Compare commits

...

7 Commits

Author SHA1 Message Date
Hans de Goede b3ce4e2d40 hwdb: Add Medion Akoya E1239T MD60568 to 60-sensor.hwdb
Unlike newer Medion Akoya E* models for which we have a generic
wildcard match, this model uses a somewhat older KIOX0009 accelerometer.

Not only does our generic catch all not match, we also need a different
matrix for this model, so add a model-specific entry for it.
2020-02-29 18:10:22 +01:00
Yu Watanabe c4ad7f83ec homed: fix typo 2020-02-29 16:06:45 +01:00
Yu Watanabe 522f51e8a0
Merge pull request #14979 from keszybz/enable-pstore-by-default
Enable pstore by default
2020-02-29 23:36:23 +09:00
Topi Miettinen aeac9dd647 Revert "namespace: fix MAC labels of /dev when PrivateDevices=yes"
This reverts commit e6e81ec0a5.
2020-02-29 23:35:43 +09:00
Zbigniew Jędrzejewski-Szmek 5926ea0a68 presets: enable systemd-pstore.service by default
It has no effect is the pstore is not used, and prevents the non-volatile
storage from filling up if is used by the kernel.

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=952767
2020-02-29 10:01:45 +01:00
Zbigniew Jędrzejewski-Szmek aa07dc7093 man: add .service suffix to systemd-pstore(8)
That is the pattern that we always use with executables not in
$PATH.
2020-02-29 09:57:06 +01:00
Zbigniew Jędrzejewski-Szmek e3b192626e man: tweak markup in systemd-pstore.service(8) 2020-02-29 09:48:44 +01:00
17 changed files with 59 additions and 79 deletions

View File

@ -435,6 +435,12 @@ sensor:modalias:acpi:KIOX000A*:dmi:*:svnLINX*:pnLINX12*64:*
######################################### #########################################
# Medion # Medion
######################################### #########################################
# Medion Akoya E1239T MD60568
sensor:modalias:acpi:KIOX0009*:dmi:*:svnMEDION:pnE1239TMD60568:*
ACCEL_MOUNT_MATRIX=1, 0, 0; 0, -1, 0; 0, 0, 1
# Medion Akoya E2212T MD99720
sensor:modalias:acpi:SMO8500*:dmi:*:svnMEDION:pnAkoyaE2212TMD99720:* sensor:modalias:acpi:SMO8500*:dmi:*:svnMEDION:pnAkoyaE2212TMD99720:*
ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1 ACCEL_MOUNT_MATRIX=-1, 0, 0; 0, 1, 0; 0, 0, 1

View File

@ -772,7 +772,7 @@ manpages = [
['systemd-nspawn', '1', [], ''], ['systemd-nspawn', '1', [], ''],
['systemd-path', '1', [], ''], ['systemd-path', '1', [], ''],
['systemd-portabled.service', '8', ['systemd-portabled'], 'ENABLE_PORTABLED'], ['systemd-portabled.service', '8', ['systemd-portabled'], 'ENABLE_PORTABLED'],
['systemd-pstore', '8', ['systemd-pstore.service'], 'ENABLE_PSTORE'], ['systemd-pstore.service', '8', ['systemd-pstore'], 'ENABLE_PSTORE'],
['systemd-quotacheck.service', ['systemd-quotacheck.service',
'8', '8',
['systemd-quotacheck'], ['systemd-quotacheck'],

View File

@ -7,19 +7,19 @@
xmlns:xi="http://www.w3.org/2001/XInclude"> xmlns:xi="http://www.w3.org/2001/XInclude">
<refentryinfo> <refentryinfo>
<title>systemd-pstore</title> <title>systemd-pstore.service</title>
<productname>systemd</productname> <productname>systemd</productname>
</refentryinfo> </refentryinfo>
<refmeta> <refmeta>
<refentrytitle>systemd-pstore</refentrytitle> <refentrytitle>systemd-pstore.service</refentrytitle>
<manvolnum>8</manvolnum> <manvolnum>8</manvolnum>
</refmeta> </refmeta>
<refnamediv> <refnamediv>
<refname>systemd-pstore</refname>
<refname>systemd-pstore.service</refname> <refname>systemd-pstore.service</refname>
<refpurpose>Tool to archive contents of the persistent storage filesystem</refpurpose> <refname>systemd-pstore</refname>
<refpurpose>A service to archive contents of pstore</refpurpose>
</refnamediv> </refnamediv>
<refsynopsisdiv> <refsynopsisdiv>
@ -49,8 +49,8 @@
<para>The pstore service is independent of the kdump service. In cloud environments <para>The pstore service is independent of the kdump service. In cloud environments
specifically, host and guest filesystems are on remote filesystems (eg. iSCSI specifically, host and guest filesystems are on remote filesystems (eg. iSCSI
or NFS), thus kdump relies [implicitly and/or explicitly] upon proper operation or NFS), thus kdump relies (implicitly and/or explicitly) upon proper operation
of networking software *and* hardware *and* infrastructure. Thus it may not be of networking software *and* hardware *and* infrastructure. Thus it may not be
possible to capture a kernel coredump to a file since writes over the network possible to capture a kernel coredump to a file since writes over the network
may not be possible.</para> may not be possible.</para>
@ -59,9 +59,9 @@
debugging.</para> debugging.</para>
<para>The <command>systemd-pstore</command> executable does the actual work. Upon starting, <para>The <command>systemd-pstore</command> executable does the actual work. Upon starting,
the <filename>pstore.conf</filename> is read to obtain options, then the /sys/fs/pstore the <filename>pstore.conf</filename> file is read and the <filename>/sys/fs/pstore</filename>
directory contents are processed according to the options. Pstore files are written to the directory contents are processed according to the options. Pstore files are written to the
journal, and optionally saved into /var/lib/systemd/pstore.</para> journal, and optionally saved into <filename>/var/lib/systemd/pstore</filename>.</para>
</refsect1> </refsect1>
<refsect1> <refsect1>

View File

@ -71,7 +71,7 @@ msgid "Create a home area"
msgstr "Vytvořit domovský adresář" msgstr "Vytvořit domovský adresář"
#: src/home/org.freedesktop.home1.policy:14 #: src/home/org.freedesktop.home1.policy:14
msgid "Authentication is required to creat a user's home area." msgid "Authentication is required to create a user's home area."
msgstr "Pro vytvoření domovského adresáře uživatele je vyžadováno ověření." msgstr "Pro vytvoření domovského adresáře uživatele je vyžadováno ověření."
#: src/home/org.freedesktop.home1.policy:23 #: src/home/org.freedesktop.home1.policy:23
@ -79,7 +79,7 @@ msgid "Remove a home area"
msgstr "Odebrat domovský adresář" msgstr "Odebrat domovský adresář"
#: src/home/org.freedesktop.home1.policy:24 #: src/home/org.freedesktop.home1.policy:24
msgid "Authentication is required to remov a user's home area." msgid "Authentication is required to remove a user's home area."
msgstr "Pro odebrání domovského adresáře uživatele je vyžadováno ověření." msgstr "Pro odebrání domovského adresáře uživatele je vyžadováno ověření."
#: src/home/org.freedesktop.home1.policy:33 #: src/home/org.freedesktop.home1.policy:33
@ -98,7 +98,7 @@ msgid "Update a home area"
msgstr "Aktualizovat domovský adresář" msgstr "Aktualizovat domovský adresář"
#: src/home/org.freedesktop.home1.policy:44 #: src/home/org.freedesktop.home1.policy:44
msgid "Authentication is required to updat a user's home area." msgid "Authentication is required to update a user's home area."
msgstr "Pro aktualizaci domovského adresáře uživatele je vyžadováno ověření." msgstr "Pro aktualizaci domovského adresáře uživatele je vyžadováno ověření."
#: src/home/org.freedesktop.home1.policy:53 #: src/home/org.freedesktop.home1.policy:53
@ -106,7 +106,7 @@ msgid "Resize a home area"
msgstr "Změnit velikost domovského adresáře" msgstr "Změnit velikost domovského adresáře"
#: src/home/org.freedesktop.home1.policy:54 #: src/home/org.freedesktop.home1.policy:54
msgid "Authentication is required to resiz a user's home area." msgid "Authentication is required to resize a user's home area."
msgstr "" msgstr ""
"Pro změnu velikosti domovského adresáře uživatele je vyžadováno ověření." "Pro změnu velikosti domovského adresáře uživatele je vyžadováno ověření."
@ -115,7 +115,7 @@ msgid "Change password of a home area"
msgstr "Změnit heslo domovského adresáře" msgstr "Změnit heslo domovského adresáře"
#: src/home/org.freedesktop.home1.policy:64 #: src/home/org.freedesktop.home1.policy:64
msgid "Authentication is required to chang the password of a user's home area." msgid "Authentication is required to change the password of a user's home area."
msgstr "Pro změnu hesla domovského adresáře uživatele je vyžadováno ověření." msgstr "Pro změnu hesla domovského adresáře uživatele je vyžadováno ověření."
#: src/hostname/org.freedesktop.hostname1.policy:20 #: src/hostname/org.freedesktop.hostname1.policy:20

View File

@ -72,7 +72,7 @@ msgid "Create a home area"
msgstr "Créer un espace personnel" msgstr "Créer un espace personnel"
#: src/home/org.freedesktop.home1.policy:14 #: src/home/org.freedesktop.home1.policy:14
msgid "Authentication is required to creat a user's home area." msgid "Authentication is required to create a user's home area."
msgstr "" msgstr ""
"Authentification requise pour créer l'espace personnel d'un utilisateur." "Authentification requise pour créer l'espace personnel d'un utilisateur."
@ -81,7 +81,7 @@ msgid "Remove a home area"
msgstr "Retirer un espace personnel" msgstr "Retirer un espace personnel"
#: src/home/org.freedesktop.home1.policy:24 #: src/home/org.freedesktop.home1.policy:24
msgid "Authentication is required to remov a user's home area." msgid "Authentication is required to remove a user's home area."
msgstr "" msgstr ""
"Authentification requise pour retirer l'espace personnel d'un utilisateur." "Authentification requise pour retirer l'espace personnel d'un utilisateur."
@ -101,7 +101,7 @@ msgid "Update a home area"
msgstr "Mettre à jour un espace personnel" msgstr "Mettre à jour un espace personnel"
#: src/home/org.freedesktop.home1.policy:44 #: src/home/org.freedesktop.home1.policy:44
msgid "Authentication is required to updat a user's home area." msgid "Authentication is required to update a user's home area."
msgstr "" msgstr ""
"Authentification requise pour mettre à jour l'espace personnel d'un " "Authentification requise pour mettre à jour l'espace personnel d'un "
"utilisateur." "utilisateur."
@ -111,7 +111,7 @@ msgid "Resize a home area"
msgstr "Retailler un espace personnel" msgstr "Retailler un espace personnel"
#: src/home/org.freedesktop.home1.policy:54 #: src/home/org.freedesktop.home1.policy:54
msgid "Authentication is required to resiz a user's home area." msgid "Authentication is required to resize a user's home area."
msgstr "Authentification requise pour retailler un espace personnel." msgstr "Authentification requise pour retailler un espace personnel."
#: src/home/org.freedesktop.home1.policy:63 #: src/home/org.freedesktop.home1.policy:63
@ -119,7 +119,7 @@ msgid "Change password of a home area"
msgstr "Changer le mot de passe d'un espace personnel" msgstr "Changer le mot de passe d'un espace personnel"
#: src/home/org.freedesktop.home1.policy:64 #: src/home/org.freedesktop.home1.policy:64
msgid "Authentication is required to chang the password of a user's home area." msgid "Authentication is required to change the password of a user's home area."
msgstr "" msgstr ""
"Authentification requise pour changer le mot de passe de l'espace personnel " "Authentification requise pour changer le mot de passe de l'espace personnel "
"d'un utilisateur." "d'un utilisateur."

View File

@ -65,7 +65,7 @@ msgid "Create a home area"
msgstr "ホーム領域の作成" msgstr "ホーム領域の作成"
#: src/home/org.freedesktop.home1.policy:14 #: src/home/org.freedesktop.home1.policy:14
msgid "Authentication is required to creat a user's home area." msgid "Authentication is required to create a user's home area."
msgstr "ユーザのホーム領域を作成するには認証が必要です。" msgstr "ユーザのホーム領域を作成するには認証が必要です。"
#: src/home/org.freedesktop.home1.policy:23 #: src/home/org.freedesktop.home1.policy:23
@ -73,7 +73,7 @@ msgid "Remove a home area"
msgstr "ホーム領域の削除" msgstr "ホーム領域の削除"
#: src/home/org.freedesktop.home1.policy:24 #: src/home/org.freedesktop.home1.policy:24
msgid "Authentication is required to remov a user's home area." msgid "Authentication is required to remove a user's home area."
msgstr "ユーザのホーム領域の削除には認証が必要です。" msgstr "ユーザのホーム領域の削除には認証が必要です。"
#: src/home/org.freedesktop.home1.policy:33 #: src/home/org.freedesktop.home1.policy:33
@ -90,7 +90,7 @@ msgid "Update a home area"
msgstr "ホーム領域の更新" msgstr "ホーム領域の更新"
#: src/home/org.freedesktop.home1.policy:44 #: src/home/org.freedesktop.home1.policy:44
msgid "Authentication is required to updat a user's home area." msgid "Authentication is required to update a user's home area."
msgstr "ユーザのホーム領域の更新には認証が必要です。" msgstr "ユーザのホーム領域の更新には認証が必要です。"
#: src/home/org.freedesktop.home1.policy:53 #: src/home/org.freedesktop.home1.policy:53
@ -98,7 +98,7 @@ msgid "Resize a home area"
msgstr "ホーム領域のサイズ変更" msgstr "ホーム領域のサイズ変更"
#: src/home/org.freedesktop.home1.policy:54 #: src/home/org.freedesktop.home1.policy:54
msgid "Authentication is required to resiz a user's home area." msgid "Authentication is required to resize a user's home area."
msgstr "ユーザのホーム領域のサイズ変更には認証が必要です。" msgstr "ユーザのホーム領域のサイズ変更には認証が必要です。"
#: src/home/org.freedesktop.home1.policy:63 #: src/home/org.freedesktop.home1.policy:63
@ -106,7 +106,7 @@ msgid "Change password of a home area"
msgstr "ホーム領域のパスワード変更" msgstr "ホーム領域のパスワード変更"
#: src/home/org.freedesktop.home1.policy:64 #: src/home/org.freedesktop.home1.policy:64
msgid "Authentication is required to chang the password of a user's home area." msgid "Authentication is required to change the password of a user's home area."
msgstr "ユーザのホーム領域のパスワードを変更するには認証が必要です。" msgstr "ユーザのホーム領域のパスワードを変更するには認証が必要です。"
#: src/hostname/org.freedesktop.hostname1.policy:20 #: src/hostname/org.freedesktop.hostname1.policy:20

View File

@ -74,7 +74,7 @@ msgid "Create a home area"
msgstr "Utworzenie przestrzeni domowej" msgstr "Utworzenie przestrzeni domowej"
#: src/home/org.freedesktop.home1.policy:14 #: src/home/org.freedesktop.home1.policy:14
msgid "Authentication is required to creat a user's home area." msgid "Authentication is required to create a user's home area."
msgstr "" msgstr ""
"Wymagane jest uwierzytelnienie, aby utworzyć przestrzeń domową użytkownika." "Wymagane jest uwierzytelnienie, aby utworzyć przestrzeń domową użytkownika."
@ -83,7 +83,7 @@ msgid "Remove a home area"
msgstr "Usunięcie przestrzeni domowej" msgstr "Usunięcie przestrzeni domowej"
#: src/home/org.freedesktop.home1.policy:24 #: src/home/org.freedesktop.home1.policy:24
msgid "Authentication is required to remov a user's home area." msgid "Authentication is required to remove a user's home area."
msgstr "Wymagane jest uwierzytelnienie, aby usunąć przestrzeń domową użytkownika." msgstr "Wymagane jest uwierzytelnienie, aby usunąć przestrzeń domową użytkownika."
#: src/home/org.freedesktop.home1.policy:33 #: src/home/org.freedesktop.home1.policy:33
@ -102,7 +102,7 @@ msgid "Update a home area"
msgstr "Aktualizacja przestrzeni domowej" msgstr "Aktualizacja przestrzeni domowej"
#: src/home/org.freedesktop.home1.policy:44 #: src/home/org.freedesktop.home1.policy:44
msgid "Authentication is required to updat a user's home area." msgid "Authentication is required to update a user's home area."
msgstr "" msgstr ""
"Wymagane jest uwierzytelnienie, aby zaktualizować przestrzeń domową użytkownika." "Wymagane jest uwierzytelnienie, aby zaktualizować przestrzeń domową użytkownika."
@ -111,7 +111,7 @@ msgid "Resize a home area"
msgstr "Zmiana rozmiaru przestrzeni domowej" msgstr "Zmiana rozmiaru przestrzeni domowej"
#: src/home/org.freedesktop.home1.policy:54 #: src/home/org.freedesktop.home1.policy:54
msgid "Authentication is required to resiz a user's home area." msgid "Authentication is required to resize a user's home area."
msgstr "" msgstr ""
"Wymagane jest uwierzytelnienie, aby zmienić rozmiar przestrzeni domowej " "Wymagane jest uwierzytelnienie, aby zmienić rozmiar przestrzeni domowej "
"użytkownika." "użytkownika."
@ -121,7 +121,7 @@ msgid "Change password of a home area"
msgstr "Zmiana hasła przestrzeni domowej" msgstr "Zmiana hasła przestrzeni domowej"
#: src/home/org.freedesktop.home1.policy:64 #: src/home/org.freedesktop.home1.policy:64
msgid "Authentication is required to chang the password of a user's home area." msgid "Authentication is required to change the password of a user's home area."
msgstr "" msgstr ""
"Wymagane jest uwierzytelnienie, aby zmienić hasło przestrzeni domowej " "Wymagane jest uwierzytelnienie, aby zmienić hasło przestrzeni domowej "
"użytkownika." "użytkownika."

View File

@ -75,7 +75,7 @@ msgid "Create a home area"
msgstr "Створення домашньої теки" msgstr "Створення домашньої теки"
#: src/home/org.freedesktop.home1.policy:14 #: src/home/org.freedesktop.home1.policy:14
msgid "Authentication is required to creat a user's home area." msgid "Authentication is required to create a user's home area."
msgstr "Для створення домашньої теки користувача слід пройти розпізнавання." msgstr "Для створення домашньої теки користувача слід пройти розпізнавання."
#: src/home/org.freedesktop.home1.policy:23 #: src/home/org.freedesktop.home1.policy:23
@ -83,7 +83,7 @@ msgid "Remove a home area"
msgstr "Вилучення домашньої теки" msgstr "Вилучення домашньої теки"
#: src/home/org.freedesktop.home1.policy:24 #: src/home/org.freedesktop.home1.policy:24
msgid "Authentication is required to remov a user's home area." msgid "Authentication is required to remove a user's home area."
msgstr "Для вилучення домашньої теки користувача слід пройти розпізнавання." msgstr "Для вилучення домашньої теки користувача слід пройти розпізнавання."
#: src/home/org.freedesktop.home1.policy:33 #: src/home/org.freedesktop.home1.policy:33
@ -102,7 +102,7 @@ msgid "Update a home area"
msgstr "Оновлення домашньої теки" msgstr "Оновлення домашньої теки"
#: src/home/org.freedesktop.home1.policy:44 #: src/home/org.freedesktop.home1.policy:44
msgid "Authentication is required to updat a user's home area." msgid "Authentication is required to update a user's home area."
msgstr "Для оновлення домашньої теки користувача слід пройти розпізнавання." msgstr "Для оновлення домашньої теки користувача слід пройти розпізнавання."
#: src/home/org.freedesktop.home1.policy:53 #: src/home/org.freedesktop.home1.policy:53
@ -110,7 +110,7 @@ msgid "Resize a home area"
msgstr "Зміна розмірів домашньої теки" msgstr "Зміна розмірів домашньої теки"
#: src/home/org.freedesktop.home1.policy:54 #: src/home/org.freedesktop.home1.policy:54
msgid "Authentication is required to resiz a user's home area." msgid "Authentication is required to resize a user's home area."
msgstr "" msgstr ""
"Для зміни розмірів домашньої теки користувача слід пройти розпізнавання." "Для зміни розмірів домашньої теки користувача слід пройти розпізнавання."
@ -119,7 +119,7 @@ msgid "Change password of a home area"
msgstr "Зміна пароля до домашньої теки" msgstr "Зміна пароля до домашньої теки"
#: src/home/org.freedesktop.home1.policy:64 #: src/home/org.freedesktop.home1.policy:64
msgid "Authentication is required to chang the password of a user's home area." msgid "Authentication is required to change the password of a user's home area."
msgstr "" msgstr ""
"Для зміни пароля для доступу до домашньої теки користувача слід пройти" "Для зміни пароля для доступу до домашньої теки користувача слід пройти"
" розпізнавання." " розпізнавання."

View File

@ -36,6 +36,8 @@ disable systemd-journal-gatewayd.*
disable systemd-journal-remote.* disable systemd-journal-remote.*
disable systemd-journal-upload.* disable systemd-journal-upload.*
enable systemd-pstore.service
# Passive targets: always off by default, since they should only be pulled in # Passive targets: always off by default, since they should only be pulled in
# by dependent units. # by dependent units.

View File

@ -10,11 +10,11 @@
#include "selinux-util.h" #include "selinux-util.h"
#include "smack-util.h" #include "smack-util.h"
int label_fix_container(const char *path, const char *inside_path, LabelFixFlags flags) { int label_fix(const char *path, LabelFixFlags flags) {
int r, q; int r, q;
r = mac_selinux_fix_container(path, inside_path, flags); r = mac_selinux_fix(path, flags);
q = mac_smack_fix_container(path, inside_path, flags); q = mac_smack_fix(path, flags);
if (r < 0) if (r < 0)
return r; return r;

View File

@ -9,10 +9,7 @@ typedef enum LabelFixFlags {
LABEL_IGNORE_EROFS = 1 << 1, LABEL_IGNORE_EROFS = 1 << 1,
} LabelFixFlags; } LabelFixFlags;
int label_fix_container(const char *path, const char *inside_path, LabelFixFlags flags); int label_fix(const char *path, LabelFixFlags flags);
static inline int label_fix(const char *path, LabelFixFlags flags) {
return label_fix_container(path, path, flags);
}
int mkdir_label(const char *path, mode_t mode); int mkdir_label(const char *path, mode_t mode);
int mkdirat_label(int dirfd, const char *path, mode_t mode); int mkdirat_label(int dirfd, const char *path, mode_t mode);

View File

@ -124,7 +124,7 @@ void mac_selinux_reload(void) {
#endif #endif
} }
int mac_selinux_fix_container(const char *path, const char *inside_path, LabelFixFlags flags) { int mac_selinux_fix(const char *path, LabelFixFlags flags) {
#if HAVE_SELINUX #if HAVE_SELINUX
char procfs_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int)]; char procfs_path[STRLEN("/proc/self/fd/") + DECIMAL_STR_MAX(int)];
@ -151,7 +151,7 @@ int mac_selinux_fix_container(const char *path, const char *inside_path, LabelFi
if (fstat(fd, &st) < 0) if (fstat(fd, &st) < 0)
return -errno; return -errno;
if (selabel_lookup_raw(label_hnd, &fcon, inside_path, st.st_mode) < 0) { if (selabel_lookup_raw(label_hnd, &fcon, path, st.st_mode) < 0) {
r = -errno; r = -errno;
/* If there's no label to set, then exit without warning */ /* If there's no label to set, then exit without warning */
@ -185,7 +185,7 @@ int mac_selinux_fix_container(const char *path, const char *inside_path, LabelFi
return 0; return 0;
fail: fail:
log_enforcing_errno(r, "Unable to fix SELinux security context of %s (%s): %m", path, inside_path); log_enforcing_errno(r, "Unable to fix SELinux security context of %s: %m", path);
if (security_getenforce() == 1) if (security_getenforce() == 1)
return r; return r;
#endif #endif

View File

@ -22,11 +22,7 @@ int mac_selinux_init(void);
void mac_selinux_finish(void); void mac_selinux_finish(void);
void mac_selinux_reload(void); void mac_selinux_reload(void);
int mac_selinux_fix_container(const char *path, const char *inside_path, LabelFixFlags flags); int mac_selinux_fix(const char *path, LabelFixFlags flags);
static inline int mac_selinux_fix(const char *path, LabelFixFlags flags) {
return mac_selinux_fix_container(path, path, flags);
}
int mac_selinux_apply(const char *path, const char *label); int mac_selinux_apply(const char *path, const char *label);
int mac_selinux_get_create_label_from_exe(const char *exe, char **label); int mac_selinux_get_create_label_from_exe(const char *exe, char **label);

View File

@ -206,7 +206,7 @@ int mac_smack_fix_at(int dirfd, const char *path, LabelFixFlags flags) {
return smack_fix_fd(fd, path, flags); return smack_fix_fd(fd, path, flags);
} }
int mac_smack_fix_container(const char *path, const char *inside_path, LabelFixFlags flags) { int mac_smack_fix(const char *path, LabelFixFlags flags) {
_cleanup_free_ char *abspath = NULL; _cleanup_free_ char *abspath = NULL;
_cleanup_close_ int fd = -1; _cleanup_close_ int fd = -1;
int r; int r;
@ -228,7 +228,7 @@ int mac_smack_fix_container(const char *path, const char *inside_path, LabelFixF
return -errno; return -errno;
} }
return smack_fix_fd(fd, inside_path, flags); return smack_fix_fd(fd, abspath, flags);
} }
int mac_smack_copy(const char *dest, const char *src) { int mac_smack_copy(const char *dest, const char *src) {
@ -274,7 +274,7 @@ int mac_smack_apply_pid(pid_t pid, const char *label) {
return 0; return 0;
} }
int mac_smack_fix_container(const char *path, const char *inside_path, LabelFixFlags flags) { int mac_smack_fix(const char *path, LabelFixFlags flags) {
return 0; return 0;
} }

View File

@ -29,11 +29,7 @@ typedef enum SmackAttr {
bool mac_smack_use(void); bool mac_smack_use(void);
int mac_smack_fix_container(const char *path, const char *inside_path, LabelFixFlags flags); int mac_smack_fix(const char *path, LabelFixFlags flags);
static inline int mac_smack_fix(const char *path, LabelFixFlags flags) {
return mac_smack_fix_container(path, path, flags);
}
int mac_smack_fix_at(int dirfd, const char *path, LabelFixFlags flags); int mac_smack_fix_at(int dirfd, const char *path, LabelFixFlags flags);
const char* smack_attr_to_string(SmackAttr i) _const_; const char* smack_attr_to_string(SmackAttr i) _const_;

View File

@ -34,7 +34,6 @@
#include "tmpfile-util.h" #include "tmpfile-util.h"
#include "umask-util.h" #include "umask-util.h"
#include "user-util.h" #include "user-util.h"
#include "virt.h"
#define DEV_MOUNT_OPTIONS (MS_NOSUID|MS_STRICTATIME|MS_NOEXEC) #define DEV_MOUNT_OPTIONS (MS_NOSUID|MS_STRICTATIME|MS_NOEXEC)
@ -691,22 +690,6 @@ static int mount_private_dev(MountEntry *m) {
r = log_debug_errno(errno, "Failed to mount tmpfs on '%s': %m", dev); r = log_debug_errno(errno, "Failed to mount tmpfs on '%s': %m", dev);
goto fail; goto fail;
} }
#if HAVE_SELINUX || ENABLE_SMACK
if (detect_container() <= 0) {
/* these could fail if inside container */
r = mac_selinux_init();
if (r < 0) {
log_debug("Failed to reinitialize SELinux policy");
goto fail;
}
r = label_fix_container(dev, "/dev", 0);
if (r < 0) {
log_debug_errno(errno, "Failed to fix label of '%s' as /dev: %m", dev);
goto fail;
}
mac_selinux_finish();
}
#endif
devpts = strjoina(temporary_mount, "/dev/pts"); devpts = strjoina(temporary_mount, "/dev/pts");
(void) mkdir(devpts, 0755); (void) mkdir(devpts, 0755);

View File

@ -11,7 +11,7 @@
<action id="org.freedesktop.home1.create-home"> <action id="org.freedesktop.home1.create-home">
<description gettext-domain="systemd">Create a home area</description> <description gettext-domain="systemd">Create a home area</description>
<message gettext-domain="systemd">Authentication is required to creat a user's home area.</message> <message gettext-domain="systemd">Authentication is required to create a user's home area.</message>
<defaults> <defaults>
<allow_any>auth_admin_keep</allow_any> <allow_any>auth_admin_keep</allow_any>
<allow_inactive>auth_admin_keep</allow_inactive> <allow_inactive>auth_admin_keep</allow_inactive>
@ -21,7 +21,7 @@
<action id="org.freedesktop.home1.remove-home"> <action id="org.freedesktop.home1.remove-home">
<description gettext-domain="systemd">Remove a home area</description> <description gettext-domain="systemd">Remove a home area</description>
<message gettext-domain="systemd">Authentication is required to remov a user's home area.</message> <message gettext-domain="systemd">Authentication is required to remove a user's home area.</message>
<defaults> <defaults>
<allow_any>auth_admin_keep</allow_any> <allow_any>auth_admin_keep</allow_any>
<allow_inactive>auth_admin_keep</allow_inactive> <allow_inactive>auth_admin_keep</allow_inactive>
@ -41,7 +41,7 @@
<action id="org.freedesktop.home1.update-home"> <action id="org.freedesktop.home1.update-home">
<description gettext-domain="systemd">Update a home area</description> <description gettext-domain="systemd">Update a home area</description>
<message gettext-domain="systemd">Authentication is required to updat a user's home area.</message> <message gettext-domain="systemd">Authentication is required to update a user's home area.</message>
<defaults> <defaults>
<allow_any>auth_admin_keep</allow_any> <allow_any>auth_admin_keep</allow_any>
<allow_inactive>auth_admin_keep</allow_inactive> <allow_inactive>auth_admin_keep</allow_inactive>
@ -51,7 +51,7 @@
<action id="org.freedesktop.home1.resize-home"> <action id="org.freedesktop.home1.resize-home">
<description gettext-domain="systemd">Resize a home area</description> <description gettext-domain="systemd">Resize a home area</description>
<message gettext-domain="systemd">Authentication is required to resiz a user's home area.</message> <message gettext-domain="systemd">Authentication is required to resize a user's home area.</message>
<defaults> <defaults>
<allow_any>auth_admin_keep</allow_any> <allow_any>auth_admin_keep</allow_any>
<allow_inactive>auth_admin_keep</allow_inactive> <allow_inactive>auth_admin_keep</allow_inactive>
@ -61,7 +61,7 @@
<action id="org.freedesktop.home1.passwd-home"> <action id="org.freedesktop.home1.passwd-home">
<description gettext-domain="systemd">Change password of a home area</description> <description gettext-domain="systemd">Change password of a home area</description>
<message gettext-domain="systemd">Authentication is required to chang the password of a user's home area.</message> <message gettext-domain="systemd">Authentication is required to change the password of a user's home area.</message>
<defaults> <defaults>
<allow_any>auth_admin_keep</allow_any> <allow_any>auth_admin_keep</allow_any>
<allow_inactive>auth_admin_keep</allow_inactive> <allow_inactive>auth_admin_keep</allow_inactive>