[systemd-commits] stable Branch 'v208-stable' - 6 commits - rules/99-systemd.rules.in src/core src/getty-generator src/login src/shared src/test src/udev
Lukas Nykryn
lnykryn at kemper.freedesktop.org
Tue Mar 4 06:23:12 PST 2014
rules/99-systemd.rules.in | 2 -
src/core/dbus-manager.c | 6 +--
src/core/selinux-access.c | 9 ++--
src/core/selinux-access.h | 13 ++++++
src/getty-generator/getty-generator.c | 4 +-
src/login/pam-module.c | 2 -
src/shared/util.c | 24 +++++++-----
src/test/test-strv.c | 27 ++++++++++++++
src/udev/udev-builtin-net_id.c | 64 ++++++++++++++++++++++++++++++++--
9 files changed, 130 insertions(+), 21 deletions(-)
New commits:
commit 3488c1a78806c9a18b91ffd7387d7eeaec497459
Author: Michal Sekletar <msekleta at redhat.com>
Date: Mon Feb 10 16:37:09 2014 +0100
pam: use correct log level
(cherry picked from commit 3831838ae7b3ac145711bb84a71cb86cdd829975)
diff --git a/src/login/pam-module.c b/src/login/pam-module.c
index 4d6b052..5baf1b7 100644
--- a/src/login/pam-module.c
+++ b/src/login/pam-module.c
@@ -204,7 +204,7 @@ _public_ PAM_EXTERN int pam_sm_open_session(
}
if (debug)
- pam_syslog(handle, LOG_INFO, "pam-systemd initializing");
+ pam_syslog(handle, LOG_DEBUG, "pam-systemd initializing");
r = get_user_data(handle, &username, &pw);
if (r != PAM_SUCCESS)
commit a05284199e2007999a367232a98d2305401077c1
Author: Hendrik Brueckner <brueckner at redhat.com>
Date: Fri Jan 31 17:08:37 2014 +0100
s390/getty-generator: initialize essential system terminals/consoles
Ensure to start getty programs on all essential system consoles on Linux on
System z. Add these essential devices to the list of virtualization_consoles
to always generate getty configurations.
For the sake of completion, the list of essential consoles is:
/dev/sclp_line0 - Operating system messages applet (LPAR)
/dev/ttysclp0 - Integrated ASCII console applet (z/VM and LPAR)
/dev/ttyS0 - Already handled by systemd (3215 console on z/VM)
/dev/hvc0 - Already handled by systemd (IUCV HVC terminal on z/VM)
Depending on the environment, z/VM or LPAR, only a subset of these terminals
are available.
See also RH BZ 860158[1] "Cannot login via Operating System Console into RHEL7
instance installed on a LPAR". This bugzilla actually blocks the installation
of Linux on System z instances in LPAR mode.
[1] https://bugzilla.redhat.com/show_bug.cgi?id=860158
(cherry picked from commit 07901fc142504efb67c07875a588933dc59a3955)
diff --git a/rules/99-systemd.rules.in b/rules/99-systemd.rules.in
index a00ffed..1eaf0c1 100644
--- a/rules/99-systemd.rules.in
+++ b/rules/99-systemd.rules.in
@@ -7,7 +7,7 @@
ACTION=="remove", GOTO="systemd_end"
-SUBSYSTEM=="tty", KERNEL=="tty[a-zA-Z]*|hvc*|xvc*|hvsi*", TAG+="systemd"
+SUBSYSTEM=="tty", KERNEL=="tty[a-zA-Z]*|hvc*|xvc*|hvsi*|ttysclp*|sclp_line*", TAG+="systemd"
KERNEL=="vport*", TAG+="systemd"
diff --git a/src/getty-generator/getty-generator.c b/src/getty-generator/getty-generator.c
index 6c93806..40374b5 100644
--- a/src/getty-generator/getty-generator.c
+++ b/src/getty-generator/getty-generator.c
@@ -91,7 +91,9 @@ int main(int argc, char *argv[]) {
static const char virtualization_consoles[] =
"hvc0\0"
"xvc0\0"
- "hvsi0\0";
+ "hvsi0\0"
+ "sclp_line0\0"
+ "ttysclp0\0";
int r = EXIT_SUCCESS;
char *active;
commit a369dc213166c91ef7cc673a0ee7a75f24eab5f6
Author: Dan Walsh <dwalsh at redhat.com>
Date: Thu Jan 16 12:59:10 2014 +0100
fix SELinux check for transient units
SELinux does not have a path to check for a snapshot servic creation.
This ends up giving us a bogus check.
On snapshot creation we should check if the remote process type, has the ability to start a service with the type that systemd is running with.
This patch is only for systemd-208
diff --git a/src/core/dbus-manager.c b/src/core/dbus-manager.c
index 536f2ea..6d16c2a 100644
--- a/src/core/dbus-manager.c
+++ b/src/core/dbus-manager.c
@@ -1104,7 +1104,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection,
dbus_bool_t cleanup;
Snapshot *s;
- SELINUX_ACCESS_CHECK(connection, message, "start");
+ SELINUX_RUNTIME_UNIT_ACCESS_CHECK(connection, message, "start");
if (!dbus_message_get_args(
message,
@@ -1157,7 +1157,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection,
return bus_send_error_reply(connection, message, &error, -ENOENT);
}
- SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "stop");
+ SELINUX_RUNTIME_UNIT_ACCESS_CHECK(connection, message, "stop");
snapshot_remove(SNAPSHOT(u));
reply = dbus_message_new_method_return(message);
@@ -1767,7 +1767,7 @@ static DBusHandlerResult bus_manager_message_handler(DBusConnection *connection,
if (r < 0)
return bus_send_error_reply(connection, message, &error, r);
- SELINUX_UNIT_ACCESS_CHECK(u, connection, message, "start");
+ SELINUX_RUNTIME_UNIT_ACCESS_CHECK(connection, message, "start");
if (u->load_state != UNIT_NOT_FOUND || set_size(u->dependencies[UNIT_REFERENCED_BY]) > 0) {
dbus_set_error(&error, BUS_ERROR_UNIT_EXISTS, "Unit %s already exists.", name);
diff --git a/src/core/selinux-access.c b/src/core/selinux-access.c
index 0a3ee18..5d85b26 100644
--- a/src/core/selinux-access.c
+++ b/src/core/selinux-access.c
@@ -374,8 +374,9 @@ int selinux_access_check(
goto finish;
}
- if (path) {
- tclass = "service";
+
+ tclass = "service";
+ if (path && !strneq(path,"system", strlen("system"))) {
/* get the file context of the unit file */
r = getfilecon(path, &fcon);
if (r < 0) {
@@ -384,9 +385,9 @@ int selinux_access_check(
log_error("Failed to get security context on %s: %m",path);
goto finish;
}
-
} else {
- tclass = "system";
+ if (path)
+ tclass = "system";
r = getcon(&fcon);
if (r < 0) {
dbus_set_error(error, DBUS_ERROR_ACCESS_DENIED, "Failed to get current context.");
diff --git a/src/core/selinux-access.h b/src/core/selinux-access.h
index 2d7ac64..92acd69 100644
--- a/src/core/selinux-access.h
+++ b/src/core/selinux-access.h
@@ -36,6 +36,18 @@ int selinux_access_check(DBusConnection *connection, DBusMessage *message, const
DBusConnection *_c = (connection); \
DBusMessage *_m = (message); \
dbus_error_init(&_error); \
+ _r = selinux_access_check(_c, _m, "system", (permission), &_error); \
+ if (_r < 0) \
+ return bus_send_error_reply(_c, _m, &_error, _r); \
+ } while (false)
+
+#define SELINUX_RUNTIME_UNIT_ACCESS_CHECK(connection, message, permission) \
+ do { \
+ DBusError _error; \
+ int _r; \
+ DBusConnection *_c = (connection); \
+ DBusMessage *_m = (message); \
+ dbus_error_init(&_error); \
_r = selinux_access_check(_c, _m, NULL, (permission), &_error); \
if (_r < 0) \
return bus_send_error_reply(_c, _m, &_error, _r); \
@@ -57,6 +69,7 @@ int selinux_access_check(DBusConnection *connection, DBusMessage *message, const
#else
#define SELINUX_ACCESS_CHECK(connection, message, permission) do { } while (false)
+#define SELINUX_RUNTIME_UNIT_ACCESS_CHECK(connection, message, permission) do { } while (false)
#define SELINUX_UNIT_ACCESS_CHECK(unit, connection, message, permission) do { } while (false)
#endif
commit cb7312ee004ba4f1a0f8cf7f103c99fe2ae02b9e
Author: Michal Sekletar <msekleta at redhat.com>
Date: Mon Feb 10 15:41:47 2014 +0100
utils: silence the compiler warning
diff --git a/src/shared/util.c b/src/shared/util.c
index 52451f9..7500779 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -427,7 +427,7 @@ char *split_quoted(const char *c, size_t *l, char **state) {
*state = (char*) e;
}
- return current;
+ return (char *) current;
}
int get_parent_of_pid(pid_t pid, pid_t *_ppid) {
commit 74c5f67a0703a23bf223c790b01a9bc2a7ef67d5
Author: Hendrik Brueckner <brueckner at redhat.com>
Date: Thu Jan 9 11:28:12 2014 +0100
udev/net_id: Introduce predictable network names for Linux on System z
Use the bus-ID to create predicatable devices names for network interfaces
on Linux on System z instances. The bus-ID identifies a device in the s390
channel subsystem.
Network interfaces of device type Ethernet are named as:
enccw0.0.1234 (13 characters)
up to
enccwff.7.ffff (14 characters)
CTC network devices of device type SLIP, use a different prefix as follows:
slccw0.0.1234 (13 characters)
See also Red Hat Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=870859
[tomegun: typical problem of netdevs switching names between reboots.]
(cherry picked from commit e0d4a0ac06afb856c9370c5c256f0f7bb7efdc8e)
Conflicts:
src/udev/udev-builtin-net_id.c
diff --git a/src/udev/udev-builtin-net_id.c b/src/udev/udev-builtin-net_id.c
index 9bc1946..b3cb04b 100644
--- a/src/udev/udev-builtin-net_id.c
+++ b/src/udev/udev-builtin-net_id.c
@@ -28,6 +28,7 @@
*
* Two character prefixes based on the type of interface:
* en -- ethernet
+ * sl -- serial line IP (slip)
* wl -- wlan
* ww -- wwan
*
@@ -101,6 +102,7 @@ enum netname_type{
NET_PCI,
NET_USB,
NET_BCMA,
+ NET_CCWGROUP,
};
struct netnames {
@@ -118,6 +120,8 @@ struct netnames {
char usb_ports[IFNAMSIZ];
char bcma_core[IFNAMSIZ];
+
+ char ccw_core[IFNAMSIZ];
};
/* retrieve on-board index number and label from firmware */
@@ -344,6 +348,44 @@ static int names_bcma(struct udev_device *dev, struct netnames *names) {
return 0;
}
+static int names_ccw(struct udev_device *dev, struct netnames *names) {
+ struct udev_device *cdev;
+ const char *bus_id;
+ size_t bus_id_len;
+ int rc;
+
+ /* Retrieve the associated CCW device */
+ cdev = udev_device_get_parent(dev);
+ if (!cdev)
+ return -ENOENT;
+
+ /* Network devices are always grouped CCW devices */
+ if (!streq_ptr("ccwgroup", udev_device_get_subsystem(cdev)))
+ return -ENOENT;
+
+ /* Retrieve bus-ID of the grouped CCW device. The bus-ID uniquely
+ * identifies the network device on the Linux on System z channel
+ * subsystem. Note that the bus-ID contains lowercase characters.
+ */
+ bus_id = udev_device_get_sysname(cdev);
+ if (!bus_id)
+ return -ENOENT;
+
+ /* Check the length of the bus-ID. Rely on that the kernel provides
+ * a correct bus-ID; alternatively, improve this check and parse and
+ * verify each bus-ID part...
+ */
+ bus_id_len = strlen(bus_id);
+ if (!bus_id_len || bus_id_len < 8 || bus_id_len > 9)
+ return -EINVAL;
+
+ /* Store the CCW bus-ID for use as network device name */
+ rc = snprintf(names->ccw_core, sizeof(names->ccw_core), "ccw%s", bus_id);
+ if (rc >= 0 && rc < (int)sizeof(names->ccw_core))
+ names->type = NET_CCWGROUP;
+ return 0;
+}
+
static int names_mac(struct udev_device *dev, struct netnames *names) {
const char *s;
unsigned int i;
@@ -402,13 +444,21 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool
struct netnames names = {};
int err;
- /* handle only ARPHRD_ETHER devices */
+ /* handle only ARPHRD_ETHER and ARPHRD_SLIP devices */
s = udev_device_get_sysattr_value(dev, "type");
if (!s)
return EXIT_FAILURE;
i = strtoul(s, NULL, 0);
- if (i != 1)
+ switch (i) {
+ case 1: /* ARPHRD_ETHER */
+ prefix = "en";
+ break;
+ case 256: /* ARPHRD_SLIP */
+ prefix = "sl";
+ break;
+ default:
return 0;
+ }
/* skip stacked devices, like VLANs, ... */
s = udev_device_get_sysattr_value(dev, "ifindex");
@@ -440,6 +490,16 @@ static int builtin_net_id(struct udev_device *dev, int argc, char *argv[], bool
ieee_oui(dev, &names, test);
}
+ /* get path names for Linux on System z network devices */
+ err = names_ccw(dev, &names);
+ if (err >= 0 && names.type == NET_CCWGROUP) {
+ char str[IFNAMSIZ];
+
+ if (snprintf(str, sizeof(str), "%s%s", prefix, names.ccw_core) < (int)sizeof(str))
+ udev_builtin_add_property(dev, test, "ID_NET_NAME_PATH", str);
+ goto out;
+ }
+
/* get PCI based path names, we compose only PCI based paths */
err = names_pci(dev, &names);
if (err < 0)
commit adc915a7a815700626333548d6e2fd1123e081a6
Author: Lennart Poettering <lennart at poettering.net>
Date: Wed Nov 27 22:37:52 2013 +0100
util: fix handling of trailing whitespace in split_quoted()
Inspired by a patch by Lukas Nykryn.
(cherry picked from commit 70f75a523b16ad495a7791d595ee3eececf75953)
Conflicts:
src/test/test-strv.c
diff --git a/src/shared/util.c b/src/shared/util.c
index 8824b9b..52451f9 100644
--- a/src/shared/util.c
+++ b/src/shared/util.c
@@ -370,17 +370,21 @@ char *split(const char *c, size_t *l, const char *separator, char **state) {
/* Split a string into words, but consider strings enclosed in '' and
* "" as words even if they include spaces. */
char *split_quoted(const char *c, size_t *l, char **state) {
- char *current, *e;
+ const char *current, *e;
bool escaped = false;
- current = *state ? *state : (char*) c;
+ assert(c);
+ assert(l);
+ assert(state);
- if (!*current || *c == 0)
- return NULL;
+ current = *state ? *state : c;
current += strspn(current, WHITESPACE);
- if (*current == '\'') {
+ if (*current == 0)
+ return NULL;
+
+ else if (*current == '\'') {
current ++;
for (e = current; *e; e++) {
@@ -393,7 +397,8 @@ char *split_quoted(const char *c, size_t *l, char **state) {
}
*l = e-current;
- *state = *e == 0 ? e : e+1;
+ *state = (char*) (*e == 0 ? e : e+1);
+
} else if (*current == '\"') {
current ++;
@@ -407,7 +412,8 @@ char *split_quoted(const char *c, size_t *l, char **state) {
}
*l = e-current;
- *state = *e == 0 ? e : e+1;
+ *state = (char*) (*e == 0 ? e : e+1);
+
} else {
for (e = current; *e; e++) {
if (escaped)
@@ -418,10 +424,10 @@ char *split_quoted(const char *c, size_t *l, char **state) {
break;
}
*l = e-current;
- *state = e;
+ *state = (char*) e;
}
- return (char*) current;
+ return current;
}
int get_parent_of_pid(pid_t pid, pid_t *_ppid) {
diff --git a/src/test/test-strv.c b/src/test/test-strv.c
index c3d536d..6de1455 100644
--- a/src/test/test-strv.c
+++ b/src/test/test-strv.c
@@ -143,6 +143,7 @@ static void test_strv_quote_unquote(const char* const *split, const char *quoted
char **t;
p = strv_join_quoted((char **)split);
+ assert_se(p);
printf("-%s- --- -%s-\n", p, quoted); /* fprintf deals with NULL, puts does not */
assert_se(p);
assert_se(streq(p, quoted));
@@ -156,6 +157,20 @@ static void test_strv_quote_unquote(const char* const *split, const char *quoted
}
}
+static void test_strv_quote_unquote2(const char *quoted, const char ** list) {
+ _cleanup_strv_free_ char **s;
+ unsigned i = 0;
+ char **t;
+
+ s = strv_split_quoted(quoted);
+ assert_se(s);
+
+ STRV_FOREACH(t, s)
+ assert_se(streq(list[i++], *t));
+
+ assert_se(list[i] == NULL);
+}
+
static void test_strv_split_nulstr(void) {
_cleanup_strv_free_ char **l = NULL;
const char nulstr[] = "str0\0str1\0str2\0str3\0";
@@ -309,6 +324,18 @@ int main(int argc, char *argv[]) {
test_strv_quote_unquote(input_table_quotes, QUOTES_STRING);
test_strv_quote_unquote(input_table_spaces, SPACES_STRING);
+ test_strv_quote_unquote2(" foo=bar \"waldo\" zzz ", (const char*[]) { "foo=bar", "waldo", "zzz", NULL });
+ test_strv_quote_unquote2("", (const char*[]) { NULL });
+ test_strv_quote_unquote2(" ", (const char*[]) { NULL });
+ test_strv_quote_unquote2(" ", (const char*[]) { NULL });
+ test_strv_quote_unquote2(" x", (const char*[]) { "x", NULL });
+ test_strv_quote_unquote2("x ", (const char*[]) { "x", NULL });
+ test_strv_quote_unquote2(" x ", (const char*[]) { "x", NULL });
+ test_strv_quote_unquote2(" \"x\" ", (const char*[]) { "x", NULL });
+ test_strv_quote_unquote2(" \'x\' ", (const char*[]) { "x", NULL });
+ test_strv_quote_unquote2(" \'x\"\' ", (const char*[]) { "x\"", NULL });
+ test_strv_quote_unquote2(" \"x\'\" ", (const char*[]) { "x\'", NULL });
+
test_strv_split_nulstr();
test_strv_parse_nulstr();
test_strv_overlap();
More information about the systemd-commits
mailing list