[systemd-devel] [PATCH] buildsys: test-util needs -lm for fabs()
--- Makefile.am | 1 + 1 file changed, 1 insertion(+) diff --git a/Makefile.am b/Makefile.am index ff5f61b..3686103 100644 --- a/Makefile.am +++ b/Makefile.am @@ -1543,6 +1543,7 @@ test_util_SOURCES = \ src/test/test-util.c test_util_LDADD = \ + -lm \ libsystemd-core.la test_uid_range_SOURCES = \ -- 2.1.2 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH v2] udev: Fix parsing of udev.event-timeout kernel parameter.
---
src/udev/udevd.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/udev/udevd.c b/src/udev/udevd.c
index 2e6c713..193702c 100644
--- a/src/udev/udevd.c
+++ b/src/udev/udevd.c
@@ -994,9 +994,9 @@ static void kernel_cmdline_options(struct udev *udev) {
if (r < 0)
log_warning("Invalid udev.exec-delay ignored:
%s", opt + 16);
} else if (startswith(opt, "udev.event-timeout=")) {
-r = safe_atou64(opt + 16, &arg_event_timeout_usec);
+r = safe_atou64(opt + 19, &arg_event_timeout_usec);
if (r < 0) {
-log_warning("Invalid udev.event-timeout
ignored: %s", opt + 16);
+log_warning("Invalid udev.event-timeout
ignored: %s", opt + 19);
break;
}
arg_event_timeout_usec *= USEC_PER_SEC;
--
2.1.0
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH v2] udev: Fix parsing of udev.event-timeout kernel parameter.
v2: - Fix the warning message too (thanks Ronny Chevalier). In reply to Ronny's comment about using strlen: I agree, but that's a rather larger patch than I need to fix my immediate bug. Rich. ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] udev: Fix parsing of udev.event-timeout kernel parameter.
2014-11-05 0:31 GMT+01:00 Richard W.M. Jones :
Hi,
> ---
> src/udev/udevd.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/src/udev/udevd.c b/src/udev/udevd.c
> index 2e6c713..206a4d3 100644
> --- a/src/udev/udevd.c
> +++ b/src/udev/udevd.c
> @@ -994,7 +994,7 @@ static void kernel_cmdline_options(struct udev *udev) {
> if (r < 0)
> log_warning("Invalid udev.exec-delay
> ignored: %s", opt + 16);
> } else if (startswith(opt, "udev.event-timeout=")) {
> -r = safe_atou64(opt + 16, &arg_event_timeout_usec);
> +r = safe_atou64(opt + 19, &arg_event_timeout_usec);
> if (r < 0) {
> log_warning("Invalid udev.event-timeout
> ignored: %s", opt + 16);
You need to fix this one too.
Maybe use opt + strlen("udev.event-timeout=") since it is optimized by gcc ?
> break;
> --
> 2.1.0
>
> ___
> systemd-devel mailing list
> systemd-devel@lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] udev: Fix parsing of udev.event-timeout kernel parameter.
---
src/udev/udevd.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/udev/udevd.c b/src/udev/udevd.c
index 2e6c713..206a4d3 100644
--- a/src/udev/udevd.c
+++ b/src/udev/udevd.c
@@ -994,7 +994,7 @@ static void kernel_cmdline_options(struct udev *udev) {
if (r < 0)
log_warning("Invalid udev.exec-delay ignored:
%s", opt + 16);
} else if (startswith(opt, "udev.event-timeout=")) {
-r = safe_atou64(opt + 16, &arg_event_timeout_usec);
+r = safe_atou64(opt + 19, &arg_event_timeout_usec);
if (r < 0) {
log_warning("Invalid udev.event-timeout
ignored: %s", opt + 16);
break;
--
2.1.0
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [question] networkd: Any support for hooks?
On Tue, 2014-11-04 at 19:40 +0100, Lennart Poettering wrote: > BOn Tue, 04.11.14 19:07, Tomasz Torcz (to...@pipebreaker.pl) wrote: > > > On Thu, Oct 02, 2014 at 08:36:10AM +0200, Lennart Poettering wrote: > > > On Wed, 01.10.14 21:36, Cameron Norman (camerontnor...@gmail.com) wrote: > > > > > > > Hello, > > > > > > > > ifupdown [1], NetworkManager, and WICD all support hooks for when a > >1;3409;0c > > network interface is configured or deconfigured (before and > >after > > > > these actions). > > > > > > > > Are there any plans to support something along these lines? If so, > > > > what will that look like? > > > > > > > > If there are no plans, how do networkd's developers feel about adding > > > > the feature (will not merge, or will accept patches, etc.) ? > > > > > > Can you be more specific what precisely you intend to hook in there? > > > I'd really prefer if we could find different solutions for the common > > > usecases. > > > > Example: I'd like to add interface to proper firewalld "zone". > > Ideally it could be done by networkd itself (it just one dbus call: > > addInterface(in s zone, in s interface, …) based on new Zone=string > > setting in .netdev file. > > Hook can determine which zone interface should belong to and call > > firewall-cmd --zone= --add-interface= > > If firewalld shall be dynamic then it really should listen to rtnl on > its own. It's the wrong way round, you don't want to to call into > higher level software from lower level one. It's the higher level > software that should subscribe to changes from the lower level software. firewalld can't get the information that WiFi network Starbucks should be locked down more than your home network. How is it supposed to get that information just listening to rtnl or other kernel events? The kernel doesn't care; the only source of that information is the connection manager. Dan ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] instantiated services set up
On Tue, Nov 04, 2014 at 08:56:48PM +0100, Jan Včelák wrote: > Hi! > > > > OK. I will remove the syslog. But I will have to keep network.target for > > > now as we support non-Linux systems as well. Adding support for rtnl or > > > IP_FREEBIND would mean duplicating a lot of code... probably. > > > > Note that invoking IP_FREEBIND is just a single setsockopt() line... > > You are right. We enabled IP_FREEBIND after all. (And we also added > IP_BINDANY > and IPV6_BINDANY on FreeBSD to achieve the same behavior.) > > On the other hand, we cannot give the administrator proper feedback when the > daemon is configured incorrectly. > If you need, you can first try binding without IP_FREEBIND. If it fails, you can print "Configured address (xxx) not available yet", enable IP_FREEBIND and call bind() again. -- Tomasz Torcz "Never underestimate the bandwidth of a station xmpp: zdzich...@chrome.plwagon filled with backup tapes." -- Jim Gray ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] sysusers.c: make use of negative_errno()
Nevermind, ignore this. This is of course only where gcc complaints.
Den 04/11/2014 20.53 skrev "Daniel Buch" :
> This is recently added by david. And i like replace return -errno treewide
> if desired?
>
> I suppose its safe and correct to assume every return -errno can be
> replaced?
>
> ---
> src/sysusers/sysusers.c | 24
> 1 file changed, 12 insertions(+), 12 deletions(-)
>
> diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
> index c133dc5..11624ad 100644
> --- a/src/sysusers/sysusers.c
> +++ b/src/sysusers/sysusers.c
> @@ -143,7 +143,7 @@ static int load_user_database(void) {
> errno = 0;
> }
> if (!IN_SET(errno, 0, ENOENT))
> -return -errno;
> +return negative_errno();
>
> return 0;
> }
> @@ -195,7 +195,7 @@ static int load_group_database(void) {
> errno = 0;
> }
> if (!IN_SET(errno, 0, ENOENT))
> -return -errno;
> +return negative_errno();
>
> return 0;
> }
> @@ -213,11 +213,11 @@ static int make_backup(const char *target, const
> char *x) {
> if (errno == ENOENT) /* No backup necessary... */
> return 0;
>
> -return -errno;
> +return negative_errno();
> }
>
> if (fstat(src, &st) < 0)
> -return -errno;
> +return negative_errno();
>
> r = fopen_temporary_label(target, x, &dst, &temp);
> if (r < 0)
> @@ -790,7 +790,7 @@ static int uid_is_ok(uid_t uid, const char *name) {
> if (p)
> return 0;
> if (!IN_SET(errno, 0, ENOENT))
> -return -errno;
> +return negative_errno();
>
> errno = 0;
> g = getgrgid((gid_t) uid);
> @@ -798,7 +798,7 @@ static int uid_is_ok(uid_t uid, const char *name) {
> if (!streq(g->gr_name, name))
> return 0;
> } else if (!IN_SET(errno, 0, ENOENT))
> -return -errno;
> +return negative_errno();
> }
>
> return 1;
> @@ -809,7 +809,7 @@ static int root_stat(const char *p, struct stat *st) {
>
> fix = fix_root(p);
> if (stat(fix, st) < 0)
> -return -errno;
> +return negative_errno();
>
> return 0;
> }
> @@ -905,7 +905,7 @@ static int add_user(Item *i) {
> }
> if (!IN_SET(errno, 0, ENOENT)) {
> log_error("Failed to check if user %s already
> exists: %m", i->name);
> -return -errno;
> +return negative_errno();
> }
>
> /* And shadow too, just to be sure */
> @@ -917,7 +917,7 @@ static int add_user(Item *i) {
> }
> if (!IN_SET(errno, 0, ENOENT)) {
> log_error("Failed to check if user %s already
> exists in shadow database: %m", i->name);
> -return -errno;
> +return negative_errno();
> }
> }
>
> @@ -1027,14 +1027,14 @@ static int gid_is_ok(gid_t gid) {
> if (g)
> return 0;
> if (!IN_SET(errno, 0, ENOENT))
> -return -errno;
> +return negative_errno();
>
> errno = 0;
> p = getpwuid((uid_t) gid);
> if (p)
> return 0;
> if (!IN_SET(errno, 0, ENOENT))
> -return -errno;
> +return negative_errno();
> }
>
> return 1;
> @@ -1069,7 +1069,7 @@ static int add_group(Item *i) {
> }
> if (!IN_SET(errno, 0, ENOENT)) {
> log_error("Failed to check if group %s already
> exists: %m", i->name);
> -return -errno;
> +return negative_errno();
> }
> }
>
> --
> 2.1.3
>
>
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] instantiated services set up
Hi! > > OK. I will remove the syslog. But I will have to keep network.target for > > now as we support non-Linux systems as well. Adding support for rtnl or > > IP_FREEBIND would mean duplicating a lot of code... probably. > > Note that invoking IP_FREEBIND is just a single setsockopt() line... You are right. We enabled IP_FREEBIND after all. (And we also added IP_BINDANY and IPV6_BINDANY on FreeBSD to achieve the same behavior.) On the other hand, we cannot give the administrator proper feedback when the daemon is configured incorrectly. > > DefaultInstance sounds great. Will this get backported into systemd-stable > > at some time? Because I'm looking for a solution for RHEL 7. > > Please file a bug for RHEL 7 and the right peple will make sure this > happens. OK. I will do that. Thanks a lot. Jan ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] sysusers.c: make use of negative_errno()
This is recently added by david. And i like replace return -errno treewide if
desired?
I suppose its safe and correct to assume every return -errno can be replaced?
---
src/sysusers/sysusers.c | 24
1 file changed, 12 insertions(+), 12 deletions(-)
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
index c133dc5..11624ad 100644
--- a/src/sysusers/sysusers.c
+++ b/src/sysusers/sysusers.c
@@ -143,7 +143,7 @@ static int load_user_database(void) {
errno = 0;
}
if (!IN_SET(errno, 0, ENOENT))
-return -errno;
+return negative_errno();
return 0;
}
@@ -195,7 +195,7 @@ static int load_group_database(void) {
errno = 0;
}
if (!IN_SET(errno, 0, ENOENT))
-return -errno;
+return negative_errno();
return 0;
}
@@ -213,11 +213,11 @@ static int make_backup(const char *target, const char *x)
{
if (errno == ENOENT) /* No backup necessary... */
return 0;
-return -errno;
+return negative_errno();
}
if (fstat(src, &st) < 0)
-return -errno;
+return negative_errno();
r = fopen_temporary_label(target, x, &dst, &temp);
if (r < 0)
@@ -790,7 +790,7 @@ static int uid_is_ok(uid_t uid, const char *name) {
if (p)
return 0;
if (!IN_SET(errno, 0, ENOENT))
-return -errno;
+return negative_errno();
errno = 0;
g = getgrgid((gid_t) uid);
@@ -798,7 +798,7 @@ static int uid_is_ok(uid_t uid, const char *name) {
if (!streq(g->gr_name, name))
return 0;
} else if (!IN_SET(errno, 0, ENOENT))
-return -errno;
+return negative_errno();
}
return 1;
@@ -809,7 +809,7 @@ static int root_stat(const char *p, struct stat *st) {
fix = fix_root(p);
if (stat(fix, st) < 0)
-return -errno;
+return negative_errno();
return 0;
}
@@ -905,7 +905,7 @@ static int add_user(Item *i) {
}
if (!IN_SET(errno, 0, ENOENT)) {
log_error("Failed to check if user %s already exists:
%m", i->name);
-return -errno;
+return negative_errno();
}
/* And shadow too, just to be sure */
@@ -917,7 +917,7 @@ static int add_user(Item *i) {
}
if (!IN_SET(errno, 0, ENOENT)) {
log_error("Failed to check if user %s already exists
in shadow database: %m", i->name);
-return -errno;
+return negative_errno();
}
}
@@ -1027,14 +1027,14 @@ static int gid_is_ok(gid_t gid) {
if (g)
return 0;
if (!IN_SET(errno, 0, ENOENT))
-return -errno;
+return negative_errno();
errno = 0;
p = getpwuid((uid_t) gid);
if (p)
return 0;
if (!IN_SET(errno, 0, ENOENT))
-return -errno;
+return negative_errno();
}
return 1;
@@ -1069,7 +1069,7 @@ static int add_group(Item *i) {
}
if (!IN_SET(errno, 0, ENOENT)) {
log_error("Failed to check if group %s already exists:
%m", i->name);
-return -errno;
+return negative_errno();
}
}
--
2.1.3
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Poor man's reboot doesn't work
> Am 02.11.2014 um 12:48 schrieb Thomas Meyer : > > Hi, > > I tried to switch to the emergency target and back to the graphical target, > but this doesn't seem to work. > > Should this work, i.e.? > > # systemctl isolate emergency.target > # systemctl isolate graphical.target > > The services seems to fail with this error once I'm in the emergency.target > and try to switch back to the graphical.target: > status=219/CGROUP EXIT_CGROUP seems to get set at three locations in the source code, but I'm not sure what is the original underlying error code. Any ideas wash at could be wrong here? > > example status output: > > abrt-ccpp.service -> '/org/freedesktop/systemd1/unit/abrt_2dccpp_2eservice' > > abrt-ccpp.service - Install ABRT coredump hook > Loaded: loaded (/usr/lib/systemd/system/abrt-ccpp.service; enabled) > Active: failed (Result: exit-code) since So 2014-11-02 12:32:45 CET; 2min > 32s ago > Process: 4715 ExecStop=/usr/sbin/abrt-install-ccpp-hook uninstall > (code=exited, status=0/SUCCESS) > Process: 13227 ExecStart=/usr/sbin/abrt-install-ccpp-hook install > (code=exited, status=219/CGROUP) > Main PID: 13227 (code=exited, status=219/CGROUP) > CGroup: /system.slice/abrt-ccpp.service > > Nov 02 12:32:45 localhost.localdomain systemd[1]: abrt-ccpp.service: main > process exited, code=exited, status=219/CGROUP > Nov 02 12:32:45 localhost.localdomain systemd[1]: Failed to start Install > ABRT coredump hook. > Nov 02 12:32:45 localhost.localdomain systemd[1]: Unit abrt-ccpp.service > entered failed state > > Bug or feature? > > This happens with systemd version: > systemd 208 > +PAM +LIBWRAP +AUDIT +SELINUX +IMA +SYSVINIT +LIBCRYPTSETUP +GCRYPT +ACL +XZ > > on Fedora 20. > > with kind regards > thomas > > > > ___ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] man/tmpfiles.d: fix typo
Hi On Tue, Nov 4, 2014 at 1:38 PM, Jan Synacek wrote: > --- > man/tmpfiles.d.xml | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) Applied! Thanks David > diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml > index f2360ba..1b14d69 100644 > --- a/man/tmpfiles.d.xml > +++ b/man/tmpfiles.d.xml > @@ -108,8 +108,8 @@ > filename in lexicographic order, regardless of which > of the directories they reside in. If multiple files > specify the same path, the entry in the file with the > -lexicographically earliest name will be applied, all > -all other conflicting entries will be logged as > +lexicographically earliest name will be applied. > +All other conflicting entries will be logged as > errors. When two lines are prefix and suffix of each > other, then the prefix is always processed first, the > suffix later. Otherwise, the files/directories are > -- > 1.9.3 > > ___ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [question] networkd: Any support for hooks?
On 11/04/2014 06:07 PM, Tomasz Torcz wrote: Example: I'd like to add interface to proper firewalld "zone". Ideally it could be done by networkd itself (it just one dbus call: addInterface(in s zone, in s interface, …) based on new Zone=string setting in .netdev file. Hook can determine which zone interface should belong to and call firewall-cmd --zone= --add-interface= I dont think there is much future in firewalld hence I was looking into integrating nftables with systemd using it's kernel api since it seems like a nice feature to be able to add iptables rules to units,netdevices,containers JBG ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [question] networkd: Any support for hooks?
BOn Tue, 04.11.14 19:07, Tomasz Torcz (to...@pipebreaker.pl) wrote: > On Thu, Oct 02, 2014 at 08:36:10AM +0200, Lennart Poettering wrote: > > On Wed, 01.10.14 21:36, Cameron Norman (camerontnor...@gmail.com) wrote: > > > > > Hello, > > > > > > ifupdown [1], NetworkManager, and WICD all support hooks for when a >1;3409;0c > > network interface is configured or deconfigured (before and after > > > these actions). > > > > > > Are there any plans to support something along these lines? If so, > > > what will that look like? > > > > > > If there are no plans, how do networkd's developers feel about adding > > > the feature (will not merge, or will accept patches, etc.) ? > > > > Can you be more specific what precisely you intend to hook in there? > > I'd really prefer if we could find different solutions for the common > > usecases. > > Example: I'd like to add interface to proper firewalld "zone". > Ideally it could be done by networkd itself (it just one dbus call: > addInterface(in s zone, in s interface, …) based on new Zone=string > setting in .netdev file. > Hook can determine which zone interface should belong to and call > firewall-cmd --zone= --add-interface= If firewalld shall be dynamic then it really should listen to rtnl on its own. It's the wrong way round, you don't want to to call into higher level software from lower level one. It's the higher level software that should subscribe to changes from the lower level software. Lennart -- Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH] switch_root: do not fail, if base_filesystem_create() failed
I think you might want to cast it to avoid compiler warning. Like:
(void) base_filesystem_create()
Den 04/11/2014 17.36 skrev :
> From: Harald Hoyer
>
> Not all switch roots are like base_filesystem_create() wants them
> to look like. They might even boot, if they are RO and don't have the FS
> layout. Just ignore the error and switch_root nevertheless.
>
> base_filesystem_create() should have logged, what went wrong.
> ---
> src/shared/switch-root.c | 6 +-
> 1 file changed, 1 insertion(+), 5 deletions(-)
>
> diff --git a/src/shared/switch-root.c b/src/shared/switch-root.c
> index bac0e5c..673f8a7 100644
> --- a/src/shared/switch-root.c
> +++ b/src/shared/switch-root.c
> @@ -103,11 +103,7 @@ int switch_root(const char *new_root, const char
> *oldroot, bool detach_oldroot,
> }
> }
>
> -r = base_filesystem_create(new_root);
> -if (r < 0) {
> -log_error("Failed to create the base filesystem: %s",
> strerror(-r));
> -return r;
> -}
> +base_filesystem_create(new_root);
>
> if (chdir(new_root) < 0) {
> log_error("Failed to change directory to %s: %m",
> new_root);
> --
> 2.1.0
>
> ___
> systemd-devel mailing list
> systemd-devel@lists.freedesktop.org
> http://lists.freedesktop.org/mailman/listinfo/systemd-devel
>
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [question] networkd: Any support for hooks?
On Thu, Oct 02, 2014 at 08:36:10AM +0200, Lennart Poettering wrote: > On Wed, 01.10.14 21:36, Cameron Norman (camerontnor...@gmail.com) wrote: > > > Hello, > > > > ifupdown [1], NetworkManager, and WICD all support hooks for when a > > network interface is configured or deconfigured (before and after > > these actions). > > > > Are there any plans to support something along these lines? If so, > > what will that look like? > > > > If there are no plans, how do networkd's developers feel about adding > > the feature (will not merge, or will accept patches, etc.) ? > > Can you be more specific what precisely you intend to hook in there? > I'd really prefer if we could find different solutions for the common > usecases. Example: I'd like to add interface to proper firewalld "zone". Ideally it could be done by networkd itself (it just one dbus call: addInterface(in s zone, in s interface, …) based on new Zone=string setting in .netdev file. Hook can determine which zone interface should belong to and call firewall-cmd --zone= --add-interface= -- Tomasz Torcz "Never underestimate the bandwidth of a station xmpp: zdzich...@chrome.plwagon filled with backup tapes." -- Jim Gray ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] sd-dhcp-client: allow getting/setting the client ID
The client identifier can be in many different formats, not just
the one that systemd creates from the Ethernet MAC address. Non-
ethernet interfaces have different client IDs formats too. Users
may also have custom client IDs that they wish to use to preserve
lease options delivered by servers configured with the existing
client ID.
---
src/libsystemd-network/sd-dhcp-client.c | 116
src/systemd/sd-dhcp-client.h| 4 ++
2 files changed, 108 insertions(+), 12 deletions(-)
diff --git a/src/libsystemd-network/sd-dhcp-client.c
b/src/libsystemd-network/sd-dhcp-client.c
index 689163c..36f05ca 100644
--- a/src/libsystemd-network/sd-dhcp-client.c
+++ b/src/libsystemd-network/sd-dhcp-client.c
@@ -38,6 +38,7 @@
#include "dhcp-lease-internal.h"
#include "sd-dhcp-client.h"
+#define MAX_CLIENT_ID_LEN 32
#define MAX_MAC_ADDR_LEN INFINIBAND_ALEN
struct sd_dhcp_client {
@@ -56,13 +57,33 @@ struct sd_dhcp_client {
size_t req_opts_allocated;
size_t req_opts_size;
be32_t last_addr;
-struct {
-uint8_t type;
-struct ether_addr mac_addr;
-} _packed_ client_id;
uint8_t mac_addr[MAX_MAC_ADDR_LEN];
size_t mac_addr_len;
uint16_t arp_type;
+union {
+struct {
+uint8_t type; /* 0: Generic (non-LL) (RFC 2132) */
+uint8_t data[MAX_CLIENT_ID_LEN];
+} _packed_ gen;
+struct {
+uint8_t type; /* 1: Ethernet Link-Layer (RFC 2132) */
+uint8_t haddr[ETH_ALEN];
+} _packed_ eth;
+struct {
+uint8_t type; /* 2 - 254: ARP/Link-Layer (RFC 2132) */
+uint8_t haddr[0];
+} _packed_ ll;
+struct {
+uint8_t type; /* 255: Node-specific (RFC 4361) */
+uint8_t iaid[4];
+uint8_t duid[MAX_CLIENT_ID_LEN - 4];
+} _packed_ ns;
+struct {
+uint8_t type;
+uint8_t data[MAX_CLIENT_ID_LEN];
+} _packed_ raw;
+} client_id;
+size_t client_id_len;
char *hostname;
char *vendor_class_identifier;
uint32_t mtu;
@@ -201,8 +222,69 @@ int sd_dhcp_client_set_mac(sd_dhcp_client *client, const
uint8_t *addr,
client->mac_addr_len = addr_len;
client->arp_type = arp_type;
-memcpy(&client->client_id.mac_addr, addr, ETH_ALEN);
-client->client_id.type = 0x01;
+if (need_restart && client->state != DHCP_STATE_STOPPED)
+sd_dhcp_client_start(client);
+
+return 0;
+}
+
+int sd_dhcp_client_get_client_id(sd_dhcp_client *client, uint8_t *type,
+ const uint8_t **data, size_t *data_len) {
+
+assert_return(client, -EINVAL);
+assert_return(type, -EINVAL);
+assert_return(data, -EINVAL);
+assert_return(data_len, -EINVAL);
+
+*type = 0;
+*data = NULL;
+*data_len = 0;
+if (client->client_id_len) {
+*type = client->client_id.raw.type;
+*data = client->client_id.raw.data;
+*data_len = client->client_id_len - 1; /* -1 for sizeof(type)
*/
+}
+
+return 0;
+}
+
+int sd_dhcp_client_set_client_id(sd_dhcp_client *client, uint8_t type,
+ const uint8_t *data, size_t data_len) {
+DHCP_CLIENT_DONT_DESTROY(client);
+bool need_restart = false;
+
+assert_return(client, -EINVAL);
+assert_return(data, -EINVAL);
+assert_return(data_len > 0 && data_len <= MAX_CLIENT_ID_LEN, -EINVAL);
+
+switch (type) {
+case ARPHRD_ETHER:
+if (data_len != ETH_ALEN)
+return -EINVAL;
+break;
+case ARPHRD_INFINIBAND:
+if (data_len != INFINIBAND_ALEN)
+return -EINVAL;
+break;
+default:
+break;
+}
+
+if (client->client_id_len == data_len + 1 &&
+client->client_id.raw.type == type &&
+memcmp(&client->client_id.raw.data, data, data_len) == 0)
+return 0;
+
+if (!IN_SET(client->state, DHCP_STATE_INIT, DHCP_STATE_STOPPED)) {
+log_dhcp_client(client, "Changing client ID on running DHCP "
+"client, restarting");
+need_restart = true;
+client_stop(client, DHCP_EVENT_STOP);
+}
+
+client->client_id.raw.type = type;
+memcpy(&client->client_id.raw.data, data, data_len);
+client->client_id_len = data_len + 1; /* +1 for sizeof(type) */
if (need_restart && client->state != DHCP_STATE_STOPPED)
[systemd-devel] [PATCH] sd-dhcp-lease: expose load/save functions
They're useful outside of networkd itself in the libsystemd-network
library.
---
src/libsystemd-network/dhcp-lease-internal.h | 3 ---
src/libsystemd-network/sd-dhcp-lease.c | 4 ++--
src/network/networkd-link.c | 2 +-
src/systemd/sd-dhcp-lease.h | 3 +++
4 files changed, 6 insertions(+), 6 deletions(-)
diff --git a/src/libsystemd-network/dhcp-lease-internal.h
b/src/libsystemd-network/dhcp-lease-internal.h
index b85b698..9e184ac 100644
--- a/src/libsystemd-network/dhcp-lease-internal.h
+++ b/src/libsystemd-network/dhcp-lease-internal.h
@@ -78,9 +78,6 @@ int dhcp_lease_new(sd_dhcp_lease **ret);
int dhcp_lease_parse_options(uint8_t code, uint8_t len, const uint8_t *option,
void *user_data);
-int dhcp_lease_save(sd_dhcp_lease *lease, const char *lease_file);
-int dhcp_lease_load(const char *lease_file, sd_dhcp_lease **ret);
-
int dhcp_lease_set_default_subnet_mask(sd_dhcp_lease *lease);
int dhcp_lease_set_client_id(sd_dhcp_lease *lease, const uint8_t *client_id,
diff --git a/src/libsystemd-network/sd-dhcp-lease.c
b/src/libsystemd-network/sd-dhcp-lease.c
index 3e338dc..0d74800 100644
--- a/src/libsystemd-network/sd-dhcp-lease.c
+++ b/src/libsystemd-network/sd-dhcp-lease.c
@@ -581,7 +581,7 @@ int dhcp_lease_new(sd_dhcp_lease **ret) {
return 0;
}
-int dhcp_lease_save(sd_dhcp_lease *lease, const char *lease_file) {
+int sd_dhcp_lease_save(sd_dhcp_lease *lease, const char *lease_file) {
_cleanup_free_ char *temp_path = NULL;
_cleanup_fclose_ FILE *f = NULL;
struct in_addr address;
@@ -690,7 +690,7 @@ finish:
return r;
}
-int dhcp_lease_load(const char *lease_file, sd_dhcp_lease **ret) {
+int sd_dhcp_lease_load(const char *lease_file, sd_dhcp_lease **ret) {
_cleanup_dhcp_lease_unref_ sd_dhcp_lease *lease = NULL;
_cleanup_free_ char *address = NULL, *router = NULL, *netmask = NULL,
*server_address = NULL, *next_server = NULL,
diff --git a/src/network/networkd-link.c b/src/network/networkd-link.c
index 26ef0fe..fcfbd3e 100644
--- a/src/network/networkd-link.c
+++ b/src/network/networkd-link.c
@@ -1857,7 +1857,7 @@ int link_save(Link *link) {
if (link->dhcp_lease) {
assert(link->network);
-r = dhcp_lease_save(link->dhcp_lease, link->lease_file);
+r = sd_dhcp_lease_save(link->dhcp_lease, link->lease_file);
if (r < 0)
goto fail;
diff --git a/src/systemd/sd-dhcp-lease.h b/src/systemd/sd-dhcp-lease.h
index 5fafc04..1b0207b 100644
--- a/src/systemd/sd-dhcp-lease.h
+++ b/src/systemd/sd-dhcp-lease.h
@@ -48,4 +48,7 @@ int sd_dhcp_lease_get_routes(sd_dhcp_lease *lease, struct
sd_dhcp_route **routes
int sd_dhcp_lease_get_client_id(sd_dhcp_lease *lease, const uint8_t
**client_id,
size_t *client_id_len);
+int sd_dhcp_lease_save(sd_dhcp_lease *lease, const char *lease_file);
+int sd_dhcp_lease_load(const char *lease_file, sd_dhcp_lease **ret);
+
#endif
--
1.9.3
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] sd-dhcp-client: fix REBOOT state handling
client->secs wasn't getting set in the REBOOT state, causing
an assertion. REBOOT should work the same way as INIT, per
RFC 2131:
secs 2 Filled in by client, seconds elapsed since client
began address acquisition or renewal process.
REBOOT is necessary because some DHCP servers (eg on
home routers) do not hand back the same IP address unless the
'ciaddr' field is filled with that address, which DISCOVER
cannot do per the RFCs. This leads to multiple leases
on machine reboot or DHCP client restart.
---
src/libsystemd-network/sd-dhcp-client.c | 31 +--
1 file changed, 13 insertions(+), 18 deletions(-)
diff --git a/src/libsystemd-network/sd-dhcp-client.c
b/src/libsystemd-network/sd-dhcp-client.c
index a8ec654..300fc38 100644
--- a/src/libsystemd-network/sd-dhcp-client.c
+++ b/src/libsystemd-network/sd-dhcp-client.c
@@ -89,7 +89,6 @@ struct sd_dhcp_client {
uint32_t mtu;
uint32_t xid;
usec_t start_time;
-uint16_t secs;
unsigned int attempt;
usec_t request_sent;
sd_event_source *timeout_t1;
@@ -399,10 +398,12 @@ static int client_message_init(sd_dhcp_client *client,
DHCPPacket **ret,
_cleanup_free_ DHCPPacket *packet;
size_t optlen, optoffset, size;
be16_t max_size;
+usec_t time_now;
+uint16_t secs;
int r;
assert(client);
-assert(client->secs);
+assert(client->start_time);
assert(ret);
assert(_optlen);
assert(_optoffset);
@@ -422,7 +423,15 @@ static int client_message_init(sd_dhcp_client *client,
DHCPPacket **ret,
/* Although 'secs' field is a SHOULD in RFC 2131, certain DHCP servers
refuse to issue an DHCP lease if 'secs' is set to zero */
-packet->dhcp.secs = htobe16(client->secs);
+r = sd_event_now(client->event, clock_boottime_or_monotonic(),
&time_now);
+if (r < 0)
+return r;
+assert(time_now >= client->start_time);
+
+/* seconds between sending first and last DISCOVER
+ * must always be strictly positive to deal with broken servers */
+secs = ((time_now - client->start_time) / USEC_PER_SEC) ? : 1;
+packet->dhcp.secs = htobe16(secs);
/* RFC2132 section 4.1
A client that cannot receive unicast IP datagrams until its protocol
@@ -529,24 +538,12 @@ static int dhcp_client_send_raw(sd_dhcp_client *client,
DHCPPacket *packet,
static int client_send_discover(sd_dhcp_client *client) {
_cleanup_free_ DHCPPacket *discover = NULL;
size_t optoffset, optlen;
-usec_t time_now;
int r;
assert(client);
assert(client->state == DHCP_STATE_INIT ||
client->state == DHCP_STATE_SELECTING);
-/* See RFC2131 section 4.4.1 */
-
-r = sd_event_now(client->event, clock_boottime_or_monotonic(),
&time_now);
-if (r < 0)
-return r;
-assert(time_now >= client->start_time);
-
-/* seconds between sending first and last DISCOVER
- * must always be strictly positive to deal with broken servers */
-client->secs = ((time_now - client->start_time) / USEC_PER_SEC) ? : 1;
-
r = client_message_init(client, &discover, DHCP_DISCOVER,
&optlen, &optoffset);
if (r < 0)
@@ -963,10 +960,8 @@ static int client_start(sd_dhcp_client *client) {
}
client->fd = r;
-if (client->state == DHCP_STATE_INIT) {
+if (client->state == DHCP_STATE_INIT || client->state ==
DHCP_STATE_INIT_REBOOT)
client->start_time = now(clock_boottime_or_monotonic());
-client->secs = 0;
-}
return client_initialize_events(client, client_receive_message_raw);
}
--
1.9.3
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Changing configurations with networkd
On Wed, 2014-07-23 at 16:46 +0200, Marcel Holtmann wrote: > Hi Michael, > > >>> I think the lease should be remembered and reused in this case. > >> > >> Hm, this sounds like a bug somewhere. When the new discover is sent > >> out it should send the same identifying information to the server, and > >> hence be given the same lease back again. Wireshark should tell you if > >> the fault is networkd's or the DHCP server. > > > > I get the same address at first, but after several minutes the DHCP server > > decides to offer a new address. I should note, that I have a 10 minute > > lease time for debugging purposes, so that might make the problem more > > prominent. I'll see if I can figure out what happens here. > > look at your DHCP server and see what lease time it really hands out after > reboot. > > However this is between you and your DHCP server. If you configure a lease > time of 10 minutes, then that is the only guaranteed time for a given IP > address. There is no mandate that the server has to give you the same address > after 10 minutes when you ask again. It is valid to just get a different one. > And that many home routers try to give you back the same one does not mean > that they are required to do so. > > The nice DHCP servers will remember your Ethernet address and/or identity > information and give you back your old IP address. Either with the left over > lease time or with a brand new lease time. There is really no need to store > this information on disk. If the lease expired the information on disk are > stale as well. And since our DHCP implementation is so fast, it makes really > no difference. Digging up an old thread because I just ran into this situation. A "so fast" DHCP client doesn't help if the server doesn't cooperate, and we don't control the DHCP server. The router I was using (which isn't a dirt-cheap one) doesn't care about the client ID or hardware address, it will only give you the same IP address back if you send your old IP address in the 'ciaddr' field and your lease is still valid. And the 'ciaddr' field is zeroed on DISCOVER, which means that to retrieve the same IP address/lease with this router, REBOOT/RENEW is necessary. I suspect that's likely the case for quite a few more routers out there as well. The router doesn't have problems with other clients/OSs that I have found, just the systemd DHCP code. So it appears that to retrieve the same address again for as many routers as possible, the lease details (lifetime, start time, last IP address, client ID) should probably be stored somewhere for the client to send later on reboot or service restart. Dan > It is safer start out with a brand new DHCP lease instead of having to deal > with renewal during boot. At least that way you know the DHCP server is still > there and you have a valid IP address. Just re-using a stored IP with a > left-over lease is not safe anyway. You never know what changed in the > network when you were off. > > Regards > > Marcel > > ___ > systemd-devel mailing list > systemd-devel@lists.freedesktop.org > http://lists.freedesktop.org/mailman/listinfo/systemd-devel ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] switch_root: do not fail, if base_filesystem_create() failed
From: Harald Hoyer
Not all switch roots are like base_filesystem_create() wants them
to look like. They might even boot, if they are RO and don't have the FS
layout. Just ignore the error and switch_root nevertheless.
base_filesystem_create() should have logged, what went wrong.
---
src/shared/switch-root.c | 6 +-
1 file changed, 1 insertion(+), 5 deletions(-)
diff --git a/src/shared/switch-root.c b/src/shared/switch-root.c
index bac0e5c..673f8a7 100644
--- a/src/shared/switch-root.c
+++ b/src/shared/switch-root.c
@@ -103,11 +103,7 @@ int switch_root(const char *new_root, const char *oldroot,
bool detach_oldroot,
}
}
-r = base_filesystem_create(new_root);
-if (r < 0) {
-log_error("Failed to create the base filesystem: %s",
strerror(-r));
-return r;
-}
+base_filesystem_create(new_root);
if (chdir(new_root) < 0) {
log_error("Failed to change directory to %s: %m", new_root);
--
2.1.0
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] systemd-nspawn - exporting /dev/video0
Hi, I'm in need to passthrough /dev/video0 for a gstreamer based application development. Is it possible using systemd-nspawn? I tried enabling CAP_MKNOD and manually creating /dev/video0. But it was not recognized. Is there any way to do it? Thanks, Mohan R ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Race condition on systemd-run --scope
Hi Lennart, Were you able to figure out the problem? You were suspecting that we might not be getting cgroup empty notifications from kernel. Umut On Fri, Oct 24, 2014 at 3:19 PM, Umut Tezduyar Lindskog wrote: > Hi, > > Since you said you have covered my theories when you implemented, I > have stopped looking in to this. > > Following: > > [root@axis-00408cc563e5 /mnt/flash/root]27929# cat stress > #!/bin/sh > > systemd-run --scope /bin/true & > systemd-run --scope /bin/true & > systemd-run --scope /bin/true & > systemd-run --scope /bin/true & > systemd-run --scope /bin/true & > systemd-run --scope /bin/true & > systemd-run --scope /bin/true & > systemd-run --scope /bin/true & > [root@axis-00408cc563e5 /mnt/flash/root]27929# ./stress > [root@axis-00408cc563e5 /mnt/flash/root]27929# Running as unit > run-27947.scope. > Running as unit run-27946.scope. > Running as unit run-27945.scope. > Running as unit run-27948.scope. > Running as unit run-27952.scope. > Running as unit run-27950.scope. > Running as unit run-27951.scope. > Running as unit run-27949.scope. > > [root@axis-00408cc563e5 /mnt/flash/root]27929# systemctl -t scope > UNITLOAD ACTIVE SUB DESCRIPTION > run-27945.scope loaded active running /bin/true > run-27946.scope loaded active running /bin/true > run-27947.scope loaded active running /bin/true > run-27948.scope loaded active running /bin/true > run-27949.scope loaded active running /bin/true > run-27950.scope loaded active running /bin/true > run-27951.scope loaded active running /bin/true > run-27952.scope loaded active running /bin/true > > LOAD = Reflects whether the unit definition was properly loaded. > ACTIVE = The high-level unit activation state, i.e. generalization of SUB. > SUB= The low-level unit activation state, values depend on unit type. > > 8 loaded units listed. Pass --all to see loaded but inactive units, too. > To show all installed unit files use 'systemctl list-unit-files'. > [root@axis-00408cc563e5 /mnt/flash/root]27929# systemctl status > run-27945.scope > ● run-27945.scope - /bin/true >Loaded: loaded (/run/systemd/system/run-27945.scope; static) > Drop-In: /run/systemd/system/run-27945.scope.d >└─50-Description.conf >Active: active (running) since Fri 2014-10-24 13:13:26 GMT; 15s ago > > On Fri, Oct 24, 2014 at 1:40 AM, Lennart Poettering > wrote: >> On Mon, 29.09.14 15:34, Umut Tezduyar Lindskog (u...@tezduyar.com) wrote: >> >>> Hi, >>> >>> I have stumbled on a race condition on systemd-run --scope command. >>> Due to race condition, unit might show up as active/running even >>> though there is no process in the cgroup. >> >> Umut! >> >> At the hackfest in Düsseldorf you showed me an easy way how to >> reproduce this issue, what was that again? >> >> Lennart >> >> -- >> Lennart Poettering, Red Hat ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] systemd-machined sigterm, cgroups trimmed
Hello there, I'm currently running systemd 216 on Fedora 21 and I've found an issue where systemd-machined stops running and cgroups are trimmed from the scope of running qemu virtual machines. The series of events looks like this: 1) OpenStack nova creates a KVM virtual machine via libvirt 2) Libvirt registers the VM with systemd-machined, cgroups appear 3) 0-300 seconds pass 4) systemd-machined gets a sigterm and stops 5) cgroups are trimmed for running virtual machines The cgroup trimming is a disaster because it removes devices.allow and devices.deny ACL's for the running virtual machine. Here is a snippet of the systemd journal with two virtual machines running. You'll see that systemd-machined gets a sigterm and stops: https://gist.github.com/major/2d76cbf0d0de0d62ce3f Shortly after systemd-machined goes offline, the cgroups are removed. Rebooting the hypervisor, rebooting a virtual machine, or building a new virtual machine will cause systemd-machined to start again but it will stop shortly afterwards. I'm running libvirt 1.2.9 and systemd 216 on Linux 3.16.7. Thanks in advance for your help. -- Major Hayden ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] man/tmpfiles.d: fix typo
--- man/tmpfiles.d.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/man/tmpfiles.d.xml b/man/tmpfiles.d.xml index f2360ba..1b14d69 100644 --- a/man/tmpfiles.d.xml +++ b/man/tmpfiles.d.xml @@ -108,8 +108,8 @@ filename in lexicographic order, regardless of which of the directories they reside in. If multiple files specify the same path, the entry in the file with the -lexicographically earliest name will be applied, all -all other conflicting entries will be logged as +lexicographically earliest name will be applied. +All other conflicting entries will be logged as errors. When two lines are prefix and suffix of each other, then the prefix is always processed first, the suffix later. Otherwise, the files/directories are -- 1.9.3 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] localed: validate set-x11-keymap input
Try to validate the input similarly to how setxkbmap does it. Multiple
layouts and variants can be specified, separated by a comma. Variants
can also be left out, meaning that the user doesn't want any particular
variant for the respective layout.
Variants are validated respectively to their layouts. First variant
validates against first layout, second variant to second layout, etc. If
there are more entries of either layouts or variants, only their
respective counterparts are validated, the rest is ignored.
Examples:
$ set-x11-keymap us,cz pc105 ,qwerty
"us" is not validated, because no respective variant was specified. "cz"
is checked for an existing "qwerty" variant, the check succeeds.
$ set-x11-keymap us pc105 ,qwerty
"us" is not validated as in the above example. The rest of the variants
is ignored, because there are no respective layouts.
$ set-x11-keymap us,cz pc105 qwerty
"us" is validated against the "qwerty" variant, check fails, because
there is no "qwerty" variant for the "us" layout.
$ set-x11-keymap us,cz pc105 euro,qwerty
Validation succeeds, there is the "euro" variant for the "us" layout,
and "qwerty" variant for the "cz" layout.
http://lists.freedesktop.org/archives/systemd-devel/2014-October/024411.html
---
Makefile.am| 2 +
src/locale/localectl.c | 77 ++--
src/locale/localed.c | 8 ++
src/shared/xkb-util.c | 194 +
src/shared/xkb-util.h | 39 ++
5 files changed, 248 insertions(+), 72 deletions(-)
create mode 100644 src/shared/xkb-util.c
create mode 100644 src/shared/xkb-util.h
diff --git a/Makefile.am b/Makefile.am
index ff5f61b..f17bec6 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -770,6 +770,8 @@ libsystemd_shared_la_SOURCES = \
src/shared/time-util.h \
src/shared/locale-util.c \
src/shared/locale-util.h \
+ src/shared/xkb-util.c \
+ src/shared/xkb-util.h \
src/shared/mempool.c \
src/shared/mempool.h \
src/shared/hashmap.c \
diff --git a/src/locale/localectl.c b/src/locale/localectl.c
index d4a2d29..8f9e4da 100644
--- a/src/locale/localectl.c
+++ b/src/locale/localectl.c
@@ -46,6 +46,7 @@
#include "virt.h"
#include "fileio.h"
#include "locale-util.h"
+#include "xkb-util.h"
static bool arg_no_pager = false;
static bool arg_ask_password = true;
@@ -389,14 +390,7 @@ static int set_x11_keymap(sd_bus *bus, char **args,
unsigned n) {
static int list_x11_keymaps(sd_bus *bus, char **args, unsigned n) {
_cleanup_fclose_ FILE *f = NULL;
_cleanup_strv_free_ char **list = NULL;
-char line[LINE_MAX];
-enum {
-NONE,
-MODELS,
-LAYOUTS,
-VARIANTS,
-OPTIONS
-} state = NONE, look_for;
+enum keymap_state look_for;
int r;
if (n > 2) {
@@ -404,12 +398,6 @@ static int list_x11_keymaps(sd_bus *bus, char **args,
unsigned n) {
return -EINVAL;
}
-f = fopen("/usr/share/X11/xkb/rules/base.lst", "re");
-if (!f) {
-log_error("Failed to open keyboard mapping list. %m");
-return -errno;
-}
-
if (streq(args[0], "list-x11-keymap-models"))
look_for = MODELS;
else if (streq(args[0], "list-x11-keymap-layouts"))
@@ -421,64 +409,9 @@ static int list_x11_keymaps(sd_bus *bus, char **args,
unsigned n) {
else
assert_not_reached("Wrong parameter");
-FOREACH_LINE(line, f, break) {
-char *l, *w;
-
-l = strstrip(line);
-
-if (isempty(l))
-continue;
-
-if (l[0] == '!') {
-if (startswith(l, "! model"))
-state = MODELS;
-else if (startswith(l, "! layout"))
-state = LAYOUTS;
-else if (startswith(l, "! variant"))
-state = VARIANTS;
-else if (startswith(l, "! option"))
-state = OPTIONS;
-else
-state = NONE;
-
-continue;
-}
-
-if (state != look_for)
-continue;
-
-w = l + strcspn(l, WHITESPACE);
-
-if (n > 1) {
-char *e;
-
-if (*w == 0)
-continue;
-
-*w = 0;
-w++;
-w += strspn(w, WHITESPACE);
-
-e = strchr(w, ':');
-if (!e)
-continue;
-
-*e = 0;
-
-if (!streq(w, args[1]))
-continue;
-
[systemd-devel] [PATCH] localed: validate set-x11-keymap input
As mentioned in [1], it would probably be better if the validation errors were just warnings, but I'm not sure if that can be achieved over dbus. [1] http://lists.freedesktop.org/archives/systemd-devel/2014-October/024129.html Jan Synacek (1): localed: validate set-x11-keymap input Makefile.am| 2 + src/locale/localectl.c | 77 ++-- src/locale/localed.c | 8 ++ src/shared/xkb-util.c | 194 + src/shared/xkb-util.h | 39 ++ 5 files changed, 248 insertions(+), 72 deletions(-) create mode 100644 src/shared/xkb-util.c create mode 100644 src/shared/xkb-util.h -- 1.9.3 ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] [PATCH 2/5] libsystemd:terminal :fix uninitialized warning
Hi
On Mon, Nov 3, 2014 at 1:50 PM, Lennart Poettering
wrote:
> On Mon, 03.11.14 13:46, David Herrmann (dh.herrm...@gmail.com) wrote:
>
>> static inline int negative_errno(void) {
>> assert_return(errno > 0, -EINVAL);
>> return -errno;
>> }
>
> Looks great to me!
>
> But please add a comment next to it, explaining why to use this. I
> mean, we should really clarify that "return -errno" is usually enough,
> and "return negative_errno()" is really just about making gcc shut up,
> and should not be used for cases unlike the one you ran into.
I pushed this now. It's probably only useful for constructors, as they
don't clear the output-parameters on failure. If the return-value is
the only output-argument, there's usually no need to use it.
Thanks
David
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Unicode support in console after boot
Hi On Thu, Oct 23, 2014 at 6:01 PM, Ray Strode wrote: > Hi, > > On Tue, Oct 21, 2014 at 1:39 PM, Ivan Shapovalov wrote: >>> > > Please try editing >>> > > /usr/lib/systemd/system/systemd-vconsole-setup.service and >>> > > remove RemainAfterExit=yes, then regenerate your initramfs image by >>> > > running >>> > > dracut command. Add back RemainAfterExit=yes to service file. Reboot. >>> > >>> > Yep, this helped. Could you please explain why? Also, I believe this >>> > should be fixed in all Fedora versions. >> >> IIUC, this makes unit to be re-run outside of initramfs, so the VT is set up >> twice, >> second time after switching the framebuffer driver. >> >> And the latter condition is not mandated by anything, it's just a >> coincidence... > So I got pinged this morning about a similar systemd-vconsole-setup > issue. Namely, setting the font in vconsole.conf to a big font like > latarcyrheb-sun32 or so (for hidpi screens) doesn't work. After some > digging, we figured out it's the same sort of problem. > systemd-vconsole-setup gets run when vgacon is running (and fails > since vgacon doesn't support glyphs that big). Then when fbcon is > loaded from the modesetting driver, it just gets the default font. > > I think we need to rerun systemd-vconsole-setup when the fbcon device > comes available. I don't think the above proposal is "right". One > idea would be to add > > , RUN+="/usr/lib/systemd/systemd-vconsole-setup" > > to the end of the SUBSYSTEM="graphics" line in 71-seat.rules in udev. > I'm not sure if that's exactly the best fix either though. Kay, what > do you think? fbcon has a device itself, so we can just match on this, right? Otherwise, the fix looks good. Thanks for the hints! Btw., this still fails on console-driver changes during runtime via sysfs 'bind' files. But I guess we really don't care.. Thanks David ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Detecting inactive sessions
On Tue, 2014-11-04 at 10:09 +0100, David Herrmann wrote: > Hi Bastien > > On Mon, Nov 3, 2014 at 5:30 PM, Bastien Nocera wrote: > > On Mon, 2014-11-03 at 17:28 +0100, David Herrmann wrote: > >> Hi > >> > >> On Wed, Oct 29, 2014 at 3:45 PM, Bastien Nocera wrote: > >> > For a very specific definition of inactive. > >> > > >> > I'm looking at a way for the iio-sensor-proxy at: > >> > https://github.com/hadess/iio-sensor-proxy > >> > to suspend reading from accelerometers (or maybe to turn them off), when > >> > all the sessions are locked and the screens turned off. > >> > > >> > This would usually mean that I would enable reading from the sensor if > >> > one session is "active" and stop reading if none are "active". Is this > >> > correct? Is it up to the session manager (eg. gnome-session) to tell us > >> > whether a session is active or not, or do I have this backwards? > >> > >> For uhid (similar to uinput) you get an OPEN and CLOSE event whenever > >> the first/last user opens/closes the device you created. I think we > >> want something similar for uinput. That is, when a gnome session is > >> inactive, they should just close the input devices that were created > >> by iio-sensor-proxy (done automatically if you use the systemd-logind > >> API to access devices). This way, iio-sensor-proxy knows whenever at > >> least one session uses the data. This is also how most kernel-internal > >> APIs work. > > > > The session doesn't read from the uinput device. The iio-sensor-proxy > > just sends out a kevent, which is caught by the accelerometer helper in > > udev. The GNOME session catches the udev event and reads the changed > > property. > > Ugh, you're right, of course! > > So we have this user-space driver, iio-sensor-proxy, which wants to > stop reporting data if the there is no consumer of it. Still, the > obvious way is for the consumers to tell iio-sensor-proxy. Given the > current design (via uevents), this is not possible, though. > I have no idea how to fix this up. I really dislike adding heuristics > to iio-sensor-proxy to "guess" whether there is any consumer of the > data. Imagine there's a system that uses the orientation data to > control sound-output, instead of video-output. How would you know that > in iio-sensor-proxy? The system might look idle, all displays are off, > but still, someone might want this data. That's really not the way that the proxy is done, it only sends events via uinput when the orientation changes in a major way. This is really not setup to help configure anything but the screen orientation. > btw., looking at iio-sensor-proxy: you send uevents for _each_ > accelerometer event? uevents are _really_ heavy, compared to input > events. I'm not sure this is a good idea, unless the accelerometers > report data only every few seconds. No, we don't. We send uevents when the orientation is changed (landscape vs. portrait, not a 5 degrees angle change). ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
Re: [systemd-devel] Detecting inactive sessions
Hi Bastien On Mon, Nov 3, 2014 at 5:30 PM, Bastien Nocera wrote: > On Mon, 2014-11-03 at 17:28 +0100, David Herrmann wrote: >> Hi >> >> On Wed, Oct 29, 2014 at 3:45 PM, Bastien Nocera wrote: >> > For a very specific definition of inactive. >> > >> > I'm looking at a way for the iio-sensor-proxy at: >> > https://github.com/hadess/iio-sensor-proxy >> > to suspend reading from accelerometers (or maybe to turn them off), when >> > all the sessions are locked and the screens turned off. >> > >> > This would usually mean that I would enable reading from the sensor if >> > one session is "active" and stop reading if none are "active". Is this >> > correct? Is it up to the session manager (eg. gnome-session) to tell us >> > whether a session is active or not, or do I have this backwards? >> >> For uhid (similar to uinput) you get an OPEN and CLOSE event whenever >> the first/last user opens/closes the device you created. I think we >> want something similar for uinput. That is, when a gnome session is >> inactive, they should just close the input devices that were created >> by iio-sensor-proxy (done automatically if you use the systemd-logind >> API to access devices). This way, iio-sensor-proxy knows whenever at >> least one session uses the data. This is also how most kernel-internal >> APIs work. > > The session doesn't read from the uinput device. The iio-sensor-proxy > just sends out a kevent, which is caught by the accelerometer helper in > udev. The GNOME session catches the udev event and reads the changed > property. Ugh, you're right, of course! So we have this user-space driver, iio-sensor-proxy, which wants to stop reporting data if the there is no consumer of it. Still, the obvious way is for the consumers to tell iio-sensor-proxy. Given the current design (via uevents), this is not possible, though. I have no idea how to fix this up. I really dislike adding heuristics to iio-sensor-proxy to "guess" whether there is any consumer of the data. Imagine there's a system that uses the orientation data to control sound-output, instead of video-output. How would you know that in iio-sensor-proxy? The system might look idle, all displays are off, but still, someone might want this data. btw., looking at iio-sensor-proxy: you send uevents for _each_ accelerometer event? uevents are _really_ heavy, compared to input events. I'm not sure this is a good idea, unless the accelerometers report data only every few seconds. Thanks David ___ systemd-devel mailing list systemd-devel@lists.freedesktop.org http://lists.freedesktop.org/mailman/listinfo/systemd-devel
[systemd-devel] [PATCH] smack: introduce new SmackLabelExec option
In case of systemd has "_" label and run as root, if a service file
has "User=" option and the command line file has a special SMACK label
then systemd will fail to execute the command. Generally, SMACK label
is ignored for the root. But if a service has a "User=" then systemd
will call setresuid() in the child process. After then it no more
root. So it should have some of executable label for the command. To
set the SMACK64EXEC before the uid is changed introduce new
SmackLabelExec option.
---
man/systemd.exec.xml | 9 +++
src/core/dbus-execute.c | 19 +
src/core/execute.c| 14 ++
src/core/execute.h| 3 +++
src/core/load-fragment-gperf.gperf.m4 | 7 +++--
src/core/load-fragment.c | 50 +++
src/core/load-fragment.h | 1 +
src/shared/exit-status.h | 1 +
src/shared/smack-util.c | 26 ++
src/shared/smack-util.h | 1 +
10 files changed, 129 insertions(+), 2 deletions(-)
diff --git a/man/systemd.exec.xml b/man/systemd.exec.xml
index e9af4ab..27e6fae 100644
--- a/man/systemd.exec.xml
+++ b/man/systemd.exec.xml
@@ -1138,6 +1138,15 @@
+SmackLabelExec=
+
+Set the SMACK security
+label of the executed process. This directive
is ignored if SMACK is
+disabled. If prefixed by -,
all errors will be
+ignored.
+
+
+
IgnoreSIGPIPE=
Takes a boolean
diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
index 9276da4..5c56824 100644
--- a/src/core/dbus-execute.c
+++ b/src/core/dbus-execute.c
@@ -508,6 +508,24 @@ static int property_get_apparmor_profile(
return sd_bus_message_append(reply, "(bs)",
c->apparmor_profile_ignore, c->apparmor_profile);
}
+static int property_get_smack_exec_label(
+sd_bus *bus,
+const char *path,
+const char *interface,
+const char *property,
+sd_bus_message *reply,
+void *userdata,
+sd_bus_error *error) {
+
+ExecContext *c = userdata;
+
+assert(bus);
+assert(reply);
+assert(c);
+
+return sd_bus_message_append(reply, "(bs)",
c->smack_exec_label_ignore, c->smack_exec_label);
+}
+
static int property_get_personality(
sd_bus *bus,
const char *path,
@@ -636,6 +654,7 @@ const sd_bus_vtable bus_exec_vtable[] = {
SD_BUS_PROPERTY("UtmpIdentifier", "s", NULL, offsetof(ExecContext,
utmp_id), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("SELinuxContext", "(bs)",
property_get_selinux_context, 0, SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("AppArmorProfile", "(bs)",
property_get_apparmor_profile, 0, SD_BUS_VTABLE_PROPERTY_CONST),
+SD_BUS_PROPERTY("SmackLabelExec", "(bs)",
property_get_smack_exec_label, 0, SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("IgnoreSIGPIPE", "b", bus_property_get_bool,
offsetof(ExecContext, ignore_sigpipe), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("NoNewPrivileges", "b", bus_property_get_bool,
offsetof(ExecContext, no_new_privileges), SD_BUS_VTABLE_PROPERTY_CONST),
SD_BUS_PROPERTY("SystemCallFilter", "(bas)",
property_get_syscall_filter, 0, SD_BUS_VTABLE_PROPERTY_CONST),
diff --git a/src/core/execute.c b/src/core/execute.c
index c41aec2..5222aee 100644
--- a/src/core/execute.c
+++ b/src/core/execute.c
@@ -90,6 +90,10 @@
#include "seccomp-util.h"
#endif
+#ifdef HAVE_SMACK
+#include "smack-util.h"
+#endif
+
#define IDLE_TIMEOUT_USEC (5*USEC_PER_SEC)
#define IDLE_TIMEOUT2_USEC (1*USEC_PER_SEC)
@@ -1617,6 +1621,16 @@ static int exec_child(ExecCommand *command,
}
}
+#ifdef HAVE_SMACK
+if (context->smack_exec_label) {
+err = mac_smack_apply_pid(0,
context->smack_exec_label);
+if (err < 0) {
+*error = EXIT_SMACK_LABEL;
+return err;
+}
+}
+#endif
+
if (context->user) {
err = enforce_user(context, uid);
if (err < 0) {
diff --git a/src/core/execute.h b/src/core/execute.h
index c45dde5..e6b9122 100644
--- a/src/core/execute.h
+++ b/src/core/execute.h
@@ -142,6 +142,9 @@ struct ExecContext {
bool apparmor_profile_ignore;
char *apparmor_profile;
+bool smack_exec_label_ignore;
+char *smack_exec_label;
+
char **read_write_dirs, **read_only_dirs, **in
[systemd-devel] SELinux code in method_{disable, enable}_unit_files_generic() functions
Hello,
After looking a bit around the code, I've two questions about the
SELinux code in method_{disable,enable}_unit_files_generic() functions.
In method_enable_unit_files_generic(),
mac_selinux_unit_access_check_strv() is used to check the SELinux
permissions while in method_disable_unit_files_generic(),
mac_selinux_access_check() is used.
Shouldn't it be mac_selinux_unit_access_check_strv() in both cases as
it applies to units and that you can have a list of them?
Also, I'm a bit puzzled by the fact that you pass the "disable" verb to
the method_enable_unit_files_generic() function in the case of
masking/unmasking a service (and the opposite is also true with the
disable function).
Am I missing something here? Or should a bug be opened?
Cheers,
Laurent Bigonville
PS: I'm putting Daniel in CC
___
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
