[systemd-commits] 2 commits - TODO src/shared src/spawn-ask-password-agent.c src/spawn-polkit-agent.c units/getty at .service.m4 units/serial-getty at .service.m4
Lennart Poettering
lennart at kemper.freedesktop.org
Wed Apr 11 13:38:07 PDT 2012
TODO | 4 ++--
src/shared/util.c | 4 ++--
src/shared/util.h | 2 +-
src/spawn-ask-password-agent.c | 5 ++++-
src/spawn-polkit-agent.c | 24 +++++++++++++++++++++++-
units/getty at .service.m4 | 1 +
units/serial-getty at .service.m4 | 1 +
7 files changed, 34 insertions(+), 7 deletions(-)
New commits:
commit 9bdc770ccd3e23419a0d908782a661dd81a36bc8
Author: Lennart Poettering <lennart at poettering.net>
Date: Wed Apr 11 22:37:13 2012 +0200
polkit: when spawning off agent, wait until the agent is fully initialized
diff --git a/src/shared/util.c b/src/shared/util.c
index 7f41fc4..7778b0a 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -6036,7 +6036,7 @@ int fd_inc_rcvbuf(int fd, size_t n) {
return 1;
}
-int fork_agent(pid_t *pid, const char *path, ...) {
+int fork_agent(pid_t *pid, const int except[], unsigned n_except, const char *path, ...) {
pid_t parent_pid, agent_pid;
int fd;
bool stdout_is_tty, stderr_is_tty;
@@ -6073,7 +6073,7 @@ int fork_agent(pid_t *pid, const char *path, ...) {
_exit(EXIT_SUCCESS);
/* Don't leak fds to the agent */
- close_all_fds(NULL, 0);
+ close_all_fds(except, n_except);
stdout_is_tty = isatty(STDOUT_FILENO);
stderr_is_tty = isatty(STDERR_FILENO);
diff --git a/src/shared/util.h b/src/shared/util.h
index 5e927df..062ab6d 100644
--- a/src/shared/util.h
+++ b/src/shared/util.h
@@ -529,6 +529,6 @@ int is_kernel_thread(pid_t pid);
int fd_inc_sndbuf(int fd, size_t n);
int fd_inc_rcvbuf(int fd, size_t n);
-int fork_agent(pid_t *pid, const char *path, ...);
+int fork_agent(pid_t *pid, const int except[], unsigned n_except, const char *path, ...);
#endif
diff --git a/src/spawn-ask-password-agent.c b/src/spawn-ask-password-agent.c
index 82db08c..c77c713 100644
--- a/src/spawn-ask-password-agent.c
+++ b/src/spawn-ask-password-agent.c
@@ -44,7 +44,10 @@ int ask_password_agent_open(void) {
if (!isatty(STDIN_FILENO))
return 0;
- r = fork_agent(&agent_pid, SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH, SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH, "--watch", NULL);
+ r = fork_agent(&agent_pid,
+ NULL, 0,
+ SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH,
+ SYSTEMD_TTY_ASK_PASSWORD_AGENT_BINARY_PATH, "--watch", NULL);
if (r < 0)
log_error("Failed to fork TTY ask password agent: %s", strerror(-r));
diff --git a/src/spawn-polkit-agent.c b/src/spawn-polkit-agent.c
index 0da9abb..97bc9f5 100644
--- a/src/spawn-polkit-agent.c
+++ b/src/spawn-polkit-agent.c
@@ -26,6 +26,8 @@
#include <sys/prctl.h>
#include <signal.h>
#include <fcntl.h>
+#include <errno.h>
+#include <sys/poll.h>
#include "log.h"
#include "util.h"
@@ -35,6 +37,8 @@ static pid_t agent_pid = 0;
int polkit_agent_open(void) {
int r;
+ int pipe_fd[2];
+ char notify_fd[10 + 1];
if (agent_pid > 0)
return 0;
@@ -44,9 +48,27 @@ int polkit_agent_open(void) {
if (!isatty(STDIN_FILENO))
return 0;
- r = fork_agent(&agent_pid, POLKIT_AGENT_BINARY_PATH, POLKIT_AGENT_BINARY_PATH, NULL);
+ if (pipe2(pipe_fd, 0) < 0)
+ return -errno;
+
+ snprintf(notify_fd, sizeof(notify_fd), "%i", pipe_fd[1]);
+ char_array_0(notify_fd);
+
+ r = fork_agent(&agent_pid,
+ &pipe_fd[1], 1,
+ POLKIT_AGENT_BINARY_PATH,
+ POLKIT_AGENT_BINARY_PATH, "--notify-fd", notify_fd, NULL);
+
+ /* Close the writing side, because that's the one for the agent */
+ close_nointr_nofail(pipe_fd[1]);
+
if (r < 0)
log_error("Failed to fork TTY ask password agent: %s", strerror(-r));
+ else
+ /* Wait until the agent closes the fd */
+ fd_wait_for_event(pipe_fd[0], POLLHUP, (usec_t) -1);
+
+ close_nointr_nofail(pipe_fd[0]);
return r;
}
commit 4771148bb92ace55eaa6759a53d04a0f2de9b0d2
Author: Lennart Poettering <lennart at poettering.net>
Date: Wed Apr 11 21:58:33 2012 +0200
units: exclude gettys from isolate requests
gettys are nowadays mostly autospawned and hence usually subject to
being shut down on isolate requests, since they are no dependency of any
other unit. This is a bad idea if the user isolates between
multi-user.graphical and graphical.target, hence exclude them from the
isolation.
This has the effect that gettys no longer cleaned up when
emergency.target is isolated, which might actualy be considered a
feature, even though it is a change from previous behaviour...
Note that the one getty that really matters (the one on tty1) is still
removed when isolating to emergency.target since it conflicts with
emergency.service.
diff --git a/TODO b/TODO
index d94aba5..3cb6dbc 100644
--- a/TODO
+++ b/TODO
@@ -17,6 +17,8 @@ Bugfixes:
Features:
+* place start-pre/start-post/... scripts in sub cgrouprs
+
* Make RuntimeWatchdogUSec= property writable
* start polkit agent in systemctl, similar to the password agent, to allow
@@ -100,8 +102,6 @@ Features:
* add option to sockets to avoid activation. Instead just drop packets/connections, see http://cyberelk.net/tim/2012/02/15/portreserve-systemd-solution/
-* isolate for getty is still broken, due to logind
-
* default unix qlen is too small (10). bump sysctl? add sockopt?
* support units generated by a generator and placed in /run/systemd/system/; the directory is
diff --git a/units/getty at .service.m4 b/units/getty at .service.m4
index a02838d..6b931fb 100644
--- a/units/getty at .service.m4
+++ b/units/getty at .service.m4
@@ -32,6 +32,7 @@ After=rc-local.service
# sure that this is synchronized before getty.target, even though
# getty.target didn't actually pull it in.
Before=getty.target
+IgnoreOnIsolate=yes
[Service]
Environment=TERM=linux
diff --git a/units/serial-getty at .service.m4 b/units/serial-getty at .service.m4
index fc8b57b..d1d14d3 100644
--- a/units/serial-getty at .service.m4
+++ b/units/serial-getty at .service.m4
@@ -32,6 +32,7 @@ After=rc-local.service
# sure that this is synchronized before getty.target, even though
# getty.target didn't actually pull it in.
Before=getty.target
+IgnoreOnIsolate=yes
[Service]
Environment=TERM=vt100
More information about the systemd-commits
mailing list