and usable as kdbus
bridge

 src/libsystemd-bus/bus-control.c  | 371 ++
 src/libsystemd-bus/bus-internal.h |   3 +
 src/libsystemd-bus/bus-kernel.c   |  27 ++-
 src/libsystemd-bus/bus-kernel.h   |  14 +-
 src/libsystemd-bus/libsystemd-bus.sym |   2 +
 src/stdio-bridge/stdio-bridge.c   | 116 +--
 src/systemd/sd-bus.h  |   2 +
 7 files changed, 424 insertions(+), 111 deletions(-)

-- 
1.8.4.2

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] [PATCH 6/7] libsystemd-bus: gracefully handle 0-sized payload vectors

Such messages arise when 1:1-bridging legacy clients to kdbus.
---
 src/libsystemd-bus/bus-kernel.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/libsystemd-bus/bus-kernel.c b/src/libsystemd-bus/bus-kernel.c
index 94eabfc..6626db1 100644
--- a/src/libsystemd-bus/bus-kernel.c
+++ b/src/libsystemd-bus/bus-kernel.c
@@ -52,7 +52,9 @@ int bus_kernel_parse_unique_name(const char *s, uint64_t *id) 
{
 
 static void append_payload_vec(struct kdbus_item **d, const void *p, size_t 
sz) {
 assert(d);
-assert(sz  0);
+
+if (sz == 0)
+return;
 
 *d = ALIGN8_PTR(*d);
 
-- 
1.8.4.2

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

[systemd-devel] [PATCH 3/7] libsystemd-bus: add kdbus support for sd_bus_list_names()

kdbus will tell us the minimum buffer size it needs in case the default
8kb buffer doesn't suffice.
---
 src/libsystemd-bus/bus-control.c | 100 ++-
 1 file changed, 68 insertions(+), 32 deletions(-)

diff --git a/src/libsystemd-bus/bus-control.c b/src/libsystemd-bus/bus-control.c
index 5c9e746..562513b 100644
--- a/src/libsystemd-bus/bus-control.c
+++ b/src/libsystemd-bus/bus-control.c
@@ -180,43 +180,79 @@ _public_ int sd_bus_list_names(sd_bus *bus, char ***l) {
 if (bus_pid_changed(bus))
 return -ECHILD;
 
-r = sd_bus_call_method(
-bus,
-org.freedesktop.DBus,
-/,
-org.freedesktop.DBus,
-ListNames,
-NULL,
-reply1,
-NULL);
-if (r  0)
-return r;
+if (bus-is_kernel) {
+_cleanup_free_ struct kdbus_cmd_names *names = NULL;
+struct kdbus_cmd_name *name;
+size_t size;
+
+/* assume 8k size first. If that doesn't suffice, kdbus will 
tell us
+ * how big the buffer needs to be.  */
+size = 8192;
+
+retry:
+names = realloc(names, size);
+if (!names)
+return log_oom();
+
+names-size = size;
+
+r = ioctl(sd_bus_get_fd(bus), KDBUS_CMD_NAME_LIST, names);
+if (r  0) {
+if (errno == ENOBUFS  size != names-size) {
+size = names-size;
+goto retry;
+}
 
-r = sd_bus_call_method(
-bus,
-org.freedesktop.DBus,
-/,
-org.freedesktop.DBus,
-ListActivatableNames,
-NULL,
-reply2,
-NULL);
-if (r  0)
-return r;
+return -errno;
+}
 
-r = bus_message_read_strv_extend(reply1, x);
-if (r  0) {
-strv_free(x);
-return r;
-}
+KDBUS_PART_FOREACH(name, names, names) {
+r = strv_extend(x, name-name);
+if (r  0)
+return log_oom();
+}
 
-r = bus_message_read_strv_extend(reply2, x);
-if (r  0) {
-strv_free(x);
-return r;
+*l = x;
+} else {
+r = sd_bus_call_method(
+bus,
+org.freedesktop.DBus,
+/,
+org.freedesktop.DBus,
+ListNames,
+NULL,
+reply1,
+NULL);
+if (r  0)
+return r;
+
+r = sd_bus_call_method(
+bus,
+org.freedesktop.DBus,
+/,
+org.freedesktop.DBus,
+ListActivatableNames,
+NULL,
+reply2,
+NULL);
+if (r  0)
+return r;
+
+r = bus_message_read_strv_extend(reply1, x);
+if (r  0) {
+strv_free(x);
+return r;
+}
+
+r = bus_message_read_strv_extend(reply2, x);
+if (r  0) {
+strv_free(x);
+return r;
+}
+
+*l = strv_uniq(x);
 }
 
-*l = strv_uniq(x);
 return 0;
 }
 
-- 
1.8.4.2

___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [PATCH 7/7] systemd-stdio-bridge: make it socket-activatable and usable as kdbus bridge

2013-11-15 Thread Tom Gundersen

On Fri, Nov 15, 2013 at 7:32 PM, Daniel Mack zon...@gmail.com wrote:
 Augment systemd-stdio-bridge a bit to make it a 1:1 bridge from legacy
 DBus clients to kdbus. In particular,

  * allow setting the bus path of the upstream bus as command line
argument
  * use sd_listen_fds() for systemd's socket activation
  * omit calling sd_bus_negotiate_fds() when upstream bus is kdbus
  * reply to bus send errors with proper dbus error messages
  * treat -ECONNRESET as expected end-of-connection condition
 ---
  src/stdio-bridge/stdio-bridge.c | 116 
 +---
  1 file changed, 98 insertions(+), 18 deletions(-)

 diff --git a/src/stdio-bridge/stdio-bridge.c b/src/stdio-bridge/stdio-bridge.c
 index 07218e9..f16a146 100644
 --- a/src/stdio-bridge/stdio-bridge.c
 +++ b/src/stdio-bridge/stdio-bridge.c
 @@ -28,6 +28,7 @@
  #include errno.h
  #include sys/poll.h
  #include stddef.h
 +#include getopt.h

  #include log.h
  #include util.h
 @@ -37,25 +38,99 @@
  #include bus-internal.h
  #include bus-message.h
  #include bus-util.h
 +#include build.h
 +
 +const char *arg_bus_path = unix:path=/run/dbus/system_bus_socket;
 +
 +static int help(void) {
 +
 +printf(%s [OPTIONS...]\n\n
 +   Query or change system hostname.\n\n

Copy paste error ^^^ ?

 + -h --help  Show this help\n
 +--version   Show package version\n
 +--bus-path  Path to the kernel bus (default: 
 %s)\n,
 +   program_invocation_short_name, arg_bus_path);
 +
 +return 0;
 +}
 +
 +static int parse_argv(int argc, char *argv[]) {
 +
 +enum {
 +ARG_VERSION = 0x100,
 +};
 +
 +static const struct option options[] = {
 +{ help,no_argument,   NULL, 'h' },
 +{ bus-path,required_argument, NULL, 'p' },
 +{ NULL,  0, NULL, 0   }
 +};
 +
 +int c;
 +
 +assert(argc = 0);
 +assert(argv);
 +
 +while ((c = getopt_long(argc, argv, hsup:, options, NULL)) = 0) {
 +
 +switch (c) {
 +
 +case 'h':
 +help();
 +return 0;
 +
 +case ARG_VERSION:
 +puts(PACKAGE_STRING);
 +puts(SYSTEMD_FEATURES);
 +return 0;
 +
 +case '?':
 +return -EINVAL;
 +
 +case 'p':
 +arg_bus_path = optarg;
 +break;
 +
 +default:
 +log_error(Unknown option code %c, c);
 +return -EINVAL;
 +}
 +}
 +
 +return 1;
 +}

  int main(int argc, char *argv[]) {
  _cleanup_bus_unref_ sd_bus *a = NULL, *b = NULL;
  sd_id128_t server_id;
  bool is_unix;
 -int r;
 -
 -if (argc  1) {
 -log_error(This program takes no argument.);
 -return EXIT_FAILURE;
 -}
 +int r, in_fd, out_fd;

  log_set_target(LOG_TARGET_JOURNAL_OR_KMSG);
  log_parse_environment();
  log_open();

 +r = parse_argv(argc, argv);
 +if (r = 0)
 +goto finish;
 +
 +r = sd_listen_fds(0);
 +switch (r) {
 +case 0:
 +in_fd = STDIN_FILENO;
 +out_fd = STDOUT_FILENO;
 +break;
 +case 1:
 +in_fd = SD_LISTEN_FDS_START;
 +out_fd = SD_LISTEN_FDS_START;
 +break;
 +default:
 +goto finish;
 +}
 +
  is_unix =
 -sd_is_socket(STDIN_FILENO, AF_UNIX, 0, 0)  0 
 -sd_is_socket(STDOUT_FILENO, AF_UNIX, 0, 0)  0;
 +sd_is_socket(in_fd, AF_UNIX, 0, 0)  0 
 +sd_is_socket(out_fd, AF_UNIX, 0, 0)  0;

  r = sd_bus_new(a);
  if (r  0) {
 @@ -63,16 +138,18 @@ int main(int argc, char *argv[]) {
  goto finish;
  }

 -r = sd_bus_set_address(a, unix:path=/run/dbus/system_bus_socket);
 +r = sd_bus_set_address(a, arg_bus_path);
  if (r  0) {
  log_error(Failed to set address to connect to: %s, 
 strerror(-r));
  goto finish;
  }

 -r = sd_bus_negotiate_fds(a, is_unix);
 -if (r  0) {
 -log_error(Failed to set FD negotiation: %s, strerror(-r));
 -goto finish;
 +if (!startswith(arg_bus_path, kernel:)) {
 +r = sd_bus_negotiate_fds(a, is_unix);
 +if (r  0) {
 +log_error(Failed to set FD negotiation: %s, 
 strerror(-r));
 +goto finish;
 +}
  }

  r = sd_bus_start(a);
 @@

Re: [systemd-devel] [PATCH 7/7] systemd-stdio-bridge: make it socket-activatable and usable as kdbus bridge

On 11/15/2013 08:38 PM, Tom Gundersen wrote:
 On Fri, Nov 15, 2013 at 7:32 PM, Daniel Mack zon...@gmail.com wrote:
 Augment systemd-stdio-bridge a bit to make it a 1:1 bridge from legacy
 DBus clients to kdbus. In particular,

  * allow setting the bus path of the upstream bus as command line
argument
  * use sd_listen_fds() for systemd's socket activation
  * omit calling sd_bus_negotiate_fds() when upstream bus is kdbus
  * reply to bus send errors with proper dbus error messages
  * treat -ECONNRESET as expected end-of-connection condition
 ---
  src/stdio-bridge/stdio-bridge.c | 116 
 +---
  1 file changed, 98 insertions(+), 18 deletions(-)

 diff --git a/src/stdio-bridge/stdio-bridge.c 
 b/src/stdio-bridge/stdio-bridge.c
 index 07218e9..f16a146 100644
 --- a/src/stdio-bridge/stdio-bridge.c
 +++ b/src/stdio-bridge/stdio-bridge.c
 @@ -28,6 +28,7 @@
  #include errno.h
  #include sys/poll.h
  #include stddef.h
 +#include getopt.h

  #include log.h
  #include util.h
 @@ -37,25 +38,99 @@
  #include bus-internal.h
  #include bus-message.h
  #include bus-util.h
 +#include build.h
 +
 +const char *arg_bus_path = unix:path=/run/dbus/system_bus_socket;
 +
 +static int help(void) {
 +
 +printf(%s [OPTIONS...]\n\n
 +   Query or change system hostname.\n\n
 
 Copy paste error ^^^ ?

Ups, yes. Well spotted.

If that's the only remark on the series, I'd dare to ask Lennart to
amend this when applying :)




Thanks,
Daniel
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel

Re: [systemd-devel] [systemd-bugs] Russian translation for systemd