Commit Graph

64 Commits

Author SHA1 Message Date
Lennart Poettering
6550203eb4 util-lib: move fstab_node_to_udev_node() to fstab-util.[ch] 2015-10-27 13:25:55 +01:00
Lennart Poettering
0d39fa9c69 util-lib: move more file I/O related calls into fileio.[ch] 2015-10-27 13:25:55 +01:00
Lennart Poettering
5f311f8c0e util: remove path_get_parent(), in favour of dirname_malloc()
We don't need two functions that do essentialy the same, hence drop
path_get_parent(), and stick to dirname_malloc(), but move it to
path-util.[ch].
2015-10-27 13:25:55 +01:00
Lennart Poettering
e4e73a6325 util-lib: split out hex/dec/oct encoding/decoding into its own file 2015-10-27 13:25:55 +01:00
Lennart Poettering
6bedfcbb29 util-lib: split string parsing related calls from util.[ch] into parse-util.[ch] 2015-10-27 13:25:55 +01:00
Lennart Poettering
4d0d3d41d2 process-util: move more process related calls to process-util.[ch] 2015-10-26 01:24:39 +01:00
Lennart Poettering
2583fbea8e socket-util: move remaining socket-related calls from util.[ch] to socket-util.[ch] 2015-10-26 01:24:39 +01:00
Lennart Poettering
b1d4f8e154 util-lib: split out user/group/uid/gid calls into user-util.[ch] 2015-10-26 01:24:38 +01:00
Lennart Poettering
c004493cde util-lib: split out IO related calls to io-util.[ch] 2015-10-26 01:24:38 +01:00
Lennart Poettering
3ffd4af220 util-lib: split out fd-related operations into fd-util.[ch]
There are more than enough to deserve their own .c file, hence move them
over.
2015-10-25 13:19:18 +01:00
Lennart Poettering
00229fe48f util: move logind_running() to login-util.[ch] 2015-10-24 23:30:40 +02:00
Lennart Poettering
07630cea1f util-lib: split our string related calls from util.[ch] into its own file string-util.[ch]
There are more than enough calls doing string manipulations to deserve
its own files, hence do something about it.

This patch also sorts the #include blocks of all files that needed to be
updated, according to the sorting suggestions from CODING_STYLE. Since
pretty much every file needs our string manipulation functions this
effectively means that most files have sorted #include blocks now.

Also touches a few unrelated include files.
2015-10-24 23:05:02 +02:00
Lennart Poettering
4f5dd3943b util: split out escaping code into escape.[ch]
This really deserves its own file, given how much code this is now.
2015-10-24 23:04:42 +02:00
Lennart Poettering
84ac7bea36 util: split out extract_first_word() and related calls into extract-word.[ch]
This is quite a lot of code these days, hence move it to its own source
file.
2015-10-24 23:03:49 +02:00
Lennart Poettering
ac7edd9167 util: improve dir_is_empty() call
Simplify the call, and add dir_is_populated() as inverse call, in order
to make some checks easier to read.
2015-10-22 01:59:24 +02:00
Lennart Poettering
c91960c5a0 Merge pull request #1619 from iaguis/nspawn-sysfs-netns-3
nspawn: skip /sys-as-tmpfs if we don't use private-network
2015-10-20 12:22:32 +02:00
Iago López Galeiras
d167824896 nspawn: skip /sys-as-tmpfs if we don't use private-network
Since v3.11/7dc5dbc ("sysfs: Restrict mounting sysfs"), the kernel
doesn't allow mounting sysfs if you don't have CAP_SYS_ADMIN rights over
the network namespace.

So the mounting /sys as a tmpfs code introduced in
d8fc6a000f doesn't work with user
namespaces if we don't use private-net. The reason is that we mount
sysfs inside the container and we're in the network namespace of the host
but we don't have CAP_SYS_ADMIN over that namespace.

To fix that, we mount /sys as a sysfs (instead of tmpfs) if we don't use
private network and ignore the /sys-as-a-tmpfs code if we find that /sys
is already mounted as sysfs.

Fixes #1555
2015-10-20 10:19:23 +02:00
Zbigniew Jędrzejewski-Szmek
ab84f5b95e strv: Add _cleanup_strv_free_erase_ and _cleanup_string_free_erase_ 2015-10-19 23:13:07 +02:00
Lennart Poettering
1602b00853 tree-wide: whenever we deal with passwords, erase them from memory after use
A bit snake-oilish, but can't hurt.
2015-10-19 23:13:07 +02:00
Evgeny Vereshchagin
257b0719cb util: add func for checking OOMScoreAdjust 2015-10-17 20:03:40 +00:00
Evgeny Vereshchagin
adb8ec96f2 util: add functions for validating syslog level and facility 2015-10-14 16:35:24 +00:00
Lennart Poettering
66cb2fde7b basic: move two more terminal-related calls into terminal-util.[ch] 2015-10-08 12:49:59 +02:00
Lennart Poettering
8dd4c05b54 core: add support for naming file descriptors passed using socket activation
This adds support for naming file descriptors passed using socket
activation. The names are passed in a new $LISTEN_FDNAMES= environment
variable, that matches the existign $LISTEN_FDS= one and contains a
colon-separated list of names.

This also adds support for naming fds submitted to the per-service fd
store using FDNAME= in the sd_notify() message.

This also adds a new FileDescriptorName= setting for socket unit files
to set the name for fds created by socket units.

This also adds a new call sd_listen_fds_with_names(), that is similar to
sd_listen_fds(), but also returns the names of the fds.

systemd-activate gained the new --fdname= switch to specify a name for
testing socket activation.

This is based on #1247 by Maciej Wereski.

Fixes #1247.
2015-10-06 11:52:48 +02:00
Lennart Poettering
618234a525 basic: split out cpu set specific APIs into cpu-set-util.[ch] 2015-09-30 22:26:16 +02:00
Lennart Poettering
765d143b5f util: rename parse_cpu_set() to parse_cpu_set_and_warn()
It's pretty untypical for our parsing functions to log on their own.
Clarify in the name that this one does.
2015-09-30 22:26:16 +02:00
Lennart Poettering
3f6fd1ba65 util: introduce common version() implementation and use it everywhere
This also allows us to drop build.h from a ton of files, hence do so.
Since we touched the #includes of those files, let's order them properly
according to CODING_STYLE.
2015-09-29 21:08:37 +02:00
Lennart Poettering
189d5bac5c util: unify implementation of NOP signal handler
This is highly complex code after all, we really should make sure to
only keep one implementation of this extremely difficult function
around.
2015-09-29 21:08:37 +02:00
Lennart Poettering
3ee897d6c2 tree-wide: port more code to use send_one_fd() and receive_one_fd()
Also, make it slightly more powerful, by accepting a flags argument, and
make it safe for handling if more than one cmsg attribute happens to be
attached.
2015-09-29 21:08:37 +02:00
Filipe Brandenburger
f5c72b739e util: refactor cpu_set parsing into its own function
Use the new code in config_parse_cpu_affinity2.

Tested by modifying CPUAffinity=... setting in /etc/systemd/system.conf
and reloading the daemon, then checking ^Cpus_allowed in /proc/1/status
to confirm the correct CPU mask is in place.
2015-09-24 18:01:36 -07:00
Daniel Mack
d11885c814 Merge pull request #1335 from poettering/some-fixes
A variety of mostly unrelated fixes
2015-09-22 17:04:38 +02:00
Lennart Poettering
c077529ba6 util: drop UID_IS_INVALID() in favour of uid_is_valid()
No need to keep both functions, settle on uid_is_valid() for everything.
2015-09-22 16:31:32 +02:00
Lennart Poettering
f6c2284ad3 util.h: order includes, as suggested by CODING_STYLE
Of course, because Linux is broken we cannot actually really order it,
and must keep linux/fs.h after sys/mount.h... Yay for Linux!
2015-09-22 16:31:19 +02:00
Lennart Poettering
8c721f2bcb util: clean-ups to enum parsers
Never log when we fail due to OOM when translating enums, let the caller
do that. Translating basic types like enums should be something where
the caller logs, not the translatior functions.

Return -1 when NULL is passed to all enum parser functions.

The non-fallback versions of the enum translator calls already handle
NULL as failure, instead of hitting an assert, and we should do this
here, too.
2015-09-22 16:31:10 +02:00
Lennart Poettering
ed0d40229b util: add safe_closedir() similar to safe_fclose() 2015-09-22 16:30:24 +02:00
David Herrmann
d960371482 util: introduce {send,receive}_one_fd()
Introduce two new helpers that send/receive a single fd via a unix
transport. Also make nspawn use them instead of hard-coding it.

Based on a patch by Krzesimir Nowak.
2015-09-22 14:09:54 +02:00
Michal Schmidt
a8b626100b basic: nicer xsprintf and xstrftime assert messages
It's nicer if the assertion failure message from a bad use of xsprintf
actually mentions xsprintf instead of the expression the macro is
implemented as.

The assert_message_se macro was added in the previous commit as an
internal helper, but it can also be used for customizing assertion
failure messages like in this case.

Example:
  char buf[10];
  xsprintf(buf, "This is a %s message.\n", "long");

Before:
  Assertion '(size_t) snprintf(buf, ELEMENTSOF(buf), "This is a %s
  message.\n", "long") < ELEMENTSOF(buf)' failed at foo.c:6, function
  main(). Aborting.

After:
  Assertion 'xsprintf: buf[] must be big enough' failed at foo.c:6,
  function main(). Aborting.
2015-09-16 15:48:00 +02:00
Lennart Poettering
59f448cf15 tree-wide: never use the off_t unless glibc makes us use it
off_t is a really weird type as it is usually 64bit these days (at least
in sane programs), but could theoretically be 32bit. We don't support
off_t as 32bit builds though, but still constantly deal with safely
converting from off_t to other types and back for no point.

Hence, never use the type anymore. Always use uint64_t instead. This has
various benefits, including that we can expose these values directly as
D-Bus properties, and also that the values parse the same in all cases.
2015-09-10 18:16:18 +02:00
Daniel Mack
01da201420 Merge pull request #1218 from poettering/safe-fclose
util: introduce safe_fclose() and port everything over to it
2015-09-09 15:45:03 +02:00
Lennart Poettering
74ca738f6a util: introduce safe_fclose() and port everything over to it
Adds a coccinelle script to port things over automatically.
2015-09-09 15:26:11 +02:00
Daniel Mack
87699fe313 locale: kill free_and_replace()
That function really makes little sense, as the open-coded variant
is much more readable. Also, if the 2nd argument is NULL, mfree()
is a much better candidate.

Convert the only users of this function in localed, and then remove it
entirely.
2015-09-09 15:15:14 +02:00
Michael Chapman
88ced61bf9 core: pass details to polkit for some unit actions
The following details are passed:

- unit: the primary name of the unit upon which the action was
        invoked (i.e. after resolving any aliases);
- verb: one of 'start', 'stop', 'reload', 'restart', 'try-restart',
        'reload-or-restart', 'reload-or-try-restart', 'kill',
        'reset-failed', or 'set-property', corresponding to the
        systemctl verb used to invoke the action.

Typical use of these details in a polkit policy rule might be:

  // Allow alice to manage example.service;
  // fall back to implicit authorization otherwise.
  polkit.addRule(function(action, subject) {
      if (action.id == "org.freedesktop.systemd1.manage-units" &&
          action.lookup("unit") == "example.service" &&
          subject.user == "alice") {
          return polkit.Result.YES;
      }
  });

We also supply a custom polkit message that includes the unit's name and
the requested operation.
2015-09-06 00:07:17 +10:00
Lennart Poettering
a1f686daf5 util: add new uid_is_valid() call
This simply factors out the uid validation checks from parse_uid() and
uses them everywhere. This simply verifies that the passed UID is
neither 64bit -1 nor 32bit -1.
2015-09-04 09:07:30 +02:00
Filipe Brandenburger
4b40bc38b4 util: Declare a cleanup routine for a cpu_set_t
Make use of it in config_parse_cpu_affinity2.

Tested by tweaking the `CPUAffinity' setting in /etc/systemd/system.conf
and reloading the daemon to confirm it is working as expected.

No regressions observed in test cases.
2015-08-31 17:15:56 -07:00
Thomas Hindoe Paaboel Andersen
f80bb1f7ea util: make malloc0 ask calloc for one block of size n
... instead of an array of n individual bytes.

Silences a lot of warnings in smatch.
2015-08-30 02:32:33 +02:00
Lennart Poettering
25300b5a1f util: make machine_name_is_valid() a macro and move it to hostname-util.h
As it turns out machine_name_is_valid() does the exact same thing as
hostname_is_valid() these days, as it just invoked that and checked the
name length was < 64. However, hostname_is_valid() checks the length
against HOST_NAME_MAX anyway (which is 64 on Linux), hence any
additional check is redundant.

We hence replace machine_name_is_valid() by a macro that simply maps it
to hostname_is_valid() but sets the allow_trailing_dot parameter to
false. We also move this this call to hostname-util.h, to the same place
as the hostname_is_valid() declaration.
2015-08-24 22:46:45 +02:00
Lennart Poettering
f90c90b4a1 Merge pull request #977 from richardmaw-codethink/machinectl-userns-login-v2
Fix machinectl login with containers in user namespaces (v2)
2015-08-17 15:12:15 +02:00
Richard Maw
671c341958 namespace helpers: Allow entering a UID namespace
To be able to use `systemd-run` or `machinectl login` on a container
that is in a private user namespace, the sub-process must have entered
the user namespace before connecting to the container's D-Bus, otherwise
the UID and GID in the peer credentials are garbage.

So we extend namespace_open and namespace_enter to support UID namespaces,
and we enter the UID namespace in bus_container_connect_{socket,kernel}.

namespace_open will degrade to a no-op if user namespaces are not enabled
in the kernel.

Special handling is required for the setns call in namespace_enter with
a user namespace, since transitioning to your own namespace is forbidden,
as it would result in re-entering your user namespace as root.

Arguably it may be valid to check this at the call site, rather than
inside namespace_enter, but it is less code to do it inside, and if the
intention of calling namespace_enter is to *be* in the target namespace,
rather than to transition to the target namespace, it is a reasonable
approach.

The check for whether the user namespace is the same must happen before
entering namespaces, as we may not be able to access /proc during the
intermediate transition stage.

We can't instead attempt to enter the user namespace and then ignore
the failure from it being the same namespace, since the error code is
not distinct, and we can't compare namespaces while mid-transition.
2015-08-17 08:52:13 +00:00
Richard Maw
61ee693981 util: Add shell_escape
This is for shell-style \ escaping rather than quoting, which while it
has the same effect in produced shell commands, is not exclusively
useful for shell commands.

shell_escape would be useful for producing sed commands, as you would be
able to \ escape the normal special characters, plus whichever argument
separator was chosen; or it could be used to escape arguments passed to
the overlayfs mount command.
2015-08-07 15:50:43 +00:00
Richard Maw
206644aede util: Allow non-separator coalescing parsing in extract_first_word
If EXTRACT_DONT_COALESCE_SEPARATORS is passed, then leading separators,
trailing separators and spans of multiple separators aren't skipped, and
empty arguments from before, after or between separators may be extracted.
2015-08-07 15:50:42 +00:00
Richard Maw
12ba2c44dd util: Don't interpret quotes by default in extract_first_word
This adds an EXTRACT_QUOTES option to allow the previous behaviour, of
not interpreting any character inside ' or " quotes as separators.
2015-08-07 15:50:42 +00:00