We shouldn't destroy IPC objects of system users on logout.
http://lists.freedesktop.org/archives/systemd-devel/2014-April/018373.html
This introduces SYSTEM_UID_MAX defined to the maximum UID of system
users. This value is determined compile-time, either as configure switch
or from /etc/login.defs. (We don't read that file at runtime, since this
is really a choice for a system builder, not the end user.)
While we are at it we then also update journald to use SYSTEM_UID_MAX
when we decide whether to split out log data for a specific client.
tcpwrap is legacy code, that is barely maintained upstream. It's APIs
are awful, and the feature set it exposes (such as DNS and IDENT
access control) questionnable. We should not support this natively in
systemd.
Hence, let's remove the code. If people want to continue making use of
this, they can do so by plugging in "tcpd" for the processes they start.
With that scheme things are as well or badly supported as they were from
traditional inetd, hence no functionality is really lost.
If --trust=ca.crt is used, only clients presenting certificates signed
by the ca will be allowed to proceed. No hostname matching is
performed, so any client wielding a signed certificate will be
authorized.
Error functions are moved from journal-gateway to microhttp-util and
made non-static, since now they are used in two source files.
This way each user allocates from his own pool, with its own size limit.
This puts the size limit by default to 10% of the physical RAM size but
makes it configurable in logind.conf.
The release tarballs ship with pre-generated man pages, so we do not
need xsltproc for a typical end-user build.
Developers will probably have xsltproc anyway, but if not they will now
encounter a build-time failure instead of an error in configure.
This permit to switch to a specific apparmor profile when starting a daemon. This
will result in a non operation if apparmor is disabled.
It also add a new build requirement on libapparmor for using this feature.
Debian Stable is still using glibc 2.13, which doesn't provide the setns().
So we detect this and provide a tiny wrapper that issues the setns syscall
towards the kernel.
- Allow configuration of an errno error to return from blacklisted
syscalls, instead of immediately terminating a process.
- Fix parsing logic when libseccomp support is turned off
- Only keep the actual syscall set in the ExecContext, and generate the
string version only on demand.
gold doesn't exhibit the problems with linking of compatibility
libraries.
It is also slightly faster:
make clean && make -j5 bfd gold
real 34.885s 33.707s
user 34.486s 32.189s
sys 9.929s 10.845s
real 35.128s 33.508s
user 34.660s 31.858s
sys 10.798s 10.341s
real 35.405s 33.748s
user 34.765s 32.384s
sys 11.635s 10.998s
real 35.250s 33.795s
user 34.704s 32.253s
sys 11.220s 11.469s
touch src/libsystemd/sd-bus.c && make -j5
bfd gold
real 10.224s 9.030s
user 11.664s 9.877s
sys 3.431s 2.878s
real 10.021s 9.165s
user 11.526s 9.990s
sys 3.061s 3.015s
real 10.233s 8.961s
user 11.657s 9.973s
sys 3.467s 2.202s
real 10.160s 9.086s
user 11.637s 9.950s
sys 3.188s 2.859s
It is nicer to predefine patterns using configure time check instead of
using casts everywhere.
Since we do not need to use any flags, include "%" in the format instead
of excluding it like PRI* macros.
Even if the lower-leveld dbus1 protocol calls it "serial", let's expose
the word "cookie" for this instead, as this is what kdbus uses and since
it doesn't imply monotonicity the same way "serial" does.
systemd-bus-driverd is a small daemon that connects to kdbus and
implements the org.freedesktop.DBus interface. IOW, it provides the bus
functions traditionally taken care for by dbus-daemon.
Calls are proxied to kdbus, either via libsystemd-bus (were applicable)
or with the open-coded use of ioctl().
Note that the implementation is not yet finished as the functions to
add and remove matches and to start services by name are still missing.