Re: [systemd-devel] Warnings from recent commits
On Thu, Jul 17, 2014 at 8:51 PM, Thomas H.P. Andersen pho...@gmail.com wrote: From recent commits I have noticed the following new issues from static analysis with scan-build and with clang. I am not sure how they should be fixed (or even if) but I just though I would let you know. 1) src/shared/barrier.c in barrier_read starting at line 274 if (pfd[1].revents) { len = read(b-them, buf, sizeof(buf)); ... } else if (pfd[0].revents (POLLHUP | POLLERR | POLLNVAL)) { ... buf = BARRIER_ABORTION; } If neither if/else if are true then buf will be used unset. 2) src/resolve/resolved-dns-scope.c in dns_scope_tcp_socket if s-link is null then ifindex will not be set but will be used later in: } else if (srv-family == AF_INET6) { sa.in6.sin6_port = htobe16(53); sa.in6.sin6_addr = srv-address.in6; sa.in6.sin6_scope_id = ifindex; salen = sizeof(sa.in6); Zbigniew dealt with 2) in 901fd8164797f3eeb9921c85915dc409d49ab5d8. 3) I see a couple of these: In file included from src/resolve/resolved-gperf.c:8: In file included from ./src/resolve/resolved.h:34: In file included from ./src/resolve/resolved-dns-query.h:33: In file included from ./src/resolve/resolved-dns-scope.h:33: ./src/resolve/resolved-dns-cache.h:45:3: warning: redefinition of typedef 'DnsCacheItem' is a C11 feature [-Wtypedef-redefinition] } DnsCacheItem; ^ ./src/resolve/resolved-dns-cache.h:31:29: note: previous definition is here typedef struct DnsCacheItem DnsCacheItem; ^ 1 warning generated. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] resolved: fix warnings
From: Thomas Hindoe Paaboel Andersen pho...@gmail.com --- src/resolve/resolved-dns-scope.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/resolve/resolved-dns-scope.c b/src/resolve/resolved-dns-scope.c index 190c5f4..41514a5 100644 --- a/src/resolve/resolved-dns-scope.c +++ b/src/resolve/resolved-dns-scope.c @@ -292,7 +292,7 @@ int dns_scope_llmnr_membership(DnsScope *s, bool b) { if (s-family == AF_INET) { struct ip_mreqn mreqn = { .imr_multiaddr = LLMNR_MULTICAST_IPV4_ADDRESS, -.imr_ifindex = s-link-ifindex, +.imr_ifindex = s-link ? s-link-ifindex : 0, }; fd = manager_llmnr_ipv4_udp_fd(s-manager); @@ -305,7 +305,7 @@ int dns_scope_llmnr_membership(DnsScope *s, bool b) { } else if (s-family == AF_INET6) { struct ipv6_mreq mreq = { .ipv6mr_multiaddr = LLMNR_MULTICAST_IPV6_ADDRESS, -.ipv6mr_interface = s-link-ifindex, +.ipv6mr_interface = s-link ? s-link-ifindex : 0, }; fd = manager_llmnr_ipv6_udp_fd(s-manager); -- 1.9.3 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Warnings from recent commits
Hi On Thu, Jul 17, 2014 at 8:51 PM, Thomas H.P. Andersen pho...@gmail.com wrote: From recent commits I have noticed the following new issues from static analysis with scan-build and with clang. I am not sure how they should be fixed (or even if) but I just though I would let you know. 1) src/shared/barrier.c in barrier_read starting at line 274 if (pfd[1].revents) { len = read(b-them, buf, sizeof(buf)); ... } else if (pfd[0].revents (POLLHUP | POLLERR | POLLNVAL)) { ... buf = BARRIER_ABORTION; } If neither if/else if are true then buf will be used unset. This is a false-positive. poll() must return 0 in our case, so either revents must be set. I added else continue; to suppress this warning. Thanks! David 2) src/resolve/resolved-dns-scope.c in dns_scope_tcp_socket if s-link is null then ifindex will not be set but will be used later in: } else if (srv-family == AF_INET6) { sa.in6.sin6_port = htobe16(53); sa.in6.sin6_addr = srv-address.in6; sa.in6.sin6_scope_id = ifindex; salen = sizeof(sa.in6); 3) I see a couple of these: In file included from src/resolve/resolved-gperf.c:8: In file included from ./src/resolve/resolved.h:34: In file included from ./src/resolve/resolved-dns-query.h:33: In file included from ./src/resolve/resolved-dns-scope.h:33: ./src/resolve/resolved-dns-cache.h:45:3: warning: redefinition of typedef 'DnsCacheItem' is a C11 feature [-Wtypedef-redefinition] } DnsCacheItem; ^ ./src/resolve/resolved-dns-cache.h:31:29: note: previous definition is here typedef struct DnsCacheItem DnsCacheItem; ^ 1 warning generated. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] Refuse mount on symlink
Just completed TODO: * refuse mounting on symlinks If systemd try mounting entry from fstab on symlink, user get something like that: Jul 19 15:49:38 beplan.lan systemd[1]: Mounting /var/tmp/lol1... Jul 19 15:49:38 beplan.lan systemd[1]: var-tmp-lol1.mount Refuse mount on symlink: Operation not permitted Can be pulled from: https://github.com/Nefelim4ag/systemd.git TODO | 2 -- src/core/mount.c | 17 + src/core/mount.h | 2 ++ src/shared/util.c | 11 +++ src/shared/util.h | 2 ++ 5 files changed, 32 insertions(+), 2 deletions(-) diff --git a/TODO b/TODO index bfa06de..be58ff3 100644 --- a/TODO +++ b/TODO @@ -55,8 +55,6 @@ Features: * order OnCalendar timer units after timer-sync.target if DefaultDependencies=no so that we don't trigger them prematurely -* refuse mounting on symlinks - * logind: allow users to kill or lock their own sessions * add new gpt type for btrfs volumes diff --git a/src/core/mount.c b/src/core/mount.c index 102bbef..e5e8e94 100644 --- a/src/core/mount.c +++ b/src/core/mount.c @@ -826,6 +826,19 @@ void warn_if_dir_nonempty(const char *unit, const char* where) { NULL); } +int fail_if_symlink(const char *unit, const char* where) { +assert(where); + +if (!is_symlink(where)) +return 0; + +log_warning_unit(unit, + %s Refuse mount on symlink: %s, + unit, strerror(1)); + +return -1; +} + static void mount_enter_unmounting(Mount *m) { int r; @@ -876,6 +889,10 @@ static void mount_enter_mounting(Mount *m) { if (p mount_is_bind(p)) mkdir_p_label(p-what, m-directory_mode); +r = fail_if_symlink(m-meta.id, m-where); +if (r 0) +goto fail; + if (m-from_fragment) r = exec_command_set( m-control_command, diff --git a/src/core/mount.h b/src/core/mount.h index 2dcb663..5fc1fe1 100644 --- a/src/core/mount.h +++ b/src/core/mount.h @@ -128,3 +128,5 @@ const char* mount_result_to_string(MountResult i) _const_; MountResult mount_result_from_string(const char *s) _pure_; void warn_if_dir_nonempty(const char *unit, const char* where); + +int fail_if_symlink(const char *unit, const char* where); \ No newline at end of file diff --git a/src/shared/util.c b/src/shared/util.c index 4fda31c..f389e74 100644 --- a/src/shared/util.c +++ b/src/shared/util.c @@ -6866,3 +6866,14 @@ int take_password_lock(const char *root) { return fd; } + +bool is_symlink(const char *path) { +struct stat info; + +lstat(path, info); + +if (S_ISLNK(info.st_mode)) +return 1; + +return 0; +} \ No newline at end of file diff --git a/src/shared/util.h b/src/shared/util.h index d9d525e..6a438b7 100644 --- a/src/shared/util.h +++ b/src/shared/util.h @@ -973,3 +973,5 @@ char *tempfn_random(const char *p); bool is_localhost(const char *hostname); int take_password_lock(const char *root); + +bool is_symlink(const char *path); \ No newline at end of file ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] systemd read-only RootFS for flash-menory usage ?
Greetings, I have a computer with these --OS Linux 64bit BLFS Linux --relatively recent version of systemd --no hard disk but instead compact flash disk I am running vanilla systemd ( i.e. as compiled from source code and without any change in scripts ) successfully. I want to protect the flash card by minimisng the amount of writes and erases so I want to create a /var partition in RAM for logfiles and mount /var on booting as R/W and the rest as readonly. I have a number of questions:- --Can systemd be run from a read-only root filesystem ? --If the suggestion above (/var in RAM and rest of FS is RO) is not feasible is there an alternative/better solution? Thanks in advance sincerely lux-integ ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] install: systemd-timesyncd.service is enabled by sysinit.target
On Fri, Jul 18, 2014 at 06:33:52AM +0200, Michael Olbrich wrote: systemd-timesyncd.service has a WantedBy=sysinit.target so the initially generated link should match that. Applied. Zbyszek ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel