Commit message (Collapse) | Author | Age | Files | Lines | ||
---|---|---|---|---|---|---|
... | ||||||
* | | hwdb: Add accelerometer orientation quirk for the Teclast F6 Pro | Luís Ferreira | 2019-04-05 | 1 | -0/+4 | |
|/ | ||||||
* | test-journal: move tests to /var/tmp/ and set FS_NOCOW_FLv242-rc3 | Lennart Poettering | 2019-04-04 | 6 | -18/+42 | |
| | | | | | | | | The journal files might not be tiny hence let's write them to /var/tmp/ instead of /tmp. Also, let's turn on NOCOW on the files, as these tests might apparently be slow on btrfs. Fixes: #12210 | |||||
* | ask-passwd: slightly optimize handling arguments | Yu Watanabe | 2019-04-04 | 1 | -8/+7 | |
| | | | | It is not necessary to copy arguments for each console. | |||||
* | bus-util: treat org.freedesktop.DBus.Error.ServiceUnknown nicely when polkit ↵ | Yu Watanabe | 2019-04-04 | 1 | -2/+2 | |
| | | | | | | does not exist Fixes #12209. | |||||
* | Merge pull request #12208 from poettering/base-file-system-tweaks | Yu Watanabe | 2019-04-04 | 1 | -10/+17 | |
|\ | | | | | base-filesystem: be nicer to read-only fs images | |||||
| * | shared: be friendly to EROFS images | Lennart Poettering | 2019-04-03 | 1 | -8/+14 | |
| | | | | | | | | | | | | There are environments where /lib might not be necessary (think: statically compiled portable service binary), hence don't insist on it if the image is read-only. | |||||
| * | shared: path_join() is your friend | Lennart Poettering | 2019-04-03 | 1 | -1/+2 | |
| | | ||||||
| * | shared: no need to initialize variable | Lennart Poettering | 2019-04-03 | 1 | -1/+1 | |
| | | ||||||
* | | Merge pull request #12207 from poettering/portable-bus-policy-fix | Yu Watanabe | 2019-04-04 | 3 | -5/+5 | |
|\ \ | | | | | | | portabled dbus policy fix | |||||
| * | | portabled: fix method name | Lennart Poettering | 2019-04-03 | 1 | -1/+1 | |
| | | | | | | | | | | | | yikes. | |||||
| * | | portabled: reorder methods in vtable | Lennart Poettering | 2019-04-03 | 1 | -1/+1 | |
| | | | | | | | | | | | | | | | Let's stick to the same order in the per-image vtable and the manager vtable. | |||||
| * | | portabled: fix dbus policy | Lennart Poettering | 2019-04-03 | 1 | -3/+3 | |
| |/ | | | | | | | | | Let's whitelist the method calls actually defined, not some outdated old names. | |||||
* | | udevadm: drop unused option | Yu Watanabe | 2019-04-04 | 1 | -1/+1 | |
| | | ||||||
* | | tty-ask-pw-agent: use right array | Lennart Poettering | 2019-04-04 | 1 | -1/+1 | |
| | | | | | | | | | | | | No point in copying the array if we are not going to use the copy. Prompted by: https://github.com/systemd/systemd/pull/12183#issuecomment-479591781 | |||||
* | | udev-util: allocate an event loop of our own for waiting | Lennart Poettering | 2019-04-04 | 1 | -1/+1 | |
|/ | | | | | | We can't use the per-thread default one here, as it might already be running (for example, that's the case in portabled), and our event loops are not recursive, hence running them a second time is not OK. | |||||
* | Merge pull request #12198 from keszybz/seccomp-parsing-logging | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 10 | -40/+69 | |
|\ | | | | | Seccomp parsing logging cleanup | |||||
| * | pid1: pass unit name to seccomp parser when we have no file location | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 4 | -13/+19 | |
| | | | | | | | | | | | | | | | | Building on previous commit, let's pass the unit name when parsing dbus message or builtin whitelist, which is better than nothing. seccomp_parse_syscall_filter() is not needed anymore, so it is removed, and seccomp_parse_syscall_filter_full() is renamed to take its place. | |||||
| * | basic/log: log any available location information in log_syntax() | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 1 | -10/+28 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We would log "(null):0: Failed to parse system call, ignoring: rseq" from log_syntax_internal() from log_syntax() from seccomp_parse_syscall_filter_full() from seccomp_parse_syscall_filter() from config_parse_syscall_filter(), when generating the built-in @default whitelist. Since it was not based on the unit file, we would not pass a file name. So let's make sure that log_syntax() does not print "(null)" pointer (which is iffy and ugly), and use the unit name as fallback or nothing if both are missing. In principle, one of the two should be always available, since why use log_syntax() otherwise, but let's make things more resilient by guarding against this case too. log_syntax() is called from a thousand places, and often in error path, so it's hard to verify all callers. | |||||
| * | core: use a temporary variable for calculation of seccomp flags | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 1 | -5/+10 | |
| | | | | | | | | I think it is easier to read this way. | |||||
| * | test: use newer verb to set log levels | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 5 | -14/+14 | |
| | | ||||||
* | | Merge pull request #12205 from keszybz/update-release-docs | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 1 | -1/+2 | |
|\ \ | | | | | | | docs: let's not close the milestone early | |||||
| * | | docs: also document updates to stable repo | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 1 | -0/+1 | |
| | | | ||||||
| * | | docs: let's not close the milestone early | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 1 | -1/+1 | |
|/ / | ||||||
* | | Merge pull request #12202 from keszybz/seccomp-arm64 | Lennart Poettering | 2019-04-03 | 2 | -107/+145 | |
|\ \ | | | | | | | Fixes for S[GU]ID filter on arm64 | |||||
| * | | seccomp: rework how the S[UG]ID filter is installed | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 1 | -106/+138 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | If we know that a syscall is undefined on the given architecture, don't even try to add it. Try to install the filter even if some syscalls fail. Also use a helper function to make the whole a bit less magic. This allows the S[UG]ID test to pass on arm64. | |||||
| * | | test-seccomp: fix compilation on arm64 | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 1 | -1/+7 | |
| | | | | | | | | | | | | It has no open(). | |||||
* | | | kernel-install: add a check that the vmlinuz arg is sane | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 1 | -0/+5 | |
| | | | ||||||
* | | | docs: update release steps for meson | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 1 | -8/+10 | |
|/ / | ||||||
* | | build-sys: bump package versionv242-rc2 | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 1 | -1/+1 | |
| | | ||||||
* | | Merge pull request #12121 from poettering/contribv242-rc1 | Zbigniew Jędrzejewski-Szmek | 2019-04-03 | 3 | -4/+45 | |
|\ \ | |/ |/| | ||||||
| * | update NEWS | Lennart Poettering | 2019-04-02 | 1 | -0/+22 | |
| | | ||||||
| * | meson: bump so versions | Lennart Poettering | 2019-04-02 | 1 | -2/+2 | |
| | | | | | | | | | | Since we aren't quite ready for release v242 yet, let's not bump the package version yet, but let's already bump the soversion. | |||||
| * | NEWS: add preliminary contributor list | Lennart Poettering | 2019-04-02 | 1 | -1/+18 | |
| | | ||||||
| * | update .mailmap | Lennart Poettering | 2019-04-02 | 1 | -0/+2 | |
| | | ||||||
* | | docs: fix path to unit files | Lennart Poettering | 2019-04-03 | 1 | -11/+11 | |
| | | ||||||
* | | core: fix build failure if seccomp is disabled | Davide Cavalca | 2019-04-03 | 1 | -1/+1 | |
| | | ||||||
* | | Revert "build: install /etc/systemd/{system,user}-generators" | Lennart Poettering | 2019-04-02 | 2 | -4/+0 | |
| | | | | | | | | This reverts commit 509276f2b7d44d472b66e79cbfa531c1de4c3801. | |||||
* | | Merge pull request #12188 from poettering/coccinelle-fixlets | Yu Watanabe | 2019-04-03 | 14 | -140/+76 | |
|\ \ | |/ |/| | tree-wide: let's run coccinelle again | |||||
| * | udev: use strempty() where appropriate | Lennart Poettering | 2019-04-02 | 1 | -2/+1 | |
| | | ||||||
| * | json: use SYNTHETIC_ERRNO() where appropriate | Lennart Poettering | 2019-04-02 | 1 | -44/+22 | |
| | | ||||||
| * | sd-event: use DIV_ROUND_UP where appropriate | Lennart Poettering | 2019-04-02 | 1 | -1/+1 | |
| | | ||||||
| * | sd-device: use xsprintf() where appropriate | Lennart Poettering | 2019-04-02 | 1 | -1/+1 | |
| | | ||||||
| * | tree-wide: use SYNTHETIC_ERRNO() where appropriate | Lennart Poettering | 2019-04-02 | 3 | -67/+36 | |
| | | ||||||
| * | boot: use TAKE_PTR() where appropriate | Lennart Poettering | 2019-04-02 | 2 | -16/+8 | |
| | | ||||||
| * | tree-wide: use reallocarray() where appropriate | Lennart Poettering | 2019-04-02 | 2 | -2/+2 | |
| | | ||||||
| * | util-lib: use FLAGS_SET() where appropriate | Lennart Poettering | 2019-04-02 | 2 | -3/+3 | |
| | | ||||||
| * | analyze: use empty_or_root() where appropriate | Lennart Poettering | 2019-04-02 | 1 | -4/+2 | |
| | | ||||||
* | | Merge pull request #12056 from poettering/seccomp-suid-sgid | Lennart Poettering | 2019-04-02 | 28 | -30/+466 | |
|\ \ | | | | | | | Introduce RestrictSUIDSGID= for disabling SUID/SGID file creation | |||||
| * | | update TODO | Lennart Poettering | 2019-04-02 | 1 | -3/+0 | |
| | | | ||||||
| * | | core: imply NNP and SUID/SGID restriction for DynamicUser=yes service | Lennart Poettering | 2019-04-02 | 5 | -10/+33 | |
| | | | | | | | | | | | | | | | | | | | | | | | | | | | Let's be safe, rather than sorry. This way DynamicUser=yes services can neither take benefit of, nor create SUID/SGID binaries. Given that DynamicUser= is a recent addition only we should be able to get away with turning this on, even though this is strictly speaking a binary compatibility breakage. |