1. 26 Nov, 2010 1 commit
  2. 25 Nov, 2010 1 commit
  3. 24 Nov, 2010 1 commit
  4. 23 Nov, 2010 1 commit
    • Thierry Reding's avatar
      build-sys: allow cross-compilation · 9a60da28
      Thierry Reding authored
      When cross-compiling systemd, the introspection XML files fail to be
      generated because the systemd host binary is not executable. This patch
      works around this by putting the introspection XML data into separate
      ELF sections and extracting them from the binary when generating the XML
      files.
      
      The extracted XML data is passed through the strings utility in order to
      strip the trailing NUL character. A small AWK script is used to prepend
      the doctype and add the opening and closing node tags respectively.
      Finally, the C preprocessor is used to substitute the correct doctype
      information from the D-Bus header files.
      9a60da28
  5. 18 Nov, 2010 1 commit
  6. 17 Nov, 2010 2 commits
  7. 16 Nov, 2010 1 commit
  8. 15 Nov, 2010 3 commits
  9. 11 Nov, 2010 1 commit
  10. 25 Oct, 2010 1 commit
    • Andrew Edmunds's avatar
      ubuntu: Treat Ubuntu as a distinct distro in configure.ac etc · 858dae18
      Andrew Edmunds authored
      Previously Ubuntu was treated as being equivalent to Debian, but the two
      distributions require different behaviour in certain places.  This commit does
      not change the behaviour of systemd on either distro but it creates a
      framework for changes to be introduced by later commits.
      
      The following previously meant "Target is Debian or Ubuntu".
          * configure option "--with-distro=debian"
          * C preprocessor symbol "TARGET_DEBIAN"
          * Automake conditional "TARGET_DEBIAN"
      After this commit, all of the above are redefined to mean "Target is Debian"
      
      The following are introduced to mean "Target is Ubuntu".
          * configure option "--with-distro=ubuntu"
          * C preprocessor symbol "TARGET_UBUNTU"
          * Automake conditional "TARGET_UBUNTU"
      
      Most code written for Debian will also be applicable to Ubuntu. An extra
      Automake conditional "TARGET_DEBIAN_OR_UBUNTU" is introduced to avoid
      duplication of code that would otherwise occur.
      
      This commit updates configure.ac, Makefile.am and distro-specific source files
      in line with the above definitions.
      858dae18
  11. 07 Oct, 2010 1 commit
  12. 05 Oct, 2010 1 commit
    • Gustavo Sverzut Barbieri's avatar
      build-sys: Add compiler and linker flags to reduce binary size · 9b85fc6a
      Gustavo Sverzut Barbieri authored
      Reduce number of exported symbols with -fvisibility=hidden by default,
      this is safe as we're not generating and loadable library and our
      binaries should have no exported symbol other than main(). This alone
      reduces around 4kb per binary.
      
      It will also request GCC to emit every function and data variable in
      its own section, then request the linker to remove unused
      sections. This reduces the size of utility tools
      (/lib/systemd/systemd-*) by half or even more (in my system some
      binaries went from 84kb to 32kb).
      9b85fc6a
  13. 27 Sep, 2010 1 commit
    • Fabiano Fidencio's avatar
      sysv: optionally disable of SysV init/rcN.d support at compile time · 07459bb6
      Fabiano Fidencio authored
      This patch adds a cpp definition HAVE_SYSV_COMPAT that is used to
      isolate code dealing with /etc/init.d and /etc/rcN.d for systems where
      it does not make sense (one that does not use sysv or one that is fully
      systemd native).
      
      The patch tries to be as little intrusive as possible, however in
      order to minimize the number of #ifdef'ed regions I've reordered some
      code in path-lookup.c:lookup_paths_init() where all code dealing with
      sysv is now isolated under running_as == MANAGER_SYSTEM as well.
      
      Moreover, In struct Service, some fields were rearranged to reduce
      the number of ifdefs.
      
      Lennart's suggestions were fixed and squashed with the original patch,
      that was sent by Gustavo Sverzut Barbieri (barbieri@profusion.mobi).
      07459bb6
  14. 23 Sep, 2010 1 commit
  15. 17 Sep, 2010 1 commit
  16. 16 Sep, 2010 1 commit
  17. 14 Sep, 2010 1 commit
  18. 06 Sep, 2010 1 commit
  19. 03 Sep, 2010 1 commit
  20. 26 Aug, 2010 1 commit
  21. 25 Aug, 2010 1 commit
  22. 11 Aug, 2010 1 commit
  23. 10 Aug, 2010 2 commits
  24. 06 Aug, 2010 1 commit
  25. 03 Aug, 2010 2 commits
    • Lennart Poettering's avatar
      prepare new release · 804bbed8
      Lennart Poettering authored
      804bbed8
    • Daniel J Walsh's avatar
      Systemd is causing mislabeled devices to be created and then attempting to read them. · 56cf987f
      Daniel J Walsh authored
      -----BEGIN PGP SIGNED MESSAGE-----
      Hash: SHA1
      
      On 07/28/2010 05:57 AM, Kay Sievers wrote:
      > On Wed, Jul 28, 2010 at 11:43, Lennart Poettering
      > <lennart@poettering.net> wrote:
      >> On Mon, 26.07.10 16:42, Daniel J Walsh (dwalsh@redhat.com) wrote:
      >>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file
      >>> type=1400 audit(1280174589.476:7): avc:  denied  { read } for  pid=1
      >>> comm="systemd" name="autofs" dev=devtmpfs ino=9482
      >>> scontext=system_u:system_r:init_t:s0
      >>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file
      >>> type=1400 audit(1280174589.476:8): avc:  denied  { read } for  pid=1
      >>> comm="systemd" name="autofs" dev=devtmpfs ino=9482
      >>> scontext=system_u:system_r:init_t:s0
      >>> tcontext=system_u:object_r:device_t:s0 tclass=chr_file
      
      > >>> Lennart, we talked about this earlier.  I think this is caused by the
      > >>> modprobe calls to create /dev/autofs.  Since udev is not created at the
      > >>> point that init loads the kernel modules, the devices get created with
      > >>> the wrong label.  Once udev starts the labels get fixed.
      
      >>> I can allow init_t to read device_t chr_files.
      >>
      >> Hmm, I think a cleaner fix would be to make systemd relabel this device
      >> properly before accessing it? Given that this is only one device this
      >> should not be a problem for us to maintain, I think? How would the
      >> fixing of the label work? Would we have to spawn restorecon for this, or
      >> can we actually do this in C without too much work?
      >
      > I guess we can just do what udev is doing, and call setfilecon(), with
      > a context of an earlier matchpathcon().
      >
      > Kay
      > _______________________________________________
      > systemd-devel mailing list
      > systemd-devel@lists.freedesktop.org
      > http://lists.freedesktop.org/mailman/listinfo/systemd-devel
      
      Here is the updated patch with a fix for the labeling of /dev/autofs
      -----BEGIN PGP SIGNATURE-----
      Version: GnuPG v2.0.14 (GNU/Linux)
      Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
      
      iEYEARECAAYFAkxQMyoACgkQrlYvE4MpobNviACfWgxsjW2xzz1qznFex8RVAQHf
      gIEAmwRmRcLvGqYtwQaZ3WKIg8wmrwNk
      =pC2e
      56cf987f
  26. 23 Jul, 2010 1 commit
    • Daniel J Walsh's avatar
      socket: SELinux support for socket creation. · 7a58bfa4
      Daniel J Walsh authored
      It seems to work on my machine.
      
      /proc/1/fd/20	system_u:system_r:system_dbusd_t:s0
      
      /proc/1/fd/21	system_u:system_r:avahi_t:s0
      
      And the AVC's seem to have dissapeared when a confined app trys to
      connect to dbus or avahi.
      
      If you run with this patch and selinux-policy-3.8.8-3.fc14.noarch
      You should be able to boot in enforcing mode.
      7a58bfa4
  27. 22 Jul, 2010 2 commits
  28. 13 Jul, 2010 1 commit
  29. 12 Jul, 2010 1 commit
  30. 11 Jul, 2010 1 commit
  31. 09 Jul, 2010 3 commits
  32. 07 Jul, 2010 1 commit