[systemd-commits] 2 commits - TODO src/core src/journal

Lennart Poettering lennart at kemper.freedesktop.org
Tue Aug 21 20:03:22 PDT 2012 

 TODO                     |   14 +-------------
 src/core/service.c       |    5 +++--
 src/core/service.h       |    1 +
 src/journal/journalctl.c |   14 +++++++++++++-
 src/journal/journald.c   |   10 ++++++----
 5 files changed, 24 insertions(+), 20 deletions(-)

New commits:
commit 8d1b002a2e389e79a2414491523de549783abf73
Author: Lennart Poettering <lennart at poettering.net>
Date:   Wed Aug 22 05:02:33 2012 +0200

    service: introduce a proper service result if the start limit is hit

diff --git a/TODO b/TODO
index ee90aee..c70a53c 100644
--- a/TODO
+++ b/TODO
@@ -55,8 +55,6 @@ Features:
 
 * enforce limits on fds openened by socket units
 
-* proper service failure code for services which hit the restart limit
-
 * explore multiple service instances per listening socket idea
 
 * testing tool for socket activation: some binary that listens on a socket and passes it on using the usual socket activation protocol to some server.
@@ -237,8 +235,6 @@ Features:
 
 * Add pretty name for seats in logind
 
-* nspawn wants dev_setup() for /dev/fd/ and friends?
-
 * selinux: merge systemd selinux access controls (dwalsh)
 
 * ConditionSecurity= should learn about IMA
diff --git a/src/core/service.c b/src/core/service.c
index f540752..807b342 100644
--- a/src/core/service.c
+++ b/src/core/service.c
@@ -2508,7 +2508,7 @@ static int service_start(Unit *u) {
         /* Make sure we don't enter a busy loop of some kind. */
         r = service_start_limit_test(s);
         if (r < 0) {
-                service_notify_sockets_dead(s, true);
+                service_enter_dead(s, SERVICE_FAILURE_START_LIMIT, false);
                 return r;
         }
 
@@ -3821,7 +3821,8 @@ static const char* const service_result_table[_SERVICE_RESULT_MAX] = {
         [SERVICE_FAILURE_EXIT_CODE] = "exit-code",
         [SERVICE_FAILURE_SIGNAL] = "signal",
         [SERVICE_FAILURE_CORE_DUMP] = "core-dump",
-        [SERVICE_FAILURE_WATCHDOG] = "watchdog"
+        [SERVICE_FAILURE_WATCHDOG] = "watchdog",
+        [SERVICE_FAILURE_START_LIMIT] = "start-limit"
 };
 
 DEFINE_STRING_TABLE_LOOKUP(service_result, ServiceResult);
diff --git a/src/core/service.h b/src/core/service.h
index 2a4dc30..d1e53bf 100644
--- a/src/core/service.h
+++ b/src/core/service.h
@@ -98,6 +98,7 @@ typedef enum ServiceResult {
         SERVICE_FAILURE_SIGNAL,
         SERVICE_FAILURE_CORE_DUMP,
         SERVICE_FAILURE_WATCHDOG,
+        SERVICE_FAILURE_START_LIMIT,
         _SERVICE_RESULT_MAX,
         _SERVICE_RESULT_INVALID = -1
 } ServiceResult;

commit 99add6fd0b8f4307ed79256e25f38da318e795c4
Author: Lennart Poettering <lennart at poettering.net>
Date:   Wed Aug 22 04:45:17 2012 +0200

    journalctl: complain if unprivileged users attempt to access the journal and persistant logging is off

diff --git a/TODO b/TODO
index 28141ec..ee90aee 100644
--- a/TODO
+++ b/TODO
@@ -61,14 +61,10 @@ Features:
 
 * testing tool for socket activation: some binary that listens on a socket and passes it on using the usual socket activation protocol to some server.
 
-* journald: add symlinks and device names to kernel messages
-
 * maybe make systemd-detect-virt suid? or use fscaps?
 
 * consider using __secure_getenv() instead of getenv() in libs
 
-* journald: automatic rekeying with no log messages doesn't appear to work
-
 * man: document in ExecStart= explicitly that we don't take shell command lines, only executable names with arguments
 
 * shutdown: don't read-only mount anything when running in container
@@ -135,14 +131,10 @@ Features:
 
 * switch-root: sockets need relabelling
 
-* segfault in journalctl during /var migration
-
 * systemd-analyze post-boot is broken for initrd
 
 * man: clarify that time-sync.target is not only sysv compat but also useful otherwise. Same for similar targets
 
-* journalctl should complain if run with uid != 0 and no persistent logs exist
-
 * .device aliases need to be implemented with the "following" logic, probably.
 
 * refuse taking lower-case variable names in sd_journal_send() and friends.
@@ -188,7 +180,7 @@ Features:
 
 * systemctl: when stopping a service which has triggres and warning about it actually check the TriggeredBy= deps fields
 
-* journal: hook up with EFI firmware log, new kmsg logic
+* journal: hook up with EFI firmware log
 
 * handle C-A-Del in logind, like the power/suspend buttons?
 
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index bee26fd..6aff1f1 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -747,8 +747,20 @@ int main(int argc, char *argv[]) {
         }
 
 #ifdef HAVE_ACL
+        if (access("/var/log/journal", F_OK) < 0 && geteuid() != 0 && in_group("adm") <= 0) {
+                log_error("Unprivileged users can't see messages unless persistent log storage is enabled. Users in the group 'adm' can always see messages.");
+                r = -EACCES;
+                goto finish;
+        }
+
         if (!arg_quiet && geteuid() != 0 && in_group("adm") <= 0)
-                log_warning("Showing user generated messages only. Users in the group 'adm' can see all messages. Pass -q to turn this message off.");
+                log_warning("Showing user generated messages only. Users in the group 'adm' can see all messages. Pass -q to turn this notice off.");
+#else
+        if (geteuid() != 0 && in_group("adm") <= 0) {
+                log_error("No access to messages. Only users in the group 'adm' can see messages.");
+                r = -EACCES;
+                goto finish;
+        }
 #endif
 
         r = add_this_boot(j);
diff --git a/src/journal/journald.c b/src/journal/journald.c
index 476d682..a1decea 100644
--- a/src/journal/journald.c
+++ b/src/journal/journald.c
@@ -360,7 +360,8 @@ static void server_vacuum(Server *s) {
         sd_id128_to_string(machine, ids);
 
         if (s->system_journal) {
-                if (asprintf(&p, "/var/log/journal/%s", ids) < 0) {
+                p = strappend("/var/log/journal/", ids);
+                if (!p) {
                         log_oom();
                         return;
                 }
@@ -372,7 +373,8 @@ static void server_vacuum(Server *s) {
         }
 
         if (s->runtime_journal) {
-                if (asprintf(&p, "/run/log/journal/%s", ids) < 0) {
+                p = strappend("/run/log/journal/", ids);
+                if (!p) {
                         log_oom();
                         return;
                 }
@@ -1394,7 +1396,7 @@ static int server_init(Server *s) {
         return 0;
 }
 
-static void maybe_append_tags(Server *s) {
+static void server_maybe_append_tags(Server *s) {
 #ifdef HAVE_GCRYPT
         JournalFile *f;
         Iterator i;
@@ -1539,7 +1541,7 @@ int main(int argc, char *argv[]) {
                                 break;
                 }
 
-                maybe_append_tags(&server);
+                server_maybe_append_tags(&server);
         }
 
         log_debug("systemd-journald stopped as pid %lu", (unsigned long) getpid());

More information about the systemd-commits mailing list