Compare commits
8 Commits
a5d815bb7f
...
1f0541dace
| Author | SHA1 | Date |
|---|---|---|
Ronan Pigott
|
1f0541dace | |
|
Ronan Pigott
|
cf18af825a | |
|
Lennart Poettering
|
2d52f8c46c | |
|
Lennart Poettering
|
3cbf74652b | |
|
Lennart Poettering
|
fce93d7aa3 | |
|
Lennart Poettering
|
065b47749d | |
|
Luca Boccassi
|
c848516f3f | |
|
Luca Boccassi
|
7025fa8b1a |
|
|
@ -0,0 +1,8 @@
|
|||
#compdef systemd-path
|
||||
|
||||
typeset -A sdpath=( ${$(systemd-path)/:/} )
|
||||
_arguments -S \
|
||||
'(-h --help)'{-h,--help}'[Print help text and exit]' \
|
||||
'(-v --version)'{-v,--version}'[Print a version string and exit]' \
|
||||
'--suffix=[Append a suffix to the paths]' \
|
||||
'*:pathname:compadd -k sdpath'
|
||||
|
|
@ -17,6 +17,7 @@ if zshcompletiondir != 'no'
|
|||
['_systemd-delta', ''],
|
||||
['_systemd-nspawn', ''],
|
||||
['_systemd', ''],
|
||||
['_systemd-path', ''],
|
||||
['_systemd-run', ''],
|
||||
['_udevadm', ''],
|
||||
['_kernel-install', ''],
|
||||
|
|
|
|||
|
|
@ -1977,7 +1977,7 @@ int unit_attach_pids_to_cgroup(Unit *u, Set *pids, const char *suffix_path) {
|
|||
if (q < 0) {
|
||||
log_unit_debug_errno(u, q, "Couldn't move process " PID_FMT " to requested cgroup '%s': %m", pid, p);
|
||||
|
||||
if (MANAGER_IS_USER(u->manager) && IN_SET(q, -EPERM, -EACCES)) {
|
||||
if (MANAGER_IS_USER(u->manager) && ERRNO_IS_PRIVILEGE(q)) {
|
||||
int z;
|
||||
|
||||
/* If we are in a user instance, and we can't move the process ourselves due to
|
||||
|
|
|
|||
|
|
@ -3324,7 +3324,7 @@ static int setup_keyring(
|
|||
if (keyring == -1) {
|
||||
if (errno == ENOSYS)
|
||||
log_unit_debug_errno(u, errno, "Kernel keyring not supported, ignoring.");
|
||||
else if (IN_SET(errno, EACCES, EPERM))
|
||||
else if (ERRNO_IS_PRIVILEGE(errno))
|
||||
log_unit_debug_errno(u, errno, "Kernel keyring access prohibited, ignoring.");
|
||||
else if (errno == EDQUOT)
|
||||
log_unit_debug_errno(u, errno, "Out of kernel keyrings to allocate, ignoring.");
|
||||
|
|
@ -3863,7 +3863,7 @@ static int exec_child(
|
|||
/* When we can't make this change due to EPERM, then let's silently skip over it. User namespaces
|
||||
* prohibit write access to this file, and we shouldn't trip up over that. */
|
||||
r = set_oom_score_adjust(context->oom_score_adjust);
|
||||
if (IN_SET(r, -EPERM, -EACCES))
|
||||
if (ERRNO_IS_PRIVILEGE(r))
|
||||
log_unit_debug_errno(unit, r, "Failed to adjust OOM setting, assuming containerized execution, ignoring: %m");
|
||||
else if (r < 0) {
|
||||
*exit_status = EXIT_OOM_ADJUST;
|
||||
|
|
|
|||
|
|
@ -11,6 +11,7 @@
|
|||
#include "bus-util.h"
|
||||
#include "capability-util.h"
|
||||
#include "cgroup-util.h"
|
||||
#include "errno-util.h"
|
||||
#include "fd-util.h"
|
||||
#include "fileio.h"
|
||||
#include "format-util.h"
|
||||
|
|
@ -801,7 +802,7 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, pid_t pid, pid_t tid) {
|
|||
if (!f) {
|
||||
if (errno == ENOENT)
|
||||
return -ESRCH;
|
||||
else if (!IN_SET(errno, EPERM, EACCES))
|
||||
else if (!ERRNO_IS_PRIVILEGE(errno))
|
||||
return -errno;
|
||||
} else {
|
||||
|
||||
|
|
@ -973,7 +974,7 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, pid_t pid, pid_t tid) {
|
|||
if (missing & SD_BUS_CREDS_COMM) {
|
||||
r = get_process_comm(pid, &c->comm);
|
||||
if (r < 0) {
|
||||
if (!IN_SET(r, -EPERM, -EACCES))
|
||||
if (!ERRNO_IS_PRIVILEGE(r))
|
||||
return r;
|
||||
} else
|
||||
c->mask |= SD_BUS_CREDS_COMM;
|
||||
|
|
@ -992,7 +993,7 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, pid_t pid, pid_t tid) {
|
|||
c->exe = NULL;
|
||||
c->mask |= SD_BUS_CREDS_EXE;
|
||||
} else if (r < 0) {
|
||||
if (!IN_SET(r, -EPERM, -EACCES))
|
||||
if (!ERRNO_IS_PRIVILEGE(r))
|
||||
return r;
|
||||
} else
|
||||
c->mask |= SD_BUS_CREDS_EXE;
|
||||
|
|
@ -1006,7 +1007,7 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, pid_t pid, pid_t tid) {
|
|||
if (r == -ENOENT)
|
||||
return -ESRCH;
|
||||
if (r < 0) {
|
||||
if (!IN_SET(r, -EPERM, -EACCES))
|
||||
if (!ERRNO_IS_PRIVILEGE(r))
|
||||
return r;
|
||||
} else {
|
||||
if (c->cmdline_size == 0)
|
||||
|
|
@ -1026,7 +1027,7 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, pid_t pid, pid_t tid) {
|
|||
if (r == -ENOENT)
|
||||
return -ESRCH;
|
||||
if (r < 0) {
|
||||
if (!IN_SET(r, -EPERM, -EACCES))
|
||||
if (!ERRNO_IS_PRIVILEGE(r))
|
||||
return r;
|
||||
} else
|
||||
c->mask |= SD_BUS_CREDS_TID_COMM;
|
||||
|
|
@ -1037,7 +1038,7 @@ int bus_creds_add_more(sd_bus_creds *c, uint64_t mask, pid_t pid, pid_t tid) {
|
|||
if (!c->cgroup) {
|
||||
r = cg_pid_get_path(NULL, pid, &c->cgroup);
|
||||
if (r < 0) {
|
||||
if (!IN_SET(r, -EPERM, -EACCES))
|
||||
if (!ERRNO_IS_PRIVILEGE(r))
|
||||
return r;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
|
|
@ -2335,7 +2335,7 @@ static int setup_keyring(void) {
|
|||
if (keyring == -1) {
|
||||
if (errno == ENOSYS)
|
||||
log_debug_errno(errno, "Kernel keyring not supported, ignoring.");
|
||||
else if (IN_SET(errno, EACCES, EPERM))
|
||||
else if (ERRNO_IS_PRIVILEGE(errno))
|
||||
log_debug_errno(errno, "Kernel keyring access prohibited, ignoring.");
|
||||
else
|
||||
return log_error_errno(errno, "Setting up kernel keyring failed: %m");
|
||||
|
|
|
|||
|
|
@ -63,14 +63,14 @@ static const char* const path_table[_SD_PATH_MAX] = {
|
|||
[SD_PATH_SYSTEMD_SYSTEM_UNIT] = "systemd-system-unit",
|
||||
[SD_PATH_SYSTEMD_SYSTEM_PRESET] = "systemd-system-preset",
|
||||
[SD_PATH_SYSTEMD_SYSTEM_CONF] = "systemd-system-conf",
|
||||
[SD_PATH_SYSTEMD_SEARCH_SYSTEM_UNIT] = "systemd-system-unit",
|
||||
[SD_PATH_SYSTEMD_SEARCH_SYSTEM_UNIT] = "systemd-search-system-unit",
|
||||
[SD_PATH_SYSTEMD_SYSTEM_GENERATOR] = "systemd-system-generator",
|
||||
[SD_PATH_SYSTEMD_SEARCH_SYSTEM_GENERATOR] = "systemd-system-generator",
|
||||
[SD_PATH_SYSTEMD_SEARCH_SYSTEM_GENERATOR] = "systemd-search-system-generator",
|
||||
[SD_PATH_SYSTEMD_USER_UNIT] = "systemd-user-unit",
|
||||
[SD_PATH_SYSTEMD_USER_PRESET] = "systemd-user-preset",
|
||||
[SD_PATH_SYSTEMD_USER_CONF] = "systemd-user-conf",
|
||||
[SD_PATH_SYSTEMD_SEARCH_USER_UNIT] = "systemd-user-unit",
|
||||
[SD_PATH_SYSTEMD_SEARCH_USER_GENERATOR] = "systemd-user-generator",
|
||||
[SD_PATH_SYSTEMD_SEARCH_USER_UNIT] = "systemd-search-user-unit",
|
||||
[SD_PATH_SYSTEMD_SEARCH_USER_GENERATOR] = "systemd-search-user-generator",
|
||||
[SD_PATH_SYSTEMD_USER_GENERATOR] = "systemd-user-generator",
|
||||
[SD_PATH_SYSTEMD_SLEEP] = "systemd-sleep",
|
||||
[SD_PATH_SYSTEMD_SHUTDOWN] = "systemd-shutdown",
|
||||
|
|
|
|||
|
|
@ -956,7 +956,7 @@ int dissect_image(
|
|||
return -EADDRNOTAVAIL;
|
||||
|
||||
/* Combinations of verity /usr with verity-less root is OK, but the reverse is not */
|
||||
if (m->partitions[PARTITION_ROOT_VERITY].found && !m->partitions[PARTITION_USR_VERITY].found)
|
||||
if (m->partitions[PARTITION_ROOT_VERITY].found && m->partitions[PARTITION_USR].found && !m->partitions[PARTITION_USR_VERITY].found)
|
||||
return -EADDRNOTAVAIL;
|
||||
|
||||
if (verity && verity->root_hash) {
|
||||
|
|
@ -1964,7 +1964,7 @@ int verity_settings_load(
|
|||
if (!p)
|
||||
return -ENOMEM;
|
||||
|
||||
r = read_full_file_full(AT_FDCWD, root_hash_sig_path, 0, (char**) &root_hash_sig, &root_hash_sig_size);
|
||||
r = read_full_file_full(AT_FDCWD, p, 0, (char**) &root_hash_sig, &root_hash_sig_size);
|
||||
if (r < 0 && r != -ENOENT)
|
||||
return r;
|
||||
if (r >= 0)
|
||||
|
|
@ -1978,7 +1978,7 @@ int verity_settings_load(
|
|||
if (!p)
|
||||
return -ENOMEM;
|
||||
|
||||
r = read_full_file_full(AT_FDCWD, root_hash_sig_path, 0, (char**) &root_hash_sig, &root_hash_sig_size);
|
||||
r = read_full_file_full(AT_FDCWD, p, 0, (char**) &root_hash_sig, &root_hash_sig_size);
|
||||
if (r < 0 && r != -ENOENT)
|
||||
return r;
|
||||
if (r >= 0)
|
||||
|
|
|
|||
|
|
@ -282,7 +282,10 @@ int bind_remount_recursive_with_mountinfo(
|
|||
r = path_is_mount_point(x, NULL, 0);
|
||||
if (IN_SET(r, 0, -ENOENT))
|
||||
continue;
|
||||
if (IN_SET(r, -EACCES, -EPERM)) {
|
||||
if (r < 0) {
|
||||
if (!ERRNO_IS_PRIVILEGE(r))
|
||||
return r;
|
||||
|
||||
/* Even if root user invoke this, submounts under private FUSE or NFS mount points
|
||||
* may not be acceessed. E.g.,
|
||||
*
|
||||
|
|
@ -294,8 +297,6 @@ int bind_remount_recursive_with_mountinfo(
|
|||
log_debug_errno(r, "Failed to determine '%s' is mount point or not, ignoring: %m", x);
|
||||
continue;
|
||||
}
|
||||
if (r < 0)
|
||||
return r;
|
||||
|
||||
/* Try to reuse the original flag set */
|
||||
orig_flags = 0;
|
||||
|
|
|
|||
|
|
@ -16,6 +16,7 @@
|
|||
#include "sd-event.h"
|
||||
|
||||
#include "alloc-util.h"
|
||||
#include "errno-util.h"
|
||||
#include "fd-util.h"
|
||||
#include "log.h"
|
||||
#include "macro.h"
|
||||
|
|
@ -195,7 +196,7 @@ static int shovel(PTYForward *f) {
|
|||
|
||||
if (errno == EAGAIN)
|
||||
f->stdin_readable = false;
|
||||
else if (IN_SET(errno, EIO, EPIPE, ECONNRESET)) {
|
||||
else if (errno == EIO || ERRNO_IS_DISCONNECT(errno)) {
|
||||
f->stdin_readable = false;
|
||||
f->stdin_hangup = true;
|
||||
|
||||
|
|
@ -279,7 +280,7 @@ static int shovel(PTYForward *f) {
|
|||
|
||||
if (errno == EAGAIN)
|
||||
f->stdout_writable = false;
|
||||
else if (IN_SET(errno, EIO, EPIPE, ECONNRESET)) {
|
||||
else if (errno == EIO || ERRNO_IS_DISCONNECT(errno)) {
|
||||
f->stdout_writable = false;
|
||||
f->stdout_hangup = true;
|
||||
f->stdout_event_source = sd_event_source_unref(f->stdout_event_source);
|
||||
|
|
|
|||
Loading…
Reference in New Issue